1 files changed, 253 insertions, 169 deletions
diff --git a/apps/encryption/lib/Crypto/Crypt.php b/apps/encryption/lib/Crypto/Crypt.php
index 93120068c6a..463ca4e22bb 100644
--- a/apps/encryption/lib/Crypto/Crypt.php
+++ b/apps/encryption/lib/Crypto/Crypt.php
@@ -1,32 +1,9 @@
 <?php
+
 /**
- * @copyright Copyright (c) 2016, ownCloud, Inc.
- *
- * @author Bjoern Schiessle <bjoern@schiessle.org>
- * @author Björn Schießle <bjoern@schiessle.org>
- * @author Christoph Wurst <christoph@winzerhof-wurst.at>
- * @author Clark Tomlinson <fallen013@gmail.com>
- * @author Joas Schilling <coding@schilljs.com>
- * @author Lukas Reschke <lukas@statuscode.ch>
- * @author Morris Jobke <hey@morrisjobke.de>
- * @author Roeland Jago Douma <roeland@famdouma.nl>
- * @author Stefan Weiberg <sweiberg@suse.com>
- * @author Thomas Müller <thomas.mueller@tmit.eu>
- *
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program. If not, see <http://www.gnu.org/licenses/>
- *
+ * SPDX-FileCopyrightText: 2017-2024 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
+ * SPDX-License-Identifier: AGPL-3.0-only
  */
 namespace OCA\Encryption\Crypto;
 
@@ -38,8 +15,9 @@ use OCA\Encryption\Exceptions\MultiKeyEncryptException;
 use OCP\Encryption\Exceptions\GenericEncryptionException;
 use OCP\IConfig;
 use OCP\IL10N;
-use OCP\ILogger;
 use OCP\IUserSession;
+use phpseclib\Crypt\RC4;
+use Psr\Log\LoggerInterface;
 
 /**
  * Class Crypt provides the encryption implementation of the default Nextcloud
@@ -67,9 +45,9 @@ class Crypt {
 	// default cipher from old Nextcloud versions
 	public const LEGACY_CIPHER = 'AES-128-CFB';
 
-	public const SUPPORTED_KEY_FORMATS = ['hash', 'password'];
+	public const SUPPORTED_KEY_FORMATS = ['hash2', 'hash', 'password'];
 	// one out of SUPPORTED_KEY_FORMATS
-	public const DEFAULT_KEY_FORMAT = 'hash';
+	public const DEFAULT_KEY_FORMAT = 'hash2';
 	// default key format, old Nextcloud version encrypted the private key directly
 	// with the user password
 	public const LEGACY_KEY_FORMAT = 'password';
@@ -77,53 +55,45 @@ class Crypt {
 	public const HEADER_START = 'HBEGIN';
 	public const HEADER_END = 'HEND';
 
-	/** @var ILogger */
-	private $logger;
-
-	/** @var string */
-	private $user;
-
-	/** @var IConfig */
-	private $config;
+	// default encoding format, old Nextcloud versions used base64
+	public const BINARY_ENCODING_FORMAT = 'binary';
 
-	/** @var IL10N */
-	private $l;
+	private string $user;
 
-	/** @var string|null */
-	private $currentCipher;
+	private ?string $currentCipher = null;
 
-	/** @var bool */
-	private $supportLegacy;
+	private bool $supportLegacy;
 
 	/**
-	 * @param ILogger $logger
-	 * @param IUserSession $userSession
-	 * @param IConfig $config
-	 * @param IL10N $l
+	 * Use the legacy base64 encoding instead of the more space-efficient binary encoding.
 	 */
-	public function __construct(ILogger $logger, IUserSession $userSession, IConfig $config, IL10N $l) {
-		$this->logger = $logger;
-		$this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : '"no user given"';
-		$this->config = $config;
-		$this->l = $l;
+	private bool $useLegacyBase64Encoding;
+
+	public function __construct(
+		private LoggerInterface $logger,
+		IUserSession $userSession,
+		private IConfig $config,
+		private IL10N $l,
+	) {
+		$this->user = $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : '"no user given"';
 		$this->supportLegacy = $this->config->getSystemValueBool('encryption.legacy_format_support', false);
+		$this->useLegacyBase64Encoding = $this->config->getSystemValueBool('encryption.use_legacy_base64_encoding', false);
 	}
 
