summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--system/libraries/Encrypt.php105
-rw-r--r--system/libraries/Sha1.php263
-rw-r--r--user_guide_src/source/changelog.rst2
-rw-r--r--user_guide_src/source/libraries/encryption.rst15
4 files changed, 29 insertions, 356 deletions
diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php
index c2cb808dd..92b0b3c4a 100644
--- a/system/libraries/Encrypt.php
+++ b/system/libraries/Encrypt.php
@@ -40,22 +40,19 @@
*/
class CI_Encrypt {
- var $CI;
- var $encryption_key = '';
- var $_hash_type = 'sha1';
- var $_mcrypt_exists = FALSE;
- var $_mcrypt_cipher;
- var $_mcrypt_mode;
+ public $encryption_key = '';
+ protected $_hash_type = 'sha1';
+ protected $_mcrypt_exists = FALSE;
+ protected $_mcrypt_cipher;
+ protected $_mcrypt_mode;
/**
* Constructor
*
* Simply determines whether the mcrypt library exists.
- *
*/
public function __construct()
{
- $this->CI =& get_instance();
$this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE;
log_message('debug', "Encrypt Class Initialized");
}
@@ -68,11 +65,10 @@ class CI_Encrypt {
* Returns it as MD5 in order to have an exact-length 128 bit key.
* Mcrypt is sensitive to keys that are not the correct length
*
- * @access public
* @param string
* @return string
*/
- function get_key($key = '')
+ public function get_key($key = '')
{
if ($key == '')
{
@@ -84,7 +80,7 @@ class CI_Encrypt {
$CI =& get_instance();
$key = $CI->config->item('encryption_key');
- if ($key == FALSE)
+ if ($key === FALSE)
{
show_error('In order to use the encryption class requires that you set an encryption key in your config file.');
}
@@ -98,13 +94,13 @@ class CI_Encrypt {
/**
* Set the encryption key
*
- * @access public
* @param string
* @return void
*/
- function set_key($key = '')
+ public function set_key($key = '')
{
$this->encryption_key = $key;
+ return $this;
}
// --------------------------------------------------------------------
@@ -120,12 +116,11 @@ class CI_Encrypt {
* that is randomized with each call to this function,
* even if the supplied message and key are the same.
*
- * @access public
* @param string the string to encode
* @param string the key
* @return string
*/
- function encode($string, $key = '')
+ public function encode($string, $key = '')
{
$key = $this->get_key($key);
@@ -148,12 +143,11 @@ class CI_Encrypt {
*
* Reverses the above process
*
- * @access public
* @param string
* @param string
* @return string
*/
- function decode($string, $key = '')
+ public function decode($string, $key = '')
{
$key = $this->get_key($key);
@@ -191,13 +185,12 @@ class CI_Encrypt {
*
* For more details, see http://codeigniter.com/user_guide/installation/upgrade_200.html#encryption
*
- * @access public
* @param string
* @param int (mcrypt mode constant)
* @param string
* @return string
*/
- function encode_from_legacy($string, $legacy_mode = MCRYPT_MODE_ECB, $key = '')
+ public function encode_from_legacy($string, $legacy_mode = MCRYPT_MODE_ECB, $key = '')
{
if ($this->_mcrypt_exists === FALSE)
{
@@ -242,12 +235,11 @@ class CI_Encrypt {
* Takes a plain-text string and key as input and generates an
* encoded bit-string using XOR
*
- * @access private
* @param string
* @param string
* @return string
*/
- function _xor_encode($string, $key)
+ protected function _xor_encode($string, $key)
{
$rand = '';
while (strlen($rand) < 32)
@@ -274,12 +266,11 @@ class CI_Encrypt {
* Takes an encoded string and key as input and generates the
* plain-text original message
*
- * @access private
* @param string
* @param string
* @return string
*/
- function _xor_decode($string, $key)
+ protected function _xor_decode($string, $key)
{
$string = $this->_xor_merge($string, $key);
@@ -299,12 +290,11 @@ class CI_Encrypt {
*
* Takes a string and key as input and computes the difference using XOR
*
- * @access private
* @param string
* @param string
* @return string
*/
- function _xor_merge($string, $key)
+ protected function _xor_merge($string, $key)
{
$hash = $this->hash($key);
$str = '';
@@ -321,12 +311,11 @@ class CI_Encrypt {
/**
* Encrypt using Mcrypt
*
- * @access public
* @param string
* @param string
* @return string
*/
- function mcrypt_encode($data, $key)
