X-Git-Url: http://git.onelab.eu/?p=www-register-wizard.git;a=blobdiff_plain;f=libraries%2FEncrypt.php;h=95c758fb45ddac2366e5b3b6b42e18db9c671c4b;hp=035ce8f68fe92797eb2f8a8f7ece9f94e0ee2278;hb=47598daa8c32dbbd72db83dc33f2ce91b3f6f7b0;hpb=652223da644ffb9c9acbc04118a5c174fab10926 diff --git a/libraries/Encrypt.php b/libraries/Encrypt.php index 035ce8f..95c758f 100644 --- a/libraries/Encrypt.php +++ b/libraries/Encrypt.php @@ -1,484 +1,484 @@ -CI =& get_instance(); - $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; - log_message('debug', "Encrypt Class Initialized"); - } - - // -------------------------------------------------------------------- - - /** - * Fetch the encryption key - * - * Returns it as MD5 in order to have an exact-length 128 bit key. - * Mcrypt is sensitive to keys that are not the correct length - * - * @access public - * @param string - * @return string - */ - function get_key($key = '') - { - if ($key == '') - { - if ($this->encryption_key != '') - { - return $this->encryption_key; - } - - $CI =& get_instance(); - $key = $CI->config->item('encryption_key'); - - if ($key === FALSE) - { - show_error('In order to use the encryption class requires that you set an encryption key in your config file.'); - } - } - - return md5($key); - } - - // -------------------------------------------------------------------- - - /** - * Set the encryption key - * - * @access public - * @param string - * @return void - */ - function set_key($key = '') - { - $this->encryption_key = $key; - } - - // -------------------------------------------------------------------- - - /** - * Encode - * - * Encodes the message string using bitwise XOR encoding. - * The key is combined with a random hash, and then it - * too gets converted using XOR. The whole thing is then run - * through mcrypt (if supported) using the randomized key. - * The end result is a double-encrypted message string - * that is randomized with each call to this function, - * even if the supplied message and key are the same. - * - * @access public - * @param string the string to encode - * @param string the key - * @return string - */ - function encode($string, $key = '') - { - $key = $this->get_key($key); - $enc = $this->_xor_encode($string, $key); - - if ($this->_mcrypt_exists === TRUE) - { - $enc = $this->mcrypt_encode($enc, $key); - } - return base64_encode($enc); - } - - // -------------------------------------------------------------------- - - /** - * Decode - * - * Reverses the above process - * - * @access public - * @param string - * @param string - * @return string - */ - function decode($string, $key = '') - { - $key = $this->get_key($key); - - if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) - { - return FALSE; - } - - $dec = base64_decode($string); - - if ($this->_mcrypt_exists === TRUE) - { - if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) - { - return FALSE; - } - } - - return $this->_xor_decode($dec, $key); - } - - // -------------------------------------------------------------------- - - /** - * XOR Encode - * - * Takes a plain-text string and key as input and generates an - * encoded bit-string using XOR - * - * @access private - * @param string - * @param string - * @return string - */ - function _xor_encode($string, $key) - { - $rand = ''; - while (strlen($rand) < 32) - { - $rand .= mt_rand(0, mt_getrandmax()); - } - - $rand = $this->hash($rand); - - $enc = ''; - for ($i = 0; $i < strlen($string); $i++) - { - $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1)); - } - - return $this->_xor_merge($enc, $key); - } - - // -------------------------------------------------------------------- - - /** - * XOR Decode - * - * Takes an encoded string and key as input and generates the - * plain-text original message - * - * @access private - * @param string - * @param string - * @return string - */ - function _xor_decode($string, $key) - { - $string = $this->_xor_merge($string, $key); - - $dec = ''; - for ($i = 0; $i < strlen($string); $i++) - { - $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1)); - } - - return $dec; - } - - // -------------------------------------------------------------------- - - /** - * XOR key + string Combiner - * - * Takes a string and key as input and computes the difference using XOR - * - * @access private - * @param string - * @param string - * @return string - */ - function _xor_merge($string, $key) - { - $hash = $this->hash($key); - $str = ''; - for ($i = 0; $i < strlen($string); $i++) - { - $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1); - } - - return $str; - } - - // -------------------------------------------------------------------- - - /** - * Encrypt using Mcrypt - * - * @access public - * @param string - * @param string - * @return string - */ - function mcrypt_encode($data, $key) - { - $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); - $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); - return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key); - } - - // -------------------------------------------------------------------- - - /** - * Decrypt using Mcrypt - * - * @access public - * @param string - * @param string - * @return string - */ - function mcrypt_decode($data, $key) - { - $data = $this->_remove_cipher_noise($data, $key); - $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); - - if ($init_size > strlen($data)) - { - return FALSE; - } - - $init_vect = substr($data, 0, $init_size); - $data = substr($data, $init_size); - return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0"); - } - - // -------------------------------------------------------------------- - - /** - * Adds permuted noise to the IV + encrypted data to protect - * against Man-in-the-middle attacks on CBC mode ciphers - * http://www.ciphersbyritter.com/GLOSSARY.HTM#IV - * - * Function description - * - * @access private - * @param string - * @param string - * @return string - */ - function _add_cipher_noise($data, $key) - { - $keyhash = $this->hash($key); - $keylen = strlen($keyhash); - $str = ''; - - for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) - { - if ($j >= $keylen) - { - $j = 0; - } - - $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256); - } - - return $str; - } - - // -------------------------------------------------------------------- - - /** - * Removes permuted noise from the IV + encrypted data, reversing - * _add_cipher_noise() - * - * Function description - * - * @access public - * @param type - * @return type - */ - function _remove_cipher_noise($data, $key) - { - $keyhash = $this->hash($key); - $keylen = strlen($keyhash); - $str = ''; - - for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) - { - if ($j >= $keylen) - { - $j = 0; - } - - $temp = ord($data[$i]) - ord($keyhash[$j]); - - if ($temp < 0) - { - $temp = $temp + 256; - } - - $str .= chr($temp); - } - - return $str; - } - - // -------------------------------------------------------------------- - - /** - * Set the Mcrypt Cipher - * - * @access public - * @param constant - * @return string - */ - function set_cipher($cipher) - { - $this->_mcrypt_cipher = $cipher; - } - - // -------------------------------------------------------------------- - - /** - * Set the Mcrypt Mode - * - * @access public - * @param constant - * @return string - */ - function set_mode($mode) - { - $this->_mcrypt_mode = $mode; - } - - // -------------------------------------------------------------------- - - /** - * Get Mcrypt cipher Value - * - * @access private - * @return string - */ - function _get_cipher() - { - if ($this->_mcrypt_cipher == '') - { - $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; - } - - return $this->_mcrypt_cipher; - } - - // -------------------------------------------------------------------- - - /** - * Get Mcrypt Mode Value - * - * @access private - * @return string - */ - function _get_mode() - { - if ($this->_mcrypt_mode == '') - { - $this->_mcrypt_mode = MCRYPT_MODE_ECB; - } - - return $this->_mcrypt_mode; - } - - // -------------------------------------------------------------------- - - /** - * Set the Hash type - * - * @access public - * @param string - * @return string - */ - function set_hash($type = 'sha1') - { - $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type; - } - - // -------------------------------------------------------------------- - - /** - * Hash encode a string - * - * @access public - * @param string - * @return string - */ - function hash($str) - { - return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str); - } - - // -------------------------------------------------------------------- - - /** - * Generate an SHA1 Hash - * - * @access public - * @param string - * @return string - */ - function sha1($str) - { - if ( ! function_exists('sha1')) - { - if ( ! function_exists('mhash')) - { - require_once(BASEPATH.'libraries/Sha1'.EXT); - $SH = new CI_SHA; - return $SH->generate($str); - } - else - { - return bin2hex(mhash(MHASH_SHA1, $str)); - } - } - else - { - return sha1($str); - } - } - -} - -// END CI_Encrypt class - -/* End of file Encrypt.php */ +CI =& get_instance(); + $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; + log_message('debug', "Encrypt Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Fetch the encryption key + * + * Returns it as MD5 in order to have an exact-length 128 bit key. + * Mcrypt is sensitive to keys that are not the correct length + * + * @access public + * @param string + * @return string + */ + function get_key($key = '') + { + if ($key == '') + { + if ($this->encryption_key != '') + { + return $this->encryption_key; + } + + $CI =& get_instance(); + $key = $CI->config->item('encryption_key'); + + if ($key === FALSE) + { + show_error('In order to use the encryption class requires that you set an encryption key in your config file.'); + } + } + + return md5($key); + } + + // -------------------------------------------------------------------- + + /** + * Set the encryption key + * + * @access public + * @param string + * @return void + */ + function set_key($key = '') + { + $this->encryption_key = $key; + } + + // -------------------------------------------------------------------- + + /** + * Encode + * + * Encodes the message string using bitwise XOR encoding. + * The key is combined with a random hash, and then it + * too gets converted using XOR. The whole thing is then run + * through mcrypt (if supported) using the randomized key. + * The end result is a double-encrypted message string + * that is randomized with each call to this function, + * even if the supplied message and key are the same. + * + * @access public + * @param string the string to encode + * @param string the key + * @return string + */ + function encode($string, $key = '') + { + $key = $this->get_key($key); + $enc = $this->_xor_encode($string, $key); + + if ($this->_mcrypt_exists === TRUE) + { + $enc = $this->mcrypt_encode($enc, $key); + } + return base64_encode($enc); + } + + // -------------------------------------------------------------------- + + /** + * Decode + * + * Reverses the above process + * + * @access public + * @param string + * @param string + * @return string + */ + function decode($string, $key = '') + { + $key = $this->get_key($key); + + if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) + { + return FALSE; + } + + $dec = base64_decode($string); + + if ($this->_mcrypt_exists === TRUE) + { + if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) + { + return FALSE; + } + } + + return $this->_xor_decode($dec, $key); + } + + // -------------------------------------------------------------------- + + /** + * XOR Encode + * + * Takes a plain-text string and key as input and generates an + * encoded bit-string using XOR + * + * @access private + * @param string + * @param string + * @return string + */ + function _xor_encode($string, $key) + { + $rand = ''; + while (strlen($rand) < 32) + { + $rand .