php error: The Encrypt library requires the Mcrypt extension in codeigniter

Asked 4/3, 2016 at 14:4 Answered 16/6, 2021 at 13:54

I have a login and sign up form and use the encrypt library to encrypt the password.. I am using Xampp for my server and my system works correctly..

code to encrypt the password:

$this->encrypt->encode('my password');

add encrypt library

 $autoload['libraries'] = array('encrypt');

and setting the secret key in config:

$config['encryption_key'] = 'nmsc encrypt secret key';

My code works well using xampp server in windows but when Im trying to upload my website to ubuntu server I've got an error says

The Encrypt library requires the Mcrypt extension

how to fix that problem? refering this guide https://www.codeigniter.com/user_guide/libraries/encryption.html but I dont know how to install that mcrypt. my website needs to run from ubuntu server. how to install or fix that problem?

Dunnage answered 4/3, 2016 at 14:4 Comment(4)

You should not use mcrypt, it is abandonware, has not been updated in years and does not support standard padding (PKCS#5 or PKCS#7) and uses null padding which will not work correctly with binary data. Instead consider either defuse or RNCryptor-php for a full secure solution. – Kickapoo 4/3, 2016 at 15:55

CodeIgniter 3 provides a different encryption class that does most if not all things right. Use that if you have access to codeigniter 3. – Entrant 4/3, 2016 at 17:58

Passwords must be hashed, NOT encrypted. Use secure.php.net/password – Rafi 15/3, 2016 at 15:24

This answer worked for me. https://mcmap.net/q/742716/-the-encrypt-library-requires-the-mcrypt-extension – Sandoval 3/1, 2020 at 20:23

Best solution is (only available for CI 3 and up):

change

 $this->load->library('encrypt');

 $this->load->library('encryption');

Glenoid answered 29/11, 2018 at 11:16 Comment(2)

Please mention file name also – Blackmail 23/5, 2020 at 11:41

Does it work with CI4? – Farrago 23/1, 2022 at 14:42

Save this code to libraries/Encrypt.php

It must to be work!