+ public function mcrypt_encode($data, $key)
{
$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
$init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND);
@@ -338,12 +327,11 @@ class CI_Encrypt {
/**
* Decrypt using Mcrypt
*
- * @access public
* @param string
* @param string
* @return string
*/
- function mcrypt_decode($data, $key)
+ public function mcrypt_decode($data, $key)
{
$data = $this->_remove_cipher_noise($data, $key);
$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
@@ -365,14 +353,11 @@ class CI_Encrypt {
* against Man-in-the-middle attacks on CBC mode ciphers
* http://www.ciphersbyritter.com/GLOSSARY.HTM#IV
*
- * Function description
- *
- * @access private
* @param string
* @param string
* @return string
*/
- function _add_cipher_noise($data, $key)
+ protected function _add_cipher_noise($data, $key)
{
$keyhash = $this->hash($key);
$keylen = strlen($keyhash);
@@ -399,11 +384,10 @@ class CI_Encrypt {
*
* Function description
*
- * @access public
* @param type
* @return type
*/
- function _remove_cipher_noise($data, $key)
+ protected function _remove_cipher_noise($data, $key)
{
$keyhash = $this->hash($key);
$keylen = strlen($keyhash);
@@ -434,13 +418,13 @@ class CI_Encrypt {
/**
* Set the Mcrypt Cipher
*
- * @access public
* @param constant
* @return string
*/
- function set_cipher($cipher)
+ public function set_cipher($cipher)
{
$this->_mcrypt_cipher = $cipher;
+ return $this;
}
// --------------------------------------------------------------------
@@ -448,13 +432,13 @@ class CI_Encrypt {
/**
* Set the Mcrypt Mode
*
- * @access public
* @param constant
* @return string
*/
function set_mode($mode)
{
$this->_mcrypt_mode = $mode;
+ return $this;
}
// --------------------------------------------------------------------
@@ -462,10 +446,9 @@ class CI_Encrypt {
/**
* Get Mcrypt cipher Value
*
- * @access private
* @return string
*/
- function _get_cipher()
+ protected function _get_cipher()
{
if ($this->_mcrypt_cipher == '')
{
@@ -480,10 +463,9 @@ class CI_Encrypt {
/**
* Get Mcrypt Mode Value
*
- * @access private
* @return string
*/
- function _get_mode()
+ protected function _get_mode()
{
if ($this->_mcrypt_mode == '')
{
@@ -498,11 +480,10 @@ class CI_Encrypt {
/**
* Set the Hash type
*
- * @access public
* @param string
* @return string
*/
- function set_hash($type = 'sha1')
+ public function set_hash($type = 'sha1')
{
$this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type;
}
@@ -512,45 +493,13 @@ class CI_Encrypt {
/**
* Hash encode a string
*
- * @access public
* @param string
* @return string
*/
- function hash($str)
+ public function hash($str)
{
- return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str);
+ return ($this->_hash_type == 'sha1') ? sha1($str) : md5($str);
}
-
- // --------------------------------------------------------------------
-
- /**
- * Generate an SHA1 Hash
- *
- * @access public
- * @param string
- * @return string
- */
- function sha1($str)
- {
- if ( ! function_exists('sha1'))
- {
- if ( ! function_exists('mhash'))
- {
- require_once(BASEPATH.'libraries/Sha1.php');
- $SH = new CI_SHA;
- return $SH->generate($str);
- }
- else
- {
- return bin2hex(mhash(MHASH_SHA1, $str));
- }
- }
- else
- {
- return sha1($str);
- }
- }
-
}
// END CI_Encrypt class
diff --git a/system/libraries/Sha1.php b/system/libraries/Sha1.php
deleted file mode 100644
index 477b92bcb..000000000
--- a/system/libraries/Sha1.php
+++ /dev/null
@@ -1,263 +0,0 @@
-<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
-/**
- * CodeIgniter
- *
- * An open source application development framework for PHP 5.1.6 or newer
- *
- * NOTICE OF LICENSE
- *
- * Licensed under the Open Software License version 3.0
- *
- * This source file is subject to the Open Software License (OSL 3.0) that is
- * bundled with this package in the files license.txt / license.rst. It is
- * also available through the world wide web at this URL:
- * http://opensource.org/licenses/OSL-3.0
- * If you did not receive a copy of the license and are unable to obtain it
- * through the world wide web, please send an email to
- * licensing@ellislab.com so we can send you a copy immediately.
