clones/friendica
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

use "random_bytes" instead of "openssl_random_pseudo_bytes"

This commit is contained in:
Michael 2021-05-11 13:12:12 +00:00
parent cfb9b73205
commit 74f3c885bf
5 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
mod/dfrn_confirm.php
View File

@ -181,7 +181,7 @@ function dfrn_confirm_post(App $a, $handsfree = null)
* random key which is encrypted with their site public key. * random key which is encrypted with their site public key.
*/ */
$src_aes_key = openssl_random_pseudo_bytes(64); $src_aes_key = random_bytes(64);
$result = ''; $result = '';
openssl_private_encrypt($dfrn_id, $result, $user['prvkey']); openssl_private_encrypt($dfrn_id, $result, $user['prvkey']);

4
src/Module/Api/Mastodon/Apps.php
View File

@ -46,8 +46,8 @@ class Apps extends BaseApi
DI::mstdnError()->RecordNotFound(); DI::mstdnError()->RecordNotFound();
} }
$client_id = bin2hex(openssl_random_pseudo_bytes(32)); $client_id = bin2hex(random_bytes(32));
$client_secret = bin2hex(openssl_random_pseudo_bytes(32)); $client_secret = bin2hex(random_bytes(32));
$fields = ['client_id' => $client_id, 'client_secret' => $client_secret, 'name' => $name, 'redirect_uri' => $redirect]; $fields = ['client_id' => $client_id, 'client_secret' => $client_secret, 'name' => $name, 'redirect_uri' => $redirect];

4
src/Module/BaseApi.php
View File

@ -216,8 +216,8 @@ class BaseApi extends BaseModule
public static function getTokenForUser(array $application, int $uid) public static function getTokenForUser(array $application, int $uid)
{ {
$code = bin2hex(openssl_random_pseudo_bytes(32)); $code = bin2hex(random_bytes(32));
$access_token = bin2hex(openssl_random_pseudo_bytes(32)); $access_token = bin2hex(random_bytes(32));
$fields = ['application-id' => $application['id'], 'uid' => $uid, 'code' => $code, 'access_token' => $access_token, 'created_at' => DateTimeFormat::utcNow(DateTimeFormat::MYSQL)]; $fields = ['application-id' => $application['id'], 'uid' => $uid, 'code' => $code, 'access_token' => $access_token, 'created_at' => DateTimeFormat::utcNow(DateTimeFormat::MYSQL)];
if (!DBA::insert('application-token', $fields, Database::INSERT_UPDATE)) { if (!DBA::insert('application-token', $fields, Database::INSERT_UPDATE)) {

2
src/Protocol/DFRN.php
View File

@ -1272,7 +1272,7 @@ class DFRN
switch ($rino_remote_version) { switch ($rino_remote_version) {
case 1: case 1:
$key = openssl_random_pseudo_bytes(16); $key = random_bytes(16);
$data = self::aesEncrypt($postvars['data'], $key); $data = self::aesEncrypt($postvars['data'], $key);
break; break;

4
src/Protocol/Diaspora.php
View File

@ -2870,9 +2870,9 @@ class Diaspora
return false; return false;
} }
$aes_key = openssl_random_pseudo_bytes(32); $aes_key = random_bytes(32);
$b_aes_key = base64_encode($aes_key); $b_aes_key = base64_encode($aes_key);
$iv = openssl_random_pseudo_bytes(16); $iv = random_bytes(16);
$b_iv = base64_encode($iv); $b_iv = base64_encode($iv);
$ciphertext = self::aesEncrypt($aes_key, $iv, $msg); $ciphertext = self::aesEncrypt($aes_key, $iv, $msg);