diff options
| author | Côme Chilliet <come.chilliet@nextcloud.com> | 2024-06-04 17:20:20 +0200 |
|---|---|---|
| committer | Côme Chilliet <come.chilliet@nextcloud.com> | 2024-06-04 17:20:20 +0200 |
| commit | 95cd524771e9982464b070e2c55d04878319fd5b (patch) | |
| tree | 5142c974fd9dc2deba2a8ea198885faa8569d9d7 /apps/encryption/lib/Crypto/Encryption.php | |
| parent | 3f77eb049a696f6d0eec3a5efd8baa98a33ac95d (diff) | |
| download | nextcloud-server-95cd524771e9982464b070e2c55d04878319fd5b.tar.gz nextcloud-server-95cd524771e9982464b070e2c55d04878319fd5b.zip | |
fix: Autodetect legacy filekey instead of trusting the header for legacy header
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Diffstat (limited to 'apps/encryption/lib/Crypto/Encryption.php')
| -rw-r--r-- | apps/encryption/lib/Crypto/Encryption.php | 20 |
1 files changed, 4 insertions, 16 deletions
diff --git a/apps/encryption/lib/Crypto/Encryption.php b/apps/encryption/lib/Crypto/Encryption.php index 1dd1d91c218..dda93e13306 100644 --- a/apps/encryption/lib/Crypto/Encryption.php +++ b/apps/encryption/lib/Crypto/Encryption.php @@ -54,8 +54,6 @@ class Encryption implements IEncryptionModule { /** @var int Current version of the file */ private int $version = 0; - private bool $useLegacyFileKey = true; - /** @var array remember encryption signature version */ private static $rememberVersion = []; @@ -112,7 +110,6 @@ class Encryption implements IEncryptionModule { $this->writeCache = ''; $this->useLegacyBase64Encoding = true; - $this->useLegacyFileKey = ($header['useLegacyFileKey'] ?? 'true') !== 'false'; if (isset($header['encoding'])) { $this->useLegacyBase64Encoding = $header['encoding'] !== Crypt::BINARY_ENCODING_FORMAT; @@ -126,19 +123,10 @@ class Encryption implements IEncryptionModule { } } - if ($this->session->decryptAllModeActivated()) { - $shareKey = $this->keyManager->getShareKey($this->path, $this->session->getDecryptAllUid()); - if ($this->useLegacyFileKey) { - $encryptedFileKey = $this->keyManager->getEncryptedFileKey($this->path); - $this->fileKey = $this->crypt->multiKeyDecryptLegacy($encryptedFileKey, - $shareKey, - $this->session->getDecryptAllKey()); - } else { - $this->fileKey = $this->crypt->multiKeyDecrypt($shareKey, $this->session->getDecryptAllKey()); - } - } else { - $this->fileKey = $this->keyManager->getFileKey($this->path, $this->user, $this->useLegacyFileKey); - } + /* If useLegacyFileKey is not specified in header, auto-detect, to be safe */ + $useLegacyFileKey = (($header['useLegacyFileKey'] ?? '') == 'false' ? false : null); + + $this->fileKey = $this->keyManager->getFileKey($this->path, $this->user, $useLegacyFileKey, $this->session->decryptAllModeActivated()); // always use the version from the original file, also part files // need to have a correct version number if they get moved over to the |