openssl to libsodium
This commit is contained in:
cypherbits
2
README
2
README
@ -42,7 +42,7 @@ Optionally, you can install:
|
||||
- the json extension for save/restore
|
||||
- a memcached server and the memcached extension and change the configuaration to use memcached. This will lessen the database load a bit.
|
||||
- a MySQL or PostgreSQL server to use as an external database instead of SQLite
|
||||
- the openssl extension for encryption of messages and notes in the database
|
||||
- the libsodium extension for encryption of messages and notes in the database (bundled with PHP >= 7.2)
|
||||
When you have everything installed and use MySQL or PostgreSQL, you'll have to create a database and a user for the chat.
|
||||
Then edit the configuration at the bottom of the script to reflect the appropriate database settings and to modify the chat settings the way you like them.
|
||||
Then copy the script to your web-server directory and call the script in your browser with a parameter like this:
|
||||
|
||||
@ -45,7 +45,7 @@ Optionally, you can install:
|
||||
- the json extension for save/restore
|
||||
- a memcached server and the memcached extension and change the configuaration to use memcached. This will lessen the database load a bit.
|
||||
- a MySQL or PostgreSQL server to use as an external database instead of SQLite
|
||||
- the openssl extension for encryption of messages and notes in the database
|
||||
- the libsodium extension (PHP >= 7.2) for encryption of messages and notes in the database
|
||||
When you have everything installed and use MySQL or PostgreSQL, you'll have to create a database and a user for the chat.
|
||||
Then edit the configuration at the bottom of the script to reflect the appropriate database settings and to modify the chat settings the way you like them.
|
||||
Then copy the script to your web-server directory and call the script in your browser with a parameter like this:
|
||||
|
||||
15
chat.php
15
chat.php
@ -768,7 +768,6 @@ function restore_backup($C){
|
||||
$note['type']=1;
|
||||
}
|
||||
if(MSGENCRYPTED){
|
||||
//$note['text']=openssl_encrypt($note['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456');
|
||||
$note['text']=base64_encode(sodium_crypto_aead_aes256gcm_encrypt($note['text'], '', AES_IV, ENCRYPTKEY));
|
||||
}
|
||||
$stmt->execute([$note['type'], $note['lastedited'], $note['editedby'], $note['text']]);
|
||||
@ -805,7 +804,6 @@ function send_backup($C){
|
||||
$result=$db->query('SELECT * FROM ' . PREFIX . "notes;");
|
||||
while($note=$result->fetch(PDO::FETCH_ASSOC)){
|
||||
if(MSGENCRYPTED){
|
||||
//$note['text']=openssl_decrypt($note['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456');
|
||||
$note['text']=sodium_crypto_aead_aes256gcm_decrypt(base64_decode($note['text']), null, AES_IV, ENCRYPTKEY);
|
||||
}
|
||||
$code['notes'][]=$note;
|
||||
@ -1541,7 +1539,6 @@ function send_notes($type){
|
||||
}
|
||||
if(isset($_REQUEST['text'])){
|
||||
if(MSGENCRYPTED){
|
||||
//$_REQUEST['text']=openssl_encrypt($_REQUEST['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456');
|
||||
$_REQUEST['text']=base64_encode(sodium_crypto_aead_aes256gcm_encrypt($_REQUEST['text'], '', AES_IV, ENCRYPTKEY));
|
||||
}
|
||||
$time=time();
|
||||
@ -1576,7 +1573,6 @@ function send_notes($type){
|
||||
$note['text']='';
|
||||
}
|
||||
if(MSGENCRYPTED){
|
||||
