From bac95913e8e4227413f7929fcee55fe6dae75f4c Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 19 Jun 2016 03:23:26 +0200 Subject: [PATCH] phpseclib defaults to OAEP but we want PKCS1 in D* --- plugins/Diaspora/DiasporaPlugin.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/plugins/Diaspora/DiasporaPlugin.php b/plugins/Diaspora/DiasporaPlugin.php index 1bb7f15ddc..dc40eec976 100644 --- a/plugins/Diaspora/DiasporaPlugin.php +++ b/plugins/Diaspora/DiasporaPlugin.php @@ -150,7 +150,7 @@ class DiasporaPlugin extends Plugin * and “outer iv” (using the aes-256-cbc cipher). This encrypted * blob shall be referred to as “the ciphertext”. */ - $ciphertext = $outer_key->encrypt($decrypted_header); + $ciphertext = $outer_key->encrypt($decrypted_header, \phpseclib\Crypt\RSA::PADDING_PKCS1); /** * Construct the following JSON object, which shall be referred to @@ -171,7 +171,7 @@ class DiasporaPlugin extends Plugin common_debug('Diaspora creating "outer aes key bundle", will require magic-public-key'); $key_fetcher = new MagicEnvelope(); $remote_keys = $key_fetcher->getKeyPair($target, true); // actually just gets the public key - $enc_outer = $remote_keys->publicKey->encrypt($outer_bundle); + $enc_outer = $remote_keys->publicKey->encrypt($outer_bundle, \phpseclib\Crypt\RSA::PADDING_PKCS1); /** * Construct the following JSON object, which I shall refer to as @@ -201,7 +201,7 @@ class DiasporaPlugin extends Plugin * chose earlier. * 2. Base64-encode the encrypted payload message. */ - $payload = $inner_key->encrypt($magic_env->getData()); + $payload = $inner_key->encrypt($magic_env->getData(), \phpseclib\Crypt\RSA::PADDING_PKCS1); //FIXME: This means we don't actually put an in the payload, // since Diaspora has its own update method! Silly me. Read up on: // https://wiki.diasporafoundation.org/Federation_Message_Semantics