From 54c8fb2bb80dfd8e73095b0b983ac2c9bccb86cc Mon Sep 17 00:00:00 2001 From: Michael Date: Thu, 30 Mar 2017 18:29:12 +0000 Subject: [PATCH] Replaces mcrypt with phpsec. --- include/diaspora.php | 81 ++++++++++++++++++++++++++++++++++++-------- 1 file changed, 66 insertions(+), 15 deletions(-) diff --git a/include/diaspora.php b/include/diaspora.php index 841ba7e7ff..3250fb3da5 100644 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -10,17 +10,18 @@ use \Friendica\Core\Config; -require_once("include/items.php"); -require_once("include/bb2diaspora.php"); -require_once("include/Scrape.php"); -require_once("include/Contact.php"); -require_once("include/Photo.php"); -require_once("include/socgraph.php"); -require_once("include/group.php"); -require_once("include/xml.php"); -require_once("include/datetime.php"); -require_once("include/queue_fn.php"); -require_once("include/cache.php"); +require_once 'include/items.php'; +require_once 'include/bb2diaspora.php'; +require_once 'include/Scrape.php'; +require_once 'include/Contact.php'; +require_once 'include/Photo.php'; +require_once 'include/socgraph.php'; +require_once 'include/group.php'; +require_once 'include/xml.php'; +require_once 'include/datetime.php'; +require_once 'include/queue_fn.php'; +require_once 'include/cache.php'; +require_once 'library/phpsec/Crypt/AES.php'; /** * @brief This class contain functions to create and send Diaspora XML files @@ -160,6 +161,56 @@ class Diaspora { return $data; } + /** + * @brief encrypts data via AES + * + * @param string $key The AES key + * @param string $iv The IV (is used for CBC encoding) + * @param string $data The data that is to be encrypted + * + * @return string encrypted data + */ + private static function aes_encrypt($key, $iv, $data) { + $aes = new Crypt_AES(); + + $block_length = 128; + + $aes->setKey($key); + $aes->setIV($iv); + $aes->disablePadding(); + $aes->setBlockLength($block_length); + + $extra = strlen($data) % $block_length; + + if ($extra) { + $data .= str_repeat("\0", $block_length - $extra); + } + + return $aes->encrypt($data); + } + + /** + * @brief decrypts data via AES + * + * @param string $key The AES key + * @param string $iv The IV (is used for CBC encoding) + * @param string $encrypted The encrypted data + * + * @return string decrypted data + */ + private static function aes_decrypt($key, $iv, $encrypted) { + $aes = new Crypt_AES(); + + $block_length = 128; + + $aes->setKey($key); + $aes->setIV($iv); + $aes->disablePadding(); + $aes->setBlockLength($block_length); + + return $aes->decrypt($encrypted); + } + /** * @brief: Decodes incoming Diaspora message * @@ -199,7 +250,7 @@ class Diaspora { $outer_iv = base64_decode($j_outer_key_bundle->iv); $outer_key = base64_decode($j_outer_key_bundle->key); - $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $outer_key, $ciphertext, MCRYPT_MODE_CBC, $outer_iv); + $decrypted = self::aes_decrypt($outer_key, $outer_iv, $ciphertext); $decrypted = pkcs5_unpad($decrypted); @@ -261,7 +312,7 @@ class Diaspora { // Decode the encrypted blob $inner_encrypted = base64_decode($data); - $inner_decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $inner_encrypted, MCRYPT_MODE_CBC, $inner_iv); + $inner_decrypted = self::aes_decrypt($inner_aes_key, $inner_iv, $inner_encrypted); $inner_decrypted = pkcs5_unpad($inner_decrypted); } @@ -2631,7 +2682,7 @@ class Diaspora { $handle = self::my_handle($user); $padded_data = pkcs5_pad($msg,16); - $inner_encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $padded_data, MCRYPT_MODE_CBC, $inner_iv); + $inner_encrypted = self::aes_decrypt($inner_aes_key, $inner_iv, $padded_data); $b64_data = base64_encode($inner_encrypted); @@ -2655,7 +2706,7 @@ class Diaspora { $decrypted_header = xml::from_array($xmldata, $xml, true); $decrypted_header = pkcs5_pad($decrypted_header,16); - $ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $outer_aes_key, $decrypted_header, MCRYPT_MODE_CBC, $outer_iv); + $ciphertext = self::aes_decrypt($outer_aes_key, $outer_iv, $decrypted_header); $outer_json = json_encode(array("iv" => $b_outer_iv, "key" => $b_outer_aes_key)); -- 2.39.5