[5.5] iv initialize in encrypt(): remove magic literal #18684
Conversation
|
Can you explain this change this in detail, please? |
|
Basically this function will get the required iv length for each cipher, currently we support It does make sense to use this function instead of hardcoding 16 there... |
|
Hello, Sorry for too short comment. IV length varies for different ciphers. Currently Encrypter uses only AES and 16 bytes long IV is valid for both 128 and 256 variants it supports, but cipher whitelist may change in future. Actually, it should change because even if AES is the best symmetric cipher ever, in some countries local regulations allows to use only locally certified ciphers for commercial applications. This commit removes unneeded IV length hardcode. Probably in future Encrypted class should have extended cipher whitelist OR capability to accept custom whitelist. |
|
@Snawoot: Is there any breaking change with this, or will everything that was encrypted in v5.4 be decryptable in v5.5? |
|
@tillkruss no changes in data representation will occur, everything will be decryptable |
GrahamCampbell
changed the title
No description provided.