1: <?php
2:
3: /**
4: * A utility class for carrying out various security tasks
5: *
6: * @package alpha::util
7: * @since 1.2.2
8: * @author John Collins <dev@alphaframework.org>
9: * @version $Id: AlphaSecurityUtils.inc 1630 2013-01-17 17:20:05Z alphadevx $
10: * @license http://www.opensource.org/licenses/bsd-license.php The BSD License
11: * @copyright Copyright (c) 2013, John Collins (founder of Alpha Framework).
12: * All rights reserved.
13: *
14: * <pre>
15: * Redistribution and use in source and binary forms, with or
16: * without modification, are permitted provided that the
17: * following conditions are met:
18: *
19: * * Redistributions of source code must retain the above
20: * copyright notice, this list of conditions and the
21: * following disclaimer.
22: * * Redistributions in binary form must reproduce the above
23: * copyright notice, this list of conditions and the
24: * following disclaimer in the documentation and/or other
25: * materials provided with the distribution.
26: * * Neither the name of the Alpha Framework nor the names
27: * of its contributors may be used to endorse or promote
28: * products derived from this software without specific
29: * prior written permission.
30: *
31: * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
32: * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
33: * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
34: * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
35: * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
36: * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
37: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
38: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
39: * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
40: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
41: * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
42: * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
43: * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
44: * </pre>
45: *
46: */
47: class AlphaSecurityUtils {
48: /**
49: * Encrypt provided data using mcrypt() with the TripleDES algorithm and the security.encryption.key
50: *
51: * @param string $data
52: * @return string
53: * @since 1.2.2
54: */
55: public static function encrypt($data) {
56: global $config;
57:
58: $td = mcrypt_module_open ('tripledes', '', 'ecb', '');
59: $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size ($td), MCRYPT_RAND);
60: mcrypt_generic_init ($td, $config->get('security.encryption.key'), $iv);
61: $encryptedData = mcrypt_generic ($td, $data);
62: mcrypt_generic_deinit ($td);
63: mcrypt_module_close ($td);
64:
65: return $encryptedData;
66: }
67:
68: /**
69: * Decrypt provided data using mcrypt() with the TripleDES algorithm and the security.encryption.key
70: *
71: * @param string $data
72: * @return string
73: * @since 1.2.2
74: */
75: public static function decrypt($data) {
76: global $config;
77:
78: $td = mcrypt_module_open('tripledes', '', 'ecb', '');
79: $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size ($td), MCRYPT_RAND);
80: return mcrypt_decrypt('tripledes', $config->get('security.encryption.key'), $data, 'ecb', $iv);
81: }
82: }
83:
84: ?>