TheRON/core
1
0
Fork 0
mirror of https://framagit.org/hubzilla/core.git synced 2026-06-21 00:52:33 -04:00
Code Issues Packages Projects Releases Wiki Activity

use the default setting and also add the mode to the cipher. aes-128 is to be preferred over aes-256 according to bruce schneier https://www.schneier.com/blog/archives/2009/07/another_new_aes.html#c386957

Browse Source
This commit is contained in:
Mario Vavti
2020-08-21 10:55:55 +02:00
parent 374c30999a
commit 49df57df45
5 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Zotlabs/Lib/ThreadStream.php
View File

@@ -23,7 +23,7 @@ class ThreadStream {
private $preview = false;
private $prepared_item = '';
public $reload = '';
private $cipher = 'AES-256';
private $cipher = 'AES-128-CCM';
// $prepared_item is for use by alternate conversation structures such as photos
// wherein we've already prepared a top level item which doesn't look anything like

2
Zotlabs/Module/Chat.php
View File

@@ -197,7 +197,7 @@ class Chat extends Controller {
$cipher = get_pconfig(local_channel(),'system','default_cipher');
if(! $cipher)
$cipher = 'AES-256';
$cipher = 'AES-128-CCM';
$o = replace_macros(get_markup_template('chat.tpl'),array(

2
include/bbcode.php
View File

@@ -257,7 +257,7 @@ function bb_parse_crypt($match) {
$x = random_string();
$f = ((in_array($algorithm, ['AES-256', 'rot13', 'triple-rot13'])) ? 'hz_decrypt' : 'red_decrypt');
$f = ((in_array($algorithm, ['AES-128-CCM', 'rot13', 'triple-rot13'])) ? 'hz_decrypt' : 'red_decrypt');
$Text = '<br /><div id="' . $x . '"><img class="cursor-pointer" src="' . z_root() . '/images/lock_icon.svg" onclick="' . $f . '(\'' . $algorithm . '\',\'' . $hint . '\',\'' . $match[2] . '\',\'#' . $x . '\');" alt="' . t('Encrypted content') . '" title="' . t('Encrypted content') . '" /></div><br />';

2
include/conversation.php
View File

@@ -1396,7 +1396,7 @@ function hz_status_editor($a, $x, $popup = false) {
$cipher = get_pconfig($x['profile_uid'], 'system', 'default_cipher');
if(! $cipher)
$cipher = 'AES-256';
$cipher = 'AES-128-CCM';
if(array_key_exists('catsenabled',$x))
$catsenabled = $x['catsenabled'];

8
view/js/crypto.js
View File

@@ -157,18 +157,18 @@ function hz_encrypt(alg, elem) {
if((alg == 'rot13') || (alg == 'triple-rot13'))
newdiv = "[crypt alg='rot13']" + window.btoa(str_rot13(text)) + '[/crypt]';
if(alg == 'AES-256') {
if(alg == 'AES-128-CCM') {
// This is the prompt we're going to use when the receiver tries to open it.
// Maybe "Grandma's maiden name" or "our secret place" or something.
var enc_hint = bin2hex(prompt(aStr['passhint']));
enc_text = sjcl.encrypt(enc_key, text, { ks: 256 });
enc_text = sjcl.encrypt(enc_key, text);
encrypted = enc_text.toString();
newdiv = "[crypt alg='AES-256' hint='" + enc_hint + "']" + window.btoa(encrypted) + '[/crypt]';
newdiv = "[crypt alg='AES-128-CCM' hint='" + enc_hint + "']" + window.btoa(encrypted) + '[/crypt]';
}
enc_key = '';
@@ -249,7 +249,7 @@ function hz_decrypt(alg, hint, text, elem) {
var enc_key = bin2hex(prompt((hint.length) ? hex2bin(hint) : aStr['passphrase']));
}
if(alg == 'AES-256') {
if(alg == 'AES-128-CCM') {
dec_text = sjcl.decrypt(enc_key, text);
}