function encrypt_message($plaintext, $asym_key, $key_length = 150) { $rsa = new Crypt_RSA(); $rij = new Crypt_Rijndael(); // Generate Random Symmetric Key $sym_key = crypt_random_string($key_length); // Encrypt Message with new Symmetric Key $rij->setKey($sym_key); $ciphertext = $rij->encrypt($plaintext); $ciphertext = base64_encode($ciphertext); // Encrypted the Symmetric Key with the Asymmetric Key $rsa->loadKey($asym_key); $sym_key = $rsa->encrypt($sym_key); // Base 64 encode the symmetric key for transport $sym_key = base64_encode($sym_key); $len = strlen($sym_key); // Get the length $len = dechex($len); // The first 3 bytes of the message are the key length $len = str_pad($len, 3, '0', STR_PAD_LEFT); // Zero pad to be sure. // Concatinate the length, the encrypted symmetric key, and the message $message = $len . $sym_key . $ciphertext; return $message; }
public static function Crypto($text, $cipher, $key, $isEncrypt) { switch ($cipher) { case 'DES': $crypt = new Crypt_DES(CRYPT_DES_MODE_CBC); $crypt->setKey($key); $crypt->setIV($key); if ($isEncrypt) { return strtoupper(bin2hex($crypt->encrypt($text))); } else { return $crypt->decrypt(CryptoUtil::hex2bin($text)); } break; case 'AES-256': $crypt = new Crypt_Rijndael(CRYPT_RIJNDAEL_MODE_ECB); $crypt->setKey($key); if ($isEncrypt) { return strtoupper(bin2hex($crypt->encrypt($text))); } else { return $crypt->decrypt(CryptoUtil::hex2bin($text)); } break; default: break; } return "ERROR"; }
/** * @param null|string $input * @return string */ public function generateKey($input = NULL) { $text = $input === NULL ? $this->username . ';' . date('d/m/Y H:i:s') . ';' . $this->ip : $input; $cipher = new \Crypt_Rijndael(); $cipher->setKeyLength(256); $cipher->setBlockLength(128); $cipher->setKey(base64_decode($this->key)); $cipher->setIV(base64_decode($this->iv)); return base64_encode($cipher->encrypt($text)); }
/** * @group github451 */ public function testKeyPaddingRijndael() { // this test case is from the following URL: // https://web.archive.org/web/20070209120224/http://fp.gladman.plus.com/cryptography_technology/rijndael/aesdvec.zip $aes = new Crypt_Rijndael(); $aes->disablePadding(); $aes->setKey(pack('H*', '2b7e151628aed2a6abf7158809cf4f3c762e7160')); // 160-bit key. Valid in Rijndael. $ciphertext = $aes->encrypt(pack('H*', '3243f6a8885a308d313198a2e0370734')); $this->assertEquals($ciphertext, pack('H*', '231d844639b31b412211cfe93712b880')); }
/** * Encrypt the OAuth token * @param \stdClass $token Serialized token object * @return string */ public function encrypt($token) { // Encryption: we always use phpseclib for this global $updraftplus; $updraftplus->ensure_phpseclib('Crypt_AES', 'Crypt/AES'); $updraftplus->ensure_phpseclib('Crypt_Rijndael', 'Crypt/Rijndael'); if (!function_exists('crypt_random_string')) { require_once UPDRAFTPLUS_DIR . '/includes/phpseclib/Crypt/Random.php'; } $iv = crypt_random_string(self::IV_SIZE); // Defaults to CBC mode $rijndael = new Crypt_Rijndael(); $rijndael->setKey($this->key); $rijndael->setIV($iv); $cipherText = $rijndael->encrypt($token); return base64_encode($iv . $cipherText); }
/** * Encrypts a message. * * $plaintext will be padded with up to 16 additional bytes. Other AES implementations may or may not pad in the * same manner. Other common approaches to padding and the reasons why it's necessary are discussed in the following * URL: * * {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html} * * An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does. * strlen($plaintext) will still need to be a multiple of 16, however, arbitrary values can be added to make it that * length. * * @see Crypt_AES::decrypt() * @access public * @param String $plaintext */ function encrypt($plaintext) { if (CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT) { $this->_mcryptSetup(); $plaintext = $this->_pad($plaintext); $td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, $this->mcrypt[0], $this->mode, $this->mcrypt[1]); mcrypt_generic_init($td, $this->key, $this->encryptIV); $ciphertext = mcrypt_generic($td, $plaintext); mcrypt_generic_deinit($td); mcrypt_module_close($td); if ($this->continuousBuffer) { $this->encryptIV = substr($ciphertext, -16); } return $ciphertext; } return parent::encrypt($plaintext); }
/** * Encrypts a message. * * $plaintext will be padded with up to 16 additional bytes. Other AES implementations may or may not pad in the * same manner. Other common approaches to padding and the reasons why it's necessary are discussed in the following * URL: * * {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html} * * An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does. * strlen($plaintext) will still need to be a multiple of 16, however, arbitrary values can be added to make it that * length. * * @see Crypt_AES::decrypt() * @access public * @param String $plaintext */ function encrypt($plaintext) { if (CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT) { $this->_mcryptSetup(); /* if ($this->mode == CRYPT_AES_MODE_CTR) { $iv = $this->encryptIV; $xor = mcrypt_generic($this->enmcrypt, $this->_generate_xor(strlen($plaintext), $iv)); $ciphertext = $plaintext ^ $xor; if ($this->continuousBuffer) { $this->encryptIV = $iv; } return $ciphertext; } */ if ($this->mode != 'ctr') { $plaintext = $this->_pad($plaintext); } $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext); if (!$this->continuousBuffer) { mcrypt_generic_init($this->enmcrypt, $this->key, $this->iv); } return $ciphertext; } return parent::encrypt($plaintext); }
public function encrypt_message($plaintext, $use_key = false, $key_length = 150) { if (!$use_key && !$this->key_local) { throw new Exception('No encryption key has been set'); } if (!$use_key) { $use_key = $this->key_local; } $this->ensure_crypto_loaded(); $rsa = new Crypt_RSA(); $rij = new Crypt_Rijndael(); // Generate Random Symmetric Key $sym_key = crypt_random_string($key_length); // Encrypt Message with new Symmetric Key $rij->setKey($sym_key); $ciphertext = $rij->encrypt($plaintext); $ciphertext = base64_encode($ciphertext); // Encrypted the Symmetric Key with the Asymmetric Key $rsa->loadKey($use_key); $sym_key = $rsa->encrypt($sym_key); // Base 64 encode the symmetric key for transport $sym_key = base64_encode($sym_key); $len = str_pad(dechex(strlen($sym_key)), 3, '0', STR_PAD_LEFT); // Zero pad to be sure. // 16 characters of hex is enough for the payload to be to 16 exabytes (giga < tera < peta < exa) of data $cipherlen = str_pad(dechex(strlen($ciphertext)), 16, '0', STR_PAD_LEFT); // Concatenate the length, the encrypted symmetric key, and the message return $len . $sym_key . $cipherlen . $ciphertext; }
/** * Encrypts a message. * * $plaintext will be padded with up to 16 additional bytes. Other AES implementations may or may not pad in the * same manner. Other common approaches to padding and the reasons why it's necessary are discussed in the following * URL: * * {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html} * * An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does. * strlen($plaintext) will still need to be a multiple of 16, however, arbitrary values can be added to make it that * length. * * @see Crypt_AES::decrypt() * @access public * @param String $plaintext */ function encrypt($plaintext) { if (CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT) { $changed = $this->changed; $this->_mcryptSetup(); /* if ($this->mode == CRYPT_AES_MODE_CTR) { $iv = $this->encryptIV; $xor = mcrypt_generic($this->enmcrypt, $this->_generate_xor(strlen($plaintext), $iv)); $ciphertext = $plaintext ^ $xor; if ($this->continuousBuffer) { $this->encryptIV = $iv; } return $ciphertext; } */ // re: http://phpseclib.sourceforge.net/cfb-demo.phps // using mcrypt's default handing of CFB the above would output two different things. using phpseclib's // rewritten CFB implementation the above outputs the same thing twice. if ($this->mode == 'ncfb') { if ($changed) { $this->ecb = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_ECB, ''); mcrypt_generic_init($this->ecb, $this->key, ""); } if (strlen($this->enbuffer)) { $ciphertext = $plaintext ^ substr($this->encryptIV, strlen($this->enbuffer)); $this->enbuffer .= $ciphertext; if (strlen($this->enbuffer) == 16) { $this->encryptIV = $this->enbuffer; $this->enbuffer = ''; mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV); } $plaintext = substr($plaintext, strlen($ciphertext)); } else { $ciphertext = ''; } $last_pos = strlen($plaintext) & 0xfffffff0; $ciphertext .= $last_pos ? mcrypt_generic($this->enmcrypt, substr($plaintext, 0, $last_pos)) : ''; if (strlen($plaintext) & 0xf) { if (strlen($ciphertext)) { $this->encryptIV = substr($ciphertext, -16); } $this->encryptIV = mcrypt_generic($this->ecb, $this->encryptIV); $this->enbuffer = substr($plaintext, $last_pos) ^ $this->encryptIV; $ciphertext .= $this->enbuffer; } return $ciphertext; } if ($this->paddable) { $plaintext = $this->_pad($plaintext); } $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext); if (!$this->continuousBuffer) { mcrypt_generic_init($this->enmcrypt, $this->key, $this->iv); } return $ciphertext; } return parent::encrypt($plaintext); }
public function encrypt_message($plaintext, $use_key = false, $key_length = 32) { if (!$use_key) { if ($this->format == 1) { if (!$this->key_local) { throw new Exception('No encryption key has been set'); } $use_key = $this->key_local; } else { if (!$this->key_remote) { throw new Exception('No encryption key has been set'); } $use_key = $this->key_remote; } } $this->ensure_crypto_loaded(); $rsa = new Crypt_RSA(); if (defined('UDRPC_PHPSECLIB_ENCRYPTION_MODE')) { $rsa->setEncryptionMode(UDRPC_PHPSECLIB_ENCRYPTION_MODE); } $rij = new Crypt_Rijndael(); // Generate Random Symmetric Key $sym_key = crypt_random_string($key_length); if ($this->debug) { $this->log('Unencrypted symmetric key (hex): ' . bin2hex($sym_key)); } // Encrypt Message with new Symmetric Key $rij->setKey($sym_key); $ciphertext = $rij->encrypt($plaintext); if ($this->debug) { $this->log('Encrypted ciphertext (hex): ' . bin2hex($ciphertext)); } $ciphertext = base64_encode($ciphertext); // Encrypt the Symmetric Key with the Asymmetric Key $rsa->loadKey($use_key); $sym_key = $rsa->encrypt($sym_key); if ($this->debug) { $this->log('Encrypted symmetric key (hex): ' . bin2hex($sym_key)); } // Base 64 encode the symmetric key for transport $sym_key = base64_encode($sym_key); if ($this->debug) { $this->log('Encrypted symmetric key (b64): ' . $sym_key); } $len = str_pad(dechex(strlen($sym_key)), 3, '0', STR_PAD_LEFT); // Zero pad to be sure. // 16 characters of hex is enough for the payload to be to 16 exabytes (giga < tera < peta < exa) of data $cipherlen = str_pad(dechex(strlen($ciphertext)), 16, '0', STR_PAD_LEFT); // Concatenate the length, the encrypted symmetric key, and the message return $len . $sym_key . $cipherlen . $ciphertext; }