<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/**
 * CodeIgniter
 *
 * An open source application development framework for PHP 5.1.6 or newer
 *
 * @package     CodeIgniter
 * @author      ExpressionEngine Dev Team
 * @copyright   Copyright (c) 2008 - 2011, EllisLab, Inc.
 * @license     http://codeigniter.com/user_guide/license.html
 * @link        http://codeigniter.com
 * @since       Version 1.0
 * @filesource
 */
// ------------------------------------------------------------------------
/**
 * CodeIgniter Encryption Class
 *
 * Provides two-way keyed encoding using XOR Hashing and Mcrypt
 *
 * @package     CodeIgniter
 * @subpackage  Libraries
 * @category    Libraries
 * @author      ExpressionEngine Dev Team
 * @link        http://codeigniter.com/user_guide/libraries/encryption.html
 */
class CI_Encrypt {
    var $CI;
    var $encryption_key = '';
    var $_hash_type = 'sha1';
    var $_mcrypt_exists = FALSE;
    var $_mcrypt_cipher;
    var $_mcrypt_mode;
    /**
     * Constructor
     *
     * Simply determines whether the mcrypt library exists.
     *
     */
    public function __construct()
    {
        $this->CI =& get_instance();
        $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE;
        log_message('debug', "Encrypt Class Initialized");
    }
    // --------------------------------------------------------------------
    /**
     * Fetch the encryption key
     *
     * Returns it as MD5 in order to have an exact-length 128 bit key.
     * Mcrypt is sensitive to keys that are not the correct length
     *
     * @access  public
     * @param   string
     * @return  string
     */
    function get_key($key = '')
    {
        if ($key == '')
        {
            if ($this->encryption_key != '')
            {
                return $this->encryption_key;
            }
            $CI =& get_instance();
            $key = $CI->config->item('encryption_key');
            if ($key == FALSE)
            {
                show_error('In order to use the encryption class requires that you set an encryption key in your config file.');
            }
        }
        return md5($key);
    }
    // --------------------------------------------------------------------
    /**
     * Set the encryption key
     *
     * @access  public
     * @param   string
     * @return  void
     */
    function set_key($key = '')
    {
        $this->encryption_key = $key;
    }
    // --------------------------------------------------------------------
    /**
     * Encode
     *
     * Encodes the message string using bitwise XOR encoding.
     * The key is combined with a random hash, and then it
     * too gets converted using XOR. The whole thing is then run
     * through mcrypt (if supported) using the randomized key.
     * The end result is a double-encrypted message string
     * that is randomized with each call to this function,
     * even if the supplied message and key are the same.
     *
     * @access  public
     * @param   string  the string to encode
     * @param   string  the key
     * @return  string
     */
    function encode($string, $key = '')
    {
        $key = $this->get_key($key);
        if ($this->_mcrypt_exists === TRUE)
        {
            $enc = $this->mcrypt_encode($string, $key);
        }
        else
        {
            $enc = $this->_xor_encode($string, $key);
        }
        return base64_encode($enc);
    }
    // --------------------------------------------------------------------
    /**
     * Decode
     *
     * Reverses the above process
     *
     * @access  public
     * @param   string
     * @param   string
     * @return  string
     */
    function decode($string, $key = '')
    {
        $key = $this->get_key($key);
        if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
        {
            return FALSE;
        }
        $dec = base64_decode($string);
        if ($this->_mcrypt_exists === TRUE)
        {
            if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE)
            {
                return FALSE;
            }
        }
        else
        {
            $dec = $this->_xor_decode($dec, $key);
        }
        return $dec;
    }
    // --------------------------------------------------------------------
    /**
     * Encode from Legacy
     *
     * Takes an encoded string from the original Encryption class algorithms and
     * returns a newly encoded string using the improved method added in 2.0.0
     * This allows for backwards compatibility and a method to transition to the
     * new encryption algorithms.
     *
     * For more details, see http://codeigniter.com/user_guide/installation/upgrade_200.html#encryption
     *
     * @access  public
     * @param   string
     * @param   int     (mcrypt mode constant)
     * @param   string
     * @return  string
     */
    function encode_from_legacy($string, $legacy_mode = MCRYPT_MODE_ECB, $key = '')
    {
        if ($this->_mcrypt_exists === FALSE)
        {
            log_message('error', 'Encoding from legacy is available only when Mcrypt is in use.');
            return FALSE;
        }
        // decode it first
        // set mode temporarily to what it was when string was encoded with the legacy
        // algorithm - typically MCRYPT_MODE_ECB
        $current_mode = $this->_get_mode();
        $this->set_mode($legacy_mode);
        $key = $this->get_key($key);
        if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
        {
            return FALSE;
        }
        $dec = base64_decode($string);
        if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE)
        {
            return FALSE;
        }
        $dec = $this->_xor_decode($dec, $key);
        // set the mcrypt mode back to what it should be, typically MCRYPT_MODE_CBC
        $this->set_mode($current_mode);
        // and re-encode
        return base64_encode($this->mcrypt_encode($dec, $key));
    }
    // --------------------------------------------------------------------
    /**
     * XOR Encode
     *
     * Takes a plain-text string and key as input and generates an
     * encoded bit-string using XOR
     *
     * @access  private
     * @param   string
     * @param   string
     * @return  string
     */
    function _xor_encode($string, $key)
    {
        $rand = '';
        while (strlen($rand) < 32)
        {
            $rand .= mt_rand(0, mt_getrandmax());
        }
        $rand = $this->hash($rand);
        $enc = '';
        for ($i = 0; $i < strlen($string); $i++)
        {
            $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1));
