1
0
mirror of https://github.com/vichan-devel/vichan.git synced 2024-11-30 18:24:29 +01:00

Merge pull request #622 from vichan-devel/RealAngeleno-patch-5

Drop-in replacement for rc4-40 encryption with aes-256-ctr

When I think about it, the above can be done later.
This commit is contained in:
RealAngeleno 2023-09-05 21:33:24 -07:00 committed by GitHub
commit fbc2464c96
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -3008,7 +3008,7 @@ function cloak_ip($ip) {
if (strlen($ipbytes) >= 16) if (strlen($ipbytes) >= 16)
$ipbytes = substr($ipbytes, 0, 16); $ipbytes = substr($ipbytes, 0, 16);
$cyphertext = openssl_encrypt($ipbytes, 'rc4-40', $ipcrypt_key, OPENSSL_RAW_DATA); $cyphertext = openssl_encrypt($ipbytes, 'aes-256-ctr', $ipcrypt_key, OPENSSL_RAW_DATA);
$ret = $config['ipcrypt_prefix'].':' . base32_encode($cyphertext); $ret = $config['ipcrypt_prefix'].':' . base32_encode($cyphertext);
if (isset($tld) && !empty($tld)) { if (isset($tld) && !empty($tld)) {
@ -3031,7 +3031,7 @@ function uncloak_ip($ip) {
} }
if (substr($ip, 0, strlen($config['ipcrypt_prefix']) + 1) === $config['ipcrypt_prefix'].':') { if (substr($ip, 0, strlen($config['ipcrypt_prefix']) + 1) === $config['ipcrypt_prefix'].':') {
$plaintext = openssl_decrypt(base32_decode($juice), 'rc4-40', $ipcrypt_key, OPENSSL_RAW_DATA); $plaintext = openssl_decrypt(base32_decode($juice), 'aes-256-ctr', $ipcrypt_key, OPENSSL_RAW_DATA);
if ($plaintext === false || strlen($plaintext) == 0) if ($plaintext === false || strlen($plaintext) == 0)
return '#ERROR'; return '#ERROR';