Início / Optitravel / Security / Password encrypt
Encryption
This class has the function of encrypting and decrypting strings as well as generating random strings. It receives the system database and the system number per parameter in the constructor.
Class Path
includes/classes/security/class_encryption.php
Methods
public function getSecretIV
This is a public method that does not receive parameters. Its function is to return the class secret_iv property.
public function getSecretIV(){
return $this->secret_iv;
}
private function getSecret
This is a private method that does not receive parameters. This function searches the system database for the code_detail table and return the result. This query will conatin the description field, a field that houses the secret_iv string. This expression is one of the parameters for encryption and decryption of passwords.
private function getSecret(){
try {
$query = "SELECT * from code_detail where CODE = 'SECRET_IV' and subcode = 'IV' ";
$resultado = $this->db_cliente->Execute($query) or die($this->db_cliente->ErrorMsg());
return $resultado->fields('description');
} catch (\Throwable $th) {
return $th->getMessage();
}
}
public function stringEncrypt($string)
This is a public method that receives a string per parameter. This function encrypt a string and returns it in a base64_encode. It uses the system salt and the sha256 hash algorithm to create a key. That key is then used as a parameter together with the given param, encrypt method and iv to encrypt the given string using the php openssl_encrypt function.
public function stringEncrypt($string){
$key = '';
if ($this->system_salt != '') {
$key = hash("sha256", $this->system_salt);
}else{
return 'O system_salt nao pode ser vazio!';
}
$iv = substr(hash("sha256", $secret_iv), 0, 16);
$encrypted_string = openssl_encrypt($string, self::ENCRYPT_METHOD, $key, 0, $iv);
return base64_encode($encrypted_string);
}
public function stringDecrypt($string)
This is a public method that receives a string per parameter. This function decrypt a string and returns it. It uses the system salt and the sha256 hash algorithm to create a key. That key is then used as a parameter together with the given param, encrypt method and iv to decrypt the given string using the php openssl_decrypt function.
public function stringDecrypt($string){
$key = '';
if ($this->system_salt != '') {
$key = hash("sha256", $this->system_salt);
}else{
return 'O system_salt nao pode ser vazio!';
}
$iv = substr(hash("sha256", $secret_iv), 0, 16);
$decoded_string = base64_decode($string);
return openssl_decrypt($decoded_string, self::ENCRYPT_METHOD, $key, 0, $iv);
}
public function generateRandomString($length)
This is a public method that receives an optional integer per partameter. This function uses the received length to generate a random alphanumeric expression and returns it.
public function generateRandomString($length = 15) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!#_-;';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[random_int(0, $charactersLength - 1)];
}
return $randomString;
}
public function createRandomSalt
This is a public method that does not receive parameters. It generates a random 36 characters length string and returns it.
public static function createRandomSalt(){
// Generate 16 bytes (128 bits) of random data or use the data passed into the function.
$data = random_bytes(16);
assert(strlen($data) == 16);
// Set version to 0100
$data[6] = chr(ord($data[6]) & 0x0f | 0x40);
// Set bits 6-7 to 10
$data[8] = chr(ord($data[8]) & 0x3f | 0x80);
// Output the 36 character UUID.
return vsprintf('%s%s%s%s%s%s%s%s', str_split(bin2hex($data), 4));
}
↑ (Última atualização: 05/11/2024)