Reverting RINO crypto code to php-encryption version 1.2

This commit is contained in:
Hypolite Petovan 2017-11-09 03:20:18 -05:00
parent ccf4dcf270
commit ee5b9de6ad
2 changed files with 16 additions and 9 deletions

View File

@ -183,9 +183,8 @@ function dfrn_notify_post(App $a) {
break; break;
case 2: case 2:
try { try {
$FinalKey = \Defuse\Crypto\Key::loadFromAsciiSafeString(bin2hex($final_key)); $data = \Crypto::decrypt(hex2bin($data), $final_key);
$data = \Defuse\Crypto\Crypto::decrypt(hex2bin($data), $FinalKey); } catch (\InvalidCiphertextException $ex) { // VERY IMPORTANT
} catch (\Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException $ex) { // VERY IMPORTANT
/* /*
* Either: * Either:
* 1. The ciphertext was modified by the attacker, * 1. The ciphertext was modified by the attacker,
@ -195,9 +194,12 @@ function dfrn_notify_post(App $a) {
*/ */
logger('The ciphertext has been tampered with!'); logger('The ciphertext has been tampered with!');
xml_status(0, 'The ciphertext has been tampered with!'); xml_status(0, 'The ciphertext has been tampered with!');
} catch (\Defuse\Crypto\Exception\EnvironmentIsBrokenException $ex) { } catch (\CryptoTestFailedException $ex) {
logger('Cannot safely perform dencryption'); logger('Cannot safely perform dencryption');
xml_status(0, 'CryptoTestFailed'); xml_status(0, 'CryptoTestFailed');
} catch (\CannotPerformOperationException $ex) {
logger('Cannot safely perform decryption');
xml_status(0, 'Cannot safely perform decryption');
} }
break; break;
default: default:

View File

@ -1296,17 +1296,22 @@ class DFRN
case 2: case 2:
// RINO 2 based on php-encryption // RINO 2 based on php-encryption
try { try {
$KeyObject = \Defuse\Crypto\Key::createNewRandomKey(); $key = \Crypto::createNewRandomKey();
} catch (\Defuse\Crypto\Exception\CryptoException $ex) { } catch (\CryptoTestFailedException $ex) {
logger('Cannot safely create a key'); logger('Cannot safely create a key');
return -4; return -4;
} catch (\CannotPerformOperationException $ex) {
logger('Cannot safely create a key');
return -5;
} }
try { try {
$data = \Defuse\Crypto\Crypto::encrypt($postvars['data'], $KeyObject); $data = Crypto::encrypt($postvars['data'], $key);
$key = $KeyObject->saveToAsciiSafeString(); } catch (\CryptoTestFailedException $ex) {
} catch (\Defuse\Crypto\Exception\CryptoException $ex) {
logger('Cannot safely perform encryption'); logger('Cannot safely perform encryption');
return -6; return -6;
} catch (\CannotPerformOperationException $ex) {
logger('Cannot safely perform encryption');
return -7;
} }
break; break;
default: default: