[H] PHP Get/Set PHP Linux Java[EE] Java[J2ME] SQL general Plymouth-University JSF Contact

CryptM - Mcrypt encryption/cypher manager for PHP


2011-06-27 Digg! icurtain Delcious icurtain
CryptM Mcrypt encryption cypher manager for PHP
  1. class CryptM { 
  2.    private $input = null; 
  3.    private $output = null; 
  4.    private $key = null; 
  5.    //initated cypher with constant - strongest encryption type 
  6.    private $cypher = MCRYPT_RIJNDAEL_256; 
  7.    //initiated mode with constant 
  8.    private $mode = MCRYPT_MODE_CFB; 
  9.    private $cypherObject = null; 
  10.    private $iv = null; 
  11.  
  12.    public function CryptM(){ 
  13.       if(!$this->checkCypher($this->cypher)){ 
  14.          throw new Exception('cypher not supported('.$this->cypher.')'); 
  15.       } 
  16.  
  17.       if(!$this->checkMode($this->mode)){ 
  18.          throw new Exception('mode not supported('.$this->mode.')'); 
  19.       } 
  20.  
  21.       /*Usage notes 
  22.       //CryptM encoding class for PHP 
  23.       //COPYRIGHT icurtain.co.uk - mike lang, 2011 
  24.       main class usage is intended as follows 
  25.       $c = new CryptM(); 
  26.       $result = $c->quickEncrypt('secret things','password'); 
  27.       $result = $c->quickDecrypt($result,'password'); 
  28.  
  29.       //most functionality is documented and explained - returning null either means it was empty to start with or the wrong password was entered 
  30.       //this is implemented by a base64 check - the encoding methodology is to attach the vector to the start of the cypher - which someone on some 
  31.       //form said was bad practice, however, no one said why as it can be made public without significantly weakening the encryption 
  32.       //any further queries read the documentation on MCRYPT 
  33.  
  34.       Object can either be created and used OO style 
  35.       $c = new CryptM(); 
  36.       $c->setInput('blah'); 
  37.       $c->setKey('key'); 
  38.       $c->setMode('cfb'); 
  39.       $c->setCypher('des'); 
  40.       $c->encrypt(); 
  41.       $c->getOutput(); //same with decrypt 
  42.       */ 
  43.  
  44.    } 
  45.  
  46.    private function checkCypher($cypher){ 
  47.       foreach(mcrypt_list_algorithms() as $m){ 
  48.          if($cypher == $m){ 
  49.             return(true); 
  50.          } 
  51.       } 
  52.       return($false); 
  53.    } 
  54.  
  55.    private function checkMode($mode){ 
  56.       foreach(mcrypt_list_modes() as $m){ 
  57.          if($mode == $m){ 
  58.             return(true); 
  59.          } 
  60.       } 
  61.       return($false); 
  62.    } 
  63.  
  64.    public function getInput(){ 
  65.       return $this->input; 
  66.    } 
  67.  
  68.    public function setInput($input){ 
  69.       $this->input = $input; 
  70.    } 
  71.  
  72.    public function getOutput(){ 
  73.       return $this->output; 
  74.    } 
  75.  
  76.    public function setOutput($output){ 
  77.       $this->output = $output; 
  78.    } 
  79.  
  80.    public function getKey(){ 
  81.       return $this->key; 
  82.    } 
  83.  
  84.    public function setKey($key){ 
  85.       $this->key = $key; 
  86.    } 
  87.  
  88.  
  89.    public function getCypher(){ 
  90.       return $this->cypher; 
  91.    } 
  92.  
  93.    public function setCypher($cypher){ 
  94.       //This is probably very naughty and quite bad practice but what the frick, we create a constant containing the correct value and copy it in the  
  95.       //private class variable 
  96.       if($this->checkCypher($cypher)){ 
  97.          define(CYPHER, $cypher); 
  98.          $this->cypher = CYPHER; 
  99.          return(true); 
  100.       }else{ 
  101.          return(false); 
  102.       } 
  103.        
  104.    } 
  105.  
  106.    public function getMode(){ 
  107.       return $this->mode; 
  108.    } 
  109.  
  110.    public function setMode($mode){ 
  111.       if($this->checkMode($mode)){ 
  112.          define(MODE, $mode); 
  113.          $this->mode = MODE; 
  114.          return(true); 
  115.       }else{ 
  116.          return(false); 
  117.       } 
  118.    } 
  119.  
