mirror of
https://github.com/nuxsmin/sysPass.git
synced 2026-03-03 07:04:07 +01:00
113 lines
2.8 KiB
PHP
113 lines
2.8 KiB
PHP
<?php
|
|
/*
|
|
* sysPass
|
|
*
|
|
* @author nuxsmin
|
|
* @link https://syspass.org
|
|
* @copyright 2012-2024, Rubén Domínguez nuxsmin@$syspass.org
|
|
*
|
|
* This file is part of sysPass.
|
|
*
|
|
* sysPass is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* sysPass is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
namespace SP\Core\Crypt;
|
|
|
|
use Defuse\Crypto\Key;
|
|
use SessionHandler;
|
|
use SessionHandlerInterface;
|
|
use SP\Domain\Core\Crypt\CryptInterface;
|
|
use SP\Domain\Core\Exceptions\CryptException;
|
|
|
|
use function SP\logger;
|
|
|
|
/**
|
|
* Class CryptSessionHandler
|
|
*/
|
|
final class CryptSessionHandler implements SessionHandlerInterface
|
|
{
|
|
public static bool $isSecured = false;
|
|
|
|
public function __construct(
|
|
private readonly Key $key,
|
|
private readonly CryptInterface $crypt,
|
|
private readonly SessionHandler $sessionHandler
|
|
) {
|
|
}
|
|
|
|
/**
|
|
* @inheritDoc
|
|
*/
|
|
public function read(string $id): string
|
|
{
|
|
$data = $this->sessionHandler->read($id);
|
|
|
|
if (!$data) {
|
|
return '';
|
|
}
|
|
|
|
try {
|
|
self::$isSecured = true;
|
|
|
|
return $this->crypt->decrypt($data, $this->key);
|
|
} catch (CryptException $e) {
|
|
self::$isSecured = false;
|
|
|
|
logger($e->getMessage());
|
|
logger('Session data not encrypted.');
|
|
|
|
return $data;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @inheritDoc
|
|
*/
|
|
public function write(string $id, string $data): bool
|
|
{
|
|
try {
|
|
$encryptedData = $this->crypt->encrypt($data, $this->key);
|
|
|
|
self::$isSecured = true;
|
|
} catch (CryptException $e) {
|
|
self::$isSecured = false;
|
|
|
|
logger('Could not encrypt session data.');
|
|
logger($e->getMessage());
|
|
}
|
|
|
|
return $this->sessionHandler->write($id, $encryptedData ?? $data);
|
|
}
|
|
|
|
public function close(): bool
|
|
{
|
|
return $this->sessionHandler->close();
|
|
}
|
|
|
|
public function destroy(string $id): bool
|
|
{
|
|
return $this->sessionHandler->destroy($id);
|
|
}
|
|
|
|
public function gc(int $max_lifetime): int|false
|
|
{
|
|
return $this->sessionHandler->gc($max_lifetime);
|
|
}
|
|
|
|
public function open(string $path, string $name): bool
|
|
{
|
|
return $this->sessionHandler->open($path, $name);
|
|
}
|
|
}
|