Merge pull request #611 from jim-parry/rework/encryption

Rework/encryption

Author: jim-parry

application/Config/Encryption.php

@@ -15,7 +15,7 @@ class Encryption extends BaseConfig
 {
 	/*
 	  |--------------------------------------------------------------------------
-	  | Encryption Key
+	  | Encryption Key Starter
 	  |--------------------------------------------------------------------------
 	  |
 	  | If you use the Encryption class you must set an encryption key.
@@ -30,27 +30,40 @@ class Encryption extends BaseConfig
 	  | Encryption driver to use
 	  |--------------------------------------------------------------------------
 	  |
-	  | One of the supported drivers, eg 'openssl' or 'mcrypt'.
-	  | The default driver, if you don't specify one, is 'openssl'.
+	  | One of the supported drivers, eg 'OpenSSL' or 'Sodium'.
+	  | The default driver, if you don't specify one, is 'OpenSSL'.
 	 */
-	public $driver = 'openssl';
+	public $driver = 'OpenSSL';
 
 	/*
 	  |--------------------------------------------------------------------------
 	  | Encryption Cipher
 	  |--------------------------------------------------------------------------
 	  |
-	  | Name of the encryption cipher to use, eg 'aes-256' or 'blowfish'
+	  | Name of the encryption cipher to use, eg 'aes-256' or 'blowfish'.
+	  | The cipher must be supported by your designated driver.
 	 */
-	public $cipher = 'aes-256';
+	public $cipher = 'AES-256-CBC';
 
 	/*
 	  |--------------------------------------------------------------------------
-	  | Encryption mode
+	  | Authentication digest
 	  |--------------------------------------------------------------------------
 	  |
-	  | The encryption mode to use, eg 'cbc' or 'stream'
+	  | HMAC digest algorithm to use, empty for none.
+	  | Values: SHA512, SHA384, SHA256, or SHA224.
 	 */
-	public $mode = 'cbc';
+	public $digest = 'SHA512';
+
+	/*
+	  |--------------------------------------------------------------------------
+	  | Result encoding
+	  |--------------------------------------------------------------------------
+	  |
+	  | Which, if any, encoding to apply to encrypted results and to assume
+	  | provided ciphertext.
+	  | Values; empty (for no encoding), base64 or hex.
+	 */
+	public $encoding = 'base64';
 
 }

system/Config/AutoloadConfig.php

@@ -144,6 +144,9 @@ public function __construct()
 			'CodeIgniter\Debug\Timer'						 => BASEPATH . 'Debug/Timer.php',
 			'CodeIgniter\Debug\Iterator'					 => BASEPATH . 'Debug/Iterator.php',
 			'CodeIgniter\Encryption\Encryption'				 => BASEPATH . 'Encryption/Encryption.php',
+			'CodeIgniter\Encryption\EncrypterInterface'		 => BASEPATH . 'Encryption/EncrypterInterface.php',
+			'CodeIgniter\Encryption\Handlers\BaseHandler'	 => BASEPATH . 'Encryption/Handlers/BaseHandler.php',
+			'CodeIgniter\Encryption\Handlers\OpenSSLHandler' => BASEPATH . 'Encryption/Handlers/OpenSSLHandler.php',
 			'CodeIgniter\Events\Events'						 => BASEPATH . 'Events/Events.php',
 			'CodeIgniter\HTTP\CLIRequest'					 => BASEPATH . 'HTTP/CLIRequest.php',
 			'CodeIgniter\HTTP\ContentSecurityPolicy'		 => BASEPATH . 'HTTP/ContentSecurityPolicy.php',

system/Encryption/EncrypterInterface.php

@@ -48,30 +48,16 @@ interface EncrypterInterface
 	 * Encrypt - convert plaintext into ciphertext
 	 *
 	 * @param	string	$data	Input data
-	 * @param	array	$params	Input parameters
 	 * @return	string
 	 */
-	public function encrypt($data, array $params = null);
+	public function encrypt($data);
 
 	/**
 	 * Decrypt - convert ciphertext into plaintext
 	 *
 	 * @param	string	$data	Encrypted data
-	 * @param	array	$params	Input parameters
 	 * @return	string
 	 */
-	public function decrypt($data, array $params = null);
+	public function decrypt($data);
 
-	/**
-	 * Create an HKDF random key
-	 *
-	 * @link	https://tools.ietf.org/rfc/rfc5869.txt
-	 * @param	$key	Input key
-	 * @param	$digest	A SHA-2 hashing algorithm
-	 * @param	$salt	Optional salt
-	 * @param	$length	Output length (defaults to the selected digest size)
-	 * @param	$info	Optional context/application-specific info
-	 * @return	string	A pseudo-random key
-	 */
-	public function hkdf($key, $digest = 'sha512', $salt = null, $length = null, $info = '');
 }