alexander Posted January 21, 2010 Report Posted January 21, 2010 hmm, well, so pyro, are you saying the the lack of DCE in this code: // The crypto class, class for dealing with various crypto needs, hashing, and stuff like that class Crypto { protected $salt; protected $data; protected $iv; protected $mode; protected $method; // Class constructor function __construct($data=NULL, $salt=NULL, $iv=NULL, $method=NULL, $mode=NULL) { $this->setData($data); $this->setSalt($salt); $this->setIv($iv); $this->setMode($mode); $this->setMethod($method); } //Destructor function __destruct() { //cleanup the memory a little bit $this->salt=''; $this->data=''; $this->iv=''; $this->mode=''; $this->method=''; } function __toString(){ return $this->data; } private function getIvSize(){ return mcrypt_get_iv_size(constant($this->method), constant($this->mode)); } public function setIv($i=NULL){ $this->iv=$iv; } public function setSalt($salt=NULL){ $this->salt=$salt; } public function setData($data=NULL){ $this->data=$data; } //This will set the method to a supported method by the mcrypt or mhash library, agnostic to which one you "plan" on using // Please try to use RIJNDAEL_256 as the encryption method (AES256) function setMethod($method=NULL) { $method=strtoupper($method); $this->method=NULL; //check if this is a hash method $supportedHashMethods=array("ADLER32"=>"MHASH_ADLER32", "CRC32"=>"MHASH_CRC32", "CRC32B"=>"MHASH_CRC32B", "GOST"=>"MHASH_GOST", "HAVAL128"=>"MHASH_HAVAL128", "HAVAL160"=>"MHASH_HAVAL160", "HAVAL192"=>"MHASH_HAVAL192", "HAVAL256"=>"MHASH_HAVAL256", "MD4"=>"MHASH_MD4", "MD5"=>"MHASH_MD5", "RIPEMD160"=>"MHASH_RIPEMD160", "SHA1"=>"MHASH_SHA1", "SHA256"=>"MHASH_SHA1", "TIGER"=>"MHASH_TIGER", "TIGER128"=>"MHASH_TIGER128", "TIGER160"=>"MHASH_TIGER160"); if($this->method=$supportedHashMethods[$method]) return; //if not then check if its a crypto method $supportedCryptMethods = mcrypt_list_algorithms(); foreach($supportedCryptMethods as $supportedMethod) { $supportedMethod = strtoupper(str_replace("-","_",$supportedMethod)); //unfortunately the naming conventions seem to be, juuust a little bit different if($method==$supportedMethod) $this->method="MCRYPT_".$method; return; } if(!$this->method) throw new Exception("The cryptographic method "$method" is not supported by the system"); } //Set the crypto mode, this is used for en/decryption, generally you'd want to use the ECB mode function setMode($mode=NULL) { $mode = strtoupper($mode); $this->mode=NULL; $supportedModes=mcrypt_list_modes(); foreach($supportedModes as $supportedMode) { if($mode==strtoupper($supportedMode)) $this->mode="MCRYPT_MODE_".$mode; return; } if(!$this->mode) throw new Exception("The cryptographic mode "$mode" is not supported by the system"); } function hash($extra=NULL) { if(!$this->data) throw new Exception('Hashing requires data to hash'); if(!$this->method || !preg_match('/^(MHASH)?/',$this->method)) throw new Exception('Hashing requires a hashing algorithm to hash'); $this->data = (!$extra) ? bin2hex(mhash(constant($this->method), $this->data)) : bin2hex(mhash(constant($this->method), $this->data, $this->salt)); return; } function encrypt($key=NULL) { if(!$this->data) throw new Exception('Encryption requires data'); if(!$key) throw new Exception('Encryption requires a key'); if(!$this->method || !preg_match('/^(MCRYPT)?/',$this->method)) throw new Exception('Encryption requires an encryption algorithm'); if(!$this->mode) throw new Exception('Encryption mode required'); //generate iv (note it is absolutely necessary to store the iv, valid iv is required at decryption time) $this->iv = mcrypt_create_iv($this->getIvSize(), MCRYPT_DEV_URANDOM); //Encrypt $this->data = mcrypt_encrypt(constant($this->method), $key, $this->data, constant($this->mode), $this->iv); return; } function decrypt($key=NULL) { if(!$this->data) throw new Exception('Decrypt requires data.'); if(!$key) throw new Exception('Decryption requires a key'); if(!$this->iv) throw new Exception('Decryption requires an iv'); if(!$this->method || !preg_match('/^(MCRYPT)?/',$this->method)) throw new Exception('Decryption requires a decryption algorithm'); if(!$this->mode) throw new Exception('Decryption mode required'); //Decrypt $this->data = trim(mcrypt_decrypt(constant($this->method), $key, $this->data, constant($this->mode), $this->iv)); return; } }makes the code bad or gibberish? Quote
alexander Posted January 21, 2010 Report Posted January 21, 2010 realized that needed a getIv... back to the code :phones: public getIv(){ return $this->iv; } Quote
