New Crypto Session

984cb253 · Alex Ne · 05dd4b8f · 984cb253 · 984cb253 · 984cb253
Commit 984cb253 authored Jun 28, 2016 by Alex Ne
7 changed files
--- a/Accounting/Session.php
+++ b/Accounting/Session.php
+<?php
+namespace X\Accounting;
+class SessionChecksumError extends \X\ETrace\Notification {}
+class SessionHacked extends \X\ETrace\Notification {}
+
+/**
+ * Session Manager
+ *
+ * 	Session struct:
+ *  	t 	= type(int)
+ *  	s 	= session_id
+ *  	cc 	= crypto code (спец код с возможностю прокрутки назад и вперед.)
+ *  	cs 	= crypto cheksum
+ *  	a 	= activation_time
+ *  	u 	= user_id
+ *  	hs 	= is_https(bool)
+ *
+ * 	crypto cheksum:
+ * 		cheksum = ((( a & ( ! s ) ) ^ cc ) & u ) >> (t ^ op1)
+ *
+ * 	crypto code:
+ * 		code = rand(0,time());
+ * 		next_code = (code >> op2) ^ op3
+ * 		prev_code =	(code ^ op3) << op2
+ */
+class Session extends X\Security\Crypto\IDEA {
+	//protected function BitwiseCROR($v, $c)
+	//protected function BitwiseCROL($v, $c)
+	use \X\Tool\BitwiseCyclicShift;
+	/**
+	 * @var array
+	 */
+	protected $session_data = null;
+	/**
+	 * @var mixed
+	 */
+	protected $session = null;
+	/**
+	 * @var string
+	 */
+	protected $session_name = "s";
+
+	/**
+	 * @var array
+	 */
+	protected $param_crypto = [2, 6, 4];
+
+	/**
+	 * @param string $key          - password
+	 * @param string $name         - collumn name
+	 * @param array  $param_crypto - [int op1, int op2, int op3]
+	 */
+	public function __construct($key, $name = "s", $param_crypto = false) {
+		parent::__construct($key);
+		if ($param_crypto) {
+			$this->param_crypto = $param_crypto;
+		}
+		$this->session_name = $name;
+	}
+
+	protected function read_session() {
+		$In            = \X_Input();
+		$this->session = $In->CookieValue($this->session_name, false) ?: $In->Request($this->session_name, "")->string();
+		if (strlen($this->session) > 0) {
+			if (is_array($session_data = $this->decrypt_b64($this->session))) {
+				if (isset($session_data["cs"]) && $session_data["cs"] == $this->crypto_checksum($session_data)) {
+					$this->session_data = $session_data;
+					return true;
+				} else {
+					throw new SessionChecksumError("Checksum Error", [get_defined_vars(), $this]);
+				}
+			}
+		}
+		return false;
+	}
+
+	/**
+	 * @param $session_data
+	 */
+	protected function make_session($session_data) {
+		if ( ! isset($session_data["cc"])) {
+			$session_data["cc"] = $this->crypto_code_new();
+		}
+		$session_data["cs"] = $this->crypto_checksum($session_data);
+		return $this->crypt_b64($session_data);
+	}
+
+	/**
+	 * @param $D
+	 */
+	protected function check_data_colls($D) {
+		if (isset($D["a"]) && isset($D["s"]) && isset($D["cc"]) && isset($D["u"]) && isset($D["t"])) {
+			return true;
+		} else {
+			return false;
+		}
+	}
+
+	/**
+	 * @param $code_session
+	 * @param $code_base
+	 * @param $depth
+	 */
+	protected function crypto_code_check($code_session, $code_base, $depth = 3) {
+		for ($i = 0; $i < $depth; $i++) {
+			if ($code_session == $code_base) {
+				return true;
+			}
+			$code_base = $this->crypto_code_prev($code_base);
+		}
+		return false;
+	}
+
+	protected function crypto_code_new() {
+		return rand(1000, time());
+	}
+
+	/**
+	 * @param $code
+	 */
+	protected function crypto_code_next($code) {
+		return $this->BitwiseCROR($code, $this->param_crypto[1]) ^ $this->param_crypto[2];
+	}
+
+	/**
+	 * @param $code
