summaryrefslogtreecommitdiffstats
path: root/system/libraries/Encrypt.php
diff options
context:
space:
mode:
authorTaufan Aditya <toopay@taufanaditya.com>2012-03-09 10:56:21 +0100
committerTaufan Aditya <toopay@taufanaditya.com>2012-03-09 10:56:21 +0100
commitb3723ff33ebfd4f4e7822516ecb061613f1bc3d5 (patch)
treee55d564db25daa3216c3f3e7ae95e315387d6038 /system/libraries/Encrypt.php
parent4054c56b882ad40495f2d227990d73437af51038 (diff)
parent0f2cb79b976086cb73140c25f4c568e865177426 (diff)
Merged with latest commit
Diffstat (limited to 'system/libraries/Encrypt.php')
-rw-r--r--system/libraries/Encrypt.php217
1 files changed, 64 insertions, 153 deletions
diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php
index c2cb808dd..0b0618991 100644
--- a/system/libraries/Encrypt.php
+++ b/system/libraries/Encrypt.php
@@ -1,13 +1,13 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/**
* CodeIgniter
*
* An open source application development framework for PHP 5.1.6 or newer
*
* NOTICE OF LICENSE
- *
+ *
* Licensed under the Open Software License version 3.0
- *
+ *
* This source file is subject to the Open Software License (OSL 3.0) that is
* bundled with this package in the files license.txt / license.rst. It is
* also available through the world wide web at this URL:
@@ -18,15 +18,13 @@
*
* @package CodeIgniter
* @author EllisLab Dev Team
- * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/)
+ * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/)
* @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
* @link http://codeigniter.com
* @since Version 1.0
* @filesource
*/
-// ------------------------------------------------------------------------
-
/**
* CodeIgniter Encryption Class
*
@@ -40,24 +38,16 @@
*/
class CI_Encrypt {
- var $CI;
- var $encryption_key = '';
- var $_hash_type = 'sha1';
- var $_mcrypt_exists = FALSE;
- var $_mcrypt_cipher;
- var $_mcrypt_mode;
+ public $encryption_key = '';
+ protected $_hash_type = 'sha1';
+ protected $_mcrypt_exists = FALSE;
+ protected $_mcrypt_cipher;
+ protected $_mcrypt_mode;
- /**
- * Constructor
- *
- * Simply determines whether the mcrypt library exists.
- *
- */
public function __construct()
{
- $this->CI =& get_instance();
$this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE;
- log_message('debug', "Encrypt Class Initialized");
+ log_message('debug', 'Encrypt Class Initialized');
}
// --------------------------------------------------------------------
@@ -68,11 +58,10 @@ class CI_Encrypt {
* Returns it as MD5 in order to have an exact-length 128 bit key.
* Mcrypt is sensitive to keys that are not the correct length
*
- * @access public
* @param string
* @return string
*/
- function get_key($key = '')
+ public function get_key($key = '')
{
if ($key == '')
{
@@ -84,7 +73,7 @@ class CI_Encrypt {
$CI =& get_instance();
$key = $CI->config->item('encryption_key');
- if ($key == FALSE)
+ if ($key === FALSE)
{
show_error('In order to use the encryption class requires that you set an encryption key in your config file.');
}
@@ -98,13 +87,13 @@ class CI_Encrypt {
/**
* Set the encryption key
*
- * @access public
* @param string
- * @return void
+ * @return object
*/
- function set_key($key = '')
+ public function set_key($key = '')
{
$this->encryption_key = $key;
+ return $this;
}
// --------------------------------------------------------------------
@@ -120,25 +109,14 @@ class CI_Encrypt {
* that is randomized with each call to this function,
* even if the supplied message and key are the same.