- *
- * @package CodeIgniter
- * @author EllisLab Dev Team
- * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/)
- * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
- * @link http://codeigniter.com
- * @since Version 1.0
- * @filesource
- */
-
-// ------------------------------------------------------------------------
-
-/**
- * SHA1 Encoding Class
- *
- * Purpose: Provides 160 bit hashing using The Secure Hash Algorithm
- * developed at the National Institute of Standards and Technology. The 40
- * character SHA1 message hash is computationally infeasible to crack.
- *
- * This class is a fallback for servers that are not running PHP greater than
- * 4.3, or do not have the MHASH library.
- *
- * This class is based on two scripts:
- *
- * Marcus Campbell's PHP implementation (GNU license)
- * http://www.tecknik.net/sha-1/
- *
- * ...which is based on Paul Johnston's JavaScript version
- * (BSD license). http://pajhome.org.uk/
- *
- * I encapsulated the functions and wrote one additional method to fix
- * a hex conversion bug. - Rick Ellis
- *
- * @package CodeIgniter
- * @subpackage Libraries
- * @category Encryption
- * @author EllisLab Dev Team
- * @link http://codeigniter.com/user_guide/libraries/encryption.html
- */
-class CI_SHA1 {
-
- public function __construct()
- {
- log_message('debug', "SHA1 Class Initialized");
- }
-
- /**
- * Generate the Hash
- *
- * @access public
- * @param string
- * @return string
- */
- function generate($str)
- {
- $n = ((strlen($str) + 8) >> 6) + 1;
-
- for ($i = 0; $i < $n * 16; $i++)
- {
- $x[$i] = 0;
- }
-
- for ($i = 0; $i < strlen($str); $i++)
- {
- $x[$i >> 2] |= ord(substr($str, $i, 1)) << (24 - ($i % 4) * 8);
- }
-
- $x[$i >> 2] |= 0x80 << (24 - ($i % 4) * 8);
-
- $x[$n * 16 - 1] = strlen($str) * 8;
-
- $a = 1732584193;
- $b = -271733879;
- $c = -1732584194;
- $d = 271733878;
- $e = -1009589776;
-
- for ($i = 0; $i < count($x); $i += 16)
- {
- $olda = $a;
- $oldb = $b;
- $oldc = $c;
- $oldd = $d;
- $olde = $e;
-
- for ($j = 0; $j < 80; $j++)
- {
- if ($j < 16)
- {
- $w[$j] = $x[$i + $j];
- }
- else
- {
- $w[$j] = $this->_rol($w[$j - 3] ^ $w[$j - 8] ^ $w[$j - 14] ^ $w[$j - 16], 1);
- }
-
- $t = $this->_safe_add($this->_safe_add($this->_rol($a, 5), $this->_ft($j, $b, $c, $d)), $this->_safe_add($this->_safe_add($e, $w[$j]), $this->_kt($j)));
-
- $e = $d;
- $d = $c;
- $c = $this->_rol($b, 30);
- $b = $a;
- $a = $t;
- }
-
- $a = $this->_safe_add($a, $olda);
- $b = $this->_safe_add($b, $oldb);
- $c = $this->_safe_add($c, $oldc);
- $d = $this->_safe_add($d, $oldd);
- $e = $this->_safe_add($e, $olde);
- }
-
- return $this->_hex($a).$this->_hex($b).$this->_hex($c).$this->_hex($d).$this->_hex($e);
- }
-
- // --------------------------------------------------------------------
-
- /**
- * Convert a decimal to hex
- *
- * @access private
- * @param string
- * @return string
- */
- function _hex($str)
- {
- $str = dechex($str);
-
- if (strlen($str) == 7)
- {
- $str = '0'.$str;
- }
-
- return $str;
- }
-
- // --------------------------------------------------------------------
-
- /**
- * Return result based on iteration
- *
- * @access private
- * @return string
- */
- function _ft($t, $b, $c, $d)
- {
- if ($t < 20)
- return ($b & $c) | ((~$b) & $d);
- if ($t < 40)
- return $b ^ $c ^ $d;
- if ($t < 60)
- return ($b & $c) | ($b & $d) | ($c & $d);
-
- return $b ^ $c ^ $d;
- }
-
- // --------------------------------------------------------------------
-
- /**
- * Determine the additive constant
- *
- * @access private
- * @return string
- */
- function _kt($t)
- {
- if ($t < 20)
- {
- return 1518500249;
- }
- else if ($t < 40)
- {
- return 1859775393;
- }
- else if ($t < 60)
- {
- return -1894007588;
- }
- else
- {
- return -899497514;
- }
- }
-
- // --------------------------------------------------------------------
-
- /**
- * Add integers, wrapping at 2^32
- *
- * @access private
- * @return string
- */
- function _safe_add($x, $y)
- {
- $lsw = ($x & 0xFFFF) + ($y & 0xFFFF);
- $msw = ($x >> 16) + ($y >> 16) + ($lsw >> 16);
-
- return ($msw << 16) | ($lsw & 0xFFFF);
- }
-
- // --------------------------------------------------------------------
-
- /**
- * Bitwise rotate a 32-bit number
- *
- * @access private
- * @return integer
- */
- function _rol($num, $cnt)
- {
- return ($num << $cnt) | $this->_zero_fill($num, 32 - $cnt);
- }
-
- // --------------------------------------------------------------------
-
- /**
- * Pad string with zero
- *
- * @access private
- * @return string
- */
- function _zero_fill($a, $b)
- {
- $bin = decbin($a);
-
- if (strlen($bin) < $b)
- {
- $bin = 0;
- }
- else
- {
- $bin = substr($bin, 0, strlen($bin) - $b);
- }
-
- for ($i=0; $i < $b; $i++)
- {
- $bin = "0".$bin;
- }
-
- return bindec($bin);
- }
-}
-// END CI_SHA
-
-/* End of file Sha1.php */
-/* Location: ./system/libraries/Sha1.php */
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 54237e3c7..60425a436 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -28,6 +28,7 @@ Release Date: Not Released
- Added support 3gp, 3g2, mp4, wmv, f4v, vlc Video files to mimes.php.
- Added support m4a, aac, m4u, xspf, au, ac3, flac, ogg Audio files to mimes.php.
- Changed logger to only chmod when file is first created.
+ - Removed previously deprecated SHA1 Library.
- Helpers
@@ -54,6 +55,7 @@ Release Date: Not Released
- Product Name strictness can be disabled via the Cart Library by switching "$product_name_safe"
- Added function remove() to remove a cart item, updating with quantity of 0 seemed like a hack but has remained to retain compatability
- Minor speed optimizations and method & property visibility declarations in the Calendar Library.
+ - Removed SHA1 function in the :doc:`Encryption Library <libraries/encryption>`.
- Core
diff --git a/user_guide_src/source/libraries/encryption.rst b/user_guide_src/source/libraries/encryption.rst
index 80b45e4d7..28bdca203 100644
--- a/user_guide_src/source/libraries/encryption.rst
+++ b/user_guide_src/source/libraries/encryption.rst
@@ -126,21 +126,6 @@ Example::
Please visit php.net for a list of `available
modes <http://php.net/mcrypt>`_.
-$this->encrypt->sha1();
-=======================
-
-SHA1 encoding function. Provide a string and it will return a 160 bit
-one way hash. Note: SHA1, just like MD5 is non-decodable. Example::
-
- $hash = $this->encrypt->sha1('Some string');
-
-Many PHP installations have SHA1 support by default so if all you need
-is to encode a hash it's simpler to use the native function::
-
- $hash = sha1('Some string');
-
-If your server does not support SHA1 you can use the provided function.
-
$this->encrypt->encode_from_legacy($orig_data, $legacy_mode = MCRYPT_MODE_ECB, $key = '');
==========================================================================================