summaryrefslogtreecommitdiffstats
path: root/system/libraries/Encryption.php
AgeCommit message (Collapse)AuthorFilesLines
2014-07-07Fix potential bugs in password_hash(), CI_EncryptionAndrey Andreev1-8/+53
strlen(), substr() are not byte-safe when mbstring.func_overload is enabled
2014-07-02Remove GCM mode from CI_Encryption (OpenSSL)Andrey Andreev1-3/+2
While openssl_get_cipher_methods() lists 'aes-<keysize>-gcm' as supported, it appears that this is only half of the story. To be more specific, only the encryption operation of GCM is performed, and the authentication message is completely missing, rendering the whole thing useles.
2014-06-21Add CI_Encryption::create_key()Andrey Andreev1-0/+15
This was planned, we somehow forgot about it. :)
2014-06-19Remove the custom IV option from CI_EncryptionAndrey Andreev1-51/+36
It serves for no practical purpose and can only do harm.
2014-03-04CI_Encryption: Remove MCrypt 'work-arounds' for CAST-128 compatibilityAndrey Andreev1-21/+4
Turns out it's OpenSSL's fault for performing 16 rounds instead of 12 for key sizes of 5-11 bytes. Reference: http://tools.ietf.org/rfc/rfc2144.txt
2014-02-18CI_Encryption::hkdf() to follow RFC5869 more strictlyAndrey Andreev1-1/+1
2014-02-112013 > 2014darwinel1-1/+1
Update copyright notices from 2013 to 2014. And update one calendar example in user_guide from year 2013/2014 to 2014/2015.
2014-02-10CI_Encryption: Rename 'base64' parameter to 'raw_data' and add docsAndrey Andreev1-2/+2
2014-02-07CI_Encryption: Optimizations and test casesAndrey Andreev1-26/+18
2014-02-06CI_Encryption: CAST-128/CAST5 and RC4/ARCFour compatibilityAndrey Andreev1-15/+50
2014-02-06CI_Encryption: Time-attack-safe HMAC verificationAndrey Andreev1-4/+18
2014-02-05CI_Encryption: HMAC to not be derived from the encryption keyAndrey Andreev1-58/+56
2014-02-05More CI_Encryption improvementsAndrey Andreev1-46/+6
- Make OpenSSL the default driver if available (because MCrypt is stupid). - Require MCRYPT_DEV_URANDOM for the MCrypt availability check (because security; also, incidentally - it's faster that way ;)).
2014-02-05CI_Encryption: More MCrypt/OpenSSL compatibility and get rid of the ↵Andrey Andreev1-17/+69
MCRYPT_MODE_* constants
2014-02-05CI_Encryption: Add Blowfish to compatibility listAndrey Andreev1-7/+11
2014-02-05CI_Encryption: Work around MCrypt's dumb behavior in ECB modeAndrey Andreev1-49/+65
2014-02-04CI_Encryption: Remove ARCFour from aliased ciphers due ...Andrey Andreev1-4/+2
Seems like there are some issues with it
2014-02-04CI_Encryption: Fix more errors and add a 'portability' test caseAndrey Andreev1-17/+17
2014-02-04Fix a logical error in CI_EncryptionAndrey Andreev1-3/+3
2014-02-04CI_Encryption: Fix some errors and add unit tests for hkdf()Andrey Andreev1-10/+10
2014-02-04CI_Encryption improvementsAndrey Andreev1-99/+199
- HMAC authentication by default. - HKDF support. - Reduce code repetition.
2014-02-03Introducing CI_Encryption (a CI_Encrypt replacement)Andrey Andreev1-0/+718