/** * [set_session 设置session] * @param [type] $user[用户信息] */ public function set_session($user) { session_start(); $_SESSION[$this->login_in_session_name] = $user; $key = Crypto::CreateNewRandomKey(); $safe_session_id = base64_encode($key . Crypto::Encrypt(session_id(), $key)); return $safe_session_id; }
public function createDocument($title, $plainContent, User $creator, $passPhrase) { $key = \Crypto::CreateNewRandomKey(); $encryptedKey = KeyGen::encrypt($key, $creator->getPublicKey()); $document = new Document($creator, $encryptedKey); $this->documentRepository->persist($document->getShares()[0]); $this->updateDocument($document, $title, $plainContent, $creator, $passPhrase); return $document; }
private static function TestEncryptDecrypt() { $key = Crypto::CreateNewRandomKey(); $data = "EnCrYpT EvErYThInG"; // Make sure encrypting then decrypting doesn't change the message. $ciphertext = Crypto::Encrypt($data, $key); try { $decrypted = Crypto::Decrypt($ciphertext, $key); } catch (InvalidCiphertextException $ex) { // It's important to catch this and change it into a // CryptoTestFailedException, otherwise a test failure could trick // the user into thinking it's just an invalid ciphertext! throw new CryptoTestFailedException(); } if ($decrypted !== $data) { throw new CryptoTestFailedException(); } // Modifying the ciphertext: Appending a string. try { Crypto::Decrypt($ciphertext . "a", $key); throw new CryptoTestFailedException(); } catch (InvalidCiphertextException $e) { /* expected */ } // Modifying the ciphertext: Changing an IV byte. try { $ciphertext[0] = chr((ord($ciphertext[0]) + 1) % 256); Crypto::Decrypt($ciphertext, $key); throw new CryptoTestFailedException(); } catch (InvalidCiphertextException $e) { /* expected */ } // Decrypting with the wrong key. $key = Crypto::CreateNewRandomKey(); $data = "abcdef"; $ciphertext = Crypto::Encrypt($data, $key); $wrong_key = Crypto::CreateNewRandomKey(); try { Crypto::Decrypt($ciphertext, $wrong_key); throw new CryptoTestFailedException(); } catch (InvalidCiphertextException $e) { /* expected */ } // Ciphertext too small (shorter than HMAC). $key = Crypto::CreateNewRandomKey(); $ciphertext = str_repeat("A", self::MAC_BYTE_SIZE - 1); try { Crypto::Decrypt($ciphertext, $key); throw new CryptoTestFailedException(); } catch (InvalidCiphertextException $e) { /* expected */ } }
<?php require_once 'Crypto.php'; try { $key = Crypto::CreateNewRandomKey(); // WARNING: Do NOT encode $key with bin2hex() or base64_encode(), // they may leak the key to the attacker through side channels. } catch (CryptoTestFailedException $ex) { die('Cannot safely create a key'); } catch (CannotPerformOperationException $ex) { die('Cannot safely create a key'); } $message = "ATTACK AT DAWN"; try { $ciphertext = Crypto::Encrypt($message, $key); } catch (CryptoTestFailedException $ex) { die('Cannot safely perform encryption'); } catch (CannotPerformOperationException $ex) { die('Cannot safely perform decryption'); } try { $decrypted = Crypto::Decrypt($ciphertext, $key); } catch (InvalidCiphertextException $ex) { // VERY IMPORTANT // Either: // 1. The ciphertext was modified by the attacker, // 2. The key is wrong, or // 3. $ciphertext is not a valid ciphertext or was corrupted. // Assume the worst. die('DANGER! DANGER! The ciphertext has been tampered with!'); } catch (CryptoTestFailedException $ex) {
/** * Retrieves the encryption key from cache, or generations a new one in the instance one does not exists * @return string */ public static function getEncryptionKey() { $key = self::getConfig('encryptionKey', NULL, 'settings_', true); if ($key == NULL || $key == "") { try { $key = Crypto::CreateNewRandomKey(); } catch (CryptoTestFailedException $ex) { throw new CException('Encryption key generation failed'); } catch (CannotPerformOperationException $ex) { throw new CException('Encryption key generation failed'); } $config = new Configuration(); $config->attributes = array('key' => 'encryptionkey', 'value' => bin2hex($key)); if (!$config->save()) { throw new CException('Encryption key generation failed'); } } return hex2bin(self::getConfig('encryptionKey', NULL, 'settings_', true)); }
/** * Generate new random encryption key (binary format). * * @return string */ public function generateKey() { return \Crypto::CreateNewRandomKey(); }
/** * Method to generate a new encryption key object. * * @param array $options Key generation options. * * @return JCryptKey * * @since 3.5 * @throws RuntimeException */ public function generateKey(array $options = array()) { // Create the new encryption key object. $key = new JCryptKey('crypto'); // Generate the encryption key. try { $key->public = Crypto::CreateNewRandomKey(); } catch (CryptoTestFailedException $ex) { throw new RuntimeException('Cannot safely create a key', $ex->getCode(), $ex); } catch (CannotPerformOperationException $ex) { throw new RuntimeException('Cannot safely create a key', $ex->getCode(), $ex); } // Explicitly flag the private as unused in this cipher. $key->private = 'unused'; return $key; }