From 7c251b38b690183b590adeb31d5155d043b6f74b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 27 Dec 2011 16:37:23 +0200 Subject: Improve the Encryption library --- system/libraries/Encrypt.php | 92 +++++++++++++++----------------------------- 1 file changed, 32 insertions(+), 60 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 92b0b3c4a..d9f40b0d5 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -1,13 +1,13 @@ -get_key($key); - - if ($this->_mcrypt_exists === TRUE) - { - $enc = $this->mcrypt_encode($string, $key); - } - else - { - $enc = $this->_xor_encode($string, $key); - } - - return base64_encode($enc); + $method = ($this->_mcrypt_exists === TRUE) ? 'mcrypt_encode' : '_xor_encode'; + return base64_encode($this->$method($string, $this->get_key($key))); } // -------------------------------------------------------------------- @@ -149,28 +139,13 @@ class CI_Encrypt { */ public function decode($string, $key = '') { - $key = $this->get_key($key); - if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) { return FALSE; } - $dec = base64_decode($string); - - if ($this->_mcrypt_exists === TRUE) - { - if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) - { - return FALSE; - } - } - else - { - $dec = $this->_xor_decode($dec, $key); - } - - return $dec; + $method = ($this->_mcrypt_exists === TRUE) ? 'mcrypt_decode' : '_xor_decode'; + return $this->$method(base64_decode($string), $this->get_key($key)); } // -------------------------------------------------------------------- @@ -197,6 +172,10 @@ class CI_Encrypt { log_message('error', 'Encoding from legacy is available only when Mcrypt is in use.'); return FALSE; } + elseif (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) + { + return FALSE; + } // decode it first // set mode temporarily to what it was when string was encoded with the legacy @@ -205,12 +184,6 @@ class CI_Encrypt { $this->set_mode($legacy_mode); $key = $this->get_key($key); - - if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) - { - return FALSE; - } - $dec = base64_decode($string); if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) @@ -242,17 +215,18 @@ class CI_Encrypt { protected function _xor_encode($string, $key) { $rand = ''; - while (strlen($rand) < 32) + do { $rand .= mt_rand(0, mt_getrandmax()); } + while (strlen($rand) < 32); $rand = $this->hash($rand); $enc = ''; - for ($i = 0; $i < strlen($string); $i++) + for ($i = 0, $ls = strlen($string), $lr = strlen($rand); $i < $ls; $i++) { - $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1)); + $enc .= $rand[($i % $lr)].($rand[($i % $lr)] ^ $string[$i]); } return $this->_xor_merge($enc, $key); @@ -275,9 +249,9 @@ class CI_Encrypt { $string = $this->_xor_merge($string, $key); $dec = ''; - for ($i = 0; $i < strlen($string); $i++) + for ($i = 0, $l = strlen($string); $i < $l; $i++) { - $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1)); + $dec .= ($string[$i++] ^ $string[$i]); } return $dec; @@ -298,9 +272,9 @@ class CI_Encrypt { { $hash = $this->hash($key); $str = ''; - for ($i = 0; $i < strlen($string); $i++) + for ($i = 0, $ls = strlen($string), $lh = strlen($hash); $i < $ls; $i++) { - $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1); + $str .= $string[$i] ^ $hash[($i % $lh)]; } return $str; @@ -359,18 +333,17 @@ class CI_Encrypt { */ protected function _add_cipher_noise($data, $key) { - $keyhash = $this->hash($key); - $keylen = strlen($keyhash); + $key = $this->hash($key); $str = ''; - for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j) { - if ($j >= $keylen) + if ($j >= $lk) { $j = 0; } - $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256); + $str .= chr((ord($data[$i]) + ord($key[$j])) % 256); } return $str; @@ -389,22 +362,21 @@ class CI_Encrypt { */ protected function _remove_cipher_noise($data, $key) { - $keyhash = $this->hash($key); - $keylen = strlen($keyhash); + $key = $this->hash($key); $str = ''; - for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + for ($i = 0, $j = 0, $ld = strlen($data), $lk = strlen($key); $i < $ld; ++$i, ++$j) { - if ($j >= $keylen) + if ($j >= $lk) { $j = 0; } - $temp = ord($data[$i]) - ord($keyhash[$j]); + $temp = ord($data[$i]) - ord($key[$j]); if ($temp < 0) { - $temp = $temp + 256; + $temp += 256; } $str .= chr($temp); @@ -435,7 +407,7 @@ class CI_Encrypt { * @param constant * @return string */ - function set_mode($mode) + public function set_mode($mode) { $this->_mcrypt_mode = $mode; return $this; @@ -485,7 +457,7 @@ class CI_Encrypt { */ public function set_hash($type = 'sha1') { - $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type; + $this->_hash_type = ($type !== 'sha1' AND $type !== 'md5') ? 'sha1' : $type; } // -------------------------------------------------------------------- @@ -498,11 +470,11 @@ class CI_Encrypt { */ public function hash($str) { - return ($this->_hash_type == 'sha1') ? sha1($str) : md5($str); + return ($this->_hash_type === 'sha1') ? sha1($str) : md5($str); } } // END CI_Encrypt class /* End of file Encrypt.php */ -/* Location: ./system/libraries/Encrypt.php */ \ No newline at end of file +/* Location: ./system/libraries/Encrypt.php */ -- cgit v1.2.3-24-g4f1b From cc6dbda62c1c04d4e247308f980e64d5d13c932d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 8 Jan 2012 06:35:17 +0200 Subject: Some more misc. stuff --- system/libraries/Encrypt.php | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index d9f40b0d5..63e3bb55e 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -46,15 +46,10 @@ class CI_Encrypt { protected $_mcrypt_cipher; protected $_mcrypt_mode; - /** - * Constructor - * - * Simply determines whether the mcrypt library exists. - */ public function __construct() { $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; - log_message('debug', "Encrypt Class Initialized"); + log_message('debug', 'Encrypt Class Initialized'); } // -------------------------------------------------------------------- @@ -95,7 +90,7 @@ class CI_Encrypt { * Set the encryption key * * @param string - * @return void + * @return object */ public function set_key($key = '') { @@ -457,7 +452,7 @@ class CI_Encrypt { */ public function set_hash($type = 'sha1') { - $this->_hash_type = ($type !== 'sha1' AND $type !== 'md5') ? 'sha1' : $type; + $this->_hash_type = ($type !== 'sha1' && $type !== 'md5') ? 'sha1' : $type; } // -------------------------------------------------------------------- @@ -474,7 +469,5 @@ class CI_Encrypt { } } -// END CI_Encrypt class - /* End of file Encrypt.php */ /* Location: ./system/libraries/Encrypt.php */ -- cgit v1.2.3-24-g4f1b From d655a997f7b98da29ea932084e2fb50956188141 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 10 Jan 2012 22:31:29 +0200 Subject: Two returns --- system/libraries/Encrypt.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 63e3bb55e..8cb4b1b19 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -180,7 +180,6 @@ class CI_Encrypt { $key = $this->get_key($key); $dec = base64_decode($string); - if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) { return FALSE; @@ -419,7 +418,7 @@ class CI_Encrypt { { if ($this->_mcrypt_cipher == '') { - $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; + return $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; } return $this->_mcrypt_cipher; @@ -436,7 +435,7 @@ class CI_Encrypt { { if ($this->_mcrypt_mode == '') { - $this->_mcrypt_mode = MCRYPT_MODE_CBC; + return $this->_mcrypt_mode = MCRYPT_MODE_CBC; } return $this->_mcrypt_mode; -- cgit v1.2.3-24-g4f1b From f4cb94ef0fdc81f6d9d908a4a2d2efda62add379 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 19 Jan 2012 15:16:55 +0200 Subject: Some more cleaning --- system/libraries/Encrypt.