Move to AES-256-GCM for openssl_seal/open

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

apps/encryption/lib/Crypto/Crypt.php

@@ -677,11 +677,25 @@ class Crypt {
 			throw new MultiKeyDecryptException('Cannot multikey decrypt empty plain content');
 		}
 
+		$prev = null;
+
+		// We need to be able to extract the IV
+		if (strlen($encKeyFile) > 12) {
+			$iv = substr($encKeyFile, -12);
+			$encrypted = substr($encKeyFile, 0, -12);
+
+			if (openssl_open($encrypted, $plainContent, $shareKey, $privateKey, 'aes-256-gcm', $iv)) {
+				return $plainContent;
+			}
+
+			$prev = new MultiKeyDecryptException('multikeydecrypt with share key failed (aes-256-gcm):' . openssl_error_string());
+		}
+
 		if (openssl_open($encKeyFile, $plainContent, $shareKey, $privateKey, 'RC4')) {
 			return $plainContent;
-		} else {
-			throw new MultiKeyDecryptException('multikeydecrypt with share key failed:' . openssl_error_string());
 		}
+
+		throw new MultiKeyDecryptException('multikeydecrypt with share key failed (rc4):' . openssl_error_string(), '', 0, $prev);
 	}
 
 	/**
@@ -702,7 +716,8 @@ class Crypt {
 		$shareKeys = [];
 		$mappedShareKeys = [];
 
-		if (openssl_seal($plainContent, $sealed, $shareKeys, $keyFiles, 'RC4')) {
+		$iv = \random_bytes(12);
+		if (openssl_seal($plainContent, $sealed, $shareKeys, $keyFiles, 'aes-256-gcm', $iv)) {
 			$i = 0;
 
 			// Ensure each shareKey is labelled with its corresponding key id
@@ -712,11 +727,10 @@ class Crypt {
 			}
 
 			return [
-				'keys' => $mappedShareKeys,
+				'keys' => $mappedShareKeys . $iv,
 				'data' => $sealed
 			];
-		} else {
-			throw new MultiKeyEncryptException('multikeyencryption failed ' . openssl_error_string());
 		}
+		throw new MultiKeyEncryptException('multikeyencryption failed ' . openssl_error_string());
 	}
 }