From b0dd10f8171945e0c1f3527dd1e9d18b043e01a7 Mon Sep 17 00:00:00 2001 From: admin Date: Fri, 25 Aug 2006 17:25:49 +0000 Subject: Initial Import --- system/libraries/Encrypt.php | 378 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 378 insertions(+) create mode 100644 system/libraries/Encrypt.php (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php new file mode 100644 index 000000000..532bfe1f1 --- /dev/null +++ b/system/libraries/Encrypt.php @@ -0,0 +1,378 @@ +_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; + log_message('debug', "Encrypt Class Initialized"); + } + // END CI_Encrypt() + + // -------------------------------------------------------------------- + + /** + * Fetch the encryption key + * + * Returns it as MD5 in order to have an exact-length 128 bit key. + * Mcrypt is sensitive to keys that are not the correct length + * + * @access public + * @param string + * @return string + */ + function get_key($key = '') + { + if ($key == '') + { + $obj =& get_instance(); + $key = $obj->config->item('encryption_key'); + + if ($key === FALSE) + { + show_error('In order to use the encryption class requires that you set an encryption key in your config file.'); + } + } + + return md5($key); + } + // END get_key() + + // -------------------------------------------------------------------- + + /** + * Encode + * + * Encodes the message string using bitwise XOR encoding. + * The key is combined with a random hash, and then it + * too gets converted using XOR. The whole thing is then run + * through mcrypt (if supported) using the randomized key. + * The end result is a double-encrypted message string + * that is randomized with each call to this function, + * even if the supplied message and key are the same. + * + * @access public + * @param string the string to encode + * @param string the key + * @return string + */ + function encode($string, $key = '') + { + $key = $this->get_key($key); + $enc = $this->_xor_encode($string, $key); + + if ($this->_mcrypt_exists === TRUE) + { + $enc = $this->mcrypt_encode($enc, $key); + } + return base64_encode($enc); + } + // END encode() + + // -------------------------------------------------------------------- + + /** + * Decode + * + * Reverses the above process + * + * @access public + * @param string + * @param string + * @return string + */ + function decode($string, $key = '') + { + $key = $this->get_key($key); + $dec = base64_decode($string); + + if ($dec === FALSE) + { + return FALSE; + } + + if ($this->_mcrypt_exists === TRUE) + { + $dec = $this->mcrypt_decode($dec, $key); + } + + return $this->_xor_decode($dec, $key); + } + // END decode() + + // -------------------------------------------------------------------- + + /** + * XOR Encode + * + * Takes a plain-text string and key as input and generates an + * encoded bit-string using XOR + * + * @access private + * @param string + * @param string + * @return string + */ + function _xor_encode($string, $key) + { + $rand = ''; + while (strlen($rand) < 32) + { + $rand .= mt_rand(0, mt_getrandmax()); + } + + $rand = $this->hash($rand); + + $enc = ''; + for ($i = 0; $i < strlen($string); $i++) + { + $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1)); + } + + return $this->_xor_merge($enc, $key); + } + // END _xor_encode() + + // -------------------------------------------------------------------- + + /** + * XOR Decode + * + * Takes an encoded string and key as input and generates the + * plain-text original message + * + * @access private + * @param string + * @param string + * @return string + */ + function _xor_decode($string, $key) + { + $string = $this->_xor_merge($string, $key); + + $dec = ''; + for ($i = 0; $i < strlen($string); $i++) + { + $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1)); + } + + return $dec; + } + // END _xor_decode() + + // -------------------------------------------------------------------- + + /** + * XOR key + string Combiner + * + * Takes a string and key as input and computes the difference using XOR + * + * @access private + * @param string + * @param string + * @return string + */ + function _xor_merge($string, $key) + { + $hash = $this->hash($key); + $str = ''; + for ($i = 0; $i < strlen($string); $i++) + { + $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1); + } + + return $str; + } + // END _xor_merge() + + // -------------------------------------------------------------------- + + /** + * Encrypt using Mcrypt + * + * @access public + * @param string + * @param string + * @return string + */ + function mcrypt_encode($data, $key) + { + $this->_get_mcrypt(); + $init_size = mcrypt_get_iv_size($this->_mcrypt_cipher, $this->_mcrypt_mode); + $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); + return mcrypt_encrypt($this->_mcrypt_cipher, $key, $data, $this->_mcrypt_mode, $init_vect); + } + // END mcrypt_encode() + + // -------------------------------------------------------------------- + + /** + * Decrypt using Mcrypt + * + * @access public + * @param string + * @param string + * @return string + */ + function mcrypt_decode($data, $key) + { + $this->_get_mcrypt(); + $init_size = mcrypt_get_iv_size($this->_mcrypt_cipher, $this->_mcrypt_mode); + $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); + return rtrim(mcrypt_decrypt($this->_mcrypt_cipher, $key, $data, $this->_mcrypt_mode, $init_vect), "\0"); + } + // END mcrypt_decode() + + // -------------------------------------------------------------------- + + /** + * Set the Mcrypt Cypher + * + * @access public + * @param constant + * @return string + */ + function set_cypher($cypher) + { + $this->_mcrypt_cipher = $cypher; + } + // END set_cypher() + + // -------------------------------------------------------------------- + + /** + * Set the Mcrypt Mode + * + * @access public + * @param constant + * @return string + */ + function set_mode($mode) + { + $this->_mcrypt_mode = $mode; + } + // END set_mode() + + // -------------------------------------------------------------------- + + /** + * Get Mcrypt value + * + * @access private + * @param string + * @return string + */ + function _get_mcrypt() + { + if ($this->_mcrypt_cipher == '') + { + $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; + } + if ($this->_mcrypt_mode == '') + { + $this->_mcrypt_mode = MCRYPT_MODE_ECB; + } + } + // END _get_mcrypt() + + // -------------------------------------------------------------------- + + /** + * Set the Hash type + * + * @access public + * @param string + * @return string + */ + function set_hash($type = 'sha1') + { + $this->_hash_type = ($type != 'sha1' OR $type != 'md5') ? 'sha1' : $type; + } + // END set_hash() + + // -------------------------------------------------------------------- + + /** + * Hash encode a string + * + * @access public + * @param string + * @return string + */ + function hash($str) + { + return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str); + } + // END hash() + + // -------------------------------------------------------------------- + + /** + * Generate an SHA1 Hash + * + * @access public + * @param string + * @return string + */ + function sha1($str) + { + if ( ! function_exists('sha1')) + { + if ( ! function_exists('mhash')) + { + require_once(BASEPATH.'libraries/Sha1'.EXT); + $SH = new CI_SHA; + return $SH->generate($str); + } + else + { + return bin2hex(mhash(MHASH_SHA1, $str)); + } + } + else + { + return sha1($str); + } + } + // END sha1() + +} + +// END CI_Encrypt class +?> \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 141808ad31d4eefad4c6c3dbaf8306fac2342668 Mon Sep 17 00:00:00 2001 From: admin Date: Sun, 27 Aug 2006 01:52:51 +0000 Subject: --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 532bfe1f1..bcffdf1ab 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -322,7 +322,7 @@ class CI_Encrypt { */ function set_hash($type = 'sha1') { - $this->_hash_type = ($type != 'sha1' OR $type != 'md5') ? 'sha1' : $type; + $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type; } // END set_hash() -- cgit v1.2.3-24-g4f1b From e79dc7130a0003a07833609487b8ebb5ebcf31c8 Mon Sep 17 00:00:00 2001 From: admin Date: Tue, 26 Sep 2006 03:52:45 +0000 Subject: --- system/libraries/Encrypt.php | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index bcffdf1ab..446f64aa6 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -13,6 +13,11 @@ * @filesource */ +// INITIALIZE THE CLASS --------------------------------------------------- + +$obj =& get_instance(); +$obj->encrypt =& new CI_Encrypt(); + // ------------------------------------------------------------------------ /** -- cgit v1.2.3-24-g4f1b From 7981a9a752c339611ae10a252469f9dbc266fb96 Mon Sep 17 00:00:00 2001 From: admin Date: Tue, 26 Sep 2006 07:52:09 +0000 Subject: --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 446f64aa6..6a3ca17b0 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -16,7 +16,7 @@ // INITIALIZE THE CLASS --------------------------------------------------- $obj =& get_instance(); -$obj->encrypt =& new CI_Encrypt(); +$obj->init_class('CI_Encrypt'); // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 33de9a144aad28763405f8ae2d5c59df5e929b4f Mon Sep 17 00:00:00 2001 From: admin Date: Thu, 28 Sep 2006 06:50:16 +0000 Subject: --- system/libraries/Encrypt.php | 5 ----- 1 file changed, 5 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 6a3ca17b0..abc769460 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -12,11 +12,6 @@ * @since Version 1.0 * @filesource */ - -// INITIALIZE THE CLASS --------------------------------------------------- - -$obj =& get_instance(); -$obj->init_class('CI_Encrypt'); // ------------------------------------------------------------------------ -- cgit v1.2.3-24-g4f1b From 3ed8c51254a5b26d951fa675802fcf69adf9638e Mon Sep 17 00:00:00 2001 From: admin Date: Fri, 29 Sep 2006 23:26:28 +0000 Subject: --- system/libraries/Encrypt.php | 35 ++++++++++++++++++++--------------- 1 file changed, 20 insertions(+), 15 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index abc769460..537b1ab20 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -27,6 +27,7 @@ * @link http://www.codeigniter.com/user_guide/libraries/encryption.html */ class CI_Encrypt { + var $encryption_key = ''; var $_hash_type = 'sha1'; var $_mcrypt_exists = FALSE; var $_mcrypt_cipher; @@ -43,7 +44,6 @@ class CI_Encrypt { $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; log_message('debug', "Encrypt Class