php/yii2
1
0
Fork 0
mirror of https://github.com/yiisoft/yii2.git synced 2025-11-04 22:57:40 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #91 from ekerazha/patch-1

Browse Source 
Use AES-192 for encryption
This commit is contained in:
Qiang Xue
2013-05-04 17:21:04 -07:00
parent 6166e70f20 14781584f9
commit d81288f614
1 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
framework/helpers/base/SecurityHelper.php
View File

@ -42,7 +42,8 @@ class SecurityHelper
public static function encrypt($data, $key) public static function encrypt($data, $key)
{ {
$module = static::openCryptModule(); $module = static::openCryptModule();
$key = StringHelper::substr($key, 0, mcrypt_enc_get_key_size($module)); // 192-bit (24 bytes) key size
$key = StringHelper::substr($key, 0, 24);
srand(); srand();
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($module), MCRYPT_RAND); $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($module), MCRYPT_RAND);
mcrypt_generic_init($module, $key, $iv); mcrypt_generic_init($module, $key, $iv);
@ -63,7 +64,8 @@ class SecurityHelper
public static function decrypt($data, $key) public static function decrypt($data, $key)
{ {
$module = static::openCryptModule(); $module = static::openCryptModule();
$key = StringHelper::substr($key, 0, mcrypt_enc_get_key_size($module)); // 192-bit (24 bytes) key size
$key = StringHelper::substr($key, 0, 24);
$ivSize = mcrypt_enc_get_iv_size($module); $ivSize = mcrypt_enc_get_iv_size($module);
$iv = StringHelper::substr($data, 0, $ivSize); $iv = StringHelper::substr($data, 0, $ivSize);
mcrypt_generic_init($module, $key, $iv); mcrypt_generic_init($module, $key, $iv);
@ -148,7 +150,8 @@ class SecurityHelper
if (!extension_loaded('mcrypt')) { if (!extension_loaded('mcrypt')) {
throw new InvalidConfigException('The mcrypt PHP extension is not installed.'); throw new InvalidConfigException('The mcrypt PHP extension is not installed.');
} }
$module = @mcrypt_module_open('rijndael-256', '', MCRYPT_MODE_CBC, ''); // AES uses a 128-bit block size
$module = @mcrypt_module_open('rijndael-128', '', 'cbc', '');
if ($module === false) { if ($module === false) {
throw new Exception('Failed to initialize the mcrypt module.'); throw new Exception('Failed to initialize the mcrypt module.');
} }
@ -269,4 +272,4 @@ class SecurityHelper
$salt .= str_replace('+', '.', substr(base64_encode($rand), 0, 22)); $salt .= str_replace('+', '.', substr(base64_encode($rand), 0, 22));
return $salt; return $salt;
} }
} }