tdlm
commented
6 years ago Gave this a review and test, and as far as I can tell, it works without errors and looks good to me.
Closed r-a-y closed 6 years ago
tdlm
commented
6 years ago Gave this a review and test, and as far as I can tell, it works without errors and looks good to me.
kevinlangleyjr
commented
6 years ago Thanks for this @r-a-y!
r-a-y
commented
6 years ago Thanks for merging!
As for what I mentioned above:
In the PR, due to the usage of hash_equals(), this bumps the PHP requirement to 5.6.
If you'd rather omit hash_equals(), the PHP requirement drops to PHP 5.3.3. PHP also needs to have the openssl module enabled. I haven't done any checks for these things in this PR.
We should make sure that the plugin gracefully bails out of plugin execution if the current install does not support PHP 5.6 or if openssl is not compiled with PHP.
See #19.
mcrypt is deprecated in PHP 7.1.
In the PR, due to the usage of
hash_equals(), this bumps the PHP requirement to 5.6.If you'd rather omit
hash_equals(), the PHP requirement drops to PHP 5.3.3. PHP also needs to have the openssl module enabled. I haven't done any checks for these things in this PR.For the cipher, I picked
AES-128-ECBas it is similar to what you were using in mcrypt, but feel free to change.