• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Is there an Encryption class? What am I missing?

#1
I decided that I'd take a look at CI4 tonight. Based on the docs I found, I first tried to install it through composer:


Code:
composer create-project codeigniter4/framework


That didn't work out so well. Seemed like I was missing files or something. I just wanted to create a new encryption key, but couldn't load the service, and couldn't even find a file named Encryption anywhere.

Next I went over to github and downloaded the develop branch, unpacked it and tried again. Still don't see a encryption class. Can't find it anywhere, so I gave up.

I'm disappointed. I've been working on a new authentication package for any PHP project, and was going to start in on a CI4 adapter. Can't get past step 1. I'm not shy about composer usage, and I can normally figure out the basics of a framework in a couple hours. Not happy, so I'm going to bed.
Reply

#2
Long story short - encryption isn't there at the moment.
It is done & tested, but relies on php7.2.
Once the minimum version for CI4 gets bumped to 7.2, it can slide in.
Reply

#3
(08-25-2018, 01:05 AM)ciadmin Wrote: Long story short - encryption isn't there at the moment.
It is done & tested, but relies on php7.2.
Once the minimum version for CI4 gets bumped to 7.2, it can slide in.

OK, thanks. I suppose I'll start with a CI3 adapter just for practice.
Reply

#4
Hello, if encryption relies on PHP 7.2 maybe provide a simple fall-back alternative for those with 7.1 or hosting that just doesn't have the module? I decided to use Open SSL encryption, with examples from this guy
https://bhoover.com/using-php-openssl_en...crypt-data
...or maybe....by the time CI4 comes out 7.2 will be more widespread and available. Is Sodium the encryption module that CI4 will use?
Wait, what?
Reply

#5
Encryption is now not planned as part of CI4 - suggesting instead https://paragonie.com/project/halite
It does everything we were going to do, and has the advantage of being proven.
Why re-invent the wheel when we don't have to Smile
Reply

#6
Thanks, I'll try it out. Will there be a forum/recommended list of extensions/plugins for CI4?
Wait, what?
Reply

#7
@Leo - what are using encryption for? I've almost never used that library myself so trying to understand use cases.
Support Development  • Practical CodeIgniter 3  •
Myth:AuthVulcan - CLI Tools for CI4
Reply

#8
(09-27-2018, 01:39 PM)kilishan Wrote: @Leo - what are using encryption for? I've almost never used that library myself so trying to understand use cases.


Hi Kilishan, this is a good point, one such use for encryption, well a practical one, is say storing a SMTP password, encrypting it storing it in the database and then decrypting it to use again for email transport.

This means if a hacker got your database, they would also need the encryption key as well to uncover the SMTP password which is stored in the config file. I think it is a two layer safety net. They would need to hack your db and get access to your server code.
Practical guide to IgnitedCMS - Book coming soon
Reply

#9
@Leo There will be a "Curated list of compatible addins, details to be announced later", from https://forum.codeigniter.com/thread-71705.html
Reply

#10
I agree there are lots of uses for Encryption, but there is no need to re-invent the wheel Undecided
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.