Loading...
Helix SwarmHelix Swarm
Loading...

Mcrypt.php

  • //
  • guest/
  • thomas_gray/
  • jambox/
  • main/
  • swarm/
  • library/
  • Zend/
  • Crypt/
  • Symmetric/
  • Mcrypt.php #1
  • View
  • Commits
  • Open Download .zip Download (13 KB) 
  1. <?php
  2. /**
  3.  * Zend Framework (http://framework.zend.com/)
  4.  *
  5.  * @link      http://github.com/zendframework/zf2 for the canonical source repository
  6.  * @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
  7.  * @license   http://framework.zend.com/license/new-bsd New BSD License
  8.  */
  9.  
  10. namespace Zend\Crypt\Symmetric;
  11.  
  12. use Traversable;
  13. use Zend\Stdlib\ArrayUtils;
  14.  
  15. /**
  16.  * Symmetric encryption using the Mcrypt extension
  17.  *
  18.  * NOTE: DO NOT USE only this class to encrypt data.
  19.  * This class doesn't provide authentication and integrity check over the data.
  20.  * PLEASE USE Zend\Crypt\BlockCipher instead!
  21.  */
  22. class Mcrypt implements SymmetricInterface
  23. {
  24.     const DEFAULT_PADDING = 'pkcs7';
  25.  
  26.     /**
  27.      * Key
  28.      *
  29.      * @var string
  30.      */
  31.     protected $key;
  32.  
  33.     /**
  34.      * IV
  35.      *
  36.      * @var string
  37.      */
  38.     protected $iv;
  39.  
  40.     /**
  41.      * Encryption algorithm
  42.      *
  43.      * @var string
  44.      */
  45.     protected $algo = 'aes';
  46.  
  47.     /**
  48.      * Encryption mode
  49.      *
  50.      * @var string
  51.      */
  52.     protected $mode = 'cbc';
  53.  
  54.     /**
  55.      * Padding
  56.      *
  57.      * @var Padding\PaddingInterface
  58.      */
  59.     protected $padding;
  60.  
  61.     /**
  62.      * Padding plugins
  63.      *
  64.      * @var PaddingPluginManager
  65.      */
  66.     protected static $paddingPlugins = null;
  67.  
  68.     /**
  69.      * Supported cipher algorithms
  70.      *
  71.      * @var array
  72.      */
  73.     protected $supportedAlgos = array(
  74.         'aes'          => 'rijndael-128',
  75.         'blowfish'     => 'blowfish',
  76.         'des'          => 'des',
  77.         '3des'         => 'tripledes',
  78.         'tripledes'    => 'tripledes',
  79.         'cast-128'     => 'cast-128',
  80.         'cast-256'     => 'cast-256',
  81.         'rijndael-128' => 'rijndael-128',
  82.         'rijndael-192' => 'rijndael-192',
  83.         'rijndael-256' => 'rijndael-256',
  84.         'saferplus'    => 'saferplus',
  85.         'serpent'      => 'serpent',
  86.         'twofish'      => 'twofish'
  87.     );
  88.  
  89.     /**
  90.      * Supported encryption modes
  91.      *
  92.      * @var array
  93.      */
  94.     protected $supportedModes = array(
  95.         'cbc'  => 'cbc',
  96.         'cfb'  => 'cfb',
  97.         'ctr'  => 'ctr',
  98.         'ofb'  => 'ofb',
  99.         'nofb' => 'nofb',
  100.         'ncfb' => 'ncfb'
  101.     );
  102.  
