X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FUtil%2FCrypto.php;h=1b84a92f64a3f9e6ae7bcaa0815fc7a271b77432;hb=e52e505a481ed6f7e3766725d709b5f0653b036b;hp=3426babe36e27aa2102bf6d36152f80a939903ed;hpb=6fc9c6de3b99aa01212d29ea0d140334d4e38396;p=friendica.git

diff --git a/src/Util/Crypto.php b/src/Util/Crypto.php
index 3426babe36..1b84a92f64 100644
--- a/src/Util/Crypto.php
+++ b/src/Util/Crypto.php
@@ -1,18 +1,35 @@
 <?php
 /**
- * @file src/Util/Crypto.php
+ * @copyright Copyright (C) 2020, Friendica
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ *
  */
+
 namespace Friendica\Util;
 
-use Friendica\Core\Addon;
-use Friendica\Core\Config;
-use Friendica\Core\Logger;
-use Friendica\Util\Strings;
 use ASN_BASE;
 use ASNValue;
+use Friendica\Core\Hook;
+use Friendica\Core\Logger;
+use Friendica\Core\System;
+use Friendica\DI;
 
 /**
- * @brief Crypto class
+ * Crypto class
  */
 class Crypto
 {
@@ -25,6 +42,9 @@ class Crypto
 	 */
 	public static function rsaSign($data, $key, $alg = 'sha256')
 	{
+		if (empty($key)) {
+			Logger::warning('Empty key parameter', ['callstack' => System::callstack()]);
+		}
 		openssl_sign($data, $sig, $key, (($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : $alg));
 		return $sig;
 	}
@@ -38,12 +58,15 @@ class Crypto
 	 */
 	public static function rsaVerify($data, $sig, $key, $alg = 'sha256')
 	{
+		if (empty($key)) {
+			Logger::warning('Empty key parameter', ['callstack' => System::callstack()]);
+		}
 		return openssl_verify($data, $sig, $key, (($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : $alg));
 	}
 
 	/**
 	 * @param string $Der     der formatted string
-	 * @param string $Private key type optional, default false
+	 * @param bool   $Private key type optional, default false
 	 * @return string
 	 */
 	private static function DerToPem($Der, $Private = false)
@@ -150,6 +173,7 @@ class Crypto
 	 * @param string $m   modulo reference
 	 * @param object $e   exponent reference
 	 * @return void
+	 * @throws \Exception
 	 */
 	private static function pubRsaToMe($key, &$m, &$e)
 	{
@@ -167,6 +191,7 @@ class Crypto
 	/**
 	 * @param string $key key
 	 * @return string
+	 * @throws \Exception
 	 */
 	public static function rsaToPem($key)
 	{
@@ -177,6 +202,7 @@ class Crypto
 	/**
 	 * @param string $key key
 	 * @return string
+	 * @throws \Exception
 	 */
 	private static function pemToRsa($key)
 	{
@@ -189,6 +215,7 @@ class Crypto
 	 * @param string $m   modulo reference
 	 * @param string $e   exponent reference
 	 * @return void
+	 * @throws \Exception
 	 */
 	public static function pemToMe($key, &$m, &$e)
 	{
@@ -199,8 +226,10 @@ class Crypto
 
 		$r = ASN_BASE::parseASNString($x);
 
-		$m = Strings::base64UrlDecode($r[0]->asnData[1]->asnData[0]->asnData[0]->asnData);
-		$e = Strings::base64UrlDecode($r[0]->asnData[1]->asnData[0]->asnData[1]->asnData);
+		if (isset($r[0])) {
+			$m = Strings::base64UrlDecode($r[0]->asnData[1]->asnData[0]->asnData[0]->asnData);
+			$e = Strings::base64UrlDecode($r[0]->asnData[1]->asnData[0]->asnData[1]->asnData);
+		}
 	}
 
 	/**
@@ -218,6 +247,7 @@ class Crypto
 	/**
 	 * @param integer $bits number of bits
 	 * @return mixed
+	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
 	 */
 	public static function newKeypair($bits)
 	{
@@ -227,7 +257,7 @@ class Crypto
 			'encrypt_key'      => false
 		];
 
-		$conf = Config::get('system', 'openssl_conf_file');
+		$conf = DI::config()->get('system', 'openssl_conf_file');
 		if ($conf) {
 			$openssl_options['config'] = $conf;
 		}
@@ -319,14 +349,15 @@ class Crypto
 	}
 
