diff options
| author | Thomas Müller <thomas.mueller@tmit.eu> | 2013-09-04 20:46:32 +0200 |
|---|---|---|
| committer | Thomas Müller <thomas.mueller@tmit.eu> | 2013-09-04 20:46:32 +0200 |
| commit | e43e8b0db8d1c9935ac49d37255e934e310798c7 (patch) | |
| tree | d228f608b83e1c04ef5b97b0fe4b0a15282343b7 /apps/files_encryption/lib | |
| parent | 5539b9e843dbd4125ba9bbb3de79d47ef48e059b (diff) | |
| parent | 09187f3b3b30e6f810c6afff7332615ed472154e (diff) | |
| download | nextcloud-server-e43e8b0db8d1c9935ac49d37255e934e310798c7.tar.gz nextcloud-server-e43e8b0db8d1c9935ac49d37255e934e310798c7.zip | |
Merge branch 'master' into rename-lostpassword-controller
Conflicts:
core/lostpassword/controller.php
Diffstat (limited to 'apps/files_encryption/lib')
| -rwxr-xr-x | apps/files_encryption/lib/crypt.php | 8 | ||||
| -rwxr-xr-x | apps/files_encryption/lib/helper.php | 22 |
2 files changed, 26 insertions, 4 deletions
diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php index e129bc9313e..c009718160a 100755 --- a/apps/files_encryption/lib/crypt.php +++ b/apps/files_encryption/lib/crypt.php @@ -52,14 +52,14 @@ class Crypt { $return = false;
- $res = openssl_pkey_new(array('private_key_bits' => 4096));
+ $res = Helper::getOpenSSLPkey();
if ($res === false) {
\OCP\Util::writeLog('Encryption library', 'couldn\'t generate users key-pair for ' . \OCP\User::getUser(), \OCP\Util::ERROR);
while ($msg = openssl_error_string()) {
\OCP\Util::writeLog('Encryption library', 'openssl_pkey_new() fails: ' . $msg, \OCP\Util::ERROR);
}
- } elseif (openssl_pkey_export($res, $privateKey)) {
+ } elseif (openssl_pkey_export($res, $privateKey, null, Helper::getOpenSSLConfig())) {
// Get public key
$keyDetails = openssl_pkey_get_details($res);
$publicKey = $keyDetails['key'];
@@ -70,7 +70,9 @@ class Crypt { );
} else {
\OCP\Util::writeLog('Encryption library', 'couldn\'t export users private key, please check your servers openSSL configuration.' . \OCP\User::getUser(), \OCP\Util::ERROR);
- \OCP\Util::writeLog('Encryption library', openssl_error_string(), \OCP\Util::ERROR);
+ while($errMsg = openssl_error_string()) {
+ \OCP\Util::writeLog('Encryption library', $errMsg, \OCP\Util::ERROR);
+ }
}
return $return;
diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php index 0209a5d18b7..445d7ff8ca7 100755 --- a/apps/files_encryption/lib/helper.php +++ b/apps/files_encryption/lib/helper.php @@ -265,7 +265,7 @@ class Helper { * @return bool true if configuration seems to be OK */ public static function checkConfiguration() { - if(openssl_pkey_new(array('private_key_bits' => 4096))) { + if(self::getOpenSSLPkey()) { return true; } else { while ($msg = openssl_error_string()) { @@ -276,6 +276,26 @@ class Helper { } /** + * Create an openssl pkey with config-supplied settings + * WARNING: This initializes a new private keypair, which is computationally expensive + * @return resource The pkey resource created + */ + public static function getOpenSSLPkey() { + return openssl_pkey_new(self::getOpenSSLConfig()); + } + + /** + * Return an array of OpenSSL config options, default + config + * Used for multiple OpenSSL functions + * @return array The combined defaults and config settings + */ + public static function getOpenSSLConfig() { + $config = array('private_key_bits' => 4096); + $config = array_merge(\OCP\Config::getSystemValue('openssl', array()), $config); + return $config; + } + + /** * @brief glob uses different pattern than regular expressions, escape glob pattern only * @param unescaped path * @return escaped path |