From ee5b9de6ad81a9d5c808e5875d61c30d79ac4c5c Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Thu, 9 Nov 2017 03:20:18 -0500 Subject: [PATCH] Reverting RINO crypto code to php-encryption version 1.2 --- mod/dfrn_notify.php | 10 ++++++---- src/Protocol/DFRN.php | 15 ++++++++++----- 2 files changed, 16 insertions(+), 9 deletions(-) diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index 7397b415a..15cda13ad 100644 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -183,9 +183,8 @@ function dfrn_notify_post(App $a) { break; case 2: try { - $FinalKey = \Defuse\Crypto\Key::loadFromAsciiSafeString(bin2hex($final_key)); - $data = \Defuse\Crypto\Crypto::decrypt(hex2bin($data), $FinalKey); - } catch (\Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException $ex) { // VERY IMPORTANT + $data = \Crypto::decrypt(hex2bin($data), $final_key); + } catch (\InvalidCiphertextException $ex) { // VERY IMPORTANT /* * Either: * 1. The ciphertext was modified by the attacker, @@ -195,9 +194,12 @@ function dfrn_notify_post(App $a) { */ logger('The ciphertext has been tampered with!'); xml_status(0, 'The ciphertext has been tampered with!'); - } catch (\Defuse\Crypto\Exception\EnvironmentIsBrokenException $ex) { + } catch (\CryptoTestFailedException $ex) { logger('Cannot safely perform dencryption'); xml_status(0, 'CryptoTestFailed'); + } catch (\CannotPerformOperationException $ex) { + logger('Cannot safely perform decryption'); + xml_status(0, 'Cannot safely perform decryption'); } break; default: diff --git a/src/Protocol/DFRN.php b/src/Protocol/DFRN.php index 7f37f9839..1009d075d 100644 --- a/src/Protocol/DFRN.php +++ b/src/Protocol/DFRN.php @@ -1296,17 +1296,22 @@ class DFRN case 2: // RINO 2 based on php-encryption try { - $KeyObject = \Defuse\Crypto\Key::createNewRandomKey(); - } catch (\Defuse\Crypto\Exception\CryptoException $ex) { + $key = \Crypto::createNewRandomKey(); + } catch (\CryptoTestFailedException $ex) { logger('Cannot safely create a key'); return -4; + } catch (\CannotPerformOperationException $ex) { + logger('Cannot safely create a key'); + return -5; } try { - $data = \Defuse\Crypto\Crypto::encrypt($postvars['data'], $KeyObject); - $key = $KeyObject->saveToAsciiSafeString(); - } catch (\Defuse\Crypto\Exception\CryptoException $ex) { + $data = Crypto::encrypt($postvars['data'], $key); + } catch (\CryptoTestFailedException $ex) { logger('Cannot safely perform encryption'); return -6; + } catch (\CannotPerformOperationException $ex) { + logger('Cannot safely perform encryption'); + return -7; } break; default: