khanat-opennel-code/code/web/private_php/ams/autoload/mycrypt.php

85 lines
No EOL
3.3 KiB
PHP

<?php
/**
* Basic encryption/decryption class.
* We use this class atm for encrypting & decrypting the imap passwords.
*/
class MyCrypt{
private $config; /**< array that should contain the enc_method & hash_method & key */
/**
* constructor.
* loads the config array with the given argument.
* @param $cryptinfo an array containing the info needed to encrypt & decrypt.(enc_method & hash_method & key)
*/
function __construct($cryptinfo) {
$this->config = $cryptinfo;
}
/**
* encrypts by using the given enc_method and hash_method.
* It will first check if the methods are supported, if not it will throw an error, if so it will encrypt the $data
* @param $data the string that we want to encrypt.
* @return the encrypted string.
*/
public function encrypt($data) {
self::check_methods($this->config['enc_method'], $this->config['hash_method']);
$iv = self::hashIV($this->config['key'], $this->config['hash_method'], openssl_cipher_iv_length($this->config['enc_method']));
$infostr = sprintf('$%s$%s$', $this->config['enc_method'], $this->config['hash_method']);
return $infostr . openssl_encrypt($data, $this->config['enc_method'], $this->config['key'], false, $iv);
}
/**
* decrypts by using the given enc_method and hash_method.
* @param $edata the encrypted string that we want to decrypt
* @return the decrypted string.
*/
public function decrypt($edata) {
$e_arr = explode('$', $edata);
if( count($e_arr) != 4 ) {
Throw new Exception('Given data is missing crucial sections.');
}
$this->config['enc_method'] = $e_arr[1];
$this->config['hash_method'] = $e_arr[2];
self::check_methods($this->config['enc_method'], $this->config['hash_method']);
$iv = self::hashIV($this->config['key'], $this->config['hash_method'], openssl_cipher_iv_length($this->config['enc_method']));
return openssl_decrypt($e_arr[3], $this->config['enc_method'], $this->config['key'], false, $iv);
}
/**
* hashes the key by using a hash method specified.
* @param $key the key to be hashed
* @param $method the metho of hashing to be used
* @param $iv_size the size of the initialization vector.
* @return return the hashed key up till the size of the iv_size param.
*/
private static function hashIV($key, $method, $iv_size) {
$myhash = hash($method, $key, TRUE);
while( strlen($myhash) < $iv_size ) {
$myhash .= hash($method, $myhash, TRUE);
}
return substr($myhash, 0, $iv_size);
}
/**
* checks if the encryption and hash methods are supported
* @param $enc the encryption method.
* @param $hash the hash method.
* @throw Exception in case a method is not supported.
*/
private static function check_methods($enc, $hash) {
if( ! function_exists('openssl_encrypt') ) {
Throw new Exception('openssl_encrypt() not supported.');
} else if( ! in_array($enc, openssl_get_cipher_methods()) ) {
Throw new Exception('Encryption method ' . $enc . ' not supported.');
} else if( ! in_array(strtolower($hash), hash_algos()) ) {
Throw new Exception('Hashing method ' . $hash . ' not supported.');
}
}
}