diff -r e88534039a8d -r 2b6cdff92b09 install/includes/payload.php
--- a/install/includes/payload.php	Tue Apr 06 10:46:25 2010 -0400
+++ b/install/includes/payload.php	Tue Apr 06 15:54:45 2010 -0400
@@ -31,27 +31,32 @@
 function stg_password_decode()
 {
 	global $db;
+	global $dh_public, $dh_private, $aes_fallback;
 	static $pass = false;
 	
 	if ( $pass )
 		return $pass;
 	
-	if ( !isset($_POST['crypt_data']) && !empty($_POST['password']) && $_POST['password'] === $_POST['password_confirm'] )
+	if ( empty($_POST['crypt_data']) && !empty($_POST['password']) && $_POST['password'] === $_POST['password_confirm'] )
 		$pass = $_POST['password'];
 	
-	$aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
-	// retrieve encryption key
-	$q = $db->sql_query('SELECT config_value FROM ' . table_prefix . 'config WHERE config_name=\'install_aes_key\';');
-	if ( !$q )
-		$db->_die();
-	if ( $db->numrows() < 1 )
+	require_once(ENANO_ROOT . '/includes/rijndael.php');
+	require_once(ENANO_ROOT . '/includes/sessions.php');
+	
+	try
+	{
+		$keys = array(
+				'public' => $dh_public,
+				'private' => $dh_private,
+				'aes' => $aes_fallback
+			);
+		$pass = sessionManager::get_aes_post('password', $keys);
+	}
+	catch ( Exception $e )
+	{
+		echo "<p>Exception details:</p><pre>$e</pre>";
 		return false;
-	list($aes_key) = $db->fetchrow_num();
-	$aes_key = hexdecode($aes_key);
-	
-	$pass = $aes->decrypt($_POST['crypt_data'], $aes_key, ENC_HEX);
-	if ( !$pass )
-		return false;
+	}
 	
 	return $pass; // Will be true if the password isn't crapped
 }