From d32d45c350ac692db6397648d77b8b0d69ef7923 Mon Sep 17 00:00:00 2001
From: Derek Jones <derek.jones@ellislab.com>
Date: Thu, 17 Jan 2008 19:21:03 +0000
Subject: fixed bug #3003 preventing encryption from working with modes other
 than MCRYPT_MODE_ECB.  Also added some noise to the cipher so the IV can
 safely be transported along with the encrypted data.

---
 system/libraries/Encrypt.php | 77 ++++++++++++++++++++++++++++++++++++++++++--
 user_guide/changelog.html    |  6 ++--
 2 files changed, 79 insertions(+), 4 deletions(-)

diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php
index e5ad78c11..5b2b7c017 100644
--- a/system/libraries/Encrypt.php
+++ b/system/libraries/Encrypt.php
@@ -249,7 +249,7 @@ class CI_Encrypt {
 	{	
 		$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
 		$init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND);
-		return mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect);
+		return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key);
 	}
   	
 	// --------------------------------------------------------------------
@@ -264,13 +264,86 @@ class CI_Encrypt {
 	 */	
 	function mcrypt_decode($data, $key)
 	{
+		$data = $this->_remove_cipher_noise($data, $key);
 		$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
-		$init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND);
+		$init_vect = substr($data, 0, $init_size);
+		$data = substr($data, $init_size);
 		return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0");
 	}
   	
 	// --------------------------------------------------------------------
 
+	/**
+	 * Adds permuted noise to the IV + encrypted data to protect
+	 * against Man-in-the-middle attacks on CBC mode ciphers
+	 * http://www.ciphersbyritter.com/GLOSSARY.HTM#IV
+	 *
+	 * Function description
+	 *
+	 * @access	private
+	 * @param	string
+	 * @param	string
+	 * @return	string
+	 */
+	function _add_cipher_noise($data, $key)
+	{
+		$keyhash = $this->hash($key);
+		$keylen = strlen($keyhash);
+		$str = '';
+	
+		for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
+		{	
+			if ($j >= $keylen)
+			{
+				$j = 0;
+			}
+			
+			$str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256);
+		}
+		
+		return $str;
+	}
+
+	// --------------------------------------------------------------------
+	
+	/**
+	 * Removes permuted noise from the IV + encrypted data, reversing
+	 * _add_cipher_noise()
+	 *
+	 * Function description
+	 *
+	 * @access	public
+	 * @param	type
+	 * @return	type
+	 */
+	function _remove_cipher_noise($data, $key)
+	{
+		$keyhash = $this->hash($key);
+		$keylen = strlen($keyhash);
+		$str = '';
+
+		for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
+		{
+			if ($j >= $keylen)
+			{
+				$j = 0;
+			}
+			
+			$temp = ord($data[$i]) - ord($keyhash[$j]);
+			
+			if ($temp < 0)
+			{
+				$temp = $temp + 256;
+			}
+			
+			$str .= chr($temp);
+		}
+		
+		return $str;
+	}
+
+	// --------------------------------------------------------------------
+	
 	/**
 	 * Set the Mcrypt Cipher
 	 *
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index eec1c2e95..3b6a3220e 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -97,7 +97,8 @@ Change Log
 	<li>Modified variable names in _ci_load() method of Loader class to avoid conflicts with view variables.</li>
     <li>Changed the behaviour of custom callbacks so that they no longer trigger the &quot;required&quot; rule. </li>
     <li>Changed the behaviour of variables submitted to the where() clause with no values to auto set &quot;IS NULL&quot;</li>
-    <li>Documented <kbd>distinct()</kbd> in <a href="./database/active_record.html">Active Record</a>. </li>
+	<li>Strengthened the Encryption library to help protect against man in the middle attacks when MCRYPT_MODE_CBC mode is used.</li>    
+	<li>Documented <kbd>distinct()</kbd> in <a href="./database/active_record.html">Active Record</a>. </li>
     <li>Documented the <kbd>timezones()</kbd> function in the <a href="./helpers/date_helper.html">Date Helper</a>.</li>
     <li>Documented unset_userdata in the <a href="./libraries/sessions.html">Session class</a>.</li>
     <li>Documented 2 config options to the <a href="./database/configuration.html">Database configuration</a> page.</li>
@@ -123,7 +124,8 @@ Change Log
 	<li>Fixed a bug in the clean_email() method of the Email class to allow for non-numeric / non-sequential array keys.</li>
     <li>Fixed a bug in Pagination to scan for non-positive num_links.</li>
 	<li>Fixed a bug in the typography helper causing extraneous paragraph tags when string contains tags.</li>
-    <li>Fixed an example of comma-separated emails in the email library documentation.</li>
+	<li>Fixed a bug in the Encryption Library to support modes other than MCRYPT_MODE_ECB</li>    
+	<li>Fixed an example of comma-separated emails in the email library documentation.</li>
     <li>Fixed an example in the Calendar library for Showing Next/Previous Month Links.</li>
     <li>Fixed a typo in the database language file.</li>
     <li>Fixed a typo in the image language file &quot;suppor&quot; to &quot;support&quot;.</li>
-- 
cgit v1.2.3-24-g4f1b