OribiTech/WordpressGitSync
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b01e7e0e88049512c8969ed237bc2bf7a07ad629
WordpressGitSync/includes/crypto.php
Matt Batchelder f17b9ccb98 Add Oribi Sync plugin for syncing WordPress pages and theme files from a Git repository 
- Implement encryption helpers for storing and retrieving the Personal Access Token (PAT).
- Create REST API endpoints for triggering sync, checking sync status, and handling webhooks.
- Develop the sync engine to fetch pages from the Git repository, create/update WordPress pages, and trash removed pages.
- Add functionality for previewing and applying theme files from the repository.
- Set up plugin activation and deactivation hooks to manage default options and scheduled tasks.
- Implement uninstall routine to clean up plugin options and metadata from posts.
2026-02-19 16:05:43 -05:00

71 lines
1.9 KiB
PHP
Raw Blame History

<?php
/**
* Oribi Sync — Encryption helpers for PAT storage.
*
* Uses AES-256-CBC with a key derived from AUTH_SALT.
* The stored value is base64( IV . ciphertext ).
*/
if ( ! defined( 'ABSPATH' ) ) exit;
/**
* Derive a 32-byte encryption key from WP salts.
*/
function oribi_sync_encryption_key(): string {
$salt = defined( 'AUTH_SALT' ) ? AUTH_SALT : 'oribi-sync-default-salt';
return hash( 'sha256', $salt, true ); // 32 bytes
}
/**
* Encrypt a plaintext string.
*/
function oribi_sync_encrypt( string $plaintext ): string {
$method = 'aes-256-cbc';
$key = oribi_sync_encryption_key();
$iv = openssl_random_pseudo_bytes( openssl_cipher_iv_length( $method ) );
$cipher = openssl_encrypt( $plaintext, $method, $key, OPENSSL_RAW_DATA, $iv );
if ( $cipher === false ) {
return '';
}
return base64_encode( $iv . $cipher );
}
/**
* Decrypt a stored value back to plaintext.
*/
function oribi_sync_decrypt( string $stored ): string {
if ( empty( $stored ) ) return '';
$method = 'aes-256-cbc';
$key = oribi_sync_encryption_key();
$raw = base64_decode( $stored, true );
if ( $raw === false ) return '';
$iv_len = openssl_cipher_iv_length( $method );
if ( strlen( $raw ) < $iv_len ) return '';
$iv = substr( $raw, 0, $iv_len );
$cipher = substr( $raw, $iv_len );
$result = openssl_decrypt( $cipher, $method, $key, OPENSSL_RAW_DATA, $iv );
return $result !== false ? $result : '';
}
/**
* Save the PAT (encrypted, non-autoload).
*/
function oribi_sync_save_pat( string $plaintext_pat ): bool {
$encrypted = oribi_sync_encrypt( $plaintext_pat );
return update_option( 'oribi_sync_pat', $encrypted, 'no' );
}
/**
* Retrieve the decrypted PAT.
*/
function oribi_sync_get_pat(): string {
$stored = get_option( 'oribi_sync_pat', '' );
return oribi_sync_decrypt( $stored );
}
Reference in New Issue View Git Blame Copy Permalink