Merge pull request #22196 from nextcloud/enh/sse/do_not_concatenate_ints

SSE enhancement of file signature

1 files changed, 8 insertions, 2 deletions

diff --git a/apps/encryption/lib/Crypto/Crypt.php b/apps/encryption/lib/Crypto/Crypt.php
index e990f5a510e..7723b63a66b 100644
--- a/apps/encryption/lib/Crypto/Crypt.php
+++ b/apps/encryption/lib/Crypto/Crypt.php
@@ -189,7 +189,7 @@ class Crypt {
 			$this->getCipher());
 
 		// Create a signature based on the key as well as the current version
-		$sig = $this->createSignature($encryptedContent, $passPhrase.$version.$position);
+		$sig = $this->createSignature($encryptedContent, $passPhrase.'_'.$version.'_'.$position);
 
 		// combine content to encrypt the IV identifier and actual IV
 		$catFile = $this->concatIV($encryptedContent, $iv);
@@ -460,7 +460,13 @@ class Crypt {
 		$catFile = $this->splitMetaData($keyFileContents, $cipher);
 
 		if ($catFile['signature'] !== false) {
-			$this->checkSignature($catFile['encrypted'], $passPhrase.$version.$position, $catFile['signature']);
+			try {
+				// First try the new format
+				$this->checkSignature($catFile['encrypted'], $passPhrase . '_' . $version . '_' . $position, $catFile['signature']);
+			} catch (GenericEncryptionException $e) {
+				// For compatibility with old files check the version without _
+				$this->checkSignature($catFile['encrypted'], $passPhrase . $version . $position, $catFile['signature']);
+			}
 		}
 
 		return $this->decrypt($catFile['encrypted'],