Describe the bug
The library fails to process data encrypted by a cipher that utilizes a NullEncoder, which is then decorated with a TagAwareCipher, specifically when the encrypted data contains special characters such as newline (\n).
The issue arises in the regex-based mechanism that matches and extracts encrypted data encapsulated within <ENC> and </ENC> tags.
Steps to Reproduce
The issue can be replicated with the following steps:
-
Initialize an instance of AdvancedEncryptionStandardCipher with a NullEncoder, which returns data that may include special characters:
$cipher = new AdvancedEncryptionStandardCipher('256-BIT-KEY', new NullEncoder());
-
Decorate the initialized cipher with TagAwareCipher to enable tag-based encapsulation:
$cipher = new TagAwareCipher($cipher);
-
Use ObjectEncryptionService with the TagAwareCipher to encrypt data, ensuring the encrypted string contains special characters, such as \n:
$encryptionService = new ObjectEncryptionService($cipher, $reader);
-
Attempt to decrypt or extract the encrypted content, observing the failure due to incorrect regex handling.
Expected behavior
The library should correctly handle encrypted data containing special characters, including \n, when encapsulating and extracting content within <ENC> and </ENC> tags.
Environment:
- SecureProps version:
1.2.*
- PHP version:
8.0
Actual Output / Stack Trace
When attempting to decrypt content that includes special characters, such as newline characters (\n), within the encrypted data encapsulated by <ENC> and </ENC> tags, the actual output is the encrypted string itself, rather than the expected decrypted content.
This indicates that the decryption process is erroneously bypassed or fails due to the regex pattern's inability to properly match and extract the content for decryption. The original encrypted string is returned instead of the decrypted data.
Describe the bug
The library fails to process data encrypted by a cipher that utilizes a
NullEncoder,which is then decorated with aTagAwareCipher,specifically when the encrypted data contains special characters such as newline (\n).The issue arises in the regex-based mechanism that matches and extracts encrypted data encapsulated within
<ENC>and</ENC>tags.Steps to Reproduce
The issue can be replicated with the following steps:
Initialize an instance of
AdvancedEncryptionStandardCipherwith aNullEncoder, which returns data that may include special characters:Decorate the initialized cipher with
TagAwareCipherto enable tag-based encapsulation:Use
ObjectEncryptionServicewith theTagAwareCipherto encrypt data, ensuring the encrypted string contains special characters, such as\n:Attempt to decrypt or extract the encrypted content, observing the failure due to incorrect regex handling.
Expected behavior
The library should correctly handle encrypted data containing special characters, including
\n, when encapsulating and extracting content within<ENC>and</ENC>tags.Environment:
1.2.*8.0Actual Output / Stack Trace
When attempting to decrypt content that includes special characters, such as newline characters (
\n), within the encrypted data encapsulated by<ENC>and</ENC>tags, the actual output is the encrypted string itself, rather than the expected decrypted content.This indicates that the decryption process is erroneously bypassed or fails due to the regex pattern's inability to properly match and extract the content for decryption. The original encrypted string is returned instead of the decrypted data.