projects / civicrm-core.git / blame
| Commit | Line | Data |
|---|---|---|
| 6a488035 TO |
1 | <?php |
| 2 | /* | |
| 3 | +--------------------------------------------------------------------+ | |
| bc77d7c0 | 4 | | Copyright CiviCRM LLC. All rights reserved. | |
| 6a488035 | 5 | | | |
| bc77d7c0 TO |
6 | | This work is published under the GNU AGPLv3 license with some | |
| 7 | | permitted exceptions and without any warranty. For full license | | |
| 8 | | and copyright information, see https://civicrm.org/licensing | | |
| 6a488035 | 9 | +--------------------------------------------------------------------+ |
| d25dd0ee | 10 | */ |
| 6a488035 TO |
11 | |
| 12 | /** | |
| 13 | * | |
| 14 | * @package CRM | |
| ca5cec67 | 15 | * @copyright CiviCRM LLC https://civicrm.org/licensing |
| 6a488035 TO |
16 | */ |
| 17 | class CRM_Utils_Crypt { | |
| 18 | ||
| d65b5830 RS |
19 | /** |
| 20 | * Encrypts a string using AES256 in ECB mode, if encryption is enabled. | |
| 21 | * | |
| 22 | * After encrypting the string, it is base64 encoded. | |
| 23 | * | |
| 24 | * If encryption is not enabled, either due to CIVICRM_SITE_KEY being | |
| 25 | * undefined or due to unavailability of the mcrypt module, the string is | |
| 26 | * merely base64 encoded and is not encrypted at all. | |
| 27 | * | |
| 28 | * @param string $string | |
| 29 | * Plaintext to be encrypted. | |
| 30 | * @return string | |
| 31 | * Base64-encoded ciphertext, or base64-encoded plaintext if encryption is | |
| 32 | * disabled or unavailable. | |
| 33 | */ | |
| 00be9182 | 34 | public static function encrypt($string) { |
| 6a488035 TO |
35 | if (empty($string)) { |
| 36 | return $string; | |
| 37 | } | |
| 38 | ||
| 39 | if (function_exists('mcrypt_module_open') && | |
| 40 | defined('CIVICRM_SITE_KEY') | |
| 41 | ) { | |
| db0e155c | 42 | // phpcs:disable |
| 6a488035 TO |
43 | $td = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '', MCRYPT_MODE_ECB, ''); |
| 44 | // ECB mode - iv not needed - CRM-8198 | |
| 353ffa53 TO |
45 | $iv = '00000000000000000000000000000000'; |
| 46 | $ks = mcrypt_enc_get_key_size($td); | |
| 6a488035 TO |
47 | $key = substr(sha1(CIVICRM_SITE_KEY), 0, $ks); |
| 48 | ||
| 49 | mcrypt_generic_init($td, $key, $iv); | |
| 50 | $string = mcrypt_generic($td, $string); | |
| 51 | mcrypt_generic_deinit($td); | |
| 52 | mcrypt_module_close($td); | |
| 53 | } | |
| db0e155c | 54 | // phpcs:enable |
| 6a488035 TO |
55 | return base64_encode($string); |
| 56 | } | |
| 57 | ||
| d65b5830 RS |
58 | /** |
| 59 | * Decrypts ciphertext encrypted with AES256 in ECB mode, if possible. | |
| 60 | * | |
| 61 | * If the mcrypt module is not available or if CIVICRM_SITE_KEY is not set, | |
| 62 | * the provided ciphertext is only base64-decoded, not decrypted. | |
| 63 | * | |
| 64 | * @param string $string | |
| 65 | * Ciphertext to be decrypted. | |
| 66 | * @return string | |
| 67 | * Plaintext, or base64-decoded ciphertext if encryption is disabled or | |
| 68 | * unavailable. | |
| 69 | */ | |
| 00be9182 | 70 | public static function decrypt($string) { |
| 6a488035 TO |
71 | if (empty($string)) { |
| 72 | return $string; | |
| 73 | } | |
| 74 | ||
| 75 | $string = base64_decode($string); | |
| 76 | if (empty($string)) { | |
| 77 | return $string; | |
| 78 | } | |
| 79 | ||
| 80 | if (function_exists('mcrypt_module_open') && | |
| 81 | defined('CIVICRM_SITE_KEY') | |
| 82 | ) { | |
| db0e155c | 83 | // phpcs:disable |
| 6a488035 TO |
84 | $td = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '', MCRYPT_MODE_ECB, ''); |
| 85 | // ECB mode - iv not needed - CRM-8198 | |
| 353ffa53 TO |
86 | $iv = '00000000000000000000000000000000'; |
| 87 | $ks = mcrypt_enc_get_key_size($td); | |
| 6a488035 TO |
88 | $key = substr(sha1(CIVICRM_SITE_KEY), 0, $ks); |
| 89 | ||
| 90 | mcrypt_generic_init($td, $key, $iv); | |
| 91 | $string = rtrim(mdecrypt_generic($td, $string)); | |
| 92 | mcrypt_generic_deinit($td); | |
| 93 | mcrypt_module_close($td); | |
| db0e155c | 94 | // phpcs:enable |
| 6a488035 TO |
95 | } |
| 96 | ||
| 97 | return $string; | |
| 98 | } | |
| 96025800 | 99 | |
| 6a488035 | 100 | } |