 	/**
 	 * create new private/public key-pair for user
 	 *
-	 * @return array|bool
+	 * @return array{publicKey: string, privateKey: string}|false
 	 */
 	public function createKeyPair() {
-		$log = $this->logger;
 		$res = $this->getOpenSSLPKey();
 
 		if (!$res) {
-			$log->error("Encryption Library couldn't generate users key-pair for {$this->user}",
+			$this->logger->error("Encryption Library couldn't generate users key-pair for {$this->user}",
 				['app' => 'encryption']);
 
 			if (openssl_error_string()) {
-				$log->error('Encryption library openssl_pkey_new() fails: ' . openssl_error_string(),
+				$this->logger->error('Encryption library openssl_pkey_new() fails: ' . openssl_error_string(),
 					['app' => 'encryption']);
 			}
 		} elseif (openssl_pkey_export($res,
@@ -138,10 +108,10 @@ class Crypt {
 				'privateKey' => $privateKey
 			];
 		}
-		$log->error('Encryption library couldn\'t export users private key, please check your servers OpenSSL configuration.' . $this->user,
+		$this->logger->error('Encryption library couldn\'t export users private key, please check your servers OpenSSL configuration.' . $this->user,
 			['app' => 'encryption']);
 		if (openssl_error_string()) {
-			$log->error('Encryption Library:' . openssl_error_string(),
+			$this->logger->error('Encryption Library:' . openssl_error_string(),
 				['app' => 'encryption']);
 		}
 
@@ -151,19 +121,14 @@ class Crypt {
 	/**
 	 * Generates a new private key
 	 *
-	 * @return resource
+	 * @return \OpenSSLAsymmetricKey|false
 	 */
 	public function getOpenSSLPKey() {
 		$config = $this->getOpenSSLConfig();
 		return openssl_pkey_new($config);
 	}
 
-	/**
-	 * get openSSL Config
-	 *
-	 * @return array
-	 */
-	private function getOpenSSLConfig() {
+	private function getOpenSSLConfig(): array {
 		$config = ['private_key_bits' => 4096];
 		$config = array_merge(
 			$config,
@@ -173,14 +138,9 @@ class Crypt {
 	}
 
 	/**
-	 * @param string $plainContent
-	 * @param string $passPhrase
-	 * @param int $version
-	 * @param int $position
-	 * @return false|string
 	 * @throws EncryptionFailedException
 	 */
-	public function symmetricEncryptFileContent($plainContent, $passPhrase, $version, $position) {
+	public function symmetricEncryptFileContent(string $plainContent, string $passPhrase, int $version, string $position): string|false {
 		if (!$plainContent) {
 			$this->logger->error('Encryption Library, symmetrical encryption failed no content given',
 				['app' => 'encryption']);
@@ -195,7 +155,7 @@ class Crypt {
 			$this->getCipher());
 
 		// Create a signature based on the key as well as the current version
-		$sig = $this->createSignature($encryptedContent, $passPhrase.'_'.$version.'_'.$position);
+		$sig = $this->createSignature($encryptedContent, $passPhrase . '_' . $version . '_' . $position);
 
 		// combine content to encrypt the IV identifier and actual IV
 		$catFile = $this->concatIV($encryptedContent, $iv);
@@ -215,29 +175,28 @@ class Crypt {
 			throw new \InvalidArgumentException('key format "' . $keyFormat . '" is not supported');
 		}
 
