1
--- adminer/include/xxtea.inc.php.orig	2025-11-14 10:44:16 UTC
2
+++ adminer/include/xxtea.inc.php
3
@@ -45,6 +45,11 @@
4
 	return int32((($z >> 5 & 0x7FFFFFF) ^ $y << 2) + (($y >> 3 & 0x1FFFFFFF) ^ $z << 4)) ^ int32(($sum ^ $y) + ($k ^ $z));
5
 }
6
 
7
+const AES256_NAME = 'aes-256-gcm';
8
+const AES256_KEY_BYTES = 32;
9
+const AES256_NONCE_BYTES = 12;
10
+const AES256_TAG_BYTES = 16;
11
+
12
 /** Cipher
13
 * @param string $str plain-text password
14
 * @return string binary cipher
15
@@ -53,6 +58,20 @@
16
 	if ($str == "") {
17
 		return "";
18
 	}
19
+	$key = hash_hkdf('sha256', $key, AES256_KEY_BYTES, AES256_NAME);
20
+	$nonce = random_bytes(AES256_NONCE_BYTES);
21
+	$cipherText = openssl_encrypt(
22
+		$str,
23
+		AES256_NAME,
24
+		$key,
25
+		OPENSSL_RAW_DATA,
26
+		$nonce,
27
+		$tag,
28
+		'',
29
+		AES256_TAG_BYTES
30
+	);
31
+	return $nonce . $tag . $cipherText;
32
+/*
33
 	$key = array_values(unpack("V*", pack("H*", md5($key))));
34
 	$v = str2long($str, true);
35
 	$n = count($v) - 1;
36
@@ -75,6 +94,7 @@
37
 		$v[$n] = $z;
38
 	}
39
 	return long2str($v, false);
40
+*/
41
 }
42
 
43
 /** Decipher
44
@@ -88,6 +108,20 @@
45
 	if (!$key) {
46
 		return false;
47
 	}
48
+	$key = hash_hkdf('sha256', $key, AES256_KEY_BYTES, AES256_NAME);
49
+	$nonce = substr($str, 0, AES256_NONCE_BYTES);
50
+	$tag = substr($str, AES256_NONCE_BYTES, AES256_TAG_BYTES);
51
+	$cipherText = substr($str, AES256_NONCE_BYTES + AES256_TAG_BYTES);
52
+	return openssl_decrypt(
53
+		$cipherText,
54
+		AES256_NAME,
55
+		$key,
56
+		OPENSSL_RAW_DATA,
57
+		$nonce,
58
+		$tag,
59
+		''
60
+	);
61
+/*
62
 	$key = array_values(unpack("V*", pack("H*", md5($key))));
63
 	$v = str2long($str, false);
64
 	$n = count($v) - 1;
65
@@ -110,4 +144,5 @@
66
 		$sum = int32($sum - 0x9E3779B9);
67
 	}
68
 	return long2str($v, true);
69
+*/
70
 }
71

72