//$note['text']=openssl_decrypt($note['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456');
|
||||
$note['text']=sodium_crypto_aead_aes256gcm_decrypt(base64_decode($note['text']), null, AES_IV, ENCRYPTKEY);
|
||||
}
|
||||
echo "</p>".form('notes');
|
||||
@ -2936,7 +2932,6 @@ function validate_input(){
|
||||
'text' =>"<span class=\"usermsg\">$displaysend".style_this($message, $U['style']).'</span>'
|
||||
];
|
||||
if(MSGENCRYPTED){
|
||||
//$newmessage['text']=openssl_encrypt($newmessage['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456');
|
||||
$newmessage['text']=base64_encode(sodium_crypto_aead_aes256gcm_encrypt($newmessage['text'], '', AES_IV, ENCRYPTKEY));
|
||||
}
|
||||
$stmt=$db->prepare('INSERT INTO ' . PREFIX . 'inbox (postdate, postid, poster, recipient, text) VALUES(?, ?, ?, ?, ?)');
|
||||
@ -3125,7 +3120,6 @@ function add_system_message($mes){
|
||||
function write_message($message){
|
||||
global $db;
|
||||
if(MSGENCRYPTED){
|
||||
//$message['text']=openssl_encrypt($message['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456');
|
||||
$message['text']=base64_encode(sodium_crypto_aead_aes256gcm_encrypt($message['text'], '', AES_IV, ENCRYPTKEY));
|
||||
}
|
||||
$stmt=$db->prepare('INSERT INTO ' . PREFIX . 'messages (postdate, poststatus, poster, recipient, text, delstatus) VALUES (?, ?, ?, ?, ?, ?);');
|
||||
@ -3247,7 +3241,6 @@ function print_messages($delstatus=0){
|
||||
|
||||
function prepare_message_print(&$message, $removeEmbed){
|
||||
if(MSGENCRYPTED){
|
||||
//$message['text']=openssl_decrypt($message['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456');
|
||||
$message['text']=sodium_crypto_aead_aes256gcm_decrypt(base64_decode($message['text']), null, AES_IV, ENCRYPTKEY);
|
||||
}
|
||||
if($removeEmbed){
|
||||
@ -4006,17 +3999,15 @@ function update_db(){
|
||||
}
|
||||
update_setting('dbversion', DBVERSION);
|
||||
if($msgencrypted!==MSGENCRYPTED){
|
||||
if(!extension_loaded('openssl')){
|
||||
send_fatal_error($I['opensslextrequired']);
|
||||
if(!extension_loaded('sodium')){
|
||||
send_fatal_error($I['sodiumextrequired']);
|
||||
}
|
||||
$result=$db->query('SELECT id, text FROM ' . PREFIX . 'messages;');
|
||||
$stmt=$db->prepare('UPDATE ' . PREFIX . 'messages SET text=? WHERE id=?;');
|
||||
while($message=$result->fetch(PDO::FETCH_ASSOC)){
|
||||
if(MSGENCRYPTED){
|
||||
//$message['text']=openssl_encrypt($message['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456');
|
||||
$message['text']=base64_encode(sodium_crypto_aead_aes256gcm_encrypt($message['text'], '', AES_IV, ENCRYPTKEY));
|
||||
}else{
|
||||
//$message['text']=openssl_decrypt($message['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456');
|
||||
$message['text']=sodium_crypto_aead_aes256gcm_decrypt(base64_decode($message['text']), null, AES_IV, ENCRYPTKEY);
|
||||
}
|
||||
$stmt->execute([$message['text'], $message['id']]);
|
||||
@ -4025,10 +4016,8 @@ function update_db(){
|
||||
$stmt=$db->prepare('UPDATE ' . PREFIX . 'notes SET text=? WHERE id=?;');
|
||||
while($message=$result->fetch(PDO::FETCH_ASSOC)){
|
||||
if(MSGENCRYPTED){
|
||||
//$message['text']=openssl_encrypt($message['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456');
|
||||
$message['text']=base64_encode(sodium_crypto_aead_aes256gcm_encrypt($message['text'], '', AES_IV, ENCRYPTKEY));
|
||||
}else{
|
||||
//$message['text']=openssl_decrypt($message['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456');
