New encryption system.

716d5c24 · mertcelen · 8dbdab96 · 716d5c24 · 716d5c24 · 716d5c24
Kaydet (Commit) 716d5c24 authored Agu 12, 2020 tarafından mertcelen
12 changed files
--- a/app/Connectors/WinRMConnector.php
+++ b/app/Connectors/WinRMConnector.php
@@ -7,6 +7,7 @@ use App\Models\UserSettings;
 use GuzzleHttp\Client;
 use Illuminate\Support\Str;
 use App\Models\ConnectorToken;
+use mervick\aesEverywhere\AES256;

 class WinRMConnector implements Connector
 {
@@ -40,15 +41,7 @@ class WinRMConnector implements Connector
        }

        $key = env('APP_KEY') . user()->id . server()->id;
-        $decrypted = openssl_decrypt($username["value"], 'aes-256-cfb8', $key);
-        $stringToDecode = substr($decrypted, 16);
-        $username = base64_decode($stringToDecode);
-
-        $key = env('APP_KEY') . user()->id . server()->id;
-        $decrypted = openssl_decrypt($password["value"], 'aes-256-cfb8', $key);
-        $stringToDecode = substr($decrypted, 16);
-        $password = base64_decode($stringToDecode);
-        return [$username, $password];
+        return [AES256::decrypt($username["value"],$key), AES256::decrypt($password["value"],$key)];
    }

    public function execute($command)

--- a/app/Http/Controllers/Extension/OneController.php
+++ b/app/Http/Controllers/Extension/OneController.php
@@ -12,6 +12,7 @@ use Illuminate\Http\Response;
 use Illuminate\Routing\Redirector;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Str;
+use mervick\aesEverywhere\AES256;

 /**
 * Class OneController
@@ -129,44 +130,25 @@ class OneController extends Controller
            ]);
            if (request($key["variable"])) {
                if ($row->exists()) {
-                    $encKey =
+                    $key =
                        env('APP_KEY') .
                        user()->id .
-                        extension()->id .
                        server()->id;
-                    $encrypted = openssl_encrypt(
-                        Str::random(16) .
-                            base64_encode(request($key["variable"])),
-                        'aes-256-cfb8',
-                        $encKey,
-                        0,
-                        Str::random(16)
-                    );
                    $row->update([
-                        "value" => $encrypted,
+                        "value" => AES256::encrypt(request($key["variable"]),$key),
                        "updated_at" => Carbon::now(),
                    ]);
                } else {
                    $encKey =
                        env('APP_KEY') .
                        user()->id .
-                        extension()->id .
                        server()->id;
-                    $encrypted = openssl_encrypt(
-                        Str::random(16) .
-                            base64_encode(request($key["variable"])),
-                        'aes-256-cfb8',
-                        $encKey,
-                        0,
-                        Str::random(16)
-                    );
-
                    DB::table("user_settings")->insert([
                        "id" => Str::uuid(),
                        "server_id" => server()->id,
                        "user_id" => user()->id,
                        "name" => $key["variable"],
-                        "value" => $encrypted,
+                        "value" => AES256::encrypt(request($key["variable"]),$key),
                        "created_at" => Carbon::now(),
                        "updated_at" => Carbon::now(),
                    ]);
@@ -218,13 +200,8 @@ class OneController extends Controller
                ->first();
            if ($obj) {
                $key =
-                    env('APP_KEY') .
-                    user()->id .
-                    extension()->id .
-                    server()->id;
-                $decrypted = openssl_decrypt($obj->value, 'aes-256-cfb8', $key);
-                $stringToDecode = substr($decrypted, 16);
-                $similar[$item["variable"]] = base64_decode($stringToDecode);
+                    env('APP_KEY') . user()->id . server()->id;
+                $similar[$item["variable"]] = AES256::decrypt($obj->value,$key);
            }
        }


--- a/app/Http/Controllers/Server/AddController.php
+++ b/app/Http/Controllers/Server/AddController.php
@@ -72,31 +72,17 @@ class AddController extends Controller
            server()->type == "linux_certificate"
        ) {
            $encKey = env('APP_KEY') . user()->id . server()->id;
-            $encryptedUsername = openssl_encrypt(
-                Str::random(16) . base64_encode(request('username')),
-                'aes-256-cfb8',
-                $encKey,
-                0,
-                Str::random(16)
-            );
-            $encryptedPassword = openssl_encrypt(
-                Str::random(16) . base64_encode(request('password')),
-                'aes-256-cfb8',
-                $encKey,
-                0,
-                Str::random(16)
-            );
            UserSettings::create([
                "server_id" => $this->server->id,
                "user_id" => user()->id,
                "name" => "clientUsername",
-                "value" => $encryptedUsername,
+                "value" => AES256::encrypt(request('username'),$encKey),
            ]);
            UserSettings::create([
                "server_id" => $this->server->id,
                "user_id" => user()->id,
                "name" => "clientPassword",
-                "value" => $encryptedPassword,
+                "value" => AES256::encrypt(request('password'),$encKey),
            ]);
        } elseif (server()->type == "snmp") {
            $targetValues = [
@@ -109,18 +95,11 @@ class AddController extends Controller
            ];
            $encKey = env('APP_KEY') . user()->id . server()->id;
            foreach ($targetValues as $target) {
-                $encrypted = openssl_encrypt(
-                    Str::random(16) . base64_encode(request($target)),
-                    'aes-256-cfb8',
-                    $encKey,
-                    0,
-                    Str::random(16)
-                );
                UserSettings::create([
                    "server_id" => $this->server->id,
                    "user_id" => user()->id,
                    "name" => $target,
-                    "value" => $encrypted,
+                    "value" => AES256::encrypt(request($target),$encKey),
                ]);
            }
        }

--- a/app/Http/Controllers/Server/OneController.php
+++ b/app/Http/Controllers/Server/OneController.php
@@ -1062,13 +1062,6 @@ class OneController extends Controller

        // Add credentials
        $encKey = env('APP_KEY') . user()->id . server()->id;
-        $encrypted = openssl_encrypt(
-            Str::random(16) . base64_encode(request('username')),
-            'aes-256-cfb8',
-            $encKey,
-            0,
-            Str::random(16)
-        );
        UserSettings::updateOrCreate(
            [
                "user_id" => user()->id,
@@ -1076,17 +1069,10 @@ class OneController extends Controller
                "name" => "clientUsername",
            ],
            [
-                "value" => $encrypted,
+                "value" => AES256::encrypt(request('username'),$encKey),
            ]
        );

-        $encrypted = openssl_encrypt(
-            Str::random(16) . base64_encode(request('password')),
-            'aes-256-cfb8',
-            $encKey,
-            0,
-            Str::random(16)
-        );
        UserSettings::updateOrCreate(
            [
                "user_id" => user()->id,
@@ -1094,7 +1080,7 @@ class OneController extends Controller
                "name" => "clientPassword",
            ],
            [
-                "value" => $encrypted,
+                "value" => AES256::encrypt(request('password'),$encKey),
            ]
        );


--- a/app/Http/Controllers/UserController.php
+++ b/app/Http/Controllers/UserController.php
@@ -12,6 +12,7 @@ use Illuminate\Support\Facades\Validator;
 use Illuminate\Support\Str;
 use Illuminate\Support\Facades\Hash;
 use App\Models\ConnectorToken;
+use mervick\aesEverywhere\AES256;

 class UserController extends Controller
 {
@@ -362,14 +363,9 @@ class UserController extends Controller
            }
        }

-        $encKey = env('APP_KEY') . $setting->user_id . $setting->server_id;
-        $encrypted = openssl_encrypt(
-            Str::random(16) . base64_encode(request('new_value')),
-            'aes-256-cfb8',
-            $encKey,
-            0,
-            Str::random(16)
-        );
+        $key = env('APP_KEY') . $setting->user_id . $setting->server_id;
+        $encrypted = AES256::encrypt(request('new_value'),$key);
+
        $flag = $setting->update([
            "value" => $encrypted,
        ]);
@@ -492,31 +488,17 @@ class UserController extends Controller
        ])->delete();

