connect_error) { die("Connection failed: " . $conn->connect_error); } $sql = "SELECT sender, receiver FROM smz_messages_metadata WHERE message='$id'"; $result = $conn->query($sql); $conn->close(); if ($result->num_rows > 0) { while($row = $result->fetch_assoc()) { if ($row["sender"] == $uid){ return "internal"; }else if($row["receiver"] == $uid){ return "external"; }else{ return false; } } } else { return false; } } function getData($id){ global $dbservername; global $dbusername; global $dbpassword; global $dbname; $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname); if ($conn->connect_error) { die("Connection failed: " . $conn->connect_error); } $type = "".getMessageType($id)."_key"; $sql = "SELECT message_body, iv, $type FROM smz_messages_data WHERE message_id='$id'"; $result = $conn->query($sql); $conn->close(); if ($result->num_rows > 0) { while($row = $result->fetch_assoc()) { decrypt($row["$type"], $row["message_body"], $row["iv"]); } } else { return false; } } function decrypt($aeskey, $body, $iv){ global $upassword; include('keyGrab.php'); $key = grabPrivateKey($upassword); $decryptedAesKey = ''; $decryptionOk = openssl_private_decrypt(base64_decode($aeskey), $decryptedAesKey, $key, OPENSSL_PKCS1_PADDING); if ($decryptionOk === false) { die("Fehler beim Entschlüsseln des AES-Schlüssels: " . openssl_error_string()); } // Nachricht mit AES entschlüsseln $decryptedMessage = openssl_decrypt(base64_decode($body), 'aes-128-cbc', $decryptedAesKey, 0, base64_decode($iv)); echo $decryptedMessage; } if(!password_verify($upassword, $upassword_hash)){ die("Passwortfehler"); } getData($id); ?>