Skip to content
Permalink
Browse files

Create model for secure messages

  • Loading branch information
john committed Apr 24, 2017
1 parent 3481a87 commit 074d136a694030896edfd96bfcf169bb5db00501
Showing with 122 additions and 0 deletions.
  1. +122 −0 app/model/SecureMessage.php
@@ -0,0 +1,122 @@
<?php
include_once(APP_DIR . 'database/Database.php');
include_once(APP_DIR . 'config/config.php');
include_once(APP_DIR . 'model/User.php');
class SecureMessage {
protected static $table = 'messages';
public $id;
public $message;
public $sender_id;
public $receiver_id;
/**
* Stores this information pertaining to this message in the DB
*/
public function save() {
$integrity_key = openssl_random_pseudo_bytes(16);
$encryption_key = openssl_random_pseudo_bytes(16);
$message_iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length(Config::encr_algo));
$message_hash = hash_hmac(Config::hash_algo, $this->message, $integrity_key);
$ciphertext = openssl_encrypt($this->message . $message_hash, Config::encr_algo, $encryption_key, 0, $message_iv);
$keys_iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length(Config::encr_algo));
$enc_keys = openssl_encrypt($integrity_key . $encryption_key, Config::encr_algo, Config::secret_key, 0, $keys_iv);
$dbh = Database::connect();
$stmt = $dbh->prepare('INSERT INTO messages (message, sender_id, receiver_id, enc_keys, keys_iv, message_iv)
VALUES (:message, :sender_id, :receiver_id, :enc_keys, :keys_iv, :message_iv)
');
$encoded_keys_iv = base64_encode($keys_iv);
$encoded_message_iv = base64_encode($message_iv);
$stmt->bindParam(':message', $ciphertext);
$stmt->bindParam(':sender_id', $this->sender_id);
$stmt->bindParam(':receiver_id', $this->receiver_id);
$stmt->bindParam(':enc_keys', $enc_keys);
$stmt->bindParam(':keys_iv', $encoded_keys_iv);
$stmt->bindParam(':message_iv', $encoded_message_iv);
$stmt->execute();
$this->id = $dbh->lastInsertId();
}
public function delete() {
$dbh = Database::connect();
$stmt = $dbh->prepare("DELETE FROM messages WHERE id=:id");
$stmt->bindParam(':id', $this->id);
$stmt->execute();
}
public static function all() {
$dbh = Database::connect();
$stmt = $dbh->prepare("SELECT * from messages");
$stmt->execute();
$messages = array_map(function ($row) {
$m = new SecureMessage;
$keys_iv = base64_decode($row['keys_iv']);
$message_iv = base64_decode($row['message_iv']);
/* Decrypt to get the keys */
$keys = openssl_decrypt($row['enc_keys'], Config::encr_algo, Config::secret_key, 0, $keys_iv);
$integrity_key = substr($keys, 0, strlen($keys) / 2);
$message_key = substr($keys, strlen($keys) / 2);
/* Decrypt and extract the message and hash */
$decrypted = openssl_decrypt($row['message'], Config::encr_algo, $message_key, 0, $message_iv);
$message = substr($decrypted, 0, strlen($decrypted) - 64);
$message_hash = substr($decrypted, strlen($decrypted) - 64);
/* Verify integrity of message */
if (hash_hmac(Config::hash_algo, $message, $integrity_key) != $message_hash) {
return null;
}
$m->id = $row['id'];
$m->message = $message;
$m->sender_id = $row['sender_id'];
$m->receiver_id = $row['receiver_id'];
return $m;
}, $stmt->fetchAll());
/* Filter out bad messages */
return array_filter($messages, function ($m) {
return $m != null;
});
}
public static function all_from($user_id) {
$messages = SecureMessage::all();
return array_filter($messages, function ($m) use ($user_id) {
return $m->sender_id == $user_id;
});
}
public static function all_to($user_id) {
$messages = SecureMessage::all();
return array_filter($messages, function ($m) use ($user_id) {
return $m->receiver_id == $user_id;
});
}
public static function all_for($user_id) {
$messages = SecureMessage::all();
return array_filter($messages, function ($m) use ($user_id) {
return $m->sender_id == $user_id || $m->receiver_id = $user_id;
});
}
public function sender() {
return User::getByID($this->sender_id);
}
public function receiver() {
return User::getByID($this->receiver_id);
}
}
?>

0 comments on commit 074d136

Please sign in to comment.
You can’t perform that action at this time.