From 035646c0f60c2a9fb7105f0f1c6abdbda91b2d9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Wed, 1 Apr 2015 13:58:23 +0200 Subject: [PATCH] fix exception handling --- apps/encryption/lib/crypto/crypt.php | 64 ++++++++----------- .../exceptions/filekeymissingexception.php | 8 +++ .../exceptions/multikeydecryptexception.php | 7 ++ .../exceptions/multikeyencryptexception.php | 7 ++ 4 files changed, 48 insertions(+), 38 deletions(-) create mode 100644 apps/encryption/lib/exceptions/filekeymissingexception.php create mode 100644 apps/encryption/lib/exceptions/multikeydecryptexception.php create mode 100644 apps/encryption/lib/exceptions/multikeyencryptexception.php diff --git a/apps/encryption/lib/crypto/crypt.php b/apps/encryption/lib/crypto/crypt.php index ea7f9e1cdf..6b79057fe7 100644 --- a/apps/encryption/lib/crypto/crypt.php +++ b/apps/encryption/lib/crypto/crypt.php @@ -25,6 +25,8 @@ namespace OCA\Encryption\Crypto; use OC\Encryption\Exceptions\DecryptionFailedException; use OC\Encryption\Exceptions\EncryptionFailedException; use OC\Encryption\Exceptions\GenericEncryptionException; +use OCA\Encryption\Exceptions\MultiKeyDecryptException; +use OCA\Encryption\Exceptions\MultiKeyEncryptException; use OCP\IConfig; use OCP\ILogger; use OCP\IUser; @@ -120,11 +122,11 @@ class Crypt { /** * @param $plainContent - * @param $passphrase + * @param $passPhrase * @return bool|string * @throws GenericEncryptionException */ - public function symmetricEncryptFileContent($plainContent, $passphrase) { + public function symmetricEncryptFileContent($plainContent, $passPhrase) { if (!$plainContent) { $this->logger->error('Encryption Library, symmetrical encryption failed no content given', @@ -134,37 +136,29 @@ class Crypt { $iv = $this->generateIv(); - try { - $encryptedContent = $this->encrypt($plainContent, - $iv, - $passphrase, - $this->getCipher()); - // combine content to encrypt the IV identifier and actual IV - $catFile = $this->concatIV($encryptedContent, $iv); - $padded = $this->addPadding($catFile); - - return $padded; - } catch (EncryptionFailedException $e) { - $message = 'Could not encrypt file content (code: ' . $e->getCode() . '): '; - $this->logger->error('files_encryption' . $message . $e->getMessage(), - ['app' => 'encryption']); - return false; - } + $encryptedContent = $this->encrypt($plainContent, + $iv, + $passPhrase, + $this->getCipher()); + // combine content to encrypt the IV identifier and actual IV + $catFile = $this->concatIV($encryptedContent, $iv); + $padded = $this->addPadding($catFile); + return $padded; } /** * @param $plainContent * @param $iv - * @param string $passphrase + * @param string $passPhrase * @param string $cipher * @return string * @throws EncryptionFailedException */ - private function encrypt($plainContent, $iv, $passphrase = '', $cipher = self::DEFAULT_CIPHER) { + private function encrypt($plainContent, $iv, $passPhrase = '', $cipher = self::DEFAULT_CIPHER) { $encryptedContent = openssl_encrypt($plainContent, $cipher, - $passphrase, + $passPhrase, false, $iv); @@ -246,27 +240,21 @@ class Crypt { /** * @param $keyFileContents - * @param string $passphrase + * @param string $passPhrase * @param string $cipher - * @return bool|string + * @return string * @throws DecryptionFailedException */ - public function symmetricDecryptFileContent($keyFileContents, $passphrase = '', $cipher = self::DEFAULT_CIPHER) { + public function symmetricDecryptFileContent($keyFileContents, $passPhrase = '', $cipher = self::DEFAULT_CIPHER) { // Remove Padding $noPadding = $this->removePadding($keyFileContents); $catFile = $this->splitIv($noPadding); - $plainContent = $this->decrypt($catFile['encrypted'], + return $this->decrypt($catFile['encrypted'], $catFile['iv'], - $passphrase, + $passPhrase, $cipher); - - if ($plainContent) { - return $plainContent; - } - - return false; } /** @@ -304,22 +292,22 @@ class Crypt { /** * @param $encryptedContent * @param $iv - * @param string $passphrase + * @param string $passPhrase * @param string $cipher * @return string * @throws DecryptionFailedException */ - private function decrypt($encryptedContent, $iv, $passphrase = '', $cipher = self::DEFAULT_CIPHER) { + private function decrypt($encryptedContent, $iv, $passPhrase = '', $cipher = self::DEFAULT_CIPHER) { $plainContent = openssl_decrypt($encryptedContent, $cipher, - $passphrase, + $passPhrase, false, $iv); if ($plainContent) { return $plainContent; } else { - throw new DecryptionFailedException('Encryption library: Decryption (symmetric) of content failed'); + throw new DecryptionFailedException('Encryption library: Decryption (symmetric) of content failed: ' . openssl_error_string()); } } @@ -427,7 +415,7 @@ class Crypt { if (openssl_open($encKeyFile, $plainContent, $shareKey, $privateKey)) { return $plainContent; } else { - throw new MultiKeyDecryptException('multikeydecrypt with share key failed'); + throw new MultiKeyDecryptException('multikeydecrypt with share key failed:' . openssl_error_string()); } } @@ -452,7 +440,7 @@ class Crypt { if (openssl_seal($plainContent, $sealed, $shareKeys, $keyFiles)) { $i = 0; - // Ensure each shareKey is labelled with its coreesponding keyid + // Ensure each shareKey is labelled with its corresponding key id foreach ($keyFiles as $userId => $publicKey) { $mappedShareKeys[$userId] = $shareKeys[$i]; $i++; diff --git a/apps/encryption/lib/exceptions/filekeymissingexception.php b/apps/encryption/lib/exceptions/filekeymissingexception.php new file mode 100644 index 0000000000..9eb2d4c80d --- /dev/null +++ b/apps/encryption/lib/exceptions/filekeymissingexception.php @@ -0,0 +1,8 @@ +