From 811d3d6880c85e80c4dc6194ed87edb4bfa2af3d Mon Sep 17 00:00:00 2001 From: ctrlaltca <> Date: Tue, 10 Jul 2012 17:18:44 +0000 Subject: TSecurityManager: switch from 3DES to AES256; from live tests it's 2.5 times faster, even if it adds a bit more overhead --- framework/Security/TSecurityManager.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'framework/Security') diff --git a/framework/Security/TSecurityManager.php b/framework/Security/TSecurityManager.php index 7eba92fe..89f1ff30 100644 --- a/framework/Security/TSecurityManager.php +++ b/framework/Security/TSecurityManager.php @@ -48,7 +48,7 @@ class TSecurityManager extends TModule private $_validationKey = null; private $_encryptionKey = null; private $_validation = TSecurityManagerValidationMode::SHA1; - private $_encryption = '3DES'; + private $_encryption = 'rijndael-256'; /** * Initializes the module. @@ -139,7 +139,7 @@ class TSecurityManager extends TModule } /** - * @return string the algorithm used to encrypt/decrypt data. Defaults to '3DES'. + * @return string the algorithm used to encrypt/decrypt data. Defaults to 'rijndael-256'. */ public function getEncryption() { @@ -151,7 +151,7 @@ class TSecurityManager extends TModule */ public function setEncryption($value) { - throw new TNotSupportedException('Currently only 3DES encryption is supported'); + throw new TNotSupportedException('Currently only rijndael-256 encryption is supported'); } /** @@ -165,7 +165,7 @@ class TSecurityManager extends TModule if(!function_exists('mcrypt_encrypt')) throw new TNotSupportedException('securitymanager_mcryptextension_required'); - $module = mcrypt_module_open(MCRYPT_3DES, '', MCRYPT_MODE_CBC, ''); + $module = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '', MCRYPT_MODE_CBC, ''); $key = substr(md5($this->getEncryptionKey()), 0, mcrypt_enc_get_key_size($module)); srand(); $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($module), MCRYPT_RAND); @@ -187,7 +187,7 @@ class TSecurityManager extends TModule if(!function_exists('mcrypt_decrypt')) throw new TNotSupportedException('securitymanager_mcryptextension_required'); - $module = mcrypt_module_open(MCRYPT_3DES, '', MCRYPT_MODE_CBC, ''); + $module = mcrypt_module_open(MCRYPT_RIJNDAEL_256, '', MCRYPT_MODE_CBC, ''); $key = substr(md5($this->getEncryptionKey()), 0, mcrypt_enc_get_key_size($module)); $ivSize = mcrypt_enc_get_iv_size($module); $iv = substr($data, 0, $ivSize); -- cgit v1.2.3