aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2017-03-30 21:45:29 -0700
committerzotlabs <mike@macgirvin.com>2017-03-30 21:45:29 -0700
commite79f450af9690433aaa1b81ca94555e7dcf14103 (patch)
tree4e64e3f83308b4e87bbee84f3bd9744d782ad9a3
parentc4f5d17db6796b071435069ef7138a145b04cbd4 (diff)
downloadvolse-hubzilla-e79f450af9690433aaa1b81ca94555e7dcf14103.tar.gz
volse-hubzilla-e79f450af9690433aaa1b81ca94555e7dcf14103.tar.bz2
volse-hubzilla-e79f450af9690433aaa1b81ca94555e7dcf14103.zip
aes256gcm is not ready for prime time. Stay tuned. Until it is, we're pretty much stuffed unless we go to 3rd party crypto libs.
-rw-r--r--include/crypto.php10
1 files changed, 5 insertions, 5 deletions
diff --git a/include/crypto.php b/include/crypto.php
index 758cec24f..bcbb3d388 100644
--- a/include/crypto.php
+++ b/include/crypto.php
@@ -81,14 +81,14 @@ function STD_decrypt($data,$key,$iv) {
function AES256GCM_encrypt($data,$key,$iv) {
$key = substr($key,0,32);
- $iv = substr($iv,0,16);
- return openssl_encrypt($data,'aes-256-gcm',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
+ $iv = substr($iv,0,12);
+ return openssl_encrypt($data,'aes-256-gcm',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,12,"\0"));
}
function AES256GCM_decrypt($data,$key,$iv) {
$key = substr($key,0,32);
- $iv = substr($iv,0,16);
- return openssl_decrypt($data,'aes-256-gcm',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
+ $iv = substr($iv,0,12);
+ return openssl_decrypt($data,'aes-256-gcm',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,12,"\0"));
}
@@ -165,7 +165,7 @@ function crypto_methods() {
// The actual methods are responsible for deriving the actual key/iv from the provided parameters;
// possibly by truncation or segmentation - though many other methods could be used.
- $r = [ 'aes256gcm', 'std', 'aes256cbc', 'aes128cbc', 'cast5cbc' ];
+ $r = [ 'std', 'aes256cbc', 'aes128cbc', 'cast5cbc' ];
call_hooks('crypto_methods',$r);
return $r;