From c2cd0258f104152ec8606f8fc159d4c950c2e990 Mon Sep 17 00:00:00 2001
From: cypherbits <info@avanix.es>
Date: Sun, 3 May 2020 15:18:41 +0200
Subject: [PATCH] If admin defined keys with the right length, do not compute
the keys.
---
chat.php | 16 ++++++++++++----
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/chat.php b/chat.php
index 172d838..4cabf61 100644
--- a/chat.php
+++ b/chat.php
@@ -4208,8 +4208,8 @@ function load_config(){
define('VERSION', '1.24'); // Script version
define('DBVERSION', 42); // Database layout version
define('MSGENCRYPTED', false); // Store messages encrypted in the database to prevent other database users from reading them - true/false - visit the setup page after editing!
- define('ENCRYPTKEY_PASS', 'MY_SECRET_KEY'); // Encryption key for messages
- define('AES_IV_PASS', '1234567890123456'); //AES Encryption IV
+ define('ENCRYPTKEY_PASS', 'MY_SECRET_KEY'); // Recommended length: 32. Encryption key for messages
+ define('AES_IV_PASS', '012345678912'); // Recommended length: 12. AES Encryption IV
define('DBHOST', 'localhost'); // Database host
define('DBUSER', 'www-data'); // Database user
define('DBPASS', 'YOUR_DB_PASS'); // Database password
@@ -4229,7 +4229,15 @@ function load_config(){
define('LANG', 'en'); // Default language
if (MSGENCRYPTED){
//Do not touch: Compute real keys needed by encryption functions
- define('ENCRYPTKEY', substr(hash("sha512/256",ENCRYPTKEY_PASS),0, SODIUM_CRYPTO_AEAD_AES256GCM_KEYBYTES));
- define('AES_IV', substr(hash("sha512/256",AES_IV_PASS), 0, SODIUM_CRYPTO_AEAD_AES256GCM_NPUBBYTES));
+ if (strlen(ENCRYPTKEY_PASS) !== SODIUM_CRYPTO_AEAD_AES256GCM_KEYBYTES){
+ define('ENCRYPTKEY', substr(hash("sha512/256",ENCRYPTKEY_PASS),0, SODIUM_CRYPTO_AEAD_AES256GCM_KEYBYTES));
+ }else{
+ define('ENCRYPTKEY', ENCRYPTKEY_PASS);
+ }
+ if (strlen(AES_IV_PASS) !== SODIUM_CRYPTO_AEAD_AES256GCM_NPUBBYTES){
+ define('AES_IV', substr(hash("sha512/256",AES_IV_PASS), 0, SODIUM_CRYPTO_AEAD_AES256GCM_NPUBBYTES));
+ }else{
+ define('AES_IV', AES_IV_PASS);
+ }
}
}