mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

SSE enhancement 

Do not blind concatenate ints. Lets add a _ between them. So that we can
distrinquis them properly

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
Roeland Jago Douma 2020-08-11 19:26:41 +02:00 committed by backportbot[bot]
parent 659fb3cf06
commit 8c753f87fc
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
apps/encryption/lib/Crypto/Crypt.php
View File

@ -189,7 +189,7 @@ class Crypt {
$this->getCipher());
// Create a signature based on the key as well as the current version
$sig = $this->createSignature($encryptedContent, $passPhrase.$version.$position);
$sig = $this->createSignature($encryptedContent, $passPhrase.'_'.$version.'_'.$position);
// combine content to encrypt the IV identifier and actual IV
$catFile = $this->concatIV($encryptedContent, $iv);
@ -460,7 +460,13 @@ class Crypt {
$catFile = $this->splitMetaData($keyFileContents, $cipher);
if ($catFile['signature'] !== false) {
$this->checkSignature($catFile['encrypted'], $passPhrase.$version.$position, $catFile['signature']);
try {
// First try the new format
$this->checkSignature($catFile['encrypted'], $passPhrase . '_' . $version . '_' . $position, $catFile['signature']);
} catch (GenericEncryptionException $e) {
// For compatibility with old files check the version without _
$this->checkSignature($catFile['encrypted'], $passPhrase . $version . $position, $catFile['signature']);
}
}
return $this->decrypt($catFile['encrypted'],