From 6cefeaeb0a2992b48315d253d2528278a6445251 Mon Sep 17 00:00:00 2001 From: cassio Date: Tue, 4 Sep 2018 19:41:02 +0200 Subject: bug fix padding zeros --- src/filewindow.php | 4 ++-- src/hex.php | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/filewindow.php b/src/filewindow.php index 64bd1ec..375fac0 100644 --- a/src/filewindow.php +++ b/src/filewindow.php @@ -36,10 +36,10 @@ if(!isset($_GET["oid"]) || !is_numeric($_GET["oid"]) || !isset($_GET["filename"] } $cf = globalconf(); -$fname = decryptData(rawurldecode($_GET["filename"]), session_id() . $cf["key"]); +$fname = decryptData(myrawurldecode($_GET["filename"]), session_id() . $cf["key"]); $msg = ''; if(isset($_GET["msg"])) - $msg = rawurldecode($_GET["msg"]); + $msg = myrawurldecode($_GET["msg"]); $p = myhash($_GET["oid"] . $fname . $msg . session_id() . $cf["key"]); diff --git a/src/hex.php b/src/hex.php index be7b01e..4e9111d 100644 --- a/src/hex.php +++ b/src/hex.php @@ -39,7 +39,7 @@ function encryptData($text,$key,$compress=true) { $text = zipstr($text); $grade = '@#'; } - $crypttext = openssl_encrypt($text . myshorthash($text) . $grade, 'aes-256-cbc', substr(pack("H*", $key),0,32), OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv); + $crypttext = openssl_encrypt($text . myshorthash($text) . $grade, 'aes-256-cbc', substr(pack("H*", $key),0,32), OPENSSL_RAW_DATA, $iv); return base64_encode($crypttext . $iv); } @@ -60,7 +60,7 @@ function decryptData($crypttext,$key,$txt='') { $crypttext = substr($crypttext, 0, $clen-$iv_size); $key = myhash($key . "123456789012345678901234567890"); // . myhash($key); - $decrypttext = openssl_decrypt($crypttext, 'aes-256-cbc', substr(pack("H*", $key),0,32), OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv); + $decrypttext = openssl_decrypt($crypttext, 'aes-256-cbc', substr(pack("H*", $key),0,32), OPENSSL_RAW_DATA, $iv); $pos = strrpos($decrypttext,"#"); $iscompressed=false; if(substr($decrypttext,$pos-1,1)=='@') $iscompressed=true; -- cgit v1.2.3