1: <?php
2: /*****************************************************************************************
3: * X2Engine Open Source Edition is a customer relationship management program developed by
4: * X2Engine, Inc. Copyright (C) 2011-2016 X2Engine Inc.
5: *
6: * This program is free software; you can redistribute it and/or modify it under
7: * the terms of the GNU Affero General Public License version 3 as published by the
8: * Free Software Foundation with the addition of the following permission added
9: * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
10: * IN WHICH THE COPYRIGHT IS OWNED BY X2ENGINE, X2ENGINE DISCLAIMS THE WARRANTY
11: * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
12: *
13: * This program is distributed in the hope that it will be useful, but WITHOUT
14: * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15: * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
16: * details.
17: *
18: * You should have received a copy of the GNU Affero General Public License along with
19: * this program; if not, see http://www.gnu.org/licenses or write to the Free
20: * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21: * 02110-1301 USA.
22: *
23: * You can contact X2Engine, Inc. P.O. Box 66752, Scotts Valley,
24: * California 95067, USA. or at email address [email protected].
25: *
26: * The interactive user interfaces in modified source and object code versions
27: * of this program must display Appropriate Legal Notices, as required under
28: * Section 5 of the GNU Affero General Public License version 3.
29: *
30: * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
31: * these Appropriate Legal Notices must retain the display of the "Powered by
32: * X2Engine" logo. If the display of the logo is not reasonably feasible for
33: * technical reasons, the Appropriate Legal Notices must display the words
34: * "Powered by X2Engine".
35: *****************************************************************************************/
36:
37: Yii::import('application.components.TransformedFieldStorageBehavior');
38: Yii::import('application.components.util.EncryptUtil');
39:
40: /**
41: * Behavior class for storing encrypted values in database fields.
42: *
43: * @package application.components
44: * @author Demitri Morgan <[email protected]>
45: */
46: class EncryptedFieldsBehavior extends TransformedFieldStorageBehavior {
47:
48: /**
49: * If true, the stored value will be encrypted.
50: * @var bool
51: */
52: protected static $encrypt = true;
53:
54: /**
55: * Encryption utility object
56: * @var EncryptUtil
57: */
58: public static $encryption;
59:
60: /**
61: * If true, throws an exception if no object has been instantiated.
62: *
63: * This is to prevent generating a new key for every new usage (which would
64: * render useless any and all encrypted data; it could not be decrypted if
65: * that were the case).
66: * @var bool
67: */
68: public $checkObject = true;
69:
70: /**
71: * Creates a new encryption utility object for use with this behavior.
72: * @param type $keyFile
73: * @param type $IVFile
74: */
75: public static function setup($keyFile,$IVFile) {
76: self::$encryption = new EncryptUtil($keyFile,$IVFile);
77: if(!file_exists($keyFile)) {
78: self::$encryption->saveNew(false);
79: }
80: self::$encrypt = true;
81: }
82:
83: public static function setupUnsafe() {
84: self::$encrypt = false;
85: }
86:
87: /**
88: * Checks for whether a working encryption object is available before attaching.
89: * @throws Exception
90: */
91: public function attach($owner){
92: if(!isset(self::$encryption) && $this->checkObject) {
93: throw new Exception(
94: 'Cannot use '.__CLASS__.'; encryption utility object has not been instantiated.');
95: }
96: parent::attach($owner);
97: }
98: /**
99: * Encrypts the attribute for database storage.
100: * @param string $name Attribute to be transformed
101: * @return string
102: */
103: public function packAttribute($name){
104: return self::$encrypt ?
105: self::$encryption->encrypt($this->getOwner()->$name) : $this->getOwner()->$name;
106: }
107:
108: /**
109: * Decrypts the attribute for setting/use in the interface.
110: * @param string $name Attribute to be transformed
111: * @return string
112: */
113: public function unpackAttribute($name){
114: if($this->getOwner()->$name) {
115: return self::$encrypt ?
116: self::$encryption->decrypt($this->getOwner()->$name) : $this->getOwner()->$name;
117: } else {
118: return null;
119: }
120: }
121: }
122:
123: ?>
124: