tobias/friendica
1
0
Fork 0
Code Pull requests Activity

Switch to new php-encryption library version

Browse source 
- Remove references to library/ files
- Add namespace to library classes
This commit is contained in:
Hypolite Petovan 2017-11-09 02:21:37 -05:00
parent 3b2cd85483
commit acd65aade1
3 changed files with 10 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
include/items.php
View file

@ -33,9 +33,6 @@ require_once 'mod/share.php';
require_once 'include/enotify.php'; require_once 'include/enotify.php';
require_once 'include/group.php'; require_once 'include/group.php';
/// @TODO one day with composer autoloader no more needed
require_once 'library/defuse/php-encryption-1.2.1/Crypto.php';
function construct_verb($item) { function construct_verb($item) {
if ($item['verb']) { if ($item['verb']) {
return $item['verb']; return $item['verb'];

15
mod/dfrn_notify.php
View file

@ -11,10 +11,8 @@ use Friendica\Core\Config;
use Friendica\Database\DBM; use Friendica\Database\DBM;
use Friendica\Protocol\DFRN; use Friendica\Protocol\DFRN;
require_once('include/items.php'); require_once 'include/items.php';
require_once('include/event.php'); require_once 'include/event.php';
require_once('library/defuse/php-encryption-1.2.1/Crypto.php');
function dfrn_notify_post(App $a) { function dfrn_notify_post(App $a) {
logger(__function__, LOGGER_TRACE); logger(__function__, LOGGER_TRACE);
@ -185,8 +183,8 @@ function dfrn_notify_post(App $a) {
break; break;
case 2: case 2:
try { try {
$data = Crypto::decrypt(hex2bin($data), $final_key); $data = \Defuse\Crypto\Crypto::decrypt(hex2bin($data), $final_key);
} catch (InvalidCiphertext $ex) { // VERY IMPORTANT } catch (\Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException $ex) { // VERY IMPORTANT
/* /*
* Either: * Either:
* 1. The ciphertext was modified by the attacker, * 1. The ciphertext was modified by the attacker,
@ -196,12 +194,9 @@ function dfrn_notify_post(App $a) {
*/ */
logger('The ciphertext has been tampered with!'); logger('The ciphertext has been tampered with!');
xml_status(0, 'The ciphertext has been tampered with!'); xml_status(0, 'The ciphertext has been tampered with!');
} catch (Ex\CryptoTestFailed $ex) { } catch (\Defuse\Crypto\Exception\EnvironmentIsBrokenException $ex) {
logger('Cannot safely perform dencryption'); logger('Cannot safely perform dencryption');
xml_status(0, 'CryptoTestFailed'); xml_status(0, 'CryptoTestFailed');
} catch (Ex\CannotPerformOperation $ex) {
logger('Cannot safely perform decryption');
xml_status(0, 'Cannot safely perform decryption');
} }
break; break;
default: default:

16
src/Protocol/DFRN.php
View file

@ -1296,26 +1296,20 @@ class DFRN
case 2: case 2:
// RINO 2 based on php-encryption // RINO 2 based on php-encryption
try { try {
$key = Crypto::createNewRandomKey(); $key = \Defuse\Crypto\Key::createNewRandomKey();
} catch (CryptoTestFailed $ex) { } catch (\Defuse\Crypto\Exception\CryptoException $ex) {
logger('Cannot safely create a key'); logger('Cannot safely create a key');
return -4; return -4;
} catch (CannotPerformOperation $ex) {
logger('Cannot safely create a key');
return -5;
} }
try { try {
$data = Crypto::encrypt($postvars['data'], $key); $data = \Defuse\Crypto\Crypto::encrypt($postvars['data'], $key);
} catch (CryptoTestFailed $ex) { } catch (\Defuse\Crypto\Exception\CryptoException $ex) {
logger('Cannot safely perform encryption'); logger('Cannot safely perform encryption');
return -6; return -6;
} catch (CannotPerformOperation $ex) {
logger('Cannot safely perform encryption');
return -7;
} }
break; break;
default: default:
logger("rino: invalid requested verision '$rino_remote_version'"); logger("rino: invalid requested version '$rino_remote_version'");
return -8; return -8;
} }