diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2024-02-09 18:38:24 +0100 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2024-02-09 18:38:24 +0100 |
| commit | 1cedacf229f1294fea53b494765c47559d8a3e86 (patch) | |
| tree | b12704e16c6b11f8069a52e18b692e270be860a3 | |
| parent | 1418a776f1a5512577c7584cf220836501c58db0 (diff) | |
| download | dokuwiki-1cedacf229f1294fea53b494765c47559d8a3e86.tar.gz dokuwiki-1cedacf229f1294fea53b494765c47559d8a3e86.zip | |
gracefully handle decryption errors
This should fix #4198
| -rw-r--r-- | inc/auth.php | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/inc/auth.php b/inc/auth.php index 0821e59cb..eb0224991 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -10,6 +10,7 @@ * @author Andreas Gohr <andi@splitbrain.org> */ +use dokuwiki\ErrorHandler; use dokuwiki\JWT; use dokuwiki\Utf8\PhpString; use dokuwiki\Extension\AuthPlugin; @@ -19,6 +20,7 @@ use dokuwiki\PassHash; use dokuwiki\Subscriptions\RegistrationSubscriptionSender; use phpseclib3\Crypt\AES; use phpseclib3\Crypt\Common\SymmetricKey; +use phpseclib3\Exception\BadDecryptionException; /** * Initialize the auth system. @@ -455,7 +457,7 @@ function auth_encrypt($data, $secret) * * @param string $ciphertext The encrypted data * @param string $secret The secret/password that shall be used - * @return string The decrypted data + * @return string|null The decrypted data */ function auth_decrypt($ciphertext, $secret) { @@ -464,7 +466,12 @@ function auth_decrypt($ciphertext, $secret) $cipher->setPassword($secret, 'pbkdf2', 'sha1', 'phpseclib'); $cipher->setIV($iv); - return $cipher->decrypt(substr($ciphertext, 16)); + try { + return $cipher->decrypt(substr($ciphertext, 16)); + } catch (BadDecryptionException $e) { + ErrorHandler::logException($e); + return null; + } } /** |