From: Roland Häder Date: Sun, 22 Jun 2008 16:00:33 +0000 (+0000) Subject: The 'key' for encryption can now be taken from fixed or daily-changed extra salt X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=bd76aca7b0d57400078d224e8dca9b3b4fb6a015;p=shipsimu.git The 'key' for encryption can now be taken from fixed or daily-changed extra salt --- diff --git a/inc/classes/main/crypto/class_CryptoHelper.php b/inc/classes/main/crypto/class_CryptoHelper.php index 2765abd..aab3784 100644 --- a/inc/classes/main/crypto/class_CryptoHelper.php +++ b/inc/classes/main/crypto/class_CryptoHelper.php @@ -168,7 +168,11 @@ class CryptoHelper extends BaseFrameworkSystem implements Cryptable { $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); // Get key - $key = md5($this->rngInstance->getFixedSalt()); + if ($this->getConfigInstance()->readConfig('crypt_fixed_salt') == "Y") { + $key = md5($this->rngInstance->getFixedSalt()); + } else { + $key = md5($this->rngInstance->getExtraSalt()); + } // Encrypt the string $encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $str, MCRYPT_MODE_ECB, $iv); @@ -189,7 +193,11 @@ class CryptoHelper extends BaseFrameworkSystem implements Cryptable { $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); // Get key - $key = md5($this->rngInstance->getFixedSalt()); + if ($this->getConfigInstance()->readConfig('crypt_fixed_salt') == "Y") { + $key = md5($this->rngInstance->getFixedSalt()); + } else { + $key = md5($this->rngInstance->getExtraSalt()); + } // Encrypt the string $str = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $encrypted, MCRYPT_MODE_ECB, $iv); diff --git a/inc/classes/main/helper/captcha/web/class_GraphicalCodeCaptcha.php b/inc/classes/main/helper/captcha/web/class_GraphicalCodeCaptcha.php index b3e3b55..6dcf0aa 100644 --- a/inc/classes/main/helper/captcha/web/class_GraphicalCodeCaptcha.php +++ b/inc/classes/main/helper/captcha/web/class_GraphicalCodeCaptcha.php @@ -100,7 +100,7 @@ class GraphicalCodeCaptcha extends BaseCaptcha implements SolveableCaptcha { $searchChars = $this->getConfigInstance()->readConfig('captcha_search_chars'); // Get fixed salt and use it as "replacement characters" - $replaceChars = $this->getRngInstance()->getFixedSalt(); + $replaceChars = $this->getRngInstance()->getExtraSalt(); // Remove any plus, equals or slashes for ($searchIdx = 0; $searchIdx < strlen($searchChars); $searchIdx++) { diff --git a/inc/config.php b/inc/config.php index 68f7d7c..145761f 100644 --- a/inc/config.php +++ b/inc/config.php @@ -269,5 +269,8 @@ $cfg->setConfigEntry('cookie_domain', $cfg->detectDomain()); // Is mostly the sa // CFG: COOKIE-SSL $cfg->setConfigEntry('cookie_ssl', (isset($_SERVER['HTTPS']))); +// CFG: CRYPT-FIXED-SALT +$cfg->setConfigEntry('crypt_fixed_salt', "N"); + // [EOF] ?>