Browse Source

Fix php-encryption version 2 compatibility issues

pull/3888/head
Hypolite Petovan 5 years ago
parent
commit
d5aff9ac31
  1. 3
      mod/dfrn_notify.php
  2. 5
      src/Protocol/DFRN.php

3
mod/dfrn_notify.php

@ -183,7 +183,8 @@ function dfrn_notify_post(App $a) {
break;
case 2:
try {
$data = \Defuse\Crypto\Crypto::decrypt(hex2bin($data), $final_key);
$FinalKey = \Defuse\Crypto\Key::loadFromAsciiSafeString($final_key);
$data = \Defuse\Crypto\Crypto::decrypt(hex2bin($data), $FinalKey);
} catch (\Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException $ex) { // VERY IMPORTANT
/*
* Either:

5
src/Protocol/DFRN.php

@ -1296,13 +1296,14 @@ class DFRN
case 2:
// RINO 2 based on php-encryption
try {
$key = \Defuse\Crypto\Key::createNewRandomKey();
$KeyObject = \Defuse\Crypto\Key::createNewRandomKey();
} catch (\Defuse\Crypto\Exception\CryptoException $ex) {
logger('Cannot safely create a key');
return -4;
}
try {
$data = \Defuse\Crypto\Crypto::encrypt($postvars['data'], $key);
$data = \Defuse\Crypto\Crypto::encrypt($postvars['data'], $KeyObject);
$key = $KeyObject->saveToAsciiSafeString();
} catch (\Defuse\Crypto\Exception\CryptoException $ex) {
logger('Cannot safely perform encryption');
return -6;

Loading…
Cancel
Save