AAAAkey.php000066600000003074151372656100006063 0ustar00type = (string) $type; // Set the optional public/private key strings. $this->private = isset($private) ? (string) $private : null; $this->public = isset($public) ? (string) $public : null; } /** * Magic method to return some protected property values. * * @param string $name The name of the property to return. * * @return mixed * * @since 12.1 */ public function __get($name) { if ($name == 'type') { return $this->type; } else { trigger_error('Cannot access property ' . __CLASS__ . '::' . $name, E_USER_WARNING); } } } index.html000066600000000037151372656100006553 0ustar00 .htaccess000066600000000177151372656100006361 0ustar00 Order allow,deny Deny from all cipher/index.html000066600000000037151372656100010025 0ustar00 cipher/.htaccess000066600000000177151372656100007633 0ustar00 Order allow,deny Deny from all cipher/simple.php000066600000013460151372656100010036 0ustar00type != 'simple') { throw new InvalidArgumentException('Invalid key of type: ' . $key->type . '. Expected simple.'); } // Initialise variables. $decrypted = ''; $tmp = $key->public; // Convert the HEX input into an array of integers and get the number of characters. $chars = $this->_hexToIntArray($data); $charCount = count($chars); // Repeat the key as many times as necessary to ensure that the key is at least as long as the input. for ($i = 0; $i < $charCount; $i = strlen($tmp)) { $tmp = $tmp . $tmp; } // Get the XOR values between the ASCII values of the input and key characters for all input offsets. for ($i = 0; $i < $charCount; $i++) { $decrypted .= chr($chars[$i] ^ ord($tmp[$i])); } return $decrypted; } /** * Method to encrypt a data string. * * @param string $data The data string to encrypt. * @param JCryptKey $key The key[/pair] object to use for encryption. * * @return string The encrypted data string. * * @since 12.1 * @throws InvalidArgumentException */ public function encrypt($data, JCryptKey $key) { // Validate key. if ($key->type != 'simple') { throw new InvalidArgumentException('Invalid key of type: ' . $key->type . '. Expected simple.'); } // Initialise variables. $encrypted = ''; $tmp = $key->private; // Split up the input into a character array and get the number of characters. $chars = preg_split('//', $data, -1, PREG_SPLIT_NO_EMPTY); $charCount = count($chars); // Repeat the key as many times as necessary to ensure that the key is at least as long as the input. for ($i = 0; $i < $charCount; $i = strlen($tmp)) { $tmp = $tmp . $tmp; } // Get the XOR values between the ASCII values of the input and key characters for all input offsets. for ($i = 0; $i < $charCount; $i++) { $encrypted .= $this->_intToHex(ord($tmp[$i]) ^ ord($chars[$i])); } return $encrypted; } /** * Method to generate a new encryption key[/pair] object. * * @param array $options Key generation options. * * @return JCryptKey * * @since 12.1 */ public function generateKey(array $options = array()) { // Create the new encryption key[/pair] object. $key = new JCryptKey('simple'); // Just a random key of a given length. $key->private = $this->_getRandomKey(); $key->public = $key->private; return $key; } /** * Method to generate a random key of a given length. * * @param integer $length The length of the key to generate. * * @return string * * @since 12.1 */ private function _getRandomKey($length = 256) { // Initialise variables. $key = ''; $salt = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'; $saltLength = strlen($salt); // Build the random key. for ($i = 0; $i < $length; $i++) { $key .= $salt[mt_rand(0, $saltLength - 1)]; } return $key; } /** * Convert hex to an integer * * @param string $s The hex string to convert. * @param integer $i The offset? * * @return integer * * @since 11.1 */ private function _hexToInt($s, $i) { // Initialise variables. $j = (int) $i * 2; $k = 0; $s1 = (string) $s; // Get the character at position $j. $c = substr($s1, $j, 1); // Get the character at position $j + 1. $c1 = substr($s1, $j + 1, 1); switch ($c) { case 'A': $k += 160; break; case 'B': $k += 176; break; case 'C': $k += 192; break; case 'D': $k += 208; break; case 'E': $k += 224; break; case 'F': $k += 240; break; case ' ': $k += 0; break; default: (int) $k = $k + (16 * (int) $c); break; } switch ($c1) { case 'A': $k += 10; break; case 'B': $k += 11; break; case 'C': $k += 12; break; case 'D': $k += 13; break; case 'E': $k += 14; break; case 'F': $k += 15; break; case ' ': $k += 0; break; default: $k += (int) $c1; break; } return $k; } /** * Convert hex to an array of integers * * @param string $hex The hex string to convert to an integer array. * * @return array An array of integers. * * @since 11.1 */ private function _hexToIntArray($hex) { // Initialise variables. $array = array(); $j = (int) strlen($hex) / 2; for ($i = 0; $i < $j; $i++) { $array[$i] = (int) $this->_hexToInt($hex, $i); } return $array; } /** * Convert an integer to a hexadecimal string. * * @param integer $i An integer value to convert to a hex string. * * @return string * * @since 11.1 */ private function _intToHex($i) { // Sanitize the input. $i = (int) $i; // Get the first character of the hexadecimal string if there is one. $j = (int) ($i / 16); if ($j === 0) { $s = ' '; } else { $s = strtoupper(dechex($j)); } // Get the second character of the hexadecimal string. $k = $i - $j * 16; $s = $s . strtoupper(dechex($k)); return $s; } } crypt.php000066600000015014151372656100006431 0ustar00_key = $key; // Set the encryption cipher. $this->_cipher = isset($cipher) ? $cipher : new JCryptCipherSimple; } /** * Method to decrypt a data string. * * @param string $data The encrypted string to decrypt. * * @return string The decrypted data string. * * @since 12.1 */ public function decrypt($data) { return $this->_cipher->decrypt($data, $this->_key); } /** * Method to encrypt a data string. * * @param string $data The data string to encrypt. * * @return string The encrypted data string. * * @since 12.1 */ public function encrypt($data) { return $this->_cipher->encrypt($data, $this->_key); } /** * Method to generate a new encryption key[/pair] object. * * @param array $options Key generation options. * * @return JCryptKey * * @since 12.1 */ public function generateKey(array $options = array()) { return $this->_cipher->generateKey($options); } /** * Method to set the encryption key[/pair] object. * * @param JCryptKey $key The key object to set. * * @return JCrypt * * @since 12.1 */ public function setKey(JCryptKey $key) { $this->_key = $key; return $this; } /** * Generate random bytes. * * @param integer $length Length of the random data to generate * * @return string Random binary data * * @since 12.1 */ public static function genRandomBytes($length = 16) { $sslStr = ''; /* * if a secure randomness generator exists and we don't * have a buggy PHP version use it. */ if (function_exists('openssl_random_pseudo_bytes') && (version_compare(PHP_VERSION, '5.3.4') >= 0 || IS_WIN)) { $sslStr = openssl_random_pseudo_bytes($length, $strong); if ($strong) { return $sslStr; } } /* * Collect any entropy available in the system along with a number * of time measurements of operating system randomness. */ $bitsPerRound = 2; $maxTimeMicro = 400; $shaHashLength = 20; $randomStr = ''; $total = $length; // Check if we can use /dev/urandom. $urandom = false; $handle = null; // This is PHP 5.3.3 and up if (function_exists('stream_set_read_buffer') && @is_readable('/dev/urandom')) { $handle = @fopen('/dev/urandom', 'rb'); if ($handle) { $urandom = true; } } while ($length > strlen($randomStr)) { $bytes = ($total > $shaHashLength)? $shaHashLength : $total; $total -= $bytes; /* * Collect any entropy available from the PHP system and filesystem. * If we have ssl data that isn't strong, we use it once. */ $entropy = rand() . uniqid(mt_rand(), true) . $sslStr; $entropy .= implode('', @fstat(fopen(__FILE__, 'r'))); $entropy .= memory_get_usage(); $sslStr = ''; if ($urandom) { stream_set_read_buffer($handle, 0); $entropy .= @fread($handle, $bytes); } else { /* * There is no external source of entropy so we repeat calls * to mt_rand until we are assured there's real randomness in * the result. * * Measure the time that the operations will take on average. */ $samples = 3; $duration = 0; for ($pass = 0; $pass < $samples; ++$pass) { $microStart = microtime(true) * 1000000; $hash = sha1(mt_rand(), true); for ($count = 0; $count < 50; ++$count) { $hash = sha1($hash, true); } $microEnd = microtime(true) * 1000000; $entropy .= $microStart . $microEnd; if ($microStart > $microEnd) { $microEnd += 1000000; } $duration += $microEnd - $microStart; } $duration = $duration / $samples; /* * Based on the average time, determine the total rounds so that * the total running time is bounded to a reasonable number. */ $rounds = (int) (($maxTimeMicro / $duration) * 50); /* * Take additional measurements. On average we can expect * at least $bitsPerRound bits of entropy from each measurement. */ $iter = $bytes * (int) ceil(8 / $bitsPerRound); for ($pass = 0; $pass < $iter; ++$pass) { $microStart = microtime(true); $hash = sha1(mt_rand(), true); for ($count = 0; $count < $rounds; ++$count) { $hash = sha1($hash, true); } $entropy .= $microStart . microtime(true); } } $randomStr .= sha1($entropy, true); } if ($urandom) { @fclose($handle); } return substr($randomStr, 0, $length); } /** * A timing safe comparison method. This defeats hacking * attempts that use timing based attack vectors. * * @param string $known A known string to check against. * @param string $unknown An unknown string to check. * * @return boolean True if the two strings are exactly the same. * * @since 3.2 */ public static function timingSafeCompare($known, $unknown) { // Prevent issues if string length is 0 $known .= chr(0); $unknown .= chr(0); $knownLength = strlen($known); $unknownLength = strlen($unknown); // Set the result to the difference between the lengths $result = $knownLength - $unknownLength; // Note that we ALWAYS iterate over the user-supplied length to prevent leaking length info. for ($i = 0; $i < $unknownLength; $i++) { // Using % here is a trick to prevent notices. It's safe, since if the lengths are different, $result is already non-0 $result |= (ord($known[$i % $knownLength]) ^ ord($unknown[$i])); } // They are only identical strings if $result is exactly 0... return $result === 0; } } cipher.php000066600000002370151372656100006543 0ustar00