diff options
| author | Julius Härtl <jus@bitgrid.net> | 2022-03-10 11:38:14 +0100 |
|---|---|---|
| committer | Vincent Petry (Rebase PR Action) <PVince81@users.noreply.github.com> | 2022-12-05 16:10:55 +0000 |
| commit | 0f7260de03b3fd5b1cf70cd79a1d6c77faeb56f5 (patch) | |
| tree | bf93ab4486a1b4fae11fd4b5791ff874b68b4c4b /lib | |
| parent | 3ebf7b818be06f61893b2443bb50f2c556525f2c (diff) | |
| download | nextcloud-server-0f7260de03b3fd5b1cf70cd79a1d6c77faeb56f5.tar.gz nextcloud-server-0f7260de03b3fd5b1cf70cd79a1d6c77faeb56f5.zip | |
Fix decryption fallback after adding a secret
Signed-off-by: Julius Härtl <jus@bitgrid.net>
(cherry picked from commit a6796b424784561f4ab76d04324985f1f2f6a75f)
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/Security/Crypto.php | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/lib/private/Security/Crypto.php b/lib/private/Security/Crypto.php index d3b62dc7e4d..ece69d6deeb 100644 --- a/lib/private/Security/Crypto.php +++ b/lib/private/Security/Crypto.php @@ -122,14 +122,19 @@ class Crypto implements ICrypto { * @throws Exception If the decryption failed */ public function decrypt(string $authenticatedCiphertext, string $password = ''): string { - if ($password === '') { - $password = $this->config->getSystemValue('secret'); - } + $secret = $this->config->getSystemValue('secret'); try { + if ($password === '') { + return $this->decryptWithoutSecret($authenticatedCiphertext, $secret); + } return $this->decryptWithoutSecret($authenticatedCiphertext, $password); } catch (Exception $e) { - // Retry with empty secret as a fallback for instances where the secret might not have been set by accident - return $this->decryptWithoutSecret($authenticatedCiphertext, ''); + if ($password === '') { + // Retry with empty secret as a fallback for instances where the secret might not have been set by accident + return $this->decryptWithoutSecret($authenticatedCiphertext, ''); + } + + throw $e; } } |