From d7ee552c570f4fca760c3d1573f32c005cf73bb8 Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 20 Nov 2013 15:20:12 -0800 Subject: Protocol: now set data['alg'] on all encapsulated encrypted packets, so that we can more easily retire 'aes256cbc' once it is no longer viable. --- mod/editpost.php | 4 ++-- mod/message.php | 2 +- mod/post.php | 4 ++-- mod/probe.php | 2 +- mod/register.php | 8 ++++++++ 5 files changed, 14 insertions(+), 6 deletions(-) (limited to 'mod') diff --git a/mod/editpost.php b/mod/editpost.php index b01afe9b3..f25d6d21d 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -57,9 +57,9 @@ function editpost_content(&$a) { if($itm[0]['item_flags'] & ITEM_OBSCURED) { $key = get_config('system','prvkey'); if($itm[0]['title']) - $itm[0]['title'] = aes_unencapsulate(json_decode_plus($itm[0]['title']),$key); + $itm[0]['title'] = crypto_unencapsulate(json_decode_plus($itm[0]['title']),$key); if($itm[0]['body']) - $itm[0]['body'] = aes_unencapsulate(json_decode_plus($itm[0]['body']),$key); + $itm[0]['body'] = crypto_unencapsulate(json_decode_plus($itm[0]['body']),$key); } $tpl = get_markup_template("jot.tpl"); diff --git a/mod/message.php b/mod/message.php index f992a6fa1..a0382f63d 100644 --- a/mod/message.php +++ b/mod/message.php @@ -79,7 +79,7 @@ function message_post(&$a) { $global_perms = get_perms(); if($j['permissions']['data']) { - $permissions = aes_unencapsulate($j['permissions'],$channel['channel_prvkey']); + $permissions = crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']); if($permissions) $permissions = json_decode($permissions); logger('decrypted permissions: ' . print_r($permissions,true), LOGGER_DATA); diff --git a/mod/post.php b/mod/post.php index 2778621d3..64e08e632 100644 --- a/mod/post.php +++ b/mod/post.php @@ -172,7 +172,7 @@ function post_post(&$a) { */ if(array_key_exists('iv',$data)) { - $data = aes_unencapsulate($data,get_config('system','prvkey')); + $data = crypto_unencapsulate($data,get_config('system','prvkey')); logger('mod_zot: decrypt1: ' . $data, LOGGER_DATA); // susceptible to Bleichenbacher's attack @@ -312,7 +312,7 @@ function post_post(&$a) { ); } } - $encrypted = aes_encapsulate(json_encode($ret),$sitekey); + $encrypted = crypto_encapsulate(json_encode($ret),$sitekey); json_return_and_die($encrypted); /** pickup: end */ diff --git a/mod/probe.php b/mod/probe.php index bd792d52e..e2dd4ef77 100644 --- a/mod/probe.php +++ b/mod/probe.php @@ -26,7 +26,7 @@ function probe_content(&$a) { $j = json_decode($res['body'],true); } if($j && $j['permissions'] && $j['permissions']['iv']) - $j['permissions'] = json_decode(aes_unencapsulate($j['permissions'],$channel['channel_prvkey']),true); + $j['permissions'] = json_decode(crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']),true); $o .= str_replace("\n",'
',print_r($j,true)); $o .= ''; } diff --git a/mod/register.php b/mod/register.php index bc1603f25..2040732ff 100644 --- a/mod/register.php +++ b/mod/register.php @@ -7,6 +7,14 @@ function register_init(&$a) { $result = null; $cmd = ((argc() > 1) ? argv(1) : ''); + // Provide a stored request for somebody desiring a connection + // when they first need to register someplace. Once they've + // created a channel, we'll try to revive the connection request + // and process it. + + if($_REQUEST['connect']) + $_SESSION['connect'] = $_REQUEST['connect']; + switch($cmd) { case 'invite_check.json': $result = check_account_invite($_REQUEST['invite_code']); -- cgit v1.2.3