diff --git a/src/Illuminate/Contracts/Encryption/Encrypter.php b/src/Illuminate/Contracts/Encryption/Encrypter.php index 004dfe9a9416..11e0b45a2de7 100644 --- a/src/Illuminate/Contracts/Encryption/Encrypter.php +++ b/src/Illuminate/Contracts/Encryption/Encrypter.php @@ -8,15 +8,17 @@ interface Encrypter * Encrypt the given value. * * @param string $value + * @param bool $serialize * @return string */ - public function encrypt($value); + public function encrypt($value, $serialize = true); /** * Decrypt the given value. * * @param string $payload + * @param bool $unserialize * @return string */ - public function decrypt($payload); + public function decrypt($payload, $unserialize = true); } diff --git a/src/Illuminate/Encryption/Encrypter.php b/src/Illuminate/Encryption/Encrypter.php index 2e747733a221..f7256c7d01c9 100755 --- a/src/Illuminate/Encryption/Encrypter.php +++ b/src/Illuminate/Encryption/Encrypter.php @@ -63,11 +63,12 @@ public static function supported($key, $cipher) * Encrypt the given value. * * @param mixed $value + * @param bool $serialize * @return string * * @throws \Illuminate\Contracts\Encryption\EncryptException */ - public function encrypt($value) + public function encrypt($value, $serialize = true) { $iv = random_bytes(16); @@ -75,7 +76,8 @@ public function encrypt($value) // will proceed to calculating a MAC for the encrypted value so that this // value can be verified later as not having been changed by the users. $value = \openssl_encrypt( - serialize($value), $this->cipher, $this->key, 0, $iv + $serialize ? serialize($value) : $value, + $this->cipher, $this->key, 0, $iv ); if ($value === false) { @@ -96,15 +98,27 @@ public function encrypt($value) return base64_encode($json); } + /** + * Encrypt a string without serialization. + * + * @param string $value + * @return string + */ + public function encryptString($value) + { + return $this->encrypt($value, false); + } + /** * Decrypt the given value. * * @param mixed $payload + * @param bool $unserialize * @return string * * @throws \Illuminate\Contracts\Encryption\DecryptException */ - public function decrypt($payload) + public function decrypt($payload, $unserialize = true) { $payload = $this->getJsonPayload($payload); @@ -121,7 +135,18 @@ public function decrypt($payload) throw new DecryptException('Could not decrypt the data.'); } - return unserialize($decrypted); + return $unserialize ? unserialize($decrypted) : $decrypted; + } + + /** + * Decrypt the given string without unserialization. + * + * @param string $payload + * @return string + */ + public function decryptString($payload) + { + return $this->decrypt($payload, false); } /** diff --git a/tests/Encryption/EncrypterTest.php b/tests/Encryption/EncrypterTest.php index 68e0680daf30..3f598c0c0c72 100755 --- a/tests/Encryption/EncrypterTest.php +++ b/tests/Encryption/EncrypterTest.php @@ -13,6 +13,14 @@ public function testEncryption() $this->assertEquals('foo', $e->decrypt($encrypted)); } + public function testRawStringEncryption() + { + $e = new Encrypter(str_repeat('a', 16)); + $encrypted = $e->encryptString('foo'); + $this->assertNotEquals('foo', $encrypted); + $this->assertEquals('foo', $e->decryptString($encrypted)); + } + public function testEncryptionUsingBase64EncodedKey() { $e = new Encrypter(random_bytes(16));