        }
        return $this->_xor_merge($enc, $key);
    }
    // --------------------------------------------------------------------
    /**
     * XOR Decode
     *
     * Takes an encoded string and key as input and generates the
     * plain-text original message
     *
     * @access  private
     * @param   string
     * @param   string
     * @return  string
     */
    function _xor_decode($string, $key)
    {
        $string = $this->_xor_merge($string, $key);
        $dec = '';
        for ($i = 0; $i < strlen($string); $i++)
        {
            $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1));
        }
        return $dec;
    }
    // --------------------------------------------------------------------
    /**
     * XOR key + string Combiner
     *
     * Takes a string and key as input and computes the difference using XOR
     *
     * @access  private
     * @param   string
     * @param   string
     * @return  string
     */
    function _xor_merge($string, $key)
    {
        $hash = $this->hash($key);
        $str = '';
        for ($i = 0; $i < strlen($string); $i++)
        {
            $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1);
        }
        return $str;
    }
    // --------------------------------------------------------------------
    /**
     * Encrypt using Mcrypt
     *
     * @access  public
     * @param   string
     * @param   string
     * @return  string
     */
    function mcrypt_encode($data, $key)
    {
        $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
        $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND);
        return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key);
    }
    // --------------------------------------------------------------------
    /**
     * Decrypt using Mcrypt
     *
     * @access  public
     * @param   string
     * @param   string
     * @return  string
     */
    function mcrypt_decode($data, $key)
    {
        $data = $this->_remove_cipher_noise($data, $key);
        $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
        if ($init_size > strlen($data))
        {
            return FALSE;
        }
        $init_vect = substr($data, 0, $init_size);
        $data = substr($data, $init_size);
        return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0");
    }
    // --------------------------------------------------------------------
    /**
     * Adds permuted noise to the IV + encrypted data to protect
     * against Man-in-the-middle attacks on CBC mode ciphers
     * http://www.ciphersbyritter.com/GLOSSARY.HTM#IV
     *
     * Function description
     *
     * @access  private
     * @param   string
     * @param   string
     * @return  string
     */
    function _add_cipher_noise($data, $key)
    {
        $keyhash = $this->hash($key);
        $keylen = strlen($keyhash);
        $str = '';
        for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
        {
            if ($j >= $keylen)
            {
                $j = 0;
            }
            $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256);
        }
        return $str;
    }
    // --------------------------------------------------------------------
    /**
     * Removes permuted noise from the IV + encrypted data, reversing
     * _add_cipher_noise()
     *
     * Function description
     *
     * @access  public
     * @param   type
     * @return  type
     */
    function _remove_cipher_noise($data, $key)
    {
        $keyhash = $this->hash($key);
        $keylen = strlen($keyhash);
        $str = '';
        for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
        {
            if ($j >= $keylen)
            {
                $j = 0;
            }
            $temp = ord($data[$i]) - ord($keyhash[$j]);
            if ($temp < 0)
            {
                $temp = $temp + 256;
            }
            $str .= chr($temp);
        }
        return $str;
    }
    // --------------------------------------------------------------------
    /**
     * Set the Mcrypt Cipher
     *
     * @access  public
     * @param   constant
     * @return  string
     */
    function set_cipher($cipher)
    {
        $this->_mcrypt_cipher = $cipher;
    }
    // --------------------------------------------------------------------
    /**
     * Set the Mcrypt Mode
     *
     * @access  public
     * @param   constant
     * @return  string
     */
    function set_mode($mode)
    {
        $this->_mcrypt_mode = $mode;
    }
    // --------------------------------------------------------------------
    /**
     * Get Mcrypt cipher Value
     *
     * @access  private
     * @return  string
     */
    function _get_cipher()
    {
        if ($this->_mcrypt_cipher == '')
        {
            $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256;
        }
        return $this->_mcrypt_cipher;
    }
    // --------------------------------------------------------------------
    /**
     * Get Mcrypt Mode Value
     *
     * @access  private
     * @return  string
     */
    function _get_mode()
    {
        if ($this->_mcrypt_mode == '')
        {
            $this->_mcrypt_mode = MCRYPT_MODE_CBC;
        }
        return $this->_mcrypt_mode;
    }
    // --------------------------------------------------------------------
    /**
     * Set the Hash type
     *
     * @access  public
     * @param   string
     * @return  string
     */
    function set_hash($type = 'sha1')
    {
        $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type;
    }
    // --------------------------------------------------------------------
    /**
     * Hash encode a string
     *
     * @access  public
     * @param   string
     * @return  string
     */
    function hash($str)
    {
        return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str);
    }
    // --------------------------------------------------------------------
    /**
     * Generate an SHA1 Hash
     *
     * @access  public
     * @param   string
     * @return  string
     */
    function sha1($str)
    {
        if ( ! function_exists('sha1'))
        {
            if ( ! function_exists('mhash'))
            {
                require_once(BASEPATH.'libraries/Sha1.php');
                $SH = new CI_SHA;
                return $SH->generate($str);
            }
            else
            {
                return bin2hex(mhash(MHASH_SHA1, $str));
            }
        }
        else
        {
            return sha1($str);
        }
    }
}
// END CI_Encrypt class
/* End of file Encrypt.php */

