aboutsummaryrefslogtreecommitdiffstats
path: root/apps/encryption/lib
diff options
context:
space:
mode:
authorCôme Chilliet <come.chilliet@nextcloud.com>2023-02-21 09:47:03 +0100
committerCôme Chilliet (Rebase PR Action) <come-nc@users.noreply.github.com>2023-02-21 13:36:25 +0000
commit71482576ad9ab0a2231e792d4a30605651fefb02 (patch)
treeca79997c056029c5a485289b8ed4a9aae3bdb996 /apps/encryption/lib
parentbd626e36933d31be3f6a4ba4fdca74719cb9f71b (diff)
downloadnextcloud-server-71482576ad9ab0a2231e792d4a30605651fefb02.tar.gz
nextcloud-server-71482576ad9ab0a2231e792d4a30605651fefb02.zip
Move to phpseclib implementation of RC4
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Diffstat (limited to 'apps/encryption/lib')
-rw-r--r--apps/encryption/lib/Crypto/Crypt.php58
1 files changed, 16 insertions, 42 deletions
diff --git a/apps/encryption/lib/Crypto/Crypt.php b/apps/encryption/lib/Crypto/Crypt.php
index a455e86fcbd..2f188eec760 100644
--- a/apps/encryption/lib/Crypto/Crypt.php
+++ b/apps/encryption/lib/Crypto/Crypt.php
@@ -41,6 +41,7 @@ use OCP\IConfig;
use OCP\IL10N;
use OCP\ILogger;
use OCP\IUserSession;
+use phpseclib\Crypt\RC4;
/**
* Class Crypt provides the encryption implementation of the default Nextcloud
@@ -758,50 +759,23 @@ class Crypt {
}
/**
- * implements RC4
- *
- * @param $data
- * @param $secret
- * @return string
+ * Uses phpseclib RC4 implementation
*/
- public function rc4($data, $secret) {
- // initialize $result
- $result = "";
-
- // initialize $state
- $state = [];
- for ($i = 0x00; $i <= 0xFF; $i++) {
- $state[$i] = $i;
- }
-
- // mix $secret into $state
- $indexA = 0x00;
- $indexB = 0x00;
- for ($i = 0x00; $i <= 0xFF; $i++) {
- $indexB = ($indexB + ord($secret[$indexA]) + $state[$i]) % 0x100;
-
- $tmp = $state[$i];
- $state[$i] = $state[$indexB];
- $state[$indexB] = $tmp;
-
- $indexA = ($indexA + 0x01) % strlen($secret);
- }
-
- // decrypt $data with $state
- $indexA = 0x00;
- $indexB = 0x00;
- for ($i = 0x00; $i < strlen($data); $i++) {
- $indexA = ($indexA + 0x01) % 0x100;
- $indexB = ($state[$indexA] + $indexB) % 0x100;
+ protected function rc4Decrypt(string $data, string $secret): string {
+ $rc4 = new RC4();
+ $rc4->setKey($secret);
- $tmp = $state[$indexA];
- $state[$indexA] = $state[$indexB];
- $state[$indexB] = $tmp;
+ return $rc4->decrypt($data);
+ }
- $result .= chr(ord($data[$i]) ^ $state[($state[$indexA] + $state[$indexB]) % 0x100]);
- }
+ /**
+ * Uses phpseclib RC4 implementation
+ */
+ protected function rc4Encrypt(string $data, string $secret): string {
+ $rc4 = new RC4();
+ $rc4->setKey($secret);
- return $result;
+ return $rc4->encrypt($data);
}
/**
@@ -820,7 +794,7 @@ class Crypt {
if (openssl_private_decrypt($encrypted_key, $intermediate, $private_key, OPENSSL_PKCS1_PADDING)) {
// decrypt the file key with the intermediate key
// using our own RC4 implementation
- $output = $this->rc4($data, $intermediate);
+ $output = $this->rc4Decrypt($data, $intermediate);
$result = (strlen($output) === strlen($data));
}
} else {
@@ -849,7 +823,7 @@ class Crypt {
if ($strong_result) {
// encrypt the file key with the intermediate key
// using our own RC4 implementation
- $sealed_data = $this->rc4($data, $intermediate);
+ $sealed_data = $this->rc4Encrypt($data, $intermediate);
if (strlen($sealed_data) === strlen($data)) {
// prepare the encrypted keys
$encrypted_keys = [];