From 49df57df45f82e2e0f1b10f2508f61b78d6d3ac0 Mon Sep 17 00:00:00 2001
From: Mario Vavti <mario@mariovavti.com>
Date: Fri, 21 Aug 2020 10:55:55 +0200
Subject: use the default setting and also add the mode to the cipher. aes-128
 is to be preferred over aes-256 according to bruce schneier
 https://www.schneier.com/blog/archives/2009/07/another_new_aes.html#c386957

---
 include/bbcode.php       | 2 +-
 include/conversation.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'include')

diff --git a/include/bbcode.php b/include/bbcode.php
index ea04eb470..535e4ac33 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -257,7 +257,7 @@ function bb_parse_crypt($match) {
 
 	$x = random_string();
 
-	$f = ((in_array($algorithm, ['AES-256', 'rot13', 'triple-rot13'])) ? 'hz_decrypt' : 'red_decrypt');
+	$f = ((in_array($algorithm, ['AES-128-CCM', 'rot13', 'triple-rot13'])) ? 'hz_decrypt' : 'red_decrypt');
 
 	$Text = '<br /><div id="' . $x . '"><img class="cursor-pointer" src="' . z_root() . '/images/lock_icon.svg" onclick="' . $f . '(\'' . $algorithm . '\',\'' . $hint . '\',\'' . $match[2] . '\',\'#' . $x . '\');" alt="' . t('Encrypted content') . '" title="' . t('Encrypted content') . '" /></div><br />';
 
diff --git a/include/conversation.php b/include/conversation.php
index 05d1cdc26..876e907e5 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -1396,7 +1396,7 @@ function hz_status_editor($a, $x, $popup = false) {
 
 	$cipher = get_pconfig($x['profile_uid'], 'system', 'default_cipher');
 	if(! $cipher)
-		$cipher = 'AES-256';
+		$cipher = 'AES-128-CCM';
 
 	if(array_key_exists('catsenabled',$x))
 		$catsenabled = $x['catsenabled'];
-- 
cgit v1.2.3