From 8c753f87fc062b39b56d69ce23b6a04d736315c1 Mon Sep 17 00:00:00 2001 From: Roeland Jago Douma Date: Tue, 11 Aug 2020 19:26:41 +0200 Subject: [PATCH] SSE enhancement Do not blind concatenate ints. Lets add a _ between them. So that we can distrinquis them properly Signed-off-by: Roeland Jago Douma --- apps/encryption/lib/Crypto/Crypt.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/apps/encryption/lib/Crypto/Crypt.php b/apps/encryption/lib/Crypto/Crypt.php index e990f5a510..7723b63a66 100644 --- a/apps/encryption/lib/Crypto/Crypt.php +++ b/apps/encryption/lib/Crypto/Crypt.php @@ -189,7 +189,7 @@ class Crypt { $this->getCipher()); // Create a signature based on the key as well as the current version - $sig = $this->createSignature($encryptedContent, $passPhrase.$version.$position); + $sig = $this->createSignature($encryptedContent, $passPhrase.'_'.$version.'_'.$position); // combine content to encrypt the IV identifier and actual IV $catFile = $this->concatIV($encryptedContent, $iv); @@ -460,7 +460,13 @@ class Crypt { $catFile = $this->splitMetaData($keyFileContents, $cipher); if ($catFile['signature'] !== false) { - $this->checkSignature($catFile['encrypted'], $passPhrase.$version.$position, $catFile['signature']); + try { + // First try the new format + $this->checkSignature($catFile['encrypted'], $passPhrase . '_' . $version . '_' . $position, $catFile['signature']); + } catch (GenericEncryptionException $e) { + // For compatibility with old files check the version without _ + $this->checkSignature($catFile['encrypted'], $passPhrase . $version . $position, $catFile['signature']); + } } return $this->decrypt($catFile['encrypted'],