This is an archived copy of the forum for reference purposes

Inconsitency in inline comments in fCryptography (symmetric)

posted by passcod 9 years ago

I am looking at adding support for PHPSecLib's AES/Rjindael implementation in fCryptography, and I have noticed the following inconsistency in the inline documentation:

In symmetricKeyEncrypt() :

// Set up the main encryption, we are gonna use AES-192 (also know as rijndael-192)
// in cipher feedback mode. Cipher feedback mode is chosen because no extra padding
// is added, ensuring we always get the exact same plaintext out of the decrypt method
$module   = mcrypt_module_open('rijndael-192', '', 'cfb', '');

and in symmetricKeyDecrypt() :

// Set up the main encryption, we are gonna use AES-256 (also know as rijndael-256) in cipher feedback mode
$module   = mcrypt_module_open('rijndael-192', '', 'cfb', '');

So which is it? AES/Rijndael 192 or 256? The code clearly uses 192, so this is not a problem per-se, just a mistake in the documentation, perhaps?

Yes, the classes uses AES 192. I believe I originally started with the idea of doing 256, but opted for 192.

posted by wbond 9 years ago