summaryrefslogtreecommitdiffstats
path: root/system/libraries/Encryption.php
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2016-07-26 20:03:12 +0200
committerAndrey Andreev <narf@devilix.net>2016-07-26 20:03:12 +0200
commit77266bc6a01668b2106b9974da02e2a7ceaf2fe6 (patch)
tree955346c3278c03a2ff4174b9d078e9416a298ee9 /system/libraries/Encryption.php
parenta9874a638970ef826f835718e58b197ff3672566 (diff)
parent0b9540209499fbd0515e13fdc66e85dea4b6baad (diff)
Merge branch '3.1-stable' into develop
Conflicts resolved: .travis.yml system/core/CodeIgniter.php system/database/drivers/oci8/oci8_forge.php system/database/drivers/pdo/subdrivers/pdo_oci_forge.php system/helpers/path_helper.php system/libraries/Email.php user_guide_src/source/changelog.rst user_guide_src/source/conf.py user_guide_src/source/contributing/index.rst user_guide_src/source/general/requirements.rst user_guide_src/source/general/styleguide.rst user_guide_src/source/installation/downloads.rst user_guide_src/source/installation/upgrade_310.rst user_guide_src/source/installation/upgrading.rst
Diffstat (limited to 'system/libraries/Encryption.php')
-rw-r--r--system/libraries/Encryption.php26
1 files changed, 20 insertions, 6 deletions
diff --git a/system/libraries/Encryption.php b/system/libraries/Encryption.php
index 92c38a0ed..a10a5c20c 100644
--- a/system/libraries/Encryption.php
+++ b/system/libraries/Encryption.php
@@ -339,12 +339,26 @@ class CI_Encryption {
{
if (function_exists('random_bytes'))
{
- return random_bytes((int) $length);
+ try
+ {
+ return random_bytes((int) $length);
+ }
+ catch (Exception $e)
+ {
+ log_message('error', $e->getMessage());
+ return FALSE;
+ }
+ }
+ elseif (defined('MCRYPT_DEV_URANDOM'))
+ {
+ return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
}
- return ($this->_driver === 'mcrypt')
- ? mcrypt_create_iv($length, MCRYPT_DEV_URANDOM)
- : openssl_random_pseudo_bytes($length);
+ $is_secure = NULL;
+ $key = openssl_random_pseudo_bytes($length, $is_secure);
+ return ($is_secure === TRUE)
+ ? $key
+ : FALSE;
}
// --------------------------------------------------------------------
@@ -400,7 +414,7 @@ class CI_Encryption {
// The greater-than-1 comparison is mostly a work-around for a bug,
// where 1 is returned for ARCFour instead of 0.
$iv = (($iv_size = mcrypt_enc_get_iv_size($params['handle'])) > 1)
- ? mcrypt_create_iv($iv_size, MCRYPT_DEV_URANDOM)
+ ? $this->create_key($iv_size)
: NULL;
if (mcrypt_generic_init($params['handle'], $params['key'], $iv) < 0)
@@ -463,7 +477,7 @@ class CI_Encryption {
}
$iv = ($iv_size = openssl_cipher_iv_length($params['handle']))
- ? openssl_random_pseudo_bytes($iv_size)
+ ? $this->create_key($iv_size)
: NULL;
$data = openssl_encrypt(