From 77e2ef45f05b8106ebe5400f8931c6e54ec6341b Mon Sep 17 00:00:00 2001
From: redmatrix <redmatrix@redmatrix.me>
Date: Tue, 19 May 2015 02:16:12 -0700
Subject: mail_obscure - AES-256 is way too slow, simplify. Ideally a
 substitution cipher would be adequate for our requirements.

---
 include/diaspora.php | 16 +++++++---------
 include/items.php    | 19 ++++++++++---------
 include/message.php  | 22 ++++++++++------------
 include/text.php     |  5 ++---
 4 files changed, 29 insertions(+), 33 deletions(-)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index 618c27e1c..1e04b6b44 100755
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -1703,11 +1703,10 @@ function diaspora_conversation($importer,$xml,$msg) {
 			continue;
 		}
 
-		$key = get_config('system','pubkey');
 		if($subject)
-			$subject = json_encode(crypto_encapsulate($subject,$key));
+			$subject = base64url_encode($subject);
 		if($body)
-			$body  = json_encode(crypto_encapsulate($body,$key));
+			$body  = base64url_encode($body);
 
 		q("insert into mail ( `channel_id`, `convid`, `from_xchan`,`to_xchan`,`title`,`body`,`mail_flags`,`mid`,`parent_mid`,`created`) values ( %d, %d, '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s')",
 			intval($importer['channel_id']),
@@ -1837,9 +1836,9 @@ function diaspora_message($importer,$xml,$msg) {
 
 	$key = get_config('system','pubkey');
 	if($subject)
-		$subject = json_encode(crypto_encapsulate($subject,$key));
+		$subject = base64url_encode($subject);
 	if($body)
-		$body  = json_encode(crypto_encapsulate($body,$key));
+		$body  = base64url_encode($body);
 
 	q("insert into mail ( `channel_id`, `convid`, `from_xchan`,`to_xchan`,`title`,`body`,`mail_flags`,`mid`,`parent_mid`,`created`) values ( %d, %d, '%s', '%s', '%s', '%s', '%d','%s','%s','%s')",
 		intval($importer['channel_id']),
@@ -2861,11 +2860,10 @@ function diaspora_send_mail($item,$owner,$contact) {
 	);
 
 	if(array_key_exists('mail_flags',$item) && ($item['mail_flags'] & MAIL_OBSCURED)) {
-		$key = get_config('system','prvkey');
-//		if($item['title'])
-//			$item['title'] = crypto_unencapsulate(json_decode_plus($item['title']),$key);
+		if($item['title'])
+			$item['title'] = base64url_decode($item['title']);
 		if($item['body'])
-			$item['body'] = crypto_unencapsulate(json_decode_plus($item['body']),$key);
+			$item['body'] = base64url_decode($item['body']);
 	}
 
 
diff --git a/include/items.php b/include/items.php
index 2bb6c1012..ce0c2461a 100755
--- a/include/items.php
+++ b/include/items.php
@@ -1399,11 +1399,10 @@ function encode_mail($item) {
 	$x['encoding'] = 'zot';
 
 	if(array_key_exists('mail_flags',$item) && ($item['mail_flags'] & MAIL_OBSCURED)) {
-		$key = get_config('system','prvkey');
 		if($item['title'])
-			$item['title'] = crypto_unencapsulate(json_decode_plus($item['title']),$key);
+			$item['title'] = base64url_decode($item['title']);
 		if($item['body'])
-			$item['body'] = crypto_unencapsulate(json_decode_plus($item['body']),$key);
+			$item['body'] = base64url_decode($item['body']);
 	}
 
 	$x['message_id']     = $item['mid'];
@@ -1455,13 +1454,15 @@ function get_mail_elements($x) {
 
 	$key = get_config('system','pubkey');
 	$arr['mail_flags'] |= MAIL_OBSCURED;
-	$arr['body'] = htmlspecialchars($arr['body'],ENT_COMPAT,'UTF-8',false);
-	if($arr['body'])
-		$arr['body']  = json_encode(crypto_encapsulate($arr['body'],$key));
-	$arr['title'] = htmlspecialchars($arr['title'],ENT_COMPAT,'UTF-8',false);
-	if($arr['title'])
-		$arr['title'] = json_encode(crypto_encapsulate($arr['title'],$key));
+	if($arr['body']) {
+		$arr['body']  = base64url_encode($arr['body']);
+		$arr['body'] = htmlspecialchars($arr['body'],ENT_COMPAT,'UTF-8',false);
+	}
 
