Skip to content

Commit

Permalink
Merge branch 'master' of https://github.com/yiisoft/yii2
Browse files Browse the repository at this point in the history
  • Loading branch information
qiangxue committed May 5, 2013
2 parents 6e779e0 + d81288f commit eecd126
Showing 1 changed file with 7 additions and 4 deletions.
11 changes: 7 additions & 4 deletions framework/helpers/base/SecurityHelper.php
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,8 @@ class SecurityHelper
public static function encrypt($data, $key)
{
$module = static::openCryptModule();
$key = StringHelper::substr($key, 0, mcrypt_enc_get_key_size($module));
// 192-bit (24 bytes) key size
$key = StringHelper::substr($key, 0, 24);
srand();
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($module), MCRYPT_RAND);
mcrypt_generic_init($module, $key, $iv);
Expand All @@ -63,7 +64,8 @@ public static function encrypt($data, $key)
public static function decrypt($data, $key)
{
$module = static::openCryptModule();
$key = StringHelper::substr($key, 0, mcrypt_enc_get_key_size($module));
// 192-bit (24 bytes) key size
$key = StringHelper::substr($key, 0, 24);
$ivSize = mcrypt_enc_get_iv_size($module);
$iv = StringHelper::substr($data, 0, $ivSize);
mcrypt_generic_init($module, $key, $iv);
Expand Down Expand Up @@ -148,7 +150,8 @@ protected static function openCryptModule()
if (!extension_loaded('mcrypt')) {
throw new InvalidConfigException('The mcrypt PHP extension is not installed.');
}
$module = @mcrypt_module_open('rijndael-256', '', MCRYPT_MODE_CBC, '');
// AES uses a 128-bit block size
$module = @mcrypt_module_open('rijndael-128', '', 'cbc', '');
if ($module === false) {
throw new Exception('Failed to initialize the mcrypt module.');
}
Expand Down Expand Up @@ -269,4 +272,4 @@ protected static function generateSalt($cost = 13)
$salt .= str_replace('+', '.', substr(base64_encode($rand), 0, 22));
return $salt;
}
}
}

0 comments on commit eecd126

Please sign in to comment.