minor #7934 Use OpenSSL instead of Mcrypt in the examples (javiereguiluz)

xabbuh · xabbuh · commit 0c18a62f7d81 · 2017-10-13T09:45:52.000+02:00
This PR was squashed before being merged into the 2.7 branch (closes #7934). Discussion ---------- Use OpenSSL instead of Mcrypt in the examples This fixes #7925. Some comments: * openssl_*() functions are not documented on php.net (see http://php.net/manual/en/function.openssl-decrypt.php) so I used this article as a reference: http://thefsb.tumblr.com/post/110749271235/using-opensslendecrypt-in-php-instead-of * I think we don't need to use the `OPENSSL_RAW_DATA` or `OPENSSL_ZERO_PADDING` options ... but I'd like someone to verify this. * I can't find an equivalent of `\MCRYPT_3DES` so I used `\OPENSSL_ALGO_SHA1`. I'm not sure if that's correct. Commits ------- d6260a1 Use OpenSSL instead of Mcrypt in the examples
diff --git a/session/proxy_examples.rst b/session/proxy_examples.rst
@@ -88,19 +88,22 @@ guest sessions.
 Encryption of Session Data
 --------------------------
 
-If you wanted to encrypt the session data, you could use the proxy to encrypt
-and decrypt the session as required::
+If you want to encrypt the session data, you can use the proxy to encrypt and
+decrypt the session as required. The following example uses the `php-encryption`_
+library, but you can adapt it to any other library that you may be using::
 
     // src/AppBundle/Session/EncryptedSessionProxy.php
     namespace AppBundle\Session;
 
+    use Defuse\Crypto\Crypto;
+    use Defuse\Crypto\Key;
     use Symfony\Component\HttpFoundation\Session\Storage\Proxy\SessionHandlerProxy;
 
     class EncryptedSessionProxy extends SessionHandlerProxy
     {
         private $key;
 
-        public function __construct(\SessionHandlerInterface $handler, $key)
+        public function __construct(\SessionHandlerInterface $handler, Key $key)
         {
             $this->key = $key;
 
@@ -111,12 +114,12 @@ and decrypt the session as required::
         {
             $data = parent::read($id);
 
-            return mcrypt_decrypt(\MCRYPT_3DES, $this->key, $data);
+            return Crypto::decrypt($data, $this->key);
         }
 
         public function write($id, $data)
         {
-            $data = mcrypt_encrypt(\MCRYPT_3DES, $this->key, $data);
+            $data = Crypto::encrypt($data, $this->key);
 
             return parent::write($id, $data);
         }
@@ -155,3 +158,5 @@ can intercept the session before it is written::
             return parent::write($id, $data);
         }
     }
+
+.. _`php-encryption`: https://github.com/defuse/php-encryption

Original file line number	Diff line number	Diff line change
`@@ -88,19 +88,22 @@ guest sessions.`
`88`	`88`	`Encryption of Session Data`
`89`	`89`	`--------------------------`
`90`	`90`
`91`		`-If you wanted to encrypt the session data, you could use the proxy to encrypt`
`92`		`-and decrypt the session as required::`
	`91`	`+If you want to encrypt the session data, you can use the proxy to encrypt and`
	`92`	+decrypt the session as required. The following example uses the `php-encryption`_
	`93`	`+library, but you can adapt it to any other library that you may be using::`
`93`	`94`
`94`	`95`	`// src/AppBundle/Session/EncryptedSessionProxy.php`
`95`	`96`	`namespace AppBundle\Session;`
`96`	`97`
	`98`	`+ use Defuse\Crypto\Crypto;`
	`99`	`+ use Defuse\Crypto\Key;`
`97`	`100`	`use Symfony\Component\HttpFoundation\Session\Storage\Proxy\SessionHandlerProxy;`
`98`	`101`
`99`	`102`	`class EncryptedSessionProxy extends SessionHandlerProxy`
`100`	`103`	`{`
`101`	`104`	`private $key;`
`102`	`105`
`103`		`- public function __construct(\SessionHandlerInterface $handler, $key)`
	`106`	`+ public function __construct(\SessionHandlerInterface $handler, Key $key)`
`104`	`107`	`{`
`105`	`108`	`$this->key = $key;`
`106`	`109`
`@@ -111,12 +114,12 @@ and decrypt the session as required::`
`111`	`114`	`{`
`112`	`115`	`$data = parent::read($id);`
`113`	`116`
`114`		`- return mcrypt_decrypt(\MCRYPT_3DES, $this->key, $data);`
	`117`	`+ return Crypto::decrypt($data, $this->key);`
`115`	`118`	`}`
`116`	`119`
`117`	`120`	`public function write($id, $data)`
`118`	`121`	`{`
`119`		`- $data = mcrypt_encrypt(\MCRYPT_3DES, $this->key, $data);`
	`122`	`+ $data = Crypto::encrypt($data, $this->key);`
`120`	`123`
`121`	`124`	`return parent::write($id, $data);`
`122`	`125`	`}`
`@@ -155,3 +158,5 @@ can intercept the session before it is written::`
`155`	`158`	`return parent::write($id, $data);`
`156`	`159`	`}`
`157`	`160`	`}`
	`161`	`+`
	`162`	+.. _`php-encryption`: https://github.com/defuse/php-encryption