/** * Encrypts a message. * * $plaintext will be padded with up to 16 additional bytes. Other AES implementations may or may not pad in the * same manner. Other common approaches to padding and the reasons why it's necessary are discussed in the following * URL: * * {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html} * * An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does. * strlen($plaintext) will still need to be a multiple of 16, however, arbitrary values can be added to make it that * length. * * @see Crypt_AES::decrypt() * @access public * @param String $plaintext */ function encrypt($plaintext) { if (CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT) { $this->_mcryptSetup(); // re: http://phpseclib.sourceforge.net/cfb-demo.phps // using mcrypt's default handing of CFB the above would output two different things. using phpseclib's // rewritten CFB implementation the above outputs the same thing twice. if ($this->mode == 'ncfb' && $this->continuousBuffer) { $iv =& $this->encryptIV; $pos =& $this->enbuffer['pos']; $len = strlen($plaintext); $ciphertext = ''; $i = 0; if ($pos) { $orig_pos = $pos; $max = 16 - $pos; if ($len >= $max) { $i = $max; $len -= $max; $pos = 0; } else { $i = $len; $pos += $len; $len = 0; } $ciphertext = substr($iv, $orig_pos) ^ $plaintext; $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); $this->enbuffer['enmcrypt_init'] = true; } if ($len >= 16) { if ($this->enbuffer['enmcrypt_init'] === false || $len > 280) { if ($this->enbuffer['enmcrypt_init'] === true) { mcrypt_generic_init($this->enmcrypt, $this->key, $iv); $this->enbuffer['enmcrypt_init'] = false; } $ciphertext .= mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % 16)); $iv = substr($ciphertext, -16); $len %= 16; } else { while ($len >= 16) { $iv = mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, 16); $ciphertext .= $iv; $len -= 16; $i += 16; } } } if ($len) { $iv = mcrypt_generic($this->ecb, $iv); $block = $iv ^ substr($plaintext, -$len); $iv = substr_replace($iv, $block, 0, $len); $ciphertext .= $block; $pos = $len; } return $ciphertext; } if ($this->paddable) { $plaintext = $this->_pad($plaintext); } $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext); if (!$this->continuousBuffer) { mcrypt_generic_init($this->enmcrypt, $this->key, $this->iv); } return $ciphertext; } return parent::encrypt($plaintext); }
public function encrypt($plaintext) { if (CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT) { $this->_mcryptSetup(); if ($this->mode == 'ncfb' && $this->continuousBuffer) { $iv =& $this->encryptIV; $pos =& $this->enbuffer['pos']; $len = strlen($plaintext); $ciphertext = ''; $i = 0; if ($pos) { $orig_pos = $pos; $max = 16 - $pos; if ($max <= $len) { $i = $max; $len -= $max; $pos = 0; } else { $i = $len; $pos += $len; $len = 0; } $ciphertext = substr($iv, $orig_pos) ^ $plaintext; $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); $this->enbuffer['enmcrypt_init'] = true; } if (16 <= $len) { if ($this->enbuffer['enmcrypt_init'] === false || 280 < $len) { if ($this->enbuffer['enmcrypt_init'] === true) { mcrypt_generic_init($this->enmcrypt, $this->key, $iv); $this->enbuffer['enmcrypt_init'] = false; } $ciphertext .= mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % 16)); $iv = substr($ciphertext, -16); $len %= 16; } else { while (16 <= $len) { $iv = mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, 16); $ciphertext .= $iv; $len -= 16; $i += 16; } } } if ($len) { $iv = mcrypt_generic($this->ecb, $iv); $block = $iv ^ substr($plaintext, 0 - $len); $iv = substr_replace($iv, $block, 0, $len); $ciphertext .= $block; $pos = $len; } return $ciphertext; } if ($this->paddable) { $plaintext = $this->_pad($plaintext); } $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext); if (!$this->continuousBuffer) { mcrypt_generic_init($this->enmcrypt, $this->key, $this->iv); } return $ciphertext; } return parent::encrypt($plaintext); }
private function encrypt($fullpath, $key, $rformat = 'inline') { global $updraftplus; if (!function_exists('mcrypt_encrypt')) { $updraftplus->log(sprintf(__('Your web-server does not have the %s module installed.', 'updraftplus'), 'PHP/mcrypt') . ' ' . __('Without it, encryption will be a lot slower.', 'updraftplus'), 'warning', 'nomcrypt'); } $updraftplus->ensure_phpseclib('Crypt_Rijndael', 'Crypt/Rijndael'); $rijndael = new Crypt_Rijndael(); $rijndael->setKey($key); if ('inline' === $rformat) { return $rijndael->encrypt(file_get_contents($fullpath)); } return false; }