Initialized"); } - // END CI_Encrypt() // -------------------------------------------------------------------- @@ -61,6 +61,11 @@ class CI_Encrypt { { if ($key == '') { + if ($this->encryption_key != '') + { + return $this->encryption_key; + } + $obj =& get_instance(); $key = $obj->config->item('encryption_key'); @@ -72,7 +77,20 @@ class CI_Encrypt { return md5($key); } - // END get_key() + + // -------------------------------------------------------------------- + + /** + * Set the encryption key + * + * @access public + * @param string + * @return void + */ + function set_key($key = '') + { + $this->encryption_key = $key; + } // -------------------------------------------------------------------- @@ -103,7 +121,6 @@ class CI_Encrypt { } return base64_encode($enc); } - // END encode() // -------------------------------------------------------------------- @@ -134,7 +151,6 @@ class CI_Encrypt { return $this->_xor_decode($dec, $key); } - // END decode() // -------------------------------------------------------------------- @@ -167,7 +183,6 @@ class CI_Encrypt { return $this->_xor_merge($enc, $key); } - // END _xor_encode() // -------------------------------------------------------------------- @@ -194,7 +209,6 @@ class CI_Encrypt { return $dec; } - // END _xor_decode() // -------------------------------------------------------------------- @@ -219,7 +233,6 @@ class CI_Encrypt { return $str; } - // END _xor_merge() // -------------------------------------------------------------------- @@ -238,7 +251,6 @@ class CI_Encrypt { $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); return mcrypt_encrypt($this->_mcrypt_cipher, $key, $data, $this->_mcrypt_mode, $init_vect); } - // END mcrypt_encode() // -------------------------------------------------------------------- @@ -257,7 +269,6 @@ class CI_Encrypt { $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); return rtrim(mcrypt_decrypt($this->_mcrypt_cipher, $key, $data, $this->_mcrypt_mode, $init_vect), "\0"); } - // END mcrypt_decode() // -------------------------------------------------------------------- @@ -272,7 +283,6 @@ class CI_Encrypt { { $this->_mcrypt_cipher = $cypher; } - // END set_cypher() // -------------------------------------------------------------------- @@ -287,7 +297,6 @@ class CI_Encrypt { { $this->_mcrypt_mode = $mode; } - // END set_mode() // -------------------------------------------------------------------- @@ -309,7 +318,6 @@ class CI_Encrypt { $this->_mcrypt_mode = MCRYPT_MODE_ECB; } } - // END _get_mcrypt() // -------------------------------------------------------------------- @@ -324,7 +332,6 @@ class CI_Encrypt { { $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type; } - // END set_hash() // -------------------------------------------------------------------- @@ -339,7 +346,6 @@ class CI_Encrypt { { return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str); } - // END hash() // -------------------------------------------------------------------- @@ -370,7 +376,6 @@ class CI_Encrypt { return sha1($str); } } - // END sha1() } -- cgit v1.2.3-24-g4f1b From 88a8ad187b13b36d6120eae2344fe16c3a76219d Mon Sep 17 00:00:00 2001 From: admin Date: Sat, 7 Oct 2006 03:16:32 +0000 Subject: --- system/libraries/Encrypt.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 537b1ab20..2a1de6f37 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -66,8 +66,8 @@ class CI_Encrypt { return $this->encryption_key; } - $obj =& get_instance(); - $key = $obj->config->item('encryption_key'); + $CI =& get_instance(); + $key = $CI->config->item('encryption_key'); if ($key === FALSE) { -- cgit v1.2.3-24-g4f1b From 10c3f41cbe5bd3bb66fd106cc9fb171ffcc7364b Mon Sep 17 00:00:00 2001 From: admin Date: Sun, 8 Oct 2006 07:21:12 +0000 Subject: --- system/libraries/Encrypt.php | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 2a1de6f37..50b3fab39 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -27,6 +27,7 @@ * @link http://www.codeigniter.com/user_guide/libraries/encryption.html */ class CI_Encrypt { + var $encryption_key = ''; var $_hash_type = 'sha1'; var $_mcrypt_exists = FALSE; @@ -246,10 +247,9 @@ class CI_Encrypt { */ function mcrypt_encode($data, $key) { - $this->_get_mcrypt(); - $init_size = mcrypt_get_iv_size($this->_mcrypt_cipher, $this->_mcrypt_mode); + $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); - return mcrypt_encrypt($this->_mcrypt_cipher, $key, $data, $this->_mcrypt_mode, $init_vect); + return mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect); } // -------------------------------------------------------------------- @@ -264,10 +264,9 @@ class CI_Encrypt { */ function mcrypt_decode($data, $key) { - $this->_get_mcrypt(); - $init_size = mcrypt_get_iv_size($this->_mcrypt_cipher, $this->_mcrypt_mode); + $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); - return rtrim(mcrypt_decrypt($this->_mcrypt_cipher, $key, $data, $this->_mcrypt_mode, $init_vect), "\0"); + return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0"); } // -------------------------------------------------------------------- @@ -301,22 +300,37 @@ class CI_Encrypt { // -------------------------------------------------------------------- /** - * Get Mcrypt value + * Get Mcrypt Cypher Value * * @access private - * @param string * @return string */ - function _get_mcrypt() + function _get_cypher() { if ($this->_mcrypt_cipher == '') { $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; } + + return $this->_mcrypt_cipher; + } + + // -------------------------------------------------------------------- + + /** + * Get Mcrypt MOde Value + * + * @access private + * @return string + */ + function _get_mode() + { if ($this->_mcrypt_mode == '') { $this->_mcrypt_mode = MCRYPT_MODE_ECB; } + + return $this->_mcrypt_mode; } // -------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 9fa003797d794a63aa58356926fac9649269c668 Mon Sep 17 00:00:00 2001 From: admin Date: Thu, 12 Oct 2006 18:20:13 +0000 Subject: --- system/libraries/Encrypt.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 50b3fab39..b7dba2523 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -272,15 +272,15 @@ class CI_Encrypt { // -------------------------------------------------------------------- /** - * Set the Mcrypt Cypher + * Set the Mcrypt Cipher * * @access public * @param constant * @return string */ - function set_cypher($cypher) + function set_cipher($cipher) { - $this->_mcrypt_cipher = $cypher; + $this->_mcrypt_cipher = $cipher; } // -------------------------------------------------------------------- @@ -300,12 +300,12 @@ class CI_Encrypt { // -------------------------------------------------------------------- /** - * Get Mcrypt Cypher Value + * Get Mcrypt cipher Value * * @access private * @return string */ - function _get_cypher() + function _get_cipher() { if ($this->_mcrypt_cipher == '') { -- cgit v1.2.3-24-g4f1b From e334c472fb4be44feec3a73402fc4a2b062cbfc0 Mon Sep 17 00:00:00 2001 From: admin Date: Sat, 21 Oct 2006 19:44:22 +0000 Subject: --- system/libraries/Encrypt.php | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index b7dba2523..0f860a967 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -7,7 +7,7 @@ * @package CodeIgniter * @author Rick Ellis * @copyright Copyright (c) 2006, pMachine, Inc. - * @license http://www.codeignitor.com/user_guide/license.html + * @license http://www.codeignitor.com/user_guide/license.html * @link http://www.codeigniter.com * @since Version 1.0 * @filesource @@ -98,12 +98,12 @@ class CI_Encrypt { /** * Encode * - * Encodes the message string using bitwise XOR encoding. - * The key is combined with a random hash, and then it - * too gets converted using XOR. The whole thing is then run - * through mcrypt (if supported) using the randomized key. - * The end result is a double-encrypted message string - * that is randomized with each call to this function, + * Encodes the message string using bitwise XOR encoding. + * The key is combined with a random hash, and then it + * too gets converted using XOR. The whole thing is then run + * through mcrypt (if supported) using the randomized key. + * The end result is a double-encrypted message string + * that is randomized with each call to this function, * even if the supplied message and key are the same. * * @access public @@ -169,8 +169,8 @@ class CI_Encrypt { function _xor_encode($string, $key) { $rand = ''; - while (strlen($rand) < 32) - { + while (strlen($rand) < 32) + { $rand .= mt_rand(0, mt_getrandmax()); } @@ -190,7 +190,7 @@ class CI_Encrypt { /** * XOR Decode * - * Takes an encoded string and key as input and generates the + * Takes an encoded string and key as input and generates the * plain-text original message * * @access private @@ -245,7 +245,7 @@ class CI_Encrypt { * @param string * @return string */ - function mcrypt_encode($data, $key) + function mcrypt_encode($data, $key) { $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); @@ -262,7 +262,7 @@ class CI_Encrypt { * @param string * @return string */ - function mcrypt_decode($data, $key) + function mcrypt_decode($data, $key) { $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); @@ -307,7 +307,7 @@ class CI_Encrypt { */ function _get_cipher() { - if ($this->_mcrypt_cipher == '') + if ($this->_mcrypt_cipher == '') { $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; } @@ -325,7 +325,7 @@ class CI_Encrypt { */ function _get_mode() { - if ($this->_mcrypt_mode == '') + if ($this->_mcrypt_mode == '') { $this->_mcrypt_mode = MCRYPT_MODE_ECB; } @@ -378,7 +378,7 @@ class CI_Encrypt { { require_once(BASEPATH.'libraries/Sha1'.EXT); $SH = new CI_SHA; - return $SH->generate($str); + return $SH->generate($str); } else { @@ -389,7 +389,7 @@ class CI_Encrypt { { return sha1($str); } - } + } } -- cgit v1.2.3-24-g4f1b From d2df9bc7cc9d4b3e53818470c5d0977c9a36677c Mon Sep 17 00:00:00 2001 From: Derek Allard Date: Sun, 15 Apr 2007 17:41:17 +0000 Subject: update pMachine to EllisLab update copyright year update Code Igniter to CodeIgniter --- system/libraries/Encrypt.php | 792 +++++++++++++++++++++---------------------- 1 file changed, 396 insertions(+), 396 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 0f860a967..758c0f0a5 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -1,397 +1,397 @@ -_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; - log_message('debug', "Encrypt Class Initialized"); - } - - // -------------------------------------------------------------------- - - /** - * Fetch the encryption key - * - * Returns it as MD5 in order to have an exact-length 128 bit key. - * Mcrypt is sensitive to keys that are not the correct length - * - * @access public - * @param string - * @return string - */ - function get_key($key = '') - { - if ($key == '') - { - if ($this->encryption_key != '') - { - return $this->encryption_key; - } - - $CI =& get_instance(); - $key = $CI->config->item('encryption_key'); - - if ($key === FALSE) - { - show_error('In order to use the encryption class requires that you set an encryption key in your config file.'); - } - } - - return md5($key); - } - - // -------------------------------------------------------------------- - - /** - * Set the encryption key - * - * @access public - * @param string - * @return void - */ - function set_key($key = '') - { - $this->encryption_key = $key; - } - - // -------------------------------------------------------------------- - - /** - * Encode - * - * Encodes the message string using bitwise XOR encoding. - * The key is combined with a random hash, and then it - * too gets converted using XOR. The whole thing is then run - * through mcrypt (if supported) using the randomized key. - * The end result is a double-encrypted message string - * that is randomized with each call to this function, - * even if the supplied message and key are the same. - * - * @access public - * @param string the string to encode - * @param string the key - * @return string - */ - function encode($string, $key = '') - { - $key = $this->get_key($key); - $enc = $this->_xor_encode($string, $key); - - if ($this->_mcrypt_exists === TRUE) - { - $enc = $this->mcrypt_encode($enc, $key); - } - return base64_encode($enc); - } - - // -------------------------------------------------------------------- - - /** - * Decode - * - * Reverses the above process - * - * @access public - * @param string - * @param string - * @return string - */ - function decode($string, $key = '') - { - $key = $this->get_key($key); - $dec = base64_decode($string); - - if ($dec === FALSE) - { - return FALSE; - } - - if ($this->_mcrypt_exists === TRUE) - { - $dec = $this->mcrypt_decode($dec, $key); - } - - return $this->_xor_decode($dec, $key); - } - - // -------------------------------------------------------------------- - - /** - * XOR Encode - * - * Takes a plain-text string and key as input and generates an - * encoded bit-string using XOR - * - * @access private - * @param string - * @param string - * @return string - */ - function _xor_encode($string, $key) - { - $rand = ''; - while (strlen($rand) < 32) - { - $rand .= mt_rand(0, mt_getrandmax()); - } - - $rand = $this->hash($rand); - - $enc = ''; - for ($i = 0; $i < strlen($string); $i++) - { - $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1)); - } - - return $this->_xor_merge($enc, $key); - } - - // -------------------------------------------------------------------- - - /** - * XOR Decode - * - * Takes an encoded string and key as input and generates the - * plain-text original message - * - * @access private - * @param string - * @param string - * @return string - */ - function _xor_decode($string, $key) - { - $string = $this->_xor_merge($string, $key); - - $dec = ''; - for ($i = 0; $i < strlen($string); $i++) - { - $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1)); - } - - return $dec; - } - - // -------------------------------------------------------------------- - - /** - * XOR key + string Combiner - * - * Takes a string and key as input and computes the difference using XOR - * - * @access private - * @param string - * @param string - * @return string - */ - function _xor_merge($string, $key) - { - $hash = $this->hash($key); - $str = ''; - for ($i = 0; $i < strlen($string); $i++) - { - $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1); - } - - return $str; - } - - // -------------------------------------------------------------------- - - /** - * Encrypt using Mcrypt - * - * @access public - * @param string - * @param string - * @return string - */ - function mcrypt_encode($data, $key) - { - $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); - $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); - return mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect); - } - - // -------------------------------------------------------------------- - - /** - * Decrypt using Mcrypt - * - * @access public - * @param string - * @param string - * @return string - */ - function mcrypt_decode($data, $key) - { - $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); - $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); - return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0"); - } - - // -------------------------------------------------------------------- - - /** - * Set the Mcrypt Cipher - * - * @access public - * @param constant - * @return string - */ - function set_cipher($cipher) - { - $this->_mcrypt_cipher = $cipher; - } - - // -------------------------------------------------------------------- - - /** - * Set the Mcrypt Mode - * - * @access public - * @param constant - * @return string - */ - function set_mode($mode) - { - $this->_mcrypt_mode = $mode; - } - - // -------------------------------------------------------------------- - - /** - * Get Mcrypt cipher Value - * - * @access private - * @return string - */ - function _get_cipher() - { - if ($this->_mcrypt_cipher == '') - { - $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; - } - - return $this->_mcrypt_cipher; - } - - // -------------------------------------------------------------------- - - /** - * Get Mcrypt MOde Value - * - * @access private - * @return string - */ - function _get_mode() - { - if ($this->_mcrypt_mode == '') - { - $this->_mcrypt_mode = MCRYPT_MODE_ECB; - } - - return $this->_mcrypt_mode; - } - - // -------------------------------------------------------------------- - - /** - * Set the Hash type - * - * @access public - * @param string - * @return string - */ - function set_hash($type = 'sha1') - { - $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type; - } - - // -------------------------------------------------------------------- - - /** - * Hash encode a string - * - * @access public - * @param string - * @return string - */ - function hash($str) - { - return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str); - } - - // -------------------------------------------------------------------- - - /** - * Generate an SHA1 Hash - * - * @access public - * @param string - * @return string - */ - function sha1($str) - { - if ( ! function_exists('sha1')) - { - if ( ! function_exists('mhash')) - { - require_once(BASEPATH.'libraries/Sha1'.EXT); - $SH = new CI_SHA; - return $SH->generate($str); - } - else - { - return bin2hex(mhash(MHASH_SHA1, $str)); - } - } - else - { - return sha1($str); - } - } - -} - -// END CI_Encrypt class +_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; + log_message('debug', "Encrypt Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Fetch the encryption key + * + * Returns it as MD5 in order to have an exact-length 128 bit key. + * Mcrypt is sensitive to keys that are not the correct length + * + * @access public + * @param string + * @return string + */ + function get_key($key = '') + { + if ($key == '') + { + if ($this->encryption_key != '') + { + return $this->encryption_key; + } + + $CI =& get_instance(); + $key = $CI->config->item('encryption_key'); + + if ($key === FALSE) + { + show_error('In order to use the encryption class requires that you set an encryption key in your config file.'); + } + } + + return md5($key); + } + + // -------------------------------------------------------------------- + + /** + * Set the encryption key + * + * @access public + * @param string + * @return void + */ + function set_key($key = '') + { + $this->encryption_key = $key; + } + + // -------------------------------------------------------------------- + + /** + * Encode + * + * Encodes the message string using bitwise XOR encoding. + * The key is combined with a random hash, and then it + * too gets converted using XOR. The whole thing is then run + * through mcrypt (if supported) using the randomized key. + * The end result is a double-encrypted message string + * that is randomized with each call to this function, + * even if the supplied message and key are the same. + * + * @access public + * @param string the string to encode + * @param string the key + * @return string + */ + function encode($string, $key = '') + { + $key = $this->get_key($key); + $enc = $this->_xor_encode($string, $key); + + if ($this->_mcrypt_exists === TRUE) + { + $enc = $this->mcrypt_encode($enc, $key); + } + return base64_encode($enc); + } + + // -------------------------------------------------------------------- + + /** + * Decode + * + * Reverses the above process + * + * @access public + * @param string + * @param string + * @return string + */ + function decode($string, $key = '') + { + $key = $this->get_key($key); + $dec = base64_decode($string); + + if ($dec === FALSE) + { + return FALSE; + } + + if ($this->_mcrypt_exists === TRUE) + { + $dec = $this->mcrypt_decode($dec, $key); + } + + return $this->_xor_decode($dec, $key); + } + + // -------------------------------------------------------------------- + + /** + * XOR Encode + * + * Takes a plain-text string and key as input and generates an + * encoded bit-string using XOR + * + * @access private + * @param string + * @param string + * @return string + */ + function _xor_encode($string, $key) + { + $rand = ''; + while (strlen($rand) < 32) + { + $rand .