aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2014-08-15 14:42:14 -0700
committerfriendica <info@friendica.com>2014-08-15 14:42:14 -0700
commit481263dc252a0a3d02971e7f30668f4cdb662835 (patch)
tree061ca800d918a62cb5c424d2f1c586d11b5f2665
parent42863896546d5638bedeb034d5c1001d1f0f35a8 (diff)
downloadvolse-hubzilla-481263dc252a0a3d02971e7f30668f4cdb662835.tar.gz
volse-hubzilla-481263dc252a0a3d02971e7f30668f4cdb662835.tar.bz2
volse-hubzilla-481263dc252a0a3d02971e7f30668f4cdb662835.zip
bring back some friendica crypto stuff including all the key mangling and translation functions. Also add ability to completely supress email notifications for actitivies with private contents. We'll still pass private mail notifications because often the email notification is the only way infrequently used channels get alerted to these.
-rw-r--r--include/crypto.php165
-rw-r--r--include/enotify.php9
2 files changed, 173 insertions, 1 deletions
diff --git a/include/crypto.php b/include/crypto.php
index 3c68f4ddd..c053dfae2 100644
--- a/include/crypto.php
+++ b/include/crypto.php
@@ -155,4 +155,167 @@ function pkcs8to1($oldkey,$len) {
$key = substr($key,32);
$key = "-----BEGIN RSA PUBLIC KEY-----\n" . wordwrap($key, 64, "\n", true) . "\n-----END RSA PUBLIC KEY-----";
return $key;
-} \ No newline at end of file
+}
+
+
+function DerToPem($Der, $Private=false)
+{
+ //Encode:
+ $Der = base64_encode($Der);
+ //Split lines:
+ $lines = str_split($Der, 65);
+ $body = implode("\n", $lines);
+ //Get title:
+ $title = $Private? 'RSA PRIVATE KEY' : 'PUBLIC KEY';
+ //Add wrapping:
+ $result = "-----BEGIN {$title}-----\n";
+ $result .= $body . "\n";
+ $result .= "-----END {$title}-----\n";
+
+ return $result;
+}
+
+function DerToRsa($Der)
+{
+ //Encode:
+ $Der = base64_encode($Der);
+ //Split lines:
+ $lines = str_split($Der, 64);
+ $body = implode("\n", $lines);
+ //Get title:
+ $title = 'RSA PUBLIC KEY';
+ //Add wrapping:
+ $result = "-----BEGIN {$title}-----\n";
+ $result .= $body . "\n";
+ $result .= "-----END {$title}-----\n";
+
+ return $result;
+}
+
+
+function pkcs8_encode($Modulus,$PublicExponent) {
+ //Encode key sequence
+ $modulus = new ASNValue(ASNValue::TAG_INTEGER);
+ $modulus->SetIntBuffer($Modulus);
+ $publicExponent = new ASNValue(ASNValue::TAG_INTEGER);
+ $publicExponent->SetIntBuffer($PublicExponent);
+ $keySequenceItems = array($modulus, $publicExponent);
+ $keySequence = new ASNValue(ASNValue::TAG_SEQUENCE);
+ $keySequence->SetSequence($keySequenceItems);
+ //Encode bit string
+ $bitStringValue = $keySequence->Encode();
+ $bitStringValue = chr(0x00) . $bitStringValue; //Add unused bits byte
+ $bitString = new ASNValue(ASNValue::TAG_BITSTRING);
+ $bitString->Value = $bitStringValue;
+ //Encode body
+ $bodyValue = "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00" . $bitString->Encode();
+ $body = new ASNValue(ASNValue::TAG_SEQUENCE);
+ $body->Value = $bodyValue;
+ //Get DER encoded public key:
+ $PublicDER = $body->Encode();
+ return $PublicDER;
+}
+
+
+function pkcs1_encode($Modulus,$PublicExponent) {
+ //Encode key sequence
+ $modulus = new ASNValue(ASNValue::TAG_INTEGER);
+ $modulus->SetIntBuffer($Modulus);
+ $publicExponent = new ASNValue(ASNValue::TAG_INTEGER);
+ $publicExponent->SetIntBuffer($PublicExponent);
+ $keySequenceItems = array($modulus, $publicExponent);
+ $keySequence = new ASNValue(ASNValue::TAG_SEQUENCE);
+ $keySequence->SetSequence($keySequenceItems);
+ //Encode bit string
+ $bitStringValue = $keySequence->Encode();
+ return $bitStringValue;
+}
+
+
+function metopem($m,$e) {
+ $der = pkcs8_encode($m,$e);
+ $key = DerToPem($der,false);
+ return $key;
+}
+
+
+function pubrsatome($key,&$m,&$e) {
+ require_once('library/asn1.php');
+ require_once('include/salmon.php');
+
+ $lines = explode("\n",$key);
+ unset($lines[0]);
+ unset($lines[count($lines)]);
+ $x = base64_decode(implode('',$lines));
+
+ $r = ASN_BASE::parseASNString($x);
+
+ $m = base64url_decode($r[0]->asnData[0]->asnData);
+ $e = base64url_decode($r[0]->asnData[1]->asnData);
+}
+
+
+function rsatopem($key) {
+ pubrsatome($key,$m,$e);
+ return(metopem($m,$e));
+}
+
+function pemtorsa($key) {
+ pemtome($key,$m,$e);
+ return(metorsa($m,$e));
+}
+
+function pemtome($key,&$m,&$e) {
+ require_once('include/salmon.php');
+ $lines = explode("\n",$key);
+ unset($lines[0]);
+ unset($lines[count($lines)]);
+ $x = base64_decode(implode('',$lines));
+
+ $r = ASN_BASE::parseASNString($x);
+
+ $m = base64url_decode($r[0]->asnData[1]->asnData[0]->asnData[0]->asnData);
+ $e = base64url_decode($r[0]->asnData[1]->asnData[0]->asnData[1]->asnData);
+}
+
+function metorsa($m,$e) {
+ $der = pkcs1_encode($m,$e);
+ $key = DerToRsa($der);
+ return $key;
+}
+
+function salmon_key($pubkey) {
+ pemtome($pubkey,$m,$e);
+ return 'RSA' . '.' . base64url_encode($m,true) . '.' . base64url_encode($e,true) ;
+}
+
+// old function for providing mysql compatible encryption and is also
+// used in Friendica 'RINO'. This function is messy and should be retired.
+
+
+if(! function_exists('aes_decrypt')) {
+function aes_decrypt($val,$ky)
+{
+ $key="\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
+ for($a=0;$a<strlen($ky);$a++)
+ $key[$a%16]=chr(ord($key[$a%16]) ^ ord($ky[$a]));
+ $mode = MCRYPT_MODE_ECB;
+ $enc = MCRYPT_RIJNDAEL_128;
+ $dec = @mcrypt_decrypt($enc, $key, $val, $mode, @mcrypt_create_iv( @mcrypt_get_iv_size($enc, $mode), MCRYPT_DEV_URANDOM ) );
+ return rtrim($dec,(( ord(substr($dec,strlen($dec)-1,1))>=0 and ord(substr($dec, strlen($dec)-1,1))<=16)? chr(ord( substr($dec,strlen($dec)-1,1))):null));
+}}
+
+
+if(! function_exists('aes_encrypt')) {
+function aes_encrypt($val,$ky)
+{
+ $key="\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
+ for($a=0;$a<strlen($ky);$a++)
+ $key[$a%16]=chr(ord($key[$a%16]) ^ ord($ky[$a]));
+ $mode=MCRYPT_MODE_ECB;
+ $enc=MCRYPT_RIJNDAEL_128;
+ $val=str_pad($val, (16*(floor(strlen($val) / 16)+(strlen($val) % 16==0?2:1))), chr(16-(strlen($val) % 16)));
+ return mcrypt_encrypt($enc, $key, $val, $mode, mcrypt_create_iv( mcrypt_get_iv_size($enc, $mode), MCRYPT_DEV_URANDOM));
+}}
+
+
diff --git a/include/enotify.php b/include/enotify.php
index b0f6b4823..2503f9ab0 100644
--- a/include/enotify.php
+++ b/include/enotify.php
@@ -461,6 +461,8 @@ function notification($params) {
// Might be interesting to use GPG,PGP,S/MIME encryption instead
// but we'll save that for a clever plugin developer to implement
+ $private_activity = false;
+
if(! $datarray['email_secure']) {
switch($params['type']) {
case NOTIFY_WALL:
@@ -469,6 +471,7 @@ function notification($params) {
case NOTIFY_COMMENT:
if(! $private)
break;
+ $private_activity = true;
case NOTIFY_MAIL:
$datarray['textversion'] = $datarray['htmlversion'] = $datarray['title'] = '';
$datarray['subject'] = preg_replace('/' . preg_quote(t('[Red:Notify]')) . '/','$0*',$datarray['subject']);
@@ -478,6 +481,12 @@ function notification($params) {
}
}
+ if($private_activity
+ && intval(get_pconfig($datarray['uid'],'system','ignore_private_notifications'))) {
+ pop_lang();
+ return;
+ }
+
// load the template for private message notifications
$tpl = get_markup_template('email_notify_html.tpl');
$email_html_body = replace_macros($tpl,array(