Merge pull request #3277 from annando/issue-3142
Replaces mcrypt with phpsec.
This commit is contained in:
commit
d301a363b0
1 changed files with 41 additions and 21 deletions
|
@ -10,17 +10,17 @@
|
||||||
|
|
||||||
use \Friendica\Core\Config;
|
use \Friendica\Core\Config;
|
||||||
|
|
||||||
require_once("include/items.php");
|
require_once 'include/items.php';
|
||||||
require_once("include/bb2diaspora.php");
|
require_once 'include/bb2diaspora.php';
|
||||||
require_once("include/Scrape.php");
|
require_once 'include/Scrape.php';
|
||||||
require_once("include/Contact.php");
|
require_once 'include/Contact.php';
|
||||||
require_once("include/Photo.php");
|
require_once 'include/Photo.php';
|
||||||
require_once("include/socgraph.php");
|
require_once 'include/socgraph.php';
|
||||||
require_once("include/group.php");
|
require_once 'include/group.php';
|
||||||
require_once("include/xml.php");
|
require_once 'include/xml.php';
|
||||||
require_once("include/datetime.php");
|
require_once 'include/datetime.php';
|
||||||
require_once("include/queue_fn.php");
|
require_once 'include/queue_fn.php';
|
||||||
require_once("include/cache.php");
|
require_once 'include/cache.php';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief This class contain functions to create and send Diaspora XML files
|
* @brief This class contain functions to create and send Diaspora XML files
|
||||||
|
@ -160,6 +160,32 @@ class Diaspora {
|
||||||
return $data;
|
return $data;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @brief encrypts data via AES
|
||||||
|
*
|
||||||
|
* @param string $key The AES key
|
||||||
|
* @param string $iv The IV (is used for CBC encoding)
|
||||||
|
* @param string $data The data that is to be encrypted
|
||||||
|
*
|
||||||
|
* @return string encrypted data
|
||||||
|
*/
|
||||||
|
private static function aes_encrypt($key, $iv, $data) {
|
||||||
|
return openssl_encrypt($data, 'aes-256-cbc', str_pad($key, 32, "\0"), OPENSSL_RAW_DATA, str_pad($iv, 16, "\0"));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @brief decrypts data via AES
|
||||||
|
*
|
||||||
|
* @param string $key The AES key
|
||||||
|
* @param string $iv The IV (is used for CBC encoding)
|
||||||
|
* @param string $encrypted The encrypted data
|
||||||
|
*
|
||||||
|
* @return string decrypted data
|
||||||
|
*/
|
||||||
|
private static function aes_decrypt($key, $iv, $encrypted) {
|
||||||
|
return openssl_decrypt($encrypted,'aes-256-cbc', str_pad($key, 32, "\0"), OPENSSL_RAW_DATA,str_pad($iv, 16, "\0"));
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief: Decodes incoming Diaspora message
|
* @brief: Decodes incoming Diaspora message
|
||||||
*
|
*
|
||||||
|
@ -199,10 +225,7 @@ class Diaspora {
|
||||||
$outer_iv = base64_decode($j_outer_key_bundle->iv);
|
$outer_iv = base64_decode($j_outer_key_bundle->iv);
|
||||||
$outer_key = base64_decode($j_outer_key_bundle->key);
|
$outer_key = base64_decode($j_outer_key_bundle->key);
|
||||||
|
|
||||||
$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $outer_key, $ciphertext, MCRYPT_MODE_CBC, $outer_iv);
|
$decrypted = self::aes_decrypt($outer_key, $outer_iv, $ciphertext);
|
||||||
|
|
||||||
|
|
||||||
$decrypted = pkcs5_unpad($decrypted);
|
|
||||||
|
|
||||||
logger('decrypted: '.$decrypted, LOGGER_DEBUG);
|
logger('decrypted: '.$decrypted, LOGGER_DEBUG);
|
||||||
$idom = parse_xml_string($decrypted,false);
|
$idom = parse_xml_string($decrypted,false);
|
||||||
|
@ -261,8 +284,7 @@ class Diaspora {
|
||||||
// Decode the encrypted blob
|
// Decode the encrypted blob
|
||||||
|
|
||||||
$inner_encrypted = base64_decode($data);
|
$inner_encrypted = base64_decode($data);
|
||||||
$inner_decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $inner_encrypted, MCRYPT_MODE_CBC, $inner_iv);
|
$inner_decrypted = self::aes_decrypt($inner_aes_key, $inner_iv, $inner_encrypted);
|
||||||
$inner_decrypted = pkcs5_unpad($inner_decrypted);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$author_link) {
|
if (!$author_link) {
|
||||||
|
@ -2630,8 +2652,7 @@ class Diaspora {
|
||||||
|
|
||||||
$handle = self::my_handle($user);
|
$handle = self::my_handle($user);
|
||||||
|
|
||||||
$padded_data = pkcs5_pad($msg,16);
|
$inner_encrypted = self::aes_encrypt($inner_aes_key, $inner_iv, $msg);
|
||||||
$inner_encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $padded_data, MCRYPT_MODE_CBC, $inner_iv);
|
|
||||||
|
|
||||||
$b64_data = base64_encode($inner_encrypted);
|
$b64_data = base64_encode($inner_encrypted);
|
||||||
|
|
||||||
|
@ -2653,9 +2674,8 @@ class Diaspora {
|
||||||
"author_id" => $handle));
|
"author_id" => $handle));
|
||||||
|
|
||||||
$decrypted_header = xml::from_array($xmldata, $xml, true);
|
$decrypted_header = xml::from_array($xmldata, $xml, true);
|
||||||
$decrypted_header = pkcs5_pad($decrypted_header,16);
|
|
||||||
|
|
||||||
$ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $outer_aes_key, $decrypted_header, MCRYPT_MODE_CBC, $outer_iv);
|
$ciphertext = self::aes_encrypt($outer_aes_key, $outer_iv, $decrypted_header);
|
||||||
|
|
||||||
$outer_json = json_encode(array("iv" => $b_outer_iv, "key" => $b_outer_aes_key));
|
$outer_json = json_encode(array("iv" => $b_outer_iv, "key" => $b_outer_aes_key));
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue