Encryption Library — CodeIgniter 3.1.13 documentation

[PocketOption]

Encryption Library -- CodeIgniter 3.1.13 documentation

Encryption Library¶
DO NOT use this or any other encryption library for user password storage! Passwords must be hashed instead, and you should do that via PHP's own Password Hashing extension.
The Encryption Library provides two-way data encryption. To do so in a cryptographically secure way, it utilizes PHP extensions that are unfortunately not always available on all systems. You must meet one of the following dependencies in order to use this library:
If neither of the above dependencies is met, we simply cannot offer you a good enough implementation to meet the high standards required for proper cryptography.
Using the Encryption Library¶
Initializing the Class¶
Like most other classes in CodeIgniter, the Encryption library is initialized in your controller using the $this->load->library() method:
Once loaded, the Encryption library object will be available using:
Default behavior¶
By default, the Encryption Library will use the AES-128 cipher in CBC mode, using your configured encryption_key and SHA512 HMAC authentication.
AES-128 is chosen both because it is proven to be strong and because of its wide availability across different cryptographic software and programming languages' APIs.
However, the encryption_key is not used as is.
If you are somewhat familiar with cryptography, you should already know that a HMAC also requires a secret key and using the same key for both encryption and authentication is a bad practice.
Because of that, two separate keys are derived from your already configured encryption_key : one for encryption and one for authentication. This is done via a technique called HMAC-based Key Derivation Function (HKDF).
Setting your encryption_key¶
An encryption key is a piece of information that controls the cryptographic process and permits a plain-text string to be encrypted, and afterwards - decrypted. It is the secret "ingredient" in the whole process that allows you to be the only one who is able to decrypt data that you've decided to hide from the eyes of the public. After one key is used to encrypt data, that same key provides the only means to decrypt it, so not only must you chose one carefully, but you must not lose it or you will also lose access to the data.
It must be noted that to ensure maximum security, such key should not only be as strong as possible, but also often changed. Such behavior however is rarely practical or possible to implement, and that is why CodeIgniter gives you the ability to configure a single key that is to be used (almost) every time.
It goes without saying that you should guard your key carefully. Should someone gain access to your key, the data will be easily decrypted. If your server is not totally under your control it's impossible to ensure key security so you may want to think carefully before using it for anything that requires high security, like storing credit card numbers.
Your encryption key must be as long as the encyption algorithm in use allows. For AES-128, that's 128 bits or 16 bytes (charcters) long. You will find a table below that shows the supported key lengths of different ciphers.
The key should be as random as possible and it must not be a regular text string, nor the output of a hashing function, etc. In order to create a proper key, you must use the Encryption library's create_key() method.
The key can be either stored in your application/config/config.php , or you can design your own storage mechanism and pass the key dynamically when encrypting/decrypting.
To save your key to your application/config/config.php , open the file and set:
You'll notice that the create_key() method outputs binary data, which is hard to deal with (i.e. a copy-paste may damage it), so you may use bin2hex() , hex2bin() or Base64-encoding to work with the key in a more friendly manner. For example:

If you have any thoughts relating to in which and how to use binary options live trader, you can contact us at the internet site.

Source: Encryption Library -- CodeIgniter 3.1.13 documentation

http://binaryoptionsreview.space/?qa=feed&qa_1=qa.rss