Update default encryption mode to GCM #5749
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
I feel like it's best that we do this in 9.x and add a note to the upgrade guide about it. Also pinging @jasonmccreary to make sure Laravel Shift doesn't automatically updates the config for this. |
|
@driesvints, I can ensure Shift follows any Laravel recommendation. 👍 |
|
I will consider it for the Laravel 9 release. |
|
This looks to be still not released yet Line 126 in b331e10 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This has been attempted, and even merged (but reverted), before: #5674
The reason for reverting has been resolved (laravel/framework#38594) since
8.58.0which is lower than the required version incomposer.json.This means that GCM is now ready to be the default mode.
GCM is preferred due to smaller payload, better performance and built in
authenticated encryptioninstead of having to calculate themacin application code which is the case for CBC mode (although of course done correctly in Laravel).My only concern is that I have seen some people blindly updating their configs to the latest version, and changing this is not BC. All sessions will be reset and of course any encrypted data will have to be decrypted using the old mode and then re-encrypted using the new mode.
So, any existing app should either keep using CBC mode, or carefully build a migration plan. We did migrate from CBC to CGM in a production app a few months ago successfully (no sessions invalidated) but we only used encryption for cookies. We built a custom encryptor that attempted both modes for decryption during a short transition period.