- changed mcrypt() functions to openssl() functions, closed #422

- removed mcrypt from required PHP extensions -> updated /setup page
2017-01-14 14:37:31 +01:00
parent ab5349b806
commit aa78d0c4e0
3 changed files with 5 additions and 10 deletions
--- a/app/main/controller/ccp/sso.php
+++ b/app/main/controller/ccp/sso.php
@@ -130,7 +130,7 @@ class Sso extends Api\User{
            // redirect to CCP SSO ----------------------------------------------------------------------

            // used for "state" check between request and callback
-            $state = bin2hex(mcrypt_create_iv(12, MCRYPT_DEV_URANDOM));
+            $state = bin2hex( openssl_random_pseudo_bytes(12) );
            $f3->set(self::SESSION_KEY_SSO_STATE, $state);

            $urlParams = [
--- a/app/main/controller/controller.php
+++ b/app/main/controller/controller.php
@@ -11,6 +11,7 @@ use Controller\Api as Api;
 use Controller\Ccp\Sso as Sso;
 use lib\Config;
 use lib\Socket;
+use Lib\Util;
 use Model;
 use DB;

@@ -204,12 +205,12 @@ class Controller {
            // unique "selector" -> to facilitate database look-ups (small size)
            // -> This is preferable to simply using the database id field,
            // which leaks the number of active users on the application
-            $selector = bin2hex(mcrypt_create_iv(12, MCRYPT_DEV_URANDOM));
+            $selector = bin2hex( openssl_random_pseudo_bytes(12) );

            // generate unique "validator" (strong encryption)
            // -> plaintext set to user (cookie), hashed version of this in DB
-            $size = mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB);
-            $validator = bin2hex(mcrypt_create_iv($size, MCRYPT_DEV_URANDOM));
+            $size = openssl_cipher_iv_length('aes-256-cbc');
+            $validator = bin2hex(openssl_random_pseudo_bytes($size) );

            // generate unique cookie token
            $token = hash('sha256', $validator);
--- a/app/main/controller/setup.php
+++ b/app/main/controller/setup.php
@@ -442,12 +442,6 @@ class Setup extends Controller {
                'version' => extension_loaded('openssl') ? 'installed' : 'missing',
                'check' => extension_loaded('openssl')
            ],
-            'ext_mcrypt' => [
-                'label' => 'Mcrypt',
-                'required' => 'installed',
-                'version' => (extension_loaded('mcrypt')) ? 'installed' : 'missing',
-                'check' => extension_loaded('mcrypt')
-            ],
            'ext_xml' => [
                'label' => 'XML',
                'required' => 'installed',