|
||||
$message['text']=sodium_crypto_aead_aes256gcm_decrypt(base64_decode($message['text']), null, AES_IV, ENCRYPTKEY);
|
||||
}
|
||||
$stmt->execute([$message['text'], $message['id']]);
|
||||
|
||||
@ -310,7 +310,7 @@ $T=[
|
||||
'nopass' => 'Невалидна парола (поне %d символа), не променям ника',
|
||||
'gdextrequired' => 'Добавката gd за PHP е необходима за тази функционалност. Моля, първо я инсталирайте.',
|
||||
'memcachedextrequired' => 'Добавката memcached за PHP е необходима за кеш функционалностите. Моля, първо я инсталирайте или върнете настройките за memcached обратно на false.',
|
||||
'opensslextrequired' => 'Добавката openssl за PHP е необходима the криптиращата функционалност. Моля, първо я инсталирайте или върнете настройките за криптиране обратно на false.',
|
||||
'sodiumextrequired' => 'Добавката libsodium за PHP е необходима the криптиращата функционалност. Моля, първо я инсталирайте или върнете настройките за криптиране обратно на false.',
|
||||
'pdo_mysqlextrequired' => 'Добавката pdo_mysql за PHP е необходима за избрания драйвер за базата данни. Моля, първо я инсталирайте.',
|
||||
'pdo_pgsqlextrequired' => 'Добавката pdo_pgsql за PHP е необходима за избрания драйвер за базата данни. Моля, първо я инсталирайте.',
|
||||
'pdo_sqliteextrequired' => 'Добавката pdo_sqlite за PHP е необходима за избрния драйвер за базата данни. Моля, първо я инсталирайте.',
|
||||
|
||||
@ -310,7 +310,7 @@ $I=[
|
||||
'nopass' => 'Chybné heslo (Nejméně %d znaků), přezdívka zůstala stejná',
|
||||
'gdextrequired' => 'Rozšíření PHP gd je pro tuto funkci vyžadováno. Nejprve ho nainstalujte.',
|
||||
'memcachedextrequired' => 'Pro funkci ukládání do mezipaměti je vyžadováno memcached rozšíření PHP. Nejprve ho nainstalujte, nebo nastavte parametr memcached na hodnotu false.',
|
||||
'opensslextrequired' => 'Pro funkci šifrování je vyžadováno rozšíření PHP openssl. Nejprve ho nainstalujte nebo nastavte šifrované nastavení zpět na hodnotu false.',
|
||||
'sodiumextrequired' => 'Pro funkci šifrování je vyžadováno rozšíření PHP libsodium. Nejprve ho nainstalujte nebo nastavte šifrované nastavení zpět na hodnotu false.',
|
||||
'pdo_mysqlextrequired' => 'Rozšíření pdo_mysql PHP je vyžadováno pro zvolený ovladač databáze. Nejprve ho nainstalujte.',
|
||||
'pdo_pgsqlextrequired' => 'Pro zvolený databázový ovladač je vyžadováno rozšíření PHP pdo_pgsql. Nejprve ho nainstalujte.',
|
||||
'pdo_sqliteextrequired' => 'Rozšíření pdo_sqlite PHP je vyžadováno pro zvolený ovladač databáze. Nejprve ho nainstalujte.',
|
||||
|
||||
@ -310,7 +310,7 @@ $T=[
|
||||
'nopass' => 'Ungültiges Passwort (Mindestens %d Zeichen), Nickname nicht geändert',
|
||||
'gdextrequired' => 'Für diese Funktion wird die gd Erweiterung von PHP benötigt. Bitte installieren Sie diese zuerst.',
|
||||
'memcachedextrequired' => 'Die memcached Erweiterung von PHP wird benötigt, um die Cache-Funktion zu benutzen. Bitte installieren Sie diese zuerst oder setzen Sie die memcached Einstellung zurück auf false.',
|
||||
'opensslextrequired' => 'Die openssl Erweiterung von PHP wird benötigt, um die Verschlüsselungs-Funktion zu benutzen. Bitte installieren Sie diese zuerst oder setzen Sie die encrypted Einstellung zurück auf false.',
|
||||
'sodiumextrequired' => 'Die libsodium Erweiterung von PHP wird benötigt, um die Verschlüsselungs-Funktion zu benutzen. Bitte installieren Sie diese zuerst oder setzen Sie die encrypted Einstellung zurück auf false.',