= mt_rand(0, mt_getrandmax()); + } + + $rand = $this->hash($rand); + + $enc = ''; + for ($i = 0; $i < strlen($string); $i++) + { + $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1)); + } + + return $this->_xor_merge($enc, $key); + } + + // -------------------------------------------------------------------- + + /** + * XOR Decode + * + * Takes an encoded string and key as input and generates the + * plain-text original message + * + * @access private + * @param string + * @param string + * @return string + */ + function _xor_decode($string, $key) + { + $string = $this->_xor_merge($string, $key); + + $dec = ''; + for ($i = 0; $i < strlen($string); $i++) + { + $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1)); + } + + return $dec; + } + + // -------------------------------------------------------------------- + + /** + * XOR key + string Combiner + * + * Takes a string and key as input and computes the difference using XOR + * + * @access private + * @param string + * @param string + * @return string + */ + function _xor_merge($string, $key) + { + $hash = $this->hash($key); + $str = ''; + for ($i = 0; $i < strlen($string); $i++) + { + $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Encrypt using Mcrypt + * + * @access public + * @param string + * @param string + * @return string + */ + function mcrypt_encode($data, $key) + { + $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); + $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); + return mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect); + } + + // -------------------------------------------------------------------- + + /** + * Decrypt using Mcrypt + * + * @access public + * @param string + * @param string + * @return string + */ + function mcrypt_decode($data, $key) + { + $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); + $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); + return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0"); + } + + // -------------------------------------------------------------------- + + /** + * Set the Mcrypt Cipher + * + * @access public + * @param constant + * @return string + */ + function set_cipher($cipher) + { + $this->_mcrypt_cipher = $cipher; + } + + // -------------------------------------------------------------------- + + /** + * Set the Mcrypt Mode + * + * @access public + * @param constant + * @return string + */ + function set_mode($mode) + { + $this->_mcrypt_mode = $mode; + } + + // -------------------------------------------------------------------- + + /** + * Get Mcrypt cipher Value + * + * @access private + * @return string + */ + function _get_cipher() + { + if ($this->_mcrypt_cipher == '') + { + $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; + } + + return $this->_mcrypt_cipher; + } + + // -------------------------------------------------------------------- + + /** + * Get Mcrypt MOde Value + * + * @access private + * @return string + */ + function _get_mode() + { + if ($this->_mcrypt_mode == '') + { + $this->_mcrypt_mode = MCRYPT_MODE_ECB; + } + + return $this->_mcrypt_mode; + } + + // -------------------------------------------------------------------- + + /** + * Set the Hash type + * + * @access public + * @param string + * @return string + */ + function set_hash($type = 'sha1') + { + $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type; + } + + // -------------------------------------------------------------------- + + /** + * Hash encode a string + * + * @access public + * @param string + * @return string + */ + function hash($str) + { + return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str); + } + + // -------------------------------------------------------------------- + + /** + * Generate an SHA1 Hash + * + * @access public + * @param string + * @return string + */ + function sha1($str) + { + if ( ! function_exists('sha1')) + { + if ( ! function_exists('mhash')) + { + require_once(BASEPATH.'libraries/Sha1'.EXT); + $SH = new CI_SHA; + return $SH->generate($str); + } + else + { + return bin2hex(mhash(MHASH_SHA1, $str)); + } + } + else + { + return sha1($str); + } + } + +} + +// END CI_Encrypt class ?> \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 83ec240297a25342748846df84ad3c5ecb7cd623 Mon Sep 17 00:00:00 2001 From: Derek Allard Date: Mon, 18 Jun 2007 00:14:44 +0000 Subject: typo in comments --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 758c0f0a5..dc952dde3 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -318,7 +318,7 @@ class CI_Encrypt { // -------------------------------------------------------------------- /** - * Get Mcrypt MOde Value + * Get Mcrypt Mode Value * * @access private * @return string -- cgit v1.2.3-24-g4f1b From 6838f00a708f53f834fb8a98af560177db1d1454 Mon Sep 17 00:00:00 2001 From: Derek Allard Date: Thu, 4 Oct 2007 19:29:59 +0000 Subject: Fixed a typo in the docblock comments that had CodeIgniter spelled CodeIgnitor. --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index dc952dde3..e5ad78c11 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -7,7 +7,7 @@ * @package CodeIgniter * @author Rick Ellis * @copyright Copyright (c) 2006, EllisLab, Inc. - * @license http://www.codeignitor.com/user_guide/license.html + * @license http://www.codeigniter.com/user_guide/license.html * @link http://www.codeigniter.com * @since Version 1.0 * @filesource -- cgit v1.2.3-24-g4f1b From d32d45c350ac692db6397648d77b8b0d69ef7923 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Thu, 17 Jan 2008 19:21:03 +0000 Subject: fixed bug #3003 preventing encryption from working with modes other than MCRYPT_MODE_ECB. Also added some noise to the cipher so the IV can safely be transported along with the encrypted data. --- system/libraries/Encrypt.php | 77 ++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 75 insertions(+), 2 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index e5ad78c11..5b2b7c017 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -249,7 +249,7 @@ class CI_Encrypt { { $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); - return mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect); + return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key); } // -------------------------------------------------------------------- @@ -264,13 +264,86 @@ class CI_Encrypt { */ function mcrypt_decode($data, $key) { + $data = $this->_remove_cipher_noise($data, $key); $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); - $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); + $init_vect = substr($data, 0, $init_size); + $data = substr($data, $init_size); return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0"); } // -------------------------------------------------------------------- + /** + * Adds permuted noise to the IV + encrypted data to protect + * against Man-in-the-middle attacks on CBC mode ciphers + * http://www.ciphersbyritter.com/GLOSSARY.HTM#IV + * + * Function description + * + * @access private + * @param string + * @param string + * @return string + */ + function _add_cipher_noise($data, $key) + { + $keyhash = $this->hash($key); + $keylen = strlen($keyhash); + $str = ''; + + for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + { + if ($j >= $keylen) + { + $j = 0; + } + + $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Removes permuted noise from the IV + encrypted data, reversing + * _add_cipher_noise() + * + * Function description + * + * @access public + * @param type + * @return type + */ + function _remove_cipher_noise($data, $key) + { + $keyhash = $this->hash($key); + $keylen = strlen($keyhash); + $str = ''; + + for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + { + if ($j >= $keylen) + { + $j = 0; + } + + $temp = ord($data[$i]) - ord($keyhash[$j]); + + if ($temp < 0) + { + $temp = $temp + 256; + } + + $str .= chr($temp); + } + + return $str; + } + + // -------------------------------------------------------------------- + /** * Set the Mcrypt Cipher * -- cgit v1.2.3-24-g4f1b From 3d879d529107c0c9d3f1e6b894d9ed17b6e6c54f Mon Sep 17 00:00:00 2001 From: Derek Allard Date: Fri, 18 Jan 2008 19:41:32 +0000 Subject: ExpressionEngine Dev Team in credit --- system/libraries/Encrypt.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 5b2b7c017..ccc470c2b 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -5,7 +5,7 @@ * An open source application development framework for PHP 4.3.2 or newer * * @package CodeIgniter - * @author Rick Ellis + * @author ExpressionEngine Dev Team * @copyright Copyright (c) 2006, EllisLab, Inc. * @license http://www.codeigniter.com/user_guide/license.html * @link http://www.codeigniter.com @@ -23,7 +23,7 @@ * @package CodeIgniter * @subpackage Libraries * @category Libraries - * @author Rick Ellis + * @author ExpressionEngine Dev Team * @link http://www.codeigniter.com/user_guide/libraries/encryption.html */ class CI_Encrypt { -- cgit v1.2.3-24-g4f1b From 7a9193afa6d890a91eb3528fa0e62df799b07ed6 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Mon, 21 Jan 2008 18:39:20 +0000 Subject: replaced www.codeigniter.com with codeigniter.com --- system/libraries/Encrypt.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index ccc470c2b..b533c0438 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -7,8 +7,8 @@ * @package CodeIgniter * @author ExpressionEngine Dev Team * @copyright Copyright (c) 2006, EllisLab, Inc. - * @license http://www.codeigniter.com/user_guide/license.html - * @link http://www.codeigniter.com + * @license http://codeigniter.com/user_guide/license.html + * @link http://codeigniter.com * @since Version 1.0 * @filesource */ @@ -24,7 +24,7 @@ * @subpackage Libraries * @category Libraries * @author ExpressionEngine Dev Team - * @link http://www.codeigniter.com/user_guide/libraries/encryption.html + * @link http://codeigniter.com/user_guide/libraries/encryption.html */ class CI_Encrypt { -- cgit v1.2.3-24-g4f1b From 15130caa8d3f4650d383647050ce918de728bc53 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Mon, 28 Jan 2008 15:54:45 +0000 Subject: * Added valid_base64() to the Validation class * Tightened up validation of the supplied string given to the decode() method of the Encryption class (#3320) --- system/libraries/Encrypt.php | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index b533c0438..48f9d3e51 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -27,7 +27,8 @@ * @link http://codeigniter.com/user_guide/libraries/encryption.html */ class CI_Encrypt { - + + var $CI; var $encryption_key = ''; var $_hash_type = 'sha1'; var $_mcrypt_exists = FALSE; @@ -42,6 +43,7 @@ class CI_Encrypt { */ function CI_Encrypt() { + $this->CI =& get_instance(); $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; log_message('debug', "Encrypt Class Initialized"); } @@ -138,16 +140,22 @@ class CI_Encrypt { function decode($string, $key = '') { $key = $this->get_key($key); - $dec = base64_decode($string); - if ($dec === FALSE) - { - return FALSE; - } + $this->CI->load->library('validation'); + if ($this->CI->validation->valid_base64($string) === FALSE) + { + return FALSE; + } + + $dec = base64_decode($string); + if ($this->_mcrypt_exists === TRUE) { - $dec = $this->mcrypt_decode($dec, $key); + if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) + { + return FALSE; + } } return $this->_xor_decode($dec, $key); @@ -266,6 +274,12 @@ class CI_Encrypt { { $data = $this->_remove_cipher_noise($data, $key); $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); + + if ($init_size > strlen($data)) + { + return FALSE; + } + $init_vect = substr($data, 0, $init_size); $data = substr($data, $init_size); return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0"); -- cgit v1.2.3-24-g4f1b From 7327499064ae165468c7440f8571c3e570b58a0b Mon Sep 17 00:00:00 2001 From: Derek Allard Date: Mon, 5 May 2008 16:39:18 +0000 Subject: Added get_dir_file_info(), get_file_info(), and get_mime_by_extension() to the File Helper. Changed ( ! condition) into (! condition) within the code --- system/libraries/Encrypt.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 48f9d3e51..9a784d254 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -44,7 +44,7 @@ class CI_Encrypt { function CI_Encrypt() { $this->CI =& get_instance(); - $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; + $this->_mcrypt_exists = (! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; log_message('debug', "Encrypt Class Initialized"); } @@ -459,9 +459,9 @@ class CI_Encrypt { */ function sha1($str) { - if ( ! function_exists('sha1')) + if (! function_exists('sha1')) { - if ( ! function_exists('mhash')) + if (! function_exists('mhash')) { require_once(BASEPATH.'libraries/Sha1'.EXT); $SH = new CI_SHA; -- cgit v1.2.3-24-g4f1b From 5583e1aae64ff7e902136c4ba610d438dc2015d4 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Sun, 11 May 2008 15:48:20 +0000 Subject: removed closing PHP tag from all framework files --- system/libraries/Encrypt.php | 1 - 1 file changed, 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 9a784d254..7463fd0a6 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -481,4 +481,3 @@ class CI_Encrypt { } // END CI_Encrypt class -?> \ No newline at end of file -- cgit v1.2.3-24-g4f1b From c7deac9f2f9e43cedb18202542e8a46061df046e Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Sun, 11 May 2008 16:27:41 +0000 Subject: Undoing change committed in r1115 --- system/libraries/Encrypt.php | 1 + 1 file changed, 1 insertion(+) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 7463fd0a6..9a784d254 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -481,3 +481,4 @@ class CI_Encrypt { } // END CI_Encrypt class +?> \ No newline at end of file -- cgit v1.2.3-24-g4f1b From a3ffbbb75ab9403941e4f810703313432b3993cc Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Sun, 11 May 2008 18:18:29 +0000 Subject: Removed closing PHP tags, replaced with a comment block identifying the end of the file --- system/libraries/Encrypt.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 9a784d254..4b13efda3 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -481,4 +481,6 @@ class CI_Encrypt { } // END CI_Encrypt class -?> \ No newline at end of file + +/* End of file Encrypt.php */ +/* Location: ./system/libraries/Encrypt.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 0b59f270a432f8c7b6128981f0a39b4a2e2fbd34 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 13 May 2008 04:22:33 +0000 Subject: Some sweeping syntax changes for consistency: (! foo) changed to ( ! foo) || changed to OR changed newline standardization code in various places from preg_replace to str_replace --- system/libraries/Encrypt.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 4b13efda3..7ad577251 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -1,4 +1,4 @@ -CI =& get_instance(); - $this->_mcrypt_exists = (! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; + $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; log_message('debug', "Encrypt Class Initialized"); } @@ -459,9 +459,9 @@ class CI_Encrypt { */ function sha1($str) { - if (! function_exists('sha1')) + if ( ! function_exists('sha1')) { - if (! function_exists('mhash')) + if ( ! function_exists('mhash')) { require_once(BASEPATH.'libraries/Sha1'.EXT); $SH = new CI_SHA; @@ -481,6 +481,6 @@ class CI_Encrypt { } // END CI_Encrypt class - -/* End of file Encrypt.php */ + +/* End of file Encrypt.php */ /* Location: ./system/libraries/Encrypt.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From e4a7db48aea75402bae7ed77846f307246a5b5fc Mon Sep 17 00:00:00 2001 From: Rick Ellis Date: Fri, 12 Sep 2008 23:35:09 +0000 Subject: updated copyright --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 7ad577251..6d0735a09 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2006, EllisLab, Inc. + * @copyright Copyright (c) 2008, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 -- cgit v1.2.3-24-g4f1b From 3204f1f9c5dc0fe687e824fa4ff1816484b8a18f Mon Sep 17 00:00:00 2001 From: Rick Ellis Date: Sun, 21 Sep 2008 19:06:53 +0000 Subject: removed a call to the validation class, as it's overkill for a simple preg_match --- system/libraries/Encrypt.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 6d0735a09..aabf90d08 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -141,9 +141,7 @@ class CI_Encrypt { { $key = $this->get_key($key); - $this->CI->load->library('validation'); - - if ($this->CI->validation->valid_base64($string) === FALSE) + if ( ! preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) { return FALSE; } -- cgit v1.2.3-24-g4f1b From e5ad2c797162091fade9a809ccc4578d835027bd Mon Sep 17 00:00:00 2001 From: Derek Allard Date: Tue, 23 Sep 2008 06:01:26 +0000 Subject: change of a false test --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index aabf90d08..16c9efe61 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -141,7 +141,7 @@ class CI_Encrypt { { $key = $this->get_key($key); - if ( ! preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) + if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string) === FALSE) { return FALSE; } -- cgit v1.2.3-24-g4f1b From 0c9e2700ee0950ada00205d60151224505203dd7 Mon Sep 17 00:00:00 2001 From: Derek Allard Date: Tue, 23 Sep 2008 06:06:21 +0000 Subject: mostly trivial whitespace adjustments --- system/libraries/Encrypt.php | 100 +++++++++++++++++++++---------------------- 1 file changed, 50 insertions(+), 50 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 16c9efe61..bd74592d1 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -27,14 +27,14 @@ * @link http://codeigniter.com/user_guide/libraries/encryption.html */ class CI_Encrypt { - + var $CI; var $encryption_key = ''; var $_hash_type = 'sha1'; var $_mcrypt_exists = FALSE; var $_mcrypt_cipher; var $_mcrypt_mode; - + /** * Constructor * @@ -47,7 +47,7 @@ class CI_Encrypt { $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; log_message('debug', "Encrypt Class Initialized"); } - + // -------------------------------------------------------------------- /** @@ -63,12 +63,12 @@ class CI_Encrypt { function get_key($key = '') { if ($key == '') - { + { if ($this->encryption_key != '') { return $this->encryption_key; } - + $CI =& get_instance(); $key = $CI->config->item('encryption_key'); @@ -77,7 +77,7 @@ class CI_Encrypt { show_error('In order to use the encryption class requires that you set an encryption key in your config file.'); } } - + return md5($key); } @@ -94,7 +94,7 @@ class CI_Encrypt { { $this->encryption_key = $key; } - + // -------------------------------------------------------------------- /** @@ -122,9 +122,9 @@ class CI_Encrypt { { $enc = $this->mcrypt_encode($enc, $key); } - return base64_encode($enc); + return base64_encode($enc); } - + // -------------------------------------------------------------------- /** @@ -155,10 +155,10 @@ class CI_Encrypt { return FALSE; } } - + return $this->_xor_decode($dec, $key); } - + // -------------------------------------------------------------------- /** @@ -171,7 +171,7 @@ class CI_Encrypt { * @param string * @param string * @return string - */ + */ function _xor_encode($string, $key) { $rand = ''; @@ -179,18 +179,18 @@ class CI_Encrypt { { $rand .= mt_rand(0, mt_getrandmax()); } - + $rand = $this->hash($rand); - + $enc = ''; for ($i = 0; $i < strlen($string); $i++) { $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1)); } - + return $this->_xor_merge($enc, $key); } - + // -------------------------------------------------------------------- /** @@ -203,20 +203,20 @@ class CI_Encrypt { * @param string * @param string * @return string - */ + */ function _xor_decode($string, $key) { $string = $this->_xor_merge($string, $key); - + $dec = ''; for ($i = 0; $i < strlen($string); $i++) { $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1)); } - + return $dec; } - + // -------------------------------------------------------------------- /** @@ -228,7 +228,7 @@ class CI_Encrypt { * @param string * @param string * @return string - */ + */ function _xor_merge($string, $key) { $hash = $this->hash($key); @@ -237,10 +237,10 @@ class CI_Encrypt { { $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1); } - + return $str; } - + // -------------------------------------------------------------------- /** @@ -252,12 +252,12 @@ class CI_Encrypt { * @return string */ function mcrypt_encode($data, $key) - { + { $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key); } - + // -------------------------------------------------------------------- /** @@ -267,22 +267,22 @@ class CI_Encrypt { * @param string * @param string * @return string - */ + */ function mcrypt_decode($data, $key) { $data = $this->_remove_cipher_noise($data, $key); $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); - + if ($init_size > strlen($data)) { return FALSE; } - + $init_vect = substr($data, 0, $init_size); $data = substr($data, $init_size); return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0"); } - + // -------------------------------------------------------------------- /** @@ -302,22 +302,22 @@ class CI_Encrypt { $keyhash = $this->hash($key); $keylen = strlen($keyhash); $str = ''; - + for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) - { + { if ($j >= $keylen) { $j = 0; } - + $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256); } - + return $str; } // -------------------------------------------------------------------- - + /** * Removes permuted noise from the IV + encrypted data, reversing * _add_cipher_noise() @@ -340,9 +340,9 @@ class CI_Encrypt { { $j = 0; } - + $temp = ord($data[$i]) - ord($keyhash[$j]); - + if ($temp < 0) { $temp = $temp + 256; @@ -350,7 +350,7 @@ class CI_Encrypt { $str .= chr($temp); } - + return $str; } @@ -367,7 +367,7 @@ class CI_Encrypt { { $this->_mcrypt_cipher = $cipher; } - + // -------------------------------------------------------------------- /** @@ -381,7 +381,7 @@ class CI_Encrypt { { $this->_mcrypt_mode = $mode; } - + // -------------------------------------------------------------------- /** @@ -389,7 +389,7 @@ class CI_Encrypt { * * @access private * @return string - */ + */ function _get_cipher() { if ($this->_mcrypt_cipher == '') @@ -407,7 +407,7 @@ class CI_Encrypt { * * @access private * @return string - */ + */ function _get_mode() { if ($this->_mcrypt_mode == '') @@ -417,7 +417,7 @@ class CI_Encrypt { return $this->_mcrypt_mode; } - + // -------------------------------------------------------------------- /** @@ -426,12 +426,12 @@ class CI_Encrypt { * @access public * @param string * @return string - */ + */ function set_hash($type = 'sha1') { $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type; } - + // -------------------------------------------------------------------- /** @@ -440,12 +440,12 @@ class CI_Encrypt { * @access public * @param string * @return string - */ + */ function hash($str) { return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str); } - + // -------------------------------------------------------------------- /** @@ -454,13 +454,13 @@ class CI_Encrypt { * @access public * @param string * @return string - */ + */ function sha1($str) { if ( ! function_exists('sha1')) { if ( ! function_exists('mhash')) - { + { require_once(BASEPATH.'libraries/Sha1'.EXT); $SH = new CI_SHA; return $SH->generate($str); @@ -473,9 +473,9 @@ class CI_Encrypt { else { return sha1($str); - } + } } - + } // END CI_Encrypt class -- cgit v1.2.3-24-g4f1b From 57f9f39ca6edd4c9cea0f68b86da0ec7a9098f0b Mon Sep 17 00:00:00 2001 From: Derek Allard Date: Tue, 23 Sep 2008 20:59:14 +0000 Subject: change of a false test (yes, again) --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index bd74592d1..656d51b4a 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -141,7 +141,7 @@ class CI_Encrypt { { $key = $this->get_key($key); - if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string) === FALSE) + if ( ! preg_match('/[a-zA-Z0-9\/\+=]/', $string)) { return FALSE; } -- cgit v1.2.3-24-g4f1b From af03e056ce1a479dc9f1d6b0a88a6bcb06a31d3c Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Fri, 26 Sep 2008 15:59:28 +0000 Subject: fixed decode()'s validation of the string... --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 656d51b4a..035ce8f68 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -141,7 +141,7 @@ class CI_Encrypt { { $key = $this->get_key($key); - if ( ! preg_match('/[a-zA-Z0-9\/\+=]/', $string)) + if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) { return FALSE; } -- cgit v1.2.3-24-g4f1b From 2067d1a727e7eb5e5ffb40e967f3d1fc4c8a41b2 Mon Sep 17 00:00:00 2001 From: Derek Allard Date: Thu, 13 Nov 2008 22:59:24 +0000 Subject: Changing EOL style to LF --- system/libraries/Encrypt.php | 966 +++++++++++++++++++++---------------------- 1 file changed, 483 insertions(+), 483 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 035ce8f68..4edfaa78e 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -1,484 +1,484 @@ -CI =& get_instance(); - $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; - log_message('debug', "Encrypt Class Initialized"); - } - - // -------------------------------------------------------------------- - - /** - * Fetch the encryption key - * - * Returns it as MD5 in order to have an exact-length 128 bit key. - * Mcrypt is sensitive to keys that are not the correct length - * - * @access public - * @param string - * @return string - */ - function get_key($key = '') - { - if ($key == '') - { - if ($this->encryption_key != '') - { - return $this->encryption_key; - } - - $CI =& get_instance(); - $key = $CI->config->item('encryption_key'); - - if ($key === FALSE) - { - show_error('In order to use the encryption class requires that you set an encryption key in your config file.'); - } - } - - return md5($key); - } - - // -------------------------------------------------------------------- - - /** - * Set the encryption key - * - * @access public - * @param string - * @return void - */ - function set_key($key = '') - { - $this->encryption_key = $key; - } - - // -------------------------------------------------------------------- - - /** - * Encode - * - * Encodes the message string using bitwise XOR encoding. - * The key is combined with a random hash, and then it - * too gets converted using XOR. The whole thing is then run - * through mcrypt (if supported) using the randomized key. - * The end result is a double-encrypted message string - * that is randomized with each call to this function, - * even if the supplied message and key are the same. - * - * @access public - * @param string the string to encode - * @param string the key - * @return string - */ - function encode($string, $key = '') - { - $key = $this->get_key($key); - $enc = $this->_xor_encode($string, $key); - - if ($this->_mcrypt_exists === TRUE) - { - $enc = $this->mcrypt_encode($enc, $key); - } - return base64_encode($enc); - } - - // -------------------------------------------------------------------- - - /** - * Decode - * - * Reverses the above process - * - * @access public - * @param string - * @param string - * @return string - */ - function decode($string, $key = '') - { - $key = $this->get_key($key); - - if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) - { - return FALSE; - } - - $dec = base64_decode($string); - - if ($this->_mcrypt_exists === TRUE) - { - if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) - { - return FALSE; - } - } - - return $this->_xor_decode($dec, $key); - } - - // -------------------------------------------------------------------- - - /** - * XOR Encode - * - * Takes a plain-text string and key as input and generates an - * encoded bit-string using XOR - * - * @access private - * @param string - * @param string - * @return string - */ - function _xor_encode($string, $key) - { - $rand = ''; - while (strlen($rand) < 32) - { - $rand .= mt_rand(0, mt_getrandmax()); - } - - $rand = $this->hash($rand); - - $enc = ''; - for ($i = 0; $i < strlen($string); $i++) - { - $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1)); - } - - return $this->_xor_merge($enc, $key); - } - - // -------------------------------------------------------------------- - - /** - * XOR Decode - * - * Takes an encoded string and key as input and generates the - * plain-text original message - * - * @access private - * @param string - * @param string - * @return string - */ - function _xor_decode($string, $key) - { - $string = $this->_xor_merge($string, $key); - - $dec = ''; - for ($i = 0; $i < strlen($string); $i++) - { - $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1)); - } - - return $dec; - } - - // -------------------------------------------------------------------- - - /** - * XOR key + string Combiner - * - * Takes a string and key as input and computes the difference using XOR - * - * @access private - * @param string - * @param string - * @return string - */ - function _xor_merge($string, $key) - { - $hash = $this->hash($key); - $str = ''; - for ($i = 0; $i < strlen($string); $i++) - { - $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1); - } - - return $str; - } - - // -------------------------------------------------------------------- - - /** - * Encrypt using Mcrypt - * - * @access public - * @param string - * @param string - * @return string - */ - function mcrypt_encode($data, $key) - { - $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); - $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); - return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key); - } - - // -------------------------------------------------------------------- - - /** - * Decrypt using Mcrypt - * - * @access public - * @param string - * @param string - * @return string - */ - function mcrypt_decode($data, $key) - { - $data = $this->_remove_cipher_noise($data, $key); - $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); - - if ($init_size > strlen($data)) - { - return FALSE; - } - - $init_vect = substr($data, 0, $init_size); - $data = substr($data, $init_size); - return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0"); - } - - // -------------------------------------------------------------------- - - /** - * Adds permuted noise to the IV + encrypted data to protect - * against Man-in-the-middle attacks on CBC mode ciphers - * http://www.ciphersbyritter.com/GLOSSARY.HTM#IV - * - * Function description - * - * @access private - * @param string - * @param string - * @return string - */ - function _add_cipher_noise($data, $key) - { - $keyhash = $this->hash($key); - $keylen = strlen($keyhash); - $str = ''; - - for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) - { - if ($j >= $keylen) - { - $j = 0; - } - - $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256); - } - - return $str; - } - - // -------------------------------------------------------------------- - - /** - * Removes permuted noise from the IV + encrypted data, reversing - * _add_cipher_noise() - * - * Function description - * - * @access public - * @param type - * @return type - */ - function _remove_cipher_noise($data, $key) - { - $keyhash = $this->hash($key); - $keylen = strlen($keyhash); - $str = ''; - - for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) - { - if ($j >= $keylen) - { - $j = 0; - } - - $temp = ord($data[$i]) - ord($keyhash[$j]); - - if ($temp < 0) - { - $temp = $temp + 256; - } - - $str .