diff options
| author | Lukas Reschke <lukas@owncloud.com> | 2016-02-03 14:32:04 +0100 |
|---|---|---|
| committer | Lukas Reschke <lukas@owncloud.com> | 2016-02-09 23:43:26 +0100 |
| commit | 3badf5caf579f8ff10c9917f62cb41cd9b0c68f8 (patch) | |
| tree | 2251ec9415958573a4b434f0600fd48c7c29cdf6 /lib/private | |
| parent | b5824f024a1008b0195b6e8f4803774cfe644b7b (diff) | |
| download | nextcloud-server-3badf5caf579f8ff10c9917f62cb41cd9b0c68f8.tar.gz nextcloud-server-3badf5caf579f8ff10c9917f62cb41cd9b0c68f8.zip | |
Use number of chunk for HMAC as well
Prevents switching single blocks within the encrypted file.
Diffstat (limited to 'lib/private')
| -rw-r--r-- | lib/private/files/stream/encryption.php | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/lib/private/files/stream/encryption.php b/lib/private/files/stream/encryption.php index bc771a91ebd..63949035b5a 100644 --- a/lib/private/files/stream/encryption.php +++ b/lib/private/files/stream/encryption.php @@ -399,8 +399,9 @@ class Encryption extends Wrapper { } public function stream_close() { - $this->flush(); - $remainingData = $this->encryptionModule->end($this->fullPath); + $this->flush('end'); + $position = (int)floor($this->position/$this->unencryptedBlockSize); + $remainingData = $this->encryptionModule->end($this->fullPath, $position . 'end'); if ($this->readOnly === false) { if(!empty($remainingData)) { parent::stream_write($remainingData); @@ -412,15 +413,17 @@ class Encryption extends Wrapper { /** * write block to file + * @param string $positionPrefix */ - protected function flush() { + protected function flush($positionPrefix = '') { // write to disk only when writeFlag was set to 1 if ($this->writeFlag) { // Disable the file proxies so that encryption is not // automatically attempted when the file is written to disk - // we are handling that separately here and we don't want to // get into an infinite loop - $encrypted = $this->encryptionModule->encrypt($this->cache); + $position = (int)floor($this->position/$this->unencryptedBlockSize); + $encrypted = $this->encryptionModule->encrypt($this->cache, $position . $positionPrefix); $bytesWritten = parent::stream_write($encrypted); $this->writeFlag = false; // Check whether the write concerns the last block @@ -447,7 +450,12 @@ class Encryption extends Wrapper { if ($this->cache === '' && !($this->position === $this->unencryptedSize && ($this->position % $this->unencryptedBlockSize) === 0)) { // Get the data from the file handle $data = parent::stream_read($this->util->getBlockSize()); - $this->cache = $this->encryptionModule->decrypt($data); + $position = (int)floor($this->position/$this->unencryptedBlockSize); + $numberOfChunks = (int)($this->unencryptedSize / $this->unencryptedBlockSize); + if($numberOfChunks === $position) { + $position .= 'end'; + } + $this->cache = $this->encryptionModule->decrypt($data, $position); } } |