From 6118570118eb97ee1daa69e7628aae03c3fe4b77 Mon Sep 17 00:00:00 2001
From: zotlabs <mike@macgirvin.com>
Date: Thu, 30 Mar 2017 20:43:49 -0700
Subject: make aes256gcm the primary crypto mode

---
 include/crypto.php | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

(limited to 'include/crypto.php')

diff --git a/include/crypto.php b/include/crypto.php
index f75390985..758cec24f 100644
--- a/include/crypto.php
+++ b/include/crypto.php
@@ -79,6 +79,19 @@ function STD_decrypt($data,$key,$iv) {
 	return openssl_decrypt($data,'aes-256-cbc',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
 }
 
+function AES256GCM_encrypt($data,$key,$iv) {
+	$key = substr($key,0,32);
+	$iv = substr($iv,0,16);
+	return openssl_encrypt($data,'aes-256-gcm',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
+}
+
+function AES256GCM_decrypt($data,$key,$iv) {
+	$key = substr($key,0,32);
+	$iv = substr($iv,0,16);
+	return openssl_decrypt($data,'aes-256-gcm',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
+}
+
+
 function CAST5CBC_encrypt($data,$key,$iv) {
 	$key = substr($key,0,16);
 	$iv = substr($iv,0,8);
@@ -152,7 +165,7 @@ function crypto_methods() {
 	// The actual methods are responsible for deriving the actual key/iv from the provided parameters;
 	// possibly by truncation or segmentation - though many other methods could be used.  
 
-	$r = [ 'std', 'aes256cbc', 'aes128cbc', 'cast5cbc' ];
+	$r = [ 'aes256gcm', 'std', 'aes256cbc', 'aes128cbc', 'cast5cbc' ];
 	call_hooks('crypto_methods',$r);
 	return $r;
 
-- 
cgit v1.2.3