示例#1
0
文件: crypt.php 项目: cepharum/txf
     * @throws \RuntimeException raised on missing mcrypt
     * @throws \InvalidArgumentException raised on decrypting failed
     * @param string $cipher encrypted message
     * @return string decrypted message
     */
    public function decrypt($cipher)
    {
        // test for tag on cipher and pass back provided cipher as is if tag is missing
        if (substr($cipher, 0, 8) !== 'TXF!CIPH') {
            log::warning('actually not decrypting since cipher is not properly encrypted');
            return $cipher;
        }
        if (!is_callable('mcrypt_module_open')) {
            throw new \RuntimeException('missing mcrypt');
        }
        // actually decrypt provided cipher
        mcrypt_generic_init($this->cryptModule, $this->preparedKey(), $this->preparedIV());
        $decrypted = mdecrypt_generic($this->cryptModule, substr($cipher, 8));
        mcrypt_generic_deinit($this->cryptModule);
        // check integrity of decrypted message
        $cleartext = substr($decrypted, 20);
        $hash = substr($decrypted, 0, 20);
        if (sha1($cleartext, true) !== $hash) {
            log::error('decryption failed');
            throw new \InvalidArgumentException('decryption failed');
        }
        return $cleartext;
    }
}
crypt::init();
示例#2
0
文件: session.php 项目: cepharum/txf
 /**
  * Retrieves current singleton session manager.
  *
  * This method creates new session manager or restores one from available
  * record in session space on demand.
  *
  * @return session
  */
 public static final function current()
 {
     if (!self::$current instanceof self) {
         self::getScopeParameter($domain, $path);
         \session_set_cookie_params(0, path::addTrailingSlash($path), $domain);
         // trigger import of class crypt so it may set required cookies
         crypt::init();
         // without existing link in current runtime check for snapshot
         // stored in session
         @session_start();
         if ($_SESSION[self::stubName] instanceof self) {
             // restore found snapshot
             self::$current = $_SESSION[self::stubName];
         } else {
             // not in session -> start new session manager
             self::$current = new static();
         }
     }
     // (re-)retrieve current session manager instance
     return self::$current;
 }