Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter Installation & Setup encryption_key in CI 3.x
encryption_key in CI 3.x
  • Offline bjacobs
    Junior Member
  • **
  • Posts: 14
    Threads: 9
    Joined: Feb 2017
    Reputation: 0
#1
08-18-2017, 10:50 AM

I know in CI 3.x the instructions are:

Code:
$this->load->library('encryption');
$key = $this->encryption->create_key(16);
// Get a hex-encoded representation of the key:
$key = bin2hex($this->encryption->create_key(16));

// Put the same value in your config with hex2bin(),
// so that it is still passed as binary to the library:
$config['encryption_key'] = hex2bin(<your hex-encoded key>);


So the $config setting goes in config.php. But where do the top 3 lines go? Just in any controller? In my base controller? Somewhere else? Clearly you can't use $this outside of an object.
Reply
  • Offline skunkbad
    Senior Citizen
  • *****
  • Posts: 1,300
    Threads: 63
    Joined: Oct 2014
    Reputation: 86
#2
08-18-2017, 11:35 PM
(This post was last modified: 08-18-2017, 11:37 PM by skunkbad.)

Yes, you just set up a temporary controller. Here's mine:


PHP Code:
<?php 
defined('BASEPATH') OR exit('No direct script access allowed');

/**
 * Community Auth - Key Creator Controller
 *
 * Community Auth is an open source authentication application for CodeIgniter 3
 *
 * @package     Community Auth
 * @author      Robert B Gottier
 * @copyright   Copyright (c) 2011 - 2017, Robert B Gottier. (http://brianswebdesign.com/)
 * @license     BSD - http://www.opensource.org/licenses/BSD-3-Clause
 * @link        http://community-auth.com
 */

class Key_creator extends CI_Controller{
    
    /**
     * The key creator is only available if there is no current encryption key.
     * If for some reason you'd like to use this controller and you already
     * have an encryption key set in config/config, comment out lines 27 and 28.
     */
    public function __construct()
    {
        parent::__construct();

        if( ! empty( config_item('encryption_key') ) )
            show_404();
    }

    // -----------------------------------------------------------------------

    /**
     * Choose an encryption cipher
     */
    public function index()
    {
        $this->load->helper('url');

        $options = [
            '16?cipher='  urlencode('AES-128 / Rijndael-128'    => 'AES-128 / Rijndael-128 (CodeIgniter Default)',
            '24?cipher='  urlencode('AES-192'                   => 'AES-192',
            '32?cipher='  urlencode('AES-256'                   => 'AES-256',
            '7?cipher='   urlencode('DES'                       => 'DES',
            '7?cipher='   urlencode('TripleDES (56 bit)'        => 'TripleDES (56 bit)',
            '14?cipher='  urlencode('TripleDES (112 bit)'       => 'TripleDES (112 bit)',
            '21?cipher='  urlencode('TripleDES (168 bit)'       => 'TripleDES (168 bit)',
            '16?cipher='  urlencode('Blowfish (128 bit)'        => 'Blowfish (128 bit)',
            '32?cipher='  urlencode('Blowfish (256 bit)'        => 'Blowfish (256 bit)',
            '48?cipher='  urlencode('Blowfish (384 bit)'        => 'Blowfish (384 bit)',
            '56?cipher='  urlencode('Blowfish (448 bit)'        => 'Blowfish (448 bit)',
            '11?cipher='  urlencode('CAST5 / CAST-128 (88 bit)' => 'CAST5 / CAST-128 (88 bit)',
            '16?cipher='  urlencode('CAST5 / CAST-128 (128 bit)') => 'CAST5 / CAST-128 (128 bit)',
            '5?cipher='   urlencode('RC4 / ARCFour (40 bit)'    => 'RC4 / ARCFour (40 bit)',
            '256?cipher=' urlencode('RC4 / ARCFour (2048 bit)'  => 'RC4 / ARCFour (2048 bit)'
        ];

        echo '<h1>Encryption Key Creator</h1>
        <p>Community Auth uses Blowfish for password hashing, but only for passwords created where PHP < v5.5.</p>
        <p>Community Auth also uses Blowfish for session encryption.</p>
        <p>More Information: <a href="https://www.codeigniter.com/user_guide/libraries/encryption.html" target="_blank">CodeIgniter Documentation for Encryption Library</a></p>
        <h2>Choose an Encryption Cipher:</h2>
        <ul>';

        foreach( $options as $k => $v )
        {
            echo '<li>' anchor'key_creator/create/' $k$v ) . '</li>';
        }

        echo '</ul>';
    }
    
    // -----------------------------------------------------------------------

    /**
     * Create an encryption key for config/config
     */
    public function create$length 16 )
    {
        $this->load->library('encryption');

        $cipher $this->input->get('cipher')
            ? urldecode$this->input->get('cipher') )
            : $length ' byte key';

        $key bin2hex$this->encryption->create_key$length ) );

        echo '// ' $cipher '<br /> 
        $config[\'encryption_key\'] = hex2bin(\'' $key '\');';
    }
    
    // -----------------------------------------------------------------------
}

/* End of file Key_creator */
/* Location: /community_auth/controllers/Key_creator.php */ 
Expert Website Development - Temecula, CA
Community Auth For CodeIgniter 3
Reply
  • Offline Narf
    Me
  • *******
  • Posts: 1,589
    Threads: 1
    Joined: Oct 2014
    Reputation: 121
#3
08-21-2017, 12:46 AM

If you run PHP 7, just run this on the command line:

Code:
php -r 'echo bin2hex(random_bytes(16)), "\n";'
Reply
  • Offline bjacobs
    Junior Member
  • **
  • Posts: 14
    Threads: 9
    Joined: Feb 2017
    Reputation: 0
#4
08-21-2017, 07:12 AM

Oh gotcha. I thought it was supposed to make a new key each time. Didn't realize you make it just once and paste it in there. Thanks!
Reply




Theme © iAndrew 2016 - Forum software by © MyBB