/**
* [set_session 设置session]
* @param [type] $user[用户信息]
*/
public function set_session($user)
{
session_start();
$_SESSION[$this->login_in_session_name] = $user;
$key = Crypto::CreateNewRandomKey();
$safe_session_id = base64_encode($key . Crypto::Encrypt(session_id(), $key));
return $safe_session_id;
}
public function createDocument($title, $plainContent, User $creator, $passPhrase)
{
$key = \Crypto::CreateNewRandomKey();
$encryptedKey = KeyGen::encrypt($key, $creator->getPublicKey());
$document = new Document($creator, $encryptedKey);
$this->documentRepository->persist($document->getShares()[0]);
$this->updateDocument($document, $title, $plainContent, $creator, $passPhrase);
return $document;
}
private static function TestEncryptDecrypt()
{
$key = Crypto::CreateNewRandomKey();
$data = "EnCrYpT EvErYThInG";
// Make sure encrypting then decrypting doesn't change the message.
$ciphertext = Crypto::Encrypt($data, $key);
try {
$decrypted = Crypto::Decrypt($ciphertext, $key);
} catch (InvalidCiphertextException $ex) {
// It's important to catch this and change it into a
// CryptoTestFailedException, otherwise a test failure could trick
// the user into thinking it's just an invalid ciphertext!
throw new CryptoTestFailedException();
}
if ($decrypted !== $data) {
throw new CryptoTestFailedException();
}
// Modifying the ciphertext: Appending a string.
try {
Crypto::Decrypt($ciphertext . "a", $key);
throw new CryptoTestFailedException();
} catch (InvalidCiphertextException $e) {
/* expected */
}
// Modifying the ciphertext: Changing an IV byte.
try {
$ciphertext[0] = chr((ord($ciphertext[0]) + 1) % 256);
Crypto::Decrypt($ciphertext, $key);
throw new CryptoTestFailedException();
} catch (InvalidCiphertextException $e) {
/* expected */
}
// Decrypting with the wrong key.
$key = Crypto::CreateNewRandomKey();
$data = "abcdef";
$ciphertext = Crypto::Encrypt($data, $key);
$wrong_key = Crypto::CreateNewRandomKey();
try {
Crypto::Decrypt($ciphertext, $wrong_key);
throw new CryptoTestFailedException();
} catch (InvalidCiphertextException $e) {
/* expected */
}
// Ciphertext too small (shorter than HMAC).
$key = Crypto::CreateNewRandomKey();
$ciphertext = str_repeat("A", self::MAC_BYTE_SIZE - 1);
try {
Crypto::Decrypt($ciphertext, $key);
throw new CryptoTestFailedException();
} catch (InvalidCiphertextException $e) {
/* expected */
}
}
<?php
require_once 'Crypto.php';
try {
$key = Crypto::CreateNewRandomKey();
// WARNING: Do NOT encode $key with bin2hex() or base64_encode(),
// they may leak the key to the attacker through side channels.
} catch (CryptoTestFailedException $ex) {
die('Cannot safely create a key');
} catch (CannotPerformOperationException $ex) {
die('Cannot safely create a key');
}
$message = "ATTACK AT DAWN";
try {
$ciphertext = Crypto::Encrypt($message, $key);
} catch (CryptoTestFailedException $ex) {
die('Cannot safely perform encryption');
} catch (CannotPerformOperationException $ex) {
die('Cannot safely perform decryption');
}
try {
$decrypted = Crypto::Decrypt($ciphertext, $key);
} catch (InvalidCiphertextException $ex) {
// VERY IMPORTANT
// Either:
// 1. The ciphertext was modified by the attacker,
// 2. The key is wrong, or
// 3. $ciphertext is not a valid ciphertext or was corrupted.
// Assume the worst.
die('DANGER! DANGER! The ciphertext has been tampered with!');
} catch (CryptoTestFailedException $ex) {
/**
* Retrieves the encryption key from cache, or generations a new one in the instance one does not exists
* @return string
*/
public static function getEncryptionKey()
{
$key = self::getConfig('encryptionKey', NULL, 'settings_', true);
if ($key == NULL || $key == "") {
try {
$key = Crypto::CreateNewRandomKey();
} catch (CryptoTestFailedException $ex) {
throw new CException('Encryption key generation failed');
} catch (CannotPerformOperationException $ex) {
throw new CException('Encryption key generation failed');
}
$config = new Configuration();
$config->attributes = array('key' => 'encryptionkey', 'value' => bin2hex($key));
if (!$config->save()) {
throw new CException('Encryption key generation failed');
}
}
return hex2bin(self::getConfig('encryptionKey', NULL, 'settings_', true));
}
/**
* Generate new random encryption key (binary format).
*
* @return string
*/
public function generateKey()
{
return \Crypto::CreateNewRandomKey();
}
/**
* Method to generate a new encryption key object.
*
* @param array $options Key generation options.
*
* @return JCryptKey
*
* @since 3.5
* @throws RuntimeException
*/
public function generateKey(array $options = array())
{
// Create the new encryption key object.
$key = new JCryptKey('crypto');
// Generate the encryption key.
try {
$key->public = Crypto::CreateNewRandomKey();
} catch (CryptoTestFailedException $ex) {
throw new RuntimeException('Cannot safely create a key', $ex->getCode(), $ex);
} catch (CannotPerformOperationException $ex) {
throw new RuntimeException('Cannot safely create a key', $ex->getCode(), $ex);
}
// Explicitly flag the private as unused in this cipher.
$key->private = 'unused';
return $key;
}
