Set IV when encrypting with CBC mode

cdujeu · cdujeu · commit 9739ab3daa37 · 2016-09-27T11:00:18.000+02:00
diff --git a/core/src/core/src/pydio/Core/Utils/Crypto.php b/core/src/core/src/pydio/Core/Utils/Crypto.php
@@ -136,7 +136,9 @@ public static function encrypt($data, $key, $base64encode = true){
         $r = new ZeroPaddingRijndael(Rijndael::MODE_CBC);
         $r->setKey($key);
         $r->setBlockLength(128);
-        $encoded = $r->encrypt($data);
+        $iv = self::getRandomSalt(false, 16);
+        $r->setIV($iv);
+        $encoded = $iv . $r->encrypt($data);
         if($base64encode) {
             return self::getDataHeader().base64_encode($encoded);
         } else {
@@ -156,7 +158,10 @@ public static function decrypt($data, $key, $base64encoded = true){
             $data = base64_decode($data);
         }
         if($test){
+            $iv = substr($data, 0, 16);
+            $data = substr($data, 16);
             $r = new ZeroPaddingRijndael(Rijndael::MODE_CBC);
+            $r->setIV($iv);
             $r->setBlockLength(128);
         }else{
             // Legacy encoding
