Replaced phpseclib calls with symmetric re-encryption of user private key

This commit is contained in:
Sam Tuke 2012-12-11 15:15:30 +00:00
parent a00dd2d5d6
commit 1fc5b1d02d
3 changed files with 15 additions and 23 deletions

View File

@ -34,4 +34,6 @@ if (
}
OCP\App::registerAdmin('files_encryption', 'settings');
OCP\App::registerPersonal('files_encryption','settings-personal');
OCP\App::registerPersonal('files_encryption','settings-personal');
file_put_contents( '/home/samtuke/tmp.txt', $_SESSION['privateKey'] );

View File

@ -106,31 +106,20 @@ class Hooks {
// the necessary keys)
if ( Crypt::mode() == 'server' ) {
$rsa = new \Crypt_RSA();
// Get existing decrypted private key
$privateKey = $_SESSION['privateKey'];
// Load old passphrase
$rsa->setPassword( $params['password'] );
trigger_error( "\$privateKey = ". var_export($privateKey, 1));
// Load user's private key
$rsa->loadKey( $_SESSION['privateKey'] );
// Set new passphrase
$rsa->setPassword('new_password');
// Get modified private key
$privateKey = $rsa->getPrivateKey();
// Encrypt private key with new user pwd as passphrase
$encryptedPrivateKey = Crypt::symmetricEncryptFileContent( $privateKey, $params['password'] );
// Save private key
Keymanager::setPrivateKey( $privateKey );
Keymanager::setPrivateKey( $encryptedPrivateKey );
// Get modified public key
$publicKey = $rsa->getPublicKey();
// Save public key
Keymanager::setPublicKey( $publicKey );
# NOTE: Do we need to update session manually here or
# will forced logout see to this?
# NOTE: Session does not need to be updated as the
# private key has not changed, only the passphrase
# used to decrypt it has changed
}

View File

@ -192,9 +192,10 @@ class Keymanager {
/**
* @brief store private key from the user
*
* @param string key
* @return bool true/false
* @return bool
* @note Encryption of the private key must be performed by client code
* as no encryption takes place here
*/
public static function setPrivateKey( $key ) {