  120.    public function listInfo(){ 
  121.       echo '<br />ALGORITHMS:<br />'; 
  122.       foreach(mcrypt_list_algorithms() as $m){ 
  123.          echo ''.$m.'<br />'; 
  124.       } 
  125.       echo '<br />MODES:<br />'; 
  126.       foreach(mcrypt_list_modes() as $m){ 
  127.          echo ''.$m.'<br />'; 
  128.       } 
  129.  
  130.    } 
  131.  
  132.  
  133.    private function testCypherObject($cypherObject){ 
  134.       echo 'CYPHER OBJECT<br />'; 
  135.                echo mcrypt_enc_get_algorithms_name($cypherObject).'<br />'; 
  136.       echo mcrypt_enc_get_block_size($cypherObject).'<br />'; 
  137.       foreach(mcrypt_enc_get_supported_key_sizes($cypherObject) as $k){ 
  138.          echo $k.'<br />'; 
  139.       } 
  140.    } 
  141.  
  142.    public function encrypt(){ 
  143.       if(sizeof($this->key)<1){ 
  144.          return (false); 
  145.       } 
  146.       //$x = mcrypt_module_open($this->getCypher(), '', $this->getMode(), ''); 
  147.       //$x = $this->getCypherObject(); 
  148.       //create encryption vector and vector size        
  149.       mcrypt_generic_init($this->getCypherObject(), $this->getKey(), $this->getInitiationVector()); 
  150.       $this->setOutput(mcrypt_generic($this->getCypherObject(), $this->getInput())); 
  151.       $this->resetCypherObject(); 
  152.    } 
  153.  
  154.    public function decrypt(){ 
  155.       $this->setOutput(mcrypt_decrypt($this->getCypher(), $this->getKey(), $this->getInput(), $this->getMode(), $this->getInitiationVector())); 
  156.    } 
  157.  
  158.    private function getCypherObject(){ 
  159.       //2nd and 4th paramaters are the locations of the cyphers and modes - should be defined in php.ini 
  160.       if($this->cypherObject==null){ 
  161.          $this->cypherObject = mcrypt_module_open($this->getCypher(), '', $this->getMode(), ''); 
  162.       } 
  163.       //$this->testCypherObject($this->cypherObject); 
  164.       return($this->cypherObject); 
  165.    } 
  166.  
  167.    private function resetCypherObject(){ 
  168.       mcrypt_generic_deinit($this->cypherObject); 
  169.                mcrypt_module_close($this->cypherObject); 
  170.       $this->cypherObject = null; 
  171.    } 
  172.  
  173.    private function getInitiationVector(){ 
  174.       if($this->iv == null){       
  175.          $size = mcrypt_get_iv_size($this->getCypher(), $this->getMode()); 
  176.          $this->iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM); 
  177.       } 
  178.       return($this->iv); 
  179.    } 
  180.  
  181.    private function resetIV(){ 
  182.       $this->iv = null; 
  183.    } 
  184.  
  185.    private function quickReset(){ 
  186.       //as the quick en/decrypt functions are quite prescriptive in how they process data they only work  
  187.       //with this cypher/mode combo so they 
  188.       $this->cypher = MCRYPT_RIJNDAEL_256; 
  189.       $this->mode = MCRYPT_MODE_CFB; 
  190.    } 
  191.  
  192.    public function quickEncrypt($input,$key){ 
  193.       //this function assumes a lot - and tags the IV onto the start of the outputted data - ergo its not standard and wont work unless u string 
  194.       //split it and process it accordingly - we also base 64 encode/decode so that we can do a half-baked test on whether we have returned valid data 
  195.       //technically this makes the cypher weaker to a dictionary attack but this is PHP.. its only ever going to be half baked encryption 
  196.       $this->quickReset(); 
  197.  
  198.       $iv = $this->getInitiationVector(); 
  199.       mcrypt_generic_init($this->getCypherObject(), $key, $iv); 
  200.       //concatinate IV with encrypted base64_cypher of the input 
  201.       $e = $iv.mcrypt_generic($this->getCypherObject(), base64_encode($input)); 
  202.       $this->resetCypherObject(); 
  203.       return($e); 
  204.    } 
  205.  
  206.    public function quickDecrypt($input,$key){ 
  207.       //$iv = substr($input,strlen($input)-32,32); 
  208.       //$e = substr($input,0,strlen($input)-32); 
  209.       $this->quickReset(); 
  210.       $iv = substr($input,0,32); 
  211.       $e = substr($input,32,strlen($input)); 
  212.       //base64 is strict and will return null if the char string is not base64 encoded - null = wrong password 
  213.       if($result = base64_decode(mcrypt_decrypt($this->getCypher(), $key, $e, $this->getMode(), $iv), true)){ 
  214.          return($result); 
  215.       }return(null); 
  216.    } 
  217.  
  218. }