aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMario Vavti <mario@mariovavti.com>2020-08-21 10:55:55 +0200
committerMario Vavti <mario@mariovavti.com>2020-08-21 10:55:55 +0200
commit49df57df45f82e2e0f1b10f2508f61b78d6d3ac0 (patch)
treeda108b3e816419354814b143b675a8a933364f51
parent374c30999acb19fd9ec828a266106e11367c7584 (diff)
downloadvolse-hubzilla-49df57df45f82e2e0f1b10f2508f61b78d6d3ac0.tar.gz
volse-hubzilla-49df57df45f82e2e0f1b10f2508f61b78d6d3ac0.tar.bz2
volse-hubzilla-49df57df45f82e2e0f1b10f2508f61b78d6d3ac0.zip
use the default setting and also add the mode to the cipher. aes-128 is to be preferred over aes-256 according to bruce schneier https://www.schneier.com/blog/archives/2009/07/another_new_aes.html#c386957
-rw-r--r--Zotlabs/Lib/ThreadStream.php2
-rw-r--r--Zotlabs/Module/Chat.php2
-rw-r--r--include/bbcode.php2
-rw-r--r--include/conversation.php2
-rw-r--r--view/js/crypto.js8
5 files changed, 8 insertions, 8 deletions
diff --git a/Zotlabs/Lib/ThreadStream.php b/Zotlabs/Lib/ThreadStream.php
index f54b3f6c2..68b2c70dd 100644
--- a/Zotlabs/Lib/ThreadStream.php
+++ b/Zotlabs/Lib/ThreadStream.php
@@ -23,7 +23,7 @@ class ThreadStream {
private $preview = false;
private $prepared_item = '';
public $reload = '';
- private $cipher = 'AES-256';
+ private $cipher = 'AES-128-CCM';
// $prepared_item is for use by alternate conversation structures such as photos
// wherein we've already prepared a top level item which doesn't look anything like
diff --git a/Zotlabs/Module/Chat.php b/Zotlabs/Module/Chat.php
index 66ba42d33..28e775f9d 100644
--- a/Zotlabs/Module/Chat.php
+++ b/Zotlabs/Module/Chat.php
@@ -197,7 +197,7 @@ class Chat extends Controller {
$cipher = get_pconfig(local_channel(),'system','default_cipher');
if(! $cipher)
- $cipher = 'AES-256';
+ $cipher = 'AES-128-CCM';
$o = replace_macros(get_markup_template('chat.tpl'),array(
diff --git a/include/bbcode.php b/include/bbcode.php
index ea04eb470..535e4ac33 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -257,7 +257,7 @@ function bb_parse_crypt($match) {
$x = random_string();
- $f = ((in_array($algorithm, ['AES-256', 'rot13', 'triple-rot13'])) ? 'hz_decrypt' : 'red_decrypt');
+ $f = ((in_array($algorithm, ['AES-128-CCM', 'rot13', 'triple-rot13'])) ? 'hz_decrypt' : 'red_decrypt');
$Text = '<br /><div id="' . $x . '"><img class="cursor-pointer" src="' . z_root() . '/images/lock_icon.svg" onclick="' . $f . '(\'' . $algorithm . '\',\'' . $hint . '\',\'' . $match[2] . '\',\'#' . $x . '\');" alt="' . t('Encrypted content') . '" title="' . t('Encrypted content') . '" /></div><br />';
diff --git a/include/conversation.php b/include/conversation.php
index 05d1cdc26..876e907e5 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -1396,7 +1396,7 @@ function hz_status_editor($a, $x, $popup = false) {
$cipher = get_pconfig($x['profile_uid'], 'system', 'default_cipher');
if(! $cipher)
- $cipher = 'AES-256';
+ $cipher = 'AES-128-CCM';
if(array_key_exists('catsenabled',$x))
$catsenabled = $x['catsenabled'];
diff --git a/view/js/crypto.js b/view/js/crypto.js
index 058b769c5..98af6e09e 100644
--- a/view/js/crypto.js
+++ b/view/js/crypto.js
@@ -157,18 +157,18 @@ function hz_encrypt(alg, elem) {
if((alg == 'rot13') || (alg == 'triple-rot13'))
newdiv = "[crypt alg='rot13']" + window.btoa(str_rot13(text)) + '[/crypt]';
- if(alg == 'AES-256') {
+ if(alg == 'AES-128-CCM') {
// This is the prompt we're going to use when the receiver tries to open it.
// Maybe "Grandma's maiden name" or "our secret place" or something.
var enc_hint = bin2hex(prompt(aStr['passhint']));
- enc_text = sjcl.encrypt(enc_key, text, { ks: 256 });
+ enc_text = sjcl.encrypt(enc_key, text);
encrypted = enc_text.toString();
- newdiv = "[crypt alg='AES-256' hint='" + enc_hint + "']" + window.btoa(encrypted) + '[/crypt]';
+ newdiv = "[crypt alg='AES-128-CCM' hint='" + enc_hint + "']" + window.btoa(encrypted) + '[/crypt]';
}
enc_key = '';
@@ -249,7 +249,7 @@ function hz_decrypt(alg, hint, text, elem) {
var enc_key = bin2hex(prompt((hint.length) ? hex2bin(hint) : aStr['passphrase']));
}
- if(alg == 'AES-256') {
+ if(alg == 'AES-128-CCM') {
dec_text = sjcl.decrypt(enc_key, text);
}