CodeIgniter Encryption Class Analysis

First, set the key:

The keys are actually pieces of information that will control the cryptographic process and allow the encrypted string to be decoded. In fact, the key you choose provides a unique way to decrypt some of the encrypted data, so you need to be very careful about setting your key, and if you want to encrypt some fixed data, you'd better not change the key.

To maximize the encryption algorithm, your decryption key needs to be set to 32 characters in length (128 bits). You can set up a fabricated random string as your key, preferably including numbers, uppercase letters, and lowercase letters. Your key cannot be set to a simple text string. It also has a random possibility for secure and reliable encryption.

Your key can be placed in the application/config/config.php file, you can also set up a storage mechanism for data encryption and decryption.

To save your key in the application/config/config.php file, open the file setting:

$config [' encryption_key '] = "YOUR key";

Second, MD5 encryption of the key:

function Get_key ($key = ')
	{
		if ($key = = ') {
			if ($this->encryption_key!= '
				) {return $ this->encryption_key;
			}

			$CI =& get_instance ();
			$key = $CI->config->item (' Encryption_key ');

			if ($key = = FALSE)
			{
				Show_error encryption class requires that you set a encryption key in your config file. ');
			}

		return MD5 ($key);
	

Cryptographic functions of cryptographic classes:

function encode ($string, $key = ' ")
	{
		$key = $this->get_key ($key);

		if ($this->_mcrypt_exists = = TRUE)
		{
			$enc = $this->mcrypt_encode ($string, $key)
		;
		else
		{
			$enc = $this->_xor_encode ($string, $key);

		Return Base64_encode ($ENC);
	

First obtain the encrypted key after MD5 (), and then if the server supports MCrypt encryption, use the MCrypt function to encrypt, if not supported, the private member method of private Encryption class _xor_encode ($string, $key) encryption, and finally using MIME base64 Encode the data.

The Mcrypt_encode ($string, $key) code is as follows:

function Mcrypt_encode ($data, $key)
	{
		$init _size = mcrypt_get_iv_size ($this->_get_cipher (), $this->_ Get_mode ());
		$init _vect = Mcrypt_create_iv ($init _size, mcrypt_rand);
		return $this->_add_cipher_noise ($init _vect.mcrypt_encrypt ($this->_get_cipher (), $key, $data, $this->_get_ Mode (), $init _vect), $key);
	}

The function uses MCrypt to establish the value of the vector initialization, and then reason to encrypt the private member Method _add_cipher_noise () of the cryptographic class. The _add_cipher_noise () function is as follows:

function _add_cipher_noise ($data, $key)
	{
		$keyhash = $this->hash ($key);
		$keylen = strlen ($keyhash);
		$str = ';

		for ($i = 0, $j = 0, $len = strlen ($data), $i < $len; + + $i, + + $j)
		{
			if ($j >= $keylen)
			{
				$j = 0;
			}

			$str. = Chr ((Ord ($data [$i]) + ord ($keyhash [$j]))% 256);
		}

		return $str;
	}

The function first uses the member method hash () to hash the incoming parameter $key, then calculates the encrypted character length and then generates the encrypted string. The function also has a member method hash () with the following code:

function hash ($str)
	{return
		($this->_hash_type = = ' SHA1 ')? $this->sha1 ($STR): MD5 ($STR);
	

The function code is used to encrypt SHA1 if the _hash_type is set to SHA1 encryption and SHA1 () to the character if _hash_type is not MD5. The SHA1 () member function code is as follows:

function SHA1 ($STR)
	{
		if (! function_exists (' SHA1 '))
		{
			if (! function_exists (' Mhash '
				)) { Require_once (basepath. ' libraries/sha1.php ');
				$SH = new Ci_sha;
				Return $SH->generate ($STR);
			}
			else
			{return
				Bin2Hex (Mhash (MHASH_SHA1, $str));
			}
		else
		{return
			SHA1 ($STR);
		}
	}

The decryption process: The decryption process is the reverse decryption of the encryption process:

function decode ($string, $key = ' ")
	{
		$key = $this->get_key ($key);

		if (Preg_match ('/[^a-za-z0-9\/\+=]/', $string))
		{return
			FALSE;
		}

		$dec = Base64_decode ($string);

		if ($this->_mcrypt_exists = = TRUE)
		{
			if ($dec = $this->mcrypt_decode ($dec, $key)) = = FALSE)
			{ return
				FALSE;
			}
		}
		else
		{
			$dec = $this->_xor_decode ($dec, $key);

		return $dec;
	}

Step one: First get the decryption key; the second step: if the encrypted character is not a letter, number,/, +, =, then return false; Part III: Decoding using MIME base64 encoded data; step Fourth: If the server supports MCrypt, it is mcrypt decrypted. If not supported, it is decrypted with the private member Method _xor_decode ($dec, $key). The Mcrypt_decode () function code is as follows:

function Mcrypt_decode ($data, $key)
	{
		$data = $this->_remove_cipher_noise ($data, $key);
		$init _size = mcrypt_get_iv_size ($this->_get_cipher (), $this->_get_mode ());

		if ($init _size > strlen ($data))
		{return
			FALSE;
		}

		$init _vect = substr ($data, 0, $init _size);
		$data = substr ($data, $init _size);
		return RTrim (Mcrypt_decrypt ($this->_get_cipher (), $key, $data, $this->_get_mode (), $init _vect), "a";
	}

The function first decrypts it using the private member Method _remove_cipher_noise ($data, $key), and then decrypts it once with the MCrypt function, and removes the left blank to get the decrypted character. _remove_cipher_noise ($data, $key) The private member method code is as follows:

function _remove_cipher_noise ($data, $key)
	{
		$keyhash = $this->hash ($key);
		$keylen = strlen ($keyhash);
		$str = ';

		for ($i = 0, $j = 0, $len = strlen ($data); $i < $len; + + $i, + + $j)
		{
			if ($j >= $keylen)
			{
				$j = 0;
  
   

			$temp = Ord ($data [$i])-Ord ($keyhash [$j]);

			if ($temp < 0)
			{
				$temp = $temp + 256;
			}

			$str. = Chr ($temp);
		}

		return $str;
	}
  

Five: Other member functions of the cryptographic class:

Set_cipher ($cipher): Allows you to set a Mcrypt algorithm. MCRYPT_RIJNDAEL_256 is used by default. For example:

$this->encrypt->set_cipher (mcrypt_blowfish);

Set_mode ($mode): Allows you to set a Mcrypt mode. MCRYPT_MODE_CBC is used by default. For example:

$this->encrypt->set_mode (MCRYPT_MODE_CFB);

SHA1 ($STR): SHA1 encoding function. Provides a string, and then it returns a 160-bit Hash message. Description: SHA1, just like MD5 can not be decrypted. For example:

$hash = $this->encrypt->sha1 (' Some string ');

Only as the use of their own notes.