-		$cipher = $this->getCipher();
-
 		$header = self::HEADER_START
-			. ':cipher:' . $cipher
-			. ':keyFormat:' . $keyFormat
-			. ':' . self::HEADER_END;
+			. ':cipher:' . $this->getCipher()
+			. ':keyFormat:' . $keyFormat;
+
+		if ($this->useLegacyBase64Encoding !== true) {
+			$header .= ':encoding:' . self::BINARY_ENCODING_FORMAT;
+		}
+
+		$header .= ':' . self::HEADER_END;
 
 		return $header;
 	}
 
 	/**
-	 * @param string $plainContent
-	 * @param string $iv
-	 * @param string $passPhrase
-	 * @param string $cipher
-	 * @return string
 	 * @throws EncryptionFailedException
 	 */
-	private function encrypt($plainContent, $iv, $passPhrase = '', $cipher = self::DEFAULT_CIPHER) {
+	private function encrypt(string $plainContent, string $iv, string $passPhrase = '', string $cipher = self::DEFAULT_CIPHER): string {
+		$options = $this->useLegacyBase64Encoding ? 0 : OPENSSL_RAW_DATA;
 		$encryptedContent = openssl_encrypt($plainContent,
 			$cipher,
 			$passPhrase,
-			0,
+			$options,
 			$iv);
 
 		if (!$encryptedContent) {
@@ -253,16 +212,14 @@ class Crypt {
 	/**
 	 * return cipher either from config.php or the default cipher defined in
 	 * this class
-	 *
-	 * @return string
 	 */
-	private function getCachedCipher() {
+	private function getCachedCipher(): string {
 		if (isset($this->currentCipher)) {
 			return $this->currentCipher;
 		}
 
 		// Get cipher either from config.php or the default cipher defined in this class
-		$cipher = $this->config->getSystemValue('cipher', self::DEFAULT_CIPHER);
+		$cipher = $this->config->getSystemValueString('cipher', self::DEFAULT_CIPHER);
 		if (!isset(self::SUPPORTED_CIPHERS_AND_KEY_SIZE[$cipher])) {
 			$this->logger->warning(
 				sprintf(
@@ -303,8 +260,8 @@ class Crypt {
 
 		throw new \InvalidArgumentException(
 			sprintf(
-					'Unsupported cipher (%s) defined.',
-					$cipher
+				'Unsupported cipher (%s) defined.',
+				$cipher
 			)
 		);
 	}
@@ -322,21 +279,11 @@ class Crypt {
 		return self::LEGACY_CIPHER;
 	}
 
-	/**
-	 * @param string $encryptedContent
-	 * @param string $iv
-	 * @return string
-	 */
-	private function concatIV($encryptedContent, $iv) {
+	private function concatIV(string $encryptedContent, string $iv): string {
 		return $encryptedContent . '00iv00' . $iv;
 	}
 
-	/**
-	 * @param string $encryptedContent
-	 * @param string $signature
-	 * @return string
-	 */
-	private function concatSig($encryptedContent, $signature) {
+	private function concatSig(string $encryptedContent, string $signature): string {
 		return $encryptedContent . '00sig00' . $signature;
 	}
 
@@ -344,38 +291,30 @@ class Crypt {
 	 * Note: This is _NOT_ a padding used for encryption purposes. It is solely
 	 * used to achieve the PHP stream size. It has _NOTHING_ to do with the
 	 * encrypted content and is not used in any crypto primitive.
-	 *
-	 * @param string $data
-	 * @return string
 	 */
-	private function addPadding($data) {
+	private function addPadding(string $data): string {
 		return $data . 'xxx';
 	}
 
