#170 - issue - openssl 3.0 patch

Author: tachtler

lib/functions.php

@@ -21,6 +21,7 @@
 define('DOCDIR',sprintf('%s/',realpath(LIBDIR.'../doc/')));
 define('HOOKSDIR',sprintf('%s/',realpath(LIBDIR.'../hooks/')));
 define('JSDIR','js/');
+define('SESSION_CIPHER','aes256-gcm');
 
 /**
  * Supplimental functions
@@ -768,9 +769,9 @@ function blowfish_encrypt($data,$secret=null) {
 	if (! trim($secret))
 		return $data;
 
-	if (! empty($data) && function_exists('openssl_encrypt') && in_array('bf-ecb', openssl_get_cipher_methods())) {
-		$keylen = openssl_cipher_iv_length('bf-ecb') * 2;
-		return openssl_encrypt($data, 'bf-ecb', substr($secret,0,$keylen));
+	if (! empty($data) && function_exists('openssl_encrypt') && in_array(SESSION_CIPHER, openssl_get_cipher_methods())) {
+		$keylen = openssl_cipher_iv_length(SESSION_CIPHER) * 2;
+		return openssl_encrypt($data, SESSION_CIPHER, substr($secret,0,$keylen));
 	}
 
 	if (function_exists('mcrypt_module_open') && ! empty($data)) {
@@ -829,9 +830,9 @@ function blowfish_decrypt($encdata,$secret=null) {
 	if (! trim($secret))
 		return $encdata;
 
-	if (! empty($encdata) && function_exists('openssl_encrypt') && in_array('bf-ecb', openssl_get_cipher_methods())) {
-		$keylen = openssl_cipher_iv_length('bf-ecb') * 2;
-		return trim(openssl_decrypt($encdata, 'bf-ecb', substr($secret,0,$keylen)));
+	if (! empty($encdata) && function_exists('openssl_encrypt') && in_array(SESSION_CIPHER, openssl_get_cipher_methods())) {
+		$keylen = openssl_cipher_iv_length(SESSION_CIPHER) * 2;
+		return trim(openssl_decrypt($encdata, SESSION_CIPHER, substr($secret,0,$keylen)));
 	}
 
 	if (function_exists('mcrypt_module_open') && ! empty($encdata)) {