= mt_rand(0, mt_getrandmax()); + } + + $rand = $this->hash($rand); + + $enc = ''; + for ($i = 0; $i < strlen($string); $i++) + { + $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1)); + } + + return $this->_xor_merge($enc, $key); + } + + // -------------------------------------------------------------------- + + /** + * XOR Decode + * + * Takes an encoded string and key as input and generates the + * plain-text original message + * + * @access private + * @param string + * @param string + * @return string + */ + function _xor_decode($string, $key) + { + $string = $this->_xor_merge($string, $key); + + $dec = ''; + for ($i = 0; $i < strlen($string); $i++) + { + $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1)); + } + + return $dec; + } + + // -------------------------------------------------------------------- + + /** + * XOR key + string Combiner + * + * Takes a string and key as input and computes the difference using XOR + * + * @access private + * @param string + * @param string + * @return string + */ + function _xor_merge($string, $key) + { + $hash = $this->hash($key); + $str = ''; + for ($i = 0; $i < strlen($string); $i++) + { + $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Encrypt using Mcrypt + * + * @access public + * @param string + * @param string + * @return string + */ + function mcrypt_encode($data, $key) + { + $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); + $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); + return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key); + } + + // -------------------------------------------------------------------- + + /** + * Decrypt using Mcrypt + * + * @access public + * @param string + * @param string + * @return string + */ + function mcrypt_decode($data, $key) + { + $data = $this->_remove_cipher_noise($data, $key); + $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); + + if ($init_size > strlen($data)) + { + return FALSE; + } + + $init_vect = substr($data, 0, $init_size); + $data = substr($data, $init_size); + return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0"); + } + + // -------------------------------------------------------------------- + + /** + * Adds permuted noise to the IV + encrypted data to protect + * against Man-in-the-middle attacks on CBC mode ciphers + * http://www.ciphersbyritter.com/GLOSSARY.HTM#IV + * + * Function description + * + * @access private + * @param string + * @param string + * @return string + */ + function _add_cipher_noise($data, $key) + { + $keyhash = $this->hash($key); + $keylen = strlen($keyhash); + $str = ''; + + for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + { + if ($j >= $keylen) + { + $j = 0; + } + + $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Removes permuted noise from the IV + encrypted data, reversing + * _add_cipher_noise() + * + * Function description + * + * @access public + * @param type + * @return type + */ + function _remove_cipher_noise($data, $key) + { + $keyhash = $this->hash($key); + $keylen = strlen($keyhash); + $str = ''; + + for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + { + if ($j >= $keylen) + { + $j = 0; + } + + $temp = ord($data[$i]) - ord($keyhash[$j]); + + if ($temp < 0) + { + $temp = $temp + 256; + } + + $str .= chr($temp); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Set the Mcrypt Cipher + * + * @access public + * @param constant + * @return string + */ + function set_cipher($cipher) + { + $this->_mcrypt_cipher = $cipher; + } + + // -------------------------------------------------------------------- + + /** + * Set the Mcrypt Mode + * + * @access public + * @param constant + * @return string + */ + function set_mode($mode) + { + $this->_mcrypt_mode = $mode; + } + + // -------------------------------------------------------------------- + + /** + * Get Mcrypt cipher Value + * + * @access private + * @return string + */ + function _get_cipher() + { + if ($this->_mcrypt_cipher == '') + { + $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; + } + + return $this->_mcrypt_cipher; + } + + // -------------------------------------------------------------------- + + /** + * Get Mcrypt Mode Value + * + * @access private + * @return string + */ + function _get_mode() + { + if ($this->_mcrypt_mode == '') + { + $this->_mcrypt_mode = MCRYPT_MODE_ECB; + } + + return $this->_mcrypt_mode; + } + + // -------------------------------------------------------------------- + + /** + * Set the Hash type + * + * @access public + * @param string + * @return string + */ + function set_hash($type = 'sha1') + { + $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type; + } + + // -------------------------------------------------------------------- + + /** + * Hash encode a string + * + * @access public + * @param string + * @return string + */ + function hash($str) + { + return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str); + } + + // -------------------------------------------------------------------- + + /** + * Generate an SHA1 Hash + * + * @access public + * @param string + * @return string + */ + function sha1($str) + { + if ( ! function_exists('sha1')) + { + if ( ! function_exists('mhash')) + { + require_once(BASEPATH.'libraries/Sha1'.EXT); + $SH = new CI_SHA; + return $SH->generate($str); + } + else + { + return bin2hex(mhash(MHASH_SHA1, $str)); + } + } + else + { + return sha1($str); + } + } + +} + +// END CI_Encrypt class + +/* End of file Encrypt.php */ /* Location: ./system/libraries/Encrypt.php */ \ No newline at end of file