From 54c8fb2bb80dfd8e73095b0b983ac2c9bccb86cc Mon Sep 17 00:00:00 2001
From: Michael <heluecht@pirati.ca>
Date: Thu, 30 Mar 2017 18:29:12 +0000
Subject: [PATCH] Replaces mcrypt with phpsec.
---
include/diaspora.php | 81 ++++++++++++++++++++++++++++++++++++--------
1 file changed, 66 insertions(+), 15 deletions(-)
diff --git a/include/diaspora.php b/include/diaspora.php
index 841ba7e7ff..3250fb3da5 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -10,17 +10,18 @@
use \Friendica\Core\Config;
-require_once("include/items.php");
-require_once("include/bb2diaspora.php");
-require_once("include/Scrape.php");
-require_once("include/Contact.php");
-require_once("include/Photo.php");
-require_once("include/socgraph.php");
-require_once("include/group.php");
-require_once("include/xml.php");
-require_once("include/datetime.php");
-require_once("include/queue_fn.php");
-require_once("include/cache.php");
+require_once 'include/items.php';
+require_once 'include/bb2diaspora.php';
+require_once 'include/Scrape.php';
+require_once 'include/Contact.php';
+require_once 'include/Photo.php';
+require_once 'include/socgraph.php';
+require_once 'include/group.php';
+require_once 'include/xml.php';
+require_once 'include/datetime.php';
+require_once 'include/queue_fn.php';
+require_once 'include/cache.php';
+require_once 'library/phpsec/Crypt/AES.php';
/**
* @brief This class contain functions to create and send Diaspora XML files
@@ -160,6 +161,56 @@ class Diaspora {
return $data;
}
+ /**
+ * @brief encrypts data via AES
+ *
+ * @param string $key The AES key
+ * @param string $iv The IV (is used for CBC encoding)
+ * @param string $data The data that is to be encrypted
+ *
+ * @return string encrypted data
+ */
+ private static function aes_encrypt($key, $iv, $data) {
+ $aes = new Crypt_AES();
+
+ $block_length = 128;
+
+ $aes->setKey($key);
+ $aes->setIV($iv);
+ $aes->disablePadding();
+ $aes->setBlockLength($block_length);
+
+ $extra = strlen($data) % $block_length;
+
+ if ($extra) {
+ $data .= str_repeat("\0", $block_length - $extra);
+ }
+
+ return $aes->encrypt($data);
+ }
+
+ /**
+ * @brief decrypts data via AES
+ *
+ * @param string $key The AES key
+ * @param string $iv The IV (is used for CBC encoding)
+ * @param string $encrypted The encrypted data
+ *
+ * @return string decrypted data
+ */
+ private static function aes_decrypt($key, $iv, $encrypted) {
+ $aes = new Crypt_AES();
+
+ $block_length = 128;
+
+ $aes->setKey($key);
+ $aes->setIV($iv);
+ $aes->disablePadding();
+ $aes->setBlockLength($block_length);
+
+ return $aes->decrypt($encrypted);
+ }
+
/**
* @brief: Decodes incoming Diaspora message
*
@@ -199,7 +250,7 @@ class Diaspora {
$outer_iv = base64_decode($j_outer_key_bundle->iv);
$outer_key = base64_decode($j_outer_key_bundle->key);
- $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $outer_key, $ciphertext, MCRYPT_MODE_CBC, $outer_iv);
+ $decrypted = self::aes_decrypt($outer_key, $outer_iv, $ciphertext);
$decrypted = pkcs5_unpad($decrypted);
@@ -261,7 +312,7 @@ class Diaspora {
// Decode the encrypted blob
$inner_encrypted = base64_decode($data);
- $inner_decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $inner_encrypted, MCRYPT_MODE_CBC, $inner_iv);
+ $inner_decrypted = self::aes_decrypt($inner_aes_key, $inner_iv, $inner_encrypted);
$inner_decrypted = pkcs5_unpad($inner_decrypted);
}
@@ -2631,7 +2682,7 @@ class Diaspora {
$handle = self::my_handle($user);
$padded_data = pkcs5_pad($msg,16);
- $inner_encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $padded_data, MCRYPT_MODE_CBC, $inner_iv);
+ $inner_encrypted = self::aes_decrypt($inner_aes_key, $inner_iv, $padded_data);
$b64_data = base64_encode($inner_encrypted);
@@ -2655,7 +2706,7 @@ class Diaspora {
$decrypted_header = xml::from_array($xmldata, $xml, true);
$decrypted_header = pkcs5_pad($decrypted_header,16);
- $ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $outer_aes_key, $decrypted_header, MCRYPT_MODE_CBC, $outer_iv);
+ $ciphertext = self::aes_decrypt($outer_aes_key, $outer_iv, $decrypted_header);
$outer_json = json_encode(array("iv" => $b_outer_iv, "key" => $b_outer_aes_key));
--
2.39.5