From 99c32f36ed1189eb49c34761283b10c60cf9d78e Mon Sep 17 00:00:00 2001
From: Peter Rotich <peter@enhancesoft.com>
Date: Fri, 2 Aug 2013 16:50:50 +0000
Subject: [PATCH] Move getCipher to base class Add cipher validator - checks to
 make sure the cipher is valid & available.

---
 include/class.crypto.php | 118 +++++++++++++++++++++------------------
 1 file changed, 64 insertions(+), 54 deletions(-)

diff --git a/include/class.crypto.php b/include/class.crypto.php
index 4b5a8754b..f66324e19 100644
--- a/include/class.crypto.php
+++ b/include/class.crypto.php
@@ -201,6 +201,8 @@ class CryptoAlgo {
 
     var $tag_number;
 
+    var $ciphers = null;
+
     function  CryptoAlgo($tag) {
         $this->tag_number = $tag;
     }
@@ -209,6 +211,30 @@ class CryptoAlgo {
         return $this->tag_number;
     }
 
+    function getCipher($cid, $callback=null) {
+
+        if(!$this->ciphers)
+            return null;
+
+        $cipher = null;
+        if($cid)
+            $cipher =  isset($this->ciphers[$cid]) ? $this->ciphers[$cid] : null;
+        elseif($this->ciphers) { // search best available.
+            foreach($this->ciphers as $k => $c) {
+                if(!$callback
+                        || (is_callable($callback)
+                            && call_user_func($callback, $c))) {
+                    $cid = $k;
+                    $cipher = $c;
+                    break;
+                }
+            }
+        }
+
+        return $cipher ?
+            array_merge($cipher, array('cid' => $cid)) : null;
+    }
+
     function getMasterKey() {
         return $this->master_key;
     }
@@ -248,6 +274,8 @@ class CryptoAlgo {
      */
     /* abstract */
     function exists() { return false; }
+
+
 }
 
 
@@ -276,25 +304,17 @@ Class CryptoMcrypt extends CryptoAlgo {
             );
 
     function getCipher($cid=null) {
+        return parent::getCipher($cid, array($this, '_checkCipher'));
+    }
 
-        $cipher = null;
-        if($cid)
-            $cipher =  isset($this->ciphers[$cid]) ? $this->ciphers[$cid] : null;
-        elseif($this->ciphers) { // search best available.
-            foreach($this->ciphers as $k => $c) {
-                if($c['name']
-                        && $c['mode']
-                        && mcrypt_module_open($c['name'], '', $c['mode'], '')) {
-
-                    $cid = $k;
-                    $cipher = $c;
-                    break;
-                }
-            }
-        }
+   function _checkCipher($c) {
 
-        return $cipher ?
-            array_merge($cipher, array('cid' => $cid)) : null;
+       return ($c
+               && $c['name']
+               && $c['mode']
+               && $this->exists()
+               && mcrypt_module_open($c['name'], '', $c['mode'], '')
+               );
     }
 
     /**
@@ -385,7 +405,8 @@ Class CryptoMcrypt extends CryptoAlgo {
     }
 
     function exists() {
-        return extension_loaded('mcrypt');
+        return (extension_loaded('mcrypt')
+                && function_exists('mcrypt_module_open'));
     }
 }
 
@@ -417,22 +438,16 @@ class CryptoOpenSSL extends CryptoAlgo {
     }
 
     function getCipher($cid) {
+        return parent::getCipher($cid, array($this, '_checkCipher'));
+    }
 
-        $cipher = null;
-        if($cid)
-            $cipher =  isset($this->ciphers[$cid]) ? $this->ciphers[$cid] : null;
-        elseif($this->ciphers) { // search best available.
-            foreach($this->ciphers as $k => $c) {
-                if($c['method'] &&  openssl_cipher_iv_length($c['method'])) {
-                    $cid = $k;
-                    $cipher = $c;
-                    break;
-                }
-            }
-        }
+    function _checkCipher($c) {
 
-        return $cipher ?
-            array_merge($cipher, array('cid' => $cid)) : null;
+        return ($c
+                && $c['method']
+                && $this->exists()
+                && openssl_cipher_iv_length($c['method'])
+                );
     }
 
     /**
@@ -515,7 +530,7 @@ define('CRYPTO_CIPHER_PHPSECLIB_AES_CBC', 1);
 
 class CryptoPHPSecLib extends CryptoAlgo {
 
-    var $ciphers = array( //Replace with interface class
+    var $ciphers = array(
             CRYPTO_CIPHER_PHPSECLIB_AES_CBC => array(
                 'mode' => CRYPT_AES_MODE_CBC,
                 'ivlen' => 16,
@@ -523,36 +538,31 @@ class CryptoPHPSecLib extends CryptoAlgo {
                 ),
             );
 
-    //TODO: Will be replaced by interface cryto class.. with default/preset
-    // ivlen + extends PHPSecLib crypto classes.
-    function getCipher($cid) {
-
-        if ($cid)
-            $cipher = $this->ciphers[$cid];
-        elseif($this->ciphers) {
-            foreach($this->ciphers as $k => $c) {
-                if($c['class'] && class_exists($c['class'])) {
-                    $cid = $k;
-                    $cipher = $c;
-                    break;
-                }
-            }
-        }
-
-        return $cipher ?
-            array_merge($cipher, array('cid' => $cid)) : null;
-    }
 
     function getCrypto($cid) {
         if(!$cid
                 || !($c=$this->getCipher($cid))
-                || !($class=$c['class'])
-                || !class_exists($class))
+                || !$this->_checkCipher($c))
             return null;
 
+        $class = $c['class'];
+
         return new $class($c['mode']);
     }
 
+    function getCipher($cid) {
+        return  parent::getCipher($cid, array($this, '_checkCipher'));
+    }
+
+    function _checkCipher($c) {
+
+        return ($c
+                && $c['mode']
+                && $c['ivlen']
+                && $c['class']
+                && class_exists($c['class']));
+    }
+
     function encrypt($text, $cid=0) {
 
         if(!$this->exists()
-- 
GitLab