From f4a4bd8fac188ebc9cda822ffc811c218fd92b45 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Thu, 20 Oct 2011 12:18:42 -0500 Subject: adding new license file (OSL 3.0) and updating readme to ReST added notice of license to all source files. OSL to all except the few files we ship inside of the application folder, those are AFL. Updated license in user guide. incrementing next dev version to 3.0 due to licensing change --- system/libraries/Encrypt.php | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index b30a8cf0b..c2cb808dd 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -4,10 +4,22 @@ * * An open source application development framework for PHP 5.1.6 or newer * + * NOTICE OF LICENSE + * + * Licensed under the Open Software License version 3.0 + * + * This source file is subject to the Open Software License (OSL 3.0) that is + * bundled with this package in the files license.txt / license.rst. It is + * also available through the world wide web at this URL: + * http://opensource.org/licenses/OSL-3.0 + * If you did not receive a copy of the license and are unable to obtain it + * through the world wide web, please send an email to + * licensing@ellislab.com so we can send you a copy immediately. + * * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 * @filesource @@ -23,7 +35,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Libraries - * @author ExpressionEngine Dev Team + * @author EllisLab Dev Team * @link http://codeigniter.com/user_guide/libraries/encryption.html */ class CI_Encrypt { -- cgit v1.2.3-24-g4f1b From d1af1854e3444d58907225f46f473723cdf97628 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Sun, 25 Dec 2011 21:59:30 -0600 Subject: Removing previously deprecated SHA1 library and removed SHA1 method in the Encryption Library --- system/libraries/Encrypt.php | 105 +++++++++++-------------------------------- 1 file changed, 27 insertions(+), 78 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index c2cb808dd..92b0b3c4a 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -40,22 +40,19 @@ */ class CI_Encrypt { - var $CI; - var $encryption_key = ''; - var $_hash_type = 'sha1'; - var $_mcrypt_exists = FALSE; - var $_mcrypt_cipher; - var $_mcrypt_mode; + public $encryption_key = ''; + protected $_hash_type = 'sha1'; + protected $_mcrypt_exists = FALSE; + protected $_mcrypt_cipher; + protected $_mcrypt_mode; /** * Constructor * * Simply determines whether the mcrypt library exists. - * */ public function __construct() { - $this->CI =& get_instance(); $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; log_message('debug', "Encrypt Class Initialized"); } @@ -68,11 +65,10 @@ class CI_Encrypt { * Returns it as MD5 in order to have an exact-length 128 bit key. * Mcrypt is sensitive to keys that are not the correct length * - * @access public * @param string * @return string */ - function get_key($key = '') + public function get_key($key = '') { if ($key == '') { @@ -84,7 +80,7 @@ class CI_Encrypt { $CI =& get_instance(); $key = $CI->config->item('encryption_key'); - if ($key == FALSE) + if ($key === FALSE) { show_error('In order to use the encryption class requires that you set an encryption key in your config file.'); } @@ -98,13 +94,13 @@ class CI_Encrypt { /** * Set the encryption key * - * @access public * @param string * @return void */ - function set_key($key = '') + public function set_key($key = '') { $this->encryption_key = $key; + return $this; } // -------------------------------------------------------------------- @@ -120,12 +116,11 @@ class CI_Encrypt { * that is randomized with each call to this function, * even if the supplied message and key are the same. * - * @access public * @param string the string to encode * @param string the key * @return string */ - function encode($string, $key = '') + public function encode($string, $key = '') { $key = $this->get_key($key); @@ -148,12 +143,11 @@ class CI_Encrypt { * * Reverses the above process * - * @access public * @param string * @param string * @return string */ - function decode($string, $key = '') + public function decode($string, $key = '') { $key = $this->get_key($key); @@ -191,13 +185,12 @@ class CI_Encrypt { * * For more details, see http://codeigniter.com/user_guide/installation/upgrade_200.html#encryption * - * @access public * @param string * @param int (mcrypt mode constant) * @param string * @return string */ - function encode_from_legacy($string, $legacy_mode = MCRYPT_MODE_ECB, $key = '') + public function encode_from_legacy($string, $legacy_mode = MCRYPT_MODE_ECB, $key = '') { if ($this->_mcrypt_exists === FALSE) { @@ -242,12 +235,11 @@ class CI_Encrypt { * Takes a plain-text string and key as input and generates an * encoded bit-string using XOR * - * @access private * @param string * @param string * @return string */ - function _xor_encode($string, $key) + protected function _xor_encode($string, $key) { $rand = ''; while (strlen($rand) < 32) @@ -274,12 +266,11 @@ class CI_Encrypt { * Takes an encoded string and key as input and generates the * plain-text original message * - * @access private * @param string * @param string * @return string */ - function _xor_decode($string, $key) + protected function _xor_decode($string, $key) { $string = $this->_xor_merge($string, $key); @@ -299,12 +290,11 @@ class CI_Encrypt { * * Takes a string and key as input and computes the difference using XOR * - * @access private * @param string * @param string * @return string */ - function _xor_merge($string, $key) + protected function _xor_merge($string, $key) { $hash = $this->hash($key); $str = ''; @@ -321,12 +311,11 @@ class CI_Encrypt { /** * Encrypt using Mcrypt * - * @access public * @param string * @param string * @return string */ - function mcrypt_encode($data, $key) + public function mcrypt_encode($data, $key) { $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); @@ -338,12 +327,11 @@ class CI_Encrypt { /** * Decrypt using Mcrypt * - * @access public * @param string * @param string * @return string */ - function mcrypt_decode($data, $key) + public function mcrypt_decode($data, $key) { $data = $this->_remove_cipher_noise($data, $key); $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); @@ -365,14 +353,11 @@ class CI_Encrypt { * against Man-in-the-middle attacks on CBC mode ciphers * http://www.ciphersbyritter.com/GLOSSARY.HTM#IV * - * Function description - * - * @access private * @param string * @param string * @return string */ - function _add_cipher_noise($data, $key) + protected function _add_cipher_noise($data, $key) { $keyhash = $this->hash($key); $keylen = strlen($keyhash); @@ -399,11 +384,10 @@ class CI_Encrypt { * * Function description * - * @access public * @param type * @return type */ - function _remove_cipher_noise($data, $key) + protected function _remove_cipher_noise($data, $key) { $keyhash = $this->hash($key); $keylen = strlen($keyhash); @@ -434,13 +418,13 @@ class CI_Encrypt { /** * Set the Mcrypt Cipher * - * @access public * @param constant * @return string */ - function set_cipher($cipher) + public function set_cipher($cipher) { $this->_mcrypt_cipher = $cipher; + return $this; } // -------------------------------------------------------------------- @@ -448,13 +432,13 @@ class CI_Encrypt { /** * Set the Mcrypt Mode * - * @access public * @param constant * @return string */ function set_mode($mode) { $this->_mcrypt_mode = $mode; + return $this; } // -------------------------------------------------------------------- @@ -462,10 +446,9 @@ class CI_Encrypt { /** * Get Mcrypt cipher Value * - * @access private * @return string */ - function _get_cipher() + protected function _get_cipher() { if ($this->_mcrypt_cipher == '') { @@ -480,10 +463,9 @@ class CI_Encrypt { /** * Get Mcrypt Mode Value * - * @access private * @return string */ - function _get_mode() + protected function _get_mode() { if ($this->_mcrypt_mode == '') { @@ -498,11 +480,10 @@ class CI_Encrypt { /** * Set the Hash type * - * @access public * @param string * @return string */ - function set_hash($type = 'sha1') + public function set_hash($type = 'sha1') { $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type; } @@ -512,45 +493,13 @@ class CI_Encrypt { /** * Hash encode a string * - * @access public * @param string * @return string */ - function hash($str) + public function hash($str) { - return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str); + return ($this->_hash_type == 'sha1') ? sha1($str) : md5($str); } - - // -------------------------------------------------------------------- - - /** - * Generate an SHA1 Hash - * - * @access public - * @param string - * @return string - */ - function sha1($str) - { - if ( ! function_exists('sha1')) - { - if ( ! function_exists('mhash')) - { - require_once(BASEPATH.'libraries/Sha1.php'); - $SH = new CI_SHA; - return $SH->generate($str); - } - else - { - return bin2hex(mhash(MHASH_SHA1, $str)); - } - } - else - { - return sha1($str); - } - } - } // END CI_Encrypt class -- cgit v1.2.3-24-g4f1b From 7c251b38b690183b590adeb31d5155d043b6f74b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 27 Dec 2011 16:37:23 +0200 Subject: Improve the Encryption library --- system/libraries/Encrypt.php | 92 +++++++++++++++----------------------------- 1 file changed, 32 insertions(+), 60 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 92b0b3c4a..d9f40b0d5 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -1,13 +1,13 @@ -get_key($key); - - if ($this->_mcrypt_exists === TRUE) - { - $enc = $this->mcrypt_encode($string, $key); - } - else - { - $enc = $this->_xor_encode($string, $key); - } - - return base64_encode($enc); + $method = ($this->_mcrypt_exists === TRUE) ? 'mcrypt_encode' : '_xor_encode'; + return base64_encode($this->$method($string, $this->get_key($key))); } // -------------------------------------------------------------------- @@ -149,28 +139,13 @@ class CI_Encrypt { */ public function decode($string, $key = '') { - $key = $this->get_key($key); - if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) { return FALSE; } - $dec = base64_decode($string); - - if ($this->_mcrypt_exists === TRUE) - { - if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) - { - return FALSE; - } - } - else - { - $dec = $this->_xor_decode($dec, $key); - } - - return $dec; + $method = ($this->_mcrypt_exists === TRUE) ? 'mcrypt_decode' : '_xor_decode'; + return $this->$method(base64_decode($string), $this->get_key($key)); } // -------------------------------------------------------------------- @@ -197,6 +172,10 @@ class CI_Encrypt { log_message('error', 'Encoding from legacy is available only when Mcrypt is in use.'); return FALSE; } + elseif (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) + { + return FALSE; + } // decode it first // set mode temporarily to what it was when string was encoded with the legacy @@ -205,12 +184,6 @@ class CI_Encrypt { $this->set_mode($legacy_mode); $key = $this->get_key($key); - - if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) - { - return FALSE; - } - $dec = base64_decode($string); if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) @@ -242,17 +215,18 @@ class CI_Encrypt { protected function _xor_encode($string, $key) { $rand = ''; - while (strlen($rand) < 32) + do { $rand .= mt_rand(0, mt_getrandmax()); } + while (strlen($rand) < 32); $rand = $this->hash($rand); $enc = ''; - for ($i = 0; $i < strlen($string); $i++) + for ($i = 0, $ls = strlen($string), $lr = strlen($rand); $i < $ls; $i++) { - $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1)); + $enc .= $rand[($i % $lr)].($rand[($i % $lr)] ^ $string[$i]); } return $this->_xor_merge($enc, $key); @@ -275,9 +249,9 @@ class CI_Encrypt { $string = $this->_xor_merge($string, $key); $dec = ''; - for ($i = 0; $i < strlen($string); $i++) + for ($i = 0, $l = strlen($string); $i < $l; $i++) { - $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1)); + $dec .