Streams/streams
Streams/streams
1
0
Fork 0
mirror of https://codeberg.org/streams/streams.git synced 2024-09-20 06:35:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
21418 commits 7 branches 30 tags 160 MiB
Commit graph

59 commits

Author SHA1 Message Date
zotlabs
fef3155e6a cleanup the recent crypto code modifications. We need this stuff to be readable. 2018-02-21 16:41:33 -08:00
zotlabs
dbeee4707b don't try to handle OAEP for plugin crypto methods; let them do it if desired 2018-02-20 11:56:51 -08:00
zotlabs
ae8623e3af encrypt/decrypt function not found 2018-02-20 11:51:59 -08:00
zotlabs
b6b4827680 OAEP padding mismatch on some newer encryption methods 2018-02-19 15:44:18 -08:00
zotlabs
46cb45d94b crypto improvements (use pkcs1_oaep_padding instead of the older pkcs1_padding) 2018-02-16 18:45:15 -08:00
zotlabs
dc88ccdc0b remove dead code 2018-02-07 17:53:54 -08:00
zotlabs
eb3e43feec cleanup of last fix 2018-01-13 14:08:15 -08:00
zotlabs
08bea83c03 unexpected openssl result 2018-01-13 13:45:33 -08:00
zotlabs
a6835f4e71 changes to encryption encapsulation for zot6 (backward compatible) 2017-10-05 23:01:42 -07:00
zotlabs
c24cfbc62a make signing methods variable and signable 2017-07-25 15:59:58 -07:00
zotlabs
044067f055 harden security 2017-04-02 16:40:36 -07:00
zotlabs
810d9e21bc use aes-ctr which is slightly/arguably better than a poke in the eye and don't restrict the crypto algorithm by server role. 2017-04-01 15:30:59 -07:00
zotlabs
e79f450af9 aes256gcm is not ready for prime time. Stay tuned. Until it is, we're pretty much stuffed unless we go to 3rd party crypto libs. 2017-03-30 21:45:29 -07:00
zotlabs
6118570118 make aes256gcm the primary crypto mode 2017-03-30 20:43:49 -07:00
zotlabs
7f730b81ff trim both key and iv on other ciphers 2016-12-01 18:14:20 -08:00
zotlabs
e793fc9973 trim iv in STD_encapsulate 2016-12-01 18:12:18 -08:00
zotlabs
c845eed114 advanced crypto restricted by server role 2016-11-30 16:36:33 -08:00
zotlabs
5b09829959 zot 1.2 2016-11-30 16:22:31 -08:00
zotlabs
f926915e56 zot: specify crypto method 2016-11-20 21:18:38 -08:00
redmatrix
f35609d26c redundant dev line from an earlier modification causes issue #404 2016-05-30 13:25:58 -07:00
redmatrix
7b91e551c4 kill off mcrypt 2016-05-26 13:21:43 -07:00
redmatrix
6a6dbec033 issue #319 - NOTE: this does not fix the issue, it only reports it and continues. We need to examine any logger statements that contain 'stack:' as a result of reporting this issue and find and fix the original problem - which is that set_pconfig is being called without a valid $uid. I'm worried that since we will now continue on without throwing a PHP error that nobody will ever notice or find the problem that is causing this. 2016-03-30 16:33:23 -07:00
redmatrix
6f2ba0c619 rewrite the webfinger discovery logic 2016-03-22 19:58:59 -07:00
redmatrix
f82afca84d no xchan here if using zot protocol 2016-03-17 12:15:28 -07:00
redmatrix
da79662081 stop the PHP warnings from Thomas's buggered sitekey 2016-02-28 16:33:52 -08:00
redmatrix
7972de13ca backtrace openssl_verify errors so that we can find bad keys - as there is very little relevant context available at this level. 2016-02-25 14:34:30 -08:00
redmatrix
29d9d38d7f retire old Friendica RINO encryption functions 2015-06-09 22:24:24 -07:00
friendica
0aba609ad4 issue #941 2015-03-28 14:53:00 -07:00
friendica
381f8a1b42 optionally use openssl encryption functions (higher performance over mcrypt, but potentially more likely to have been compromised) 2015-01-11 15:13:45 -08:00
friendica
6f7b1960af allow the use of openssl crypto 2015-01-11 14:58:47 -08:00
friendica
921799b045 make the old personal xrd interface (old webfinger) work again 2014-08-21 17:42:19 -07:00
friendica
481263dc25 bring back some friendica crypto stuff including all the key mangling and translation functions. Also add ability to completely supress email notifications for actitivies with private contents. We'll still pass private mail notifications because often the email notification is the only way infrequently used channels get alerted to these. 2014-08-15 14:42:14 -07:00
friendica
41aa9e13cf doc update 2014-08-15 06:05:52 -07:00
friendica
1978500e8f pkcs1 to pkcs8 key conversion - this is a lot easier than parsing ASN.1 DER formats and rebuilding the darn things like we used to do. Check for illegal hex encoded album names in mod/photo so we don't throw php errors. Don't know where they come from but we get a lot of them. 2014-08-14 23:05:19 -07:00
friendica
065300f7c3 bloody hell - it isn't defined either. 2013-12-15 18:43:54 -08:00
friendica
817d146123 bloody hell... php version incompatibility with openssl - openssl no longer accepts a string as an algorithm. Earlier versions didn't recognise sha256. So we'll look to see if the algorithm constant for sha256 is defined and if so we'll use that instead of the string. 2013-12-15 18:30:10 -08:00
friendica
b8454cbd1d post_activity_item issues 2013-12-07 23:29:26 -08:00
friendica
d7ee552c57 Protocol: now set data['alg'] on all encapsulated encrypted packets, so that we can more easily retire 'aes256cbc' once it is no longer viable. 2013-11-20 15:20:12 -08:00
friendica
c5d456af9b add more siteinfo 2013-07-24 20:35:54 -07:00
friendica
f92266d804 recover padding functions which are still used 2013-07-24 17:07:45 -07:00
friendica
30da632878 get rid of legacy (unused) encryption stuff. 2013-07-24 17:03:47 -07:00
friendica
20ba6dd62e not quite so much crypto logging 2013-07-24 05:13:21 -07:00
friendica
727ab78f9a crypto logging 2013-07-23 20:51:37 -07:00
friendica
ea3940c4b0 start formatting for Doxygen 2013-02-25 17:09:40 -08:00
friendica
1c6f301d8f y'all got mail 2012-12-05 16:44:07 -08:00
Mike Macgirvin
7acba41dc6 more cleanup 2012-10-23 21:26:12 +11:00
friendica
5ff6e9348b a few minor changes 2012-08-26 23:05:00 -07:00
friendica
6e08f39820 simplify 2012-07-21 03:48:59 -07:00
friendica
a6514e81bb remove obsolete zot encapsulation functions 2012-07-05 20:58:45 -07:00
friendica
afaf9ec74f rev update 2012-05-20 18:30:02 -07:00