The Encrypt library provides two-way encryption of text and binary strings using the Mcrypt extension, which consists of three parts: the key, the cipher, and the mode.
Class declared in SYSPATH/classes/encrypt.php on line 3.
string $defaultlink to thisdefault instance name
string(7) "default"array $instanceslink to thisEncrypt class instances
array(0) string $_randlink to thisOS-dependent RAND type to use
NULL
Creates a new mcrypt wrapper.
string
$key
required - Encryption keystring
$mode
required - Mcrypt modestring
$cipher
required - Mcrypt cipher
publicfunction__construct($key,$mode,$cipher){// Find the max length of the key, based on cipher and mode$size= mcrypt_get_key_size($cipher,$mode);if(isset($key[$size])){// Shorten the key to the maximum size$key=substr($key, 0,$size);}// Store the key, mode, and cipher$this->_key =$key;$this->_mode =$mode;$this->_cipher =$cipher;// Store the IV size$this->_iv_size = mcrypt_get_iv_size($this->_cipher,$this->_mode);}
Decrypts an encoded string back to its original value.
$data=$encrypt->decode($data);
string
$data
required - Encoded string to be decryptedFALSE - If decryption failsstring
publicfunctiondecode($data){// Convert the data back to binary$data=base64_decode($data, TRUE);if( !$data){// Invalid base64 datareturnFALSE;}// Extract the initialization vector from the data$iv=substr($data, 0,$this->_iv_size);if($this->_iv_size !==strlen($iv)){// The iv is not the expected sizereturnFALSE;}// Remove the iv from the data$data=substr($data,$this->_iv_size);// Return the decrypted data, trimming the \0 padding bytes from the end of the datareturnrtrim(mcrypt_decrypt($this->_cipher,$this->_key,$data,$this->_mode,$iv),"\0");}
Encrypts a string and returns an encrypted string that can be decoded.
$data=$encrypt->encode($data);
The encrypted binary data is encoded using base64 to convert it to a string. This string can be stored in a database, displayed, and passed using most other means without corruption.
string
$data
required - Data to be encryptedstring
publicfunctionencode($data){// Set the rand type if it has not already been setif(Encrypt::$_rand=== NULL){if(Kohana::$is_windows){// Windows only supports the system random number generatorEncrypt::$_rand= MCRYPT_RAND;}else{if(defined('MCRYPT_DEV_URANDOM')){// Use /dev/urandomEncrypt::$_rand= MCRYPT_DEV_URANDOM;}elseif(defined('MCRYPT_DEV_RANDOM')){// Use /dev/randomEncrypt::$_rand= MCRYPT_DEV_RANDOM;}else{// Use the system random number generatorEncrypt::$_rand= MCRYPT_RAND;}}}if(Encrypt::$_rand=== MCRYPT_RAND){// The system random number generator must always be seeded each// time it is used, or it will not produce true random resultsmt_srand();}// Create a random initialization vector of the proper size for the current cipher$iv= mcrypt_create_iv($this->_iv_size, Encrypt::$_rand);// Encrypt the data using the configured options and generated iv$data= mcrypt_encrypt($this->_cipher,$this->_key,$data,$this->_mode,$iv);// Use base64 encoding to convert to a stringreturnbase64_encode($iv.$data);}
Returns a singleton instance of Encrypt. An encryption key must be provided in your "encrypt" configuration file.
$encrypt= Encrypt::instance();
string
$name
= NULL - Configuration group nameEncrypt
publicstaticfunctioninstance($name= NULL){if($name=== NULL){// Use the default instance name$name= Encrypt::$default;}if( ! isset(Encrypt::$instances[$name])){// Load the configuration data$config= Kohana::$config->load('encrypt')->$name;if( ! isset($config['key'])){// No default encryption key is provided!thrownewKohana_Exception('No encryption key is defined in the encryption configuration group: :group',array(':group'=>$name));}if( ! isset($config['mode'])){// Add the default mode$config['mode'] = MCRYPT_MODE_NOFB;}if( ! isset($config['cipher'])){// Add the default cipher$config['cipher'] = MCRYPT_RIJNDAEL_128;}// Create a new instanceEncrypt::$instances[$name] =newEncrypt($config['key'],$config['mode'],$config['cipher']);}returnEncrypt::$instances[$name];}