I’ve had a look in the code for the Security class but I will admit that it’s still a little nebulous.
I’m looking for encryption options (default and optional) for the password hashing/encryption.
I currently have a requirement for AES-256 level encryption on passwords and was wondering what yii2’s default was. My current assumption is that yii2 uses blowfish cypher by default which would be equivalent to AES-128 I think? (blowfish-cbc-plain:sha?)
How would one alter the configuration to bump this up? I can see that Security supports greater cypher options which is what has me confused. Not sure I fully grasp the order of things, which cypher is used on salt/hash/etc.
Any clarification would be great. Thanks guys.
PS: if simply pointing me in the right direction is easier for you. I’m looking to implement aes-cbc-plain/essiv:sha256 with a 512-bit key if that’s even an option. If you can tell me where to look to accomplish that it would be more than enough.