  103.     /**
  104.      * Constructor
  105.      *
  106.      * @param  array|Traversable                  $options
  107.      * @throws Exception\RuntimeException
  108.      * @throws Exception\InvalidArgumentException
  109.      */
  110.     public function __construct($options = array())
  111.     {
  112.         if (!extension_loaded('mcrypt')) {
  113.             throw new Exception\RuntimeException(
  114.                 'You cannot use ' . __CLASS__ . ' without the Mcrypt extension'
  115.             );
  116.         }
  117.         if (!empty($options)) {
  118.             if ($options instanceof Traversable) {
  119.                 $options = ArrayUtils::iteratorToArray($options);
  120.             } elseif (!is_array($options)) {
  121.                 throw new Exception\InvalidArgumentException(
  122.                     'The options parameter must be an array, a Zend\Config\Config object or a Traversable'
  123.                 );
  124.             }
  125.             foreach ($options as $key => $value) {
  126.                 switch (strtolower($key)) {
  127.                     case 'algo':
  128.                     case 'algorithm':
  129.                         $this->setAlgorithm($value);
  130.                         break;
  131.                     case 'mode':
  132.                         $this->setMode($value);
  133.                         break;
  134.                     case 'key':
  135.                         $this->setKey($value);
  136.                         break;
  137.                     case 'iv':
  138.                     case 'salt':
  139.                         $this->setSalt($value);
  140.                         break;
  141.                     case 'padding':
  142.                         $plugins       = static::getPaddingPluginManager();
  143.                         $padding       = $plugins->get($value);
  144.                         $this->padding = $padding;
  145.                         break;
  146.                 }
  147.             }
  148.         }
  149.         $this->setDefaultOptions($options);
  150.     }
  151.  
  152.     /**
  153.      * Set default options
  154.      *
  155.      * @param  array $options
  156.      * @return void
  157.      */
  158.     protected function setDefaultOptions($options = array())
  159.     {
  160.         if (!isset($options['padding'])) {
  161.             $plugins       = static::getPaddingPluginManager();
  162.             $padding       = $plugins->get(self::DEFAULT_PADDING);
  163.             $this->padding = $padding;
  164.         }
  165.     }
  166.  
  167.     /**
  168.      * Returns the padding plugin manager.  If it doesn't exist it's created.
  169.      *
  170.      * @return PaddingPluginManager
  171.      */
  172.     public static function getPaddingPluginManager()
  173.     {
  174.         if (static::$paddingPlugins === null) {
  175.             self::setPaddingPluginManager(new PaddingPluginManager());
  176.         }
  177.  
  178.         return static::$paddingPlugins;
  179.     }
  180.  
  181.     /**
  182.      * Set the padding plugin manager
  183.      *
  184.      * @param  string|PaddingPluginManager        $plugins
  185.      * @throws Exception\InvalidArgumentException
  186.      * @return void
  187.      */
  188.     public static function setPaddingPluginManager($plugins)
  189.     {
  190.         if (is_string($plugins)) {
  191.             if (!class_exists($plugins)) {
  192.                 throw new Exception\InvalidArgumentException(sprintf(
  193.                     'Unable to locate padding plugin manager via class "%s"; class does not exist',
  194.                     $plugins
  195.                 ));
  196.             }
  197.             $plugins = new $plugins();
  198.         }
  199.         if (!$plugins instanceof PaddingPluginManager) {
  200.             throw new Exception\InvalidArgumentException(sprintf(
  201.                 'Padding plugins must extend %s\PaddingPluginManager; received "%s"',
  202.                 __NAMESPACE__,
  203.                 (is_object($plugins) ? get_class($plugins) : gettype($plugins))
  204.             ));
  205.         }
  206.         static::$paddingPlugins = $plugins;
  207.     }
  208.  
  209.     /**
  210.      * Get the maximum key size for the selected cipher and mode of operation
  211.      *
  212.      * @return int
  213.      */
  214.     public function getKeySize()
  215.     {
  216.         return mcrypt_get_key_size($this->supportedAlgos[$this->algo],
  217.                                    $this->supportedModes[$this->mode]);
  218.     }
  219.  
  220.     /**
  221.      * Set the encryption key
  222.      * If the key is longer than maximum supported, it will be truncated by getKey().
  223.      *
  224.      * @param  string                             $key
  225.      * @throws Exception\InvalidArgumentException
  226.      * @return Mcrypt
  227.      */
  228.     public function setKey($key)
  229.     {
  230.         $keyLen = strlen($key);
  231.  
  232.         if (!$keyLen) {
  233.             throw new Exception\InvalidArgumentException('The key cannot be empty');
  234.         }
  235.         $keySizes = mcrypt_module_get_supported_key_sizes($this->supportedAlgos[$this->algo]);
  236.         $maxKey = $this->getKeySize();
  237.  
  238.         /*
  239.          * blowfish has $keySizes empty, meaning it can have arbitrary key length.
