28define(
'MAIN_SECURITY_REVERSIBLE_ALGO',
'AES-256-CTR');
42 if (isset($_SERVER[
'HTTPS']) && $_SERVER[
'HTTPS'] ==
'on') {
44 } elseif (!empty($_SERVER[
'HTTP_X_FORWARDED_PROTO']) && $_SERVER[
'HTTP_X_FORWARDED_PROTO'] ==
'https' || !empty($_SERVER[
'HTTP_X_FORWARDED_SSL']) && $_SERVER[
'HTTP_X_FORWARDED_SSL'] ==
'on') {
64function dolEncrypt($chain, $key =
'', $ciphering =
'', $forceseed =
'', $obfuscationmode =
'dolcrypt')
67 global $dolibarr_disable_dolcrypt_for_debug;
69 if ($chain ===
'' || is_null($chain)) {
74 if (preg_match(
'/^(dolobfuscationv1[^:]+|dolcrypt):([^:]+):(.+)$/', $chain, $reg)) {
80 if (!empty(
$conf->file->dolcrypt_key)) {
81 $key =
$conf->file->dolcrypt_key;
84 $key =
$conf->file->instance_unique_id;
87 if (empty($ciphering)) {
88 $ciphering = constant(
'MAIN_SECURITY_REVERSIBLE_ALGO');
93 if (function_exists(
'openssl_encrypt') && empty($dolibarr_disable_dolcrypt_for_debug)) {
99 if (function_exists(
'openssl_cipher_iv_length')) {
100 $ivlen = openssl_cipher_iv_length($ciphering);
102 if ($ivlen ===
false || $ivlen < 1 || $ivlen > 32) {
105 if (empty($forceseed)) {
108 $ivseed =
dol_substr(md5($forceseed), 0, $ivlen,
'ascii', 1);
112 $key = preg_replace(
'/,.*$/',
'', $key);
114 $newchain = openssl_encrypt($chain, $ciphering, $key, 0, $ivseed);
116 return $obfuscationmode.
':'.$ciphering.
':'.$ivseed.
':'.$newchain;
137 if ($chain ===
'' || is_null($chain)) {
144 if (!empty(
$conf->file->dolcrypt_key)) {
146 $key =
$conf->file->dolcrypt_key;
149 $key = !empty(
$conf->file->instance_unique_id) ?
$conf->file->instance_unique_id :
"";
156 if (preg_match(
'/^crypted:(.+)$/', $chain, $reg)) {
161 if (preg_match(
'/^dol[^:]+:([^:]+):(.+)$/', $chain, $reg)) {
165 $ciphering = $reg[1];
166 if (function_exists(
'openssl_decrypt')) {
168 dol_syslog(
"Error dolDecrypt decrypt key is empty", LOG_WARNING);
171 $tmpexplode = explode(
':', $reg[2]);
172 if (!empty($tmpexplode[1])) {
173 $data = $tmpexplode[1];
174 $iv = $tmpexplode[0];
176 $data = (
string) $tmpexplode[0];
180 $keys = explode(
',', $key);
185 foreach ($keys as $tmpkey) {
186 $newchain = openssl_decrypt($data, $ciphering, $tmpkey, 0, $iv);
187 if (!empty($patterntotest) && preg_match(
'/^'.preg_quote($patterntotest,
'/').
'/', $newchain)) {
197 if (empty($savkey)) {
198 dol_syslog(
"Error dolDecrypt failed: The key dolibarr_main_dolcrypt or dolibarr_main_instance_unique_id, found in conf.php file, is the the one used to encrypt this encrypted string", LOG_ERR);
200 dol_syslog(
"Error dolDecrypt failed: The string decoded with the key return a non valid value (not ascii)", LOG_ERR);
205 dol_syslog(
"Error dolDecrypt openssl_decrypt is not available", LOG_ERR);
235function dol_hash($chain, $type =
'0', $nosalt = 0, $mode = 0)
238 if (($type ==
'0' || $type ==
'auto') &&
getDolGlobalString(
'MAIN_SECURITY_HASH_ALGO') ==
'password_hash' && function_exists(
'password_hash')) {
240 if (strpos($chain,
"\0") !==
false) {
242 return array(
'pass_encrypted' =>
'Invalid string to encrypt. Contains a null character',
'pass_encoding' =>
'');
244 return 'Invalid string to encrypt. Contains a null character.';
250 return array(
'pass_encrypted' => password_hash($chain, PASSWORD_DEFAULT),
'pass_encoding' =>
'password_hash');
252 return password_hash($chain, PASSWORD_DEFAULT);
257 if (
getDolGlobalString(
'MAIN_SECURITY_SALT') && $type !=
'4' && $type !==
'openldap' && empty($nosalt)) {
261 if ($type ==
'1' || $type ==
'sha1') {
263 return array(
'pass_encrypted' => sha1($chain),
'pass_encoding' =>
'sha1');
267 } elseif ($type ==
'2' || $type ==
'sha1md5') {
269 return array(
'pass_encrypted' => sha1(md5($chain)),
'pass_encoding' =>
'sha1md5');
271 return sha1(md5($chain));
273 } elseif ($type ==
'3' || $type ==
'md5') {
275 return array(
'pass_encrypted' => md5($chain),
'pass_encoding' =>
'md5');
279 } elseif ($type ==
'4' || $type ==
'openldap') {
285 } elseif ($type ==
'5' || $type ==
'sha256') {
287 return array(
'pass_encrypted' => hash(
'sha256', $chain),
'pass_encoding' =>
'sha256');
289 return hash(
'sha256', $chain);
291 } elseif ($type ==
'6' || $type ==
'password_hash') {
293 return array(
'pass_encrypted' => password_hash($chain, PASSWORD_DEFAULT),
'pass_encoding' =>
'password_hash');
295 return password_hash($chain, PASSWORD_DEFAULT);
299 return array(
'pass_encrypted' => sha1($chain),
'pass_encoding' =>
'sha1');
305 return array(
'pass_encrypted' => sha1(md5($chain)),
'pass_encoding' =>
'sha1md5');
307 return sha1(md5($chain));
313 return array(
'pass_encrypted' => md5($chain),
'pass_encoding' =>
'md5');
333 if ($type ==
'0' &&
getDolGlobalString(
'MAIN_SECURITY_HASH_ALGO') ==
'password_hash' && function_exists(
'password_verify')) {
335 if (! empty($hash[0]) && $hash[0] ==
'$') {
336 return password_verify($chain, $hash);
346 return dol_hash($chain, $type) == $hash;
dol_strlen($string, $stringencoding='UTF-8')
Make a strlen call.
dol_substr($string, $start, $length=null, $stringencoding='', $trunconbytes=0)
Make a substring.
ascii_check($str)
Check if a string is in ASCII.
getDolGlobalString($key, $default='')
Return a Dolibarr global constant string value.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
print $langs trans("Show") . '< td style="' . $timeColor . '" align="center"> s</td > badge status0 badge status4 badge status3 Error badge status8< td align="center">< span class="badge ' . $badge . '"></span ></td >< td align="center">< a href="#" class="button button-small" onclick="openLogModal(this)" data-req="' . dol_escape_htmltag($reqSafe) . '" data-res="' . dol_escape_htmltag($resSafe) . '" data-err="' . dol_escape_htmltag($errSafe) . '">< span class="fa fa-search-plus"></span ></a ></td ></tr >< tr >< td colspan="' . $colspan . '" class="opacitymedium"></td ></tr ></table ></div ></form > logModal none logModal none s a JSON string
buildzip.php
dolGetRandomBytes($length)
Return a string of random bytes (hexa string) with length = $length for cryptographic purposes.
dol_decode($chain, $key='1')
Decode a base 64 encoded + specific delta change.
dolGetLdapPasswordHash($password, $type='md5')
Returns a specific ldap hash of a password.
dol_hash($chain, $type='0', $nosalt=0, $mode=0)
Returns a hash (non reversible encryption) of a string.
dolDecrypt($chain, $key='', $patterntotest='')
Decode a string with a symmetric encryption.
isHTTPS()
Return if we are using a HTTPS connection Check HTTPS (no way to be modified by user but may be empty...
dol_verifyHash($chain, $hash, $type='0')
Compute a hash and compare it to the given one For backward compatibility reasons,...
dolEncrypt($chain, $key='', $ciphering='', $forceseed='', $obfuscationmode='dolcrypt')
Encode a string with a symmetric encryption.