reorganized for hybrid encryption

2025-04-19 20:51:32 +02:00 · 2025-04-19 20:51:32 +02:00 · 74b5420aa9
commit 74b5420aa9
parent 53a52632a7
1 changed files with 32 additions and 34 deletions
--- a/send.php
+++ b/send.php
@ -63,7 +63,8 @@ function pushMetadata($messageId, $receiver, $color, $body_hash){
 }
-function pushInternal($messageId, $body){
+
 function pushData($messageId, $body, $internal_key, $external_key){
  global $dbservername;
 	global $dbusername;
 	global $dbpassword;
@ -73,31 +74,10 @@ function pushInternal($messageId, $body){
 		if ($conn->connect_error) {
 			die("Server Error");
 		}
-    $sql = "INSERT INTO smz_messages_internal (message_id, message_body) VALUES ('$messageId', '$body')";
+    $sql = "INSERT INTO smz_messages_data (message_id, message_body, internal_key, external_key) VALUES ('$messageId', '$body', '$internal_key', '$external_key')";
 		if ($conn->query($sql) === TRUE) {
-      echo "INTERNAL erfolgreich gespeichert";
+      echo "DATA erfolgreich gespeichert";
 		} else {
 			echo "Error: " . $sql . "<br>" . $conn->error;
 		}
 		$conn->close();
 }
 function pushExternal($messageId, $body){
  global $dbservername;
 	global $dbusername;
 	global $dbpassword;
 	global $dbname;
  $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
 		if ($conn->connect_error) {
 			die("Server Error");
 		}
    $sql = "INSERT INTO smz_messages_external (message_id, message_body) VALUES ('$messageId', '$body')";
 		if ($conn->query($sql) === TRUE) {
      echo "EXTERNAL erfolgreich gespeichert";
 		} else {
 			echo "Error: " . $sql . "<br>" . $conn->error;
 		}
@ -108,20 +88,38 @@ function pushExternal($messageId, $body){
 include('keyGrab.php');
 $sender_key = grabPublicKey($uid);
 $receiver_key = grabPublicKey($receiver);
 $encryptedBodyINTERNAL = '';
 $encryptedBodyEXTERNAL = '';
-$encryptedINTERNAL = openssl_public_encrypt($body, $encryptedBodyINTERNAL, $sender_key, OPENSSL_PKCS1_PADDING);
+$aesKey = openssl_random_pseudo_bytes(32);
-$encryptedEXTERNAL = openssl_public_encrypt($body, $encryptedBodyEXTERNAL, $receiver_key, OPENSSL_PKCS1_PADDING);
+$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-256-cbc'));
 $encryptedBody = openssl_encrypt($body, 'aes-256-cbc', $aesKey, 0, $iv);
-if ($encryptedINTERNAL === false) {
+
-    die("Fehler beim Verschlüsseln (internal): " . openssl_error_string());
+$encryptedAesKey = '';
 $encryptionOkEXT = openssl_public_encrypt($aesKey, $encryptedAesKeyEXTERNAL, $receiver_key, OPENSSL_PKCS1_PADDING);
 $encryptionOkINT = openssl_public_encrypt($aesKey, $encryptedAesKeyINTERNAL, $sender_key, OPENSSL_PKCS1_PADDING);
 if ($encryptionOkEXT === false) {
    die("Fehler beim Verschlüsseln des AES-Schlüssels (EXTERNAL): " . openssl_error_string());
 }
-if ($encryptedEXTERNAL === false) {
+if ($encryptionOkINT === false) {
-    die("Fehler beim Verschlüsseln (external): " . openssl_error_string());
+    die("Fehler beim Verschlüsseln des AES-Schlüssels (INTERNAL): " . openssl_error_string());
 }
-pushInternal($messageId, base64_encode($encryptedBodyINTERNAL));
+$encryptedMessageBase64 = base64_encode($encryptedBody);
-pushExternal($messageId, base64_encode($encryptedBodyEXTERNAL));
+$encryptedAesKeyBase64EXT = base64_encode($encryptedAesKeyEXTERNAL);
 $encryptedAesKeyBase64INT = base64_encode($encryptedAesKeyINTERNAL);
 $ivBase64 = base64_encode($iv);
 // $encryptedINTERNAL = openssl_public_encrypt($body, $encryptedBodyINTERNAL, $sender_key, OPENSSL_PKCS1_PADDING);
 // $encryptedEXTERNAL = openssl_public_encrypt($body, $encryptedBodyEXTERNAL, $receiver_key, OPENSSL_PKCS1_PADDING);
 // if ($encryptedINTERNAL === false) {
 //     die("Fehler beim Verschlüsseln (internal): " . openssl_error_string());
 // }
 // if ($encryptedEXTERNAL === false) {
 //     die("Fehler beim Verschlüsseln (external): " . openssl_error_string());
 // }
 pushData($messageId, $encryptedMessageBase64, $encryptedAesKeyBase64INT, $encryptedAesKeyBase64EXT);
 echo "<h1>ERFOLG</1>";
 ?>