RINO 2 based on php-encryption

reenable RINO 1 functions, add a deprecation note. use by default RINO 2 , with crypto from php-encryption fallback to RINO 1 for old nodes.
2015-06-23 16:13:09 +02:00 · 2015-06-23 16:13:09 +02:00 · 6fbb02fb93
commit 6fbb02fb93
parent 7d83a19fd4
11 changed files with 1038 additions and 32 deletions
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@ -4,6 +4,7 @@ require_once('library/simplepie/simplepie.inc');
 require_once('include/items.php');
 require_once('include/event.php');

+require_once('library/defuse/php-encryption-1.2.1/Crypto.php');

 function dfrn_notify_post(&$a) {
    logger(__function__, LOGGER_TRACE);
@ -12,6 +13,7 @@ function dfrn_notify_post(&$a) {
 	$challenge    = ((x($_POST,'challenge'))    ? notags(trim($_POST['challenge'])) : '');
 	$data         = ((x($_POST,'data'))         ? $_POST['data']                    : '');
 	$key          = ((x($_POST,'key'))          ? $_POST['key']                     : '');
+	$rino_remote  = ((x($_POST,'rino'))         ? intval($_POST['rino'])            :  0);
 	$dissolve     = ((x($_POST,'dissolve'))     ? intval($_POST['dissolve'])        :  0);
 	$perm         = ((x($_POST,'perm'))         ? notags(trim($_POST['perm']))      : 'r');
 	$ssl_policy   = ((x($_POST,'ssl_policy'))   ? notags(trim($_POST['ssl_policy'])): 'none');
@ -130,7 +132,7 @@ function dfrn_notify_post(&$a) {
 	if($importer['page-flags'] == PAGE_SOAPBOX)
 		xml_status(0);

-	/** disable rino
+	
 	if(strlen($key)) {
 		$rawkey = hex2bin(trim($key));
 		logger('rino: md5 raw key: ' . md5($rawkey));
@ -153,11 +155,42 @@ function dfrn_notify_post(&$a) {
 			}
 		}

-		logger('rino: received key : ' . $final_key);
-		$data = aes_decrypt(hex2bin($data),$final_key);
+		#logger('rino: received key : ' . $final_key);
+		
+		switch($rino_remote) {
+			case 0:
+			case 1:
+				// we got a key. old code send only the key, without RINO version.
+				// we assume RINO 1 if key and no RINO version
+				$data = aes_decrypt(hex2bin($data),$final_key);
+				break;
+			case 2:
+				try {
+					$data = Crypto::decrypt(hex2bin($data),$final_key);
+				} catch (InvalidCiphertext $ex) { // VERY IMPORTANT
+					// Either:
+					//   1. The ciphertext was modified by the attacker,
+					//   2. The key is wrong, or
+					//   3. $ciphertext is not a valid ciphertext or was corrupted.
+					// Assume the worst.
+					logger('The ciphertext has been tampered with!');
+					xml_status(0,'The ciphertext has been tampered with!');
+				} catch (Ex\CryptoTestFailed $ex) {
+					logger('Cannot safely perform dencryption');
+					xml_status(0,'CryptoTestFailed');
+				} catch (Ex\CannotPerformOperation $ex) {
+					logger('Cannot safely perform decryption');
+					xml_status(0,'Cannot safely perform decryption');
+				}
+				break;
+			default:
+				logger("rino: invalid sent verision '$rino_remote'");
+				xml_status(0);
+		}
+		
+		
 		logger('rino: decrypted data: ' . $data, LOGGER_DATA);
 	}
-	**/

 	$ret = local_delivery($importer,$data);
 	xml_status($ret);
@ -253,16 +286,14 @@ function dfrn_notify_content(&$a) {
 		$challenge    = bin2hex($challenge);
 		$encrypted_id = bin2hex($encrypted_id);

-		/**
-	     * disable rino.
-		$rino = ((function_exists('mcrypt_encrypt')) ? 1 : 0);
+		
+		$rino = get_config('system','rino_encrypt');

-		$rino_enable = get_config('system','rino_encrypt');
-
-		if(! $rino_enable)
+		if(! $rino){
 			$rino = 0;
-		**/
-		$rino = 0; $rino_enable = 0;
+		} else {
+			$rino = 2;
+		}
 		
 		if((($r[0]['rel']) && ($r[0]['rel'] != CONTACT_IS_SHARING)) || ($r[0]['page-flags'] == PAGE_COMMUNITY)) {
 			$perm = 'rw';