= chr($temp); - } - - return $str; - } - - // -------------------------------------------------------------------- - - /** - * Set the Mcrypt Cipher - * - * @access public - * @param constant - * @return string - */ - function set_cipher($cipher) - { - $this->_mcrypt_cipher = $cipher; - } - - // -------------------------------------------------------------------- - - /** - * Set the Mcrypt Mode - * - * @access public - * @param constant - * @return string - */ - function set_mode($mode) - { - $this->_mcrypt_mode = $mode; - } - - // -------------------------------------------------------------------- - - /** - * Get Mcrypt cipher Value - * - * @access private - * @return string - */ - function _get_cipher() - { - if ($this->_mcrypt_cipher == '') - { - $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; - } - - return $this->_mcrypt_cipher; - } - - // -------------------------------------------------------------------- - - /** - * Get Mcrypt Mode Value - * - * @access private - * @return string - */ - function _get_mode() - { - if ($this->_mcrypt_mode == '') - { - $this->_mcrypt_mode = MCRYPT_MODE_ECB; - } - - return $this->_mcrypt_mode; - } - - // -------------------------------------------------------------------- - - /** - * Set the Hash type - * - * @access public - * @param string - * @return string - */ - function set_hash($type = 'sha1') - { - $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type; - } - - // -------------------------------------------------------------------- - - /** - * Hash encode a string - * - * @access public - * @param string - * @return string - */ - function hash($str) - { - return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str); - } - - // -------------------------------------------------------------------- - - /** - * Generate an SHA1 Hash - * - * @access public - * @param string - * @return string - */ - function sha1($str) - { - if ( ! function_exists('sha1')) - { - if ( ! function_exists('mhash')) - { - require_once(BASEPATH.'libraries/Sha1'.EXT); - $SH = new CI_SHA; - return $SH->generate($str); - } - else - { - return bin2hex(mhash(MHASH_SHA1, $str)); - } - } - else - { - return sha1($str); - } - } - -} - -// END CI_Encrypt class - -/* End of file Encrypt.php */ +CI =& get_instance(); + $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; + log_message('debug', "Encrypt Class Initialized"); + } + + // -------------------------------------------------------------------- + + /** + * Fetch the encryption key + * + * Returns it as MD5 in order to have an exact-length 128 bit key. + * Mcrypt is sensitive to keys that are not the correct length + * + * @access public + * @param string + * @return string + */ + function get_key($key = '') + { + if ($key == '') + { + if ($this->encryption_key != '') + { + return $this->encryption_key; + } + + $CI =& get_instance(); + $key = $CI->config->item('encryption_key'); + + if ($key === FALSE) + { + show_error('In order to use the encryption class requires that you set an encryption key in your config file.'); + } + } + + return md5($key); + } + + // -------------------------------------------------------------------- + + /** + * Set the encryption key + * + * @access public + * @param string + * @return void + */ + function set_key($key = '') + { + $this->encryption_key = $key; + } + + // -------------------------------------------------------------------- + + /** + * Encode + * + * Encodes the message string using bitwise XOR encoding. + * The key is combined with a random hash, and then it + * too gets converted using XOR. The whole thing is then run + * through mcrypt (if supported) using the randomized key. + * The end result is a double-encrypted message string + * that is randomized with each call to this function, + * even if the supplied message and key are the same. + * + * @access public + * @param string the string to encode + * @param string the key + * @return string + */ + function encode($string, $key = '') + { + $key = $this->get_key($key); + $enc = $this->_xor_encode($string, $key); + + if ($this->_mcrypt_exists === TRUE) + { + $enc = $this->mcrypt_encode($enc, $key); + } + return base64_encode($enc); + } + + // -------------------------------------------------------------------- + + /** + * Decode + * + * Reverses the above process + * + * @access public + * @param string + * @param string + * @return string + */ + function decode($string, $key = '') + { + $key = $this->get_key($key); + + if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) + { + return FALSE; + } + + $dec = base64_decode($string); + + if ($this->_mcrypt_exists === TRUE) + { + if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) + { + return FALSE; + } + } + + return $this->_xor_decode($dec, $key); + } + + // -------------------------------------------------------------------- + + /** + * XOR Encode + * + * Takes a plain-text string and key as input and generates an + * encoded bit-string using XOR + * + * @access private + * @param string + * @param string + * @return string + */ + function _xor_encode($string, $key) + { + $rand = ''; + while (strlen($rand) < 32) + { + $rand .= mt_rand(0, mt_getrandmax()); + } + + $rand = $this->hash($rand); + + $enc = ''; + for ($i = 0; $i < strlen($string); $i++) + { + $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1)); + } + + return $this->_xor_merge($enc, $key); + } + + // -------------------------------------------------------------------- + + /** + * XOR Decode + * + * Takes an encoded string and key as input and generates the + * plain-text original message + * + * @access private + * @param string + * @param string + * @return string + */ + function _xor_decode($string, $key) + { + $string = $this->_xor_merge($string, $key); + + $dec = ''; + for ($i = 0; $i < strlen($string); $i++) + { + $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1)); + } + + return $dec; + } + + // -------------------------------------------------------------------- + + /** + * XOR key + string Combiner + * + * Takes a string and key as input and computes the difference using XOR + * + * @access private + * @param string + * @param string + * @return string + */ + function _xor_merge($string, $key) + { + $hash = $this->hash($key); + $str = ''; + for ($i = 0; $i < strlen($string); $i++) + { + $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Encrypt using Mcrypt + * + * @access public + * @param string + * @param string + * @return string + */ + function mcrypt_encode($data, $key) + { + $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); + $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); + return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key); + } + + // -------------------------------------------------------------------- + + /** + * Decrypt using Mcrypt + * + * @access public + * @param string + * @param string + * @return string + */ + function mcrypt_decode($data, $key) + { + $data = $this->_remove_cipher_noise($data, $key); + $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); + + if ($init_size > strlen($data)) + { + return FALSE; + } + + $init_vect = substr($data, 0, $init_size); + $data = substr($data, $init_size); + return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0"); + } + + // -------------------------------------------------------------------- + + /** + * Adds permuted noise to the IV + encrypted data to protect + * against Man-in-the-middle attacks on CBC mode ciphers + * http://www.ciphersbyritter.com/GLOSSARY.HTM#IV + * + * Function description + * + * @access private + * @param string + * @param string + * @return string + */ + function _add_cipher_noise($data, $key) + { + $keyhash = $this->hash($key); + $keylen = strlen($keyhash); + $str = ''; + + for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + { + if ($j >= $keylen) + { + $j = 0; + } + + $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Removes permuted noise from the IV + encrypted data, reversing + * _add_cipher_noise() + * + * Function description + * + * @access public + * @param type + * @return type + */ + function _remove_cipher_noise($data, $key) + { + $keyhash = $this->hash($key); + $keylen = strlen($keyhash); + $str = ''; + + for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) + { + if ($j >= $keylen) + { + $j = 0; + } + + $temp = ord($data[$i]) - ord($keyhash[$j]); + + if ($temp < 0) + { + $temp = $temp + 256; + } + + $str .= chr($temp); + } + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Set the Mcrypt Cipher + * + * @access public + * @param constant + * @return string + */ + function set_cipher($cipher) + { + $this->_mcrypt_cipher = $cipher; + } + + // -------------------------------------------------------------------- + + /** + * Set the Mcrypt Mode + * + * @access public + * @param constant + * @return string + */ + function set_mode($mode) + { + $this->_mcrypt_mode = $mode; + } + + // -------------------------------------------------------------------- + + /** + * Get Mcrypt cipher Value + * + * @access private + * @return string + */ + function _get_cipher() + { + if ($this->_mcrypt_cipher == '') + { + $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; + } + + return $this->_mcrypt_cipher; + } + + // -------------------------------------------------------------------- + + /** + * Get Mcrypt Mode Value + * + * @access private + * @return string + */ + function _get_mode() + { + if ($this->_mcrypt_mode == '') + { + $this->_mcrypt_mode = MCRYPT_MODE_ECB; + } + + return $this->_mcrypt_mode; + } + + // -------------------------------------------------------------------- + + /** + * Set the Hash type + * + * @access public + * @param string + * @return string + */ + function set_hash($type = 'sha1') + { + $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type; + } + + // -------------------------------------------------------------------- + + /** + * Hash encode a string + * + * @access public + * @param string + * @return string + */ + function hash($str) + { + return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str); + } + + // -------------------------------------------------------------------- + + /** + * Generate an SHA1 Hash + * + * @access public + * @param string + * @return string + */ + function sha1($str) + { + if ( ! function_exists('sha1')) + { + if ( ! function_exists('mhash')) + { + require_once(BASEPATH.'libraries/Sha1'.EXT); + $SH = new CI_SHA; + return $SH->generate($str); + } + else + { + return bin2hex(mhash(MHASH_SHA1, $str)); + } + } + else + { + return sha1($str); + } + } + +} + +// END CI_Encrypt class + +/* End of file Encrypt.php */ /* Location: ./system/libraries/Encrypt.