Home Explore Help
Sign In
compsci-industry
/
TechEmpower.FrameworkBenchmarks
mirror of https://github.com/TechEmpower/FrameworkBenchmarks.git
2
0
Fork 0
Files Issues 0 Wiki
Tree: 3fb519207b
Branches Tags
TechEmpower.Fra...
/
php-micromvc
/
vendor
/
micro
/
micro
/
Micro
/
Cipher.php

Cipher.php 2.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * Cipher
    4. 

  4.  *
    5. 

  5.  * Provides encryption/decription functionality including URL shortening . By
    6. 

  6.  * default the encrypt/decrypt functions use AES to encrypt a string using
    7. 

  7.  * Cipher-block chaining (CBC) and then sign it using HMAC-SHA256 to prevent
    8. 

  8.  * initialization vector (IV) man-in-the-middle attacks against the first block .
    9. 

  9.  *
    10. 

  10.  * @package		MicroMVC
    11. 

  11.  * @author		David Pennington
    12. 

  12.  * @copyright	(c) 2011 MicroMVC Framework
    13. 

  13.  * @license		http://micromvc.com/license
    14. 

  14.  ********************************** 80 Columns *********************************
    15. 

  15.  */
    16. 

  16. namespace Micro;
    17. 

  17. 

  18. class Cipher
    19. 

  19. {
    20. 

  20. 

  21. 	/**
    22. 

  22. 	 * Encrypt a string
    23. 

  23. 	 *
    24. 

  24. 	 * @param string $text to encrypt
    25. 

  25. 	 * @param string $key a cryptographically random string
    26. 

  26. 	 * @param int $algo the encryption algorithm
    27. 

  27. 	 * @param int $mode the block cipher mode
    28. 

  28. 	 * @return string
    29. 

  29. 	 */
    30. 

  30. 	public static function encrypt($text, $key, $algo = MCRYPT_RIJNDAEL_256, $mode = MCRYPT_MODE_CBC)
    31. 

  31. 	{
    32. 

  32. 		// Create IV for encryption
    33. 

  33. 		$iv = mcrypt_create_iv(mcrypt_get_iv_size($algo, $mode), MCRYPT_RAND);
    34. 

  34. 

  35. 		// Encrypt text and append IV so it can be decrypted later
    36. 

  36. 		$text = mcrypt_encrypt($algo, hash('sha256', $key, TRUE), $text, $mode, $iv) . $iv;
    37. 

  37. 

  38. 		// Prefix text with HMAC so that IV cannot be changed
    39. 

  39. 		return hash('sha256', $key . $text) . $text;
    40. 

  40. 	}
    41. 

  41. 

  42. 

  43. 	/**
    44. 

  44. 	 * Decrypt an encrypted string
    45. 

  45. 	 *
    46. 

  46. 	 * @param string $text to encrypt
    47. 

  47. 	 * @param string $key a cryptographically random string
    48. 

  48. 	 * @param int $algo the encryption algorithm
    49. 

  49. 	 * @param int $mode the block cipher mode
    50. 

  50. 	 * @return string
    51. 

  51. 	 */
    52. 

  52. 	public static function decrypt($text, $key, $algo = MCRYPT_RIJNDAEL_256, $mode = MCRYPT_MODE_CBC)
    53. 

  53. 	{
    54. 

  54. 		$hash = substr($text, 0, 64);
    55. 

  55. 		$text = substr($text, 64);
    56. 

  56. 

  57. 		// Invalid HMAC?
    58. 

  58. 		if(hash('sha256', $key . $text) != $hash) return;
    59. 

  59. 

  60. 		// Get IV off end of encrypted string
    61. 

  61. 		$iv = substr($text, -mcrypt_get_iv_size($algo, $mode));
    62. 

  62. 

  63. 		// Decrypt string using IV and remove trailing \x0 padding added by mcrypt
    64. 

  64. 		return rtrim(mcrypt_decrypt($algo, hash('sha256', $key, TRUE), substr($text, 0, -strlen($iv)), $mode, $iv), "\x0");
    65. 

  65. 	}
    66. 

  66. 

  67. }
    68. 

  68. 

  69. // END
    70.