Malinowski answered 19/11, 2019 at 12:35 Comment(1)

thanks, i m getting error in my code on godady server but but this solution work. – Crenulation 27/11, 2019 at 17:7

You should install the PHP mcrypt module;

sudo apt-get install php5-mcrypt
sudo php5enmod mcrypt

And normally you will be good ;)

Sanitarium answered 4/3, 2016 at 14:10 Comment(4)

Im not using ubuntu to develop my project, is there any way to install that php5-mcrypt from windows using xampp? my school is using ubuntu server. – Dunnage 4/3, 2016 at 14:15

I'm not a windows user, but i found this link that might be helpful for you myoddweb.com/2010/11/18/install-mcrypt-for-php-on-windows – Sanitarium 6/3, 2016 at 1:55

But I must advise you to switch to Linux. ^^ – Sanitarium 6/3, 2016 at 1:59

Don't forget to reload apache after doing this: service apache2 reload – Snowdrop 11/5, 2017 at 2:5

I was getting this error because i had switched from XAMPP(php5) to XAMPP(php7), for this I replaced my old CI->system->libraries->encrypt.php with new file here:encrypt.php, and it worked.

In this new file we check if mcrypt_encrypt is supported or not in __construct function with code below

   $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE;

and based on that we use different function between mcrypt_encode and _xor_encode like that.

Just to know, if you see this old file in __construct function you will see actual error checking

    if (($this->_mcrypt_exists = function_exists('mcrypt_encrypt')) === FALSE)
    {
        show_error('The Encrypt library requires the Mcrypt extension.');
    }

It worked for me.

Chimerical answered 10/6, 2019 at 9:43 Comment(2)

THIS works, cause it repairs wrong PHP functions that were designed for PHP 5.x in such old systems like Codeigniter 2 – Hen 28/1, 2020 at 16:53

Worked for me as well, Thank you. – Plenish 25/7, 2020 at 19:38

Solution works for me is

Before :

$autoload['libraries'] = array('database','session','upload','form_validation','encrypt','pagination');

After :

$autoload['libraries'] = array('database','session','upload','form_validation','pagination');

i just removed encrypt library from autoload libraries.

Pulver answered 13/4, 2019 at 2:30 Comment(0)

For php 7.2 version & Ubuntu system below commands works for me -

sudo apt-get -y install gcc make autoconf libc-dev pkg-config
sudo apt-get -y install php7.2-dev
sudo apt-get -y install libmcrypt-dev
pecl install mcrypt-1.0.1

Then it will shows a message that "You should add extension for mcrypt in php.ini"

extension=mcrypt.so

and restart the apache server

service apache2 restart
or
systemctl restart apache2

Beavers answered 23/9, 2020 at 10:52 Comment(0)

Sounds like you need to update your php version.

http://php.net/manual/en/mcrypt.requirements.php

Campanula answered 4/3, 2016 at 14:7 Comment(0)

Open your: /etc/php5/apache2/php.ini
Example: sudo gedit /etc/php5/apache2/php.ini
At line 1728, put this code:

extension=mcrypt.so

Then restart your Apache.

Aerobe answered 22/4, 2016 at 0:55 Comment(1)

No improvement for me – Raspberry 16/9, 2019 at 14:50

I was facing a similar problem so I placed this code into /system/libraris/Encrypt.php and now it is working fine.

