Home Verkennen Help
Inloggen
tum
/
whitesports
Volgen 1
Ster 0
Vork 0
Code Kwesties 0 Pull-aanvragen 0 Commits 9 Publicaties 0 Wiki

Geen omschrijving

Boom: 92ae4370cd
Aftakkingen Labels
whitesports
/
app
/
wp-content
/
plugins
/
easy-wp-smtp
/
inc
/
Cryptor.php

Cryptor.php 5.8KB
Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174 
  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * Simple example of using the openssl encrypt/decrypt functions that
    5. 

  5.  * are inadequately documented in the PHP manual.
    6. 

  6.  *
    7. 

  7.  * Available under the MIT License
    8. 

  8.  *
    9. 

  9.  * The MIT License (MIT)
    10. 

  10.  * Copyright (c) 2016 ionCube Ltd.
    11. 

  11.  *
    12. 

  12.  * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
    13. 

  13.  * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the
    14. 

  14.  * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
    15. 

  15.  * permit persons to whom the Software is furnished to do so, subject to the following conditions:
    16. 

  16.  *
    17. 

  17.  * The above copyright notice and this permission notice shall be included in all copies or substantial portions of
    18. 

  18.  * the Software.
    19. 

  19.  *
    20. 

  20.  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO
    21. 

  21.  * THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS
    22. 

  22.  * OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT
    23. 

  23.  * OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
    24. 

  24.  */
    25. 

  25. 

  26. namespace ioncube\phpOpensslCryptor;
    27. 

  27. 

  28. class Cryptor {
    29. 

  29. 

  30.     private $cipher_algo;
    31. 

  31.     private $hash_algo;
    32. 

  32.     private $iv_num_bytes;
    33. 

  33.     private $format;
    34. 

  34. 

  35.     const FORMAT_RAW	 = 0;
    36. 

  36.     const FORMAT_B64	 = 1;
    37. 

  37.     const FORMAT_HEX	 = 2;
    38. 

  38. 

  39.     /**
    40. 

  40.      * Construct a Cryptor, using aes256 encryption, sha256 key hashing and base64 encoding.
    41. 

  41.      * @param string $cipher_algo The cipher algorithm.
    42. 

  42.      * @param string $hash_algo   Key hashing algorithm.
    43. 

  43.      * @param [type] $fmt         Format of the encrypted data.
    44. 

  44.      */
    45. 

  45.     public function __construct( $cipher_algo = 'aes-256-ctr', $hash_algo = 'sha256', $fmt = Cryptor::FORMAT_B64 ) {
    46. 

  46. 	$this->cipher_algo	 = $cipher_algo;
    47. 

  47. 	$this->hash_algo	 = $hash_algo;
    48. 

  48. 	$this->format		 = $fmt;
    49. 

  49. 

  50. 	if ( ! in_array( $cipher_algo, openssl_get_cipher_methods( true ) ) ) {
    51. 

  51. 	    throw new \Exception( "Cryptor:: - unknown cipher algo {$cipher_algo}" );
    52. 

  52. 	}
    53. 

  53. 

  54. 	if ( ! in_array( $hash_algo, openssl_get_md_methods( true ) ) ) {
    55. 

  55. 	    throw new \Exception( "Cryptor:: - unknown hash algo {$hash_algo}" );
    56. 

  56. 	}
    57. 

  57. 

  58. 	$this->iv_num_bytes = openssl_cipher_iv_length( $cipher_algo );
    59. 

  59.     }
    60. 

  60. 

  61.     /**
    62. 

  62.      * Encrypt a string.
    63. 

  63.      * @param  string $in  String to encrypt.
    64. 

  64.      * @param  string $key Encryption key.
    65. 

  65.      * @param  int $fmt Optional override for the output encoding. One of FORMAT_RAW, FORMAT_B64 or FORMAT_HEX.
    66. 

  66.      * @return string      The encrypted string.
    67. 

  67.      */
    68. 

  68.     public function encryptString( $in, $key, $fmt = null ) {
    69. 

  69. 	if ( $fmt === null ) {
    70. 

  70. 	    $fmt = $this->format;
    71. 

  71. 	}
    72. 

  72. 

  73. 	// Build an initialisation vector
    74. 

  74. 	$iv = openssl_random_pseudo_bytes( $this->iv_num_bytes, $isStrongCrypto );
    75. 

  75. 	if ( ! $isStrongCrypto ) {
    76. 

  76. 	    throw new \Exception( "Cryptor::encryptString() - Not a strong key" );
    77. 

  77. 	}
    78. 

  78. 

  79. 	// Hash the key
    80. 

  80. 	$keyhash = openssl_digest( $key, $this->hash_algo, true );
    81. 

  81. 

  82. 	// and encrypt
    83. 

  83. 	$opts		 = OPENSSL_RAW_DATA;
    84. 

  84. 	$encrypted	 = openssl_encrypt( $in, $this->cipher_algo, $keyhash, $opts, $iv );
    85. 

