ulysia/szurubooru
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixed CBC encryption - added IV to cookie

Browse source
This commit is contained in:
Marcin Kurczewski 2014-04-21 09:31:41 +02:00
parent f1bc9c18b9
commit cc51d943e2
1 changed files with 15 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
src/Helpers/TextHelper.php
View file

@ -182,16 +182,25 @@ class TextHelper
$alg = MCRYPT_RIJNDAEL_256; $alg = MCRYPT_RIJNDAEL_256;
$mode = MCRYPT_MODE_CBC; $mode = MCRYPT_MODE_CBC;
$iv = mcrypt_create_iv(mcrypt_get_iv_size($alg, $mode), MCRYPT_RAND); $iv = mcrypt_create_iv(mcrypt_get_iv_size($alg, $mode), MCRYPT_RAND);
return trim(base64_encode(mcrypt_encrypt($alg, $salt, $text, $mode, $iv))); return base64_encode($iv) . '|' . base64_encode(mcrypt_encrypt($alg, $salt, $text, $mode, $iv));
} }
public static function decrypt($text) public static function decrypt($text)
{ {
$salt = \Chibi\Registry::getConfig()->main->salt; try
$alg = MCRYPT_RIJNDAEL_256; {
$mode = MCRYPT_MODE_CBC; $salt = \Chibi\Registry::getConfig()->main->salt;
$iv = mcrypt_create_iv(mcrypt_get_iv_size($alg, $mode), MCRYPT_RAND); list ($iv, $hash) = explode('|', $text, 2);
return trim(mcrypt_decrypt($alg, $salt, base64_decode($text), $mode, $iv)); $iv = base64_decode($iv);
$hash = base64_decode($hash);
$alg = MCRYPT_RIJNDAEL_256;
$mode = MCRYPT_MODE_CBC;
return trim(mcrypt_decrypt($alg, $salt, $hash, $mode, $iv));
}
catch (Exception $e)
{
throw new SimpleException('Supplied input is not valid encrypted text');
}
} }
public static function cleanPath($path) public static function cleanPath($path)