[8.x] Added support for GCM encryption

src/Illuminate/Encryption/Encrypter.php

@@ -41,7 +41,7 @@ public function __construct($key, $cipher = 'AES-128-CBC')
             $this->key = $key;
             $this->cipher = $cipher;
         } else {
-            throw new RuntimeException('The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths.');
+            throw new RuntimeException('The only supported ciphers are AES-128-CBC, AES-256-CBC, AES-128-GCM, and AES-256-GCM with the correct key lengths.');
         }
     }
 
@@ -57,7 +57,9 @@ public static function supported($key, $cipher)
         $length = mb_strlen($key, '8bit');
 
         return ($cipher === 'AES-128-CBC' && $length === 16) ||
-               ($cipher === 'AES-256-CBC' && $length === 32);
+            ($cipher === 'AES-256-CBC' && $length === 32) ||
+            ($cipher === 'AES-128-GCM' && $length === 16) ||
+            ($cipher === 'AES-256-GCM' && $length === 32);
     }
 
     /**
@@ -83,14 +85,21 @@ public static function generateKey($cipher)
     public function encrypt($value, $serialize = true)
     {
         $iv = random_bytes(openssl_cipher_iv_length($this->cipher));
+        $tag = in_array($this->cipher, ['AES-128-GCM', 'AES-256-GCM']) ? '' : null;
 
         // First we will encrypt the value using OpenSSL. After this is encrypted we
         // will proceed to calculating a MAC for the encrypted value so that this
         // value can be verified later as not having been changed by the users.
-        $value = \openssl_encrypt(
-            $serialize ? serialize($value) : $value,
-            $this->cipher, $this->key, 0, $iv
-        );
+        $value =
+            in_array($this->cipher, ['AES-128-GCM', 'AES-256-GCM']) ?
+                \openssl_encrypt(
+                    $serialize ? serialize($value) : $value,
+                    $this->cipher, $this->key, 0, $iv, $tag
+                ) :
+                \openssl_encrypt(
+                    $serialize ? serialize($value) : $value,
+                    $this->cipher, $this->key, 0, $iv
+                );
 
         if ($value === false) {
             throw new EncryptException('Could not encrypt the data.');
@@ -99,9 +108,9 @@ public function encrypt($value, $serialize = true)
         // Once we get the encrypted value we'll go ahead and base64_encode the input
         // vector and create the MAC for the encrypted value so we can then verify
         // its authenticity. Then, we'll JSON the data into the "payload" array.
-        $mac = $this->hash($iv = base64_encode($iv), $value);
+        $mac = $this->hash($iv = base64_encode($iv), $value, $tag = $tag ? base64_encode($tag) : '');
 
-        $json = json_encode(compact('iv', 'value', 'mac'), JSON_UNESCAPED_SLASHES);
+        $json = json_encode(compact('iv', 'value', 'mac', 'tag'), JSON_UNESCAPED_SLASHES);
 
         if (json_last_error() !== JSON_ERROR_NONE) {
             throw new EncryptException('Could not encrypt the data.');
@@ -137,12 +146,13 @@ public function decrypt($payload, $unserialize = true)
         $payload = $this->getJsonPayload($payload);
 
         $iv = base64_decode($payload['iv']);
+        $tag = empty($payload['tag']) ? null : base64_decode($payload['tag']);
 
         // Here we will decrypt the value. If we are able to successfully decrypt it
         // we will then unserialize it and return it out to the caller. If we are
         // unable to decrypt this value we will throw out an exception message.
         $decrypted = \openssl_decrypt(
-            $payload['value'], $this->cipher, $this->key, 0, $iv
+            $payload['value'], $this->cipher, $this->key, 0, $iv, $tag
         );
 
         if ($decrypted === false) {
@@ -172,9 +182,9 @@ public function decryptString($payload)
      * @param  mixed  $value
      * @return string
      */
-    protected function hash($iv, $value)
+    protected function hash($iv, $value, $tag = '')
     {
-        return hash_hmac('sha256', $iv.$value, $this->key);
+        return hash_hmac('sha256', $tag.$iv.$value, $this->key);
     }
 
     /**
@@ -212,7 +222,7 @@ protected function getJsonPayload($payload)
     protected function validPayload($payload)
     {
         return is_array($payload) && isset($payload['iv'], $payload['value'], $payload['mac']) &&
-               strlen(base64_decode($payload['iv'], true)) === openssl_cipher_iv_length($this->cipher);
+            strlen(base64_decode($payload['iv'], true)) === openssl_cipher_iv_length($this->cipher);
     }
 
     /**
@@ -224,7 +234,7 @@ protected function validPayload($payload)
     protected function validMac(array $payload)
     {
         return hash_equals(
-            $this->hash($payload['iv'], $payload['value']), $payload['mac']
+            $this->hash($payload['iv'], $payload['value'], $payload['tag'] ?? ''), $payload['mac']
         );
     }
 

tests/Encryption/EncrypterTest.php

@@ -45,12 +45,12 @@ public function testEncryptedLengthIsFixed()
 
     public function testWithCustomCipher()
     {
-        $e = new Encrypter(str_repeat('b', 32), 'AES-256-CBC');
+        $e = new Encrypter(str_repeat('b', 32), 'AES-256-GCM');
         $encrypted = $e->encrypt('bar');
         $this->assertNotSame('bar', $encrypted);
         $this->assertSame('bar', $e->decrypt($encrypted));
 
-        $e = new Encrypter(random_bytes(32), 'AES-256-CBC');
+        $e = new Encrypter(random_bytes(32), 'AES-256-GCM');
         $encrypted = $e->encrypt('foo');
         $this->assertNotSame('foo', $encrypted);
         $this->assertSame('foo', $e->decrypt($encrypted));
@@ -59,31 +59,31 @@ public function testWithCustomCipher()
     public function testDoNoAllowLongerKey()
     {
         $this->expectException(RuntimeException::class);
-        $this->expectExceptionMessage('The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths.');
+        $this->expectExceptionMessage('The only supported ciphers are AES-128-CBC, AES-256-CBC, AES-128-GCM, and AES-256-GCM with the correct key lengths.');
 
         new Encrypter(str_repeat('z', 32));
     }
 
     public function testWithBadKeyLength()
     {
         $this->expectException(RuntimeException::class);
-        $this->expectExceptionMessage('The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths.');
+        $this->expectExceptionMessage('The only supported ciphers are AES-128-CBC, AES-256-CBC, AES-128-GCM, and AES-256-GCM with the correct key lengths.');
 
         new Encrypter(str_repeat('a', 5));
     }
 
     public function testWithBadKeyLengthAlternativeCipher()
     {
         $this->expectException(RuntimeException::class);
-        $this->expectExceptionMessage('The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths.');
+        $this->expectExceptionMessage('The only supported ciphers are AES-128-CBC, AES-256-CBC, AES-128-GCM, and AES-256-GCM with the correct key lengths.');
 
         new Encrypter(str_repeat('a', 16), 'AES-256-CFB8');
     }
 
     public function testWithUnsupportedCipher()
     {
         $this->expectException(RuntimeException::class);
-        $this->expectExceptionMessage('The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths.');
+        $this->expectExceptionMessage('The only supported ciphers are AES-128-CBC, AES-256-CBC, AES-128-GCM, and AES-256-GCM with the correct key lengths.');
 
         new Encrypter(str_repeat('c', 16), 'AES-256-CFB8');
     }