From 2471d3a979d00e0cecca64e0d5889ca40c02c5fe Mon Sep 17 00:00:00 2001 From: alecpl Date: Sat, 16 May 2009 13:01:49 +0000 Subject: - Added possibility to encrypt received header, option 'http_received_header_encrypt', added some more logic in encrypt/decrypt functions for security --- program/include/rcube_config.php | 44 ++++++++++++++++++++++++++-------------- 1 file changed, 29 insertions(+), 15 deletions(-) (limited to 'program/include/rcube_config.php') diff --git a/program/include/rcube_config.php b/program/include/rcube_config.php index 1312a73de..60064e7f5 100644 --- a/program/include/rcube_config.php +++ b/program/include/rcube_config.php @@ -176,28 +176,42 @@ class rcube_config { return $this->prop; } - - + /** - * Return a 24 byte key for the DES encryption + * Return requested DES crypto key. * - * @return string DES encryption key + * @param string Crypto key name + * @return string Crypto key */ - public function get_des_key() + public function get_crypto_key($key) { - $key = !empty($this->prop['des_key']) ? $this->prop['des_key'] : 'rcmail?24BitPwDkeyF**ECB'; - $len = strlen($key); - - // make sure the key is exactly 24 chars long - if ($len<24) - $key .= str_repeat('_', 24-$len); - else if ($len>24) - substr($key, 0, 24); + // Bomb out if the requested key does not exist + if (!array_key_exists($key, $this->prop)) + { + raise_error(array( + 'code' => 500, + 'type' => 'php', + 'file' => __FILE__, + 'message' => "Request for unconfigured crypto key \"$key\"" + ), true, true); + } + + $key = $this->prop[$key]; + + // Bomb out if the configured key is not exactly 24 bytes long + if (strlen($key) != 24) + { + raise_error(array( + 'code' => 500, + 'type' => 'php', + 'file' => __FILE__, + 'message' => "Configured crypto key \"$key\" is not exactly 24 bytes long" + ), true, true); + } return $key; } - - + /** * Try to autodetect operating system and find the correct line endings * -- cgit v1.2.3