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From fc395a1046441cb584cbcfe42651dacece7eca3e Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Wed, 22 Apr 2009 14:15:09 +0000 Subject: updated copyrights to 2009 --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 4edfaa78e..95c758fb4 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 -- cgit v1.2.3-24-g4f1b From 7f3719faf120dc15f3d7b45e132ab3192f60ad62 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 5 Jan 2010 13:35:37 +0000 Subject: updated copyrights --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 95c758fb4..c893fbf9e 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2009, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 -- cgit v1.2.3-24-g4f1b From 7284f06585a689702ea86684893c999065621460 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 31 Aug 2010 00:30:21 -0500 Subject: changed key comparison to be loosely typed, so an error would be triggered when an empty string is attempted to be used as an encryption key --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index c893fbf9e..44fdce03b 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -72,7 +72,7 @@ class CI_Encrypt { $CI =& get_instance(); $key = $CI->config->item('encryption_key'); - if ($key === FALSE) + if ($key == FALSE) { show_error('In order to use the encryption class requires that you set an encryption key in your config file.'); } -- cgit v1.2.3-24-g4f1b From 09c7793b23ae77c54e25d12b63d8ca9c9232efeb Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Tue, 31 Aug 2010 13:17:10 -0500 Subject: Significant changes to the Encryption library - Removed double-encoding with XOR scheme when Mcrypt is available. Additional obfuscation was not significantly aiding security, and came at a very high performance cost. - Changed the default encryption mode from ECB to CBC for much improved security - Added an encode_from_legacy() method to allow re-encoding of permanent data that was originally encoded with the older methods. --- system/libraries/Encrypt.php | 75 ++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 69 insertions(+), 6 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 44fdce03b..8beff75d6 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -116,12 +116,16 @@ class CI_Encrypt { function encode($string, $key = '') { $key = $this->get_key($key); - $enc = $this->_xor_encode($string, $key); - + if ($this->_mcrypt_exists === TRUE) { - $enc = $this->mcrypt_encode($enc, $key); + $enc = $this->mcrypt_encode($string, $key); + } + else + { + $enc = $this->_xor_encode($string, $key); } + return base64_encode($enc); } @@ -155,12 +159,71 @@ class CI_Encrypt { return FALSE; } } - - return $this->_xor_decode($dec, $key); + else + { + $dec = $this->_xor_decode($dec, $key); + } + + return $dec; } // -------------------------------------------------------------------- + + /** + * Encode from Legacy + * + * Takes an encoded string from the original Encryption class algorithms and + * returns a newly encoded string using the improved method added in 2.0.0 + * This allows for backwards compatibility and a method to transition to the + * new encryption algorithms. + * + * For more details, see http://codeigniter.com/user_guide/installation/upgrade_200.html#encryption + * + * @access public + * @param string + * @param int (mcrypt mode constant) + * @param string + * @return string + */ + function encode_from_legacy($string, $legacy_mode = MCRYPT_MODE_ECB, $key = '') + { + if ($this->_mcrypt_exists === FALSE) + { + log_message('error', 'Encoding from legacy is available only when Mcrypt is in use.'); + return FALSE; + } + + // decode it first + // set mode temporarily to what it was when string was encoded with the legacy + // algorithm - typically MCRYPT_MODE_ECB + $current_mode = $this->_get_mode(); + $this->set_mode($legacy_mode); + + $key = $this->get_key($key); + + if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) + { + return FALSE; + } + + $dec = base64_decode($string); + + if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) + { + return FALSE; + } + + $dec = $this->_xor_decode($dec, $key); + // set the mcrypt mode back to what it should be, typically MCRYPT_MODE_CBC + $this->set_mode(MCRYPT_MODE_CBC); + + // and re-encode + return base64_encode($this->mcrypt_encode($dec, $key)); + } + + // -------------------------------------------------------------------- + /** * XOR Encode * @@ -412,7 +475,7 @@ class CI_Encrypt { { if ($this->_mcrypt_mode == '') { - $this->_mcrypt_mode = MCRYPT_MODE_ECB; + $this->_mcrypt_mode = MCRYPT_MODE_CBC; } return $this->_mcrypt_mode; -- cgit v1.2.3-24-g4f1b From 092103e4d6a4a2bcd14274055f774e4eb01ecaa3 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Thu, 2 Sep 2010 11:11:58 -0500 Subject: fixed a spot where the encryption mode was still a hard coded constant instead of the fetched variable --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 8beff75d6..b27847a55 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -216,7 +216,7 @@ class CI_Encrypt { $dec = $this->_xor_decode($dec, $key); // set the mcrypt mode back to what it should be, typically MCRYPT_MODE_CBC - $this->set_mode(MCRYPT_MODE_CBC); + $this->set_mode($current_mode); // and re-encode return base64_encode($this->mcrypt_encode($dec, $key)); -- cgit v1.2.3-24-g4f1b From dd6719738936be31cdaa1758ca86d5eb14dcab3d Mon Sep 17 00:00:00 2001 From: Barry Mieny Date: Mon, 4 Oct 2010 16:33:58 +0200 Subject: Cleanup of stray spaces and tabs --- system/libraries/Encrypt.php | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index b27847a55..b95dd999c 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -144,7 +144,7 @@ class CI_Encrypt { function decode($string, $key = '') { $key = $this->get_key($key); - + if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) { return FALSE; @@ -163,12 +163,12 @@ class CI_Encrypt { { $dec = $this->_xor_decode($dec, $key); } - + return $dec; } // -------------------------------------------------------------------- - + /** * Encode from Legacy * @@ -176,7 +176,7 @@ class CI_Encrypt { * returns a newly encoded string using the improved method added in 2.0.0 * This allows for backwards compatibility and a method to transition to the * new encryption algorithms. - * + * * For more details, see http://codeigniter.com/user_guide/installation/upgrade_200.html#encryption * * @access public @@ -192,22 +192,22 @@ class CI_Encrypt { log_message('error', 'Encoding from legacy is available only when Mcrypt is in use.'); return FALSE; } - + // decode it first // set mode temporarily to what it was when string was encoded with the legacy - // algorithm - typically MCRYPT_MODE_ECB + // algorithm - typically MCRYPT_MODE_ECB $current_mode = $this->_get_mode(); $this->set_mode($legacy_mode); - + $key = $this->get_key($key); - + if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) { return FALSE; } $dec = base64_decode($string); - + if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) { return FALSE; @@ -223,7 +223,7 @@ class CI_Encrypt { } // -------------------------------------------------------------------- - + /** * XOR Encode * @@ -247,7 +247,7 @@ class CI_Encrypt { $enc = ''; for ($i = 0; $i < strlen($string); $i++) - { + { $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1)); } @@ -410,7 +410,7 @@ class CI_Encrypt { { $temp = $temp + 256; } - + $str .= chr($temp); } @@ -418,7 +418,7 @@ class CI_Encrypt { } // -------------------------------------------------------------------- - + /** * Set the Mcrypt Cipher * @@ -477,7 +477,7 @@ class CI_Encrypt { { $this->_mcrypt_mode = MCRYPT_MODE_CBC; } - + return $this->_mcrypt_mode; } @@ -503,7 +503,7 @@ class CI_Encrypt { * @access public * @param string * @return string - */ + */ function hash($str) { return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str); -- cgit v1.2.3-24-g4f1b From 741de1c1319dd13de75348863cca591713dd46ce Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Wed, 10 Nov 2010 14:52:57 -0600 Subject: Updating PHP requirements in files 5.1.6 --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index b95dd999c..f64c10c5d 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 4.3.2 or newer + * An open source application development framework for PHP 5.1.6 or newer * * @package CodeIgniter * @author ExpressionEngine Dev Team -- cgit v1.2.3-24-g4f1b From a926328583e7ffdaaac7daf2f87810d842423f21 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Wed, 10 Nov 2010 15:26:43 -0600 Subject: Changing all class constructors to __construct() --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index f64c10c5d..7682f21e4 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -41,7 +41,7 @@ class CI_Encrypt { * Simply determines whether the mcrypt library exists. * */ - function CI_Encrypt() + public function __construct() { $this->CI =& get_instance(); $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; -- cgit v1.2.3-24-g4f1b From 0711dc87d98ce20d3a87f7ac43d78af8fba1dca7 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Wed, 5 Jan 2011 10:49:40 -0600 Subject: Hey look, it's 2011 --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 7682f21e4..e5f65878a 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -6,7 +6,7 @@ * * @package CodeIgniter * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2010, EllisLab, Inc. + * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. * @license http://codeigniter.com/user_guide/license.html * @link http://codeigniter.com * @since Version 1.0 -- cgit v1.2.3-24-g4f1b From 3a746655e92ec59ee7e731c3535673a9aedc5d3e Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Tue, 19 Apr 2011 10:59:47 -0500 Subject: Removing internal references to the EXT constant. Additionally, marked the constant as deprecated. Use ".php" instead. Also adding upgrade notes from 2.0.2 to 2.0.3. --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index e5f65878a..b30a8cf0b 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -524,7 +524,7 @@ class CI_Encrypt { { if ( ! function_exists('mhash')) { - require_once(BASEPATH.'libraries/Sha1'.EXT); + require_once(BASEPATH.'libraries/Sha1.php'); $SH = new CI_SHA; return $SH->generate($str); } -- cgit v1.2.3-24-g4f1b From 114ab0988e20ac6be39ad363ff897a1a3b85e565 Mon Sep 17 00:00:00 2001 From: Razican Date: Mon, 25 Apr 2011 17:26:45 +0200 Subject: Fixed double-space typo. --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index b30a8cf0b..2f7db6623 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -1,4 +1,4 @@ - Date: Fri, 1 Jul 2011 17:40:48 -0500 Subject: backed out 648b42a75739, which was a NON-trivial whitespace commit. It broke the Typography class's string replacements, for instance --- system/libraries/Encrypt.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/libraries/Encrypt.php') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index 2f7db6623..b30a8cf0b 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -1,4 +1,4 @@ -