+	if($arr['title']) {
+		$arr['title'] = base64url_encode($arr['title']);
+		$arr['title'] = htmlspecialchars($arr['title'],ENT_COMPAT,'UTF-8',false);
+	}
 	if($arr['created'] > datetime_convert())
 		$arr['created']  = datetime_convert();
 
diff --git a/include/message.php b/include/message.php
index bfc92cd6d..82c48ba85 100644
--- a/include/message.php
+++ b/include/message.php
@@ -163,11 +163,10 @@ function send_message($uid = 0, $recipient='', $body='', $subject='', $replyto='
 
 	$jattach = (($attachments) ? json_encode($attachments) : '');
 
-	$key = get_config('system','pubkey');
 	if($subject)
-		$subject = json_encode(crypto_encapsulate($subject,$key));
+		$subject = base64url_encode($subject);
 	if($body)
-		$body  = json_encode(crypto_encapsulate($body,$key));
+		$body  = base64url_encode($body);
 	
 
 
@@ -242,6 +241,8 @@ function private_messages_list($uid, $mailbox = '', $start = 0, $numitems = 0) {
 	$where = '';
 	$limit = '';
 
+	$t0 = dba_timer();
+
 	if($numitems)
 		$limit = " LIMIT " . intval($numitems) . " OFFSET " . intval($start);
 		
@@ -284,11 +285,10 @@ function private_messages_list($uid, $mailbox = '', $start = 0, $numitems = 0) {
 		$r[$k]['to']   = find_xchan_in_array($rr['to_xchan'],$c);
 		$r[$k]['seen'] = (($rr['mail_flags'] & MAIL_SEEN) ? 1 : 0);
 		if($r[$k]['mail_flags'] & MAIL_OBSCURED) {
-			$key = get_config('system','prvkey');
 			if($r[$k]['title'])
-				$r[$k]['title'] = crypto_unencapsulate(json_decode_plus($r[$k]['title']),$key);
+				$r[$k]['title'] = base64url_decode($r[$k]['title']);
 			if($r[$k]['body'])
-				$r[$k]['body'] = crypto_unencapsulate(json_decode_plus($r[$k]['body']),$key);
+				$r[$k]['body'] = base64url_decode($r[$k]['body']);
 		}
 	}
 
@@ -323,11 +323,10 @@ function private_messages_fetch_message($channel_id, $messageitem_id, $updatesee
 		$messages[$k]['from'] = find_xchan_in_array($message['from_xchan'],$c);
 		$messages[$k]['to']   = find_xchan_in_array($message['to_xchan'],$c);
 		if($messages[$k]['mail_flags'] & MAIL_OBSCURED) {
-			$key = get_config('system','prvkey');
 			if($messages[$k]['title'])
-				$messages[$k]['title'] = crypto_unencapsulate(json_decode_plus($messages[$k]['title']),$key);
+				$messages[$k]['title'] = base64url_decode($messages[$k]['title']);
 			if($messages[$k]['body'])
-				$messages[$k]['body'] = crypto_unencapsulate(json_decode_plus($messages[$k]['body']),$key);
+				$messages[$k]['body'] = base64url_decode($messages[$k]['body']);
 		}
 	}
 
@@ -411,11 +410,10 @@ function private_messages_fetch_conversation($channel_id, $messageitem_id, $upda
 		$messages[$k]['from'] = find_xchan_in_array($message['from_xchan'],$c);
 		$messages[$k]['to']   = find_xchan_in_array($message['to_xchan'],$c);
 		if($messages[$k]['mail_flags'] & MAIL_OBSCURED) {
-			$key = get_config('system','prvkey');
 			if($messages[$k]['title'])
-				$messages[$k]['title'] = crypto_unencapsulate(json_decode_plus($messages[$k]['title']),$key);
+				$messages[$k]['title'] = base64url_decode($messages[$k]['title']);
 			if($messages[$k]['body'])
-				$messages[$k]['body'] = crypto_unencapsulate(json_decode_plus($messages[$k]['body']),$key);
+				$messages[$k]['body'] = base64url_decode($messages[$k]['body']);
 		}
 	}
 
diff --git a/include/text.php b/include/text.php
index bb704e35c..5b9b35c16 100644
--- a/include/text.php
+++ b/include/text.php
@@ -1198,11 +1198,10 @@ function unobscure(&$item) {
 
 function unobscure_mail(&$item) {
 	if(array_key_exists('mail_flags',$item) && ($item['mail_flags'] & MAIL_OBSCURED)) {
-		$key = get_config('system','prvkey');
 		if($item['title'])
-			$item['title'] = crypto_unencapsulate(json_decode_plus($item['title']),$key);
+			$item['title'] = base64url_decode($item['title']);
 		if($item['body'])
-			$item['body'] = crypto_unencapsulate(json_decode_plus($item['body']),$key);
+			$item['body'] = base64url_decode($item['body']);
 	}
 }
 
-- 
cgit v1.2.3