+ +
+

Encrypt Class

+

The Encrypt Class provides two-way data encryption. It encrypted using +the Mcrypt PHP extension, which is required for the Encrypt Class to run.

+
+

Important

+

This library has been DEPRECATED and is only kept for +backwards compatibility. Please use the new Encryption Library.

+
+ +
+

Using the Encrypt Library

+
+

Setting your Key

+

A key is a piece of information that controls the cryptographic +process and permits an encrypted string to be decoded. In fact, the key +you chose will provide the only means to decode data that was +encrypted with that key, so not only must you choose the key carefully, +you must never change it if you intend use it for persistent data.

+

It goes without saying that you should guard your key carefully. Should +someone gain access to your key, the data will be easily decoded. If +your server is not totally under your control it’s impossible to ensure +key security so you may want to think carefully before using it for +anything that requires high security, like storing credit card numbers.

+

To take maximum advantage of the encryption algorithm, your key should +be 32 characters in length (256 bits). The key should be as random a +string as you can concoct, with numbers and uppercase and lowercase +letters. Your key should not be a simple text string. In order to be +cryptographically secure it needs to be as random as possible.

+

Your key can be either stored in your application/config/config.php, or +you can design your own storage mechanism and pass the key dynamically +when encoding/decoding.

+

To save your key to your application/config/config.php, open the file +and set:

+
$config['encryption_key'] = "YOUR KEY";
+
+
+
+
+

Message Length

+

It’s important for you to know that the encoded messages the encryption +function generates will be approximately 2.6 times longer than the +original message. For example, if you encrypt the string “my super +secret data”, which is 21 characters in length, you’ll end up with an +encoded string that is roughly 55 characters (we say “roughly” because +the encoded string length increments in 64 bit clusters, so it’s not +exactly linear). Keep this information in mind when selecting your data +storage mechanism. Cookies, for example, can only hold 4K of +information.

+
+
+

Initializing the Class

+

Like most other classes in CodeIgniter, the Encrypt class is +initialized in your controller using the $this->load->library() +method:

+
$this->load->library('encrypt');
+
+
+

Once loaded, the Encrypt library object will be available using:

+
$this->encrypt
+
+
+
+
+
+

Class Reference

+
+
+class CI_Encrypt
+
+
+encode($string[, $key = ''])
+
+++ + + + + + + + +
Parameters:
    +
  • $string (string) – Data to encrypt
  • +
  • $key (string) – Encryption key
  • +
+
Returns:

Encrypted string

+
Return type:

string

+
+

Performs the data encryption and returns it as a string. Example:

+
$msg = 'My secret message';
+
+$encrypted_string = $this->encrypt->encode($msg);
+
+
+

You can optionally pass your encryption key via the second parameter if +you don’t want to use the one in your config file:

+
$msg = 'My secret message';
+$key = 'super-secret-key';
+
+$encrypted_string = $this->encrypt->encode($msg, $key);
+
+
+
+ +
+
+decode($string[, $key = ''])
+
+++ + + + + + + + +
Parameters:
    +
  • $string (string) – String to decrypt
  • +
  • $key (string) – Encryption key
  • +
+
Returns:

Plain-text string

+
Return type:

string

+
+

Decrypts an encoded string. Example:

+
$encrypted_string = 'APANtByIGI1BpVXZTJgcsAG8GZl8pdwwa84';
+
+$plaintext_string = $this->encrypt->decode($encrypted_string);
+
+
+

You can optionally pass your encryption key via the second parameter if +you don’t want to use the one in your config file:

+
$msg = 'My secret message';
+$key = 'super-secret-key';
+
+$encrypted_string = $this->encrypt->decode($msg, $key);
+
+
+
+ +
+
+set_cipher($cipher)
+
+++ + + + + + + + +
Parameters:
    +
  • $cipher (int) – Valid PHP MCrypt cypher constant
  • +
+
Returns:

CI_Encrypt instance (method chaining)

+
Return type:

CI_Encrypt

+
+

Permits you to set an Mcrypt cipher. By default it uses +MCRYPT_RIJNDAEL_256. Example:

+
$this->encrypt->set_cipher(MCRYPT_BLOWFISH);
+
+
+

Please visit php.net for a list of available ciphers.

+

If you’d like to manually test whether your server supports MCrypt you +can use:

+
echo extension_loaded('mcrypt') ? 'Yup' : 'Nope';
+
+
+
+ +
+
+set_mode($mode)
+
+++ + + + + + + + +
Parameters:
    +
  • $mode (int) – Valid PHP MCrypt mode constant
  • +
+
Returns:

CI_Encrypt instance (method chaining)

+
Return type:

CI_Encrypt

+
+

Permits you to set an Mcrypt mode. By default it uses MCRYPT_MODE_CBC. +Example:

+
$this->encrypt->set_mode(MCRYPT_MODE_CFB);
+
+
+

Please visit php.net for a list of available modes.

+
+ +
+
+encode_from_legacy($string[, $legacy_mode = MCRYPT_MODE_ECB[, $key = '']])
+
+++ + + + + + + + +
Parameters:
    +
  • $string (string) – String to encrypt
  • +
  • $legacy_mode (int) – Valid PHP MCrypt cipher constant
  • +
  • $key (string) – Encryption key
  • +
+
Returns:

Newly encrypted string

+
Return type:

string

+
+

Enables you to re-encode data that was originally encrypted with +CodeIgniter 1.x to be compatible with the Encrypt library in +CodeIgniter 2.x. It is only necessary to use this method if you have +encrypted data stored permanently such as in a file or database and are +on a server that supports Mcrypt. “Light” use encryption such as +encrypted session data or transitory encrypted flashdata require no +intervention on your part. However, existing encrypted Sessions will be +destroyed since data encrypted prior to 2.x will not be decoded.

+
+

Important

+

Why only a method to re-encode the data instead of maintaining legacy +methods for both encoding and decoding? The algorithms in the +Encrypt library have improved in CodeIgniter 2.x both for performance +and security, and we do not wish to encourage continued use of the older +methods. You can of course extend the Encryption library if you wish and +replace the new methods with the old and retain seamless compatibility +with CodeIgniter 1.x encrypted data, but this a decision that a +developer should make cautiously and deliberately, if at all.

+
+
$new_data = $this->encrypt->encode_from_legacy($old_encrypted_string);
+
+
+ +++++ + + + + + + + + + + + + + + + + + + + + +
ParameterDefaultDescription
$orig_datan/aThe original encrypted data from CodeIgniter 1.x’s Encryption library
$legacy_modeMCRYPT_MODE_ECBThe Mcrypt mode that was used to generate the original encrypted data. +CodeIgniter 1.x’s default was MCRYPT_MODE_ECB, and it will assume that +to be the case unless overridden by this parameter.
$keyn/aThe encryption key. This it typically specified in your config file as +outlined above.
+
+ +
+ +
+
+ + +