2001-01-11 10:52:33 +01:00
|
|
|
<?php
|
2001-12-20 17:19:55 +01:00
|
|
|
/**************************************************************************\
|
2004-05-05 14:06:13 +02:00
|
|
|
* eGroupWare API - Crypto *
|
2001-12-20 17:19:55 +01:00
|
|
|
* This file written by Joseph Engo <jengo@phpgroupware.org> *
|
|
|
|
|
* Handles encrypting strings based on various encryption schemes *
|
|
|
|
|
* Copyright (C) 2000, 2001 Dan Kuykendall *
|
|
|
|
|
* -------------------------------------------------------------------------*
|
2004-05-05 14:06:13 +02:00
|
|
|
* This library is part of the eGroupWare API *
|
|
|
|
|
* http://www.egroupware.org/api *
|
2001-12-20 17:19:55 +01:00
|
|
|
* -------------------------------------------------------------------------*
|
|
|
|
|
* This library is free software; you can redistribute it and/or modify it *
|
|
|
|
|
* under the terms of the GNU Lesser General Public License as published by *
|
|
|
|
|
* the Free Software Foundation; either version 2.1 of the License, *
|
|
|
|
|
* or any later version. *
|
|
|
|
|
* This library is distributed in the hope that it will be useful, but *
|
|
|
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of *
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. *
|
|
|
|
|
* See the GNU Lesser General Public License for more details. *
|
|
|
|
|
* You should have received a copy of the GNU Lesser General Public License *
|
|
|
|
|
* along with this library; if not, write to the Free Software Foundation, *
|
|
|
|
|
* Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
|
|
|
|
|
\**************************************************************************/
|
2001-12-28 06:57:18 +01:00
|
|
|
|
2001-12-14 22:38:40 +01:00
|
|
|
/* $Id$ */
|
2001-12-20 17:19:55 +01:00
|
|
|
|
2001-05-06 15:19:42 +02:00
|
|
|
class crypto
|
|
|
|
|
{
|
2001-06-16 21:02:31 +02:00
|
|
|
var $enabled = False;
|
2001-12-20 17:19:55 +01:00
|
|
|
var $debug = False;
|
|
|
|
|
|
2001-06-16 21:02:31 +02:00
|
|
|
var $mcrypt_version = '';
|
2003-10-17 09:31:23 +02:00
|
|
|
var $algo = MCRYPT_TRIPLEDES;
|
|
|
|
|
var $mode = MCRYPT_MODE_CBC;
|
2001-12-20 17:19:55 +01:00
|
|
|
var $td = False; /* Handle for mcrypt */
|
2001-05-06 15:19:42 +02:00
|
|
|
var $iv = '';
|
|
|
|
|
var $key = '';
|
|
|
|
|
|
2001-12-27 16:48:42 +01:00
|
|
|
function crypto($vars='')
|
2001-05-06 15:19:42 +02:00
|
|
|
{
|
2005-04-13 15:03:04 +02:00
|
|
|
if($GLOBALS['egw_info']['flags']['currentapp'] == 'login' ||
|
|
|
|
|
$GLOBALS['egw_info']['flags']['currentapp'] == 'logout' ||
|
|
|
|
|
$GLOBALS['egw_info']['flags']['currentapp'] == 'home'
|
2004-02-07 04:38:35 +01:00
|
|
|
)
|
|
|
|
|
{
|
|
|
|
|
$this->debug = False;
|
|
|
|
|
}
|
2001-12-27 16:48:42 +01:00
|
|
|
if(is_array($vars))
|
|
|
|
|
{
|
|
|
|
|
$this->init($vars);
|
|
|
|
|
}
|
|
|
|
|
}
|
2001-12-25 21:16:26 +01:00
|
|
|
|
2001-12-27 16:48:42 +01:00
|
|
|
function init($vars)
|
|
|
|
|
{
|
|
|
|
|
/* _debug_array(mcrypt_list_algorithms()); */
|
2001-05-06 15:19:42 +02:00
|
|
|
$key = $vars[0];
|
2001-10-17 20:15:04 +02:00
|
|
|
$iv = $vars[1];
|
2001-12-27 16:48:42 +01:00
|
|
|
|
2005-04-13 15:03:04 +02:00
|
|
|
if($GLOBALS['egw_info']['server']['mcrypt_enabled'] && extension_loaded('mcrypt'))
|
