David A. Windham
david
/
laravel
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 886a6f4fac
Branches Tags
laravel
/
laravel
/
security
/
crypter.php

crypter.php 2.9 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125 
  1. <?php namespace Laravel\Security;
    2. 

  2. 

  3. class Crypter {
    4. 

  4. 

  5. 	/**
    6. 

  6. 	 * The encryption cipher.
    7. 

  7. 	 *
    8. 

  8. 	 * @var string
    9. 

  9. 	 */
    10. 

  10. 	public $cipher;
    11. 

  11. 

  12. 	/**
    13. 

  13. 	 * The encryption mode.
    14. 

  14. 	 *
    15. 

  15. 	 * @var string
    16. 

  16. 	 */
    17. 

  17. 	public $mode;
    18. 

  18. 

  19. 	/**
    20. 

  20. 	 * The encryption key.
    21. 

  21. 	 *
    22. 

  22. 	 * @var string
    23. 

  23. 	 */
    24. 

  24. 	public $key;
    25. 

  25. 

  26. 	/**
    27. 

  27. 	 * Create a new Crypter instance.
    28. 

  28. 	 *
    29. 

  29. 	 * A valid cipher and mode supported by the Mcrypt extension must be given to the constructor.
    30. 

  30. 	 * Also, an encryption key (typically from the application configuration) must be specified.
    31. 

  31. 	 *
    32. 

  32. 	 * @param  string  $cipher
    33. 

  33. 	 * @param  string  $mode
    34. 

  34. 	 * @param  string  $key
    35. 

  35. 	 * @return void
    36. 

  36. 	 */
    37. 

  37. 	public function __construct($cipher, $mode, $key)
    38. 

  38. 	{
    39. 

  39. 		$this->key = $key;
    40. 

  40. 		$this->mode = $mode;
    41. 

  41. 		$this->cipher = $cipher;
    42. 

  42. 

  43. 		if (trim((string) $this->key) === '')
    44. 

  44. 		{
    45. 

  45. 			throw new \Exception('The encryption class may not be used without an encryption key.');
    46. 

  46. 		}
    47. 

  47. 	}
    48. 

  48. 

  49. 	/**
    50. 

  50. 	 * Encrypt a string using Mcrypt.
    51. 

  51. 	 *
    52. 

  52. 	 * The string will be encrypted using the cipher and mode specified when the crypter
    53. 

  53. 	 * instance was created, and the final result will be base64 encoded.
    54. 

  54. 	 *
    55. 

  55. 	 * <code>
    56. 

  56. 	 *		// Encrypt a string using the Mcrypt PHP extension
    57. 

  57. 	 *		$encrypted = Crypter::encrpt('secret');
    58. 

  58. 	 * </code>
    59. 

  59. 	 *
    60. 

  60. 	 * @param  string  $value
    61. 

  61. 	 * @return string
    62. 

  62. 	 */
    63. 

  63. 	public function encrypt($value)
    64. 

  64. 	{
    65. 

  65. 		// Determine the most appropriate random number generator for the operating
    66. 

  66. 		// system and environment the application is running on.
    67. 

  67. 		if (defined('MCRYPT_DEV_URANDOM'))
    68. 

  68. 		{
    69. 

  69. 			$randomizer = MCRYPT_DEV_URANDOM;
    70. 

  70. 		}
    71. 

  71. 		elseif (defined('MCRYPT_DEV_RANDOM'))
    72. 

  72. 		{
    73. 

  73. 			$randomizer = MCRYPT_DEV_RANDOM;
    74. 

  74. 		}
    75. 

  75. 		else
    76. 

  76. 		{
    77. 

  77. 			$randomizer = MCRYPT_RAND;			
    78. 

  78. 		}
    79. 

  79. 

  80. 		$iv = mcrypt_create_iv($this->iv_size(), $randomizer);
    81. 

  81. 

  82. 		return base64_encode($iv.mcrypt_encrypt($this->cipher, $this->key, $value, $this->mode, $iv));
    83. 

  83. 	}
    84. 

  84. 

  85. 	/**
    86. 

  86. 	 * Decrypt a string using Mcrypt.
    87. 

  87. 	 *
    88. 

  88. 	 * The string will be decrypted using the cipher and mode specified when the crypter was created.
    89. 

  89. 	 *
    90. 

  90. 	 * <code>
    91. 

  91. 	 *		// Decrypt a string using the Mcrypt PHP extension
    92. 

  92. 	 *		$decrypted = Crypter::decrypt($secret);
    93. 

  93. 	 * </code>
    94. 

  94. 	 *
    95. 

  95. 	 * @param  string  $value
    96. 

  96. 	 * @return string
    97. 

  97. 	 */
    98. 

  98. 	public function decrypt($value)
    99. 

  99. 	{
    100. 

  100. 		// Since all encrypted strings generated by this class are base64 encoded, we will
    101. 

  101. 		// first attempt to base64 decode the string. If we can't do it, we'll bail out.
    102. 

  102. 		if ( ! is_string($value = base64_decode($value, true)))
    103. 

  103. 		{
    104. 

  104. 			throw new \Exception('Decryption error. Input value is not valid base64 data.');
    105. 

  105. 		}
    106. 

  106. 

  107. 		// Extract the input vector and the encrypted string from the value
    108. 

  108. 		list($iv, $value) = array(substr($value, 0, $this->iv_size()), substr($value, $this->iv_size()));
    109. 

  109. 

  110. 		return rtrim(mcrypt_decrypt($this->cipher, $this->key, $value, $this->mode, $iv), "\0");
    111. 

  111. 	}
    112. 

  112. 

  113. 	/**
    114. 

  114. 	 * Get the input vector size for the cipher and mode.
    115. 

  115. 	 *
    116. 

  116. 	 * Different ciphers and modes use varying lengths of input vectors.
    117. 

  117. 	 *
    118. 

  118. 	 * @return int
    119. 

  119. 	 */
    120. 

  120. 	private function iv_size()
    121. 

  121. 	{
    122. 

  122. 		return mcrypt_get_iv_size($this->cipher, $this->mode);
    123. 

  123. 	}
    124. 

  124. 

  125. }
    126.