rspec/rules/S5547/php/how-to-fix-it/openssl.adoc

== How to fix it in OpenSSL

=== Code examples

include::../../common/fix/code-rationale.adoc[]

==== Noncompliant code example

[source,php,diff-id=11,diff-type=noncompliant]
----
openssl_encrypt($plaintext, "des-ofb", $key, $options=OPENSSL_RAW_DATA, $iv); // Noncompliant
----

==== Compliant solution

[source,php,diff-id=11,diff-type=compliant]
----
openssl_encrypt($plaintext, "aes-256-gcm", $key, $options=OPENSSL_RAW_DATA, $iv);
----

=== How does this work?

include::../../common/fix/strong-cryptography.adoc[]