function osc_encrypt_alert($alert) { $string = osc_genRandomPassword(32) . $alert; osc_set_alert_private_key(); // renew private key and osc_set_alert_public_key(); // public key $key = hash("sha256", osc_get_alert_private_key(), true); if(function_exists('mcrypt_module_open')) { $cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '', MCRYPT_MODE_CBC, ''); $cipherText = ''; if (mcrypt_generic_init($cipher, $key, $key) != -1) { $cipherText = mcrypt_generic($cipher, $string); mcrypt_generic_deinit($cipher); } return $cipherText; }; while (strlen($string) % 32 != 0) { $string .= "\0"; } require_once LIB_PATH . 'phpseclib/Crypt/Rijndael.php'; $cipher = new Crypt_Rijndael(CRYPT_RIJNDAEL_MODE_CBC); $cipher->disablePadding(); $cipher->setBlockLength(256); $cipher->setKey($key); $cipher->setIV($key); return $cipher->encrypt($string); }
function encrypt_file($file) { $encryption = UpdraftPlus_Options::get_updraft_option('updraft_encryptionphrase'); if (strlen($encryption) > 0) { $this->log("{$file}: applying encryption"); $encryption_error = 0; $microstart = microtime(true); require_once UPDRAFTPLUS_DIR . '/includes/phpseclib/Crypt/Rijndael.php'; $rijndael = new Crypt_Rijndael(); $rijndael->setKey($encryption); $updraft_dir = $this->backups_dir_location(); $file_size = @filesize($updraft_dir . '/' . $file) / 1024; if (false === file_put_contents($updraft_dir . '/' . $file . '.crypt', $rijndael->encrypt(file_get_contents($updraft_dir . '/' . $file)))) { $encryption_error = 1; } if (0 == $encryption_error) { $time_taken = max(1.0E-6, microtime(true) - $microstart); $this->log("{$file}: encryption successful: " . round($file_size, 1) . "Kb in " . round($time_taken, 1) . "s (" . round($file_size / $time_taken, 1) . "Kb/s)"); # Delete unencrypted file @unlink($updraft_dir . '/' . $file); return basename($file . '.crypt'); } else { $this->log("Encryption error occurred when encrypting database. Encryption aborted."); $this->log(__("Encryption error occurred when encrypting database. Encryption aborted.", 'updraftplus'), 'error'); return basename($file); } } else { return basename($file); } }
function encrypt($fullpath, $key, $rformat = 'inline') { if (!function_exists('mcrypt_encrypt')) { $this->log(sprintf(__('Your web-server does not have the %s module installed.', 'updraftplus'), 'mcrypt') . ' ' . __('Without it, encryption will be a lot slower.', 'updraftplus'), 'warning', 'nomcrypt'); } if ($this->have_addons < 10) { $this->log(__("A future release of UpdraftPlus will move the encryption feature into an add-on (and add more features to it).", 'updraftplus') . ' ' . sprintf(__('See: %s', 'updraftplus'), 'http://updraftplus.com/next-updraftplus-release-ready-testing/'), 'warning', 'needpremiumforcrypt'); } $this->ensure_phpseclib('Crypt_Rijndael', 'Crypt/Rijndael'); $rijndael = new Crypt_Rijndael(); $rijndael->setKey($key); if ('inline' === $rformat) { return $rijndael->encrypt(file_get_contents($fullpath)); } }
/** * * Encrypts given value, with given key, and hex encodes it before * returning. * * Compatible with mysql: "hex(aes_encrypt($val, $key)) * * @param string $val - value to encrypt * @param string $ky - key * @return string encrypted value */ public function encrypt($val, $key) { if (empty($val)) { return $val; } $mysqlKey = ""; for ($a = 0; $a < strlen($key); $a++) { $mysqlKey[$a % 16] = chr(ord($mysqlKey[$a % 16]) ^ ord($key[$a])); } $aes = new Crypt_Rijndael(CRYPT_RIJNDAEL_MODE_ECB); $aes->setKeyLength(128); $aes->setBlockLength(128); $aes->setKey($mysqlKey); $encrypt = $aes->encrypt($val); $encrypt = strtoupper(bin2hex($encrypt)); return $encrypt; }