summaryrefslogtreecommitdiffstats
path: root/system/libraries/Encrypt.php
diff options
context:
space:
mode:
Diffstat (limited to 'system/libraries/Encrypt.php')
-rwxr-xr-x[-rw-r--r--]system/libraries/Encrypt.php93
1 files changed, 78 insertions, 15 deletions
diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php
index c893fbf9e..e5f65878a 100644..100755
--- a/system/libraries/Encrypt.php
+++ b/system/libraries/Encrypt.php
@@ -2,11 +2,11 @@
/**
* CodeIgniter
*
- * An open source application development framework for PHP 4.3.2 or newer
+ * An open source application development framework for PHP 5.1.6 or newer
*
* @package CodeIgniter
* @author ExpressionEngine Dev Team
- * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc.
+ * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc.
* @license http://codeigniter.com/user_guide/license.html
* @link http://codeigniter.com
* @since Version 1.0
@@ -41,7 +41,7 @@ class CI_Encrypt {
* Simply determines whether the mcrypt library exists.
*
*/
- function CI_Encrypt()
+ public function __construct()
{
$this->CI =& get_instance();
$this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE;
@@ -72,7 +72,7 @@ class CI_Encrypt {
$CI =& get_instance();
$key = $CI->config->item('encryption_key');
- if ($key === FALSE)
+ if ($key == FALSE)
{
show_error('In order to use the encryption class requires that you set an encryption key in your config file.');
}
@@ -116,12 +116,16 @@ class CI_Encrypt {
function encode($string, $key = '')
{
$key = $this->get_key($key);
- $enc = $this->_xor_encode($string, $key);
-
+
if ($this->_mcrypt_exists === TRUE)
{
- $enc = $this->mcrypt_encode($enc, $key);
+ $enc = $this->mcrypt_encode($string, $key);
+ }
+ else
+ {
+ $enc = $this->_xor_encode($string, $key);
}
+
return base64_encode($enc);
}
@@ -140,7 +144,7 @@ class CI_Encrypt {
function decode($string, $key = '')
{
$key = $this->get_key($key);
-
+
if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
{
return FALSE;
@@ -155,8 +159,67 @@ class CI_Encrypt {
return FALSE;
}
}
+ else
+ {
+ $dec = $this->_xor_decode($dec, $key);
+ }
- return $this->_xor_decode($dec, $key);
+ return $dec;
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
+ * Encode from Legacy
+ *
+ * Takes an encoded string from the original Encryption class algorithms and
+ * returns a newly encoded string using the improved method added in 2.0.0
+ * This allows for backwards compatibility and a method to transition to the
+ * new encryption algorithms.
+ *
+ * For more details, see http://codeigniter.com/user_guide/installation/upgrade_200.html#encryption
+ *
+ * @access public
+ * @param string
+ * @param int (mcrypt mode constant)
+ * @param string
+ * @return string
+ */
+ function encode_from_legacy($string, $legacy_mode = MCRYPT_MODE_ECB, $key = '')
+ {
+ if ($this->_mcrypt_exists === FALSE)
+ {
+ log_message('error', 'Encoding from legacy is available only when Mcrypt is in use.');
+ return FALSE;
+ }
+
+ // decode it first
+ // set mode temporarily to what it was when string was encoded with the legacy
+ // algorithm - typically MCRYPT_MODE_ECB
+ $current_mode = $this->_get_mode();
+ $this->set_mode($legacy_mode);
+
+ $key = $this->get_key($key);
+
+ if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
+ {
+ return FALSE;
+ }
+
+ $dec = base64_decode($string);
+
+ if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE)
+ {
+ return FALSE;
+ }
+
+ $dec = $this->_xor_decode($dec, $key);
+
+ // set the mcrypt mode back to what it should be, typically MCRYPT_MODE_CBC
+ $this->set_mode($current_mode);
+
+ // and re-encode
+ return base64_encode($this->mcrypt_encode($dec, $key));
}
// --------------------------------------------------------------------
@@ -184,7 +247,7 @@ class CI_Encrypt {
$enc = '';
for ($i = 0; $i < strlen($string); $i++)
- {
+ {
$enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1));
}
@@ -347,7 +410,7 @@ class CI_Encrypt {
{
$temp = $temp + 256;
}
-
+
$str .= chr($temp);
}
@@ -355,7 +418,7 @@ class CI_Encrypt {
}
// --------------------------------------------------------------------
-
+
/**
* Set the Mcrypt Cipher
*
@@ -412,9 +475,9 @@ class CI_Encrypt {
{
if ($this->_mcrypt_mode == '')
{
- $this->_mcrypt_mode = MCRYPT_MODE_ECB;
+ $this->_mcrypt_mode = MCRYPT_MODE_CBC;
}
-
+
return $this->_mcrypt_mode;
}
@@ -440,7 +503,7 @@ class CI_Encrypt {
* @access public
* @param string
* @return string
- */
+ */
function hash($str)
{
return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str);