<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/**
 * CodeIgniter
 *
 * An open source application development framework for PHP 5.1.6 or newer
 *
 * @package     CodeIgniter
 * @author      ExpressionEngine Dev Team
 * @copyright   Copyright (c) 2008 - 2011, EllisLab, Inc.
 * @license     http://codeigniter.com/user_guide/license.html
 * @link        http://codeigniter.com
 * @since       Version 1.0
 * @filesource
 */
// ------------------------------------------------------------------------
/**
 * CodeIgniter Encryption Class
 *
 * Provides two-way keyed encoding using XOR Hashing and Mcrypt
 *
 * @package     CodeIgniter
 * @subpackage  Libraries
 * @category    Libraries
 * @author      ExpressionEngine Dev Team
 * @link        http://codeigniter.com/user_guide/libraries/encryption.html
 */
class CI_Encrypt {
    var $CI;
    var $encryption_key = '';
    var $_hash_type = 'sha1';
    var $_mcrypt_exists = FALSE;
    var $_mcrypt_cipher;
    var $_mcrypt_mode;
    /**
     * Constructor
     *
     * Simply determines whether the mcrypt library exists.
     *
     */
    public function __construct()
    {
        $this->CI =& get_instance();
        $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE;
        log_message('debug', "Encrypt Class Initialized");
    }
    // --------------------------------------------------------------------
    /**
     * Fetch the encryption key
     *
     * Returns it as MD5 in order to have an exact-length 128 bit key.
     * Mcrypt is sensitive to keys that are not the correct length
     *
     * @access  public
     * @param   string
     * @return  string
     */
    function get_key($key = '')
    {
        if ($key == '')
        {
            if ($this->encryption_key != '')
            {
                return $this->encryption_key;
            }
            $CI =& get_instance();
            $key = $CI->config->item('encryption_key');
            if ($key == FALSE)
            {
                show_error('In order to use the encryption class requires that you set an encryption key in your config file.');
            }
        }
        return md5($key);
    }
    // --------------------------------------------------------------------
    /**
     * Set the encryption key
     *
     * @access  public
     * @param   string
     * @return  void
     */
    function set_key($key = '')
    {
        $this->encryption_key = $key;
    }
    // --------------------------------------------------------------------
    /**
     * Encode
     *
     * Encodes the message string using bitwise XOR encoding.
     * The key is combined with a random hash, and then it
     * too gets converted using XOR. The whole thing is then run
     * through mcrypt (if supported) using the randomized key.
     * The end result is a double-encrypted message string
     * that is randomized with each call to this function,
     * even if the supplied message and key are the same.
     *
     * @access  public
     * @param   string  the string to encode
     * @param   string  the key
     * @return  string
     */
    function encode($string, $key = '')
    {
        $key = $this->get_key($key);
        if ($this->_mcrypt_exists === TRUE)
        {
            $enc = $this->mcrypt_encode($string, $key);
        }
        else
        {
            $enc = $this->_xor_encode($string, $key);
        }
        return base64_encode($enc);
    }
    // --------------------------------------------------------------------
    /**
     * Decode
     *
     * Reverses the above process
     *
     * @access  public
     * @param   string
     * @param   string
     * @return  string
     */
    function decode($string, $key = '')
    {
        $key = $this->get_key($key);
        if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
        {
            return FALSE;
        }
        $dec = base64_decode($string);
        if ($this->_mcrypt_exists === TRUE)
        {
            if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE)
            {
                return FALSE;
            }
        }
        else
        {
            $dec = $this->_xor_decode($dec, $key);
        }
        return $dec;
    }
    // --------------------------------------------------------------------
    /**
     * Encode from Legacy
     *
     * Takes an encoded string from the original Encryption class algorithms and
     * returns a newly encoded string using the improved method added in 2.0.0
     * This allows for backwards compatibility and a method to transition to the
     * new encryption algorithms.
     *
     * For more details, see http://codeigniter.com/user_guide/installation/upgrade_200.html#encryption
     *
     * @access  public
     * @param   string
     * @param   int     (mcrypt mode constant)
     * @param   string
     * @return  string
     */
    function encode_from_legacy($string, $legacy_mode = MCRYPT_MODE_ECB, $key = '')
    {
        if ($this->_mcrypt_exists === FALSE)
        {
            log_message('error', 'Encoding from legacy is available only when Mcrypt is in use.');
            return FALSE;
        }
        // decode it first
        // set mode temporarily to what it was when string was encoded with the legacy
        // algorithm - typically MCRYPT_MODE_ECB
        $current_mode = $this->_get_mode();
        $this->set_mode($legacy_mode);
        $key = $this->get_key($key);
        if (preg_match('/[^a-zA-Z0-9\/\+=]/', $string))
        {
            return FALSE;
        }
        $dec = base64_decode($string);
        if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE)
        {
            return FALSE;
        }
        $dec = $this->_xor_decode($dec, $key);
        // set the mcrypt mode back to what it should be, typically MCRYPT_MODE_CBC
        $this->set_mode($current_mode);
        // and re-encode
        return base64_encode($this->mcrypt_encode($dec, $key));
    }
    // --------------------------------------------------------------------
    /**
     * XOR Encode
     *
     * Takes a plain-text string and key as input and generates an
     * encoded bit-string using XOR
     *
     * @access  private
     * @param   string
     * @param   string
     * @return  string
     */
    function _xor_encode($string, $key)
    {
        $rand = '';
        while (strlen($rand) < 32)
        {
            $rand .= mt_rand(0, mt_getrandmax());
        }
        $rand = $this->hash($rand);
        $enc = '';
        for ($i = 0; $i < strlen($string); $i++)
        {
            $enc .= substr($rand, ($i % strlen($rand)), 1).(substr($rand, ($i % strlen($rand)), 1) ^ substr($string, $i, 1));
        }
        return $this->_xor_merge($enc, $key);
    }
    // --------------------------------------------------------------------
    /**
     * XOR Decode
     *
     * Takes an encoded string and key as input and generates the
     * plain-text original message
     *
     * @access  private
     * @param   string
     * @param   string
     * @return  string
     */
    function _xor_decode($string, $key)
    {
        $string = $this->_xor_merge($string, $key);
        $dec = '';
        for ($i = 0; $i < strlen($string); $i++)
        {
            $dec .= (substr($string, $i++, 1) ^ substr($string, $i, 1));
        }
        return $dec;
    }
    // --------------------------------------------------------------------
    /**
     * XOR key + string Combiner
     *
     * Takes a string and key as input and computes the difference using XOR
     *
     * @access  private
     * @param   string
     * @param   string
     * @return  string
     */
    function _xor_merge($string, $key)
    {
        $hash = $this->hash($key);
        $str = '';
        for ($i = 0; $i < strlen($string); $i++)
        {
            $str .= substr($string, $i, 1) ^ substr($hash, ($i % strlen($hash)), 1);
        }
        return $str;
    }
    // --------------------------------------------------------------------
    /**
     * Encrypt using Mcrypt
     *
     * @access  public
     * @param   string
     * @param   string
     * @return  string
     */
    function mcrypt_encode($data, $key)
    {
        $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
        $init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND);
        return $this->_add_cipher_noise($init_vect.mcrypt_encrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), $key);
    }
    // --------------------------------------------------------------------
    /**
     * Decrypt using Mcrypt
     *
     * @access  public
     * @param   string
     * @param   string
     * @return  string
     */
    function mcrypt_decode($data, $key)
    {
        $data = $this->_remove_cipher_noise($data, $key);
        $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
        if ($init_size > strlen($data))
        {
            return FALSE;
        }
        $init_vect = substr($data, 0, $init_size);
        $data = substr($data, $init_size);
        return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0");
    }
    // --------------------------------------------------------------------
    /**
     * Adds permuted noise to the IV + encrypted data to protect
     * against Man-in-the-middle attacks on CBC mode ciphers
     * http://www.ciphersbyritter.com/GLOSSARY.HTM#IV
