From 68dd5593cadad2eb87ba3e229d454049b96dce86 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Roland=20H=C3=A4der?= <roland@mxchange.org>
Date: Tue, 24 Jun 2008 21:19:29 +0000
Subject: [PATCH] Garbage added to encrypted string

---
 inc/classes/main/crypto/class_CryptoHelper.php      | 13 ++++++++++---
 .../helper/captcha/images/class_ImageHelper.php     |  2 +-
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/inc/classes/main/crypto/class_CryptoHelper.php b/inc/classes/main/crypto/class_CryptoHelper.php
index 681ec64..fbe2df4 100644
--- a/inc/classes/main/crypto/class_CryptoHelper.php
+++ b/inc/classes/main/crypto/class_CryptoHelper.php
@@ -178,8 +178,11 @@ class CryptoHelper extends BaseFrameworkSystem implements Cryptable {
 			$key = md5($this->rngInstance->getExtraSalt());
 		}
 
+		// Add some "garbage" to the string
+		$garbageString = md5($this->rngInstance->randomString(10))."|".base64_encode($str)."|".sha1($this->rngInstance->randomString(20));
+
 		// Encrypt the string
-		$encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $str, MCRYPT_MODE_ECB, $iv);
+		$encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $garbageString, MCRYPT_MODE_ECB, $iv);
 
 		// Return the string
 		return $encrypted;
@@ -203,8 +206,12 @@ class CryptoHelper extends BaseFrameworkSystem implements Cryptable {
 			$key = md5($this->rngInstance->getExtraSalt());
 		}
 
-		// Encrypt the string
-		$str = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $encrypted, MCRYPT_MODE_ECB, $iv);
+		// Decrypt the string
+		$garbageString = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $encrypted, MCRYPT_MODE_ECB, $iv);
+
+		// Get the real string out
+		$strArray = explode("|", $garbageString);
+		$str = base64_decode($strArray[1]);
 
 		// Trim trailing nulls away
 		$str = rtrim($str, "\0");
diff --git a/inc/classes/main/helper/captcha/images/class_ImageHelper.php b/inc/classes/main/helper/captcha/images/class_ImageHelper.php
index 48ad6f0..8d59e70 100644
--- a/inc/classes/main/helper/captcha/images/class_ImageHelper.php
+++ b/inc/classes/main/helper/captcha/images/class_ImageHelper.php
@@ -328,7 +328,7 @@ class ImageHelper extends BaseCaptcha implements HelpableTemplate {
 	public final function setFontSize ($fontSize) {
 		// Random font size?
 		if ($fontSize === "rand") {
-			$fontSize = $this->getRngInstance()->randomNumber(3, 9);
+			$fontSize = $this->getRngInstance()->randomNumber(4, 9);
 		} // END - if
 
 		$this->imageStrings[$this->currString]['size'] = (int) $fontSize;
-- 
2.39.2