Add AES from phpseclib and use it for cookie encryption
This replaces the deprecated and broken Blowfish implementation that has previously been used and should provide a lot more security.
Showing
- _test/tests/inc/auth_encryption.test.php 12 additions, 0 deletions_test/tests/inc/auth_encryption.test.php
- inc/auth.php 37 additions, 3 deletionsinc/auth.php
- inc/load.php 4 additions, 0 deletionsinc/load.php
- inc/phpseclib/Crypt_AES.php 188 additions, 0 deletionsinc/phpseclib/Crypt_AES.php
- inc/phpseclib/Crypt_Base.php 1989 additions, 0 deletionsinc/phpseclib/Crypt_Base.php
- inc/phpseclib/Crypt_Hash.php 823 additions, 0 deletionsinc/phpseclib/Crypt_Hash.php
- inc/phpseclib/Crypt_Rijndael.php 1374 additions, 0 deletionsinc/phpseclib/Crypt_Rijndael.php
- inc/phpseclib/LICENSE 21 additions, 0 deletionsinc/phpseclib/LICENSE
- inc/phpseclib/Math_BigInteger.php 3651 additions, 0 deletionsinc/phpseclib/Math_BigInteger.php
- inc/phpseclib/update.sh 8 additions, 0 deletionsinc/phpseclib/update.sh
Loading
Please register or sign in to comment