*
- * @access public
* @param string the string to encode
* @param string the key
* @return string
*/
- function encode($string, $key = '')
+ public function encode($string, $key = '')
{
- $key = $this->get_key($key);
-
- if ($this->_mcrypt_exists === TRUE)
- {
- $enc = $this->mcrypt_encode($string, $key);
- }
- else
- {
- $enc = $this->_xor_encode($string, $key);
- }
-
- return base64_encode($enc);
+ $method = ($this->_mcrypt_exists === TRUE) ? 'mcrypt_encode' : '_xor_encode';
+ return base64_encode($this->$method($string, $this->get_key($key)));
}
// --------------------------------------------------------------------
@@ -148,35 +126,19 @@ class CI_Encrypt {
*
* Reverses the above process
*
- * @access public
* @param string
* @param string
* @return string
*/
- function decode($string, $key = '')
+ public function decode($string, $key = '')
{
- $key = $this->get_key($key);
-
if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
{
return FALSE;
}
- $dec = base64_decode($string);
-
- if ($this->_mcrypt_exists === TRUE)
- {
- if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE)
- {
- return FALSE;
- }
- }
- else
- {
- $dec = $this->_xor_decode($dec, $key);
- }
-
- return $dec;
+ $method = ($this->_mcrypt_exists === TRUE) ? 'mcrypt_decode' : '_xor_decode';
+ return $this->$method(base64_decode($string), $this->get_key($key));
}
// --------------------------------------------------------------------
@@ -191,19 +153,22 @@ class CI_Encrypt {
*
* For more details, see http://codeigniter.com/user_guide/installation/upgrade_200.html#encryption
*
- * @access public
* @param string
* @param int (mcrypt mode constant)
* @param string
* @return string
*/
- function encode_from_legacy($string, $legacy_mode = MCRYPT_MODE_ECB, $key = '')
+ public function encode_from_legacy($string, $legacy_mode = MCRYPT_MODE_ECB, $key = '')
{
if ($this->_mcrypt_exists === FALSE)
{
log_message('error', 'Encoding from legacy is available only when Mcrypt is in use.');
return FALSE;
}
+ elseif (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
+ {
+ return FALSE;
+ }
// decode it first
// set mode temporarily to what it was when string was encoded with the legacy
@@ -212,14 +177,7 @@ class CI_Encrypt {
$this->set_mode($legacy_mode);
$key = $this->get_key($key);
-
- if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
- {
- return FALSE;
- }
-
$dec = base64_decode($string);
-
if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE)
{
return FALSE;
@@ -242,25 +200,25 @@ class CI_Encrypt {
* Takes a plain-text string and key as input and generates an
* encoded bit-string using XOR
*
- * @access private
* @param string
* @param string
* @return string
*/
- function _xor_encode($string, $key)
+ protected function _xor_encode($string, $key)
{
$rand = '';
- while (strlen($rand) < 32)
+ do
{
$rand .= mt_rand(0, mt_getrandmax());
}
+ while (strlen($rand) < 32);
$rand = $this->hash($rand);
$enc = '';
- for ($i = 0; $i < strlen($string); $i++)
+ for ($i = 0, $ls = strlen($string), $lr = strlen($rand); $i < $ls; $i++)
{
- $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1));
+ $enc .= $rand[($i % $lr)].($rand[($i % $lr)] ^ $string[$i]);
}
return $this->_xor_merge($enc, $key);
@@ -274,19 +232,18 @@ class CI_Encrypt {
* Takes an encoded string and key as input and generates the
* plain-text original message
*
- * @access private
* @param string
* @param string
* @return string
*/
- function _xor_decode($string, $key)
+ protected function _xor_decode($string, $key)
{
$string = $this->_xor_merge($string, $key);
$dec = '';
- for ($i = 0; $i < strlen($string); $i++)
+ for ($i = 0, $l = strlen($string); $i < $l; $i++)
{
- $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1));
+ $dec .= ($string[$i++] ^ $string[$i]);
}
return $dec;
@@ -299,18 +256,17 @@ class CI_Encrypt {
*
* Takes a string and key as input and computes the difference using XOR
*
- * @access private
* @param string
* @param string
* @return string
*/
- function _xor_merge($string, $key)
+ protected function _xor_merge($string, $key)
{
$hash = $this->hash($key);
$str = '';
- for ($i = 0; $i < strlen($string); $i++)
+ for ($i = 0, $ls = strlen($string), $lh = strlen($hash); $i < $ls; $i++)
{
- $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1);
+ $str .= $string[$i] ^ $hash[($i % $lh)];
}
return $str;
@@ -321,12 +277,11 @@ class CI_Encrypt {
/**
* Encrypt using Mcrypt
*
- * @access public
* @param string
* @param string
* @return string
*/
- function mcrypt_encode($data, $key)
+ public function mcrypt_encode($data, $key)
{
