"; $body = strip_tags($_POST["body"], $allowedTags); $color = filter_var($_POST["color"], FILTER_SANITIZE_STRING); $messageId = uniqid(); receiverCheck($by); pushMetadata($messageId, $receiver, $color); function receiverCheck($by){ global $receiver; include('search.php'); switch ($by) { case '0': if (uid($receiver) == false){ echo "FATAL: Empfänger ($receiver) nicht gefunden (searched by ID)"; die(); } break; case '1': if (username($receiver) == false){ echo "FATAL: Empfänger ($receiver) nicht gefunden (searched by NAME)"; }else{ $receiver = username($receiver); } break; } } function pushMetadata($messageId, $receiver, $color){ $sender_info = "".$_SERVER['REMOTE_ADDR'].", ". $_SERVER['HTTP_USER_AGENT'].""; global $dbservername; global $dbusername; global $dbpassword; global $dbname; global $uid; $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname); if ($conn->connect_error) { die("Server Error"); } $sql = "INSERT INTO smz_messages_metadata (message, sender, receiver, sender_info, color) VALUES ('$messageId', '$uid', '$receiver', '$sender_info', '$color')"; if ($conn->query($sql) === TRUE) { echo "Metadaten erfolgreich gespeichert"; } else { echo "Error: " . $sql . "
" . $conn->error; } $conn->close(); } function pushData($messageId, $body, $iv, $internal_key, $external_key){ global $dbservername; global $dbusername; global $dbpassword; global $dbname; $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname); if ($conn->connect_error) { die("Server Error"); } $sql = "INSERT INTO smz_messages_data (message_id, message_body, iv, internal_key, external_key) VALUES ('$messageId', '$body', '$iv', '$internal_key', '$external_key')"; if ($conn->query($sql) === TRUE) { echo "DATA erfolgreich gespeichert"; } else { echo "Error: " . $sql . "
" . $conn->error; } $conn->close(); } include('keyGrab.php'); $sender_key = grabPublicKey($uid); $receiver_key = grabPublicKey($receiver); $aesKey = openssl_random_pseudo_bytes(32); $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-128-cbc')); $encryptedBody = openssl_encrypt($body, 'aes-128-cbc', $aesKey, 0, $iv); $encryptedAesKey = ''; $encryptionOkEXT = openssl_public_encrypt($aesKey, $encryptedAesKeyEXTERNAL, $receiver_key, OPENSSL_PKCS1_PADDING); $encryptionOkINT = openssl_public_encrypt($aesKey, $encryptedAesKeyINTERNAL, $sender_key, OPENSSL_PKCS1_PADDING); if ($encryptionOkEXT === false) { die("Fehler beim Verschlüsseln des AES-Schlüssels (EXTERNAL): " . openssl_error_string()); } if ($encryptionOkINT === false) { die("Fehler beim Verschlüsseln des AES-Schlüssels (INTERNAL): " . openssl_error_string()); } $encryptedMessageBase64 = base64_encode($encryptedBody); $encryptedAesKeyBase64EXT = base64_encode($encryptedAesKeyEXTERNAL); $encryptedAesKeyBase64INT = base64_encode($encryptedAesKeyINTERNAL); $ivBase64 = base64_encode($iv); pushData($messageId, $encryptedMessageBase64, $ivBase64, $encryptedAesKeyBase64INT, $encryptedAesKeyBase64EXT); echo "

ERFOLG"; ?>