        $encKey = env('APP_KEY') . user()->id . server()->id;
-        $encryptedUsername = openssl_encrypt(
-            Str::random(16) . base64_encode(request('username')),
-            'aes-256-cfb8',
-            $encKey,
-            0,
-            Str::random(16)
-        );
-        $encryptedPassword = openssl_encrypt(
-            Str::random(16) . base64_encode(request('password')),
-            'aes-256-cfb8',
-            $encKey,
-            0,
-            Str::random(16)
-        );
        UserSettings::create([
            "server_id" => server()->id,
            "user_id" => user()->id,
            "name" => "clientUsername",
-            "value" => $encryptedUsername,
+            "value" => AES256::encrypt(request('username'),$encKey),
        ]);
        UserSettings::create([
            "server_id" => server()->id,
            "user_id" => user()->id,
            "name" => "clientPassword",
-            "value" => $encryptedPassword,
+            "value" => AES256::encrypt(request('password'),$encKey),
        ]);
        ConnectorToken::clear();
        return respond("Başarıyla eklendi.");

--- a/app/Http/Helpers.php
+++ b/app/Http/Helpers.php
@@ -18,6 +18,8 @@ use Carbon\Carbon;
 use Illuminate\Support\Str;
 use Jenssegers\Blade\Blade;
 use App\System\Helper;
+use mervick\aesEverywhere\AES256;
+
 if (!function_exists('respond')) {
    /**
     * @param $message
@@ -582,9 +584,7 @@ if (!function_exists('extensionDb')) {
            ->first();
        if ($target) {
            $key = env('APP_KEY') . auth()->user()->id . server()->id;
-            $decrypted = openssl_decrypt($target->value, 'aes-256-cfb8', $key);
-            $stringToDecode = substr($decrypted, 16);
-            return base64_decode($stringToDecode);
+            return AES256::decrypt($target->value,$key);
        }
        return null;
    }
@@ -815,9 +815,7 @@ if (!function_exists('lDecrypt')) {
    function lDecrypt($data)
    {
        $key = env('APP_KEY') . user()->id . server()->id;
-        $decrypted = openssl_decrypt($data, 'aes-256-cfb8', $key);
-        $stringToDecode = substr($decrypted, 16);
-        return base64_decode($stringToDecode);
+        return AES256::decrypt($data,$key);
    }
 }


--- a/app/Jobs/ExtensionJob.php
+++ b/app/Jobs/ExtensionJob.php
@@ -11,6 +11,7 @@ use Illuminate\Support\Facades\DB;
 use App\Models\Token;
 use Illuminate\Support\Str;
 use App\Models\Permission;
+use mervick\aesEverywhere\AES256;

 class ExtensionJob implements ShouldQueue
 {
@@ -118,14 +119,8 @@ class ExtensionJob implements ShouldQueue
            $extensionDb = [];
            foreach ($settings->get() as $setting) {
                $key =
-                    env('APP_KEY') . $user_id . $extension_id . $serverObj->id;
-                $decrypted = openssl_decrypt(
-                    $setting->value,
-                    'aes-256-cfb8',
-                    $key
-                );
-                $stringToDecode = substr($decrypted, 16);
-                $extensionDb[$setting->name] = base64_decode($stringToDecode);
+                    env('APP_KEY') . $user_id . $serverObj->id;
+                $extensionDb[$setting->name] = AES256::decrypt($setting->value,$key);
            }
        }


--- a/app/Sandboxes/PHPSandbox.php
+++ b/app/Sandboxes/PHPSandbox.php
@@ -6,6 +6,7 @@ use App\Models\Permission;
 use App\Models\Token;
 use Illuminate\Support\Str;
 use App\Models\UserSettings;
+use mervick\aesEverywhere\AES256;

 class PHPSandbox implements Sandbox
 {
@@ -62,15 +63,8 @@ class PHPSandbox implements Sandbox
                $key =
                    env('APP_KEY') .
                    $this->user->id .
-                    $this->extension->id .
                    $this->server->id;
-                $decrypted = openssl_decrypt(
-                    $setting->value,
-                    'aes-256-cfb8',
-                    $key
-                );
-                $stringToDecode = substr($decrypted, 16);
-                $extensionDb[$setting->name] = base64_decode($stringToDecode);
+                $extensionDb[$setting->name] = AES256::decrypt($setting->value,$key);
            }

            $extensionDb = json_encode($extensionDb);
@@ -152,10 +146,10 @@ class PHPSandbox implements Sandbox
            $navigationRoute,
            $token,
            $permissions,
-            session('locale'),
-            json_encode($userData),
+            // session('locale'),
+            // json_encode($userData),
            $publicPath,
-            $isAjax,
+            // $isAjax,
            $this->logId,
        ];


--- a/app/Sandboxes/PythonSandbox.php
+++ b/app/Sandboxes/PythonSandbox.php
@@ -6,6 +6,7 @@ use App\Models\Permission;
 use App\Models\Token;
 use App\Models\UserSettings;
 use Illuminate\Support\Str;
+use mervick\aesEverywhere\AES256;

 class PythonSandbox implements Sandbox
 {
@@ -62,11 +63,8 @@ class PythonSandbox implements Sandbox
            $key =
                env('APP_KEY') .
                $this->user->id .
-                $this->extension->id .
                $this->server->id;
-            $decrypted = openssl_decrypt($setting->value, 'aes-256-cfb8', $key);
-            $stringToDecode = substr($decrypted, 16);
-            $extensionDb[$setting->name] = base64_decode($stringToDecode);
+            $extensionDb[$setting->name] = AES256::decrypt($setting->value,$key);
        }

        $extensionDb = json_encode($extensionDb);

--- a/composer.json
+++ b/composer.json
@@ -23,6 +23,7 @@
        "jenssegers/blade": "^1.3",
        "laravel/framework": "^6.0",
        "laravel/helpers": "*",
+        "mervick/aes-everywhere": "^1.1",
        "phpseclib/phpseclib": "^2.0",
        "pusher/pusher-php-server": "~3.0"
    },

--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
        "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
        "This file is @generated automatically"
    ],
-    "content-hash": "0831ea5127ee882a76a20f0c657adf49",
+    "content-hash": "3a4326a07657d38058b97c8851a6ef88",
    "packages": [
        {
            "name": "ankitpokhrel/tus-php",
@@ -1688,6 +1688,43 @@
            ],
            "time": "2020-05-18T15:13:39+00:00"
        },
+        {
+            "name": "mervick/aes-everywhere",
+            "version": "v1.1.3",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/mervick/aes-everywhere.git",
+                "reference": "5b0078aa579b5f4775979ec9a1b8b3c8c2debdbc"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/mervick/aes-everywhere/zipball/5b0078aa579b5f4775979ec9a1b8b3c8c2debdbc",
+                "reference": "5b0078aa579b5f4775979ec9a1b8b3c8c2debdbc",
+                "shasum": ""
+            },
+            "require-dev": {
+                "phpunit/phpunit": "^5"
+            },
+            "type": "library",
+            "autoload": {
+                "psr-4": {
+                    "mervick\\aesEverywhere\\tests\\": "php//tests//",
+                    "mervick\\aesEverywhere\\": "php//src//"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Andrey Izman",
+                    "email": "izmanw@gmail.com"
+                }
+            ],
+            "description": "Aes Everywhere - Cross Language Encryption Library (AES/256/CBC/PKCS5)",
+            "time": "2019-09-15T19:41:29+00:00"
+        },
        {
            "name": "monolog/monolog",
            "version": "2.1.0",

--- a/database/migrations/2020_08_12_104025_change_encryption_alghoritm.php
+++ b/database/migrations/2020_08_12_104025_change_encryption_alghoritm.php
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+use App\Models\UserSettings;
+use mervick\aesEverywhere\AES256;
+class ChangeEncryptionAlghoritm extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        $settings = UserSettings::all();
+        foreach ($settings as $setting) {
+            $key = env('APP_KEY') . $setting->user_id . $setting->server_id;
+            $decrypted = openssl_decrypt($setting->value, 'aes-256-cfb8', $key);
+            $stringToDecode = substr($decrypted, 16);
+            $password = base64_decode($stringToDecode);
+            $setting->update([
+                "value" => AES256::encrypt($password, $key)
+            ]);
+        }
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}