Encrypt PHP-GTK3 #180
Description
Ok,
i made a php gtk3 encryption possibility ...
it works like this:
Encrypt your php-gtk3 source code with some encrypt algo maybe "AES" or something like this.
Now - save your key you have encrypted with, in some file - and also encrypt this file with a key also.
Next - now you have encrypt the encrypted key - now just go into the sourcecode of php-gtk3 extension (best at the start of the "main.cpp") and do something like this:
std::string read_file(const std::string& filename) {
std::ifstream file(filename, std::ios::binary);
if (!file) throw std::runtime_error("Datei nicht gefunden: " + filename);
std::ostringstream ss;
ss << file.rdbuf();
return ss.str();
}
std::string decrypt_aes(const std::string& ciphertext, const std::string& key, const std::string& iv) {
EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new();
if (!ctx) throw std::runtime_error("EVP_CIPHER_CTX_new fehlgeschlagen");
std::vector<unsigned char> plaintext(ciphertext.size() + AES_BLOCK_SIZE);
int len = 0, plaintext_len = 0;
if (1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), nullptr,
reinterpret_cast<const unsigned char*>(key.data()),
reinterpret_cast<const unsigned char*>(iv.data())))
throw std::runtime_error("EVP_DecryptInit_ex fehlgeschlagen");
if (1 != EVP_DecryptUpdate(ctx, plaintext.data(), &len,
reinterpret_cast<const unsigned char*>(ciphertext.data()),
ciphertext.size()))
throw std::runtime_error("EVP_DecryptUpdate fehlgeschlagen");
plaintext_len = len;
if (1 != EVP_DecryptFinal_ex(ctx, plaintext.data() + len, &len))
throw std::runtime_error("EVP_DecryptFinal_ex fehlgeschlagen");
plaintext_len += len;
EVP_CIPHER_CTX_free(ctx);
return std::string(reinterpret_cast<char*>(plaintext.data()), plaintext_len);
}
void run_protected_php_code() {
std::string static_key = "1234567890abcdef1234567890abcdef"; // 32 bytes
std::string static_iv = "abcdef1234567890"; // 16 bytes
// AES-Schlüssel entschlüsseln
std::string encrypted_key = read_file("aes.key.enc");
std::string aes_key = decrypt_aes(encrypted_key, static_key, static_iv);
// PHP-Code entschlüsseln
std::string encrypted_php = read_file("encrypted.php");
std::string decrypted_php = decrypt_aes(encrypted_php, aes_key, static_iv);
// Ausführen via PHP-CPP
Php::eval(decrypted_php);
}
Php::Value php_decrypt_and_eval(Php::Parameters& params) {
if (params.size() != 2) throw Php::Exception("2 Parameter erwartet: encrypted_file, key_file");
std::string encrypted_file = params[0].stringValue();
std::string key_file = params[1].stringValue();
std::string static_key = "1234567890abcdef1234567890abcdef"; // 32 bytes
std::string static_iv = "abcdef1234567890"; // 16 bytes
std::string encrypted_key = read_file(key_file);
std::string aes_key = decrypt_aes(encrypted_key, static_key, static_iv);
std::string encrypted_php = read_file(encrypted_file);
// IV extrahieren (ersten 16 Bytes)
std::string iv = encrypted_php.substr(0, 16);
std::string cipher = encrypted_php.substr(16);
std::string decrypted_php = decrypt_aes(cipher, aes_key, iv);
Php::eval(decrypted_php);
return nullptr;
}
it decrypts the encrypted php-gtk files at runtime with even a encryption key - which was used to encrypt the key and execute them with eval - i know its a bit dangerous but i will fix this problem soon.
i would share this with you :)
@scorninpc - maybe you can also publish this?
Regards
Robert