\n";
exit();
}
define(CRYPTPREFIX, 'ENCRYPTED--');
define(CRYPTSUFFIX, '--ENCRYPTED');
SDV($WikiShEditCrypting, false);
SDV($WikiShVars['CRYPT_ALGORITHM'], MCRYPT_DES);
SDV($WikiShVars['CRYPT_ALGORITHM_DIR'], '');
SDV($WikiShVars['CRYPT_MODE'], MCRYPT_MODE_ECB);
SDV($WikiShVars['CRYPT_MODE_DIR'], '');
SDV($WikiShVars['CRYPT_IV'], '');
# The following can be set to a page or TEXTFILE--file.
# You must have read/write privs on this file
SDV($WikiShVars['CRYPT_IV_FILE'], 'WikiSh.IV');
function WikiShEncrypt($pagename, $opt, $cleartext)
{
$func = 'WikiShEncrypt()';
wdbg(4,"$func: Entering: $cleartext");
if (substr($crypttext, 0, strlen(CRYPTPREFIX)) == CRYPTPREFIX &&
substr($crypttext, -strlen(CRYPTSUFFIX)) == CRYPTSUFFIX) {
WikiShStdErr($pagename, $opt, "ERROR: $func: Attempt to encrypt already-encrypted text. Encryption aborted.");
return($cleartext);
}
if (!($td = WikiShCryptInit($pagename, $opt))) return(false);
$crypttext = CRYPTPREFIX . base64_encode(mcrypt_generic($td, $cleartext)) . CRYPTSUFFIX;
WikiShCryptDeinit($td);
wdbg(2,"$func: returning Encrypted: $crypttext");
return($crypttext);
}
function WikiShDecrypt($pagename, $opt, $crypttext)
{
$func = 'WikiShDecrypt()';
wdbg(4,"$func: Entering: $crypttext");
if (substr($crypttext, 0, strlen(CRYPTPREFIX)) != CRYPTPREFIX ||
substr($crypttext, -strlen(CRYPTSUFFIX)) != CRYPTSUFFIX) {
WikiShStdErr($pagename, $opt, "ERROR: $func: Attempt to decrypt clear text. Decryption aborted.");
return($crypttext);
} else {
$crypttext = substr(substr($crypttext, 0, -strlen(CRYPTSUFFIX)), strlen(CRYPTPREFIX));
}
if (!($td = WikiShCryptInit($pagename, $opt))) return(false);
wdbg(1,"$func: Init completed");
$cleartext = mdecrypt_generic($td, base64_decode($crypttext));
wdbg(1,"$func: decrypt completed");
$cleartext = rtrim($cleartext, CHR(0));
wdbg(1,"$func: rtrim completed");
WikiShCryptDeinit($td);
wdbg(2,"$func: returning Decrypted: $cleartext");
return($cleartext);
}
Markup_e('WikiShCrypt', '<{(',
'/('.CRYPTPREFIX.'.*'.CRYPTSUFFIX.')/',
"MarkupDecrypt(\$pagename, PSS(\$m[1]))");
function MarkupDecrypt($pagename, $crypttext)
{
if ($_REQUEST['passwd'] && $_REQUEST['decrypt']) {
$cleartext = WikiShDecrypt($pagename, array('passwd'=>$_REQUEST['passwd']), $crypttext);
#echo "ENCRYPTED: >>$crypttext<<
\nDECRYPTED: $cleartext
\n";
return($cleartext);
} else {
$rtn = "(:input form method=POST:)";
$rtn .= '(:input hidden n {*$FullName}:)' . "\n";
$rtn .= "--ENCRYPTED TEXT--\\\\\nPassword: ";
$rtn .= '(:input password passwd:)';
$rtn .= '(:input submit decrypt Decrypt:)';
$rtn .= "\\\\\n''(If you decrypt with the wrong password you will need to re-load the page before you can try again.)''";
return($rtn);
}
}
function WikiShCryptInit($pagename, $opt)
{
global $WikiShVars;
$func = 'WikiShCryptInit()';
# Get password from $opt['passwd'] or ${CRYPT_PASSWD} or else return failure
if (isset($opt['passwd']))
$passwd = $opt['passwd'];
elseif (isset($WikiShVars['CRYPT_PASSWD']))
$passwd = $WikiShVars['CRYPT_PASSWD'];
else {
wdbg(2,"$func: No password.");
WikiShStdErr($pagename, $opt, "ERROR: No passphrase. Cryption aborted.");
return(false);
}
wdbg(1,"$func: pass=$passwd");
# Make sure we have the algorithm and mode and dirs
if (!isset($WikiShVars['CRYPT_ALGORITHM'])) {
WikiShStdErr($pagename, $opt, "ERROR: Crypt: \${CRYPT_ALGORITHM} not set. Crypt operation aborted.");
return(false);
}
if (!isset($WikiShVars['CRYPT_MODE'])) {
WikiShStdErr($pagename, $opt, "ERROR: Crypt: \${CRYPT_MODE} not set. Crypt operation aborted.");
return(false);
}
if (!isset($WikiShVars['CRYPT_ALGORITHM_DIR']))
$WikiShVars['CRYPT_ALGORITHM_DIR'] = '';
if (!isset($WikiShVars['CRYPT_MODE_DIR']))
