1
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
5
* An open source application development framework for PHP 5.1.6 or newer
8
* @author ExpressionEngine Dev Team
9
* @copyright Copyright (c) 2008 - 2011, EllisLab, Inc.
10
* @license http://codeigniter.com/user_guide/license.html
11
* @link http://codeigniter.com
16
// ------------------------------------------------------------------------
19
* CodeIgniter Encryption Class
21
* Provides two-way keyed encoding using XOR Hashing and Mcrypt
23
* @package CodeIgniter
24
* @subpackage Libraries
26
* @author ExpressionEngine Dev Team
27
* @link http://codeigniter.com/user_guide/libraries/encryption.html
32
var $encryption_key = '';
33
var $_hash_type = 'sha1';
34
var $_mcrypt_exists = FALSE;
41
* Simply determines whether the mcrypt library exists.
44
public function __construct()
46
$this->CI =& get_instance();
47
$this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE;
48
log_message('debug', "Encrypt Class Initialized");
51
// --------------------------------------------------------------------
54
* Fetch the encryption key
56
* Returns it as MD5 in order to have an exact-length 128 bit key.
57
* Mcrypt is sensitive to keys that are not the correct length
63
function get_key($key = '')
67
if ($this->encryption_key != '')
69
return $this->encryption_key;
72
$CI =& get_instance();
73
$key = $CI->config->item('encryption_key');
77
show_error('In order to use the encryption class requires that you set an encryption key in your config file.');
84
// --------------------------------------------------------------------
87
* Set the encryption key
93
function set_key($key = '')
95
$this->encryption_key = $key;
98
// --------------------------------------------------------------------
103
* Encodes the message string using bitwise XOR encoding.
104
* The key is combined with a random hash, and then it
105
* too gets converted using XOR. The whole thing is then run
106
* through mcrypt (if supported) using the randomized key.
107
* The end result is a double-encrypted message string
108
* that is randomized with each call to this function,
109
* even if the supplied message and key are the same.
112
* @param string the string to encode
113
* @param string the key
116
function encode($string, $key = '')
118
$key = $this->get_key($key);
120
if ($this->_mcrypt_exists === TRUE)
122
$enc = $this->mcrypt_encode($string, $key);
126
$enc = $this->_xor_encode($string, $key);
129
return base64_encode($enc);
132
// --------------------------------------------------------------------
137
* Reverses the above process
144
function decode($string, $key = '')
146
$key = $this->get_key($key);
148
if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
153
$dec = base64_decode($string);
155
if ($this->_mcrypt_exists === TRUE)
157
if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE)
164
$dec = $this->_xor_decode($dec, $key);
170
// --------------------------------------------------------------------
175
* Takes an encoded string from the original Encryption class algorithms and
176
* returns a newly encoded string using the improved method added in 2.0.0
177
* This allows for backwards compatibility and a method to transition to the
178
* new encryption algorithms.
