PluginProbe ʕ •ᴥ•ʔ
Smash Balloon Social Post Feed – Simple Social Feeds for WordPress / 4.8.1
Smash Balloon Social Post Feed – Simple Social Feeds for WordPress v4.8.1
4.8.1 trunk 1.0 1.1 1.12.1 1.2.3 1.2.4 1.2.5 1.2.7 1.2.8 1.2.9 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8 1.5 1.5.1 1.5.2 1.5.9 1.6.0 1.6.1 1.6.2 1.6.3 1.6.4 1.6.4.1 1.6.5 1.6.5.1 1.6.6 1.6.6.1 1.6.6.2 1.6.6.3 1.6.7 1.6.7.1 1.6.8 1.6.8.1 1.6.8.2 1.7.0 1.7.1 1.7.2 1.8.0 1.8.1 1.8.2 1.8.2.1 1.8.2.2 1.8.2.3 1.9.0 1.9.1 1.9.3 1.9.4 1.9.5 1.9.6 1.9.7 1.9.8 1.9.8.1 1.9.9 1.9.9.1 1.9.9.2 1.9.9.3 2.0 2.0.1 2.1 2.1.1 2.1.2 2.1.3 2.10 2.11 2.11.1 2.12 2.12.1 2.12.2 2.12.3 2.12.4 2.13 2.14 2.14.1 2.15 2.15.1 2.16 2.16.1 2.17 2.17.1 2.18 2.18.1 2.18.2 2.18.3 2.19 2.19.1 2.19.2 2.19.3 2.2 2.2.1 2.3 2.3.1 2.3.10 2.3.2 2.3.3 2.3.4 2.3.6 2.3.7 2.3.8 2.3.9 2.4 2.4.1 2.4.1.1 2.4.1.2 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.5 2.5.1 2.5.2 2.6 2.6.1 2.6.2 2.6.3 2.6.4 2.7 2.7.1 2.7.2 2.8 2.9 2.9.1 4.0 4.0.1 4.0.2 4.0.3 4.0.4 4.0.5 4.1 4.1.1 4.1.2 4.1.3 4.1.4 4.1.5 4.1.6 4.1.7 4.1.8 4.1.9 4.2 4.2.1 4.2.2 4.2.3 4.2.4 4.2.5 4.2.6 4.3.0 4.3.1 4.3.2 4.3.3 4.3.4 4.7.5 4.7.6 4.7.7
custom-facebook-feed / inc / SB_Facebook_Data_Encryption.php
custom-facebook-feed / inc Last commit date
Admin 2 weeks ago Builder 2 weeks ago Helpers 2 weeks ago Integrations 2 weeks ago CFF_Autolink.php 2 weeks ago CFF_Blocks.php 2 weeks ago CFF_Cache.php 2 weeks ago CFF_Education.php 2 weeks ago CFF_Elementor_Base.php 2 weeks ago CFF_Elementor_Widget.php 2 weeks ago CFF_Error_Reporter.php 2 weeks ago CFF_FB_Settings.php 2 weeks ago CFF_Feed_Elementor_Control.php 2 weeks ago CFF_Feed_Locator.php 2 weeks ago CFF_Feed_Pro.php 2 weeks ago CFF_GDPR_Integrations.php 2 weeks ago CFF_Group_Posts.php 2 weeks ago CFF_HTTP_Request.php 2 weeks ago CFF_Oembed.php 2 weeks ago CFF_Parse.php 2 weeks ago CFF_Resizer.php 2 weeks ago CFF_Response.php 2 weeks ago CFF_Shortcode.php 2 weeks ago CFF_Shortcode_Display.php 2 weeks ago CFF_SiteHealth.php 2 weeks ago CFF_Utils.php 2 weeks ago CFF_View.php 2 weeks ago Custom_Facebook_Feed.php 2 weeks ago Email_Notification.php 2 weeks ago Platform_Data.php 2 weeks ago SB_Facebook_Data_Encryption.php 2 weeks ago SB_Facebook_Data_Manager.php 2 weeks ago index.php 2 weeks ago
SB_Facebook_Data_Encryption.php
199 lines
1 <?php
2
3 /**
4 * Class SB_Facebook_Data_Encryption
5 *
6 * @copyright 2021 Google LLC
7 * @license https://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
8 * @link https://sitekit.withgoogle.com
9 */
10
11 namespace CustomFacebookFeed;
12
13 // Exit if accessed directly
14 if (! defined('ABSPATH')) {
15 exit;
16 }
17
18
19 /**
20 * Class responsible for encrypting and decrypting data.
21 *
22 * @since 2.9.4/5.12.4
23 * @access private
24 * @ignore
25 */
26 class SB_Facebook_Data_Encryption
27 {
28 /**
29 * Key to use for encryption.
30 *
31 * @since 2.9.4/5.12.4
32 * @var string
33 */
34 private $key;
35
36 /**
37 * Salt to use for encryption.
38 *
39 * @since 2.9.4/5.12.4
40 * @var string
41 */
42 private $salt;
43
44 /**
45 * Constructor.
46 *
47 * @since 2.9.4/5.12.4
48 */
49 public function __construct($remote = array())
50 {
51 if (! empty($remote)) {
52 $this->key = $remote['key'];
53 $this->salt = $remote['salt'];
54 } else {
55 $this->key = $this->get_default_key();
56 $this->salt = $this->get_default_salt();
57 }
58 }
59
60 /**
61 * Encrypts a value.
62 *
63 * If a user-based key is set, that key is used. Otherwise the default key is used.
64 *
65 * @since 2.9.4/5.12.4
66 *
67 * @param string $value Value to encrypt.
68 * @return string|bool Encrypted value, or false on failure.
69 */
70 public function encrypt($value)
71 {
72 if (! cff_doing_openssl()) {
73 return $value;
74 }
75
76 $method = 'aes-256-ctr';
77 $ivlen = openssl_cipher_iv_length($method);
78 $iv = openssl_random_pseudo_bytes($ivlen);
79
80 $raw_value = openssl_encrypt($value . $this->salt, $method, $this->key, 0, $iv);
81 if (! $raw_value) {
82 return false;
83 }
84
85 return base64_encode($iv . $raw_value);
86 }
87
88 /**
89 * Decrypts a value.
90 *
91 * If a user-based key is set, that key is used. Otherwise the default key is used.
92 *
93 * @since 2.9.4/5.12.4
94 *
95 * @param string $raw_value Value to decrypt.
96 * @return string|bool Decrypted value, or false on failure.
97 */
98 public function decrypt($raw_value)
99 {
100 if (! cff_doing_openssl()) {
101 return $raw_value;
102 }
103
104 $raw_value = base64_decode($raw_value, true);
105
106 $method = 'aes-256-ctr';
107 $ivlen = openssl_cipher_iv_length($method);
108 $iv = substr($raw_value, 0, $ivlen);
109
110 $raw_value = substr($raw_value, $ivlen);
111
112 $value = openssl_decrypt($raw_value, $method, $this->key, 0, $iv);
113 if (! $value || substr($value, - strlen($this->salt)) !== $this->salt) {
114 return false;
115 }
116
117 return substr($value, 0, - strlen($this->salt));
118 }
119
120
121 public function maybe_encrypt($raw_value)
122 {
123 $maybe_decrypted = $this->decrypt($raw_value);
124
125 if ($maybe_decrypted) {
126 return $this->encrypt($maybe_decrypted);
127 }
128
129 return $this->encrypt($raw_value);
130 }
131
132 /**
133 * Uses a raw value and attempts to decrypt it
134 *
135 * @param $value
136 *
137 * @return bool|string
138 */
139 public function maybe_decrypt($value)
140 {
141 if (! is_string($value)) {
142 return $value;
143 }
144 if (strpos($value, '{') === 0) {
145 return $value;
146 }
147
148 $decrypted = $this->decrypt($value);
149
150 if (! $decrypted) {
151 return $value;
152 }
153
154 return $decrypted;
155 }
156
157 /**
158 * Gets the default encryption key to use.
159 *
160 * @since 2.9.4/5.12.4
161 *
162 * @return string Default (not user-based) encryption key.
163 */
164 private function get_default_key()
165 {
166 if (defined('CFF_ENCRYPTION_KEY') && '' !== CFF_ENCRYPTION_KEY) {
167 return CFF_ENCRYPTION_KEY;
168 }
169
170 if (defined('LOGGED_IN_KEY') && '' !== LOGGED_IN_KEY) {
171 return LOGGED_IN_KEY;
172 }
173
174 // If this is reached, you're either not on a live site or have a serious security issue.
175 return 'das-ist-kein-geheimer-schluessel';
176 }
177
178 /**
179 * Gets the default encryption salt to use.
180 *
181 * @since 2.9.4/5.12.4
182 *
183 * @return string Encryption salt.
184 */
185 private function get_default_salt()
186 {
187 if (defined('CFF_ENCRYPTION_SALT') && '' !== CFF_ENCRYPTION_SALT) {
188 return CFF_ENCRYPTION_SALT;
189 }
190
191 if (defined('LOGGED_IN_SALT') && '' !== LOGGED_IN_SALT) {
192 return LOGGED_IN_SALT;
193 }
194
195 // If this is reached, you're either not on a live site or have a serious security issue.
196 return 'das-ist-kein-geheimes-salz';
197 }
198 }
199