 	/**
 	 * generate password hash used to encrypt the users private key
 	 *
-	 * @param string $password
-	 * @param string $cipher
 	 * @param string $uid only used for user keys
-	 * @return string
 	 */
-	protected function generatePasswordHash($password, $cipher, $uid = '') {
+	protected function generatePasswordHash(string $password, string $cipher, string $uid = '', int $iterations = 600000): string {
 		$instanceId = $this->config->getSystemValue('instanceid');
 		$instanceSecret = $this->config->getSystemValue('secret');
 		$salt = hash('sha256', $uid . $instanceId . $instanceSecret, true);
 		$keySize = $this->getKeySize($cipher);
 
-		$hash = hash_pbkdf2(
+		return hash_pbkdf2(
 			'sha256',
 			$password,
 			$salt,
-			100000,
+			$iterations,
 			$keySize,
 			true
 		);
-
-		return $hash;
 	}
 
 	/**
@@ -393,7 +332,7 @@ class Crypt {
 			$privateKey,
 			$hash,
 			0,
-			0
+			'0'
 		);
 
 		return $encryptedKey;
@@ -420,10 +359,14 @@ class Crypt {
 			$keyFormat = self::LEGACY_KEY_FORMAT;
 		}
 
-		if ($keyFormat === self::DEFAULT_KEY_FORMAT) {
-			$password = $this->generatePasswordHash($password, $cipher, $uid);
+		if ($keyFormat === 'hash') {
+			$password = $this->generatePasswordHash($password, $cipher, $uid, 100000);
+		} elseif ($keyFormat === 'hash2') {
+			$password = $this->generatePasswordHash($password, $cipher, $uid, 600000);
 		}
 
+		$binaryEncoding = isset($header['encoding']) && $header['encoding'] === self::BINARY_ENCODING_FORMAT;
+
 		// If we found a header we need to remove it from the key we want to decrypt
 		if (!empty($header)) {
 			$privateKey = substr($privateKey,
@@ -435,7 +378,9 @@ class Crypt {
 			$privateKey,
 			$password,
 			$cipher,
-			0
+			0,
+			0,
+			$binaryEncoding
 		);
 
 		if ($this->isValidPrivateKey($plainKey) === false) {
@@ -453,8 +398,7 @@ class Crypt {
 	 */
 	protected function isValidPrivateKey($plainKey) {
 		$res = openssl_get_privatekey($plainKey);
-		// TODO: remove resource check one php7.4 is not longer supported
-		if (is_resource($res) || (is_object($res) && get_class($res) === 'OpenSSLAsymmetricKey')) {
+		if (is_object($res) && get_class($res) === 'OpenSSLAsymmetricKey') {
 			$sslInfo = openssl_pkey_get_details($res);
 			if (isset($sslInfo['key'])) {
 				return true;
@@ -470,10 +414,11 @@ class Crypt {
 	 * @param string $cipher
 	 * @param int $version
 	 * @param int|string $position
+	 * @param boolean $binaryEncoding
 	 * @return string
 	 * @throws DecryptionFailedException
 	 */
-	public function symmetricDecryptFileContent($keyFileContents, $passPhrase, $cipher = self::DEFAULT_CIPHER, $version = 0, $position = 0) {
+	public function symmetricDecryptFileContent($keyFileContents, $passPhrase, $cipher = self::DEFAULT_CIPHER, $version = 0, $position = 0, bool $binaryEncoding = false) {
 		if ($keyFileContents == '') {
 			return '';
 		}
@@ -493,51 +438,43 @@ class Crypt {
 		return $this->decrypt($catFile['encrypted'],
 			$catFile['iv'],
 			$passPhrase,
-			$cipher);
+			$cipher,
+			$binaryEncoding);
 	}
 
 	/**
 	 * check for valid signature
 	 *
-	 * @param string $data
-	 * @param string $passPhrase
-	 * @param string $expectedSignature
 	 * @throws GenericEncryptionException
 	 */
-	private function checkSignature($data, $passPhrase, $expectedSignature) {
-		$enforceSignature = !$this->config->getSystemValue('encryption_skip_signature_check', false);
+	private function checkSignature(string $data, string $passPhrase, string $expectedSignature): void {
+		$enforceSignature = !$this->config->getSystemValueBool('encryption_skip_signature_check', false);
 
