1 <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
5 * An open source application development framework for PHP 5.1.6 or newer
8 * @author ExpressionEngine Dev Team
9 * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc.
10 * @license http://codeigniter.com/user_guide/license.html
11 * @link http://codeigniter.com
16 // ------------------------------------------------------------------------
19 * CodeIgniter Encryption Class
21 * Provides two-way keyed encoding using XOR Hashing and Mcrypt
23 * @package CodeIgniter
24 * @subpackage Libraries
26 * @author ExpressionEngine Dev Team
27 * @link http://codeigniter.com/user_guide/libraries/encryption.html
32 var $encryption_key = '';
33 var $_hash_type = 'sha1';
34 var $_mcrypt_exists = FALSE;
41 * Simply determines whether the mcrypt library exists.
44 public function __construct()
46 $this->CI =& get_instance();
47 $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE;
48 log_message('debug', "Encrypt Class Initialized");
51 // --------------------------------------------------------------------
54 * Fetch the encryption key
56 * Returns it as MD5 in order to have an exact-length 128 bit key.
57 * Mcrypt is sensitive to keys that are not the correct length
63 function get_key($key = '')
67 if ($this->encryption_key != '')
69 return $this->encryption_key;
72 $CI =& get_instance();
73 $key = $CI->config->item('encryption_key');
77 show_error('In order to use the encryption class requires that you set an encryption key in your config file.');
84 // --------------------------------------------------------------------
87 * Set the encryption key
93 function set_key($key = '')
95 $this->encryption_key = $key;
98 // --------------------------------------------------------------------
103 * Encodes the message string using bitwise XOR encoding.
104 * The key is combined with a random hash, and then it
105 * too gets converted using XOR. The whole thing is then run
106 * through mcrypt (if supported) using the randomized key.
107 * The end result is a double-encrypted message string
108 * that is randomized with each call to this function,
109 * even if the supplied message and key are the same.
112 * @param string the string to encode
113 * @param string the key
116 function encode($string, $key = '')
118 $key = $this->get_key($key);
120 if ($this->_mcrypt_exists === TRUE)
122 $enc = $this->mcrypt_encode($string, $key);
126 $enc = $this->_xor_encode($string, $key);
129 return base64_encode($enc);
132 // --------------------------------------------------------------------
137 * Reverses the above process
144 function decode($string, $key = '')
146 $key = $this->get_key($key);
148 if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
153 $dec = base64_decode($string);
155 if ($this->_mcrypt_exists === TRUE)
157 if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE)
164 $dec = $this->_xor_decode($dec, $key);
170 // --------------------------------------------------------------------
175 * Takes an encoded string from the original Encryption class algorithms and
176 * returns a newly encoded string using the improved method added in 2.0.0
177 * This allows for backwards compatibility and a method to transition to the
178 * new encryption algorithms.
180 * For more details, see http://codeigniter.com/user_guide/installation/upgrade_200.html#encryption
184 * @param int (mcrypt mode constant)
188 function encode_from_legacy($string, $legacy_mode = MCRYPT_MODE_ECB, $key = '')
190 if ($this->_mcrypt_exists === FALSE)
192 log_message('error', 'Encoding from legacy is available only when Mcrypt is in use.');
197 // set mode temporarily to what it was when string was encoded with the legacy
198 // algorithm - typically MCRYPT_MODE_ECB
199 $current_mode = $this->_get_mode();
200 $this->set_mode($legacy_mode);
202 $key = $this->get_key($key);
204 if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
209 $dec = base64_decode($string);
211 if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE)
216 $dec = $this->_xor_decode($dec, $key);
218 // set the mcrypt mode back to what it should be, typically MCRYPT_MODE_CBC
219 $this->set_mode($current_mode);
222 return base64_encode($this->mcrypt_encode($dec, $key));
225 // --------------------------------------------------------------------
230 * Takes a plain-text string and key as input and generates an
231 * encoded bit-string using XOR
238 function _xor_encode($string, $key)
241 while (strlen($rand) < 32)
243 $rand .= mt_rand(0, mt_getrandmax());
246 $rand = $this->hash($rand);
249 for ($i = 0; $i < strlen($string); $i++)
251 $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1));
254 return $this->_xor_merge($enc, $key);
257 // --------------------------------------------------------------------
262 * Takes an encoded string and key as input and generates the
263 * plain-text original message
270 function _xor_decode($string, $key)
272 $string = $this->_xor_merge($string, $key);
275 for ($i = 0; $i < strlen($string); $i++)
277 $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1));
283 // --------------------------------------------------------------------
286 * XOR key + string Combiner
288 * Takes a string and key as input and computes the difference using XOR
295 function _xor_merge($string, $key)
297 $hash = $this->hash($key);
299 for ($i = 0; $i < strlen($string); $i++)
301 $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1);
307 // --------------------------------------------------------------------
310 * Encrypt using Mcrypt
317 function mcrypt_encode($data, $key)
319 $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
320 $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND);
321 return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key);
324 // --------------------------------------------------------------------
327 * Decrypt using Mcrypt
334 function mcrypt_decode($data, $key)
336 $data = $this->_remove_cipher_noise($data, $key);
337 $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
339 if ($init_size > strlen($data))
344 $init_vect = substr($data, 0, $init_size);
345 $data = substr($data, $init_size);
346 return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0");
349 // --------------------------------------------------------------------
352 * Adds permuted noise to the IV + encrypted data to protect
353 * against Man-in-the-middle attacks on CBC mode ciphers
354 * http://www.ciphersbyritter.com/GLOSSARY.HTM#IV
356 * Function description
363 function _add_cipher_noise($data, $key)
365 $keyhash = $this->hash($key);
366 $keylen = strlen($keyhash);
369 for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
376 $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256);
382 // --------------------------------------------------------------------
385 * Removes permuted noise from the IV + encrypted data, reversing
386 * _add_cipher_noise()
388 * Function description
394 function _remove_cipher_noise($data, $key)
396 $keyhash = $this->hash($key);
397 $keylen = strlen($keyhash);
400 for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
407 $temp = ord($data[$i]) - ord($keyhash[$j]);
420 // --------------------------------------------------------------------
423 * Set the Mcrypt Cipher
429 function set_cipher($cipher)
431 $this->_mcrypt_cipher = $cipher;
434 // --------------------------------------------------------------------
437 * Set the Mcrypt Mode
443 function set_mode($mode)
445 $this->_mcrypt_mode = $mode;
448 // --------------------------------------------------------------------
451 * Get Mcrypt cipher Value
456 function _get_cipher()
458 if ($this->_mcrypt_cipher == '')
460 $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256;
463 return $this->_mcrypt_cipher;
466 // --------------------------------------------------------------------
469 * Get Mcrypt Mode Value
476 if ($this->_mcrypt_mode == '')
478 $this->_mcrypt_mode = MCRYPT_MODE_CBC;
481 return $this->_mcrypt_mode;
484 // --------------------------------------------------------------------
493 function set_hash($type = 'sha1')
495 $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type;
498 // --------------------------------------------------------------------
501 * Hash encode a string
509 return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str);
512 // --------------------------------------------------------------------
515 * Generate an SHA1 Hash
523 if ( ! function_exists('sha1'))
525 if ( ! function_exists('mhash'))
527 require_once(BASEPATH.'libraries/Sha1'.EXT);
529 return $SH->generate($str);
533 return bin2hex(mhash(MHASH_SHA1, $str));
544 // END CI_Encrypt class
546 /* End of file Encrypt.php */
547 /* Location: ./system/libraries/Encrypt.php */
projects / living-lab-site.git / blob