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 8cb4b1b19..7c8720fd6 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -9,7 +9,7 @@ * Licensed under the Open Software License version 3.0 * * This source file is subject to the Open Software License (OSL 3.0) that is - * bundled with this package in the files license.txt / license.rst. It is + * bundled with this package in the files license.txt / license.rst. It is * also available through the world wide web at this URL: * http://opensource.org/licenses/OSL-3.0 * If you did not receive a copy of the license and are unable to obtain it @@ -25,8 +25,6 @@ * @filesource */ -// ------------------------------------------------------------------------ - /** * CodeIgniter Encryption Class * @@ -447,7 +445,7 @@ class CI_Encrypt { * Set the Hash type * * @param string - * @return string + * @return void */ public function set_hash($type = 'sha1') { -- cgit v1.2.3-24-g4f1b From ed6531362e9eb98eeb477c63e3c365f79333e724 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 24 Jan 2012 15:26:42 +0200 Subject: Revert a space in the license agreement :) --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 7c8720fd6..f6eea3b7e 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -9,7 +9,7 @@ * Licensed under the Open Software License version 3.0 * * This source file is subject to the Open Software License (OSL 3.0) that is - * bundled with this package in the files license.txt / license.rst. It is + * bundled with this package in the files license.txt / license.rst. It is * also available through the world wide web at this URL: * http://opensource.org/licenses/OSL-3.0 * If you did not receive a copy of the license and are unable to obtain it -- cgit v1.2.3-24-g4f1b From 07c1ac830b4e98aa40f48baef3dd05fb68c0a836 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Fri, 9 Mar 2012 17:03:37 +0000 Subject: Bumped CodeIgniter's PHP requirement to 5.2.4. Yes I know PHP 5.4 just came out, and yes I know PHP 5.3 has lovely features, but there are plenty of corporate systems running on CodeIgniter and PHP 5.3 still is not widely supported enough. CodeIgniter is great for distributed applications, and this is the highest we can reasonably go without breaking support. PHP 5.3 will most likely happen in another year or so. Fingers crossed on that one anyway... --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 0b0618991..b29eb470e 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * -- cgit v1.2.3-24-g4f1b From 38d0e93746f13b12af360eb614ba5353e93ecf83 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 3 Apr 2012 19:27:45 +0300 Subject: Some very minor code style changes and comment fixes --- system/libraries/Encrypt.php | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index b29eb470e..54b5bf737 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -38,15 +38,15 @@ */ class CI_Encrypt { - public $encryption_key = ''; - protected $_hash_type = 'sha1'; - protected $_mcrypt_exists = FALSE; + public $encryption_key = ''; + protected $_hash_type = 'sha1'; + protected $_mcrypt_exists = FALSE; protected $_mcrypt_cipher; protected $_mcrypt_mode; public function __construct() { - $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; + $this->_mcrypt_exists = function_exists('mcrypt_encrypt'); log_message('debug', 'Encrypt Class Initialized'); } @@ -349,8 +349,8 @@ class CI_Encrypt { * * Function description * - * @param type - * @return type + * @param string + * @return string */ protected function _remove_cipher_noise($data, $key) { @@ -382,8 +382,8 @@ class CI_Encrypt { /** * Set the Mcrypt Cipher * - * @param constant - * @return string + * @param int + * @return object */ public function set_cipher($cipher) { @@ -396,8 +396,8 @@ class CI_Encrypt { /** * Set the Mcrypt Mode * - * @param constant - * @return string + * @param int + * @return object */ public function set_mode($mode) { @@ -410,7 +410,7 @@ class CI_Encrypt { /** * Get Mcrypt cipher Value * - * @return string + * @return int */ protected function _get_cipher() { @@ -427,7 +427,7 @@ class CI_Encrypt { /** * Get Mcrypt Mode Value * - * @return string + * @return int */ protected function _get_mode() { @@ -464,7 +464,8 @@ class CI_Encrypt { { return ($this->_hash_type === 'sha1') ? sha1($str) : md5($str); } + } /* End of file Encrypt.php */ -/* Location: ./system/libraries/Encrypt.php */ +/* Location: ./system/libraries/Encrypt.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b