  85. 

  86. 	if ( $encrypted === false ) {
    87. 

  87. 	    throw new \Exception( 'Cryptor::encryptString() - Encryption failed: ' . openssl_error_string() );
    88. 

  88. 	}
    89. 

  89. 

  90. 	// The result comprises the IV and encrypted data
    91. 

  91. 	$res = $iv . $encrypted;
    92. 

  92. 

  93. 	// and format the result if required.
    94. 

  94. 	if ( $fmt == Cryptor::FORMAT_B64 ) {
    95. 

  95. 	    $res = base64_encode( $res );
    96. 

  96. 	} else if ( $fmt == Cryptor::FORMAT_HEX ) {
    97. 

  97. 	    $unp	 = unpack( 'H*', $res );
    98. 

  98. 	    $res	 = $unp[ 1 ];
    99. 

  99. 	}
    100. 

  100. 

  101. 	return $res;
    102. 

  102.     }
    103. 

  103. 

  104.     /**
    105. 

  105.      * Decrypt a string.
    106. 

  106.      * @param  string $in  String to decrypt.
    107. 

  107.      * @param  string $key Decryption key.
    108. 

  108.      * @param  int $fmt Optional override for the input encoding. One of FORMAT_RAW, FORMAT_B64 or FORMAT_HEX.
    109. 

  109.      * @return string      The decrypted string.
    110. 

  110.      */
    111. 

  111.     public function decryptString( $in, $key, $fmt = null ) {
    112. 

  112. 	if ( $fmt === null ) {
    113. 

  113. 	    $fmt = $this->format;
    114. 

  114. 	}
    115. 

  115. 

  116. 	$raw = $in;
    117. 

  117. 

  118. 	// Restore the encrypted data if encoded
    119. 

  119. 	if ( $fmt == Cryptor::FORMAT_B64 ) {
    120. 

  120. 	    $raw = base64_decode( $in );
    121. 

  121. 	} else if ( $fmt == Cryptor::FORMAT_HEX ) {
    122. 

  122. 	    $raw = pack( 'H*', $in );
    123. 

  123. 	}
    124. 

  124. 

  125. 	// and do an integrity check on the size.
    126. 

  126. 	if ( strlen( $raw ) < $this->iv_num_bytes ) {
    127. 

  127. 	    throw new \Exception( 'Cryptor::decryptString() - ' .
    128. 

  128. 	    'data length ' . strlen( $raw ) . " is less than iv length {$this->iv_num_bytes}" );
    129. 

  129. 	}
    130. 

  130. 

  131. 	// Extract the initialisation vector and encrypted data
    132. 

  132. 	$iv	 = substr( $raw, 0, $this->iv_num_bytes );
    133. 

  133. 	$raw	 = substr( $raw, $this->iv_num_bytes );
    134. 

  134. 

  135. 	// Hash the key
    136. 

  136. 	$keyhash = openssl_digest( $key, $this->hash_algo, true );
    137. 

  137. 

  138. 	// and decrypt.
    139. 

  139. 	$opts	 = OPENSSL_RAW_DATA;
    140. 

  140. 	$res	 = openssl_decrypt( $raw, $this->cipher_algo, $keyhash, $opts, $iv );
    141. 

  141. 

  142. 	if ( $res === false ) {
    143. 

  143. 	    throw new \Exception( 'Cryptor::decryptString - decryption failed: ' . openssl_error_string() );
    144. 

  144. 	}
    145. 

  145. 

  146. 	return $res;
    147. 

  147.     }
    148. 

  148. 

  149.     /**
    150. 

  150.      * Static convenience method for encrypting.
    151. 

  151.      * @param  string $in  String to encrypt.
    152. 

  152.      * @param  string $key Encryption key.
    153. 

  153.      * @param  int $fmt Optional override for the output encoding. One of FORMAT_RAW, FORMAT_B64 or FORMAT_HEX.
    154. 

  154.      * @return string      The encrypted string.
    155. 

  155.      */
    156. 

  156.     public static function Encrypt( $in, $key, $fmt = null ) {
    157. 

  157. 	$c = new Cryptor();
    158. 

  158. 	return $c->encryptString( $in, $key, $fmt );
    159. 

  159.     }
    160. 

  160. 

  161.     /**
    162. 

  162.      * Static convenience method for decrypting.
    163. 

  163.      * @param  string $in  String to decrypt.
    164. 

  164.      * @param  string $key Decryption key.
    165. 

  165.      * @param  int $fmt Optional override for the input encoding. One of FORMAT_RAW, FORMAT_B64 or FORMAT_HEX.
    166. 

  166.      * @return string      The decrypted string.
    167. 

  167.      */
    168. 

  168.     public static function Decrypt( $in, $key, $fmt = null ) {
    169. 

  169. 	$c = new Cryptor();
    170. 

  170. 	return $c->decryptString( $in, $key, $fmt );
    171. 

  171.     }
    172. 

  172. 

  173. }
    174. 

  174.