|
||||
'pdo_mysqlextrequired' => 'Die pdo_mysql Erweiterung von PHP wird für den ausgewählten Datenbanktreiber benötigt. Bitte installieren Sie diese zuerst.',
|
||||
'pdo_pgsqlextrequired' => 'Die pdo_pgsql Erweiterung von PHP wird für den ausgewählten Datenbanktreiber benötigt. Bitte installieren Sie diese zuerst.',
|
||||
'pdo_sqliteextrequired' => 'Die pdo_sqlite Erweiterung von PHP wird für den ausgewählten Datenbanktreiber benötigt. Bitte installieren Sie diese zuerst.',
|
||||
|
||||
@ -310,7 +310,7 @@ $I=[
|
||||
'nopass' => 'Invalid password (At least %d characters), not changing nickname',
|
||||
'gdextrequired' => 'The gd extension of PHP is required for this feature. Please install it first.',
|
||||
'memcachedextrequired' => 'The memcached extension of PHP is required for the caching feature. Please install it first or set the memcached setting back to false.',
|
||||
'opensslextrequired' => 'The openssl extension of PHP is required for the encryption feature. Please install it first or set the encrypted setting back to false.',
|
||||
'sodiumextrequired' => 'The libsodium extension of PHP is required for the encryption feature. Please install it first or set the encrypted setting back to false.',
|
||||
'pdo_mysqlextrequired' => 'The pdo_mysql extension of PHP is required for the selected database driver. Please install it first.',
|
||||
'pdo_pgsqlextrequired' => 'The pdo_pgsql extension of PHP is required for the selected database driver. Please install it first.',
|
||||
'pdo_sqliteextrequired' => 'The pdo_sqlite extension of PHP is required for the selected database driver. Please install it first.',
|
||||
|
||||
@ -310,7 +310,7 @@ $T=[
|
||||
'nopass' => 'Constraseña incorrecta (al menos %d caracteres), no se cambia apodo',
|
||||
'gdextrequired' => 'La extensión gd de PHP es requerida para esto. Instálela primero.',
|
||||
'memcachedextrequired' => 'La extensión memcached de PHP es requerida para esto. Instalela primero o configure memcached en false.',
|
||||
'opensslextrequired' => 'La extensión openssl de PHP es necesaria para la encriptación. Instálela o configure la encriptación en false.',
|
||||
'sodiumextrequired' => 'La extensión libsodium de PHP es necesaria para la encriptación. Instálela o configure la encriptación en false.',
|
||||
'pdo_mysqlextrequired' => 'La extensión pdo_mysql de PHP es necesaria para la database driver seleccionada. Instálelo primero.',
|
||||
'pdo_pgsqlextrequired' => ' La extensión pdo_pgsql de PHP es necesaria para la database driver seleccionada. Instálelo primero.',
|
||||
'pdo_sqliteextrequired' => ' La extensión pdo_sqlite de PHP es necesaria para la database driver seleccionada. Instálelo primero.',
|
||||
|
||||
@ -310,7 +310,7 @@ $T=[
|
||||
'nopass' => 'Password sbagliata (Almeno %d simboli), senza cambiare nome',
|
||||
'gdextrequired' => 'The gd extension of PHP is required for this feature. Please install it first.',
|
||||
'memcachedextrequired' => 'The memcached extension of PHP is required for the caching feature. Please install it first or set the memcached setting back to false.',
|
||||
'opensslextrequired' => 'The openssl extension of PHP is required for the encryption feature. Please install it first or set the encrypted setting back to false.',
|
||||
'sodiumextrequired' => 'The libsodium extension of PHP is required for the encryption feature. Please install it first or set the encrypted setting back to false.',