 		$signature = $this->createSignature($data, $passPhrase);
 		$isCorrectHash = hash_equals($expectedSignature, $signature);
 
-		if (!$isCorrectHash && $enforceSignature) {
-			throw new GenericEncryptionException('Bad Signature', $this->l->t('Bad Signature'));
-		} elseif (!$isCorrectHash && !$enforceSignature) {
-			$this->logger->info("Signature check skipped", ['app' => 'encryption']);
+		if (!$isCorrectHash) {
+			if ($enforceSignature) {
+				throw new GenericEncryptionException('Bad Signature', $this->l->t('Bad Signature'));
+			} else {
+				$this->logger->info('Signature check skipped', ['app' => 'encryption']);
+			}
 		}
 	}
 
 	/**
 	 * create signature
-	 *
-	 * @param string $data
-	 * @param string $passPhrase
-	 * @return string
 	 */
-	private function createSignature($data, $passPhrase) {
+	private function createSignature(string $data, string $passPhrase): string {
 		$passPhrase = hash('sha512', $passPhrase . 'a', true);
 		return hash_hmac('sha256', $data, $passPhrase);
 	}
 
 
 	/**
-	 * remove padding
-	 *
-	 * @param string $padded
 	 * @param bool $hasSignature did the block contain a signature, in this case we use a different padding
-	 * @return string|false
 	 */
-	private function removePadding($padded, $hasSignature = false) {
+	private function removePadding(string $padded, bool $hasSignature = false): string|false {
 		if ($hasSignature === false && substr($padded, -2) === 'xx') {
 			return substr($padded, 0, -2);
 		} elseif ($hasSignature === true && substr($padded, -3) === 'xxx') {
@@ -550,12 +487,8 @@ class Crypt {
 	 * split meta data from encrypted file
 	 * Note: for now, we assume that the meta data always start with the iv
 	 *       followed by the signature, if available
-	 *
-	 * @param string $catFile
-	 * @param string $cipher
-	 * @return array
 	 */
-	private function splitMetaData($catFile, $cipher) {
+	private function splitMetaData(string $catFile, string $cipher): array {
 		if ($this->hasSignature($catFile, $cipher)) {
 			$catFile = $this->removePadding($catFile, true);
 			$meta = substr($catFile, -93);
@@ -580,13 +513,10 @@ class Crypt {
 	/**
 	 * check if encrypted block is signed
 	 *
-	 * @param string $catFile
-	 * @param string $cipher
-	 * @return bool
 	 * @throws GenericEncryptionException
 	 */
-	private function hasSignature($catFile, $cipher) {
-		$skipSignatureCheck = $this->config->getSystemValue('encryption_skip_signature_check', false);
+	private function hasSignature(string $catFile, string $cipher): bool {
+		$skipSignatureCheck = $this->config->getSystemValueBool('encryption_skip_signature_check', false);
 
 		$meta = substr($catFile, -93);
 		$signaturePosition = strpos($meta, '00sig00');
@@ -606,18 +536,14 @@ class Crypt {
 
 
 	/**
-	 * @param string $encryptedContent
-	 * @param string $iv
-	 * @param string $passPhrase
-	 * @param string $cipher
-	 * @return string
 	 * @throws DecryptionFailedException
 	 */
-	private function decrypt($encryptedContent, $iv, $passPhrase = '', $cipher = self::DEFAULT_CIPHER) {
+	private function decrypt(string $encryptedContent, string $iv, string $passPhrase = '', string $cipher = self::DEFAULT_CIPHER, bool $binaryEncoding = false): string {
+		$options = $binaryEncoding === true ? OPENSSL_RAW_DATA : 0;
 		$plainContent = openssl_decrypt($encryptedContent,
 			$cipher,
 			$passPhrase,
-			0,
+			$options,
 			$iv);
 
 		if ($plainContent) {
@@ -656,10 +582,9 @@ class Crypt {
 	/**
 	 * generate initialization vector
 	 *
-	 * @return string
 	 * @throws GenericEncryptionException
 	 */
-	private function generateIv() {
+	private function generateIv(): string {
 		return random_bytes(16);
 	}
 
