From bd76aca7b0d57400078d224e8dca9b3b4fb6a015 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Roland=20H=C3=A4der?= <roland@mxchange.org>
Date: Sun, 22 Jun 2008 16:00:33 +0000
Subject: [PATCH] The 'key' for encryption can now be taken from fixed or
 daily-changed extra salt

---
 inc/classes/main/crypto/class_CryptoHelper.php       | 12 ++++++++++--
 .../captcha/web/class_GraphicalCodeCaptcha.php       |  2 +-
 inc/config.php                                       |  3 +++
 3 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/inc/classes/main/crypto/class_CryptoHelper.php b/inc/classes/main/crypto/class_CryptoHelper.php
index 2765abd..aab3784 100644
--- a/inc/classes/main/crypto/class_CryptoHelper.php
+++ b/inc/classes/main/crypto/class_CryptoHelper.php
@@ -168,7 +168,11 @@ class CryptoHelper extends BaseFrameworkSystem implements Cryptable {
 		$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
 
 		// Get key
-		$key = md5($this->rngInstance->getFixedSalt());
+		if ($this->getConfigInstance()->readConfig('crypt_fixed_salt') == "Y") {
+			$key = md5($this->rngInstance->getFixedSalt());
+		} else {
+			$key = md5($this->rngInstance->getExtraSalt());
+		}
 
 		// Encrypt the string
 		$encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $str, MCRYPT_MODE_ECB, $iv);
@@ -189,7 +193,11 @@ class CryptoHelper extends BaseFrameworkSystem implements Cryptable {
 		$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
 
 		// Get key
-		$key = md5($this->rngInstance->getFixedSalt());
+		if ($this->getConfigInstance()->readConfig('crypt_fixed_salt') == "Y") {
+			$key = md5($this->rngInstance->getFixedSalt());
+		} else {
+			$key = md5($this->rngInstance->getExtraSalt());
+		}
 
 		// Encrypt the string
 		$str = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $encrypted, MCRYPT_MODE_ECB, $iv);
diff --git a/inc/classes/main/helper/captcha/web/class_GraphicalCodeCaptcha.php b/inc/classes/main/helper/captcha/web/class_GraphicalCodeCaptcha.php
index b3e3b55..6dcf0aa 100644
--- a/inc/classes/main/helper/captcha/web/class_GraphicalCodeCaptcha.php
+++ b/inc/classes/main/helper/captcha/web/class_GraphicalCodeCaptcha.php
@@ -100,7 +100,7 @@ class GraphicalCodeCaptcha extends BaseCaptcha implements SolveableCaptcha {
 		$searchChars = $this->getConfigInstance()->readConfig('captcha_search_chars');
 
 		// Get fixed salt and use it as "replacement characters"
-		$replaceChars = $this->getRngInstance()->getFixedSalt();
+		$replaceChars = $this->getRngInstance()->getExtraSalt();
 
 		// Remove any plus, equals or slashes
 		for ($searchIdx = 0; $searchIdx < strlen($searchChars); $searchIdx++) {
diff --git a/inc/config.php b/inc/config.php
index 68f7d7c..145761f 100644
--- a/inc/config.php
+++ b/inc/config.php
@@ -269,5 +269,8 @@ $cfg->setConfigEntry('cookie_domain', $cfg->detectDomain()); // Is mostly the sa
 // CFG: COOKIE-SSL
 $cfg->setConfigEntry('cookie_ssl', (isset($_SERVER['HTTPS'])));
 
+// CFG: CRYPT-FIXED-SALT
+$cfg->setConfigEntry('crypt_fixed_salt', "N");
+
 // [EOF]
 ?>
-- 
2.39.2