mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Derive encryption key & MAC key from a single key. 

Signed-off-by: lynn-stephenson <lynn.stephenson@protonmail.com>
This commit is contained in:
lynn-stephenson 2020-10-15 21:04:38 -08:00
parent b13d9bcca6
commit 648b60fa0e
No known key found for this signature in database
GPG Key ID: A4185BF87E57DF9F
1 changed files with 15 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
lib/private/Security/Crypto.php
View File

@ -10,6 +10,7 @@ declare(strict_types=1);
* @author Lukas Reschke <lukas@statuscode.ch>
* @author Morris Jobke <hey@morrisjobke.de>
* @author Roeland Jago Douma <roeland@famdouma.nl>
* @author Lynn Stephenson <lynn.stephenson@protonmail.com>
*
* @license AGPL-3.0
*
@ -90,16 +91,17 @@ class Crypto implements ICrypto {
if ($password === '') {
$password = $this->config->getSystemValue('secret');
}
$this->cipher->setPassword($password);
$keyMaterial = hash_hkdf('sha512', $password);
$this->cipher->setPassword(substr($keyMaterial, 0, 32));
$iv = \random_bytes($this->ivLength);
$this->cipher->setIV($iv);
$ciphertext = bin2hex($this->cipher->encrypt($plaintext));
$iv = bin2hex($iv);
$hmac = bin2hex($this->calculateHMAC($ciphertext.$iv, $password));
$hmac = bin2hex($this->calculateHMAC($ciphertext.$iv, substr($keyMaterial, 32)));
return $ciphertext.'|'.$iv.'|'.$hmac.'|2';
return $ciphertext.'|'.$iv.'|'.$hmac.'|3';
}
/**
@ -114,7 +116,7 @@ class Crypto implements ICrypto {
if ($password === '') {
$password = $this->config->getSystemValue('secret');
}
$this->cipher->setPassword($password);
$hmacKey = $encryptionKey = $password;
$parts = explode('|', $authenticatedCiphertext);
$partCount = \count($parts);
@ -128,14 +130,20 @@ class Crypto implements ICrypto {
if ($partCount === 4) {
$version = $parts[3];
if ($version === '2') {
if ($version >= '2') {
$iv = hex2bin($iv);
}
}
if ($version === '3') {
$keyMaterial = hash_hkdf('sha512', $password);
$encryptionKey = substr($keyMaterial, 0, 32);
$hmacKey = substr($keyMaterial, 32);
}
}
$this->cipher->setPassword($encryptionKey);
$this->cipher->setIV($iv);
if (!hash_equals($this->calculateHMAC($parts[0] . $parts[1], $password), $hmac)) {
if (!hash_equals($this->calculateHMAC($parts[0] . $parts[1], $hmacKey), $hmac)) {
throw new \Exception('HMAC does not match.');
}