From d1af1854e3444d58907225f46f473723cdf97628 Mon Sep 17 00:00:00 2001
From: Greg Aker <greg@gregaker.net>
Date: Sun, 25 Dec 2011 21:59:30 -0600
Subject: Removing previously deprecated SHA1 library and removed SHA1 method
 in the Encryption Library

---
 system/libraries/Encrypt.php | 105 +++++------------
 system/libraries/Sha1.php    | 263 -------------------------------------------
 2 files changed, 27 insertions(+), 341 deletions(-)
 delete mode 100644 system/libraries/Sha1.php

(limited to 'system')

diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php
index c2cb808dd..92b0b3c4a 100644
--- a/system/libraries/Encrypt.php
+++ b/system/libraries/Encrypt.php
@@ -40,22 +40,19 @@
  */
 class CI_Encrypt {
 
-	var $CI;
-	var $encryption_key	= '';
-	var $_hash_type	= 'sha1';
-	var $_mcrypt_exists = FALSE;
-	var $_mcrypt_cipher;
-	var $_mcrypt_mode;
+	public $encryption_key	= '';
+	protected $_hash_type	= 'sha1';
+	protected $_mcrypt_exists = FALSE;
+	protected $_mcrypt_cipher;
+	protected $_mcrypt_mode;
 
 	/**
 	 * Constructor
 	 *
 	 * Simply determines whether the mcrypt library exists.
-	 *
 	 */
 	public function __construct()
 	{
-		$this->CI =& get_instance();
 		$this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE;
 		log_message('debug', "Encrypt Class Initialized");
 	}
@@ -68,11 +65,10 @@ class CI_Encrypt {
 	 * Returns it as MD5 in order to have an exact-length 128 bit key.
 	 * Mcrypt is sensitive to keys that are not the correct length
 	 *
-	 * @access	public
 	 * @param	string
 	 * @return	string
 	 */
-	function get_key($key = '')
+	public function get_key($key = '')
 	{
 		if ($key == '')
 		{
@@ -84,7 +80,7 @@ class CI_Encrypt {
 			$CI =& get_instance();
 			$key = $CI->config->item('encryption_key');
 
-			if ($key == FALSE)
+			if ($key === FALSE)
 			{
 				show_error('In order to use the encryption class requires that you set an encryption key in your config file.');
 			}
@@ -98,13 +94,13 @@ class CI_Encrypt {
 	/**
 	 * Set the encryption key
 	 *
-	 * @access	public
 	 * @param	string
 	 * @return	void
 	 */
-	function set_key($key = '')
+	public function set_key($key = '')
 	{
 		$this->encryption_key = $key;
+		return $this;
 	}
 
 	// --------------------------------------------------------------------
@@ -120,12 +116,11 @@ class CI_Encrypt {
 	 * that is randomized with each call to this function,
 	 * even if the supplied message and key are the same.
 	 *
-	 * @access	public
 	 * @param	string	the string to encode
 	 * @param	string	the key
 	 * @return	string
 	 */
-	function encode($string, $key = '')
+	public function encode($string, $key = '')
 	{
 		$key = $this->get_key($key);
 
@@ -148,12 +143,11 @@ class CI_Encrypt {
 	 *
 	 * Reverses the above process
 	 *
-	 * @access	public
 	 * @param	string
 	 * @param	string
 	 * @return	string
 	 */
-	function decode($string, $key = '')
+	public function decode($string, $key = '')
 	{
 		$key = $this->get_key($key);
 
@@ -191,13 +185,12 @@ class CI_Encrypt {
 	 *
 	 * For more details, see http://codeigniter.com/user_guide/installation/upgrade_200.html#encryption
 	 *
-	 * @access	public
 	 * @param	string
 	 * @param	int		(mcrypt mode constant)
 	 * @param	string
 	 * @return	string
 	 */
-	function encode_from_legacy($string, $legacy_mode = MCRYPT_MODE_ECB, $key = '')
+	public function encode_from_legacy($string, $legacy_mode = MCRYPT_MODE_ECB, $key = '')
 	{
 		if ($this->_mcrypt_exists === FALSE)
 		{
@@ -242,12 +235,11 @@ class CI_Encrypt {
 	 * Takes a plain-text string and key as input and generates an
 	 * encoded bit-string using XOR
 	 *
-	 * @access	private
 	 * @param	string
 	 * @param	string
 	 * @return	string
 	 */
-	function _xor_encode($string, $key)
+	protected function _xor_encode($string, $key)
 	{
 		$rand = '';
 		while (strlen($rand) < 32)
@@ -274,12 +266,11 @@ class CI_Encrypt {
 	 * Takes an encoded string and key as input and generates the
 	 * plain-text original message
 	 *
-	 * @access	private
 	 * @param	string
 	 * @param	string
 	 * @return	string
 	 */
-	function _xor_decode($string, $key)
+	protected function _xor_decode($string, $key)
 	{
 		$string = $this->_xor_merge($string, $key);
 