$WikiShVars['CRYPT_MODE_DIR'] = '';
if (!isset($WikiShVars['CRYPT_IV']) || !$WikiShVars['CRYPT_IV']) {
wdbg(2,"$func: Obtaining IV");
# For some reason ECB gives me an error on iv even tho docs say diff
if (false && $WikiShVars['CRYPT_MODE'] == MCRYPT_MODE_ECB)
$WikiShVars['CRYPT_IV'] = ''; // Not needed
else {
if (!isset($WikiShVars['CRYPT_IV_FILE']) || !$WikiShVars['CRYPT_IV_FILE']) {
WikiShStdErr($pagename, $opt, "ERROR: $func: Must set \${CRYPT_IV_FILE}. Cryption aborted.");
return(false);
}
wdbg(1,"$func: Reading page $WikiShVars[CRYPT_IV_FILE]");
if (!isawikipage('', $WikiShVars['CRYPT_IV_FILE']) &&
!isatextfile('', $WikiShVars['CRYPT_IV_FILE']))
$WikiShVars['CRYPT_IV_FILE'] = WIKIPAGEID . $WikiShVars['CRYPT_IV_FILE'];
if (isset($opt['decrypt'])) unset($opt['decrypt']); // no recurse
$page = ShReadPage($pagename, $opt, $WikiShVars['CRYPT_IV_FILE']);
wdbg(1,"$func: Text read: >>$page[text]<<");
if (isabadfile($page) || !$page['text']) {
wdbg(1,"$func: Read was unsuccessful. Creating IV from zip");
# Create the IV
$td = mcrypt_module_open($WikiShVars['CRYPT_ALGORITHM'], $WikiShVars['CRYPT_ALGORITHM_DIR'], $WikiShVars['CRYPT_MODE'], $WikiShVars['CRYPT_MODE_DIR']);
$size = mcrypt_enc_get_iv_size($td);
# I would like to use MCRYPT_DEV_RAND but it causes problems
# with different OSes. As long as I'm properly seeded I think
# the MCRYPT_RAND is acceptable, particularly since this is
# a potentially public portion of the key
srand((double) microtime() * 1000000); //seed for MCRYPT_RAND
$iv = mcrypt_create_iv($size, MCRYPT_RAND);
mcrypt_module_close($td);
# Write it to the CRYPT_IV_FILE
wdbg(1,"$func: Writing IV($iv) to file");
if (isabadfile($page)) {
if (isatextfile('', $WikiShVars['CRYPT_IV_FILE']))
$page['type'] = 'text';
else
$page['type'] = 'wiki';
}
if (isset($opt['encrypt'])) unset($opt['encrypt']); //no recurse
if (!WikiShWrite($pagename, $opt, $WikiShVars['CRYPT_IV_FILE'], $page['type'], $iv, array())) {
WikiShStdErr($pagename, $opt, "ERROR: $func: Unable to write IV to page/file $WikiShVars[CRYPT_IV_FILE]. Cryption aborted.");
return(false);
}
# Now read it back in
$page = ShReadPage($pagename, $opt, $WikiShVars['CRYPT_IV_FILE']);
if (isabadfile($page)) {
WikiShStdErr($pagename, $opt, "ERROR: $func: Unable to read IV from just-written $WikiShVars[CRYPT_IV_FILE]. Cryption aborted.");
return(false);
}
}
$WikiShVars['CRYPT_IV'] = $page['text'];
}
}
# Prep the encryption
$td = mcrypt_module_open($WikiShVars['CRYPT_ALGORITHM'], $WikiShVars['CRYPT_ALGORITHM_DIR'], $WikiShVars['CRYPT_MODE'], $WikiShVars['CRYPT_MODE_DIR']);
$size = mcrypt_enc_get_key_size($td);
if (strlen($passwd) > $size)
$passwd = substr($passwd, 0, $size);
mcrypt_generic_init($td, $passwd, $WikiShVars['CRYPT_IV']);
wdbg(2,"$func: set IV: $WikiShVars[CRYPT_IV]");
return($td);
}
function WikiShCryptDeinit($td)
{
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
}
$MarkupExpr["encrypt_edittext"] = 'EncryptEditText($pagename, @$argp, @$args)';
function EncryptEditText($pagename, $opt, $args)
{
global $InputValues, $FmtV, $WikiShEditCrypting;
$WikiShEditCrypting = true;
$InputValues['text'] = WikiShEncrypt($page, array('passwd'=>$InputValues['e_cryptpass']), stripmagic($InputValues['text']));
$FmtV['$EditText'] = $InputValues['text'];
$WikiShEditCrypting = false;
}
$MarkupExpr["decrypt_edittext"] = 'DecryptEditText($pagename, @$argp, @$args)';
function DecryptEditText($pagename, $opt, $args)
{
global $InputValues, $FmtV, $WikiShEditCrypting;
$WikiShEditCrypting = true;
$InputValues['text'] = WikiShDecrypt($page, array('passwd'=>$InputValues['e_cryptpass']), $InputValues['text']);
$FmtV['$EditText'] = $InputValues['text'];
$WikiShEditCrypting = false;
}