= ($string[$i++] ^ $string[$i]); } return $dec; @@ -298,9 +272,9 @@ class CI_Encrypt { { $hash = $this->hash($key); $str = ''; - for ($i = 0; $i < strlen($string); $i++) + for ($i = 0, $ls = strlen($string), $lh = strlen($hash); $i < $ls; $i++) { - $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1); + $str .= $string[$i] ^ $hash[($i % $lh)]; } return $str; @@ -359,18 +333,17 @@ class CI_Encrypt { */ protected function _add_cipher_noise($data, $key) { - $keyhash = $this->hash($key); - $keylen = strlen($keyhash); + $key = $this->hash($key); $str = ''; - for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j) { - if ($j >= $keylen) + if ($j >= $lk) { $j = 0; } - $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256); + $str .= chr((ord($data[$i]) + ord($key[$j])) % 256); } return $str; @@ -389,22 +362,21 @@ class CI_Encrypt { */ protected function _remove_cipher_noise($data, $key) { - $keyhash = $this->hash($key); - $keylen = strlen($keyhash); + $key = $this->hash($key); $str = ''; - for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j) { - if ($j >= $keylen) + if ($j >= $lk) { $j = 0; } - $temp = ord($data[$i]) - ord($keyhash[$j]); + $temp = ord($data[$i]) - ord($key[$j]); if ($temp < 0) { - $temp = $temp + 256; + $temp += 256; } $str .= chr($temp); @@ -435,7 +407,7 @@ class CI_Encrypt { * @param constant * @return string */ - function set_mode($mode) + public function set_mode($mode) { $this->_mcrypt_mode = $mode; return $this; @@ -485,7 +457,7 @@ class CI_Encrypt { */ public function set_hash($type = 'sha1') { - $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type; + $this->_hash_type = ($type !== 'sha1' AND $type !== 'md5') ? 'sha1' : $type; } // -------------------------------------------------------------------- @@ -498,11 +470,11 @@ class CI_Encrypt { */ public function hash($str) { - return ($this->_hash_type == 'sha1') ? sha1($str) : md5($str); + return ($this->_hash_type === 'sha1') ? sha1($str) : md5($str); } } // END CI_Encrypt class /* End of file Encrypt.php */ -/* Location: ./system/libraries/Encrypt.php */ \ No newline at end of file +/* Location: ./system/libraries/Encrypt.php */ -- cgit v1.2.3-24-g4f1b From 0defe5d33ee2633f377a109519ca818becc60f64 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Sun, 1 Jan 2012 18:46:41 -0600 Subject: Updating copyright date to 2012 --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 92b0b3c4a..e297576e6 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 -- cgit v1.2.3-24-g4f1b From cc6dbda62c1c04d4e247308f980e64d5d13c932d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 06:35:17 +0200 Subject: Some more misc. stuff --- system/libraries/Encrypt.php | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index d9f40b0d5..63e3bb55e 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -46,15 +46,10 @@ class CI_Encrypt { protected $_mcrypt_cipher; protected $_mcrypt_mode; - /** - * Constructor - * - * Simply determines whether the mcrypt library exists. - */ public function __construct() { $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; - log_message('debug', "Encrypt Class Initialized"); + log_message('debug', 'Encrypt Class Initialized'); } // -------------------------------------------------------------------- @@ -95,7 +90,7 @@ class CI_Encrypt { * Set the encryption key * * @param string - * @return void + * @return object */ public function set_key($key = '') { @@ -457,7 +452,7 @@ class CI_Encrypt { */ public function set_hash($type = 'sha1') { - $this->_hash_type = ($type !== 'sha1' AND $type !== 'md5') ? 'sha1' : $type; + $this->_hash_type = ($type !== 'sha1' && $type !== 'md5') ? 'sha1' : $type; } // -------------------------------------------------------------------- @@ -474,7 +469,5 @@ class CI_Encrypt { } } -// END CI_Encrypt class - /* End of file Encrypt.php */ /* Location: ./system/libraries/Encrypt.php */ -- cgit v1.2.3-24-g4f1b From d655a997f7b98da29ea932084e2fb50956188141 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 10 Jan 2012 22:31:29 +0200 Subject: Two returns --- system/libraries/Encrypt.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 63e3bb55e..8cb4b1b19 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -180,7 +180,6 @@ class CI_Encrypt { $key = $this->get_key($key); $dec = base64_decode($string); - if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) { return FALSE; @@ -419,7 +418,7 @@ class CI_Encrypt { { if ($this->_mcrypt_cipher == '') { - $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; + return $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; } return $this->_mcrypt_cipher; @@ -436,7 +435,7 @@ class CI_Encrypt { { if ($this->_mcrypt_mode == '') { - $this->_mcrypt_mode = MCRYPT_MODE_CBC; + return $this->_mcrypt_mode = MCRYPT_MODE_CBC; } return $this->_mcrypt_mode; -- cgit v1.2.3-24-g4f1b From f4cb94ef0fdc81f6d9d908a4a2d2efda62add379 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Jan 2012 15:16:55 +0200 Subject: Some more cleaning --- system/libraries/Encrypt.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 8cb4b1b19..7c8720fd6 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -9,7 +9,7 @@ * Licensed under the Open Software License version 3.0 * * This source file is subject to the Open Software License (OSL 3.0) that is - * bundled with this package in the files license.txt / license.rst. It is + * bundled with this package in the files license.txt / license.rst. It is * also available through the world wide web at this URL: * http://opensource.org/licenses/OSL-3.0 * If you did not receive a copy of the license and are unable to obtain it @@ -25,8 +25,6 @@ * @filesource */ -// ------------------------------------------------------------------------ - /** * CodeIgniter Encryption Class * @@ -447,7 +445,7 @@ class CI_Encrypt { * Set the Hash type * * @param string - * @return string + * @return void */ public function set_hash($type = 'sha1') { -- cgit v1.2.3-24-g4f1b From ed6531362e9eb98eeb477c63e3c365f79333e724 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 24 Jan 2012 15:26:42 +0200 Subject: Revert a space in the license agreement :) --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 7c8720fd6..f6eea3b7e 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -9,7 +9,7 @@ * Licensed under the Open Software License version 3.0 * * This source file is subject to the Open Software License (OSL 3.0) that is - * bundled with this package in the files license.txt / license.rst. It is + * bundled with this package in the files license.txt / license.rst. It is * also available through the world wide web at this URL: * http://opensource.org/licenses/OSL-3.0 * If you did not receive a copy of the license and are unable to obtain it -- cgit v1.2.3-24-g4f1b From 07c1ac830b4e98aa40f48baef3dd05fb68c0a836 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Fri, 9 Mar 2012 17:03:37 +0000 Subject: Bumped CodeIgniter's PHP requirement to 5.2.4. Yes I know PHP 5.4 just came out, and yes I know PHP 5.3 has lovely features, but there are plenty of corporate systems running on CodeIgniter and PHP 5.3 still is not widely supported enough. CodeIgniter is great for distributed applications, and this is the highest we can reasonably go without breaking support. PHP 5.3 will most likely happen in another year or so. Fingers crossed on that one anyway... --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 0b0618991..b29eb470e 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * -- cgit v1.2.3-24-g4f1b From 38d0e93746f13b12af360eb614ba5353e93ecf83 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 3 Apr 2012 19:27:45 +0300 Subject: Some very minor code style changes and comment fixes --- system/libraries/Encrypt.php | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index b29eb470e..54b5bf737 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -38,15 +38,15 @@ */ class CI_Encrypt { - public $encryption_key = ''; - protected $_hash_type = 'sha1'; - protected $_mcrypt_exists = FALSE; + public $encryption_key = ''; + protected $_hash_type = 'sha1'; + protected $_mcrypt_exists = FALSE; protected $_mcrypt_cipher; protected $_mcrypt_mode; public function __construct() { - $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; + $this->_mcrypt_exists = function_exists('mcrypt_encrypt'); log_message('debug', 'Encrypt Class Initialized'); } @@ -349,8 +349,8 @@ class CI_Encrypt { * * Function description * - * @param type - * @return type + * @param string + * @return string */ protected function _remove_cipher_noise($data, $key) { @@ -382,8 +382,8 @@ class CI_Encrypt { /** * Set the Mcrypt Cipher * - * @param constant - * @return string + * @param int + * @return object */ public function set_cipher($cipher) { @@ -396,8 +396,8 @@ class CI_Encrypt { /** * Set the Mcrypt Mode * - * @param constant - * @return string + * @param int + * @return object */ public function set_mode($mode) { @@ -410,7 +410,7 @@ class CI_Encrypt { /** * Get Mcrypt cipher Value * - * @return string + * @return int */ protected function _get_cipher() { @@ -427,7 +427,7 @@ class CI_Encrypt { /** * Get Mcrypt Mode Value * - * @return string + * @return int */ protected function _get_mode() { @@ -464,7 +464,8 @@ class CI_Encrypt { { return ($this->_hash_type === 'sha1') ? sha1($str) : md5($str); } + } /* End of file Encrypt.php */ -/* Location: ./system/libraries/Encrypt.php */ +/* Location: ./system/libraries/Encrypt.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 0688ac9ad88a03f1c56cfcd9e3c475b83301344d Mon Sep 17 00:00:00 2001 From: Timothy Warren Date: Fri, 20 Apr 2012 10:25:04 -0400 Subject: Start comment cleanup of libraries --- system/libraries/Encrypt.php | 35 ++++++++++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 54b5bf737..17437c1ca 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -38,12 +38,44 @@ */ class CI_Encrypt { + /** + * Reference to the user's encryption key + * + * @var string + */ public $encryption_key = ''; + + /** + * Type of hash operation + * + * @var string + */ protected $_hash_type = 'sha1'; + + /** + * Flag for the existance of mcrypt + * + * @var bool + */ protected $_mcrypt_exists = FALSE; + + /** + * Current cipher to be used with mcrypt + * + * @var string + */ protected $_mcrypt_cipher; + + /** + * Method for encrypting/decrypting data + * + * @var int + */ protected $_mcrypt_mode; + /** + * Initialize Encryption class + */ public function __construct() { $this->_mcrypt_exists = function_exists('mcrypt_encrypt'); @@ -349,7 +381,8 @@ class CI_Encrypt { * * Function description * - * @param string + * @param string $data + * @param string $key * @return string */ protected function _remove_cipher_noise($data, $key) -- cgit v1.2.3-24-g4f1b From 5645479c622eb36cf9869797896dc0921568c4a9 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 17 May 2012 14:32:19 +0300 Subject: Clean up the libraries --- system/libraries/Encrypt.php | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 17437c1ca..751557fab 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -44,28 +44,28 @@ class CI_Encrypt { * @var string */ public $encryption_key = ''; - + /** * Type of hash operation - * + * * @var string */ protected $_hash_type = 'sha1'; - + /** * Flag for the existance of mcrypt * * @var bool */ protected $_mcrypt_exists = FALSE; - + /** * Current cipher to be used with mcrypt * * @var string */ protected $_mcrypt_cipher; - + /** * Method for encrypting/decrypting data * @@ -75,6 +75,8 @@ class CI_Encrypt { /** * Initialize Encryption class + * + * @return void */ public function __construct() { -- cgit v1.2.3-24-g4f1b From d261b1e89c3d4d5191036d5a5660ef6764e593a0 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sat, 2 Jun 2012 11:12:16 +0100 Subject: Replaced `==` with `===` and `!=` with `!==` in /system/libraries --- system/libraries/Encrypt.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 751557fab..102b1dfdd 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -97,9 +97,9 @@ class CI_Encrypt { */ public function get_key($key = '') { - if ($key == '') + if ($key === '') { - if ($this->encryption_key != '') + if ($this->encryption_key !== '') { return $this->encryption_key; } @@ -449,7 +449,7 @@ class CI_Encrypt { */ protected function _get_cipher() { - if ($this->_mcrypt_cipher == '') + if ($this->_mcrypt_cipher === '') { return $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; } @@ -466,7 +466,7 @@ class CI_Encrypt { */ protected function _get_mode() { - if ($this->_mcrypt_mode == '') + if ($this->_mcrypt_mode === '') { return $this->_mcrypt_mode = MCRYPT_MODE_CBC; } -- cgit v1.2.3-24-g4f1b From 79eca3d6e5e3aec576410e3c533164d29196b0eb Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 4 Jun 2012 18:28:50 +0300 Subject: Fix issue #1423 --- system/libraries/Encrypt.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 102b1dfdd..959e2eea8 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -449,7 +449,7 @@ class CI_Encrypt { */ protected function _get_cipher() { - if ($this->_mcrypt_cipher === '') + if ($this->_mcrypt_cipher === NULL) { return $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; } @@ -466,7 +466,7 @@ class CI_Encrypt { */ protected function _get_mode() { - if ($this->_mcrypt_mode === '') + if ($this->_mcrypt_mode === NULL) { return $this->_mcrypt_mode = MCRYPT_MODE_CBC; } -- cgit v1.2.3-24-g4f1b From ba7f50bf6553e2f4a3b81da9d5c2c9811e4022c8 Mon Sep 17 00:00:00 2001 From: Joffrey Jaffeux Date: Wed, 6 Jun 2012 01:40:01 +0200 Subject: replace get_config by config_item --- system/libraries/Encrypt.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 959e2eea8..ce5e030b0 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -104,8 +104,7 @@ class CI_Encrypt { return $this->encryption_key; } - $CI =& get_instance(); - $key = $CI->config->item('encryption_key'); + $key = config_item('encryption_key'); if ($key === FALSE) { -- cgit v1.2.3-24-g4f1b From f696c1fe8df29d54a933804a6f4d182a5a59c7a2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 12 Jun 2012 12:14:51 +0300 Subject: Fix issue #1202 --- system/libraries/Encrypt.php | 1 + 1 file changed, 1 insertion(+) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index ce5e030b0..8ffd93aea 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -213,6 +213,7 @@ class CI_Encrypt { $dec = base64_decode($string); if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) { + $this->set_mode($current_mode); return FALSE; } -- cgit v1.2.3-24-g4f1b From a9923f5dc131f5a18175b1df3cf3f80a93ffb464 Mon Sep 17 00:00:00 2001 From: Daniel Morris Date: Wed, 3 Oct 2012 19:37:09 +0100 Subject: Support for hashing algorithms other than SHA1 and MD5 Signed-off-by: Daniel Morris --- system/libraries/Encrypt.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 8ffd93aea..3b04f7b06 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -484,7 +484,7 @@ class CI_Encrypt { */ public function set_hash($type = 'sha1') { - $this->_hash_type = ($type !== 'sha1' && $type !== 'md5') ? 'sha1' : $type; + $this->_hash_type = (in_array($type, hash_algos())) ? $type : 'sha1'; } // -------------------------------------------------------------------- @@ -497,7 +497,7 @@ class CI_Encrypt { */ public function hash($str) { - return ($this->_hash_type === 'sha1') ? sha1($str) : md5($str); + return hash($this->_hash_type, $str); } } -- cgit v1.2.3-24-g4f1b From ada7775a47f32034ba589768612894c3cb6186ca Mon Sep 17 00:00:00 2001 From: Daniel Morris Date: Thu, 4 Oct 2012 10:24:16 +0100 Subject: Removed redundant parenthesis around `in_array()` --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 3b04f7b06..679609251 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -484,7 +484,7 @@ class CI_Encrypt { */ public function set_hash($type = 'sha1') { - $this->_hash_type = (in_array($type, hash_algos())) ? $type : 'sha1'; + $this->_hash_type = in_array($type, hash_algos()) ? $type : 'sha1'; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From c6f9a5da098ed9e27d88b7c271c4e1ba76fa79d6 Mon Sep 17 00:00:00 2001 From: lysenkobv Date: Wed, 10 Oct 2012 20:11:34 +0300 Subject: libraries/Encrypt.php decode improvement MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit if base64 string is NO valid the result of decoded string is something like this "23Y�����������S�� �����i��!q" (base64_encode(base64_decode($string)) !== $string) check is this base64 string valid --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 679609251..dbe16b096 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -165,7 +165,7 @@ class CI_Encrypt { */ public function decode($string, $key = '') { - if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) + if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string) || base64_encode(base64_decode($string)) !== $string) { return FALSE; } -- cgit v1.2.3-24-g4f1b From c16b4f4164a4a26c48b823caf086a9777dc75beb Mon Sep 17 00:00:00 2001 From: Bogdan Lysenko Date: Thu, 11 Oct 2012 11:41:01 +0300 Subject: Update system/libraries/Encrypt.php --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index dbe16b096..73ab8ca7d 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -165,7 +165,7 @@ class CI_Encrypt { */ public function decode($string, $key = '') { - if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string) || base64_encode(base64_decode($string)) !== $string) + if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string) OR base64_encode(base64_decode($string)) !== $string) { return FALSE; } -- cgit v1.2.3-24-g4f1b From c5536aac5752054f7f76e448d58b86407d8f574e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Nov 2012 17:33:58 +0200 Subject: Manually apply PR #1594 (fixing phpdoc page-level generation/warnings) Also partially fixes issue #1295, fixes inconsistencies in some page-level docblocks and adds include checks in language files. --- system/libraries/Encrypt.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 73ab8ca7d..cdb0a6452 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -1,4 +1,4 @@ - Date: Mon, 17 Dec 2012 07:51:15 -0500 Subject: update for Issue #2064 (changed docblocks which return $this or only call a method that returns $this to @return CI_DB_class_name) --- system/libraries/Encrypt.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index cdb0a6452..e54ce4950 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -122,7 +122,7 @@ class CI_Encrypt { * Set the encryption key * * @param string - * @return object + * @return CI_Encrypt */ public function set_key($key = '') { @@ -419,7 +419,7 @@ class CI_Encrypt { * Set the Mcrypt Cipher * * @param int - * @return object + * @return CI_Encrypt */ public function set_cipher($cipher) { @@ -433,7 +433,7 @@ class CI_Encrypt { * Set the Mcrypt Mode * * @param int - * @return object + * @return CI_Encrypt */ public function set_mode($mode) { -- cgit v1.2.3-24-g4f1b From 80500afbd188600212ca913a7bac073009feac73 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 1 Jan 2013 08:16:53 +0200 Subject: [ci skip] Happy new year --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index e54ce4950..c6a1cb175 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2013, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 -- cgit v1.2.3-24-g4f1b From 0612756dd37a3472259a19814e1a9bb403ab6e11 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Sat, 30 Mar 2013 00:06:39 +0100 Subject: Some cleanup related to mt_rand() - min and max values are 0 and mt_getrandmax() by default - remove useless mt_srand() seed calls --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index c6a1cb175..8ac5420de 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -244,7 +244,7 @@ class CI_Encrypt { $rand = ''; do { - $rand .= mt_rand(0, mt_getrandmax()); + $rand .= mt_rand(); } while (strlen($rand) < 32); -- cgit v1.2.3-24-g4f1b From 871754af60251993d640981e107d2def5f2db396 Mon Sep 17 00:00:00 2001 From: darwinel Date: Tue, 11 Feb 2014 17:34:57 +0100 Subject: 2013 > 2014 Update copyright notices from 2013 to 2014. And update one calendar example in user_guide from year 2013/2014 to 2014/2015. --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 8ac5420de..f72bd2302 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2013, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) * @link http://codeigniter.com * @since Version 1.0 -- cgit v1.2.3-24-g4f1b From 6eb77da2db93af893955b320a768054e9519dc81 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 31 May 2014 21:18:17 +0300 Subject: Remove CI_Encrypt::_xor_encode() --- system/libraries/Encrypt.php | 59 +++++++++----------------------------------- 1 file changed, 12 insertions(+), 47 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index f72bd2302..2541a4467 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -81,7 +81,11 @@ class CI_Encrypt { */ public function __construct() { - $this->_mcrypt_exists = function_exists('mcrypt_encrypt'); + if (($this->_mcrypt_exists = function_exists('mcrypt_encrypt')) === FALSE) + { + show_error('The Encrypt library requires the Mcrypt extension.'); + } + log_message('debug', 'Encrypt Class Initialized'); } @@ -138,10 +142,10 @@ class CI_Encrypt { * Encodes the message string using bitwise XOR encoding. * The key is combined with a random hash, and then it * too gets converted using XOR. The whole thing is then run - * through mcrypt (if supported) using the randomized key. - * The end result is a double-encrypted message string - * that is randomized with each call to this function, - * even if the supplied message and key are the same. + * through mcrypt using the randomized key. The end result + * is a double-encrypted message string that is randomized + * with each call to this function, even if the supplied + * message and key are the same. * * @param string the string to encode * @param string the key @@ -149,8 +153,7 @@ class CI_Encrypt { */ public function encode($string, $key = '') { - $method = ($this->_mcrypt_exists === TRUE) ? 'mcrypt_encode' : '_xor_encode'; - return base64_encode($this->$method($string, $this->get_key($key))); + return base64_encode($this->mcrypt_encode($string, $this->get_key($key))); } // -------------------------------------------------------------------- @@ -171,8 +174,7 @@ class CI_Encrypt { return FALSE; } - $method = ($this->_mcrypt_exists === TRUE) ? 'mcrypt_decode' : '_xor_decode'; - return $this->$method(base64_decode($string), $this->get_key($key)); + return $this->mcrypt_decode(base64_decode($string), $this->get_key($key)); } // -------------------------------------------------------------------- @@ -194,12 +196,7 @@ class CI_Encrypt { */ public function encode_from_legacy($string, $legacy_mode = MCRYPT_MODE_ECB, $key = '') { - if ($this->_mcrypt_exists === FALSE) - { - log_message('error', 'Encoding from legacy is available only when Mcrypt is in use.'); - return FALSE; - } - elseif (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) + if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) { return FALSE; } @@ -229,38 +226,6 @@ class CI_Encrypt { // -------------------------------------------------------------------- - /** - * XOR Encode - * - * Takes a plain-text string and key as input and generates an - * encoded bit-string using XOR - * - * @param string - * @param string - * @return string - */ - protected function _xor_encode($string, $key) - { - $rand = ''; - do - { - $rand .= mt_rand(); - } - while (strlen($rand) < 32); - - $rand = $this->hash($rand); - - $enc = ''; - for ($i = 0, $ls = strlen($string), $lr = strlen($rand); $i < $ls; $i++) - { - $enc .= $rand[($i % $lr)].