Merge pull request #5556 from nextcloud/files_external_sftp_2048_4096

[Files external] Add support for 2048 and 4096 bit RSA key generation

3 files changed, 30 insertions, 9 deletions

diff --git a/apps/files_external/js/public_key.js b/apps/files_external/js/public_key.js
index 5f9658381f0..669f1095735 100644
--- a/apps/files_external/js/public_key.js
+++ b/apps/files_external/js/public_key.js
@@ -22,6 +22,19 @@ $(document).ready(function() {
 	});
 
 	function setupTableRow(tr, config) {
+		var selectList = document.createElement('select');
+		selectList.id = 'keyLength';
+
+		var options = [1024, 2048, 4096];
+		for (var i = 0; i < options.length; i++) {
+			var option = document.createElement('option');
+			option.value = options[i];
+			option.text = options[i];
+			selectList.appendChild(option);
+		}
+
+		$(config).append(selectList);
+
 		$(config).append($(document.createElement('input'))
 			.addClass('button auth-param')
 			.attr('type', 'button')
@@ -32,8 +45,11 @@ $(document).ready(function() {
 
 	function generateKeys(tr) {
 		var config = $(tr).find('.configuration');
+		var keyLength = config.find('#keyLength').val();
 
-		$.post(OC.filePath('files_external', 'ajax', 'public_key.php'), {}, function(result) {
+		$.post(OC.filePath('files_external', 'ajax', 'public_key.php'), {
+			keyLength: keyLength
+		}, function(result) {
 			if (result && result.status === 'success') {
 				$(config).find('[data-parameter="public_key"]').val(result.data.public_key).keyup();
 				$(config).find('[data-parameter="private_key"]').val(result.data.private_key);
diff --git a/apps/files_external/lib/Controller/AjaxController.php b/apps/files_external/lib/Controller/AjaxController.php
index f12f8450973..5f5b32cffb6 100644
--- a/apps/files_external/lib/Controller/AjaxController.php
+++ b/apps/files_external/lib/Controller/AjaxController.php
@@ -68,10 +68,11 @@ class AjaxController extends Controller {
 	}
 
 	/**
+	 * @param int $keyLength
 	 * @return array
 	 */
-	private function generateSshKeys() {
-		$key = $this->rsaMechanism->createKey();
+	private function generateSshKeys($keyLength) {
+		$key = $this->rsaMechanism->createKey($keyLength);
 		// Replace the placeholder label with a more meaningful one
 		$key['publickey'] = str_replace('phpseclib-generated-key', gethostname(), $key['publickey']);
 
@@ -82,9 +83,10 @@ class AjaxController extends Controller {
 	 * Generates an SSH public/private key pair.
 	 *
 	 * @NoAdminRequired
+	 * @param int $keyLength
 	 */
-	public function getSshKeys() {
-		$key = $this->generateSshKeys();
+	public function getSshKeys($keyLength = 1024) {
+		$key = $this->generateSshKeys($keyLength);
 		return new JSONResponse(
 			array('data' => array(
 				'private_key' => $key['privatekey'],
diff --git a/apps/files_external/lib/Lib/Auth/PublicKey/RSA.php b/apps/files_external/lib/Lib/Auth/PublicKey/RSA.php
index cb387b22012..8dedf8c5196 100644
--- a/apps/files_external/lib/Lib/Auth/PublicKey/RSA.php
+++ b/apps/files_external/lib/Lib/Auth/PublicKey/RSA.php
@@ -35,8 +35,6 @@ use \phpseclib\Crypt\RSA as RSACrypt;
  */
 class RSA extends AuthMechanism {
 
-	const CREATE_KEY_BITS = 1024;
-
 	/** @var IConfig */
 	private $config;
 
@@ -69,14 +67,19 @@ class RSA extends AuthMechanism {
 	/**
 	 * Generate a keypair
 	 *
+	 * @param int $keyLenth
 	 * @return array ['privatekey' => $privateKey, 'publickey' => $publicKey]
 	 */
-	public function createKey() {
+	public function createKey($keyLength) {
 		$rsa = new RSACrypt();
 		$rsa->setPublicKeyFormat(RSACrypt::PUBLIC_FORMAT_OPENSSH);
 		$rsa->setPassword($this->config->getSystemValue('secret', ''));
 
-		return $rsa->createKey(self::CREATE_KEY_BITS);
+		if ($keyLength !== 1024 && $keyLength !== 2048 && $keyLength !== 4096) {
+			$keyLength = 1024;
+		}
+
+		return $rsa->createKey($keyLength);
 	}
 
 }