From 8e9910e7456cb1bb128fefc776e1387619c9f47e Mon Sep 17 00:00:00 2001 From: Kelly Rauchenberger Date: Wed, 13 Aug 2008 03:54:09 +0000 Subject: Update: Fixed encryption sequence Previously, even after the key generation bug ([127]) was fixed, the Client was still failing to decrypt properly. However, the first field, Title, decrypted perfectly, so it was discovered that while the Client reset the Cipher object after every decryption, the Update Server did not reset MCrypt after every enryption. This has been fixed. Refs #10 --- update/library/trunk/instadisc.php | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'update/library/trunk') diff --git a/update/library/trunk/instadisc.php b/update/library/trunk/instadisc.php index 6cf5e09..bfc1101 100644 --- a/update/library/trunk/instadisc.php +++ b/update/library/trunk/instadisc.php @@ -35,7 +35,7 @@ function instaDisc_sendItem($id, $title, $author, $url, $semantics) function instaDisc_sendEncrypted($id, $title, $author, $url, $semantics) { - global $idusEncryptionKey; + global $idusUsername, $idusPassword, $idusCentralServer, $idusSubscriptionURI, $idusEncryptionKey; $encID = 0; while ($encID == 0) @@ -48,17 +48,26 @@ function instaDisc_sendEncrypted($id, $title, $author, $url, $semantics) $key = substr(md5(substr(str_pad($idusEncryptionKey[$id],16,$encID),0,16)),0,16); $td = mcrypt_module_open($cipher, "", $mode, ""); + mcrypt_generic_init($td, $key, strrev($key)); $title = bin2hex(mcrypt_generic($td, $title)); + mcrypt_generic_deinit($td); + + mcrypt_generic_init($td, $key, strrev($key)); $author = bin2hex(mcrypt_generic($td, $author)); + mcrypt_generic_deinit($td); + + mcrypt_generic_init($td, $key, strrev($key)); $url = bin2hex(mcrypt_generic($td, $url)); + mcrypt_generic_deinit($td); foreach ($semantics as $name => $value) { + mcrypt_generic_init($td, $key, strrev($key)); $semantics[$name] = bin2hex(mcrypt_generic($td, $value)); + mcrypt_generic_deinit($td); } - mcrypt_generic_deinit($td); mcrypt_module_close($td); $verID = rand(1,65536); -- cgit 1.4.1