 	/**
-	 * 
+	 *
 	 * Ported from Hubzilla: https://framagit.org/hubzilla/core/blob/master/include/crypto.php
-	 * 
+	 *
 	 * @param string $data
 	 * @param string $pubkey The public key.
 	 * @param string $alg    The algorithm used for encryption.
-	 * 
+	 *
 	 * @return array
+	 * @throws \Exception
 	 */
 	public static function encapsulate($data, $pubkey, $alg = 'aes256cbc')
 	{
@@ -337,14 +368,15 @@ class Crypto
 	}
 
 	/**
-	 * 
+	 *
 	 * Ported from Hubzilla: https://framagit.org/hubzilla/core/blob/master/include/crypto.php
-	 * 
-	 * @param type $data
-	 * @param type $pubkey The public key.
-	 * @param type $alg    The algorithm used for encryption.
-	 * 
+	 *
+	 * @param string $data
+	 * @param string $pubkey The public key.
+	 * @param string $alg    The algorithm used for encryption.
+	 *
 	 * @return array
+	 * @throws \Exception
 	 */
 	private static function encapsulateOther($data, $pubkey, $alg)
 	{
@@ -372,20 +404,21 @@ class Crypto
 			return $result;
 		} else {
 			$x = ['data' => $data, 'pubkey' => $pubkey, 'alg' => $alg, 'result' => $data];
-			Addon::callHooks('other_encapsulate', $x);
+			Hook::callAll('other_encapsulate', $x);
 
 			return $x['result'];
 		}
 	}
 
 	/**
-	 * 
+	 *
 	 * Ported from Hubzilla: https://framagit.org/hubzilla/core/blob/master/include/crypto.php
-	 * 
+	 *
 	 * @param string $data
 	 * @param string $pubkey
-	 * 
+	 *
 	 * @return array
+	 * @throws \Exception
 	 */
 	private static function encapsulateAes($data, $pubkey)
 	{
@@ -413,15 +446,16 @@ class Crypto
 	}
 
 	/**
-	 * 
+	 *
 	 * Ported from Hubzilla: https://framagit.org/hubzilla/core/blob/master/include/crypto.php
-	 * 
-	 * @param string $data
-	 * @param string $prvkey  The private key used for decryption.
-	 * 
+	 *
+	 * @param array $data ['iv' => $iv, 'key' => $key, 'alg' => $alg, 'data' => $data]
+	 * @param string $prvkey The private key used for decryption.
+	 *
 	 * @return string|boolean The decrypted string or false on failure.
+	 * @throws \Exception
 	 */
-	public static function unencapsulate($data, $prvkey)
+	public static function unencapsulate(array $data, $prvkey)
 	{
 		if (!$data) {
 			return;
@@ -429,22 +463,23 @@ class Crypto
 
 		$alg = ((array_key_exists('alg', $data)) ? $data['alg'] : 'aes256cbc');
 		if ($alg === 'aes256cbc') {
-			return self::encapsulateAes($data, $prvkey);
+			return self::encapsulateAes($data['data'], $prvkey);
 		}
-		return self::encapsulateOther($data, $prvkey, $alg);
+		return self::encapsulateOther($data['data'], $prvkey, $alg);
 	}
 
 	/**
-	 * 
+	 *
 	 * Ported from Hubzilla: https://framagit.org/hubzilla/core/blob/master/include/crypto.php
-	 * 
-	 * @param string $data
-	 * @param string $prvkey  The private key used for decryption.
+	 *
+	 * @param array $data
+	 * @param string $prvkey The private key used for decryption.
 	 * @param string $alg
-	 * 
+	 *
 	 * @return string|boolean The decrypted string or false on failure.
+	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
 	 */
-	private static function unencapsulateOther($data, $prvkey, $alg)
+	private static function unencapsulateOther(array $data, $prvkey, $alg)
 	{
 		$fn = 'decrypt' . strtoupper($alg);
 
@@ -455,20 +490,21 @@ class Crypto
 			return self::$fn(Strings::base64UrlDecode($data['data']), $k, $i);
 		} else {
 			$x = ['data' => $data, 'prvkey' => $prvkey, 'alg' => $alg, 'result' => $data];
-			Addon::callHooks('other_unencapsulate', $x);
+			Hook::callAll('other_unencapsulate', $x);
 
 			return $x['result'];
 		}
 	}
 
 	/**
-	 * 
+	 *
 	 * Ported from Hubzilla: https://framagit.org/hubzilla/core/blob/master/include/crypto.php
-	 * 
+	 *
 	 * @param array  $data
-	 * @param string $prvkey  The private key used for decryption.
-	 * 
+	 * @param string $prvkey The private key used for decryption.
+	 *
 	 * @return string|boolean The decrypted string or false on failure.
+	 * @throws \Exception
 	 */
 	private static function unencapsulateAes($data, $prvkey)
 	{