/**
* Static method decrypt a field value
*
* @param string $value
* @param int $encryption
* @param array $options
* @return string
*/
public static function decrypt($value, $encryption, $options = array())
{
$decValue = $value;
$salt = !empty($options['salt']) ? $options['salt'] : null;
// Decrypt the value
switch ($encryption) {
case Auth::ENCRYPT_NONE:
$decValue = $value;
break;
case Auth::ENCRYPT_MCRYPT:
$crypt = new Crypt\Mcrypt();
$crypt->setSalt($salt);
// Set cipher, mode and source, if applicable
if (!empty($options['cipher'])) {
$crypt->setCipher($options['cipher']);
}
if (!empty($options['mode'])) {
$crypt->setMode($options['mode']);
}
if (!empty($options['source'])) {
$crypt->setSource($options['source']);
}
$decValue = $crypt->decrypt($value);
break;
default:
$decValue = '[Encrypted]';
}
return $decValue;
}
/**
* Method to verify password
*
* @param string $hash
* @param string $attemptedPassword
* @return boolean
*/
public function verifyPassword($hash, $attemptedPassword)
{
$pw = false;
$salt = !empty($this->encryptionOptions['salt']) ? $this->encryptionOptions['salt'] : null;
if (!empty($this->encryptionOptions['secret'])) {
$attemptedPassword .= $this->encryptionOptions['secret'];
}
switch ($this->encryption) {
case Auth::ENCRYPT_NONE:
$pw = $hash == $attemptedPassword;
break;
case Auth::ENCRYPT_MD5:
$pw = $hash == md5($attemptedPassword);
break;
case Auth::ENCRYPT_SHA1:
$pw = $hash == sha1($attemptedPassword);
break;
case Auth::ENCRYPT_CRYPT:
$crypt = new Crypt\Crypt();
$crypt->setSalt($salt);
$pw = $crypt->verify($attemptedPassword, $hash);
break;
case Auth::ENCRYPT_BCRYPT:
$crypt = new Crypt\Bcrypt();
$crypt->setSalt($salt);
// Set cost and prefix, if applicable
if (!empty($this->encryptionOptions['cost'])) {
$crypt->setCost($this->encryptionOptions['cost']);
}
if (!empty($this->encryptionOptions['prefix'])) {
$crypt->setPrefix($this->encryptionOptions['prefix']);
}
$pw = $crypt->verify($attemptedPassword, $hash);
break;
case Auth::ENCRYPT_MCRYPT:
$crypt = new Crypt\Mcrypt();
$crypt->setSalt($salt);
// Set cipher, mode and source, if applicable
if (!empty($this->encryptionOptions['cipher'])) {
$crypt->setCipher($this->encryptionOptions['cipher']);
}
if (!empty($this->encryptionOptions['mode'])) {
$crypt->setMode($this->encryptionOptions['mode']);
}
if (!empty($this->encryptionOptions['source'])) {
$crypt->setSource($this->encryptionOptions['source']);
}
$pw = $crypt->verify($attemptedPassword, $hash);
break;
case Auth::ENCRYPT_CRYPT_MD5:
$crypt = new Crypt\Md5();
$crypt->setSalt($salt);
$pw = $crypt->verify($attemptedPassword, $hash);
break;
case Auth::ENCRYPT_CRYPT_SHA_256:
$crypt = new Crypt\Sha(256);
$crypt->setSalt($salt);
// Set rounds, if applicable
if (!empty($this->encryptionOptions['rounds'])) {
$crypt->setRounds($this->encryptionOptions['rounds']);
}
$pw = $crypt->verify($attemptedPassword, $hash);
break;
case Auth::ENCRYPT_CRYPT_SHA_512:
$crypt = new Crypt\Sha(512);
$crypt->setSalt($salt);
// Set rounds, if applicable
if (!empty($this->encryptionOptions['rounds'])) {
$crypt->setRounds($this->encryptionOptions['rounds']);
}
$pw = $crypt->verify($attemptedPassword, $hash);
break;
}
return $pw;
}
/**
* Encrypt password
*
* @param string $password
* @param int $encryption
* @param array $options
* @return string
*/
public static function encryptPassword($password, $encryption, $options = array())
{
$encPassword = $password;
$salt = !empty($options['salt']) ? $options['salt'] : null;
// Set the password according to the user type
switch ($encryption) {
case Auth\Auth::ENCRYPT_CRYPT_SHA_512:
$crypt = new Crypt\Sha(512);
$crypt->setSalt($salt);
// Set rounds, if applicable
if (!empty($options['rounds'])) {
$crypt->setRounds($options['rounds']);
}
$encPassword = $crypt->create($password);
break;
case Auth\Auth::ENCRYPT_CRYPT_SHA_256:
$crypt = new Crypt\Sha(256);
$crypt->setSalt($salt);
// Set rounds, if applicable
if (!empty($options['rounds'])) {
$crypt->setRounds($options['rounds']);
}
$encPassword = $crypt->create($password);
break;
case Auth\Auth::ENCRYPT_CRYPT_MD5:
$crypt = new Crypt\Md5();
$crypt->setSalt($salt);
$encPassword = $crypt->create($password);
break;
case Auth\Auth::ENCRYPT_MCRYPT:
$crypt = new Crypt\Mcrypt();
$crypt->setSalt($salt);
// Set cipher, mode and source, if applicable
if (!empty($options['cipher'])) {
$crypt->setCipher($options['cipher']);
}
if (!empty($options['mode'])) {
$crypt->setMode($options['mode']);
}
if (!empty($options['source'])) {
$crypt->setSource($options['source']);
}
$encPassword = $crypt->create($password);
break;
case Auth\Auth::ENCRYPT_BCRYPT:
$crypt = new Crypt\Bcrypt();
$crypt->setSalt($salt);
// Set cost and prefix, if applicable
if (!empty($options['cost'])) {
$crypt->setCost($options['cost']);
}
if (!empty($options['prefix'])) {
$crypt->setPrefix($options['prefix']);
}
$encPassword = $crypt->create($password);
break;
case Auth\Auth::ENCRYPT_CRYPT:
$crypt = new Crypt\Crypt();
$crypt->setSalt($salt);
$encPassword = $crypt->create($password);
break;
case Auth\Auth::ENCRYPT_SHA1:
$encPassword = sha1($password);
break;
case Auth\Auth::ENCRYPT_MD5:
$encPassword = md5($password);
break;
case Auth\Auth::ENCRYPT_NONE:
$encPassword = $password;
break;
}
return $encPassword;
}