/includes/qcodo/_core/framework/QCryptography.class.php

https://github.com/quinta/qcodo · PHP · 189 lines · 104 code · 32 blank · 53 comment · 22 complexity · ecaa0da5e9cccb345a704308e446a792 MD5 · raw file 

    

  1. <?php
    2. 

  2. 	// Requires libmcrypt v2.4.x or higher
    3. 

  3. 

  4. 	class QCryptographyException extends QCallerException {}
    5. 

  5. 

  6. 	class QCryptography extends QBaseClass {
    7. 

  7. 		protected $objMcryptModule;
    8. 

  8. 		protected $blnBase64;
    9. 

  9. 		
    10. 

  10. 		protected $strKey;
    11. 

  11. 		protected $strIv;
    12. 

  12. 

  13. 		/**
    14. 

  14. 		 * Default Cipher for any new QCryptography instances that get constructed
    15. 

  15. 		 * @var string Cipher
    16. 

  16. 		 */
    17. 

  17. 		public static $Cipher = MCRYPT_TRIPLEDES;
    18. 

  18. 

  19. 		/**
    20. 

  20. 		 * Default Mode for any new QCryptography instances that get constructed
    21. 

  21. 		 * @var string Mode
    22. 

  22. 		 */
    23. 

  23. 		public static $Mode = MCRYPT_MODE_ECB;
    24. 

  24. 

  25. 		/**
    26. 

  26. 		 * The Random Number Generator the library uses to generate the IV:
    27. 

  27. 		 *  - MCRYPT_DEV_RANDOM = /dev/random (only on *nix systems)
    28. 

  28. 		 *  - MCRYPT_DEV_URANDOM = /dev/urandom (only on *nix systems)
    29. 

  29. 		 *  - MCRYPT_RAND = the internal PHP srand() mechanism
    30. 

  30. 		 * (on Windows, you *must* use MCRYPT_RAND, b/c /dev/random and /dev/urandom doesn't exist)
    31. 

  31. 		 * 
    32. 

  32. 		 * TODO: there appears to be some /dev/random locking issues on the Qcodo development
    33. 

  33. 		 * environment (using Fedora Core 3 with PHP 5.0.4 and LibMcrypt 2.5.7).  Because of this,
    34. 

  34. 		 * we are using MCRYPT_RAND be default.  Feel free to change to to /dev/*random at your own risk.
    35. 

  35. 		 * 
    36. 

  36. 		 * @var string RandomSource
    37. 

  37. 		 */
    38. 

  38. 		public static $RandomSource = MCRYPT_RAND;
    39. 

  39. 

  40. 		/**
    41. 

  41. 		 * Default Base64 mode for any new QCryptography instances that get constructed.
    42. 

  42. 		 * 
    43. 

  43. 		 * This is similar to MIME-based Base64 encoding/decoding, but is safe to use
    44. 

  44. 		 * in URLs, POST/GET data, and any other text-based stream.
    45. 

  45. 		 * 
    46. 

  46. 		 * Note that by setting Base64 to true, it will result in an encrypted data string
    47. 

  47. 		 * that is 33% larger.
    48. 

  48. 		 * @var string Base64
    49. 

  49. 		 */
    50. 

  50. 		public static $Base64 = true;
    51. 

  51. 

  52. 		/**
    53. 

  53. 		 * Default Key for any new QCryptography instances that get constructed
    54. 

  54. 		 * @var string Key
    55. 

  55. 		 */
    56. 

  56. 		public static $Key = "qc0Do!d3F@lT.k3Y";
    57. 

  57. 

  58. 		public function __construct($strKey = null, $blnBase64 = null, $strCipher = null, $strMode = null) {
    59. 

  59. 			// Get the Key
    60. 

  60. 			if (is_null($strKey))
    61. 

  61. 				$strKey = self::$Key;
    62. 

  62. 

  63. 			// Get the Base64 Flag
    64. 

  64. 			try {
    65. 

  65. 				if (is_null($blnBase64))
    66. 

  66. 					$this->blnBase64 = QType::Cast(self::$Base64, QType::Boolean);
    67. 

  67. 				else
    68. 

  68. 					$this->blnBase64 = QType::Cast($blnBase64, QType::Boolean);
    69. 

  69. 			} catch (QCallerException $objExc) {
    70. 

  70. 				$objExc->IncrementOffset();
    71. 

  71. 				throw $objExc;
    72. 

  72. 			}
    73. 

  73. 

  74. 			// Get the Cipher
    75. 

  75. 			if (is_null($strCipher))
    76. 

  76. 				$strCipher = self::$Cipher;
    77. 

  77. 

  78. 			// Get the Mode
    79. 

  79. 			if (is_null($strMode))
    80. 

  80. 				$strMode = self::$Mode;
    81. 

  81. 

  82. 			$this->objMcryptModule = mcrypt_module_open($strCipher, null, $strMode, null);
    83. 

  83. 			if (!$this->objMcryptModule)
    84. 

  84. 				throw new QCryptographyException('Unable to open LibMcrypt Module');
    85. 

  85. 

  86. 			// Determine IV Size
    87. 

  87. 			$intIvSize = mcrypt_enc_get_iv_size($this->objMcryptModule);
    88. 

  88. 

  89. 			// Create the IV
    90. 

  90. 			if (self::$RandomSource != MCRYPT_RAND) {
    91. 

  91. 				// Ignore All Warnings
    92. 

  92. 				$strIv = @mcrypt_create_iv($intIvSize, self::$RandomSource);
    93. 

  93. 

  94. 				// If the RandomNumGenerator didn't work, we revert back to using MCRYPT_RAND
    95. 

