Switch to new php-encryption library version
- Remove references to library/ files - Add namespace to library classes
This commit is contained in:
parent
3b2cd85483
commit
acd65aade1
3 changed files with 10 additions and 24 deletions
|
@ -33,9 +33,6 @@ require_once 'mod/share.php';
|
||||||
require_once 'include/enotify.php';
|
require_once 'include/enotify.php';
|
||||||
require_once 'include/group.php';
|
require_once 'include/group.php';
|
||||||
|
|
||||||
/// @TODO one day with composer autoloader no more needed
|
|
||||||
require_once 'library/defuse/php-encryption-1.2.1/Crypto.php';
|
|
||||||
|
|
||||||
function construct_verb($item) {
|
function construct_verb($item) {
|
||||||
if ($item['verb']) {
|
if ($item['verb']) {
|
||||||
return $item['verb'];
|
return $item['verb'];
|
||||||
|
|
|
@ -11,10 +11,8 @@ use Friendica\Core\Config;
|
||||||
use Friendica\Database\DBM;
|
use Friendica\Database\DBM;
|
||||||
use Friendica\Protocol\DFRN;
|
use Friendica\Protocol\DFRN;
|
||||||
|
|
||||||
require_once('include/items.php');
|
require_once 'include/items.php';
|
||||||
require_once('include/event.php');
|
require_once 'include/event.php';
|
||||||
|
|
||||||
require_once('library/defuse/php-encryption-1.2.1/Crypto.php');
|
|
||||||
|
|
||||||
function dfrn_notify_post(App $a) {
|
function dfrn_notify_post(App $a) {
|
||||||
logger(__function__, LOGGER_TRACE);
|
logger(__function__, LOGGER_TRACE);
|
||||||
|
@ -185,8 +183,8 @@ function dfrn_notify_post(App $a) {
|
||||||
break;
|
break;
|
||||||
case 2:
|
case 2:
|
||||||
try {
|
try {
|
||||||
$data = Crypto::decrypt(hex2bin($data), $final_key);
|
$data = \Defuse\Crypto\Crypto::decrypt(hex2bin($data), $final_key);
|
||||||
} catch (InvalidCiphertext $ex) { // VERY IMPORTANT
|
} catch (\Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException $ex) { // VERY IMPORTANT
|
||||||
/*
|
/*
|
||||||
* Either:
|
* Either:
|
||||||
* 1. The ciphertext was modified by the attacker,
|
* 1. The ciphertext was modified by the attacker,
|
||||||
|
@ -196,12 +194,9 @@ function dfrn_notify_post(App $a) {
|
||||||
*/
|
*/
|
||||||
logger('The ciphertext has been tampered with!');
|
logger('The ciphertext has been tampered with!');
|
||||||
xml_status(0, 'The ciphertext has been tampered with!');
|
xml_status(0, 'The ciphertext has been tampered with!');
|
||||||
} catch (Ex\CryptoTestFailed $ex) {
|
} catch (\Defuse\Crypto\Exception\EnvironmentIsBrokenException $ex) {
|
||||||
logger('Cannot safely perform dencryption');
|
logger('Cannot safely perform dencryption');
|
||||||
xml_status(0, 'CryptoTestFailed');
|
xml_status(0, 'CryptoTestFailed');
|
||||||
} catch (Ex\CannotPerformOperation $ex) {
|
|
||||||
logger('Cannot safely perform decryption');
|
|
||||||
xml_status(0, 'Cannot safely perform decryption');
|
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
|
|
@ -1296,26 +1296,20 @@ class DFRN
|
||||||
case 2:
|
case 2:
|
||||||
// RINO 2 based on php-encryption
|
// RINO 2 based on php-encryption
|
||||||
try {
|
try {
|
||||||
$key = Crypto::createNewRandomKey();
|
$key = \Defuse\Crypto\Key::createNewRandomKey();
|
||||||
} catch (CryptoTestFailed $ex) {
|
} catch (\Defuse\Crypto\Exception\CryptoException $ex) {
|
||||||
logger('Cannot safely create a key');
|
logger('Cannot safely create a key');
|
||||||
return -4;
|
return -4;
|
||||||
} catch (CannotPerformOperation $ex) {
|
|
||||||
logger('Cannot safely create a key');
|
|
||||||
return -5;
|
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
$data = Crypto::encrypt($postvars['data'], $key);
|
$data = \Defuse\Crypto\Crypto::encrypt($postvars['data'], $key);
|
||||||
} catch (CryptoTestFailed $ex) {
|
} catch (\Defuse\Crypto\Exception\CryptoException $ex) {
|
||||||
logger('Cannot safely perform encryption');
|
logger('Cannot safely perform encryption');
|
||||||
return -6;
|
return -6;
|
||||||
} catch (CannotPerformOperation $ex) {
|
|
||||||
logger('Cannot safely perform encryption');
|
|
||||||
return -7;
|
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
logger("rino: invalid requested verision '$rino_remote_version'");
|
logger("rino: invalid requested version '$rino_remote_version'");
|
||||||
return -8;
|
return -8;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue