mail_obscure - AES-256 is way too slow, simplify. Ideally a substitution cipher would be adequate for our requirements.

2015-05-19 02:16:12 -07:00
parent c11b1f8b0d
commit 77e2ef45f0
5 changed files with 29 additions and 35 deletions
--- a/include/items.php
+++ b/include/items.php
@@ -1399,11 +1399,10 @@ function encode_mail($item) {
 	$x['encoding'] = 'zot';

 	if(array_key_exists('mail_flags',$item) && ($item['mail_flags'] & MAIL_OBSCURED)) {
-		$key = get_config('system','prvkey');
 		if($item['title'])
-			$item['title'] = crypto_unencapsulate(json_decode_plus($item['title']),$key);
+			$item['title'] = base64url_decode($item['title']);
 		if($item['body'])
-			$item['body'] = crypto_unencapsulate(json_decode_plus($item['body']),$key);
+			$item['body'] = base64url_decode($item['body']);
 	}

 	$x['message_id']     = $item['mid'];
@@ -1455,13 +1454,15 @@ function get_mail_elements($x) {

 	$key = get_config('system','pubkey');
 	$arr['mail_flags'] |= MAIL_OBSCURED;
-	$arr['body'] = htmlspecialchars($arr['body'],ENT_COMPAT,'UTF-8',false);
-	if($arr['body'])
-		$arr['body']  = json_encode(crypto_encapsulate($arr['body'],$key));
-	$arr['title'] = htmlspecialchars($arr['title'],ENT_COMPAT,'UTF-8',false);
-	if($arr['title'])
-		$arr['title'] = json_encode(crypto_encapsulate($arr['title'],$key));
+	if($arr['body']) {
+		$arr['body']  = base64url_encode($arr['body']);
+		$arr['body'] = htmlspecialchars($arr['body'],ENT_COMPAT,'UTF-8',false);
+	}

+	if($arr['title']) {
+		$arr['title'] = base64url_encode($arr['title']);
+		$arr['title'] = htmlspecialchars($arr['title'],ENT_COMPAT,'UTF-8',false);
+	}
 	if($arr['created'] > datetime_convert())
 		$arr['created']  = datetime_convert();