mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Use constant for supported formats 

Signed-off-by: J0WI <J0WI@users.noreply.github.com>
This commit is contained in:
J0WI 2021-03-26 18:58:13 +01:00
parent a75f0e62fa
commit e617361250
1 changed files with 24 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
apps/encryption/lib/Crypto/Crypt.php
View File

@ -57,10 +57,20 @@ use OCP\IUserSession;
* @package OCA\Encryption\Crypto
*/
class Crypt {
public const SUPPORTED_CIPHERS_AND_KEY_SIZE = [
'AES-256-CTR' => 32,
'AES-128-CTR' => 16,
'AES-256-CFB' => 32,
'AES-128-CFB' => 16,
];
// one out of SUPPORTED_CIPHERS_AND_KEY_SIZE
public const DEFAULT_CIPHER = 'AES-256-CTR';
// default cipher from old Nextcloud versions
public const LEGACY_CIPHER = 'AES-128-CFB';
public const SUPPORTED_KEY_FORMATS = ['hash', 'password'];
// one out of SUPPORTED_KEY_FORMATS
public const DEFAULT_KEY_FORMAT = 'hash';
// default key format, old Nextcloud version encrypted the private key directly
// with the user password
public const LEGACY_KEY_FORMAT = 'password';
@ -77,20 +87,9 @@ class Crypt {
/** @var IConfig */
private $config;
/** @var array */
private $supportedKeyFormats;
/** @var IL10N */
private $l;
/** @var array */
private $supportedCiphersAndKeySize = [
'AES-256-CTR' => 32,
'AES-128-CTR' => 16,
'AES-256-CFB' => 32,
'AES-128-CFB' => 16,
];
/** @var bool */
private $supportLegacy;
@ -105,8 +104,6 @@ class Crypt {
$this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : '"no user given"';
$this->config = $config;
$this->l = $l;
$this->supportedKeyFormats = ['hash', 'password'];
$this->supportLegacy = $this->config->getSystemValueBool('encryption.legacy_format_support', false);
}
@ -207,12 +204,12 @@ class Crypt {
/**
* generate header for encrypted file
*
* @param string $keyFormat (can be 'hash' or 'password')
* @param string $keyFormat see SUPPORTED_KEY_FORMATS
* @return string
* @throws \InvalidArgumentException
*/
public function generateHeader($keyFormat = 'hash') {
if (in_array($keyFormat, $this->supportedKeyFormats, true) === false) {
public function generateHeader($keyFormat = self::DEFAULT_KEY_FORMAT) {
if (in_array($keyFormat, self::SUPPORTED_KEY_FORMATS, true) === false) {
throw new \InvalidArgumentException('key format "' . $keyFormat . '" is not supported');
}
@ -259,14 +256,15 @@ class Crypt {
*/
public function getCipher() {
$cipher = $this->config->getSystemValue('cipher', self::DEFAULT_CIPHER);
if (!isset($this->supportedCiphersAndKeySize[$cipher])) {
if (!isset(self::SUPPORTED_CIPHERS_AND_KEY_SIZE[$cipher])) {
$this->logger->warning(
sprintf(
'Unsupported cipher (%s) defined in config.php supported. Falling back to %s',
$cipher,
self::DEFAULT_CIPHER
),
['app' => 'encryption']);
sprintf(
'Unsupported cipher (%s) defined in config.php supported. Falling back to %s',
$cipher,
self::DEFAULT_CIPHER
),
['app' => 'encryption']
);
$cipher = self::DEFAULT_CIPHER;
}
@ -288,8 +286,8 @@ class Crypt {
* @throws \InvalidArgumentException
*/
protected function getKeySize($cipher) {
if (isset($this->supportedCiphersAndKeySize[$cipher])) {
return $this->supportedCiphersAndKeySize[$cipher];
if (isset(self::SUPPORTED_CIPHERS_AND_KEY_SIZE[$cipher])) {
return self::SUPPORTED_CIPHERS_AND_KEY_SIZE[$cipher];
}
throw new \InvalidArgumentException(
@ -411,7 +409,7 @@ class Crypt {
$keyFormat = self::LEGACY_KEY_FORMAT;
}
if ($keyFormat === 'hash') {
if ($keyFormat === self::DEFAULT_KEY_FORMAT) {
$password = $this->generatePasswordHash($password, $cipher, $uid);
}