2001-05-06 15:19:42 +02:00
|
|
|
{
|
2005-04-13 15:03:04 +02:00
|
|
|
if($GLOBALS['egw_info']['server']['mcrypt_algo'])
|
2001-12-20 17:19:55 +01:00
|
|
|
{
|
2005-04-13 15:03:04 +02:00
|
|
|
$this->algo = $GLOBALS['egw_info']['server']['mcrypt_algo'];
|
2001-12-20 17:19:55 +01:00
|
|
|
}
|
2005-04-13 15:03:04 +02:00
|
|
|
if($GLOBALS['egw_info']['server']['mcrypt_mode'])
|
2001-12-20 17:19:55 +01:00
|
|
|
{
|
2005-04-13 15:03:04 +02:00
|
|
|
$this->mode = $GLOBALS['egw_info']['server']['mcrypt_mode'];
|
2001-12-20 17:19:55 +01:00
|
|
|
}
|
|
|
|
|
|
2001-12-20 18:58:48 +01:00
|
|
|
if($this->debug)
|
|
|
|
|
{
|
|
|
|
|
echo '<br>crypto: algorithm=' . $this->algo;
|
|
|
|
|
echo '<br>crypto: mode =' . $this->mode;
|
|
|
|
|
}
|
|
|
|
|
|
2001-06-16 21:02:31 +02:00
|
|
|
$this->enabled = True;
|
2005-04-13 15:03:04 +02:00
|
|
|
$this->mcrypt_version = $GLOBALS['egw_info']['server']['versions']['mcrypt'];
|
2004-02-07 04:38:35 +01:00
|
|
|
if($this->mcrypt_version == 'old')
|
2001-05-06 15:19:42 +02:00
|
|
|
{
|
2001-12-14 22:38:40 +01:00
|
|
|
$this->td = False;
|
2004-02-07 04:38:35 +01:00
|
|
|
if(phpversion() > '4.0.2pl1')
|
2001-05-06 15:19:42 +02:00
|
|
|
{
|
2001-12-20 17:19:55 +01:00
|
|
|
$keysize = mcrypt_get_key_size($this->algo);
|
|
|
|
|
$ivsize = mcrypt_get_iv_size($this->algo,$this->mode);
|
2001-05-06 15:19:42 +02:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$keysize = 8;
|
2001-10-17 20:15:04 +02:00
|
|
|
$ivsize = 8;
|
2001-05-06 15:19:42 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2001-12-20 17:19:55 +01:00
|
|
|
/* Start up mcrypt */
|
2004-02-07 04:38:35 +01:00
|
|
|
$this->td = mcrypt_module_open($this->algo, '', $this->mode, '');
|
2001-05-06 15:19:42 +02:00
|
|
|
|
|
|
|
|
$ivsize = mcrypt_enc_get_iv_size($this->td);
|
|
|
|
|
$keysize = mcrypt_enc_get_key_size($this->td);
|
|
|
|
|
}
|
|
|
|
|
|
2001-12-20 17:19:55 +01:00
|
|
|
/* Hack IV to be the correct size */
|
2001-05-06 15:19:42 +02:00
|
|
|
$x = strlen($iv);
|
2004-08-07 02:51:29 +02:00
|
|
|
$this->iv = '';
|
2004-02-07 04:38:35 +01:00
|
|
|
for($i = 0; $i < $ivsize; $i++)
|
2001-05-06 15:19:42 +02:00
|
|
|
{
|
|
|
|
|
$this->iv .= $iv[$i % $x];
|
|
|
|
|
}
|
|
|
|
|
|
2001-12-20 17:19:55 +01:00
|
|
|
/* Hack Key to be the correct size */
|
2001-05-06 15:19:42 +02:00
|
|
|
$x = strlen($key);
|
2004-08-07 02:51:29 +02:00
|
|
|
$this->key = '';
|
2004-02-07 04:38:35 +01:00
|
|
|
for($i = 0; $i < $keysize; $i++)
|
2001-05-06 15:19:42 +02:00
|
|
|
{
|
|
|
|
|
$this->key .= $key[$i % $x];
|
|
|
|
|
}
|
|
|
|
|
}
|
2004-02-07 04:38:35 +01:00
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/* If mcrypt isn't loaded, key and iv are not needed. */
|
|
|
|
|
if($this->debug)
|
|
|
|
|
{
|
|
|
|
|
echo '<br>crypto: mycrypt unavailable or disabled';
|
|
|
|
|
}
|
|
|
|
|
}
|
2001-05-06 15:19:42 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function cleanup()
|
|
|
|
|
{
|
2004-02-07 04:38:35 +01:00
|
|
|
if($this->enabled)
|
2001-05-06 15:19:42 +02:00
|
|
|
{
|
2004-02-07 04:38:35 +01:00
|
|
|
if($this->mcrypt_version != 'old')
|
2001-05-06 15:19:42 +02:00
|
|
|
{
|
2004-07-11 15:37:30 +02:00
|
|
|
if(function_exists('mcrypt_generic_deinit'))
|
2003-12-14 18:06:11 +01:00
|
|
|
{
|
|
|
|
|
