You are here

function aes_encrypt in AES encryption 6

Same name and namespace in other branches
  1. 5 aes.module \aes_encrypt()
  2. 7 aes.module \aes_encrypt()

aes_encrypt

Description: Encrypts a string.

Arguments: string $string The string to encrypt. (optional) bool $base64encode Whether to return the string base64 encoded (recommended for database insertion). (optional) string $custom_key Use this as the key rather than the stored one for this operation. (optional) string $custom_cipher Use this cipher rather than the default one. (only with Mcrypt - ignored with phpseclib) (optional) string $custom_iv Use this initialization vector instead of the default one. (optional) string $custom_implementation Can be "phpseclib" or "mcrypt". Warning: Does not check if the requested implementation actually exists.

Returns: The encrypted string on success, false on error.

2 calls to aes_encrypt()
aes_config_submit in ./aes.module
aes_user in ./aes.module

File

./aes.module, line 583

Code

function aes_encrypt($string, $base64encode = true, $custom_key = null, $custom_cipher = null, $custom_iv = null, $custom_implementation = null) {

  //bail out if the passed string is empty
  if (empty($string)) {
    watchdog("aes", "Tried to encrypt an empty string.", array(), WATCHDOG_WARNING);
    return false;
  }
  if ($custom_cipher != null) {
    $cipher = $custom_cipher;
  }
  else {
    $cipher = variable_get("aes_cipher", "rijndael-128");
  }
  if (!empty($custom_key)) {
    $key = $custom_key;
  }
  else {
    $key = aes_get_key();
  }
  if (is_null($custom_implementation) == false && ($custom_implementation == "mcrypt" || $custom_implementation == "phpseclib")) {
    $implementation = $custom_implementation;
  }
  else {
    $implementation = variable_get("aes_implementation", "mcrypt");
  }
  if ($implementation == "phpseclib") {

    //using phpseclib implementation

    //phpseclib doesn't support custom ciphers and iv's
    if (is_null($custom_cipher) == false) {
      watchdog("aes", "A custom cipher was defined when encrypting a string in the AES module using the phpseclib implementation. This implementation doesn't support custom ciphers therefore the argument was ignored and the encryption was done with the standard cipher.", array(), WATCHDOG_WARNING);
    }
    if (is_null($custom_iv) == false) {
      watchdog("aes", "A custom IV was defined when encrypting a string in the AES module using the phpseclib implementation. This implementation doesn't support custom IV's therefore the argument was ignored and the encryption was done with the standard IV.", array(), WATCHDOG_WARNING);
    }
    aes_load_phpsec();
    $phpsec = new Crypt_AES();
    $phpsec
      ->setKey($key);
    $encrypted = $phpsec
      ->encrypt($string);
  }
  else {
    if ($implementation == "mcrypt") {

      //using mcrypt implementation
      $td = mcrypt_module_open($cipher, "", MCRYPT_MODE_CBC, "");
      if ($custom_iv == null) {
        $iv = base64_decode(variable_get("aes_encryption_iv", ""));
      }
      else {
        $iv = base64_decode($custom_iv);
      }
      if (empty($iv)) {
        aes_make_iv();
        $iv = base64_decode(variable_get("aes_encryption_iv", ""));
        watchdog("aes", "No initialization vector found while trying to encrypt! This could be a bit of a pain since you might have to reset all the passwords for all users. I've created a new one now and will try to carry on as normal.", array(), WATCHDOG_WARNING);
      }
      $ks = mcrypt_enc_get_key_size($td);
      $key = substr(sha1($key), 0, $ks);
      mcrypt_generic_init($td, $key, $iv);
      $encrypted = mcrypt_generic($td, $string);
      mcrypt_generic_deinit($td);
      mcrypt_module_close($td);
    }
    else {
      $error_msg = t("Request was sent to encrypt a string with the AES module, but the AES module has no active encryption implementation to work with! Did you forget to run update.php after upgrading this module?");
      if (user_access('administer aes')) {
        drupal_set_message($error_msg, "error");
      }
      watchdog("aes", $error_msg, array(), WATCHDOG_ERROR);
      return false;
    }
  }
  if ($base64encode) {
    return base64_encode($encrypted);
  }
  else {
    return $encrypted;
  }
}