/tanora.org/www/framework/library/encryption.php
PHP | 165 lines | 98 code | 20 blank | 47 comment | 17 complexity | 423b7d21c893c64759209f5839a08005 MD5 | raw file
Possible License(s): GPL-2.0, BSD-3-Clause
- <?php
- /**
- * This class is intended to provide robust solutions for encrypting
- * and decrypting data.
- */
- class Encryption {
-
- /**
- * Encrypts data with the given data, key, cipher, and mode.
- */
- public static function encrypt($data, $key = NULL, $cipher = NULL, $mode = NULL) {
-
- if(is_null($key)) {
- $key = Framework::config('encryption', 'key');
- }
- if(is_null($cipher)) {
- $cipher = Framework::config('encryption', 'cipher');
- }
- if(is_null($mode)) {
- $mode = Framework::config('encryption', 'mode');
- }
-
- if(extension_loaded('mcrypt') !== FALSE) {
- $iv = self::_create_iv($cipher, $mode);
- $data = self::_pad($data, $cipher, $mode);
- return base64_encode(mcrypt_encrypt($cipher, $key, $data, $mode, $iv));
- } else {
- Framework::warn('Mcrypt extension is not loaded. Be warned: your data is not encrypted.');
- return $data;
- }
-
- }
-
- /**
- * Decrypts a string with the given string, key, cipher, and mode.
- */
- public static function decrypt($string, $key = NULL, $cipher = NULL, $mode = NULL) {
-
- if(is_null($key)) {
- $key = Framework::config('encryption', 'key');
- }
- if(is_null($cipher)) {
- $cipher = Framework::config('encryption', 'cipher');
- }
- if(is_null($mode)) {
- $mode = Framework::config('encryption', 'mode');
- }
-
- if(extension_loaded('mcrypt') !== FALSE) {
- $iv = self::_get_iv($cipher, $mode, $string);
- $data = mcrypt_decrypt($cipher, $key, base64_decode($string), $mode, $iv);
- return self::_unpad($data, $cipher, $mode);
- } else {
- Framework::warn('Mcrypt extension is not loaded. Be warned: your data is not encrypted.');
- return $string;
- }
-
- }
-
- /**
- * Returns a blowfish encrypted string.
- * @param string a string to encrpyt
- * @param cost base-2 logarithm of the iteration count
- * @param entropy 22 random alphanumeric characters
- */
- static public function blowfish($string, $cost = 10, $entropy = NULL) {
- $salt = '$2a$';
- // Security fix from 5.3.7 and up
- if(PHP_VERSION_ID >= 50307) {
- $salt = '$2y$';
- }
- // Base-2 logarithm of the iteration count.
- $salt .= $cost . '$';
- // 22 random digits "./0-9A-Za-z"
- if(is_null($entropy)) {
- $salt .= self::_keygen(22);
- } else {
- $salt .= $entropy;
- }
- return crypt($string, $salt);
- }
-
- /**
- * Compares a string encrypted with crypt() against an un-encrypted
- * string. Parameters can be in either order.
- * @param source an encrypted string
- * @param target an unencrypted string to compare
- */
- static public function crypt_compare($source, $target) {
- $attempt = crypt($target, $source) == $source;
- if($attempt === TRUE) {
- return TRUE;
- }
- $attempt = crypt($source, $target) == $target;
- if($attempt === TRUE) {
- return TRUE;
- }
- return FALSE;
- }
-
- /**
- * Creates additional padding.
- */
- private static function _pad($data, $cipher, $mode) {
- $block_size = self::_get_block_size($cipher, $mode);
- $pad_size = $block_size - (strlen($data) % $block_size);
- return $data . str_repeat(chr($pad_size), $pad_size);
- }
-
- /**
- * Removes additional padding.
- */
- private static function _unpad($data, $cipher, $mode) {
- $length = strlen($data);
- $pad_size = ord($data[$length - 1]);
- return substr($data, 0, -$pad_size);
- }
-
- /**
- * Gets the block size for the given cipher and mode.
- */
- private static function _get_block_size($cipher, $mode) {
- return mcrypt_get_block_size($cipher, $mode);
- }
-
- /**
- * Generates an initialization vector for the given cipher and
- * mode.
- */
- private static function _create_iv($cipher, $mode) {
- $iv_size = mcrypt_get_iv_size($cipher, $mode);
- return mcrypt_create_iv($iv_size, MCRYPT_RAND);
- }
-
- /**
- * Gets an initialization vector from an encrypted string.
- */
- private static function _get_iv($cipher, $mode, $string) {
- $iv_size = mcrypt_get_iv_size($cipher, $mode);
- return substr($string, 0, $iv_size);
- }
-
- /**
- * Returns a unique string of random alphanumeric characters.
- * @param length the length of the key
- */
- private static function _keygen($length = 32) {
- $seed = '';
- $hash = '';
- // Make the hash long enough.
- while(strlen($hash) < $length) {
- // Require the seed to be at least equal to the length in order to get a more unique hash.
- while(strlen($seed) < $length) {
- $seed .= uniqid((string) microtime().rand(), true);
- }
- $hash .= hash('sha256', $seed);
- }
- return substr($hash,0,$length);
- }
-
- }
- ?>