@@ -299,12 +290,11 @@ class CI_Encrypt {
 	 *
 	 * Takes a string and key as input and computes the difference using XOR
 	 *
-	 * @access	private
 	 * @param	string
 	 * @param	string
 	 * @return	string
 	 */
-	function _xor_merge($string, $key)
+	protected function _xor_merge($string, $key)
 	{
 		$hash = $this->hash($key);
 		$str = '';
@@ -321,12 +311,11 @@ class CI_Encrypt {
 	/**
 	 * Encrypt using Mcrypt
 	 *
-	 * @access	public
 	 * @param	string
 	 * @param	string
 	 * @return	string
 	 */
-	function mcrypt_encode($data, $key)
+	public function mcrypt_encode($data, $key)
 	{
 		$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
 		$init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND);
@@ -338,12 +327,11 @@ class CI_Encrypt {
 	/**
 	 * Decrypt using Mcrypt
 	 *
-	 * @access	public
 	 * @param	string
 	 * @param	string
 	 * @return	string
 	 */
-	function mcrypt_decode($data, $key)
+	public function mcrypt_decode($data, $key)
 	{
 		$data = $this->_remove_cipher_noise($data, $key);
 		$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
@@ -365,14 +353,11 @@ class CI_Encrypt {
 	 * against Man-in-the-middle attacks on CBC mode ciphers
 	 * http://www.ciphersbyritter.com/GLOSSARY.HTM#IV
 	 *
-	 * Function description
-	 *
-	 * @access	private
 	 * @param	string
 	 * @param	string
 	 * @return	string
 	 */
-	function _add_cipher_noise($data, $key)
+	protected function _add_cipher_noise($data, $key)
 	{
 		$keyhash = $this->hash($key);
 		$keylen = strlen($keyhash);
@@ -399,11 +384,10 @@ class CI_Encrypt {
 	 *
 	 * Function description
 	 *
-	 * @access	public
 	 * @param	type
 	 * @return	type
 	 */
-	function _remove_cipher_noise($data, $key)
+	protected function _remove_cipher_noise($data, $key)
 	{
 		$keyhash = $this->hash($key);
 		$keylen = strlen($keyhash);
@@ -434,13 +418,13 @@ class CI_Encrypt {
 	/**
 	 * Set the Mcrypt Cipher
 	 *
-	 * @access	public
 	 * @param	constant
 	 * @return	string
 	 */
-	function set_cipher($cipher)
+	public function set_cipher($cipher)
 	{
 		$this->_mcrypt_cipher = $cipher;
+		return $this;
 	}
 
 	// --------------------------------------------------------------------
@@ -448,13 +432,13 @@ class CI_Encrypt {
 	/**
 	 * Set the Mcrypt Mode
 	 *
-	 * @access	public
 	 * @param	constant
 	 * @return	string
 	 */
 	function set_mode($mode)
 	{
 		$this->_mcrypt_mode = $mode;
+		return $this;
 	}
 
