Comments (3)
I know about mcrypt, but there are some technical limitations on the external side that prevent us from using OpenSSL implementation right now (crappy hosting where entire PHP is broken).
from cantiga.
I guessed that this was the case. You can still change it to use MCRYPT_RIJNDAEL_128
instead of _256
. Citing:
MCRYPT_RIJNDAEL_256 refers to the version of the Rijndael cipher that operates on 256-bit blocks, not the version of the Rijndael cipher that uses 128-bit blocks and 256-bit keys. AES is only the 128-bit block version of Rijndael (which can use 128-, 192-, and 256-bit keys). So MCRYPT_RIJNDAEL_256 is not AES. AES is MCRYPT_RIJNDAEL_128.
The mcrypt methods determine the key size by the length of the string you pass in for the key. If you give it a 16-byte string, it'll use AES-128; if you give it a 32-byte string, it'll use AES-256.
Do not use MCRYPT_RIJNDAEL_256. Use MCRYPT_RIJNDAEL_128.
And add padding.
Follow the example from: https://paragonie.com/blog/2015/05/if-you-re-typing-word-mcrypt-into-your-code-you-re-doing-it-wrong
$message = json_encode($output);
if (mb_strlen($key, '8bit') !== 32) {
throw new \RuntimeException('The key must have the length of 32 bytes!');
}
$ivsize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128);
$iv = mcrypt_create_iv($ivsize, MCRYPT_DEV_URANDOM);
$block = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128);
$pad = $block - (mb_strlen($message, '8bit') % $block);
$message .= str_repeat(chr($pad), $pad);
$ciphertext = mcrypt_encrypt(
MCRYPT_RIJNDAEL_128,
$key,
$message,
MCRYPT_MODE_CBC,
$iv
);
return $iv.$ciphertext;
from cantiga.
OK, as a part of the system generalization project I can start work on this.
from cantiga.
Related Issues (20)
- Move EDK-specific code to a separate repository HOT 1
- Write unit tests for extension point code HOT 1
- One controller for three workspaces HOT 1
- Update unit tests to phpUnit 5
- Get rid of privacy options HOT 1
- Move membership information to a single DB table HOT 2
- Move QueryBuilder to Cantiga\Components and add unit tests
- Move Application Texts to a separate bundle
- Unit tests for ImporterService
- Mailing module: create the initial bundle structure
- Mailing module: mail limits management
- Mailing module: panel for viewing and sending e-mails
- Mailing module: view e-mails sent by child place
- Mailing module: distribution lists
- Mailing module: mailing backend
- Mailing module: integration with Mailgun
- Discussion module: moderators
- Discussion module: message removal
- New API for writing list queries
- Emulate and Run issue
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cantiga.