Use OpenSSL instead of Mcrypt in the examples

javiereguiluz · xabbuh · commit d6260a1ed086 · 2017-10-13T09:45:24.000+02:00
diff --git a/session/proxy_examples.rst b/session/proxy_examples.rst
@@ -87,19 +87,22 @@ guest sessions.
 Encryption of Session Data
 --------------------------
 
-If you wanted to encrypt the session data, you could use the proxy to encrypt
-and decrypt the session as required::
+If you want to encrypt the session data, you can use the proxy to encrypt and
+decrypt the session as required. The following example uses the `php-encryption`_
+library, but you can adapt it to any other library that you may be using::
 
     // src/AppBundle/Session/EncryptedSessionProxy.php
     namespace AppBundle\Session;
 
+    use Defuse\Crypto\Crypto;
+    use Defuse\Crypto\Key;
     use Symfony\Component\HttpFoundation\Session\Storage\Proxy\SessionHandlerProxy;
 
     class EncryptedSessionProxy extends SessionHandlerProxy
     {
         private $key;
 
-        public function __construct(\SessionHandlerInterface $handler, $key)
+        public function __construct(\SessionHandlerInterface $handler, Key $key)
         {
             $this->key = $key;
 
@@ -110,12 +113,12 @@ and decrypt the session as required::
         {
             $data = parent::read($id);
 
-            return mcrypt_decrypt(\MCRYPT_3DES, $this->key, $data);
+            return Crypto::decrypt($data, $this->key);
         }
 
         public function write($id, $data)
         {
-            $data = mcrypt_encrypt(\MCRYPT_3DES, $this->key, $data);
+            $data = Crypto::encrypt($data, $this->key);
 
             return parent::write($id, $data);
         }
@@ -154,3 +157,5 @@ can intercept the session before it is written::
             return parent::write($id, $data);
         }
     }
+
+.. _`php-encryption`: https://github.com/defuse/php-encryption

Original file line number	Diff line number	Diff line change
`@@ -87,19 +87,22 @@ guest sessions.`
`87`	`87`	`Encryption of Session Data`
`88`	`88`	`--------------------------`
`89`	`89`
`90`		`-If you wanted to encrypt the session data, you could use the proxy to encrypt`
`91`		`-and decrypt the session as required::`
	`90`	`+If you want to encrypt the session data, you can use the proxy to encrypt and`
	`91`	+decrypt the session as required. The following example uses the `php-encryption`_
	`92`	`+library, but you can adapt it to any other library that you may be using::`
`92`	`93`
`93`	`94`	`// src/AppBundle/Session/EncryptedSessionProxy.php`
`94`	`95`	`namespace AppBundle\Session;`
`95`	`96`
	`97`	`+ use Defuse\Crypto\Crypto;`
	`98`	`+ use Defuse\Crypto\Key;`
`96`	`99`	`use Symfony\Component\HttpFoundation\Session\Storage\Proxy\SessionHandlerProxy;`
`97`	`100`
`98`	`101`	`class EncryptedSessionProxy extends SessionHandlerProxy`
`99`	`102`	`{`
`100`	`103`	`private $key;`
`101`	`104`
`102`		`- public function __construct(\SessionHandlerInterface $handler, $key)`
	`105`	`+ public function __construct(\SessionHandlerInterface $handler, Key $key)`
`103`	`106`	`{`
`104`	`107`	`$this->key = $key;`
`105`	`108`
`@@ -110,12 +113,12 @@ and decrypt the session as required::`
`110`	`113`	`{`
`111`	`114`	`$data = parent::read($id);`
`112`	`115`
`113`		`- return mcrypt_decrypt(\MCRYPT_3DES, $this->key, $data);`
	`116`	`+ return Crypto::decrypt($data, $this->key);`
`114`	`117`	`}`
`115`	`118`
`116`	`119`	`public function write($id, $data)`
`117`	`120`	`{`
`118`		`- $data = mcrypt_encrypt(\MCRYPT_3DES, $this->key, $data);`
	`121`	`+ $data = Crypto::encrypt($data, $this->key);`
`119`	`122`
`120`	`123`	`return parent::write($id, $data);`
`121`	`124`	`}`
`@@ -154,3 +157,5 @@ can intercept the session before it is written::`
`154`	`157`	`return parent::write($id, $data);`
`155`	`158`	`}`
`156`	`159`	`}`
	`160`	`+`
	`161`	+.. _`php-encryption`: https://github.com/defuse/php-encryption