From 4b9c62980599228f070b401c7673dce8085b0c61 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Fri, 1 Jul 2011 17:40:48 -0500 Subject: backed out 648b42a75739, which was a NON-trivial whitespace commit. It broke the Typography class's string replacements, for instance --- user_guide/libraries/encryption.html | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) (limited to 'user_guide/libraries/encryption.html') diff --git a/user_guide/libraries/encryption.html b/user_guide/libraries/encryption.html index 96ad54bc0..60099312c 100644 --- a/user_guide/libraries/encryption.html +++ b/user_guide/libraries/encryption.html @@ -58,9 +58,9 @@ Encryption Class

Encryption Class

-

The Encryption Class provides two-way data encryption. It uses a scheme that either compiles +

The Encryption Class provides two-way data encryption. It uses a scheme that either compiles the message using a randomly hashed bitwise XOR encoding scheme, or is encrypted using -the Mcrypt library. If Mcrypt is not available on your server the encoded message will +the Mcrypt library. If Mcrypt is not available on your server the encoded message will still provide a reasonable degree of security for encrypted sessions or other such "light" purposes. If Mcrypt is available, you'll be provided with a high degree of security appropriate for storage.

@@ -72,7 +72,7 @@ In fact, the key you chose will provide the only means to decod so not only must you choose the key carefully, you must never change it if you intend use it for persistent data.

It goes without saying that you should guard your key carefully. -Should someone gain access to your key, the data will be easily decoded. If your server is not totally under your control +Should someone gain access to your key, the data will be easily decoded. If your server is not totally under your control it's impossible to ensure key security so you may want to think carefully before using it for anything that requires high security, like storing credit card numbers.

@@ -91,9 +91,9 @@ storage mechanism and pass the key dynamically when encoding/decoding.

Message Length

It's important for you to know that the encoded messages the encryption function generates will be approximately 2.6 times longer than the original -message. For example, if you encrypt the string "my super secret data", which is 21 characters in length, you'll end up +message. For example, if you encrypt the string "my super secret data", which is 21 characters in length, you'll end up with an encoded string that is roughly 55 characters (we say "roughly" because the encoded string length increments in -64 bit clusters, so it's not exactly linear). Keep this information in mind when selecting your data storage mechanism. Cookies, +64 bit clusters, so it's not exactly linear). Keep this information in mind when selecting your data storage mechanism. Cookies, for example, can only hold 4K of information.

@@ -124,7 +124,7 @@ $encrypted_string = $this->encrypt->encode($msg, $key);

$this->encrypt->decode()

-

Decrypts an encoded string. Example:

+

Decrypts an encoded string. Example:

$encrypted_string = 'APANtByIGI1BpVXZTJgcsAG8GZl8pdwwa84';
@@ -142,9 +142,9 @@ $encrypted_string = $this->encrypt->decode($msg, $key);

$this->encrypt->set_cipher();

-

Permits you to set an Mcrypt cipher. By default it uses MCRYPT_RIJNDAEL_256. Example:

+

Permits you to set an Mcrypt cipher. By default it uses MCRYPT_RIJNDAEL_256. Example:

$this->encrypt->set_cipher(MCRYPT_BLOWFISH); -

Please visit php.net for a list of available ciphers.

+

Please visit php.net for a list of available ciphers.

If you'd like to manually test whether your server supports Mcrypt you can use:

echo ( ! function_exists('mcrypt_encrypt')) ? 'Nope' : 'Yup'; @@ -152,13 +152,13 @@ $encrypted_string = $this->encrypt->decode($msg, $key);

$this->encrypt->set_mode();

-

Permits you to set an Mcrypt mode. By default it uses MCRYPT_MODE_CBC. Example:

+

Permits you to set an Mcrypt mode. By default it uses MCRYPT_MODE_CBC. Example:

$this->encrypt->set_mode(MCRYPT_MODE_CFB); -

Please visit php.net for a list of available modes.

+

Please visit php.net for a list of available modes.

$this->encrypt->sha1();

-

SHA1 encoding function. Provide a string and it will return a 160 bit one way hash. Note: SHA1, just like MD5 is non-decodable. Example:

+

SHA1 encoding function. Provide a string and it will return a 160 bit one way hash. Note: SHA1, just like MD5 is non-decodable. Example:

$hash = $this->encrypt->sha1('Some string');

Many PHP installations have SHA1 support by default so if all you need is to encode a hash it's simpler to use the native @@ -169,12 +169,12 @@ function:

If your server does not support SHA1 you can use the provided function.

$this->encrypt->encode_from_legacy($orig_data, $legacy_mode = MCRYPT_MODE_ECB, $key = '');

-

Enables you to re-encode data that was originally encrypted with CodeIgniter 1.x to be compatible with the Encryption library in CodeIgniter 2.x. It is only - necessary to use this method if you have encrypted data stored permanently such as in a file or database and are on a server that supports Mcrypt. "Light" use encryption - such as encrypted session data or transitory encrypted flashdata require no intervention on your part. However, existing encrypted Sessions will be +

Enables you to re-encode data that was originally encrypted with CodeIgniter 1.x to be compatible with the Encryption library in CodeIgniter 2.x. It is only + necessary to use this method if you have encrypted data stored permanently such as in a file or database and are on a server that supports Mcrypt. "Light" use encryption + such as encrypted session data or transitory encrypted flashdata require no intervention on your part. However, existing encrypted Sessions will be destroyed since data encrypted prior to 2.x will not be decoded.

-

Why only a method to re-encode the data instead of maintaining legacy methods for both encoding and decoding? The algorithms in +

Why only a method to re-encode the data instead of maintaining legacy methods for both encoding and decoding? The algorithms in the Encryption library have improved in CodeIgniter 2.x both for performance and security, and we do not wish to encourage continued use of the older methods. You can of course extend the Encryption library if you wish and replace the new methods with the old and retain seamless compatibility with CodeIgniter 1.x encrypted data, but this a decision that a developer should make cautiously and deliberately, if at all.

@@ -195,13 +195,13 @@ function:

$legacy_mode MCRYPT_MODE_ECB - The Mcrypt mode that was used to generate the original encrypted data. CodeIgniter 1.x's default was MCRYPT_MODE_ECB, and it will + The Mcrypt mode that was used to generate the original encrypted data. CodeIgniter 1.x's default was MCRYPT_MODE_ECB, and it will assume that to be the case unless overridden by this parameter. $key n/a - The encryption key. This it typically specified in your config file as outlined above. + The encryption key. This it typically specified in your config file as outlined above. -- cgit v1.2.3-24-g4f1b From b8c038a3e7742f32915d7f1ab69627075e8d0c39 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Sat, 20 Aug 2011 08:57:14 -0500 Subject: updated version number in user guide, removed some stray merge markers found in the change log --- user_guide/libraries/encryption.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'user_guide/libraries/encryption.html') diff --git a/user_guide/libraries/encryption.html b/user_guide/libraries/encryption.html index 60099312c..5c64127cb 100644 --- a/user_guide/libraries/encryption.html +++ b/user_guide/libraries/encryption.html @@ -28,7 +28,7 @@
- +

CodeIgniter User Guide Version 2.0.2

CodeIgniter User Guide Version 2.0.3

-- cgit v1.2.3-24-g4f1b