|
||||
'pdo_mysqlextrequired' => 'The pdo_mysql extension of PHP is required for the selected database driver. Please install it first.',
|
||||
'pdo_pgsqlextrequired' => 'The pdo_pgsql extension of PHP is required for the selected database driver. Please install it first.',
|
||||
'pdo_sqliteextrequired' => 'The pdo_sqlite extension of PHP is required for the selected database driver. Please install it first.',
|
||||
|
||||
@ -310,7 +310,7 @@ $T=[
|
||||
'nopass' => 'Некорректный пароль (Хотя бы %d символов), не меняя имени',
|
||||
'gdextrequired' => 'gd расширение для PHP требуетса для етой функции. Пожалуйста установите его сначала...',
|
||||
'memcachedextrequired' => 'The memcached extension of PHP is required for the caching feature. Please install it first or set the memcached setting back to false.',
|
||||
'opensslextrequired' => 'The openssl extension of PHP is required for the encryption feature. Please install it first or set the encrypted setting back to false.',
|
||||
'sodiumextrequired' => 'The libsodium extension of PHP is required for the encryption feature. Please install it first or set the encrypted setting back to false.',
|
||||
'pdo_mysqlextrequired' => 'Pdo_mysql расширение для PHP требуетса для драйверов базы данных. Пожалуйста установите его сначала..',
|
||||
'pdo_pgsqlextrequired' => 'Pdo_pgsql расширение для PHP требуетса для драйверов базы данных. Пожалуйста установите его сначала..',
|
||||
'pdo_sqliteextrequired' => 'Pdo_sqlite расширение для PHP требуетса для драйверов базы данных. Пожалуйста установите его сначала.',
|
||||
|
||||
@ -310,7 +310,7 @@ $T=[
|
||||
'nopass' => 'Негідний пароль (Хотя б %d символів), не міняя імя',
|
||||
'gdextrequired' => 'The gd extension of PHP is required for this feature. Please install it first.',
|
||||
'memcachedextrequired' => 'The memcached extension of PHP is required for the caching feature. Please install it first or set the memcached setting back to false.',
|
||||
'opensslextrequired' => 'The openssl extension of PHP is required for the encryption feature. Please install it first or set the encrypted setting back to false.',
|
||||
'sodiumextrequired' => 'The libsodium extension of PHP is required for the encryption feature. Please install it first or set the encrypted setting back to false.',
|
||||
'pdo_mysqlextrequired' => 'The pdo_mysql extension of PHP is required for the selected database driver. Please install it first.',
|
||||
'pdo_pgsqlextrequired' => 'The pdo_pgsql extension of PHP is required for the selected database driver. Please install it first.',
|
||||
'pdo_sqliteextrequired' => 'The pdo_sqlite extension of PHP is required for the selected database driver. Please install it first.',
|
||||
|
||||
@ -289,7 +289,7 @@ $T=[
|
||||
'nopass' => '密码无效(至少%d个字符),不更改昵称.',
|
||||
'gdextrequired' => '此功能需要PHP的gd扩展名。 请先安装它。.',
|
||||
'memcachedextrequired' => '缓存功能需要PHP的memcached扩展。 请先安装它或将memcached设置恢复为false.',
|
||||
'opensslextrequired' => '加密功能需要PHP的openssl扩展。 请先安装它或将加密设置恢复为false.',
|
||||
'sodiumextrequired' => '加密功能需要PHP的libsodium扩展。 请先安装它或将加密设置恢复为false.',
|
||||
'pdo_mysqlextrequired' => '所选数据库驱动程序需要PHP的pdo_mysql扩展名。 请先安装它.',
|
||||
'pdo_pgsqlextrequired' => '所选数据库驱动程序需要PHP的pdo_pgsql扩展名。 请先安装它。',
|
||||
'pdo_sqliteextrequired' => '所选数据库驱动程序需要PHP的pdo_sqlite扩展。 请先安装它.',
|
||||
|
||||
Reference in New Issue
Block a user