+	 */
+	protected function crypto_code_prev($code) {
+		return $this->BitwiseCROL(($code ^ $this->param_crypto[2]), $this->param_crypto[1]);
+	}
+
+	/**
+	 * @return mixed
+	 */
+	protected function crypto_checksum($session_data) {
+		if (is_array($session_data)) {
+			if ( ! $this->check_data_colls($D)) {
+				throw new SessionHacked("Session data not full!", $session_data);
+			}
+			$D = array_map(function ($i) {return intval($i);}, $session_data);
+			return $this->BitwiseCROR(((($D["a"] & ( ! $D["s"])) ^ $D["cc"]) & $D["u"]), ($D["t"] ^ $this->param_crypto[0]));
+		}
+	}
+
+	/**
+	 * @param $Data
+	 */
+	protected function set_cookie($Data) {
+		setcookie($this->session_name,
+			$this->make_session($Data),
+			time() + (60 * 60 * 24 * 30 * 12 * 10), ////////////////////////////////// TIME LIVE COOKIE 10 years
+			"/"
+		);
+	}
+}
+/**
+ * EXAMPLE:
+ *
+ * class Session extends X\Accounting\Session
+ * {
+ * 	public __construct()
+ * 	{
+ * 		parent::__construct(Config::KEY, Config::NAME, Config::CRYPTO);
+ * 	}
+ * }
+ */
+?>
\ No newline at end of file
--- a/Security/Crypto/IDEA.php
+++ b/Security/Crypto/IDEA.php
+<?php
+namespace X\Security\Crypto;
+class IDEA {
+	// protected function strToHex($string)
+	// protected function hexToStr($hex)
+	use \X\Tool\Strings\CharHEX;
+	// protected function urlSafeB64Encode
+	// protected function urlSafeB64Decode
+	use \X\Tool\URL\urlSafe;
+
+	/**
+	 * @var hex
+	 */
+	protected $key, $IV;
+
+	/**
+	 * @param string $key
+	 */
+	public function __construct($key) {
+		$this->setKey($key);
+	}
+
+	/**
+	 * @param string $Key
+	 */
+	public function setKey($Key) {
+		$this->key = $this->strToHex($Key);
+	}
+
+	/**
+	 * @param string $IV
+	 */
+	public function setIV($IV) {
+		$this->IV = $this->strToHex($IV);
+	}
+
+	/**
+	 * @param string $Algo
+	 */
+	public function setAlgo($Algo) {
+		if (in_array($Algo, openssl_get_cipher_methods())) {
+			$this->algo = $Algo;
+		} else {
+			throw new \X\ETrace\System("Crypt Algorithm not found: " . $Algo, 0, ["allow_algo" => openssl_get_cipher_methods()]);
+		}
+	}
+
+	/**
+	 * @param $Data
+	 */
+	protected function crypt_bin($Data) // : string // BIN
+	{
+		return openssl_encrypt(implode(":", $Data), $this->algo, $this->key, OPENSSL_RAW_DATA, $this->IV);
+	}
+
+	/**
+	 * @param $BIN
+	 */
+	protected function decrypt_bin($BIN) // : Array
+	{
+		return explode(":", openssl_decrypt($BIN, $this->algo, $this->key, OPENSSL_RAW_DATA, $this->IV));
+	}
+
+	/**
+	 * @param $Data
+	 */
+	protected function crypt_hex($Data) // : string // HEX
+	{
+		return bin2hex($this->crypt_bin($Data));
+	}
+
+	/**
+	 * @param $HEX
+	 * @return mixed
+	 */
+	protected function decrypt_hex($HEX) // : Array
+	{
+		return $this->decrypt_bin(hex2bin($HEX));
+	}
+
+	/**
+	 * @param $Data
+	 * @return mixed
+	 */
+	protected function crypt_b64($Data) // : string // Base64
+	{
+		return $this->urlSafeB64Encode($this->crypt_bin($Data));
+	}
+
+	/**
+	 * @param $B64
+	 * @return mixed
+	 */
+	protected function decrypt_b64($B64) // : Array
+	{
+		return $this->decrypt_bin($this->urlSafeB64Decode($B64));
+	}
+}
+?>
\ No newline at end of file
--- a/Session.php
+++ b/Session.php
 <?php
-class X_Session
-{
-	use X\Tool\urlSafe;
+class X_Session {
+	// protected function urlSafeB64Encode
+	// protected function urlSafeB64Decode
+	use \X\Tool\URL\urlSafe;

