diff options
| author | Andrey Andreev <narf@devilix.net> | 2016-07-26 20:03:12 +0200 |
|---|---|---|
| committer | Andrey Andreev <narf@devilix.net> | 2016-07-26 20:03:12 +0200 |
| commit | 77266bc6a01668b2106b9974da02e2a7ceaf2fe6 (patch) | |
| tree | 955346c3278c03a2ff4174b9d078e9416a298ee9 /system/libraries/Encryption.php | |
| parent | a9874a638970ef826f835718e58b197ff3672566 (diff) | |
| parent | 0b9540209499fbd0515e13fdc66e85dea4b6baad (diff) | |
Merge branch '3.1-stable' into develop
Conflicts resolved:
.travis.yml
system/core/CodeIgniter.php
system/database/drivers/oci8/oci8_forge.php
system/database/drivers/pdo/subdrivers/pdo_oci_forge.php
system/helpers/path_helper.php
system/libraries/Email.php
user_guide_src/source/changelog.rst
user_guide_src/source/conf.py
user_guide_src/source/contributing/index.rst
user_guide_src/source/general/requirements.rst
user_guide_src/source/general/styleguide.rst
user_guide_src/source/installation/downloads.rst
user_guide_src/source/installation/upgrade_310.rst
user_guide_src/source/installation/upgrading.rst
Diffstat (limited to 'system/libraries/Encryption.php')
| -rw-r--r-- | system/libraries/Encryption.php | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/system/libraries/Encryption.php b/system/libraries/Encryption.php index 92c38a0ed..a10a5c20c 100644 --- a/system/libraries/Encryption.php +++ b/system/libraries/Encryption.php @@ -339,12 +339,26 @@ class CI_Encryption { { if (function_exists('random_bytes')) { - return random_bytes((int) $length); + try + { + return random_bytes((int) $length); + } + catch (Exception $e) + { + log_message('error', $e->getMessage()); + return FALSE; + } + } + elseif (defined('MCRYPT_DEV_URANDOM')) + { + return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM); } - return ($this->_driver === 'mcrypt') - ? mcrypt_create_iv($length, MCRYPT_DEV_URANDOM) - : openssl_random_pseudo_bytes($length); + $is_secure = NULL; + $key = openssl_random_pseudo_bytes($length, $is_secure); + return ($is_secure === TRUE) + ? $key + : FALSE; } // -------------------------------------------------------------------- @@ -400,7 +414,7 @@ class CI_Encryption { // The greater-than-1 comparison is mostly a work-around for a bug, // where 1 is returned for ARCFour instead of 0. $iv = (($iv_size = mcrypt_enc_get_iv_size($params['handle'])) > 1) - ? mcrypt_create_iv($iv_size, MCRYPT_DEV_URANDOM) + ? $this->create_key($iv_size) : NULL; if (mcrypt_generic_init($params['handle'], $params['key'], $iv) < 0) @@ -463,7 +477,7 @@ class CI_Encryption { } $iv = ($iv_size = openssl_cipher_iv_length($params['handle'])) - ? openssl_random_pseudo_bytes($iv_size) + ? $this->create_key($iv_size) : NULL; $data = openssl_encrypt( |