From 88fe7ec9c63f05703069fc50a75011f9d510b0dd Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis@dolibarr.fr>
Date: Wed, 16 Dec 2009 10:36:18 +0000
Subject: [PATCH] Works on files encryption

---
 htdocs/admin/security.php   |   9 ++-
 htdocs/lib/security.lib.php | 108 ++++++++++++++++++++++++++++++++++++
 2 files changed, 112 insertions(+), 5 deletions(-)

diff --git a/htdocs/admin/security.php b/htdocs/admin/security.php
index 245d458eac2..5daad165fc9 100644
--- a/htdocs/admin/security.php
+++ b/htdocs/admin/security.php
@@ -20,7 +20,7 @@
 /**
  *		\file       htdocs/admin/security.php
  *      \ingroup    setup
- *      \brief      Page de configuration du module s�curit�
+ *      \brief      Page de configuration du module securite
  *		\version    $Id$
  */
 
@@ -83,7 +83,7 @@ if ($_GET["action"] == 'activate_encrypt')
 }
 else if ($_GET["action"] == 'disable_encrypt')
 {
-	//On n'autorise pas l'annulation de l'encryption car les mots de passe ne peuvent pas �tre d�cod�s
+	//On n'autorise pas l'annulation de l'encryption car les mots de passe ne peuvent pas etre decodes
 	//Do not allow "disable encryption" as passwords cannot be decrypted
 	if ($allow_disable_encryption)
 	{
@@ -176,7 +176,7 @@ dol_fiche_head($head, 'passwords', $langs->trans("Security"));
 $var=false;
 
 
-// Choix du gestionnaire du g�n�rateur de mot de passe
+// Choix du gestionnaire du generateur de mot de passe
 print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
 print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
 print '<input type="hidden" name="action" value="update">';
@@ -247,7 +247,6 @@ print '</form>';
 
 // Cryptage mot de passe
 print '<br>';
-
 $var=true;
 print "<form method=\"post\" action=\"security.php\">";
 print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
@@ -281,7 +280,7 @@ if($conf->global->DATABASE_PWD_ENCRYPTED)
 	print '<td align="center" width="100">';
 	if ($allow_disable_encryption)
 	{
-		//On n'autorise pas l'annulation de l'encryption car les mots de passe ne peuvent pas �tre d�cod�s
+		//On n'autorise pas l'annulation de l'encryption car les mots de passe ne peuvent pas etre decodes
 	  	//Do not allow "disable encryption" as passwords cannot be decrypted
 	  	print '<a href="security.php?action=disable_encrypt">'.$langs->trans("Disable").'</a>';
 	}
diff --git a/htdocs/lib/security.lib.php b/htdocs/lib/security.lib.php
index 6c215029ce9..7f76e7bbc9c 100644
--- a/htdocs/lib/security.lib.php
+++ b/htdocs/lib/security.lib.php
@@ -514,4 +514,112 @@ function dol_avscan_file($file)
 	return $malware;
 }
 
+/**
+ * Return array of ciphers mode available
+ * 
+ * @return strAv	Configuration file content
+ */
+function dol_efc_config()
+{
+	// Make sure we can use mcrypt_generic_init
+	if (!function_exists("mcrypt_generic_init"))
+	{
+		return -1;
+	}
+	
+	// Set a temporary $key and $data for encryption tests
+	$key = md5(time() . getmypid());
+	$data = mt_rand();
+	
+	// Get and sort available cipher methods
+	$ciphers = mcrypt_list_algorithms();
+	natsort($ciphers);
+	
+	// Get and sort available cipher modes
+	$modes = mcrypt_list_modes();
+	natsort($modes);
+	
+	foreach ($ciphers as $cipher)
+	{
+		foreach ($modes as $mode)
+		{
+			// Not Compatible
+			$result = 'false';
+			
+			// open encryption module
+			$td = @mcrypt_module_open($cipher, '', $mode, '');
+			
+			// if we could open the cipher
+			if ($td)
+			{
+				// try to generate the iv
+				$iv = @mcrypt_create_iv(mcrypt_enc_get_iv_size ($td), MCRYPT_RAND);
+				
+				// if we could generate the iv
+				if ($iv)
+				{
+					// initialize encryption
+					@mcrypt_generic_init ($td, $key, $iv);
+					
+					// encrypt data
+					$encrypted_data = mcrypt_generic($td, $data);
+					
+					// cleanup
+					mcrypt_generic_deinit($td);
+					
+					// No error issued
+					$result = 'true';
+				}
+				
+				// close
+				@mcrypt_module_close($td);
+			}
+			
+			if ($result == "true") $available["$cipher"][] = $mode;
+		}
+	}
+	
+	if (count($available) > 0)
+	{
+       // Content of configuration
+       $strAv = "<?php\n";
+       $strAv.= "/* Copyright (C) 2003 HumanEasy, Lda. <humaneasy@sitaar.com>\n";
+       $strAv.= " * Copyright (C) 2009 Regis Houssin <regis@dolibarr.fr>\n";
+       $strAv.= " *\n";
+       $strAv.= " * All rights reserved.\n";
+       $strAv.= " * This file is licensed under GNU GPL version 2 or above.\n";
+       $strAv.= " * Please visit http://www.gnu.org to now more about it.\n";
+       $strAv.= " */\n\n";
+       $strAv.= "/**\n"; 
+       $strAv.= " *  Name: EasyFileCrypt Extending Crypt Class\n";
+       $strAv.= " *  Version: 1.0\n";
+       $strAv.= " *  Created: ".date("r")."\n";
+       $strAv.= " *  Ciphers Installed on this system: ".count($ciphers)."\n";
+       $strAv.= " */\n\n";
+       $strAv.= "    \$xfss = Array ( ";
+
+       foreach ($ciphers as $avCipher) {
+
+           $v = "";
+           if (count($available["$avCipher"]) > 0) {
+              foreach ($available["$avCipher"] as $avMode)
+                  $v .= " '".$avMode."', ";
+
+                  $i = strlen($v) - 2;
+                  if ($v[$i] == ",")
+                    $v = substr($v, 2, $i - 3);
+           }
+           if (!empty($v)) $v = " '".$v."' ";
+           $strAv .= "'".$avCipher."' => Array (".$v."),\n                    ";
+       }
+       $strAv = rtrim($strAv);
+       if ($strAv[strlen($strAv) - 1] == ",")
+          $strAv = substr($strAv, 0, strlen($strAv) - 1);
+       $strAv .= " );\n\n";
+       $strAv .= "?>";
+       
+       return $strAv;
+   }
+}
+
 ?>
\ No newline at end of file