Permalink
Browse files

Set IV when encrypting with CBC mode

  • Loading branch information...
1 parent 6066668 commit 9739ab3daa37e6b163c3c3c969b815c2e7ab1642 @cdujeu cdujeu committed Sep 27, 2016
Showing with 6 additions and 1 deletion.
  1. +6 −1 core/src/core/src/pydio/Core/Utils/Crypto.php
@@ -136,7 +136,9 @@ public static function encrypt($data, $key, $base64encode = true){
$r = new ZeroPaddingRijndael(Rijndael::MODE_CBC);
$r->setKey($key);
$r->setBlockLength(128);
- $encoded = $r->encrypt($data);
+ $iv = self::getRandomSalt(false, 16);
+ $r->setIV($iv);
+ $encoded = $iv . $r->encrypt($data);
if($base64encode) {
return self::getDataHeader().base64_encode($encoded);
} else {
@@ -156,7 +158,10 @@ public static function decrypt($data, $key, $base64encoded = true){
$data = base64_decode($data);
}
if($test){
+ $iv = substr($data, 0, 16);
+ $data = substr($data, 16);
$r = new ZeroPaddingRijndael(Rijndael::MODE_CBC);
+ $r->setIV($iv);
$r->setBlockLength(128);
}else{
// Legacy encoding

0 comments on commit 9739ab3

Please sign in to comment.