New file |
0,0 → 1,484 |
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); |
/** |
* CodeIgniter |
* |
* An open source application development framework for PHP 4.3.2 or newer |
* |
* @package CodeIgniter |
* @author ExpressionEngine Dev Team |
* @copyright Copyright (c) 2008, EllisLab, Inc. |
* @license http://codeigniter.com/user_guide/license.html |
* @link http://codeigniter.com |
* @since Version 1.0 |
* @filesource |
*/ |
|
// ------------------------------------------------------------------------ |
|
/** |
* CodeIgniter Encryption Class |
* |
* Provides two-way keyed encoding using XOR Hashing and Mcrypt |
* |
* @package CodeIgniter |
* @subpackage Libraries |
* @category Libraries |
* @author ExpressionEngine Dev Team |
* @link http://codeigniter.com/user_guide/libraries/encryption.html |
*/ |
class CI_Encrypt { |
|
var $CI; |
var $encryption_key = ''; |
var $_hash_type = 'sha1'; |
var $_mcrypt_exists = FALSE; |
var $_mcrypt_cipher; |
var $_mcrypt_mode; |
|
/** |
* Constructor |
* |
* Simply determines whether the mcrypt library exists. |
* |
*/ |
function CI_Encrypt() |
{ |
$this->CI =& get_instance(); |
$this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; |
log_message('debug', "Encrypt Class Initialized"); |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* Fetch the encryption key |
* |
* Returns it as MD5 in order to have an exact-length 128 bit key. |
* Mcrypt is sensitive to keys that are not the correct length |
* |
* @access public |
* @param string |
* @return string |
*/ |
function get_key($key = '') |
{ |
if ($key == '') |
{ |
if ($this->encryption_key != '') |
{ |
return $this->encryption_key; |
} |
|
$CI =& get_instance(); |
$key = $CI->config->item('encryption_key'); |
|
if ($key === FALSE) |
{ |
show_error('In order to use the encryption class requires that you set an encryption key in your config file.'); |
} |
} |
|
return md5($key); |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* Set the encryption key |
* |
* @access public |
* @param string |
* @return void |
*/ |
function set_key($key = '') |
{ |
$this->encryption_key = $key; |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* Encode |
* |
* Encodes the message string using bitwise XOR encoding. |
* The key is combined with a random hash, and then it |
* too gets converted using XOR. The whole thing is then run |
* through mcrypt (if supported) using the randomized key. |
* The end result is a double-encrypted message string |
* that is randomized with each call to this function, |
* even if the supplied message and key are the same. |
* |
* @access public |
* @param string the string to encode |
* @param string the key |
* @return string |
*/ |
function encode($string, $key = '') |
{ |
$key = $this->get_key($key); |
$enc = $this->_xor_encode($string, $key); |
|
if ($this->_mcrypt_exists === TRUE) |
{ |
$enc = $this->mcrypt_encode($enc, $key); |
} |
return base64_encode($enc); |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* Decode |
* |
* Reverses the above process |
* |
* @access public |
* @param string |
* @param string |
* @return string |
*/ |
function decode($string, $key = '') |
{ |
$key = $this->get_key($key); |
|
if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string)) |
{ |
return FALSE; |
} |
|
$dec = base64_decode($string); |
|
if ($this->_mcrypt_exists === TRUE) |
{ |
if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) |
{ |
return FALSE; |
} |
} |
|
return $this->_xor_decode($dec, $key); |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* XOR Encode |
* |
* Takes a plain-text string and key as input and generates an |
* encoded bit-string using XOR |
* |
* @access private |
* @param string |
* @param string |
* @return string |
*/ |
function _xor_encode($string, $key) |
{ |
$rand = ''; |
while (strlen($rand) < 32) |
{ |
$rand .= mt_rand(0, mt_getrandmax()); |
} |
|
$rand = $this->hash($rand); |
|
$enc = ''; |
for ($i = 0; $i < strlen($string); $i++) |
{ |
$enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1)); |
} |
|
return $this->_xor_merge($enc, $key); |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* XOR Decode |
* |
* Takes an encoded string and key as input and generates the |
* plain-text original message |
* |
* @access private |
* @param string |
* @param string |
* @return string |
*/ |
function _xor_decode($string, $key) |
{ |
$string = $this->_xor_merge($string, $key); |
|
$dec = ''; |
for ($i = 0; $i < strlen($string); $i++) |
{ |
$dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1)); |
} |
|
return $dec; |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* XOR key + string Combiner |
* |
* Takes a string and key as input and computes the difference using XOR |
* |
* @access private |
* @param string |
* @param string |
* @return string |
*/ |
function _xor_merge($string, $key) |
{ |
$hash = $this->hash($key); |
$str = ''; |
for ($i = 0; $i < strlen($string); $i++) |
{ |
$str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1); |
} |
|
return $str; |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* Encrypt using Mcrypt |
* |
* @access public |
* @param string |
* @param string |
* @return string |
*/ |
function mcrypt_encode($data, $key) |
{ |
$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); |
$init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND); |
return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key); |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* Decrypt using Mcrypt |
* |
* @access public |
* @param string |
* @param string |
* @return string |
*/ |
function mcrypt_decode($data, $key) |
{ |
$data = $this->_remove_cipher_noise($data, $key); |
$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); |
|
if ($init_size > strlen($data)) |
{ |
return FALSE; |
} |
|
$init_vect = substr($data, 0, $init_size); |
$data = substr($data, $init_size); |
return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0"); |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* Adds permuted noise to the IV + encrypted data to protect |
* against Man-in-the-middle attacks on CBC mode ciphers |
* http://www.ciphersbyritter.com/GLOSSARY.HTM#IV |
* |
* Function description |
* |
* @access private |
* @param string |
* @param string |
* @return string |
*/ |
function _add_cipher_noise($data, $key) |
{ |
$keyhash = $this->hash($key); |
$keylen = strlen($keyhash); |
$str = ''; |
|
for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) |
{ |
if ($j >= $keylen) |
{ |
$j = 0; |
} |
|
$str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256); |
} |
|
return $str; |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* Removes permuted noise from the IV + encrypted data, reversing |
* _add_cipher_noise() |
* |
* Function description |
* |
* @access public |
* @param type |
* @return type |
*/ |
function _remove_cipher_noise($data, $key) |
{ |
$keyhash = $this->hash($key); |
$keylen = strlen($keyhash); |
$str = ''; |
|
for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j) |
{ |
if ($j >= $keylen) |
{ |
$j = 0; |
} |
|
$temp = ord($data[$i]) - ord($keyhash[$j]); |
|
if ($temp < 0) |
{ |
$temp = $temp + 256; |
} |
|
$str .= chr($temp); |
} |
|
return $str; |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* Set the Mcrypt Cipher |
* |
* @access public |
* @param constant |
* @return string |
*/ |
function set_cipher($cipher) |
{ |
$this->_mcrypt_cipher = $cipher; |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* Set the Mcrypt Mode |
* |
* @access public |
* @param constant |
* @return string |
*/ |
function set_mode($mode) |
{ |
$this->_mcrypt_mode = $mode; |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* Get Mcrypt cipher Value |
* |
* @access private |
* @return string |
*/ |
function _get_cipher() |
{ |
if ($this->_mcrypt_cipher == '') |
{ |
$this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256; |
} |
|
return $this->_mcrypt_cipher; |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* Get Mcrypt Mode Value |
* |
* @access private |
* @return string |
*/ |
function _get_mode() |
{ |
if ($this->_mcrypt_mode == '') |
{ |
$this->_mcrypt_mode = MCRYPT_MODE_ECB; |
} |
|
return $this->_mcrypt_mode; |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* Set the Hash type |
* |
* @access public |
* @param string |
* @return string |
*/ |
function set_hash($type = 'sha1') |
{ |
$this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type; |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* Hash encode a string |
* |
* @access public |
* @param string |
* @return string |
*/ |
function hash($str) |
{ |
return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str); |
} |
|
// -------------------------------------------------------------------- |
|
/** |
* Generate an SHA1 Hash |
* |
* @access public |
* @param string |
* @return string |
*/ |
function sha1($str) |
{ |
if ( ! function_exists('sha1')) |
{ |
if ( ! function_exists('mhash')) |
{ |
require_once(BASEPATH.'libraries/Sha1'.EXT); |
$SH = new CI_SHA; |
return $SH->generate($str); |
} |
else |
{ |
return bin2hex(mhash(MHASH_SHA1, $str)); |
} |
} |
else |
{ |
return sha1($str); |
} |
} |
|
} |
|
// END CI_Encrypt class |
|
/* End of file Encrypt.php */ |
/* Location: ./system/libraries/Encrypt.php */ |