diff options
| author | ctrlaltca <> | 2012-07-10 17:18:44 +0000 |
|---|---|---|
| committer | ctrlaltca <> | 2012-07-10 17:18:44 +0000 |
| commit | 811d3d6880c85e80c4dc6194ed87edb4bfa2af3d (patch) | |
| tree | 107b87ff60548eb2915ed5df484ca0e63eedd552 /framework/Security | |
| parent | 698affb2df2750c9727d718b8ad0c9bab4cd9794 (diff) | |
TSecurityManager: switch from 3DES to AES256; from live tests it's 2.5 times faster, even if it adds a bit more overhead
Diffstat (limited to 'framework/Security')
| -rw-r--r-- | framework/Security/TSecurityManager.php | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/framework/Security/TSecurityManager.php b/framework/Security/TSecurityManager.php index 7eba92fe..89f1ff30 100644 --- a/framework/Security/TSecurityManager.php +++ b/framework/Security/TSecurityManager.php @@ -48,7 +48,7 @@ class TSecurityManager extends TModule private $_validationKey = null; private $_encryptionKey = null; private $_validation = TSecurityManagerValidationMode::SHA1; - private $_encryption = '3DES'; + private $_encryption = 'rijndael-256'; /** * Initializes the module. @@ -139,7 +139,7 @@ class TSecurityManager extends TModule } /** - * @return string the algorithm used to encrypt/decrypt data. Defaults to '3DES'. + * @return string the algorithm used to encrypt/decrypt data. Defaults to 'rijndael-256'. */ public function getEncryption() { @@ -151,7 +151,7 @@ class TSecurityManager extends TModule */ public function setEncryption($value) { - throw new TNotSupportedException('Currently only 3DES encryption is supported'); + throw new TNotSupportedException('Currently only rijndael-256 encryption is supported'); } /** @@ -165,7 +165,7 @@ class TSecurityManager extends TModule if(!function_exists('mcrypt_encrypt')) throw new TNotSupportedException('securitymanager_mcryptextension_required'); - $module = mcrypt_module_open(MCRYPT_3DES, '', MCRYPT_MODE_CBC, ''); + $module = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '', MCRYPT_MODE_CBC, ''); $key = substr(md5($this->getEncryptionKey()), 0, mcrypt_enc_get_key_size($module)); srand(); $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($module), MCRYPT_RAND); @@ -187,7 +187,7 @@ class TSecurityManager extends TModule if(!function_exists('mcrypt_decrypt')) throw new TNotSupportedException('securitymanager_mcryptextension_required'); - $module = mcrypt_module_open(MCRYPT_3DES, '', MCRYPT_MODE_CBC, ''); + $module = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '', MCRYPT_MODE_CBC, ''); $key = substr(md5($this->getEncryptionKey()), 0, mcrypt_enc_get_key_size($module)); $ivSize = mcrypt_enc_get_iv_size($module); $iv = substr($data, 0, $ivSize); |