     *
     * Function description
     *
     * @access  private
     * @param   string
     * @param   string
     * @return  string
     */
    function _add_cipher_noise($data, $key)
    {
        $keyhash = $this->hash($key);
        $keylen = strlen($keyhash);
        $str = '';
        for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
        {
            if ($j >= $keylen)
            {
                $j = 0;
            }
            $str .= chr((ord($data[$i]) + ord($keyhash[$j])) % 256);
        }
        return $str;
    }
    // --------------------------------------------------------------------
    /**
     * Removes permuted noise from the IV + encrypted data, reversing
     * _add_cipher_noise()
     *
     * Function description
     *
     * @access  public
     * @param   type
     * @return  type
     */
    function _remove_cipher_noise($data, $key)
    {
        $keyhash = $this->hash($key);
        $keylen = strlen($keyhash);
        $str = '';
        for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
        {
            if ($j >= $keylen)
            {
                $j = 0;
            }
            $temp = ord($data[$i]) - ord($keyhash[$j]);
            if ($temp < 0)
            {
                $temp = $temp + 256;
            }
            $str .= chr($temp);
        }
        return $str;
    }
    // --------------------------------------------------------------------
    /**
     * Set the Mcrypt Cipher
     *
     * @access  public
     * @param   constant
     * @return  string
     */
    function set_cipher($cipher)
    {
        $this->_mcrypt_cipher = $cipher;
    }
    // --------------------------------------------------------------------
    /**
     * Set the Mcrypt Mode
     *
     * @access  public
     * @param   constant
     * @return  string
     */
    function set_mode($mode)
    {
        $this->_mcrypt_mode = $mode;
    }
    // --------------------------------------------------------------------
    /**
     * Get Mcrypt cipher Value
     *
     * @access  private
     * @return  string
     */
    function _get_cipher()
    {
        if ($this->_mcrypt_cipher == '')
        {
            $this->_mcrypt_cipher = MCRYPT_RIJNDAEL_256;
        }
        return $this->_mcrypt_cipher;
    }
    // --------------------------------------------------------------------
    /**
     * Get Mcrypt Mode Value
     *
     * @access  private
     * @return  string
     */
    function _get_mode()
    {
        if ($this->_mcrypt_mode == '')
        {
            $this->_mcrypt_mode = MCRYPT_MODE_CBC;
        }
        return $this->_mcrypt_mode;
    }
    // --------------------------------------------------------------------
    /**
     * Set the Hash type
     *
     * @access  public
     * @param   string
     * @return  string
     */
    function set_hash($type = 'sha1')
    {
        $this->_hash_type = ($type != 'sha1' AND $type != 'md5') ? 'sha1' : $type;
    }
    // --------------------------------------------------------------------
    /**
     * Hash encode a string
     *
     * @access  public
     * @param   string
     * @return  string
     */
    function hash($str)
    {
        return ($this->_hash_type == 'sha1') ? $this->sha1($str) : md5($str);
    }
    // --------------------------------------------------------------------
    /**
     * Generate an SHA1 Hash
     *
     * @access  public
     * @param   string
     * @return  string
     */
    function sha1($str)
    {
        if ( ! function_exists('sha1'))
        {
            if ( ! function_exists('mhash'))
            {
                require_once(BASEPATH.'libraries/Sha1.php');
                $SH = new CI_SHA;
                return $SH->generate($str);
            }
            else
            {
                return bin2hex(mhash(MHASH_SHA1, $str));
            }
        }
        else
        {
            return sha1($str);
        }
    }
}
// END CI_Encrypt class
/* End of file Encrypt.php */

Lapsus answered 16/6, 2021 at 13:54 Comment(1)

Won't it be reverted/current once composer is updated? – Osana 3/6, 2022 at 12:56

-3

with php 7 and above mcrypt need not to be loaded manually so both of the solution will work.

$this->load->library('encrypt'); change to $this->load->library('encrypt');
Just remove encrypt from autoload

$autoload['libraries'] = array('database','session','upload','form_validation','encrypt','pagination');

Change to

$autoload['libraries'] = array('database','session','upload','form_validation','encrypt','pagination');

Cadelle answered 31/7, 2019 at 6:29 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags