From 49df57df45f82e2e0f1b10f2508f61b78d6d3ac0 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Fri, 21 Aug 2020 10:55:55 +0200 Subject: use the default setting and also add the mode to the cipher. aes-128 is to be preferred over aes-256 according to bruce schneier https://www.schneier.com/blog/archives/2009/07/another_new_aes.html#c386957 --- Zotlabs/Lib/ThreadStream.php | 2 +- Zotlabs/Module/Chat.php | 2 +- include/bbcode.php | 2 +- include/conversation.php | 2 +- view/js/crypto.js | 8 ++++---- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Zotlabs/Lib/ThreadStream.php b/Zotlabs/Lib/ThreadStream.php index f54b3f6c2..68b2c70dd 100644 --- a/Zotlabs/Lib/ThreadStream.php +++ b/Zotlabs/Lib/ThreadStream.php @@ -23,7 +23,7 @@ class ThreadStream { private $preview = false; private $prepared_item = ''; public $reload = ''; - private $cipher = 'AES-256'; + private $cipher = 'AES-128-CCM'; // $prepared_item is for use by alternate conversation structures such as photos // wherein we've already prepared a top level item which doesn't look anything like diff --git a/Zotlabs/Module/Chat.php b/Zotlabs/Module/Chat.php index 66ba42d33..28e775f9d 100644 --- a/Zotlabs/Module/Chat.php +++ b/Zotlabs/Module/Chat.php @@ -197,7 +197,7 @@ class Chat extends Controller { $cipher = get_pconfig(local_channel(),'system','default_cipher'); if(! $cipher) - $cipher = 'AES-256'; + $cipher = 'AES-128-CCM'; $o = replace_macros(get_markup_template('chat.tpl'),array( diff --git a/include/bbcode.php b/include/bbcode.php index ea04eb470..535e4ac33 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -257,7 +257,7 @@ function bb_parse_crypt($match) { $x = random_string(); - $f = ((in_array($algorithm, ['AES-256', 'rot13', 'triple-rot13'])) ? 'hz_decrypt' : 'red_decrypt'); + $f = ((in_array($algorithm, ['AES-128-CCM', 'rot13', 'triple-rot13'])) ? 'hz_decrypt' : 'red_decrypt'); $Text = '
' . t('Encrypted content') . '

'; diff --git a/include/conversation.php b/include/conversation.php index 05d1cdc26..876e907e5 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -1396,7 +1396,7 @@ function hz_status_editor($a, $x, $popup = false) { $cipher = get_pconfig($x['profile_uid'], 'system', 'default_cipher'); if(! $cipher) - $cipher = 'AES-256'; + $cipher = 'AES-128-CCM'; if(array_key_exists('catsenabled',$x)) $catsenabled = $x['catsenabled']; diff --git a/view/js/crypto.js b/view/js/crypto.js index 058b769c5..98af6e09e 100644 --- a/view/js/crypto.js +++ b/view/js/crypto.js @@ -157,18 +157,18 @@ function hz_encrypt(alg, elem) { if((alg == 'rot13') || (alg == 'triple-rot13')) newdiv = "[crypt alg='rot13']" + window.btoa(str_rot13(text)) + '[/crypt]'; - if(alg == 'AES-256') { + if(alg == 'AES-128-CCM') { // This is the prompt we're going to use when the receiver tries to open it. // Maybe "Grandma's maiden name" or "our secret place" or something. var enc_hint = bin2hex(prompt(aStr['passhint'])); - enc_text = sjcl.encrypt(enc_key, text, { ks: 256 }); + enc_text = sjcl.encrypt(enc_key, text); encrypted = enc_text.toString(); - newdiv = "[crypt alg='AES-256' hint='" + enc_hint + "']" + window.btoa(encrypted) + '[/crypt]'; + newdiv = "[crypt alg='AES-128-CCM' hint='" + enc_hint + "']" + window.btoa(encrypted) + '[/crypt]'; } enc_key = ''; @@ -249,7 +249,7 @@ function hz_decrypt(alg, hint, text, elem) { var enc_key = bin2hex(prompt((hint.length) ? hex2bin(hint) : aStr['passphrase'])); } - if(alg == 'AES-256') { + if(alg == 'AES-128-CCM') { dec_text = sjcl.decrypt(enc_key, text); } -- cgit v1.2.3