aboutsummaryrefslogtreecommitdiffstats
path: root/include/crypto.php
Commit message (Collapse)AuthorAgeFilesLines
* use (un)obscurifyMario2021-02-101-2/+0
|
* revert z_(un)obscure() until (un)obscurify() will be implemented and a ↵Mario2021-02-101-2/+2
| | | | update will take care of the data in db
* port Lib/Crypto from zapMario2021-02-091-3/+4
|
* revert include/crypto to its previous state for reference - we are now using ↵Mario2021-02-081-44/+114
| | | | Lib/Keyutils for key conversion
* remove unused functionMario Vavti2021-02-041-17/+0
|
* key conversion functions cleanupMario Vavti2021-02-041-127/+19
|
* use phpseclib for key transformationsMario Vavti2021-02-041-18/+20
|
* downgrade phpseclib to version 2Mario Vavti2021-02-041-22/+75
|
* crypto fixzotlabs2018-11-141-1/+1
|
* more z6 debuggingzotlabs2018-11-111-2/+7
|
* cleanup the recent crypto code modifications. We need this stuff to be readable.zotlabs2018-02-211-20/+31
|
* don't try to handle OAEP for plugin crypto methods; let them do it if desiredzotlabs2018-02-201-2/+2
|
* encrypt/decrypt function not foundzotlabs2018-02-201-1/+6
|
* OAEP padding mismatch on some newer encryption methodszotlabs2018-02-191-6/+7
|
* crypto improvements (use pkcs1_oaep_padding instead of the older pkcs1_padding)zotlabs2018-02-161-5/+22
|
* remove dead codezotlabs2018-02-071-44/+0
|
* cleanup of last fixzotlabs2018-01-131-2/+2
|
* unexpected openssl resultzotlabs2018-01-131-1/+1
|
* changes to encryption encapsulation for zot6 (backward compatible)zotlabs2017-10-051-0/+4
|
* make signing methods variable and signablezotlabs2017-07-251-0/+10
|
* harden securityzotlabs2017-04-021-10/+26
|
* use aes-ctr which is slightly/arguably better than a poke in the eye and ↵zotlabs2017-04-011-10/+7
| | | | don't restrict the crypto algorithm by server role.
* aes256gcm is not ready for prime time. Stay tuned. Until it is, we're pretty ↵zotlabs2017-03-301-5/+5
| | | | much stuffed unless we go to 3rd party crypto libs.
* make aes256gcm the primary crypto modezotlabs2017-03-301-1/+14
|
* trim both key and iv on other cipherszotlabs2016-12-011-0/+2
|
* trim iv in STD_encapsulatezotlabs2016-12-011-0/+2
|
* advanced crypto restricted by server rolezotlabs2016-11-301-0/+3
|
* zot 1.2zotlabs2016-11-301-4/+108
|
* zot: specify crypto methodzotlabs2016-11-201-1/+1
|
* redundant dev line from an earlier modification causes issue #404redmatrix2016-05-301-16/+2
|
* kill off mcryptredmatrix2016-05-261-6/+8
|
* issue #319 - NOTE: this does not fix the issue, it only reports it and ↵redmatrix2016-03-301-10/+1
| | | | continues. We need to examine any logger statements that contain 'stack:' as a result of reporting this issue and find and fix the original problem - which is that set_pconfig is being called without a valid $uid. I'm worried that since we will now continue on without throwing a PHP error that nobody will ever notice or find the problem that is causing this.
* rewrite the webfinger discovery logicredmatrix2016-03-221-0/+23
|
* no xchan here if using zot protocolredmatrix2016-03-171-1/+3
|
* stop the PHP warnings from Thomas's buggered sitekeyredmatrix2016-02-281-1/+1
|
* backtrace openssl_verify errors so that we can find bad keys - as there is ↵redmatrix2016-02-251-0/+15
| | | | very little relevant context available at this level.
* retire old Friendica RINO encryption functionsredmatrix2015-06-091-28/+0
|
* issue #941friendica2015-03-281-4/+11
|
* optionally use openssl encryption functions (higher performance over mcrypt, ↵friendica2015-01-111-2/+2
| | | | but potentially more likely to have been compromised)
* allow the use of openssl cryptofriendica2015-01-111-0/+6
|
* make the old personal xrd interface (old webfinger) work againfriendica2014-08-211-2/+3
|
* bring back some friendica crypto stuff including all the key mangling and ↵friendica2014-08-151-1/+164
| | | | translation functions. Also add ability to completely supress email notifications for actitivies with private contents. We'll still pass private mail notifications because often the email notification is the only way infrequently used channels get alerted to these.
* doc updatefriendica2014-08-151-3/+8
|
* pkcs1 to pkcs8 key conversion - this is a lot easier than parsing ASN.1 DER ↵friendica2014-08-141-0/+24
| | | | formats and rebuilding the darn things like we used to do. Check for illegal hex encoded album names in mod/photo so we don't throw php errors. Don't know where they come from but we get a lot of them.
* bloody hell - it isn't defined either.friendica2013-12-151-2/+2
|
* bloody hell... php version incompatibility with openssl - openssl no longer ↵friendica2013-12-151-0/+4
| | | | accepts a string as an algorithm. Earlier versions didn't recognise sha256. So we'll look to see if the algorithm constant for sha256 is defined and if so we'll use that instead of the string.
* post_activity_item issuesfriendica2013-12-071-0/+2
|
* Protocol: now set data['alg'] on all encapsulated encrypted packets, so that ↵friendica2013-11-201-0/+16
| | | | we can more easily retire 'aes256cbc' once it is no longer viable.
* add more siteinfofriendica2013-07-241-2/+0
|
* recover padding functions which are still usedfriendica2013-07-241-0/+15
|