From 2b1e960690caa49929acfe221ce3f0219f192c38 Mon Sep 17 00:00:00 2001
From: Peter Rotich <peter@enhancesoft.com>
Date: Fri, 9 Aug 2013 15:31:56 +0000
Subject: [PATCH] Change email en/decryption to use crypto class Drop old
 mcrypt class

---
 include/class.email.php          |  8 +++---
 include/class.mcrypt.php         | 48 --------------------------------
 main.inc.php                     |  2 +-
 setup/inc/install-prereq.inc.php |  1 -
 4 files changed, 5 insertions(+), 54 deletions(-)
 delete mode 100644 include/class.mcrypt.php

diff --git a/include/class.email.php b/include/class.email.php
index 148787260..480b26eba 100644
--- a/include/class.email.php
+++ b/include/class.email.php
@@ -87,7 +87,7 @@ class Email {
     }
 
     function getPasswd() {
-        return $this->ht['userpass']?Mcrypt::decrypt($this->ht['userpass'],SECRET_SALT):'';
+        return $this->ht['userpass']?Crypto::decrypt($this->ht['userpass'], SECRET_SALT, $this->ht['userid']):'';
     }
 
     function getHashtable() {
@@ -108,7 +108,7 @@ class Email {
                 'protocol'  => $this->ht['mail_protocol'],
                 'encryption' => $this->ht['mail_encryption'],
                 'username'  => $this->ht['userid'],
-                'password' => Mcrypt::decrypt($this->ht['userpass'], SECRET_SALT),
+                'password' => Crypto::decrypt($this->ht['userpass'], SECRET_SALT, $this->ht['userid']),
                 //osTicket specific
                 'email_id'  => $this->getId(), //Required for email routing to work.
                 'max_fetch' => $this->ht['mail_fetchmax'],
@@ -134,7 +134,7 @@ class Email {
                 'port' => $this->ht['smtp_port'],
                 'auth' => (bool) $this->ht['smtp_auth'],
                 'username' => $this->ht['userid'],
-                'password' => Mcrypt::decrypt($this->ht['userpass'], SECRET_SALT)
+                'password' => Crypto::decrypt($this->ht['userpass'], SECRET_SALT, $this->ht['userid'])
                 );
 
         return $info;
@@ -367,7 +367,7 @@ class Email {
             $sql.=',mail_delete=0,mail_archivefolder=NULL';
 
         if($vars['passwd']) //New password - encrypt.
-            $sql.=',userpass='.db_input(Mcrypt::encrypt($vars['passwd'],SECRET_SALT));
+            $sql.=',userpass='.db_input(Crypto::encrypt($vars['passwd'],SECRET_SALT, $vars['userid']));
 
         if($id) { //update
             $sql='UPDATE '.EMAIL_TABLE.' SET '.$sql.' WHERE email_id='.db_input($id);
diff --git a/include/class.mcrypt.php b/include/class.mcrypt.php
deleted file mode 100644
index 8381509ff..000000000
--- a/include/class.mcrypt.php
+++ /dev/null
@@ -1,48 +0,0 @@
-<?php
-/*********************************************************************
-    class.mcrypt.php
-
-    Mcrypt wrapper.... nothing special at all.
-
-    Peter Rotich <peter@osticket.com>
-    Copyright (c)  2006-2013 osTicket
-    http://www.osticket.com
-
-    Released under the GNU General Public License WITHOUT ANY WARRANTY.
-    See LICENSE.TXT for details.
-
-    vim: expandtab sw=4 ts=4 sts=4:
-**********************************************************************/
-class Mcrypt {
-    
-    function encrypt($text, $salt) {
-        global $ost;
-        
-        //if mcrypt extension is not installed--simply return unencryted text and log a warning (if enabled).
-        if(!function_exists('mcrypt_encrypt') || !function_exists('mcrypt_decrypt')) {
-            if($ost) {
-                $msg='Cryptography extension mcrypt is not enabled or installed. Important text/data is being stored as plain text in database.';
-                $ost->logWarning('mcrypt module missing', $msg);
-            }
-
-            return $text;
-        }
-
-        return trim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $salt, $text, MCRYPT_MODE_ECB,
-                         mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND))));
-    }
-
-    function decrypt($text, $salt) {
-
-        if(!function_exists('mcrypt_encrypt') || !function_exists('mcrypt_decrypt'))
-            return $text;
-
-        return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $salt, base64_decode($text), MCRYPT_MODE_ECB,
-                        mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND)));
-    }
-
-    function exists(){
-        return (function_exists('mcrypt_encrypt') && function_exists('mcrypt_decrypt'));
-    }
-}
-?>
diff --git a/main.inc.php b/main.inc.php
index 062c1d139..4a0c54154 100644
--- a/main.inc.php
+++ b/main.inc.php
@@ -113,7 +113,7 @@
     require(INCLUDE_DIR.'class.usersession.php');
     require(INCLUDE_DIR.'class.pagenate.php'); //Pagenate helper!
     require(INCLUDE_DIR.'class.log.php');
-    require(INCLUDE_DIR.'class.mcrypt.php');
+    require(INCLUDE_DIR.'class.crypto.php');
     require(INCLUDE_DIR.'class.misc.php');
     require(INCLUDE_DIR.'class.timezone.php');
     require(INCLUDE_DIR.'class.http.php');
diff --git a/setup/inc/install-prereq.inc.php b/setup/inc/install-prereq.inc.php
index 11746eda7..46f117e53 100644
--- a/setup/inc/install-prereq.inc.php
+++ b/setup/inc/install-prereq.inc.php
@@ -22,7 +22,6 @@ if(!defined('SETUPINC')) die('Kwaheri!');
             <h3>Recommended:</h3>
             You can use osTicket without these, but you may not be able to use all features.
             <ul class="progress">
-                <li class="<?php echo extension_loaded('mcrypt')?'yes':'no'; ?>">Mcrypt extension</li>
                 <li class="<?php echo extension_loaded('gd')?'yes':'no'; ?>">Gdlib extension</li>
                 <li class="<?php echo extension_loaded('imap')?'yes':'no'; ?>">PHP IMAP extension</li>
             </ul>
-- 
GitLab