developer.jelix.org is not used any more and exists only for history. Post new tickets on the Github account.
developer.jelix.org n'est plus utilisée, et existe uniquement pour son historique. Postez les nouveaux tickets sur le compte github.

Ticket #1137: jCrypt.diff

File jCrypt.diff, 3.7 KB (added by hadrien, 11 years ago)

patch jcrypt clé par défaut

Line 
1diff --git a/lib/jelix/utils/jCrypt.class.php b/lib/jelix/utils/jCrypt.class.php
2index edd1367..4f86ffd 100644
3--- a/lib/jelix/utils/jCrypt.class.php
4+++ b/lib/jelix/utils/jCrypt.class.php
5@@ -4,12 +4,13 @@
6* @subpackage  utils
7* @author      Antoine Detante
8* @contributor Laurent Jouanneau
9+* @contributor Hadrien Lanneau (hadrien at over-blog dot com)
10* @copyright   2007 Antoine Detante, 2009 Laurent Jouanneau
11* @link        http://www.jelix.org
12* @licence     GNU Lesser General Public Licence see LICENCE file or http://www.gnu.org/licenses/lgpl.html
13**/
14
15-/**
16+/**
17* Static methods help to encrypt and decrypt string. mCrypt is used if it is
18* installed, else a basic algorithm is used.
19* @package     jelix
20@@ -25,7 +26,7 @@ class jCrypt {
21     * @param string $key the key used to decrypt
22     * @return string decrypted string
23     */
24-    public static function decrypt($string,$key){
25+    public static function decrypt($string,$key = ''){
26        $decrypted=null;
27        $decodedString=base64_decode($string);
28        // Check if mcrypt is installed, and if WAKE algo exists
29@@ -44,7 +45,7 @@ class jCrypt {
30     * @param string $key the key used to encrypt
31     * @return string encrypted string
32     */
33-    public static function encrypt($string,$key){
34+    public static function encrypt($string,$key = ''){
35        $encrypted=null;
36        // Check if mcrypt is installed, and if WAKE algo exists
37        if(function_exists("mcrypt_generic")&&mcrypt_module_self_test(MCRYPT_WAKE))
38@@ -60,9 +61,9 @@ class jCrypt {
39     * @param string $key the key used to encrypt string
40     * @return string encrypted string
41     */
42-    public static function mcryptEncrypt($string, $key) {
43+    public static function mcryptEncrypt($string, $key = '') {
44        if ($key=='')
45-            throw new jException('jelix~auth.error.key.empty');
46+            $key = self::_getDefaultKey();
47        if (strlen($key)<15)
48            throw new jException('jelix~auth.error.key.tooshort',15);
49        $td = mcrypt_module_open(MCRYPT_WAKE, '', MCRYPT_MODE_STREAM, '');
50@@ -79,11 +80,11 @@ class jCrypt {
51     * Decrypt a string with mCrypt.
52     * @param string $string the string to decrypt
53     * @param string $key the key used to decrypt string
54-     * @return string decrypted string
55+     * @return string decrypted string
56     */
57-    public static function mcryptDecrypt($string,$key){
58+    public static function mcryptDecrypt($string,$key = ''){
59        if($key=='')
60-            throw new jException('jelix~auth.error.key.empty');
61+            $key = self::_getDefaultKey();
62        $td = mcrypt_module_open(MCRYPT_WAKE, '', MCRYPT_MODE_STREAM, '');
63        $ks = mcrypt_enc_get_key_size($td);
64        $key = substr($key, 0, $ks);
65@@ -102,9 +103,9 @@ class jCrypt {
66     * @param string $key the key used to encrypt/decrypt string (must be >= 8 characters)
67     * @return string encrypted/decrypted string
68     */
69-    protected static function simpleCrypt($str,$key){
70+    protected static function simpleCrypt($str,$key = ''){
71        if($key=='')
72-            throw new jException('jelix~auth.error.key.empty');
73+            $key = self::_getDefaultKey();
74        $key=str_replace(chr(32),'',$key);
75        if(strlen($key)<8)
76            throw new jException('jelix~auth.error.key.tooshort',8);
77@@ -121,5 +122,21 @@ class jCrypt {
78        }
79        return $str;
80    }
81+
82+       /**
83+        * Get default key in config
84+        *
85+        * @return string
86+        * @author Hadrien Lanneau (hadrien at over-blog dot com)
87+        **/
88+       private static function _getDefaultKey()
89+       {
90+               global $gJConfig;
91+               if (isset($gJConfig->jcrypt['defaultkey']))
92+               {
93+                       return $gJConfig->jcrypt['defaultkey'];
94+               }
95+               throw new jException('jelix~auth.error.key.empty');
96+       }
97}