+ Changed the approach to an OOP model
This commit is contained in:
parent
a1833a238c
commit
5ae3d8294b
165
lib.php
165
lib.php
|
|
@ -1,80 +1,119 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* @param string $data The data to be encrypted, this can only encrypt strings.
|
||||
* @param string $key The key to use to encrypt the data, this key should be generated using the openssl_random_pseudo_bytes
|
||||
* @param string $cipherMethod The cypher method to use in the encryption process, these can be checked using
|
||||
* @param bool $integrity_check Check if the encrypted data can also be decypted, this will take 2x more time to process the data, but will make 100% sure that the data is safe and can be decrypted.
|
||||
* @author Kato Twofold
|
||||
* @copyright MIT
|
||||
*
|
||||
* The class has full support for encryption of strings, provides validation for those
|
||||
* and makes sure they can be decrypted on the other end, the key is extremely important
|
||||
* and you MUST keep track of it and not lose it as there is no way of getting it back.
|
||||
*
|
||||
*/
|
||||
function encryptData( string $data, string $key, string $cipherMethod = 'AES-256-CBC', bool $integrity_check = TRUE) {
|
||||
class kpcrypt {
|
||||
|
||||
// Lowercase the cipher
|
||||
$cipherMethod = strtolower($cipherMethod);
|
||||
// The key to use in the encryption process
|
||||
private $key = null;
|
||||
|
||||
// Check if the encryption method is valid
|
||||
if (!in_array($cipherMethod, openssl_get_cipher_methods())) {
|
||||
// Cypher was not in the available ciphers list.
|
||||
return FALSE;
|
||||
/**
|
||||
* @param string $key [Optional] The key to use for encryption, if none is mentioned a random one will be generated
|
||||
*/
|
||||
public function __construct( string $key = null) {
|
||||
// If no key is mentioned, generate one
|
||||
if ( empty($key) ) {
|
||||
$key = bin2hex(openssl_random_pseudo_bytes("64"));
|
||||
}
|
||||
}
|
||||
|
||||
// To encrypt a string
|
||||
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length($cipherMethod));
|
||||
/**
|
||||
* Get the key that the instance is currently using, really useful for when you randomly generate it!
|
||||
* @return string The key of the instance
|
||||
*/
|
||||
public function getKey() {
|
||||
return $this->key;
|
||||
}
|
||||
|
||||
// Encrypt the data
|
||||
$encryptedData = openssl_encrypt($data, $cipherMethod, $key, OPENSSL_RAW_DATA, $iv);
|
||||
/**
|
||||
* @param string $data The data to be encrypted, this can only encrypt strings.
|
||||
* @param string $key The key to use to encrypt the data, this key should be generated using the openssl_random_pseudo_bytes
|
||||
* @param string $cipherMethod The cypher method to use in the encryption process, these can be checked using
|
||||
* @param bool $integrity_check Check if the encrypted data can also be decypted, this will take 2x more time to process the data, but will make 100% sure that the data is safe and can be decrypted.
|
||||
*/
|
||||
function encryptData(string $data, string $key, string $cipherMethod = 'AES-256-CBC', bool $integrity_check = TRUE) {
|
||||
// Grab the key from self-reference
|
||||
$key = $this->key;
|
||||
|
||||
// Append the iv to the encrypted data
|
||||
$encryptedData = $iv . $encryptedData;
|
||||
// Lowercase the cipher
|
||||
$cipherMethod = strtolower($cipherMethod);
|
||||
|
||||
// base64 encrypt to make sure we don't lose bytes
|
||||
$encryptedData = base64_encode($encryptedData);
|
||||
|
||||
// Check if we should verify the integrity of the encryption
|
||||
if ( $integrity_check === TRUE ) {
|
||||
// Test for decryption validity
|
||||
if ( md5(decryptData($encryptedData, $key, $cipherMethod)) === md5($data) ) {
|
||||
// Put the output in the result
|
||||
return $encryptedData;
|
||||
} else {
|
||||
// Assign the output to the result
|
||||
// Check if the encryption method is valid
|
||||
if (!in_array($cipherMethod, openssl_get_cipher_methods())) {
|
||||
// Cypher was not in the available ciphers list.
