mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 1008 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
63603 Commits
419 Branches
Tree: 601664bc84
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '601664bc84'
${ noResults }
nextcloud/lib/public/Security/ICrypto.php

ICrypto.php 2.4KB
Raw Blame History

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 
  1. <?php

  2. 

  3. declare(strict_types=1);

  4. 

  5. /**

  6.  * @copyright Copyright (c) 2016, ownCloud, Inc.

  7.  *

  8.  * @author Lukas Reschke <lukas@statuscode.ch>

  9.  * @author Morris Jobke <hey@morrisjobke.de>

  10.  * @author Roeland Jago Douma <roeland@famdouma.nl>

  11.  *

  12.  * @license AGPL-3.0

  13.  *

  14.  * This code is free software: you can redistribute it and/or modify

  15.  * it under the terms of the GNU Affero General Public License, version 3,

  16.  * as published by the Free Software Foundation.

  17.  *

  18.  * This program is distributed in the hope that it will be useful,

  19.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  20.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

  21.  * GNU Affero General Public License for more details.

  22.  *

  23.  * You should have received a copy of the GNU Affero General Public License, version 3,

  24.  * along with this program. If not, see <http://www.gnu.org/licenses/>

  25.  *

  26.  */

  27. namespace OCP\Security;

  28. 

  29. /**

  30.  * Class Crypto provides a high-level encryption layer using AES-CBC. If no key has been provided

  31.  * it will use the secret defined in config.php as key. Additionally the message will be HMAC'd.

  32.  *

  33.  * Usage:

  34.  * $encryptWithDefaultPassword = \OC::$server->getCrypto()->encrypt('EncryptedText');

  35.  * $encryptWithCustomPassword = \OC::$server->getCrypto()->encrypt('EncryptedText', 'password');

  36.  *

  37.  * @since 8.0.0

  38.  */

  39. interface ICrypto {

  40. 

  41. 	/**

  42. 	 * @param string $message The message to authenticate

  43. 	 * @param string $password Password to use (defaults to `secret` in config.php)

  44. 	 * @return string Calculated HMAC

  45. 	 * @since 8.0.0

  46. 	 */

  47. 	public function calculateHMAC(string $message, string $password = ''): string;

  48. 

  49. 	/**

  50. 	 * Encrypts a value and adds an HMAC (Encrypt-Then-MAC)

  51. 	 * @param string $plaintext

  52. 	 * @param string $password Password to encrypt, if not specified the secret from config.php will be taken

  53. 	 * @return string Authenticated ciphertext

  54. 	 * @since 8.0.0

  55. 	 */

  56. 	public function encrypt(string $plaintext, string $password = ''): string;

  57. 

  58. 	/**

  59. 	 * Decrypts a value and verifies the HMAC (Encrypt-Then-Mac)

  60. 	 * @param string $authenticatedCiphertext

  61. 	 * @param string $password Password to encrypt, if not specified the secret from config.php will be taken

  62. 	 * @return string plaintext

  63. 	 * @throws \Exception If the HMAC does not match

  64. 	 * @throws \Exception If the decryption failed

  65. 	 * @since 8.0.0

  66. 	 */

  67. 	public function decrypt(string $authenticatedCiphertext, string $password = ''): string;

  68. }