alexander Posted January 21, 2010 Report Posted January 21, 2010 //----------------------------------// Calculate the volume of a sphere with a given radius. double sphere_volume(double r) See, i don't think that's entirely necessary when the code clearly states the obvious. When you are dealing with perhaps something more complex and not clealy understandable, like say: while (( bytes=read(flink, buffPtr, buffer + sizeof(buffer)-buffPtr-1))>0) { buffPtr += bytes; if(buffPtr[-1]=='x06') { break; } } that could use a comment... Quote
Pyrotex Posted January 21, 2010 Report Posted January 21, 2010 hmm, well, so pyro, are you saying the the lack of DCE in this code: ... makes the code bad or gibberish?No, not at all.In fact, the code reflects a great deal of DCE.The author obviously wanted the code to be readable (by himself, at least) if he should have to come back months later and make some changes. This code is inherently complex. That is what makes it difficult, not the lack of DCE, organization, neatness and clarity. Actually, I think it's "pretty" code. :phones: Quote
Pyrotex Posted January 21, 2010 Report Posted January 21, 2010 See, i don't think that's entirely necessary when the code clearly states the obvious. When you are dealing with perhaps something more complex and not clearly understandable, ... Well, that goes without saying. Meaning, you didn't have to point that out, it was obvious and I expected everyone to know it. Using the "Volume_Sphere" function to demonstrate DCE was not meant to imply that the function needed a comment explaining that the eponymous function's purpose was to calculate the volume of a sphere. All source code needs and deserves the level of commenting necessary to support the code's inherent complexity and length. Speaking personally, my code always suffered a bit from over-commenting. But I did that for reasons. I WANTED my code to still be in place and used one, three, seven years down the road. I wanted my work to count for something. I did NOT want to be baby-sitting that code one, three, seven years down the road! :naughty: I WANTED the code to be so transparent in architecture, structure, variable meanings, and techniques, so that any competent new-hire could take it over and nobody would be calling me at home at 3:00 AM asking for help. Or cursing my name to the other programmers. I WANTED to be busy designing and creating even larger, more complex, more important programs elsewhere! :eek_big: :lol: :eek_big: Quote
alexander Posted January 21, 2010 Report Posted January 21, 2010 Its some code out of the framework i'm working on atm for/at work (amongst other things), it will be OSed and released (well the php code), and re-usability, cleanliness and efficiency top the list there, i think people used to most other frameworks will be quite shocked at the classes and base code for it. And i know what you mean, and i know you meant well, pyro, i am just demonstrating that it is not necessary to comment your heart out to have clear and fairly easy to understand code. I hate this notion that some people have that comments are free, comments, especially in interpreted languages, are not free, even though the interpreter skips the line, it still has to parse and skip the line, both are instructions that need executing. That's aside from the time it takes to write, and then later manage comments for code. That said, it is not a reason to not use any comments and should not be an excuse to not use comments, but there are things and bits of code with just too many comments that get your way of reading otherwise very simple code (even if you don't know the language)... I don't believe in writing cryptic code that is impossible to understand, i don't believe in writing "just this quick and really inefficient" code without thinking it over, i don't believe in letting someone handle coding, if they don't understand code that is clearly written even if the code in a language they never programmed in before, i appreciate comments, like "oh i see what you are doing here, but what does this specific thing here do" those show knowledge of programming, and not being bogged down with unseen before syntax, but i strongly believe that if you know how to code, new language is just a matter of syntax... (in most cases, i mean brain****, assembly, lisp were very weird to grasp, each for a different reason) Pyrotex 1 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.