harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

changes to encryption encapsulation for zot6 (backward compatible)

Browse Source
This commit is contained in:
zotlabs 2017-10-05 23:01:42 -07:00
parent 052ed1f88b
commit a6835f4e71
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
include/crypto.php
View File

@ -148,6 +148,7 @@ function other_encapsulate($data,$pubkey,$alg) {
// compromised by state actors and evidence is mounting that this has // compromised by state actors and evidence is mounting that this has
// already happened. // already happened.
$result = [ 'encrypted' => true ];
$key = openssl_random_pseudo_bytes(256); $key = openssl_random_pseudo_bytes(256);
$iv = openssl_random_pseudo_bytes(256); $iv = openssl_random_pseudo_bytes(256);
$result['data'] = base64url_encode($fn($data,$key,$iv),true); $result['data'] = base64url_encode($fn($data,$key,$iv),true);
@ -200,6 +201,9 @@ function aes_encapsulate($data,$pubkey) {
logger('aes_encapsulate: no key. data: ' . $data); logger('aes_encapsulate: no key. data: ' . $data);
$key = openssl_random_pseudo_bytes(32); $key = openssl_random_pseudo_bytes(32);
$iv = openssl_random_pseudo_bytes(16); $iv = openssl_random_pseudo_bytes(16);
$result = [ 'encrypted' => true ];
$result['data'] = base64url_encode(AES256CBC_encrypt($data,$key,$iv),true); $result['data'] = base64url_encode(AES256CBC_encrypt($data,$key,$iv),true);
// log the offending call so we can track it down // log the offending call so we can track it down
if(! openssl_public_encrypt($key,$k,$pubkey)) { if(! openssl_public_encrypt($key,$k,$pubkey)) {