- if (
- function_exists( 'openssl_encrypt' )
- && in_array( 'aes-256-ctr', openssl_get_cipher_methods(), true )
- ) {
- return [ 'openssl', 'aes-256-ctr' ];
- } elseif (
- function_exists( 'mcrypt_encrypt' )
- && in_array( 'rijndael-128', mcrypt_list_algorithms(), true )
- && in_array( 'ctr', mcrypt_list_modes(), true )
- ) {
- return [ 'mcrypt', 'rijndael-128', 'ctr' ];
- } elseif ( $wgSessionInsecureSecrets ) {
- // @todo: import a pure-PHP library for AES instead of this
- return [ 'insecure' ];
- } else {
+ if ( self::$encryptionAlgorithm === null ) {
+ if ( function_exists( 'openssl_encrypt' ) ) {
+ $methods = openssl_get_cipher_methods();
+ if ( in_array( 'aes-256-ctr', $methods, true ) ) {
+ self::$encryptionAlgorithm = [ 'openssl', 'aes-256-ctr' ];
+ return self::$encryptionAlgorithm;
+ }
+ if ( in_array( 'aes-256-cbc', $methods, true ) ) {
+ self::$encryptionAlgorithm = [ 'openssl', 'aes-256-cbc' ];
+ return self::$encryptionAlgorithm;
+ }
+ }
+
+ if ( function_exists( 'mcrypt_encrypt' )
+ && in_array( 'rijndael-128', mcrypt_list_algorithms(), true )
+ ) {
+ $modes = mcrypt_list_modes();
+ if ( in_array( 'ctr', $modes, true ) ) {
+ self::$encryptionAlgorithm = [ 'mcrypt', 'rijndael-128', 'ctr' ];
+ return self::$encryptionAlgorithm;
+ }
+ if ( in_array( 'cbc', $modes, true ) ) {
+ self::$encryptionAlgorithm = [ 'mcrypt', 'rijndael-128', 'cbc' ];
+ return self::$encryptionAlgorithm;
+ }
+ }
+
+ if ( $wgSessionInsecureSecrets ) {
+ // @todo: import a pure-PHP library for AES instead of this
+ self::$encryptionAlgorithm = [ 'insecure' ];
+ return self::$encryptionAlgorithm;
+ }
+