1 <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
\r
5 * An open source application development framework for PHP 4.3.2 or newer
\r
7 * @package CodeIgniter
\r
8 * @author ExpressionEngine Dev Team
\r
9 * @copyright Copyright (c) 2008, EllisLab, Inc.
\r
10 * @license http://codeigniter.com/user_guide/license.html
\r
11 * @link http://codeigniter.com
\r
12 * @since Version 1.0
\r
16 // ------------------------------------------------------------------------
\r
19 * CodeIgniter Encryption Class
\r
21 * Provides two-way keyed encoding using XOR Hashing and Mcrypt
\r
23 * @package CodeIgniter
\r
24 * @subpackage Libraries
\r
25 * @category Libraries
\r
26 * @author ExpressionEngine Dev Team
\r
27 * @link http://codeigniter.com/user_guide/libraries/encryption.html
\r
32 var $encryption_key = '';
\r
33 var $_hash_type = 'sha1';
\r
34 var $_mcrypt_exists = FALSE;
\r
35 var $_mcrypt_cipher;
\r
41 * Simply determines whether the mcrypt library exists.
\r
44 function CI_Encrypt()
\r
46 $this->CI =& get_instance();
\r
47 $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE;
\r
48 log_message('debug', "Encrypt Class Initialized");
\r
51 // --------------------------------------------------------------------
\r
54 * Fetch the encryption key
\r
56 * Returns it as MD5 in order to have an exact-length 128 bit key.
\r
57 * Mcrypt is sensitive to keys that are not the correct length
\r
63 function get_key($key = '')
\r
67 if ($this->encryption_key != '')
\r
69 return $this->encryption_key;
\r
72 $CI =& get_instance();
\r
73 $key = $CI->config->item('encryption_key');
\r
77 show_error('In order to use the encryption class requires that you set an encryption key in your config file.');
\r
84 // --------------------------------------------------------------------
\r
87 * Set the encryption key
\r
93 function set_key($key = '')
\r
95 $this->encryption_key = $key;
\r
98 // --------------------------------------------------------------------
\r
103 * Encodes the message string using bitwise XOR encoding.
\r
104 * The key is combined with a random hash, and then it
\r
105 * too gets converted using XOR. The whole thing is then run
\r
106 * through mcrypt (if supported) using the randomized key.
\r
107 * The end result is a double-encrypted message string
\r
108 * that is randomized with each call to this function,
\r
109 * even if the supplied message and key are the same.
\r
112 * @param string the string to encode
\r
113 * @param string the key
\r
116 function encode($string, $key = '')
\r
118 $key = $this->get_key($key);
\r
119 $enc = $this->_xor_encode($string, $key);
\r
121 if ($this->_mcrypt_exists === TRUE)
\r
123 $enc = $this->mcrypt_encode($enc, $key);
\r
125 return base64_encode($enc);
\r
128 // --------------------------------------------------------------------
\r
133 * Reverses the above process
\r
140 function decode($string, $key = '')
\r
142 $key = $this->get_key($key);
\r
144 if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
\r
149 $dec = base64_decode($string);
\r
151 if ($this->_mcrypt_exists === TRUE)
\r
153 if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE)
\r
159 return $this->_xor_decode($dec, $key);
\r
162 // --------------------------------------------------------------------
\r
167 * Takes a plain-text string and key as input and generates an
\r
168 * encoded bit-string using XOR
\r
175 function _xor_encode($string, $key)
\r
178 while (strlen($rand) < 32)
\r
180 $rand .= mt_rand(0, mt_getrandmax());
\r
183 $rand = $this->hash($rand);
\r
186 for ($i = 0; $i < strlen($string); $i++)
\r
188 $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1));
\r
191 return $this->_xor_merge($enc, $key);
\r
194 // --------------------------------------------------------------------
\r
199 * Takes an encoded string and key as input and generates the
\r
200 * plain-text original message
\r
207 function _xor_decode($string, $key)
\r
209 $string = $this->_xor_merge($string, $key);
\r
212 for ($i = 0; $i < strlen($string); $i++)
\r
214 $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1));
\r
220 // --------------------------------------------------------------------
\r
223 * XOR key + string Combiner
\r
225 * Takes a string and key as input and computes the difference using XOR
\r
232 function _xor_merge($string, $key)
\r
234 $hash = $this->hash($key);
\r
236 for ($i = 0; $i < strlen($string); $i++)
\r
238 $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1);
\r
244 // --------------------------------------------------------------------
\r
247 * Encrypt using Mcrypt
\r
254 function mcrypt_encode($data, $key)
\r
256 $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
\r
257 $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND);
\r
258 return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key);
\r
261 // --------------------------------------------------------------------
\r
264 * Decrypt using Mcrypt
\r
271 function mcrypt_decode($data, $key)
\r
273 $data = $this->_remove_cipher_noise($data, $key);
\r
274 $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
\r
276 if ($init_size > strlen($data))
\r
281 $init_vect = substr($data, 0, $init_size);
\r
282 $data = substr($data, $init_size);
\r
283 return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0");
\r
286 // --------------------------------------------------------------------
\r
289 * Adds permuted noise to the IV + encrypted data to protect
\r
290 * against Man-in-the-middle attacks on CBC mode ciphers
\r
291 * http://www.ciphersbyritter.com/GLOSSARY.HTM#IV
\r
293 * Function description
\r
300 function _add_cipher_noise($data, $key)
\r
302 $keyhash = $this->hash($key);
\r
303 $keylen = strlen($keyhash);
\r
306 for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
\r
313 $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256);
\r
319 // --------------------------------------------------------------------
\r
322 * Removes permuted noise from the IV + encrypted data, reversing
\r
323 * _add_cipher_noise()
\r
325 * Function description
\r
331 function _remove_cipher_noise($data, $key)
\r
333 $keyhash = $this->hash($key);
\r
334 $keylen = strlen($keyhash);
\r
337 for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
\r
344 $temp = ord($data[$i]) - ord($keyhash[$j]);
\r
348 $temp = $temp + 256;
\r
351 $str .= chr($temp);
\r
357 // --------------------------------------------------------------------
\r
360 * Set the Mcrypt Cipher
\r
366 function set_cipher($cipher)
\r
368 $this->_mcrypt_cipher = $cipher;
\r
371 // --------------------------------------------------------------------
\r
374 * Set the Mcrypt Mode
\r
380 function set_mode($mode)
\r
382 $this->_mcrypt_mode = $mode;
\r
385 // --------------------------------------------------------------------
\r
388 * Get Mcrypt cipher Value
\r
393 function _get_cipher()
\r
395 if ($this->_mcrypt_cipher == '')
\r
397 $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256;
\r
400 return $this->_mcrypt_cipher;
\r
403 // --------------------------------------------------------------------
\r
406 * Get Mcrypt Mode Value
\r
411 function _get_mode()
\r
413 if ($this->_mcrypt_mode == '')
\r
415 $this->_mcrypt_mode = MCRYPT_MODE_ECB;
\r
418 return $this->_mcrypt_mode;
\r
421 // --------------------------------------------------------------------
\r
424 * Set the Hash type
\r
430 function set_hash($type = 'sha1')
\r
432 $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type;
\r
435 // --------------------------------------------------------------------
\r
438 * Hash encode a string
\r
444 function hash($str)
\r
446 return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str);
\r
449 // --------------------------------------------------------------------
\r
452 * Generate an SHA1 Hash
\r
458 function sha1($str)
\r
460 if ( ! function_exists('sha1'))
\r
462 if ( ! function_exists('mhash'))
\r
464 require_once(BASEPATH.'libraries/Sha1'.EXT);
\r
466 return $SH->generate($str);
\r
470 return bin2hex(mhash(MHASH_SHA1, $str));
\r
481 // END CI_Encrypt class
\r
483 /* End of file Encrypt.php */
\r
484 /* Location: ./system/libraries/Encrypt.php */