+	/**
+	 * @var mixed
+	 */
 	protected $key, $algo, $session = false, $IV = null;
+	/**
+	 * @var string
+	 */
 	protected $collName = "s";

-	function __construct()
-	{
+	public function __construct() {
 		$this->setKey("12345678"); // 8 symbols
 		$this->setAlgo("idea-ecb");
 	}

-	public function setKey($Key)
-	{
+	/**
+	 * @param $Key
+	 */
+	public function setKey($Key) {
 		$this->key = $this->strToHex($Key);
 	}
-	public function setIV($IV)
-	{
+
+	/**
+	 * @param $IV
+	 */
+	public function setIV($IV) {
 		$this->IV = $this->strToHex($IV);
 	}

-	public function setAlgo($Algo)
-	{
-		if(in_array($Algo, openssl_get_cipher_methods()))
+	/**
+	 * @param $Algo
+	 */
+	public function setAlgo($Algo) {
+		if (in_array($Algo, openssl_get_cipher_methods())) {
 			$this->algo = $Algo;
-		else throw new Exception("Crypt Algorithm not found: ".$Algo, 0);
-		
+		} else {
+			throw new Exception("Crypt Algorithm not found: " . $Algo, 0);
+		}
 	}

-	protected function make_session($Data, $algo = "b64")
-	{
-		switch ($algo) 
-		{
+	/**
+	 * @param  $Data
+	 * @param  $algo
+	 * @return mixed
+	 */
+	protected function make_session($Data, $algo = "b64") {
+		switch ($algo) {
 			case 'b64':
 				return $this->session = $this->crypt_b64($Data);
 				break;
-			
+
 			case 'hex':
 				return $this->session = $this->crypt_hex($Data);
 				break;
-			
+
 			case 'bin':
 				return $this->session = $this->crypt_bin($Data);
 				break;
-			
+
 			default:
 				return $this->session = $this->crypt_bin($Data);
 				break;
 		}
 	}

-	public function set_cookie(Array $Data, $algo = "b64") // : void // php7
+	/**
+	 * @param array   $Data
+	 * @param $algo
+	 */
+	public function set_cookie($Data, $algo = "b64") // : void // php7
 	{
 		setcookie($this->collName,
 			$this->make_session($Data, $algo),
-			time()+(60*60*24*30*12*10), ////////////////////////////////// TIME LIVE COOKIE 10 years
+			time() + (60 * 60 * 24 * 30 * 12 * 10), ////////////////////////////////// TIME LIVE COOKIE 10 years
 			"/"
 		);
 	}

-	protected function crypt_bin(Array $Data) // : string // BIN
+	/**
+	 * @param array $Data
+	 */
+	protected function crypt_bin($Data) // : string // BIN
 	{
-		return openssl_encrypt(implode(":", $Data), $this->algo, $this->key, OPENSSL_RAW_DATA, $this->IV );
+		return openssl_encrypt(implode(":", $Data), $this->algo, $this->key, OPENSSL_RAW_DATA, $this->IV);
 	}

+	/**
+	 * @param $BIN
+	 */
 	protected function decrypt_bin($BIN) // : Array
 	{
-		return explode(":", openssl_decrypt($BIN, $this->algo, $this->key, OPENSSL_RAW_DATA, $this->IV ));
+		return explode(":", openssl_decrypt($BIN, $this->algo, $this->key, OPENSSL_RAW_DATA, $this->IV));
 	}

-	protected function crypt_hex(Array $Data) // : string // HEX
+	/**
+	 * @param array $Data
+	 */
+	protected function crypt_hex($Data) // : string // HEX
 	{
-		return bin2hex( $this->crypt_bin($Data) );
+		return bin2hex($this->crypt_bin($Data));
 	}

+	/**
+	 * @param  $HEX
+	 * @return mixed
+	 */
 	protected function decrypt_hex($HEX) // : Array
 	{
-		return $this->decrypt_bin( hex2bin($HEX) );
+		return $this->decrypt_bin(hex2bin($HEX));
 	}

-	protected function crypt_b64(Array $Data) // : string // Base64
+	/**
+	 * @param  array   $Data
+	 * @return mixed
+	 */
+	protected function crypt_b64($Data) // : string // Base64
 	{
-		return $this->urlSafeB64Encode( $this->crypt_bin($Data) );
+		return $this->urlSafeB64Encode($this->crypt_bin($Data));
 	}