 	// --------------------------------------------------------------------
@@ -462,10 +446,9 @@ class CI_Encrypt {
 	/**
 	 * Get Mcrypt cipher Value
 	 *
-	 * @access	private
 	 * @return	string
 	 */
-	function _get_cipher()
+	protected function _get_cipher()
 	{
 		if ($this->_mcrypt_cipher == '')
 		{
@@ -480,10 +463,9 @@ class CI_Encrypt {
 	/**
 	 * Get Mcrypt Mode Value
 	 *
-	 * @access	private
 	 * @return	string
 	 */
-	function _get_mode()
+	protected function _get_mode()
 	{
 		if ($this->_mcrypt_mode == '')
 		{
@@ -498,11 +480,10 @@ class CI_Encrypt {
 	/**
 	 * Set the Hash type
 	 *
-	 * @access	public
 	 * @param	string
 	 * @return	string
 	 */
-	function set_hash($type = 'sha1')
+	public function set_hash($type = 'sha1')
 	{
 		$this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type;
 	}
@@ -512,45 +493,13 @@ class CI_Encrypt {
 	/**
 	 * Hash encode a string
 	 *
-	 * @access	public
 	 * @param	string
 	 * @return	string
 	 */
-	function hash($str)
+	public function hash($str)
 	{
-		return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str);
+		return ($this->_hash_type == 'sha1') ? sha1($str) : md5($str);
 	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Generate an SHA1 Hash
-	 *
-	 * @access	public
-	 * @param	string
-	 * @return	string
-	 */
-	function sha1($str)
-	{
-		if ( ! function_exists('sha1'))
-		{
-			if ( ! function_exists('mhash'))
-			{
-				require_once(BASEPATH.'libraries/Sha1.php');
-				$SH = new CI_SHA;
-				return $SH->generate($str);
-			}
-			else
-			{
-				return bin2hex(mhash(MHASH_SHA1, $str));
-			}
-		}
-		else
-		{
-			return sha1($str);
-		}
-	}
-
 }
 
 // END CI_Encrypt class
diff --git a/system/libraries/Sha1.php b/system/libraries/Sha1.php
deleted file mode 100644
index 477b92bcb..000000000
--- a/system/libraries/Sha1.php
+++ /dev/null
@@ -1,263 +0,0 @@
-<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');
-/**
- * CodeIgniter
- *
- * An open source application development framework for PHP 5.1.6 or newer
- *
- * NOTICE OF LICENSE
- * 
- * Licensed under the Open Software License version 3.0
- * 
- * This source file is subject to the Open Software License (OSL 3.0) that is
- * bundled with this package in the files license.txt / license.rst.  It is
- * also available through the world wide web at this URL:
- * http://opensource.org/licenses/OSL-3.0
- * If you did not receive a copy of the license and are unable to obtain it
- * through the world wide web, please send an email to
- * licensing@ellislab.com so we can send you a copy immediately.
- *
- * @package		CodeIgniter
- * @author		EllisLab Dev Team
- * @copyright	Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/)
- * @license		http://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
- * @link		http://codeigniter.com
- * @since		Version 1.0
- * @filesource
- */
-
-// ------------------------------------------------------------------------
-
-/**
- * SHA1 Encoding Class
- *
- * Purpose: Provides 160 bit hashing using The Secure Hash Algorithm
- * developed at the National Institute of Standards and Technology. The 40
- * character SHA1 message hash is computationally infeasible to crack.
- *
- * This class is a fallback for servers that are not running PHP greater than
- * 4.3, or do not have the MHASH library.
- *
- * This class is based on two scripts:
- *
- * Marcus Campbell's PHP implementation (GNU license)
- * http://www.tecknik.net/sha-1/
- *
- * ...which is based on Paul Johnston's JavaScript version
- * (BSD license). http://pajhome.org.uk/
- *
- * I encapsulated the functions and wrote one additional method to fix
- * a hex conversion bug. - Rick Ellis
- *
- * @package		CodeIgniter
- * @subpackage	Libraries
- * @category	Encryption
- * @author		EllisLab Dev Team
- * @link		http://codeigniter.com/user_guide/libraries/encryption.html
- */
-class CI_SHA1 {
-
-	public function __construct()
-	{
-		log_message('debug', "SHA1 Class Initialized");
-	}
-
-	/**
-	 * Generate the Hash
-	 *
-	 * @access	public
-	 * @param	string
-	 * @return	string
-	 */
-	function generate($str)
-	{
-		$n = ((strlen($str) + 8) >> 6) + 1;
-
-		for ($i = 0; $i < $n * 16; $i++)
-		{
-			$x[$i] = 0;
-		}
-
-		for ($i = 0; $i < strlen($str); $i++)
-		{
-			$x[$i >> 2] |= ord(substr($str, $i, 1)) << (24 - ($i % 4) * 8);
-		}
-
-		$x[$i >> 2] |= 0x80 << (24 - ($i % 4) * 8);
-
-		$x[$n * 16 - 1] = strlen($str) * 8;
-
-		$a =  1732584193;
-		$b = -271733879;
-		$c = -1732584194;
-		$d =  271733878;
-		$e = -1009589776;
-
-		for ($i = 0; $i < count($x); $i += 16)
-		{
-			$olda = $a;
-			$oldb = $b;
-			$oldc = $c;
-			$oldd = $d;
-			$olde = $e;
-
-			for ($j = 0; $j < 80; $j++)
-			{
-				if ($j < 16)
-				{
-					$w[$j] = $x[$i + $j];
-				}
-				else
-				{
-					$w[$j] = $this->_rol($w[$j - 3] ^ $w[$j - 8] ^ $w[$j - 14] ^ $w[$j - 16], 1);
-				}
-
-				$t = $this->_safe_add($this->_safe_add($this->_rol($a, 5), $this->_ft($j, $b, $c, $d)), $this->_safe_add($this->_safe_add($e, $w[$j]), $this->_kt($j)));
-
-				$e = $d;
-				$d = $c;
-				$c = $this->_rol($b, 30);
-				$b = $a;
-				$a = $t;
-			}
-
-			$a = $this->_safe_add($a, $olda);
-			$b = $this->_safe_add($b, $oldb);
-			$c = $this->_safe_add($c, $oldc);
-			$d = $this->_safe_add($d, $oldd);
-			$e = $this->_safe_add($e, $olde);
-		}
-
-		return $this->_hex($a).$this->_hex($b).$this->_hex($c).$this->_hex($d).$this->_hex($e);
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Convert a decimal to hex
-	 *
-	 * @access	private
-	 * @param	string
-	 * @return	string
-	 */
-	function _hex($str)
-	{
-		$str = dechex($str);
-
-		if (strlen($str) == 7)
-		{
-			$str = '0'.$str;
-		}
-
-		return $str;
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 *  Return result based on iteration
-	 *
-	 * @access	private
-	 * @return	string
-	 */
-	function _ft($t, $b, $c, $d)
-	{
-		if ($t < 20)
-			return ($b & $c) | ((~$b) & $d);
-		if ($t < 40)
-			return $b ^ $c ^ $d;
-		if ($t < 60)
-			return ($b & $c) | ($b & $d) | ($c & $d);
-
-		return $b ^ $c ^ $d;
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Determine the additive constant
-	 *
-	 * @access	private
-	 * @return	string
-	 */
-	function _kt($t)
-	{
-		if ($t < 20)
-		{
-			return 1518500249;
-		}
-		else if ($t < 40)
-		{
-			return 1859775393;
-		}
-		else if ($t < 60)
-		{
-			return -1894007588;
-		}
-		else
-		{
-			return -899497514;
-		}
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Add integers, wrapping at 2^32
-	 *
-	 * @access	private
-	 * @return	string
-	 */
-	function _safe_add($x, $y)
-	{
-		$lsw = ($x & 0xFFFF) + ($y & 0xFFFF);
-		$msw = ($x >> 16) + ($y >> 16) + ($lsw >> 16);
-
-		return ($msw << 16) | ($lsw & 0xFFFF);
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Bitwise rotate a 32-bit number
-	 *
-	 * @access	private
-	 * @return	integer
-	 */
-	function _rol($num, $cnt)
-	{
-		return ($num << $cnt) | $this->_zero_fill($num, 32 - $cnt);
-	}
-
-	// --------------------------------------------------------------------
-
-	/**
-	 * Pad string with zero
-	 *
-	 * @access	private
-	 * @return	string
-	 */
-	function _zero_fill($a, $b)
-	{
-		$bin = decbin($a);
-
-		if (strlen($bin) < $b)
-		{
-			$bin = 0;
-		}
-		else
-		{
-			$bin = substr($bin, 0, strlen($bin) - $b);
-		}
-
-		for ($i=0; $i < $b; $i++)
-		{
-			$bin = "0".$bin;
-		}
-
-		return bindec($bin);
-	}
-}
-// END CI_SHA
-
-/* End of file Sha1.php */
-/* Location: ./system/libraries/Sha1.php */
-- 
cgit v1.2.3-24-g4f1b