|
||||
return FALSE;
|
||||
}
|
||||
} else {
|
||||
// Simply return the results
|
||||
return $encryptedData;
|
||||
|
||||
// To encrypt a string
|
||||
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length($cipherMethod));
|
||||
|
||||
// Encrypt the data
|
||||
$encryptedData = openssl_encrypt($data, $cipherMethod, $key, OPENSSL_RAW_DATA, $iv);
|
||||
|
||||
// Append the iv to the encrypted data
|
||||
$encryptedData = $iv . $encryptedData;
|
||||
|
||||
// base64 encrypt to make sure we don't lose bytes
|
||||
$encryptedData = base64_encode($encryptedData);
|
||||
|
||||
// Check if we should verify the integrity of the encryption
|
||||
if ($integrity_check === TRUE) {
|
||||
// Test for decryption validity
|
||||
if (md5($this->decryptData($encryptedData, $key, $cipherMethod)) === md5($data)) {
|
||||
// Put the output in the result
|
||||
return $encryptedData;
|
||||
} else {
|
||||
// Assign the output to the result
|
||||
return FALSE;
|
||||
}
|
||||
} else {
|
||||
// Simply return the results
|
||||
return $encryptedData;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $data The data to be encrypted, this can only encrypt strings.
|
||||
* @param string $key The key to use to encrypt the data, this key should be generated using the openssl_random_pseudo_bytes
|
||||
* @param string $cipherMethod The cypher method to use in the encryption process, these can be checked using
|
||||
*/
|
||||
function decryptData(string $data, string $cipherMethod = 'AES-256-CBC') {
|
||||
// Grab the key from self-reference
|
||||
$key = $this->key;
|
||||
|
||||
// Lowercase the cipher
|
||||
$cipherMethod = strtolower($cipherMethod);
|
||||
|
||||
// Check if the encryption method is valid
|
||||
if (!in_array($cipherMethod, openssl_get_cipher_methods())) {
|
||||
// Cypher was not in the available ciphers list.
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
// base64 decode the data.
|
||||
$data = base64_decode($data);
|
||||
|
||||
// Get the length of the IV
|
||||
$iv_length = openssl_cipher_iv_length($cipherMethod);
|
||||
// Get the IV from the decoded data
|
||||
$iv = substr($data, 0, $iv_length);
|
||||
|
||||
// Get the encrypted string from the data
|
||||
$data = substr($data, $iv_length);
|
||||
|
||||
// Decrypt the data
|
||||
$data = openssl_decrypt($data, $cipherMethod, $key, OPENSSL_RAW_DATA, $iv);
|
||||
|
||||
// Return the data
|
||||
return $data;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $data The data to be encrypted, this can only encrypt strings.
|
||||
* @param string $key The key to use to encrypt the data, this key should be generated using the openssl_random_pseudo_bytes
|
||||
* @param string $cipherMethod The cypher method to use in the encryption process, these can be checked using
|
||||
*/
|
||||
function decryptData( string $data, string $key, string $cipherMethod = 'AES-256-CBC' ) {
|
||||
|
||||
// Lowercase the cipher
|
||||
$cipherMethod = strtolower($cipherMethod);
|
||||
|
||||
// Check if the encryption method is valid
|
||||
if (!in_array($cipherMethod, openssl_get_cipher_methods())) {
|
||||
// Cypher was not in the available ciphers list.
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
// base64 decode the data.
|
||||
$data = base64_decode($data);
|
||||
|
||||
// Get the length of the IV
|
||||
$iv_length = openssl_cipher_iv_length($cipherMethod);
|
||||
// Get the IV from the decoded data
|
||||
$iv = substr($data,0,$iv_length);
|
||||
|
||||
// Get the encrypted string from the data
|
||||
$data = substr($data, $iv_length);
|
||||
|
||||
// Decrypt the data
|
||||
$data = openssl_decrypt($data,$cipherMethod,$key, OPENSSL_RAW_DATA, $iv);
|
||||
|
||||
// Return the data
|
||||
return $data;
|
||||
}
|
||||
Reference in New Issue