+	/**
+	 * @param  $B64
+	 * @return mixed
+	 */
 	protected function decrypt_b64($B64) // : Array
 	{
-		return $this->decrypt_bin( $this->urlSafeB64Decode($B64) );
+		return $this->decrypt_bin($this->urlSafeB64Decode($B64));
 	}

-
-	private function strToHex($string)
-	{
+	/**
+	 * @param  $string
+	 * @return mixed
+	 */
+	private function strToHex($string) {
 		$hex = "";
-		for ($i=0; $i < strlen($string); $i++){ $hex .= dechex(ord($string[$i])); }
+		for ($i = 0; $i < strlen($string); $i++) {$hex .= dechex(ord($string[$i]));}
 		return $hex;
 	}

-	private function hexToStr($hex)
-	{
+	/**
+	 * @param  $hex
+	 * @return mixed
+	 */
+	private function hexToStr($hex) {
 		$string = "";
-		for ($i=0; $i < strlen($hex)-1; $i+=2){ $string .= chr(hexdec($hex[$i].$hex[$i+1])); }
+		for ($i = 0; $i < strlen($hex) - 1; $i += 2) {$string .= chr(hexdec($hex[$i] . $hex[$i + 1]));}
 		return $string;
 	}
 }

--- a/Tool/BitwiseCyclicShift.php
+++ b/Tool/BitwiseCyclicShift.php
+<?php
+namespace X\Tool;
+
+trait BitwiseCyclicShift {
+
+	/**
+	 * @param  $v
+	 * @param  $c
+	 * @return mixed
+	 */
+	protected function BitwiseCROR($v, $c) {
+		$c = $c % 32;
+		return $c ? ((($v >> 1) & 2147483647) >> ($c - 1)) | ($v << (32 - $c)) : $v;
+	}
+
+	/**
+	 * @param  $v
+	 * @param  $c
+	 * @return mixed
+	 */
+	protected function BitwiseCROL($v, $c) {
+		$c = $c % 32;
+		return $c ? ($v << $c) | ((($v >> 1) & 2147483647) >> (31 - $c)) : $v;
+	}
+}
+
+?>
\ No newline at end of file
--- a/Tool/Strings/CharHEX.php
+++ b/Tool/Strings/CharHEX.php
+<?php
+namespace X\Tool\Strings;
+trait CharHEX {
+	/**
+	 * @param  $string
+	 * @return mixed
+	 */
+	protected function strToHex($string) {
+		$hex = "";
+		for ($i = 0; $i < strlen($string); $i++) {$hex .= dechex(ord($string[$i]));}
+		return $hex;
+	}
+
+	/**
+	 * @param  $hex
+	 * @return mixed
+	 */
+	protected function hexToStr($hex) {
+		$string = "";
+		for ($i = 0; $i < strlen($hex) - 1; $i += 2) {$string .= chr(hexdec($hex[$i] . $hex[$i + 1]));}
+		return $string;
+	}
+}
+?>
\ No newline at end of file
--- a/Tool/URL/urlSafe.php
+++ b/Tool/URL/urlSafe.php
+<?php
+namespace X\Tool;
+
+trait urlSafe {
+	/**
+	 * @param $data
+	 */
+	protected function urlSafeB64Encode($data) {return str_replace(['+', '/', '\r', '\n', '='], ['-', '_'], base64_encode($data));}
+
+	/**
+	 * @param $b64
+	 */
+	protected function urlSafeB64Decode($b64) {return base64_decode(str_replace(['-', '_'], ['+', '/'], $b64));}
+}
+
+/*
+Example:
+
+class ClassName
+{
+use X\Tool\urlSafe;
+
+public function Test($Data)
+{
+return $this->urlSafeB64Encode($Data);
+}
+}
+
+ */
+?>
\ No newline at end of file
--- a/Tool/urlSafe.php
+++ b/Tool/urlSafe.php
-<?php
-namespace X\Tool;
-
-trait urlSafe 
-{
-	protected function urlSafeB64Encode($data){return str_replace(['+', '/', '\r', '\n', '='], ['-', '_'], base64_encode($data));}
-	protected function urlSafeB64Decode($b64){return base64_decode(str_replace( ['-', '_'], ['+', '/'], $b64));}	
-}
-
-/*
-Example:
-
-class ClassName
-{
-	use X\Tool\urlSafe;
-
-	public function Test($Data)
-	{
-		return $this->urlSafeB64Encode($Data);
-	}
-}
-
-*/
-?>
\ No newline at end of file