PBKDF2_KEY_SIZE = 48 was the turning point! My dirty little crypt.class.php can en- and decrypt, accoridng to the OpenSSL standard and options used in https://twtxt.dev/exts/direct-message.html
https://www.getpagespeed.com/server-setup/nginx-try_files-is-evil-too
https://www.getpagespeed.com/server-setup/nginx-try_files-is-evil-too
#twtxt
#twtxt
There are 2 buttons to make replicas, one makes a replica in the thread where the twt is located (this is the one that should be used the most, as it serves a thread), the other creates a replica to a specific twt.
I'll let you know a bit about the status: I'm just now implementing the thread screen. There you can be sure where you are. It's a bit confusing right now, sorry. I think the client is still in alpha. When I've finished what I'm doing, and the direct message system, I'll freeze development and focus on creating more tests, looking for bugs and making small visual adjustments.
There are 2 buttons to make replicas, one makes a replica in the thread where the twt is located (this is the one that should be used the most, as it serves a thread), the other creates a replica to a specific twt.
I'll let you know a bit about the status: I'm just now implementing the thread screen. There you can be sure where you are. It's a bit confusing right now, sorry. I think the client is still in alpha. When I've finished what I'm doing, and the direct message system, I'll freeze development and focus on creating more tests, looking for bugs and making small visual adjustments.
There are 2 buttons to make replicas, one makes a replica in the thread where the twt is located (this is the one that should be used the most, as it serves a thread), the other creates a replica to a specific twt.
I'll let you know a bit about the status: I'm just now implementing the thread screen. There you can be sure where you are. It's a bit confusing right now, sorry. I think the client is still in alpha. When I've finished what I'm doing, and the direct message system, I'll freeze development and focus on creating more tests, looking for bugs and making small visual adjustments.
[ ↳ Reply to twt ] button?
[ ↳ Reply to twt ] button?
A pile of three laptops, a switch and a fibre modem connected by ethernet cables, sitting on a table in an unfinished basement.
A car-sized pile of snow with a sign planted in it saying "No Parking" "Snow Removal". It occupies one or two parking spots on the side of a street.
https://samjohnston.org/2024/12/18/a-forgotten-manifesto-mozilla-betrays-its-own-values-on-open-source-ai/
https://samjohnston.org/2024/12/18/a-forgotten-manifesto-mozilla-betrays-its-own-values-on-open-source-ai/
so boring
#running #treadmill
so boring
#running #treadmill
so boring
#running #treadmill
convert -strip -quality 70 -resize 300x original.jpg resized.jpg
"original.jpg" being the filename of the input file and "resized.jpg" the filename of the output. You can play around with the width, "300x" means 300 pixels wide and the height is determined automatically to still remain in the same ratio. The quality is how much to compress it. The closer to 0 the value gets, the worse the result, but also smaller in file size. More towards 100 and the quality improves together with a larger file size.
You have to install the package "imagemagick" for this to work, I believe.
convert -strip -quality 70 -resize 300x original.jpg resized.jpg
"original.jpg" being the filename of the input file and "resized.jpg" the filename of the output. You can play around with the width, "300x" means 300 pixels wide and the height is determined automatically to still remain in the same ratio. The quality is how much to compress it. The closer to 0 the value gets, the worse the result, but also smaller in file size. More towards 100 and the quality improves together with a larger file size.
You have to install the package "imagemagick" for this to work, I believe.
The encryption part seems to work, if I decrypt it the message with OpenSSL.
I think it can help you for some key parts not well explained in OpenSSL documentation.
@andros reading your spec I wrote a few notes here: https://github.com/eapl-gemugami/twtxt-direct-message-php/blob/main/direct_message_spec.md
@arne I haven't check your repo yet, although you are using sodium, right?
Known salt (B64): Tb9oj07UhwU= (8)
Known key (B64): MII0yj+MC0mHNx254Voar80bi9P7jmocs0+x+inaxBE=
Known iv (B64): l/PvkDjOKMFZe73KptrvWw== (16)
Shared Key (B64): ql8zvN03p6kroSwNrcKbxk4zSBQFkgQZEumvqVIDMAE=
** DECRYPT **
Encrypted Message: ...
Decoded Salt (B64): Tb9oj07UhwU= (8)
PBKDF2 KEY (B64): MII0yj+MC0mHNx254Voar80bi9P7jmocs0+x+inaxBE=
iv (B64): JanbU1jI30lb6yfjq/adjA== (16)
Decrypted Message:
😭
There is a "00_well_known_message.enc" file, which I have the encryption paremters for (https://github.com/upputter/testing-twtxt-dm/blob/9fdf3be6aa8fe810a4cb275375dbb3d4a2a958ee/wellknown_test.php#L28).
According to my finding, I assume, that the
saltsize in openssl is "8" and the PBKDF2 algo is "sha256".
I want to compare that I can read the encrypted message both from OpenSSL CLI and from the PHP OpenSSL library, following the spec.
# https://www.php.net/manual/en/function.openssl-pbkdf2.php
$password = $sharedKey;
$salt = openssl_random_pseudo_bytes(16); # What's the salt length ?
$keyLength = 20; # What's the key length here ?
$iterations = 100000;
$generatedKey = openssl_pbkdf2($password, $salt, $keyLength, $iterations, 'sha256');
echo bin2hex($generatedKey)."\n";
echo base64_encode($generatedKey)."\n";
$iv = openssl_random_pseudo_bytes(16); // AES-256-CBC requires 16-byte IV
$cipherText = openssl_encrypt($message, 'aes-256-cbc', $generatedKey, OPENSSL_RAW_DATA, $iv);
return base64_encode($iv . $cipherText);
-p one can get an output of salt, key and iv. My stupid PHP-code can get everything right from the encrypted data (from OpenSSL) - except the iv! Damn "evpKDF" 😔
I don't think I'm going to be able to help you much, my knowledge of OpenSSL and PHP is not as high as I'd like it to be.
Maybe the OpenSSL version uses SHA-1 by default in PHP. Or that the IV is derived together with the key (not generated separately). But I'm not able to answer your questions, sorry.
I'm invoking the commands directly, without any libraries in between. Maybe that would help you?
I don't think I'm going to be able to help you much, my knowledge of OpenSSL and PHP is not as high as I'd like it to be.
Maybe the OpenSSL version uses SHA-1 by default in PHP. Or that the IV is derived together with the key (not generated separately). But I'm not able to answer your questions, sorry.
I'm invoking the commands directly, without any libraries in between. Maybe that would help you?
Ashram - Lucky's Song (My Dog)
https://youtu.be/oJ37mmym_LA
Ashram - Lucky's Song (My Dog)
https://youtu.be/oJ37mmym_LA