mcrypt_generic_deinit($this->td);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
mcrypt_generic_end($this->td);
|
|
|
|
|
}
|
2001-05-06 15:19:42 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function hex2bin($data)
|
|
|
|
|
{
|
|
|
|
|
$len = strlen($data);
|
2001-06-16 21:02:31 +02:00
|
|
|
return pack('H'.$len, $data);
|
2001-05-06 15:19:42 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function encrypt($data)
|
2001-12-15 00:51:45 +01:00
|
|
|
{
|
2001-12-20 17:19:55 +01:00
|
|
|
if($this->debug)
|
|
|
|
|
{
|
|
|
|
|
echo '<br>' . time() . ' crypto->encrypt() unencrypted data: ---->>>>' . $data . "\n";
|
|
|
|
|
}
|
|
|
|
|
|
2005-04-13 15:03:04 +02:00
|
|
|
if(@is_array($data) || @is_object($data))
|
2001-12-20 17:19:55 +01:00
|
|
|
{
|
|
|
|
|
if($this->debug)
|
|
|
|
|
{
|
|
|
|
|
echo '<br>' . time() . ' crypto->encrypt() found an "' . gettype($data) . '". Serializing...' . "\n";
|
|
|
|
|
}
|
|
|
|
|
$data = serialize($data);
|
|
|
|
|
$_obj = True;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
if($this->debug)
|
|
|
|
|
{
|
|
|
|
|
echo '<br>' . time() . ' crypto->encrypt() found "' . gettype($data) . '". No serialization...' . "\n";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Disable all encryption if the admin didn't set it up */
|
2004-02-07 04:38:35 +01:00
|
|
|
if($this->enabled)
|
2001-12-15 00:51:45 +01:00
|
|
|
{
|
2001-12-20 17:19:55 +01:00
|
|
|
if($_obj)
|
|
|
|
|
{
|
|
|
|
|
if($this->debug)
|
|
|
|
|
{
|
|
|
|
|
echo '<br>' . time() . ' crypto->encrypt() adding slashes' . "\n";
|
|
|
|
|
}
|
|
|
|
|
$data = addslashes($data);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if($this->debug)
|
|
|
|
|
{
|
|
|
|
|
echo '<br>' . time() . ' crypto->encrypt() data: ---->>>>' . $data;
|
|
|
|
|
}
|
2001-12-28 06:57:18 +01:00
|
|
|
|
2004-02-07 04:38:35 +01:00
|
|
|
switch($this->mcrypt_version)
|
2001-12-15 00:51:45 +01:00
|
|
|
{
|
|
|
|
|
case 'old':
|
2001-12-20 17:19:55 +01:00
|
|
|
/* The old code, only works with mcrypt <= 2.2.x */
|
|
|
|
|
$encrypteddata = mcrypt_cbc($this->algo, $this->key, $data, MCRYPT_ENCRYPT);
|
2001-12-15 00:51:45 +01:00
|
|
|
break;
|
|
|
|
|
default:
|
2001-12-20 17:19:55 +01:00
|
|
|
/* Handle 2.4 and newer API */
|
2004-02-07 04:38:35 +01:00
|
|
|
mcrypt_generic_init($this->td, $this->key, $this->iv);
|
2001-12-15 00:51:45 +01:00
|
|
|
$encrypteddata = mcrypt_generic($this->td, $data);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
$encrypteddata = bin2hex($encrypteddata);
|
2001-12-20 17:19:55 +01:00
|
|
|
if($this->debug)
|
|
|
|
|
{
|
|
|
|
|
echo '<br>' . time() . ' crypto->encrypt() crypted data: ---->>>>' . $encrypteddata;
|
|
|
|
|
}
|
2001-12-15 00:51:45 +01:00
|
|
|
return $encrypteddata;
|
|
|
|
|
}
|
|
|
|
|
else
|
2001-12-20 17:19:55 +01:00
|
|
|
{
|
|
|
|
|
/* No mcrypt == insecure ! */
|
|
|
|
|
if($this->debug)
|
|
|
|
|
{
|
|
|
|
|
echo '<br>' . time() . ' crypto->encrypt() crypted data: ---->>>>' . $data;
|
|
|
|
|
}
|
2001-12-15 00:51:45 +01:00
|
|
|
return $data;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function decrypt($encrypteddata)
|
|
|
|
|
{
|
2001-12-20 17:19:55 +01:00
|
|
|
if($this->debug)
|
|
|
|
|
{
|
|
|
|
|
echo '<br>' . time() . ' crypto->decrypt() crypted data: ---->>>>' . $encrypteddata;
|
|
|
|
|
}
|
|
|
|
|
/* Disable all encryption if the admin didn't set it up */
|
2004-02-07 04:38:35 +01:00
|
|
|
if($this->enabled)
|
2001-12-15 00:51:45 +01:00
|
|
|
{
|
|
|
|
|
$data = $this->hex2bin($encrypteddata);
|
2004-02-07 04:38:35 +01:00
|
|
|
switch($this->mcrypt_version)
|
2001-12-15 00:51:45 +01:00
|
|
|
{
|
|
|
|
|
case 'old':
|
2001-12-20 17:19:55 +01:00
|
|
|
/* The old code, only works with mcrypt <= 2.2.x */
|
|
|
|
|
$data = mcrypt_cbc($this->algo, $this->key, $data, MCRYPT_DECRYPT);
|
2001-12-15 00:51:45 +01:00
|
|
|
break;
|
|
|
|
|
default:
|
2001-12-20 17:19:55 +01:00
|
|
|
/* Handle 2.4 and newer API */
|
2004-02-07 04:38:35 +01:00
|
|
|
mcrypt_generic_init($this->td, $this->key, $this->iv);
|
2001-12-15 00:51:45 +01:00
|
|
|
$data = mdecrypt_generic($this->td, $data);
|
|
|
|
|
break;
|
|
|
|
|
}
|
2001-12-20 17:19:55 +01:00
|
|
|
|
|
|
|
|
if($this->debug)
|
|
|
|
|
{
|
|
|
|
|
echo '<br>' . time() . ' crypto->decrypt() decrypted data: ---->>>>' . $data;
|
|
|
|
|
}
|
2001-12-25 21:16:26 +01:00
|
|
|
$test = stripslashes($data);
|
|
|
|
|
if(@unserialize($test))
|
2001-12-20 17:19:55 +01:00
|
|
|
{
|
|
|
|
|
if($this->debug)
|
|
|
|
|
{
|
|
|
|
|
echo '<br>' . time() . ' crypto->decrypt() stripping slashes' . "\n";
|
|
|
|
|
}
|
2001-12-25 21:16:26 +01:00
|
|
|
$data = $test;
|
2001-12-20 17:19:55 +01:00
|
|
|
}
|
|
|
|
|
unset($test);
|
|
|
|
|
|
|
|
|
|
if($this->debug)
|
|
|
|
|
{
|
|
|
|
|
echo '<br>' . time() . ' crypto->decrypt() data: ---->>>>' . $data . "\n";
|
|
|
|
|
}
|
2001-12-15 00:51:45 +01:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2001-12-20 17:19:55 +01:00
|
|
|
/* No mcrypt == insecure ! */
|
2001-12-15 00:51:45 +01:00
|
|
|
$data = $encrypteddata;
|
|
|
|
|
}
|
2001-12-20 17:19:55 +01:00
|
|
|
|
2004-09-30 14:11:43 +02:00
|
|
|
// Fix strange bug
|
|
|
|
|
// Without this, somes ^@^@^@^@ appears in data
|
|
|
|
|
$data = chop($data);
|
|
|
|
|
|
2001-12-25 21:16:26 +01:00
|
|
|
$newdata = @unserialize($data);
|
2005-04-13 15:03:04 +02:00
|
|
|
/* Check whether an array or object exists, even if empty. These should be the only ones originally serialized. */
|
|
|
|
|
if(@is_array($newdata) || @is_object($newdata))
|
2001-12-15 00:51:45 +01:00
|
|
|
{
|
2005-04-13 15:03:04 +02:00
|
|
|
/* array or object */
|
2001-12-20 17:19:55 +01:00
|
|
|
if($this->debug)
|
|
|
|
|
{
|
|
|
|
|
echo '<br>' . time() . ' crypto->decrypt() found serialized "' . gettype($newdata) . '". Unserializing...' . "\n";
|
|
|
|
|
echo '<br>' . time() . ' crypto->decrypt() returning: '; _debug_array($newdata);
|
|
|
|
|
}
|
|
|
|
|
return $newdata;
|
2001-12-15 00:51:45 +01:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2005-04-13 15:03:04 +02:00
|
|
|
/* Other types */
|
2001-12-20 17:19:55 +01:00
|
|
|
if($this->debug)
|
|
|
|
|
{
|
|
|
|
|
echo '<br>' . time() . ' crypto->decrypt() found UNserialized "' . gettype($data) . '". No unserialization...' . "\n";
|
|
|
|
|
echo '<br>' . time() . ' crypto->decrypt() returning: ' . $data;
|
|
|
|
|
}
|
2001-12-15 00:51:45 +01:00
|
|
|
return $data;
|
|
|
|
|
}
|
|
|
|
|
}
|
2001-10-17 20:15:04 +02:00
|
|
|
} // class crypto
|
2001-05-06 15:19:42 +02:00
|
|
|
?>
|
