Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- * @version $Id: crypto.php 48641 2011-05-30 17:24:41Z kt $
- * @category Divinity
- * @package Framework
- * @subpackage Crypt
- */
- ///////////////////////////////////////////////////////////////////////////////
- /**
- * Cryptographic-related functionality
- *
- * @package Framework
- * @subpackage Crypt
- */
- class crypto {
- /**
- * Encrypt a string
- *
- * @param string $input plain original text for encryption
- * @param string $cipher algorithm for encryption
- * @param string $mode mode for encryprtion
- * @return string
- */
- public static function encrypt($input, $key = null, $cipher = 'blowfish', $mode = 'ecb') {
- if (!isset($key)) {
- $key = vars::get_var('crypt_key');
- }
- $td = mcrypt_module_open($cipher, '', $mode, '');
- $random_seed = strstr(PHP_OS, 'WIN')
- ? MCRYPT_RAND
- : MCRYPT_DEV_URANDOM;
- $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), $random_seed);
- $ks = mcrypt_enc_get_key_size($td);
- $key = substr(sha1($key), 0, $ks); // Create key
- mcrypt_generic_init($td, $key, $iv);
- $encrypted_data = base64_encode(mcrypt_generic($td, $input));
- mcrypt_generic_deinit($td);
- mcrypt_module_close($td);
- return $encrypted_data;
- }
- /**
- * Decrypt a string
- *
- * @param string $input encrypted string for decryption
- * @param string $cipher algorithm for decryption
- * @param string $mode mode for decryption
- * @return string
- */
- public static function decrypt($input, $key = null, $cipher = 'blowfish', $mode = 'ecb') {
- if (!isset($key)) {
- $key = vars::get_var('crypt_key');
- }
- $td = mcrypt_module_open($cipher, '', $mode, '');
- $random_seed = strstr(PHP_OS, 'WIN')
- ? MCRYPT_RAND
- : MCRYPT_DEV_URANDOM;
- $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), $random_seed);
- $ks = mcrypt_enc_get_key_size($td);
- $key = substr(sha1($key), 0, $ks); // Create key
- mcrypt_generic_init($td, $key, $iv);
- $decrypted = @mdecrypt_generic($td, base64_decode($input));
- mcrypt_generic_deinit($td);
- mcrypt_module_close($td);
- return trim($decrypted);
- }
- // -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
- /**
- * Returns all supported algorithms
- * @return array
- */
- public static function algorithms() {
- return mcrypt_list_algorithms();
- }
- /**
- * Returns all supported modes
- * @return array
- */
- public static function modes() {
- return mcrypt_list_modes();
- }
- // -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
- /**
- * Returns a random unique (by default) id
- *
- * @param string $prefix
- * @param boolean $pseudo return a pseudo random id
- * @return string
- */
- public static function id($prefix = '', $pseudo = false) {
- if ($prefix == '') {
- $prefix = site::hostnames_and_uris(null, 'hostname');
- }
- if ($pseudo) {
- return sha1(uniqid($prefix, true));
- }
- // todo ?? same as the pseudo option
- //
- return sha1(uniqid($prefix, true));
- }
- /**
- * Returns a pseudo random id
- */
- public static function pseudo_id($prefix = '') {
- return self::id($prefix, true);
- }
- /**
- * Generates a HMAC using the default MAS key
- */
- public static function hmac($data, $key = null) {
- return self::hmac_sha1($data, $key);
- }
- /**
- * Generates a SHA1 HMAC using the default MAS key
- * @uses Crypt_HMAC
- */
- public static function hmac_sha1($data, $key = null) {
- require_once 'Crypt/HMAC.php';
- if (!isset($key)) {
- $key = vars::get_var('hmac_key');
- }
- $crypt = new Crypt_HMAC($key, 'sha1');
- return $crypt->hash($data);
- }
- /**
- * Checks HMACs used in URLs
- *
- * @param string $data serialized hmac and data
- * @param boolean $error_redirect the user should be redirected to a security error page
- * @return string
- */
- public static function get_from_hmac($data, $error_redirect = true) {
- list($hmac, $string) = unserialize($data);
- if (self::hmac($string) != $hmac) {
- info('Invalid HMAC.');
- if ($error_redirect) {
- http::redirect(http::html_url() . 'index.php?page=errors&id=security');
- }
- return '';
- }
- return $string;
- }
- /**
- * Adds a HMAC to a value
- *
- * @param string $data serialized data
- * @return string
- */
- public static function add_hmac($data) {
- return serialize(array(self::hmac($data), $data));
- }
- /**
- * Generates a random password (do not use O/0, I/l/1)
- *
- * 35-126 alphanumeric + symbols
- * 65-122 alphanumeric + less symbols
- *
- * @param integer $min_length
- * @param integer $max_length
- * @return string
- */
- public static function random_password($min_length = 6, $max_length = 8) {
- $password = '';
- $length = mt_rand($min_length, $max_length);
- $avoid = array(73, 76, 79, 105, 108, 111);
- while (strlen($password) < $length) {
- $rand = mt_rand(50, 122);
- if ($rand > 90 and $rand < 97) {
- continue;
- }
- if ($rand > 57 and $rand < 65) {
- continue;
- }
- if (in_array($rand, $avoid)) {
- continue;
- }
- $password .= chr($rand);
- }
- return $password;
- }
- /**
- * Generates a random string of digits
- *
- * @param integer $min_length
- * @param integer $max_length
- * @return string
- */
- public static function random_digits($min_length = 4, $max_length = 8) {
- $password = '';
- $length = mt_rand($min_length, $max_length);
- for ($i = 0; $i < $length; $i++) {
- $password .= mt_rand(0, 9);
- }
- return $password;
- }
- /**
- * Generate random user password
- *
- * @param string $type type of the password: "admin" for toolkit accounts and empty for regular
- * @return boolean
- */
- public static function generate_user_password ($type = '') {
- $password = '';
- $avoid = array(48, 73, 76, 79, 105, 108, 111);
- $spec_chars = array(
- '`', '~', '!', '@', '#', '$', '%', '^', '&', '*', '(',
- ')', '-', '_', '=', '+', '[', '{', ']', '}', '\\', '|',
- ';', ':', '\'', '"', ',', '<', '.', '>', '/', '?'
- );
- while (!user::validate_password($password, $type)) {
- $char = chr(mt_rand(97, 122));
- if (!in_array($char, $avoid)) {
- $password .= $char;
- }
- $char = chr(mt_rand(65, 90));
- if (!in_array($char, $avoid)) {
- $password .= $char;
- }
- $char = chr(mt_rand(48, 57));
- if (!in_array($char, $avoid)) {
- $password .= $char;
- }
- if ($type == 'admin') {
- $password .= $spec_chars[array_rand($spec_chars)];
- }
- }
- return $password;
- }
- /**
- * Reverse the bin2hex func
- *
- * @param string $h
- * @return string
- */
- public static function hex2bin($h) {
- if (!is_string($h)) {
- return null;
- }
- $r = '';
- for ($a=0; $a<strlen($h); $a+=2) {
- $r .= chr(hexdec($h{$a} . $h{($a+1)}));
- }
- return $r;
- }
- ////--end-of-file----
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement