You are here

function aes_config_submit in AES encryption 6

Same name and namespace in other branches
  1. 5 aes.module \aes_config_submit()
  2. 7 aes.admin.inc \aes_config_submit()

File

./aes.module, line 236

Code

function aes_config_submit($form, &$form_state) {
  if ($form_state['values']['aes_convert']) {
    if (variable_get("aes_convert", "true") == "false") {
      variable_set("aes_convert", "true");
      drupal_set_message(t("Creation of encrypted passwords enabled."));
    }
  }
  else {
    if (variable_get("aes_convert", "true") == "true") {
      variable_set("aes_convert", "false");
      drupal_set_message(t("Creation of encrypted passwords disabled."));
    }
  }
  variable_set("aes_key_path", $form_state['values']['aes_key_path']);

  //check if the storage method has changed
  if ($form_state['values']['aes_key_storage_method'] != variable_get("aes_key_storage_method", "")) {

    //if it has changed, we need to move the key to the new storage
    drupal_set_message(t("Switching key storage method to !method.", array(
      '!method' => $form_state['values']['aes_key_storage_method'],
    )));

    //get the key
    $key = aes_get_key();

    //delete the key from the old storage
    aes_delete_key(variable_get("aes_key_storage_method", ""));

    //set the new storage
    variable_set("aes_key_storage_method", $form_state['values']['aes_key_storage_method']);

    //store the key in its new location
    aes_store_key($key);
  }

  //if the cipher has changed...
  if ($form_state['values']['aes_cipher'] != variable_get("aes_cipher", "rijndael-128")) {
    $result = db_query("SELECT uid, pass FROM {aes_passwords} WHERE uid != 0");
    $old_cipher = variable_get("aes_cipher", "rijndael-128");
    variable_set("aes_cipher", $form_state['values']['aes_cipher']);
    $new_cipher = $form_state['values']['aes_cipher'];

    //get the old iv
    $old_iv = variable_get("aes_encryption_iv", "");

    //update the cipher the system uses
    variable_set("aes_cipher", $form_state['values']['aes_cipher']);

    //create a new iv to match the new cipher
    aes_make_iv();

    //get the new iv
    $new_iv = variable_get("aes_encryption_iv", "");
    $updates_num = 0;
    while ($user = db_fetch_array($result)) {
      $plain_pass = aes_decrypt($user['pass'], true, null, $old_cipher, $old_iv);
      $new_pass = aes_encrypt($plain_pass, true, null, $new_cipher, $new_iv);
      $updates_num++;
      db_query("UPDATE {aes_passwords} SET pass='%s' WHERE uid=%d", $new_pass, $user['uid']);
    }
    drupal_set_message(t("Updated the passwords of !updates_num users because of a change in cipher.", array(
      '!updates_num' => $updates_num,
    )));
  }

  //if the key has changed...
  if (!empty($form_state['values']['aes_key'])) {
    $old_key = aes_get_key();
    $result = aes_store_key($form_state['values']['aes_key']);
    if ($result === false) {
      drupal_set_message(t("Failed to write new encryption key! Aborting."));
      return;
    }
    drupal_set_message(t("Key changed."));

    //since the key has changed we need to re-encrypt all the passwords with the new key (except the anonymous account)
    $a = db_query("SELECT uid, pass FROM {aes_passwords} WHERE uid != 0");
    $updates_num = 0;
    while ($user = db_fetch_array($a)) {
      $plain_pass = aes_decrypt($user['pass'], true, $old_key);
      $new_pass = aes_encrypt($plain_pass, true, $form_state['values']['aes_key']);
      $updates_num++;
      db_query("UPDATE {aes_passwords} SET pass='%s' WHERE uid=%d", $new_pass, $user['uid']);
    }
    drupal_set_message(t("Updated the passwords of !updates_num users because of a change in key.", array(
      '!updates_num' => $updates_num,
    )));
  }

  //if the implementation has changed...
  if ($form_state['values']['aes_implementation'] != variable_get("aes_implementation", "mcrypt")) {
    drupal_set_message(t("Implementation changed. Re-encrypting all passwords using new implementation."));
    $a = db_query("SELECT uid, pass FROM {aes_passwords} WHERE uid != 0");
    $updates_num = 0;
    while ($user = db_fetch_array($a)) {
      $plain_pass = aes_decrypt($user['pass']);
      $new_pass = aes_encrypt($plain_pass, true, null, null, null, $form_state['values']['aes_implementation']);
      $updates_num++;
      db_query("UPDATE {aes_passwords} SET pass='%s' WHERE uid=%d", $new_pass, $user['uid']);
    }
    drupal_set_message(t("Updated the passwords of !updates_num users because of a change in implementation.", array(
      '!updates_num' => $updates_num,
    )));
    variable_set("aes_implementation", $form_state['values']['aes_implementation']);
    if ($form_state['values']['aes_implementation'] == "phpseclib") {

      //if we have switched to phpseclib implementation, set the cipher to 128, since it's the only one phpseclib supports
      variable_set("aes_cipher", "rijndael-128");

      //create a new IV, this IV won't actually be used by phpseclib, but it's needed if the implementation is switched back to mcrypt
      aes_make_iv(true);
    }
  }
  variable_set("aes_viewing_method", $form_state['values']['view_method']);
}