Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- * Simple but secure encryption based on hash functions
- *
- * Basically this is algorithm provides a block cipher in ofb mode (output feedback mode)
- *
- * @author Marc Wöhlken, Quadracom - Partnerschaft für Mediengestaltung, Bremen <woehlken@quadracom.de>
- * @copyright Copyright 2006 Marc Wöhlken, Quadracom - Partnerschaft für Mediengestaltung, Bremen
- * @version Version 1.1, first public release
- * @license http://opensource.org/licenses/gpl-license.php GNU Public License
- *
- * @package hash_encryption
- **/
- class hash_encryption {
- /**
- * Hashed value of the user provided encryption key
- * @var string
- **/
- var $hash_key;
- /**
- * String length of hashed values using the current algorithm
- * @var int
- **/
- var $hash_lenth;
- /**
- * Switch base64 enconding on / off
- * @var bool true = use base64, false = binary output / input
- **/
- var $base64;
- /**
- * Secret value added to randomize output and protect the user provided key
- * @var string Change this value to add more randomness to your encryption
- **/
- var $salt = 'Change this to any secret value you like. "d41d8cd98f00b204e9800998ecf8427e" might be a good example.';
- /**
- * Constructor method
- *
- * Used to set key for encryption and decryption.
- * @param string $key Your secret key used for encryption and decryption
- * @param boold $base64 Enable base64 en- / decoding
- * @return mixed
- */
- function hash_encryption($key,$base64 = true) {
- // Toggle base64 usage on / off
- $this->base64 = $base64;
- // Instead of using the key directly we compress it using a hash function
- $this->hash_key = $this->_hash($key);
- // Remember length of hashvalues for later use
- $this->hash_length = strlen($this->hash_key);
- }
- /**
- * Method used for encryption
- * @param string $string Message to be encrypted
- * @return string Encrypted message
- */
- function encrypt($string) {
- $iv = $this->_generate_iv();
- // Clear output
- $out = '';
- // First block of output is ($this->hash_hey XOR IV)
- for($c=0;$c < $this->hash_length;$c++) {
- $out .= chr(ord($iv[$c]) ^ ord($this->hash_key[$c]));
- }
- // Use IV as first key
- $key = $iv;
- $c = 0;
- // Go through input string
- while($c < strlen($string)) {
- // If we have used all characters of the current key we switch to a new one
- if(($c != 0) and ($c % $this->hash_length == 0)) {
- // New key is the hash of current key and last block of plaintext
- $key = $this->_hash($key . substr($string,$c - $this->hash_length,$this->hash_length));
- }
- // Generate output by xor-ing input and key character for character
- $out .= chr(ord($key[$c % $this->hash_length]) ^ ord($string[$c]));
- $c++;
- }
- // Apply base64 encoding if necessary
- if($this->base64) $out = base64_encode($out);
- return $out;
- }
- /**
- * Method used for decryption
- * @param string $string Message to be decrypted
- * @return string Decrypted message
- */
- function decrypt($string) {
- // Apply base64 decoding if necessary
- if($this->base64) $string = base64_decode($string);
- // Extract encrypted IV from input
- $tmp_iv = substr($string,0,$this->hash_length);
- // Extract encrypted message from input
- $string = substr($string,$this->hash_length,strlen($string) - $this->hash_length);
- $iv = $out = '';
- // Regenerate IV by xor-ing encrypted IV from block 1 and $this->hashed_key
- // Mathematics: (IV XOR KeY) XOR Key = IV
- for($c=0;$c < $this->hash_length;$c++)
- {
- $iv .= chr(ord($tmp_iv[$c]) ^ ord($this->hash_key[$c]));
- }
- // Use IV as key for decrypting the first block cyphertext
- $key = $iv;
- $c = 0;
- // Loop through the whole input string
- while($c < strlen($string)) {
- // If we have used all characters of the current key we switch to a new one
- if(($c != 0) and ($c % $this->hash_length == 0)) {
- // New key is the hash of current key and last block of plaintext
- $key = $this->_hash($key . substr($out,$c - $this->hash_length,$this->hash_length));
- }
- // Generate output by xor-ing input and key character for character
- $out .= chr(ord($key[$c % $this->hash_length]) ^ ord($string[$c]));
- $c++;
- }
- return $out;
- }
- /**
- * Hashfunction used for encryption
- *
- * This class hashes any given string using the best available hash algorithm.
- * Currently support for md5 and sha1 is provided. In theory even crc32 could be used
- * but I don't recommend this.
- *
- * @access private
- * @param string $string Message to hashed
- * @return string Hash value of input message
- */
- function _hash($string) {
- // Use sha1() if possible, php versions >= 4.3.0 and 5
- if(function_exists('sha1')) {
- $hash = sha1($string);
- } else {
- // Fall back to md5(), php versions 3, 4, 5
- $hash = md5($string);
- }
- $out ='';
- // Convert hexadecimal hash value to binary string
- for($c=0;$c<strlen($hash);$c+=2) {
- $out .= $this->_hex2chr($hash[$c] . $hash[$c+1]);
- }
- return $out;
- }
- /**
- * Generate a random string to initialize encryption
- *
- * This method will return a random binary string IV ( = initialization vector).
- * The randomness of this string is one of the crucial points of this algorithm as it
- * is the basis of encryption. The encrypted IV will be added to the encrypted message
- * to make decryption possible. The transmitted IV will be encoded using the user provided key.
- *
- * @todo Add more random sources.
- * @access private
- * @see function hash_encryption
- * @return string Binary pseudo random string
- **/
- function _generate_iv() {
- // Initialize pseudo random generator
- srand ((double)microtime()*1000000);
- // Collect random data.
- // Add as many "pseudo" random sources as you can find.
- // Possible sources: Memory usage, diskusage, file and directory content...
- $iv = $this->salt;
- $iv .= rand(0,getrandmax());
- // Changed to serialize as the second parameter to print_r is not available in php prior to version 4.4
- $iv .= serialize($GLOBALS);
- return $this->_hash($iv);
- }
- /**
- * Convert hexadecimal value to a binary string
- *
- * This method converts any given hexadecimal number between 00 and ff to the corresponding ASCII char
- *
- * @access private
- * @param string Hexadecimal number between 00 and ff
- * @return string Character representation of input value
- **/
- function _hex2chr($num) {
- return chr(hexdec($num));
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement