encrypted sourcecode

[subabrain]

Hello together,

i already finished an in build php-gtk3 function named "encrypted_file" which will decrypt an aes phpgtk sourcecode for runtime.

so maybe @scorninpc we can implement this in the next releases ... im working on a tool how to encrypt ....

have a good night ;)

Regards Robert

[scorninpc]

Hey Robert, how are you?

I'd love to see the funcion. But i dont think this can released with this lib. But maybe we can create an separated lib for that, to run with any PHP code, what do you think?

Where I can see this function?

[subabrain]

Hi Bruno,

im fine and you?

here an overview in the phpgtk sourcecode:

/**
 * PHP-CPP
 *
 * Sobre como extender classes
 *      https://github.com/CopernicaMarketingSoftware/PHP-CPP/issues/211
 *
 *
 */

#include "main.h"
#include <openssl/aes.h>
#include <fstream>
#include <iostream>
#include <vector>
#include <cstring>
#include <sstream>
#include <iomanip>

// https://www.sitepoint.com/developing-php-extensions-c-php-cpp-advanced/

/**
 *  tell the compiler that the get_module is a pure C function
 */

 // Key for AES decryption
unsigned char key[] = "your_AES_key_her";

const std::string base64_chars =
"ABCDEFGHIJKLMNOPQRSTUVWXYZ"
"abcdefghijklmnopqrstuvwxyz"
"0123456789+/";

inline bool is_base64(unsigned char c) {
    return (isalnum(c) || (c == '+') || (c == '/'));
}

std::string base64_decode(const std::string& encoded_string) {
    int in_len = encoded_string.size();
    int i = 0, j = 0, in_ = 0;
    unsigned char char_array_4[4], char_array_3[3];
    std::string ret;

    while (in_len-- && (encoded_string[in_] != '=') && is_base64(encoded_string[in_])) {
        char_array_4[i++] = encoded_string[in_]; in_++;
        if (i == 4) {
            for (i = 0; i < 4; i++)
                char_array_4[i] = base64_chars.find(char_array_4[i]);

            char_array_3[0] = (char_array_4[0] << 2) + ((char_array_4[1] & 0x30) >> 4);
            char_array_3[1] = ((char_array_4[1] & 0x0F) << 4) + ((char_array_4[2] & 0x3C) >> 2);
            char_array_3[2] = ((char_array_4[2] & 0x03) << 6) + char_array_4[3];

            for (i = 0; (i < 3); i++)
                ret += char_array_3[i];
            i = 0;
        }
    }

    if (i) {
        for (j = i; j < 4; j++)
            char_array_4[j] = 0;

        for (j = 0; j < 4; j++)
            char_array_4[j] = base64_chars.find(char_array_4[j]);

        char_array_3[0] = (char_array_4[0] << 2) + ((char_array_4[1] & 0x30) >> 4);
        char_array_3[1] = ((char_array_4[1] & 0x0F) << 4) + ((char_array_4[2] & 0x3C) >> 2);
        char_array_3[2] = ((char_array_4[2] & 0x03) << 6) + char_array_4[3];

        for (j = 0; (j < i - 1); j++) ret += char_array_3[j];
    }

    return ret;
}

std::string decryptAES_ECB(const std::string& ciphertext, unsigned char* key) {
    // Decodieren des Base64-kodierten Ciphertexts
    std::string decoded_ciphertext = base64_decode(ciphertext);

    // Überprüfen der Länge des Ciphertexts
    if (decoded_ciphertext.length() % AES_BLOCK_SIZE != 0) {
        std::cerr << "Ciphertext length is not a multiple of the AES block size." << std::endl;
        return "";
    }

    // Speichern des entschlüsselten Texts
    std::string decrypted_text;

    // Initialisieren des Entschlüsselungskontexts
    AES_KEY aesKey;
    if (AES_set_decrypt_key(key, 128, &aesKey) < 0) {
        std::cerr << "Failed to set decryption key." << std::endl;
        return "";
    }

    // Entschlüsselung des Ciphertexts blockweise
    for (size_t i = 0; i < decoded_ciphertext.length(); i += AES_BLOCK_SIZE) {
        unsigned char plaintext_block[AES_BLOCK_SIZE];
        AES_decrypt(reinterpret_cast<const unsigned char*>(decoded_ciphertext.c_str() + i),
            plaintext_block, &aesKey);
        decrypted_text.append(reinterpret_cast<char*>(plaintext_block), AES_BLOCK_SIZE);
    }

    return decrypted_text;
}

void preprocessPHPCode(std::string& phpCode) {
    
    std::string input = phpCode;

    // Base64-kodierter AES-Ciphertext
    std::string base64EncodedText = input;

    // Entschlüsseln des Ciphertexts
    std::string decryptedText = decryptAES_ECB(base64EncodedText, key);

    std::string decoded = decryptedText;

    phpCode = decoded;
}

Php::Value encrypted_file(Php::Parameters& params) {

    std::string filename = params[0];
    std::ifstream file(filename);

    if (!file.is_open()) {
        return false; // Fehlerbehandlung: Datei konnte nicht geöffnet werden
    }

    std::stringstream buffer;
    buffer << file.rdbuf();
    std::string phpCode = buffer.str();

    preprocessPHPCode(phpCode);

    Php::Value result;

    result = Php::eval(phpCode);

    return result;
}

extern "C"
{

    /**
     *  Function that is called by PHP right after the PHP process
     *  has started, and that returns an address of an internal PHP
     *  strucure with all the details and features of your extension
     *
     *  @return void*   a pointer to an address that is understood by PHP
     */
    PHPCPP_EXPORT void *get_module()
    {
        // static(!) Php::Extension object that should stay in memory
        // for the entire duration of the process (that's why it's static)
        static Php::Extension extension("php-gtk3", "1.0");

        extension.add<encrypted_file>("encrypted_file");
        ...
     }

}

maybe you have some additional ideas :)

edit: sorry i forgot the php code:

<?php

encrypted_file("aes_encrypted_file.php");

...

Regards Robert

[subabrain]

and here an example aes code:

pazecZXYPu9NWWFb2fQqkwufJxgVwZHO7AFmcMHt/W/haM1yAu0zZxSkxFQFetbeN+8f87poCymX/CVR1pDlGuNm99prKWlZb1Yc8dQhwKYiqDWewc3NEWHBi4uqi2h9oxar+fFxoe2q33swzsiDe3YVSbqA3JSo3/1l94sc8TxQK+IrhqyAiO6g9r+xsSeERmaVA8ZQ9mydyhE8M8X60rUmy5I/wucpdOzu/tnEEcqoYJbHjrM+SmwMAhKg6rmVqhssIEL7/VoIi9vgYw7UbniQ48B934dSa1i1IDQpO7ZVBuJicUtVUEmumr/eI7xcHCD/hFAqaR8OqxBubmSJmtKPpgGwrTbUhHXlZNE3NJNsBhJipJfBuXzQ1oKPIbGla1x8aRz69kSfhR30+vbmhq5aPjHBYDxyd0r9M/tMj5KLPBf3ile4vdeMh7EnyhJFBpGujOJUf/asACrwcarldd5lFdo7qOnsFjF89s4aqYfnvMOHt5lS6tAq7rpXU7iGa/eGApTV9PrnwMj15KhPKXXrHzqmJBzTq59GgP/6rzZvlNlJcGudCG9zm12JTHzlM/MzcAqnazRY5hbvicYLsvP0ziW9W6zlQ7N4pUnjubtGoEsb8dOfPaZW5SodZMECsTtQTHJ5f0ccmUMypHEqO6Uq5JPBWCmUHyXuuR1RF8jPB254NzsenvZwTuJAsGixRy5g8VlFreF+LNVA/CK4dONcZeSnioDURQOKJpS0ZfxIm4It7XY/9hNaRf8Nl1WCXyuM+KfbNhoj+HO1vhO6IKMGCQPGBp0vAUhE0nqnXS5nCdT1AQO3iTRICyIvh5ebeW8XTMxruMDA3dNjdV9nrGKAd2BEqkWtWYR4fPbXcS2KH85fY6zEtUjyecxPhyhB6HzqQpIVMZOU3S8VHmic1fPTUro68W+JF8WkTHuE2KIxfN9fIbK843iqCPIT4rwGcdujmCDW3+YQH8lnYtElhS5aDTMVDfAtiHjgFqayZDhBvqGhsmyVxEMRn7LOqVkbyFi40U5iR6M9+kkBEY8NnhwimH4ZkEZekFQOHID5m2KsuMv57nkZwXpBknAOIx/YLdbsXlD0WJHALH7MdDYPaRORx6FtXFQrNgklVViB6989BPcOt9XTJrCFgSEpYamsnCS6pg0o3M99NPUVLLnu1Z3JJL2UpCxwqhzK4KWCXS2mihyLECRPealNWOQqaZGvhP6ZPmcSlMRy8Y//DQMJjqF8WIInJOpkkDi3wxBW9cEnealMXnal1h5bMsQ/C8lux4WifAiTq/IlLv1HRrSUso5TziDmsQBxCtFnYMi4J06ylR0+l+gV+OUI8aTXpYPOCU8ajY/aIZfnAxe929hByfcE8UBXxTeOn1Q6S4IkX0kLwTYH6UiKemRZMgIvN5Uwh8GcMUTFBsOocWBQI0EpO2ta+9/LD4E3h7SqXzI7/gE2l+A3WzBvSUGhCImaNhgRVhECovnJoDmL2s0VsHgzBWdt4tIhIRCQkaVEkxRRtjIA7kqT8wFajnwi5YOAOqMDn29+6QIYTYNTvzhebZek6Qr9LD6qTVLj1dPc1fHEpzwKW6LXdsq1nEm03NGYTpnsxzWvAm5xv7OR99imEGGeh3SdXFTv0wToDklUF/LloM3VRCI5SOoRnTQs+lnP2TL/W0Yeo8WOCDzMeJDm5H1I98qt2T5FwBnG2lr7zAEa/TN1HGOLJDbaEbtNAGfUPn+saBGnHSkXwQ0mDE0OODXJAshYuNFOYkejPfpJARGPDZ5GxAYXcb1FDmyDFeMmeSpGyHlhBlIDfRpOOEgMExHr3M9iNIlXjhVvpOFE+N6oFBTlDiYYskgx6r9B44vnKW2p4ZYD79bwNDIHU1SJKaTQYwkEhAhlwZPUDwL+9JT16jY5Y5ulZtngZzFxPthvE9UP1vNfotTN+Z6qKHsKSrsEPvvqbdn2d6lKdzELTuCyPjfnEdKU8hJ8mKs+F2eyxfOOt5z6UuSLvhTnpZ1WzhxcX3riBwVndkTujHkAmVIQl+Qg4WUj7wZnVzNqVUZHganZmB72PYgk0emQUVspf25z+uAj7umLqZSIV2ZIETlmJdzjfHH2I5wdOU68wn/5p2a/ps9R2z5wPt44iPpxHX7btDQbO6sJZDJCvGf1+Lw7XLWKB6OVHLpFYZMKTpM24WoWnXSOyJLUVvgNxlpGrSsDdvSQ3r2mMtiQbvW7Ozkw+o41KAUMiUSyxKnVu06QjBZN4w1qahavIcKV3cUZatio2DIYqYDPe3I69sk5mIse8VpDbiDG9+tjB77H7z2qgJQiU8bDqMRVwM1fBOjxkpoNumSQIJusoazt9g1W18Bytkyhb1AQULbdT3uuJHf6mgYmiXSgmDtdsX/igdw9LOwOE7bNXWKTGhIHHoSYyOzfKkN7jVxhpcrTLBJ3r5JtmxE6dM2EVk8wp4k69EaIUmCGOkgI4HM46OLYAXGq/yvshno=

Regards Robert

[subabrain]

Hi Bruno,

maybe you have an idea how to handle the aes key ... thx!

Regards Robert

[scorninpc]

Ow! very nice!

Do you have any idea how work with multiple files?

[subabrain]

Hey Bruno,

yes of ocurse you can use encrypted_file("aes_encrypted_file.php"); for multiple files :)

or do you mean something else?

Regards Robert

[scorninpc]

i mean, when one php include another php, how encrypted_file("") handle this?

[subabrain]

ahh - i see :)

yes thats a good question - it is done with eval() - i will have to check :)

Thx and Regards! Robert

[subabrain]

Hello,

ok i got a comfortable way now how to handle the aes key for windows :)

i will release soon the whole stuff :)

thanks and regards! Robert

[scorninpc]

This is very nice news. Create a repo, lets do this new project apart

[subabrain]

Ok - i made some Repos:

https://github.com/subabrain/PHP-GTK3-Encrypt

maybe someone could help to improve this ;)

Thanks and Regards! Robert

[subabrain]

hi together,

i will redo my rpget - maybe you have also an idea how to handle a key .....

Regards Robert

[subabrain]

ok,

i got a way - i just mac address / time / hash ...... maybe you got an idea what we could use ;)

Gn8 Robert

[subabrain]

ok now i redo the rpget encrypter:

the function "encrypted_file();" has the following parameters:

encrypted_file("encrypted_file", "key_file");

here you find a encrypter for this: rpget_fertig.zip

soon new stuff...

Regards Robert

[subabrain]

okay,

now its better 😃

https://github.com/subabrain/php-gtk3-rpget-win

have fun!

Regards Robert

[scorninpc]

o man, this is very nice