+<?php
+/************************************************************************
+ * Mailer v0.2.1-FINAL Start: 04/04/2015 *
+ * =================== Last change: 04/04/2015 *
+ * *
+ * -------------------------------------------------------------------- *
+ * File : encryption-functions.php *
+ * -------------------------------------------------------------------- *
+ * Short description : Functions for encryption *
+ * -------------------------------------------------------------------- *
+ * Kurzbeschreibung : Funktionen fuer Verschluesselung *
+ * -------------------------------------------------------------------- *
+ * Copyright (c) 2003 - 2009 by Roland Haeder *
+ * Copyright (c) 2009 - 2015 by Mailer Developer Team *
+ * For more information visit: http://mxchange.org *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the Free Software *
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
+ * MA 02110-1301 USA *
+ ************************************************************************/
+
+if (!defined('__SECURITY')) {
+ exit();
+} // END - if
+
+// Generate salt if not set
+function generateSalt ($salt = '', $hashLength = 48) {
+ // The length should not be shorter than 48 to have 8 byte as salt
+ assert(($hashLength >= 48) && ($hashLength <= 80));
+
+ // Is the salt set?
+ if (empty($salt)) {
+ // Then generate it from various data
+ $salt = hashSha256($hashLength . ':' . mt_rand(100000, 999999) . ':' . getSiteKey());
+ } // END - if
+
+ // Shorten salt ...
+ $salt = substr($salt, 0, $hashLength - 64);
+
+ // Return salt
+ return $salt;
+}
+
+// Hashes a string with SHA256, salts it and returns it hexdecimal-encoded
+function hashString ($str, $salt = '') {
+ // Generate salt
+ $salt = generateSalt($salt, 64);
+
+ // Generate salt
+ $hash = hashSha256($salt . $str);
+
+ // Return it
+ return $salt . $hash;
+}
+
+// Hash string with SHA256 and encode it to hex
+function hashSha256 ($str) {
+ /// Hash string
+ $hash = mhash(MHASH_SHA256, $str);
+
+ // Encode it to hexadecimal
+ $hex = '';
+ for ($i = 0; $i < strlen($hash); $i++) {
+ // Encode char to decimal, pad it with zero, add it
+ $hex .= padLeftZero(dechex(ord(substr($hash, $i, 1))), 2);
+ } // END - if
+
+ // Make sure 'length modulo 2' = 0
+ assert((strlen($hex) % 2) == 0);
+
+ // Return it
+ return $hex;
+}
+
+// "Calculates" password strength
+function calculatePasswordStrength ($password, $configEntry = 'min_password_length') {
+ // Default score
+ $score = 1;
+
+ if ((strlen($password) < 1) || (strlen($password) < getConfig($configEntry))) {
+ // Is to weak
+ return 0;
+ } // END - if
+
+ // At least 8 chars long?
+ if (strlen($password) >= 8) {
+ // Add score
+ $score++;
+ } // END - if
+
+ // At least 10 chars long?
+ if (strlen($password) >= 10) {
+ // Add score
+ $score++;
+ } // END - if
+
+ // Lower and upper cases?
+ if ((preg_match('/[a-z]/', $password)) && (preg_match('/[A-Z]/', $password))) {
+ // Add score
+ $score++;
+ } // END - if
+
+ // Also numbers?
+ if (preg_match('/[0-9]/', $password)) {
+ // Add score
+ $score++;
+ } // END - if
+
+ // Special characters?
+ if (preg_match('/.[!,@,#,$,%,^,&,*,?,\/,_,~,+,-,(,)]/', $password)) {
+ // Add score
+ $score++;
+ } // END - if
+
+ // Return password score
+ return $score;
+}
+
+// "Translates" password strength/score
+function translatePasswordStrength ($strength) {
+ // Return it translated
+ return '{--PASSWORD_SCORE_' . bigintval($strength) . '--}';
+}
+
+// Checks whether given password is strong enough
+function isStrongPassword ($password) {
+ // Determine it
+ return (calculatePasswordStrength($password) >= getConfig('min_password_score'));
+}
+
+// "Translates" encryption algorithm
+function translateEncryptionAlgorithm ($algo) {
+ // Default is 'NONE'
+ $translated = '{--SELECT_NONE--}';
+
+ // Is a valid number? Also '0' is valid.
+ if ((isValidNumber($algo)) || ($algo === '0')) {
+ // Get array
+ $algos = getSupportedEncryptionAlgorithms();
+
+ // Is it there?
+ if (isset($algos[$algo])) {
+ // "Translate" it
+ $translated = strtoupper($algos[$algo]);
+ } else {
+ // Unknown/unsupported
+ $translated = '{--UNSUPPORTED_ENCRYPTION_ALGO--}';
+ }
+ } // END - if
+
+ // Return it
+ return $translated;
+}
+
+// "Translates" encryption mode
+function translateEncryptionMode ($mode) {
+ // Default is 'NONE'
+ $translated = '{--SELECT_NONE--}';
+
+ // Is a valid number?
+ if ((isValidNumber($mode)) || (is_numeric($mode))) {
+ // Get array
+ $modes = getSupportedEncryptionModes();
+
+ // Is it there?
+ if (isset($modes[$mode])) {
+ // "Translate" it
+ $translated = strtoupper($modes[$mode]);
+ } else {
+ // Unknown/unsupported
+ $translated = '{--UNSUPPORTED_ENCRYPTION_MODE--}';
+ }
+ } // END - if
+
+ // Return it
+ return $translated;
+}
+
+// "Getter" for an array of supported ("safe") encryption algorithms
+function getSupportedEncryptionAlgorithms () {
+ // Get full list
+ $algos = mcrypt_list_algorithms();
+
+ // Remove any unsecure (e.g. DES/3DES)
+ foreach (array('des', 'tripledes') as $unsecure) {
+ // Search for it
+ $id = array_search($unsecure, $algos, TRUE);
+
+ // Is it found?
+ if (isValidNumber($id)) {
+ // Remove it
+ unset($algos[$id]);
+ } // END - if
+ } // END - foreach
+
+ // Return it
+ return $algos;
+}
+
+// "Getter" for an array of supported encryption modes
+function getSupportedEncryptionModes () {
+ // Get full list
+ $modes = mcrypt_list_modes();
+
+ // Return it
+ return $modes;
+}
+
+// Determines whether given encryption algorithm number is valid
+function isValidEncryptionAlgorithm ($algo) {
+ // Default is not valid
+ $isValid = FALSE;
+
+ // Is valid number?
+ if (isValidNumber($algo)) {
+ // Get supported algorithms
+ $algos = getSupportedEncryptionAlgorithms();
+
+ // Is it there?
+ $isValid = (isset($algos[$algo]));
+ } // END - if
+
+ // Return status
+ return $isValid;
+}
+
+// Determines whether given encryption mode number is valid
+function isValidEncryptionMode ($mode) {
+ // Default is not valid
+ $isValid = FALSE;
+
+ // Is valid number?
+ if ((isValidNumber($mode)) || (is_numeric($mode))) {
+ // Get supported algorithms
+ $modes = getSupportedEncryptionModes();
+
+ // Is it there?
+ $isValid = (isset($modes[$mode]));
+ } // END - if
+
+ // Return status
+ return $isValid;
+}
+
+// Encrypts a string by given algorithm and key
+function encrytStringByCipher ($str, $algo, $mode, $key) {
+ // Init encryption
+ $cipher = initEncryption($algo, $mode, $key);
+
+ // Encrypt it
+ $encrypted = mcrypt_generic($cipher, $str);
+
+ // Deinit/close cipher
+ deinitEncryption($cipher);
+
+ // Return encrypted
+ return $encrypted;
+}
+
+// Decrypts a string by given algorithm and key
+function decrytStringByCipher ($str, $algo, $mode, $key, $iv) {
+ // Init encryption
+ $cipher = initEncryption($algo, $mode, $key, $iv);
+
+ // Decrypt it
+ $encrypted = mdecrypt_generic($cipher, $str);
+
+ // Deinit/close cipher
+ deinitEncryption($cipher);
+
+ // Return encrypted
+ return $encrypted;
+}
+
+// Initializes encryption/decryption
+function initEncryption ($algo, $mode, $key, $iv = NULL) {
+ // Must be valid algo/mode
+ assert((isValidEncryptionAlgorithm($algo)) && (isValidEncryptionMode($mode)));
+
+ // Get algorithms/modes
+ $algos = getSupportedEncryptionAlgorithms();
+ $modes = getSupportedEncryptionModes();
+
+ // Open encryption module
+ $cipher = mcrypt_module_open($algos[$algo], '', $modes[$mode], '');
+
+ // Ist not a resource?
+ assert(is_resource($cipher));
+
+ // Is iv set?
+ if (is_null($iv)) {
+ // Create IV
+ $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($cipher), MCRYPT_DEV_RANDOM);
+ } // END - if
+
+ // Generate key size
+ $keySize = mcrypt_enc_get_key_size($cipher);
+
+ // Key size must be smaller/equal key's size
+ assert($keySize <= strlen($key));
+
+ // Initialize encryption
+ mcrypt_generic_init($cipher, substr($key, 0, $keySize), $iv);
+
+ // Return prepared cipher
+ return $cipher;
+}
+
+// Deinitializes encryption cipher
+function deinitEncryption ($cipher) {
+ // Ist not a resource?
+ assert(is_resource($cipher));
+
+ // Deinit/close cipher
+ mcrypt_generic_deinit($cipher);
+ mcrypt_module_close($cipher);
+}
+
+// [EOF]
+?>