180
* For more details, see http://codeigniter.com/user_guide/installation/upgrade_200.html#encryption
184
* @param int (mcrypt mode constant)
188
function encode_from_legacy($string, $legacy_mode = MCRYPT_MODE_ECB, $key = '')
190
if ($this->_mcrypt_exists === FALSE)
192
log_message('error', 'Encoding from legacy is available only when Mcrypt is in use.');
197
// set mode temporarily to what it was when string was encoded with the legacy
198
// algorithm - typically MCRYPT_MODE_ECB
199
$current_mode = $this->_get_mode();
200
$this->set_mode($legacy_mode);
202
$key = $this->get_key($key);
204
if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
209
$dec = base64_decode($string);
211
if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE)
216
$dec = $this->_xor_decode($dec, $key);
218
// set the mcrypt mode back to what it should be, typically MCRYPT_MODE_CBC
219
$this->set_mode($current_mode);
222
return base64_encode($this->mcrypt_encode($dec, $key));
225
// --------------------------------------------------------------------
230
* Takes a plain-text string and key as input and generates an
231
* encoded bit-string using XOR
238
function _xor_encode($string, $key)
241
while (strlen($rand) < 32)
243
$rand .= mt_rand(0, mt_getrandmax());
246
$rand = $this->hash($rand);
249
for ($i = 0; $i < strlen($string); $i++)
251
$enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1));
254
return $this->_xor_merge($enc, $key);
257
// --------------------------------------------------------------------
262
* Takes an encoded string and key as input and generates the
263
* plain-text original message
270
function _xor_decode($string, $key)
272
$string = $this->_xor_merge($string, $key);
275
for ($i = 0; $i < strlen($string); $i++)
277
$dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1));
283
// --------------------------------------------------------------------
286
* XOR key + string Combiner
288
* Takes a string and key as input and computes the difference using XOR
295
function _xor_merge($string, $key)
297
$hash = $this->hash($key);
299
for ($i = 0; $i < strlen($string); $i++)
301
$str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1);
307
// --------------------------------------------------------------------
310
* Encrypt using Mcrypt
317
function mcrypt_encode($data, $key)
319
$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
320
$init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND);
321
return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key);
324
// --------------------------------------------------------------------
327
* Decrypt using Mcrypt
334
function mcrypt_decode($data, $key)
336
$data = $this->_remove_cipher_noise($data, $key);
337
$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
339
if ($init_size > strlen($data))
344
$init_vect = substr($data, 0, $init_size);
345
$data = substr($data, $init_size);
346
return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0");
349
// --------------------------------------------------------------------
352
* Adds permuted noise to the IV + encrypted data to protect
353
* against Man-in-the-middle attacks on CBC mode ciphers
354
* http://www.ciphersbyritter.com/GLOSSARY.HTM#IV
356
* Function description
363
function _add_cipher_noise($data, $key)
365
$keyhash = $this->hash($key);
366
$keylen = strlen($keyhash);
369
for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
376
$str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256);
382
// --------------------------------------------------------------------
385
* Removes permuted noise from the IV + encrypted data, reversing
386
* _add_cipher_noise()
388
* Function description
394
function _remove_cipher_noise($data, $key)
396
$keyhash = $this->hash($key);
397
$keylen = strlen($keyhash);
400
for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
407
$temp = ord($data[$i]) - ord($keyhash[$j]);
420
// --------------------------------------------------------------------
423
* Set the Mcrypt Cipher
429
function set_cipher($cipher)
431
$this->_mcrypt_cipher = $cipher;
434
// --------------------------------------------------------------------
437
* Set the Mcrypt Mode
443
function set_mode($mode)
445
$this->_mcrypt_mode = $mode;
448
// --------------------------------------------------------------------
451
* Get Mcrypt cipher Value
456
function _get_cipher()
458
if ($this->_mcrypt_cipher == '')
460
$this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256;
463
return $this->_mcrypt_cipher;
466
// --------------------------------------------------------------------
469
* Get Mcrypt Mode Value
476
if ($this->_mcrypt_mode == '')
478
$this->_mcrypt_mode = MCRYPT_MODE_CBC;
481
return $this->_mcrypt_mode;
484
// --------------------------------------------------------------------
493
function set_hash($type = 'sha1')
495
$this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type;
498
// --------------------------------------------------------------------
501
* Hash encode a string
509
return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str);
512
// --------------------------------------------------------------------
515
* Generate an SHA1 Hash
523
if ( ! function_exists('sha1'))
525
if ( ! function_exists('mhash'))
527
require_once(BASEPATH.'libraries/Sha1.php');
529
return $SH->generate($str);
533
return bin2hex(mhash(MHASH_SHA1, $str));
544
// END CI_Encrypt class
546
/* End of file Encrypt.php */
547
/* Location: ./system/libraries/Encrypt.php */
b'\\ No newline at end of file'
added
removed
codeigniter/system/libraries/Encrypt.php