($rand[($i % $lr)] ^ $string[$i]); - } - - return $this->_xor_merge($enc, $key); - } - - // -------------------------------------------------------------------- - /** * XOR Decode * -- cgit v1.2.3-24-g4f1b From fc4db348999fe9cc8d568eeba7602a11d449e2b8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 27 Aug 2014 14:18:19 +0300 Subject: [ci skip] Update a comment block description --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 2541a4467..995bf0bbe 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -29,7 +29,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); /** * CodeIgniter Encryption Class * - * Provides two-way keyed encoding using XOR Hashing and Mcrypt + * Provides two-way keyed encoding using Mcrypt * * @package CodeIgniter * @subpackage Libraries -- cgit v1.2.3-24-g4f1b From d444d445ed0458a352ecb9ff79ffd158677ee805 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 6 Oct 2014 00:00:08 +0300 Subject: config_item() to return NULL instead of FALSE for non-existing items Close #3001 Close #3232 Related: #3244 --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 995bf0bbe..1af42ed1f 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -111,7 +111,7 @@ class CI_Encrypt { $key = config_item('encryption_key'); - if ($key === FALSE) + if ( ! strlen($key)) { show_error('In order to use the encryption class requires that you set an encryption key in your config file.'); } -- cgit v1.2.3-24-g4f1b From bdb96ca1b1dbfc1791172fd169d7751cbc4d7d55 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 28 Oct 2014 00:13:31 +0200 Subject: [ci skip] Switch to MIT license; close #3293 --- system/libraries/Encrypt.php | 39 +++++++++++++++++++++++++-------------- 1 file changed, 25 insertions(+), 14 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 1af42ed1f..8e0ace0e3 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -4,24 +4,35 @@ * * An open source application development framework for PHP 5.2.4 or newer * - * NOTICE OF LICENSE + * This content is released under the MIT License (MIT) * - * Licensed under the Open Software License version 3.0 + * Copyright (c) 2014, British Columbia Institute of Technology * - * This source file is subject to the Open Software License (OSL 3.0) that is - * bundled with this package in the files license.txt / license.rst. It is - * also available through the world wide web at this URL: - * http://opensource.org/licenses/OSL-3.0 - * If you did not receive a copy of the license and are unable to obtain it - * through the world wide web, please send an email to - * licensing@ellislab.com so we can send you a copy immediately. + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: * - * @package CodeIgniter - * @author EllisLab Dev Team + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @license http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) - * @link http://codeigniter.com - * @since Version 1.0 + * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @license http://opensource.org/licenses/MIT MIT License + * @link http://codeigniter.com + * @since Version 1.0.0 * @filesource */ defined('BASEPATH') OR exit('No direct script access allowed'); -- cgit v1.2.3-24-g4f1b From fe9309d22c1b088f5363954d6dac013c8c955894 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 9 Jan 2015 17:48:58 +0200 Subject: Bulk (mostly documentation) update - Remove PHP version from license notices - Bump year number in copyright notices - Recommend PHP 5.4 or newer to be used - Tell Travis-CI to test on PHP 5.3.0 instead of the latest 5.3 version Related: #3450 --- system/libraries/Encrypt.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 8e0ace0e3..45b3027eb 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -2,11 +2,11 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.2.4 or newer + * An open source application development framework for PHP * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014, British Columbia Institute of Technology + * Copyright (c) 2014 - 2015, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 -- cgit v1.2.3-24-g4f1b From 90726b8c769ea75aec34814ddfa91655d488e6c3 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 20 Jan 2015 12:39:22 +0200 Subject: [ci skip] Change some log messages' level 'Class Loaded' type of messages flood log files when log_threshold is set to 2 (debug). They're now logged as 'info' level. This is manually applying PR #1528, which was created to do the same thing, but became outdated. --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 45b3027eb..f527a9943 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -97,7 +97,7 @@ class CI_Encrypt { show_error('The Encrypt library requires the Mcrypt extension.'); } - log_message('debug', 'Encrypt Class Initialized'); + log_message('info', 'Encrypt Class Initialized'); } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 4cbe463b4c442e0e2dae2f43565e77f7ac5ecb86 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Wed, 21 Jan 2015 22:56:22 +0100 Subject: Remove closing blocks at end of PHP files --- system/libraries/Encrypt.php | 3 --- 1 file changed, 3 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index f527a9943..5faf1f206 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -478,6 +478,3 @@ class CI_Encrypt { } } - -/* End of file Encrypt.php */ -/* Location: ./system/libraries/Encrypt.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 55bc50578b9f1aa3fd71cb427848b21748655690 Mon Sep 17 00:00:00 2001 From: Calvin Tam Date: Fri, 24 Jul 2015 02:27:24 -0700 Subject: Fixed typos --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 5faf1f206..a46d4f462 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -65,7 +65,7 @@ class CI_Encrypt { protected $_hash_type = 'sha1'; /** - * Flag for the existance of mcrypt + * Flag for the existence of mcrypt * * @var bool */ -- cgit v1.2.3-24-g4f1b From 125ef4751080a2118cb203357d77687699e3eb25 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:33:00 +0200 Subject: [ci skip] Bump year to 2016 --- system/libraries/Encrypt.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index a46d4f462..18ef92dde 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2015, British Columbia Institute of Technology + * Copyright (c) 2014 - 2016, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 -- cgit v1.2.3-24-g4f1b From bd202c91b0e9cf0a8c93bcaa71df9574f5909346 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:50:18 +0200 Subject: [ci skip] Update codeigniter.com links to https --- system/libraries/Encrypt.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 18ef92dde..608f7da28 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -31,7 +31,7 @@ * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License - * @link http://codeigniter.com + * @link https://codeigniter.com * @since Version 1.0.0 * @filesource */ @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link http://codeigniter.com/user_guide/libraries/encryption.html + * @link https://codeigniter.com/user_guide/libraries/encryption.html */ class CI_Encrypt { @@ -198,7 +198,7 @@ class CI_Encrypt { * This allows for backwards compatibility and a method to transition to the * new encryption algorithms. * - * For more details, see http://codeigniter.com/user_guide/installation/upgrade_200.html#encryption + * For more details, see https://codeigniter.com/user_guide/installation/upgrade_200.html#encryption * * @param string * @param int (mcrypt mode constant) -- cgit v1.2.3-24-g4f1b From 1924e879b165fb119847a49a7a5eab2f28295fa2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:55:34 +0200 Subject: [ci skip] Update ellislab.com links to https too --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 608f7da28..1372a311f 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -28,7 +28,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com -- cgit v1.2.3-24-g4f1b From da60e9bc66ec90970fbd2dfd08b0a6e66b9f5f5f Mon Sep 17 00:00:00 2001 From: Master Yoda Date: Sat, 31 Dec 2016 08:46:18 -0800 Subject: Update copyright data to 2017 --- system/libraries/Encrypt.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 1372a311f..46f374726 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2016, British Columbia Institute of Technology + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2016, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 -- cgit v1.2.3-24-g4f1b From f565212c5aa07a8016394a3bc66874be83c73d4d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Jan 2017 15:17:00 +0200 Subject: Fix byte-safety issues & actually test for them --- system/libraries/Encrypt.php | 59 +++++++++++++++++++++++++++++++++++++------- 1 file changed, 50 insertions(+), 9 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 46f374726..ebcc6e8c6 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -122,7 +122,7 @@ class CI_Encrypt { $key = config_item('encryption_key'); - if ( ! strlen($key)) + if ( ! self::strlen($key)) { show_error('In order to use the encryption class requires that you set an encryption key in your config file.'); } @@ -252,7 +252,7 @@ class CI_Encrypt { $string = $this->_xor_merge($string, $key); $dec = ''; - for ($i = 0, $l = strlen($string); $i < $l; $i++) + for ($i = 0, $l = self::strlen($string); $i < $l; $i++) { $dec .= ($string[$i++] ^ $string[$i]); } @@ -275,7 +275,8 @@ class CI_Encrypt { { $hash = $this->hash($key); $str = ''; - for ($i = 0, $ls = strlen($string), $lh = strlen($hash); $i < $ls; $i++) + + for ($i = 0, $ls = self::strlen($string), $lh = self::strlen($hash); $i < $ls; $i++) { $str .= $string[$i] ^ $hash[($i % $lh)]; } @@ -295,7 +296,7 @@ class CI_Encrypt { public function mcrypt_encode($data, $key) { $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); - $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); + $init_vect = mcrypt_create_iv($init_size, MCRYPT_DEV_URANDOM); return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key); } @@ -313,13 +314,14 @@ class CI_Encrypt { $data = $this->_remove_cipher_noise($data, $key); $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); - if ($init_size > strlen($data)) + if ($init_size > self::strlen($data)) { return FALSE; } - $init_vect = substr($data, 0, $init_size); - $data = substr($data, $init_size); + $init_vect = self::substr($data, 0, $init_size); + $data = self::substr($data, $init_size); + return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0"); } @@ -339,7 +341,7 @@ class CI_Encrypt { $key = $this->hash($key); $str = ''; - for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j) + for ($i = 0, $j = 0, $ld = self::strlen($data), $lk = self::strlen($key); $i < $ld; ++$i, ++$j) { if ($j >= $lk) { @@ -369,7 +371,7 @@ class CI_Encrypt { $key = $this->hash($key); $str = ''; - for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j) + for ($i = 0, $j = 0, $ld = self::strlen($data), $lk = self::strlen($key); $i < $ld; ++$i, ++$j) { if ($j >= $lk) { @@ -477,4 +479,43 @@ class CI_Encrypt { return hash($this->_hash_type, $str); } + // -------------------------------------------------------------------- + + /** + * Byte-safe strlen() + * + * @param string $str + * @return int + */ + protected static function strlen($str) + { + return defined('MB_OVERLOAD_STRING') + ? mb_strlen($str, '8bit') + : strlen($str); + } + + // -------------------------------------------------------------------- + + /** + * Byte-safe substr() + * + * @param string $str + * @param int $start + * @param int $length + * @return string + */ + protected static function substr($str, $start, $length = NULL) + { + if (defined('MB_OVERLOAD_STRING')) + { + // mb_substr($str, $start, null, '8bit') returns an empty + // string on PHP 5.3 + isset($length) OR $length = ($start >= 0 ? self::strlen($str) - $start : -$start); + return mb_substr($str, $start, $length, '8bit'); + } + + return isset($length) + ? substr($str, $start, $length) + : substr($str, $start); + } } -- cgit v1.2.3-24-g4f1b