Skip to content
Permalink
Browse files

Use OPENSSL constants rather than a bool

`OPENSSL_RAW_DATA` should be used rather than boolean `true` to specify the options for openssl_encrypt/openssl_decrypt.

Other options are `OPENSSL_ZERO_PADDING` (which has the value of 2), which can be useful to implement PKCS7 padding rather than the default null padding OpenSSL uses.

(If you want both, you need to provide the value of 3)
  • Loading branch information...
AshleyPinner committed Sep 14, 2015
1 parent 1f128dd commit a05d02db9d1f7e02e12a10505dc331cdd5924aec
Showing with 2 additions and 2 deletions.
  1. +2 −2 src/Utility/Crypto/OpenSsl.php
@@ -61,7 +61,7 @@ public static function encrypt($plain, $key, $hmacSalt = null)
$ivSize = openssl_cipher_iv_length($method);
$iv = openssl_random_pseudo_bytes($ivSize);
return $iv . openssl_encrypt($plain, $method, $key, true, $iv);
return $iv . openssl_encrypt($plain, $method, $key, OPENSSL_RAW_DATA, $iv);
}
/**
@@ -80,6 +80,6 @@ public static function decrypt($cipher, $key)
$iv = mb_substr($cipher, 0, $ivSize, '8bit');
$cipher = mb_substr($cipher, $ivSize, null, '8bit');
return openssl_decrypt($cipher, $method, $key, true, $iv);
return openssl_decrypt($cipher, $method, $key, OPENSSL_RAW_DATA, $iv);
}
}

0 comments on commit a05d02d

Please sign in to comment.
You can’t perform that action at this time.