$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
$init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND);
@@ -338,12 +293,11 @@ class CI_Encrypt {
/**
* Decrypt using Mcrypt
*
- * @access public
* @param string
* @param string
* @return string
*/
- function mcrypt_decode($data, $key)
+ public function mcrypt_decode($data, $key)
{
$data = $this->_remove_cipher_noise($data, $key);
$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
@@ -365,27 +319,23 @@ class CI_Encrypt {
* against Man-in-the-middle attacks on CBC mode ciphers
* http://www.ciphersbyritter.com/GLOSSARY.HTM#IV
*
- * Function description
- *
- * @access private
* @param string
* @param string
* @return string
*/
- function _add_cipher_noise($data, $key)
+ protected function _add_cipher_noise($data, $key)
{
- $keyhash = $this->hash($key);
- $keylen = strlen($keyhash);
+ $key = $this->hash($key);
$str = '';
- for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
+ for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j)
{
- if ($j >= $keylen)
+ if ($j >= $lk)
{
$j = 0;
}
- $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256);
+ $str .= chr((ord($data[$i]) + ord($key[$j])) % 256);
}
return $str;
@@ -399,28 +349,26 @@ class CI_Encrypt {
*
* Function description
*
- * @access public
* @param type
* @return type
*/
- function _remove_cipher_noise($data, $key)
+ protected function _remove_cipher_noise($data, $key)
{
- $keyhash = $this->hash($key);
- $keylen = strlen($keyhash);
+ $key = $this->hash($key);
$str = '';
- for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
+ for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j)
{
- if ($j >= $keylen)
+ if ($j >= $lk)
{
$j = 0;
}
- $temp = ord($data[$i]) - ord($keyhash[$j]);
+ $temp = ord($data[$i]) - ord($key[$j]);
if ($temp < 0)
{
- $temp = $temp + 256;
+ $temp += 256;
}
$str .= chr($temp);
@@ -434,13 +382,13 @@ class CI_Encrypt {
/**
* Set the Mcrypt Cipher
*
- * @access public
* @param constant
* @return string
*/
- function set_cipher($cipher)
+ public function set_cipher($cipher)
{
$this->_mcrypt_cipher = $cipher;
+ return $this;
}
// --------------------------------------------------------------------
@@ -448,13 +396,13 @@ class CI_Encrypt {
/**
* Set the Mcrypt Mode
*
- * @access public
* @param constant
* @return string
*/
- function set_mode($mode)
+ public function set_mode($mode)
{
$this->_mcrypt_mode = $mode;
+ return $this;
}
// --------------------------------------------------------------------
@@ -462,14 +410,13 @@ class CI_Encrypt {
/**
* Get Mcrypt cipher Value
*
- * @access private
* @return string
*/
- function _get_cipher()
+ protected function _get_cipher()
{
if ($this->_mcrypt_cipher == '')
{
- $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256;
+ return $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256;
}
return $this->_mcrypt_cipher;
@@ -480,14 +427,13 @@ class CI_Encrypt {
/**
* Get Mcrypt Mode Value
*
- * @access private
* @return string
*/
- function _get_mode()
+ protected function _get_mode()
{
if ($this->_mcrypt_mode == '')
{
- $this->_mcrypt_mode = MCRYPT_MODE_CBC;
+ return $this->_mcrypt_mode = MCRYPT_MODE_CBC;
}
return $this->_mcrypt_mode;
@@ -498,13 +444,12 @@ class CI_Encrypt {
/**
* Set the Hash type
*
- * @access public
* @param string
- * @return string
+ * @return void
*/
- function set_hash($type = 'sha1')
+ public function set_hash($type = 'sha1')
{
- $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type;
+ $this->_hash_type = ($type !== 'sha1' && $type !== 'md5') ? 'sha1' : $type;
}
// --------------------------------------------------------------------
@@ -512,48 +457,14 @@ class CI_Encrypt {
/**
* Hash encode a string
*
- * @access public
- * @param string
- * @return string
- */
- function hash($str)
- {
- return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str);
- }
-
- // --------------------------------------------------------------------
-
- /**
- * Generate an SHA1 Hash
- *
- * @access public
* @param string
* @return string
*/
- function sha1($str)
+ public function hash($str)
{
- if ( ! function_exists('sha1'))
- {
- if ( ! function_exists('mhash'))
- {
- require_once(BASEPATH.'libraries/Sha1.php');
- $SH = new CI_SHA;
- return $SH->generate($str);
- }
- else
- {
- return bin2hex(mhash(MHASH_SHA1, $str));
- }
- }
- else
- {
- return sha1($str);
- }
+ return ($this->_hash_type === 'sha1') ? sha1($str) : md5($str);
}
-
}
-// END CI_Encrypt class
-
/* End of file Encrypt.php */
-/* Location: ./system/libraries/Encrypt.php */ \ No newline at end of file
+/* Location: ./system/libraries/Encrypt.php */