  240.          * the others are more picky.
  241.          */
  242.         if (!empty($keySizes) && $keyLen < $maxKey) {
  243.  
  244.             if (!in_array($keyLen, $keySizes)) {
  245.                  throw new Exception\InvalidArgumentException(
  246.                     "The size of the key must be one of "
  247.                     . implode(", ", $keySizes) . " bytes or longer");
  248.             }
  249.         }
  250.         $this->key = $key;
  251.  
  252.         return $this;
  253.     }
  254.  
  255.     /**
  256.      * Get the encryption key
  257.      *
  258.      * @return string
  259.      */
  260.     public function getKey()
  261.     {
  262.         if (empty($this->key)) {
  263.             return null;
  264.         }
  265.         return substr($this->key, 0, $this->getKeySize());
  266.     }
  267.  
  268.     /**
  269.      * Set the encryption algorithm (cipher)
  270.      *
  271.      * @param  string                             $algo
  272.      * @throws Exception\InvalidArgumentException
  273.      * @return Mcrypt
  274.      */
  275.     public function setAlgorithm($algo)
  276.     {
  277.         if (!array_key_exists($algo, $this->supportedAlgos)) {
  278.             throw new Exception\InvalidArgumentException(
  279.                 "The algorithm $algo is not supported by " . __CLASS__
  280.             );
  281.         }
  282.         $this->algo = $algo;
  283.  
  284.         return $this;
  285.     }
  286.  
  287.     /**
  288.      * Get the encryption algorithm
  289.      *
  290.      * @return string
  291.      */
  292.     public function getAlgorithm()
  293.     {
  294.         return $this->algo;
  295.     }
  296.  
  297.     /**
  298.      * Set the padding object
  299.      *
  300.      * @param  Padding\PaddingInterface $padding
  301.      * @return Mcrypt
  302.      */
  303.     public function setPadding(Padding\PaddingInterface $padding)
  304.     {
  305.         $this->padding = $padding;
  306.  
  307.         return $this;
  308.     }
  309.  
  310.     /**
  311.      * Get the padding object
  312.      *
  313.      * @return Padding\PaddingInterface
  314.      */
  315.     public function getPadding()
  316.     {
  317.         return $this->padding;
  318.     }
  319.  
  320.     /**
  321.      * Encrypt
  322.      *
  323.      * @param  string                             $data
  324.      * @throws Exception\InvalidArgumentException
  325.      * @return string
  326.      */
  327.     public function encrypt($data)
  328.     {
  329.         if (empty($data)) {
  330.             throw new Exception\InvalidArgumentException('The data to encrypt cannot be empty');
  331.         }
  332.         if (null === $this->getKey()) {
  333.             throw new Exception\InvalidArgumentException('No key specified for the encryption');
  334.         }
  335.         if (null === $this->getSalt()) {
  336.             throw new Exception\InvalidArgumentException('The salt (IV) cannot be empty');
  337.         }
  338.         if (null === $this->getPadding()) {
  339.             throw new Exception\InvalidArgumentException('You have to specify a padding method');
  340.         }
  341.         // padding
  342.         $data = $this->padding->pad($data, $this->getBlockSize());
  343.         $iv   = $this->getSalt();
  344.         // encryption
  345.         $result = mcrypt_encrypt(
  346.             $this->supportedAlgos[$this->algo],
  347.             $this->getKey(),
  348.             $data,
  349.             $this->supportedModes[$this->mode],
  350.             $iv
  351.         );
  352.  
  353.         return $iv . $result;
  354.     }
  355.  
  356.     /**
  357.      * Decrypt
  358.      *
  359.      * @param  string                             $data
  360.      * @throws Exception\InvalidArgumentException
  361.      * @return string
  362.      */
  363.     public function decrypt($data)
  364.     {
  365.         if (empty($data)) {
  366.             throw new Exception\InvalidArgumentException('The data to decrypt cannot be empty');
  367.         }
  368.         if (null === $this->getKey()) {
  369.             throw new Exception\InvalidArgumentException('No key specified for the decryption');
  370.         }
  371.         if (null === $this->getPadding()) {
  372.             throw new Exception\InvalidArgumentException('You have to specify a padding method');
  373.         }
  374.         $iv         = substr($data, 0, $this->getSaltSize());
  375.         $ciphertext = substr($data, $this->getSaltSize());
  376.         $result     = mcrypt_decrypt(
  377.             $this->supportedAlgos[$this->algo],
  378.             $this->getKey(),
  379.             $ciphertext,
  380.             $this->supportedModes[$this->mode],
  381.             $iv
  382.         );
  383.         // unpadding
  384.         return $this->padding->strip($result);
  385.     }
  386.  
  387.     /**
  388.      * Get the salt (IV) size
  389.      *
  390.      * @return int
  391.      */
  392.     public function getSaltSize()
  393.     {
  394.         return mcrypt_get_iv_size($this->supportedAlgos[$this->algo],
  395.                                   $this->supportedModes[$this->mode]);
  396.     }
  397.  
  398.     /**
  399.      * Get the supported algorithms
  400.      *
  401.      * @return array
  402.      */
  403.     public function getSupportedAlgorithms()
  404.     {
  405.         return array_keys($this->supportedAlgos);
  406.     }
  407.  
  408.     /**
  409.      * Set the salt (IV)
  410.      *
  411.      * @param  string                             $salt
  412.      * @throws Exception\InvalidArgumentException
  413.      * @return Mcrypt
  414.      */
  415.     public function setSalt($salt)
  416.     {
  417.         if (empty($salt)) {
  418.             throw new Exception\InvalidArgumentException('The salt (IV) cannot be empty');
  419.         }
  420.         if (strlen($salt) < $this->getSaltSize()) {
  421.             throw new Exception\InvalidArgumentException(
  422.                 'The size of the salt (IV) must be at least ' . $this->getSaltSize() . ' bytes'
  423.             );
  424.         }
  425.         $this->iv = $salt;
  426.  
  427.         return $this;
  428.     }
  429.  
  430.     /**
  431.      * Get the salt (IV) according to the size requested by the algorithm
  432.      *
  433.      * @return string
  434.      */
  435.     public function getSalt()
  436.     {
  437.         if (empty($this->iv)) {
  438.             return null;
  439.         }
  440.         if (strlen($this->iv) < $this->getSaltSize()) {
  441.             throw new Exception\RuntimeException(
  442.                 'The size of the salt (IV) must be at least ' . $this->getSaltSize() . ' bytes'
  443.             );
  444.         }
  445.  
  446.         return substr($this->iv, 0, $this->getSaltSize());
  447.     }
  448.  
  449.     /**
  450.      * Get the original salt value
  451.      *
  452.      * @return string
  453.      */
  454.     public function getOriginalSalt()
  455.     {
  456.         return $this->iv;
  457.     }
  458.  
  459.     /**
  460.      * Set the cipher mode
  461.      *
  462.      * @param  string                             $mode
  463.      * @throws Exception\InvalidArgumentException
  464.      * @return Mcrypt
  465.      */
  466.     public function setMode($mode)
  467.     {
  468.         if (!empty($mode)) {
  469.             $mode = strtolower($mode);
  470.             if (!array_key_exists($mode, $this->supportedModes)) {
  471.                 throw new Exception\InvalidArgumentException(
  472.                     "The mode $mode is not supported by " . __CLASS__
  473.                 );
  474.             }
  475.             $this->mode = $mode;
  476.         }
  477.  
  478.         return $this;
  479.     }
  480.  
  481.     /**
  482.      * Get the cipher mode
  483.      *
  484.      * @return string
  485.      */
  486.     public function getMode()
  487.     {
  488.         return $this->mode;
  489.     }
  490.  
  491.     /**
  492.      * Get all supported encryption modes
  493.      *
  494.      * @return array
  495.      */
  496.     public function getSupportedModes()
  497.     {
  498.         return array_keys($this->supportedModes);
  499.     }
  500.  
  501.     /**
  502.      * Get the block size
  503.      *
  504.      * @return int
  505.      */
  506.     public function getBlockSize()
  507.     {
  508.         return mcrypt_get_block_size($this->supportedAlgos[$this->algo],
  509.                                      $this->supportedModes[$this->mode]);
  510.     }
  511. }
# Change User Description Committed
#1 18334 Liz Lam initial add of jambox 9 years ago