Esempio n. 1
0
 public function write($data)
 {
     $cipher = Crypto::Encrypt(json_encode($data), $this->key);
     $cookie_domain = '';
     if (!empty(\Config\Base::$auth['cookie_domain'])) {
         $cookie_domain = \Config\Base::$auth['cookie_domain'];
     }
     setcookie('auth', $cipher, time() + $this->timeout, '/', $cookie_domain);
 }
 /**
  * @param string $raw
  * @param null|Key $key
  * @return string
  * @throws CannotPerformOperationException
  * @throws CryptoTestFailedException
  */
 public function encrypt($raw, $key = null)
 {
     $key = $this->getKey($key);
     return Crypto::Encrypt($raw, $key);
 }
Esempio n. 3
0
if (strtotime($expiration_date) > strtotime("today +30 days")) {
    $errors = true;
    response(VALIDATION_DATE_INVALID, $errors);
}
// If all of the above validation checks pass, continue on
if (!$errors) {
    // Create encryption key
    $length = 16;
    $iterations = PASSWORD_ITERATIONS;
    $salt = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
    $key = hash_pbkdf2("sha256", $password, $salt, $iterations, $length);
    // Create an array of data to be encrypted
    $data = serialize(array("message" => $message, "email_sender" => $email_sender));
    // Encrypt data, reference: https://github.com/defuse/php-encryption/
    try {
        $data_encrypted = Crypto::Encrypt($data, $key);
    } catch (Ex\CryptoTestFailedException $ex) {
        response(ENCRYPTION_UNSAFE, true);
    } catch (Ex\CannotPerformOperationException $ex) {
        response(DECRYPTION_UNSAFE, true);
    }
    // Store the encrypted data
    $array = array('salt' => Crypto::binToHex($salt), 'secret' => Crypto::binToHex($data_encrypted), 'expiration_date' => strtotime($expiration_date . ' +1 day'));
    $item = $collection->item();
    $item->post($array);
    // Log event
    if ($item->post()) {
        $item->event('log')->post(['action' => 'created']);
        $id = $item->getKey();
    } else {
        $logger->error($item->getStatus());
function defuse_crypto($message, $key, $type)
{
    //echo $message." ;; ".$key." ;; ".$type;
    // init
    $err = '';
    // manage key origin
    if (empty($key) && $type == "encrypt") {
        try {
            $key = \Defuse\Crypto\Crypto::createNewRandomKey();
        } catch (\Defuse\Crypto\Exception\CryptoTestFailedException $ex) {
            $err = 'Cannot safely create a key';
        } catch (\Defuse\Crypto\Exception\CannotPerformOperationException $ex) {
            $err = 'Cannot safely create a key';
        }
        //\Defuse\Crypto\Encoding::binToHex($key);
        $tmp = \Defuse\Crypto\Key::saveToAsciiSafeString($key);
        //echo $key_plain;
    }
    if ($type == "encrypt") {
        try {
            $ciphertext = \Defuse\Crypto\Crypto::Encrypt($message, $key);
        } catch (\Defuse\Crypto\Exception\CryptoTestFailedException $ex) {
            $err = 'Cannot safely perform encryption';
        } catch (\Defuse\Crypto\Exception\CannotPerformOperationException $ex) {
            $err = 'Cannot safely perform encryption';
        }
        return array('string' => isset($ciphertext) ? $ciphertext : "", 'error' => $err);
    } else {
        if ($type == "decrypt") {
            try {
                $decrypted = \Defuse\Crypto\Crypto::Decrypt($message, $key);
            } catch (\Defuse\Crypto\Exception\InvalidCiphertextException $ex) {
                $err = 'DANGER! DANGER! The ciphertext has been tampered with!';
            } catch (\Defuse\Crypto\Exception\CryptoTestFailedException $ex) {
                $err = 'Cannot safely perform decryption';
            } catch (\Defuse\Crypto\Exception\CannotPerformOperationException $ex) {
                $err = 'Cannot safely perform decryption';
            }
            return array('string' => isset($decrypted) ? $decrypted : "", 'error' => $err);
        }
    }
}