  95. 				if (strlen($strIv) != $intIvSize) {
    96. 

  96. 					srand();
    97. 

  97. 					$strIv = mcrypt_create_iv($intIvSize, MCRYPT_RAND);
    98. 

  98. 				}
    99. 

  99. 			} else {
    100. 

  100. 				srand();
    101. 

  101. 				$strIv = mcrypt_create_iv($intIvSize, MCRYPT_RAND);				
    102. 

  102. 			}
    103. 

  103. 

  104. 			$this->strIv = $strIv;
    105. 

  105. 

  106. 			// Determine KeySize length
    107. 

  107. 			$intKeySize = mcrypt_enc_get_key_size($this->objMcryptModule);
    108. 

  108. 

  109. 			// Create the Key Based on Key Passed In
    110. 

  110. 			$this->strKey = substr(md5($strKey), 0, $intKeySize);
    111. 

  111. 		}
    112. 

  112. 

  113. 		public function Encrypt($strData) {
    114. 

  114. 			// Initialize Encryption
    115. 

  115. 			$intReturnValue = mcrypt_generic_init($this->objMcryptModule, $this->strKey, $this->strIv);
    116. 

  116. 			if (($intReturnValue === false) || ($intReturnValue < 0))
    117. 

  117. 				throw new QCryptographyException('Incorrect Parameters used in LibMcrypt Initialization');
    118. 

  118. 			// Add Length to strData
    119. 

  119. 			$strData = strlen($strData) . '/' . $strData;
    120. 

  120. 

  121. 			$strEncryptedData =  mcrypt_generic($this->objMcryptModule, $strData);
    122. 

  122. 			if ($this->blnBase64) {
    123. 

  123. 				$strEncryptedData = base64_encode($strEncryptedData);
    124. 

  124. 				$strEncryptedData = str_replace('+', '-', $strEncryptedData);
    125. 

  125. 				$strEncryptedData = str_replace('/', '_', $strEncryptedData);
    126. 

  126. 				$strEncryptedData = str_replace('=', '', $strEncryptedData);
    127. 

  127. 			}
    128. 

  128. 

  129. 

  130. 			// Deinitialize Encryption
    131. 

  131. 			if (!mcrypt_generic_deinit($this->objMcryptModule))
    132. 

  132. 				throw new QCryptographyException('Unable to deinitialize encryption buffer');
    133. 

  133. 

  134. 			return $strEncryptedData;
    135. 

  135. 		}
    136. 

  136. 

  137. 		public function Decrypt($strEncryptedData) {
    138. 

  138. 			// Initialize Encryption
    139. 

  139. 			$intReturnValue = mcrypt_generic_init($this->objMcryptModule, $this->strKey, $this->strIv);
    140. 

  140. 			if (($intReturnValue === false) || ($intReturnValue < 0))
    141. 

  141. 				throw new QCryptographyException('Incorrect Parameters used in LibMcrypt Initialization');
    142. 

  142. 

  143. 			if ($this->blnBase64) {
    144. 

  144. 				$strEncryptedData = str_replace('_', '/', $strEncryptedData);
    145. 

  145. 				$strEncryptedData = str_replace('-', '+', $strEncryptedData);
    146. 

  146. 				$strEncryptedData = base64_decode($strEncryptedData);
    147. 

  147. 			}
    148. 

  148. 			$intBlockSize = mcrypt_enc_get_block_size($this->objMcryptModule);
    149. 

  149. 			$strDecryptedData = mdecrypt_generic($this->objMcryptModule, $strEncryptedData);
    150. 

  150. 

  151. 			// Figure Out Length and Truncate
    152. 

  152. 			$intPosition = strpos($strDecryptedData, '/');
    153. 

  153. 			if (!$intPosition)
    154. 

  154. 				throw new QCryptographyException('Invalid Length Header in Decrypted Data');
    155. 

  155. 			$intLength = substr($strDecryptedData, 0, $intPosition);
    156. 

  156. 			$strDecryptedData = substr($strDecryptedData, $intPosition + 1);			
    157. 

  157. 			$strDecryptedData = substr($strDecryptedData, 0, $intLength);
    158. 

  158. 

  159. 			// Deinitialize Encryption
    160. 

  160. 			if (!mcrypt_generic_deinit($this->objMcryptModule))
    161. 

  161. 				throw new QCryptographyException('Unable to deinitialize encryption buffer');
    162. 

  162. 

  163. 			return $strDecryptedData;
    164. 

  164. 		}
    165. 

  165. 

  166. 		public function EncryptFile($strFile) {
    167. 

  167. 			if (file_exists($strFile)) {
    168. 

  168. 				$strData = file_get_contents($strFile);
    169. 

  169. 				return $this->Encrypt($strData);
    170. 

  170. 			} else
    171. 

  171. 				throw new QCallerException('File does not exist: ' . $strFile);
    172. 

  172. 		}
    173. 

  173. 

  174. 		public function DecryptFile($strFile) {
    175. 

  175. 			if (file_exists($strFile)) {
    176. 

  176. 				$strEncryptedData = file_get_contents($strFile);
    177. 

  177. 				return $this->Decrypt($strEncryptedData);
    178. 

  178. 			} else
    179. 

  179. 				throw new QCallerException('File does not exist: ' . $strFile);
    180. 

  180. 		}
    181. 

  181. 

  182. 		public function __destruct() {
    183. 

  183. 			if ($this->objMcryptModule) {
    184. 

  184. 				// Ignore All Warnings
    185. 

  185. 				@mcrypt_module_close($this->objMcryptModule);
    186. 

  186. 			}
    187. 

  187. 		}
    188. 

  188. 	}
    189. 

  189. ?>
    190.