@@ -675,18 +600,31 @@ class Crypt {
 	}
 
 	/**
-	 * @param $encKeyFile
-	 * @param $shareKey
-	 * @param $privateKey
-	 * @return string
+	 * @param \OpenSSLAsymmetricKey|\OpenSSLCertificate|array|string $privateKey
 	 * @throws MultiKeyDecryptException
 	 */
-	public function multiKeyDecrypt($encKeyFile, $shareKey, $privateKey) {
+	public function multiKeyDecrypt(string $shareKey, $privateKey): string {
+		$plainContent = '';
+
+		// decrypt the intermediate key with RSA
+		if (openssl_private_decrypt($shareKey, $intermediate, $privateKey, OPENSSL_PKCS1_OAEP_PADDING)) {
+			return $intermediate;
+		} else {
+			throw new MultiKeyDecryptException('multikeydecrypt with share key failed:' . openssl_error_string());
+		}
+	}
+
+	/**
+	 * @param \OpenSSLAsymmetricKey|\OpenSSLCertificate|array|string $privateKey
+	 * @throws MultiKeyDecryptException
+	 */
+	public function multiKeyDecryptLegacy(string $encKeyFile, string $shareKey, $privateKey): string {
 		if (!$encKeyFile) {
 			throw new MultiKeyDecryptException('Cannot multikey decrypt empty plain content');
 		}
 
-		if (openssl_open($encKeyFile, $plainContent, $shareKey, $privateKey, 'RC4')) {
+		$plainContent = '';
+		if ($this->opensslOpen($encKeyFile, $plainContent, $shareKey, $privateKey, 'RC4')) {
 			return $plainContent;
 		} else {
 			throw new MultiKeyDecryptException('multikeydecrypt with share key failed:' . openssl_error_string());
@@ -694,12 +632,55 @@ class Crypt {
 	}
 
 	/**
+	 * @param array<string,\OpenSSLAsymmetricKey|\OpenSSLCertificate|array|string> $keyFiles
+	 * @throws MultiKeyEncryptException
+	 */
+	public function multiKeyEncrypt(string $plainContent, array $keyFiles): array {
+		if (empty($plainContent)) {
+			throw new MultiKeyEncryptException('Cannot multikeyencrypt empty plain content');
+		}
+
+		// Set empty vars to be set by openssl by reference
+		$shareKeys = [];
+		$mappedShareKeys = [];
+
+		// make sure that there is at least one public key to use
+		if (count($keyFiles) >= 1) {
+			// prepare the encrypted keys
+			$shareKeys = [];
+
+			// iterate over the public keys and encrypt the intermediate
+			// for each of them with RSA
+			foreach ($keyFiles as $tmp_key) {
+				if (openssl_public_encrypt($plainContent, $tmp_output, $tmp_key, OPENSSL_PKCS1_OAEP_PADDING)) {
+					$shareKeys[] = $tmp_output;
+				}
+			}
+
+			// set the result if everything worked fine
+			if (count($keyFiles) === count($shareKeys)) {
+				$i = 0;
+
+				// Ensure each shareKey is labelled with its corresponding key id
+				foreach ($keyFiles as $userId => $publicKey) {
+					$mappedShareKeys[$userId] = $shareKeys[$i];
+					$i++;
+				}
+
+				return $mappedShareKeys;
+			}
+		}
+		throw new MultiKeyEncryptException('multikeyencryption failed ' . openssl_error_string());
+	}
+
+	/**
 	 * @param string $plainContent
 	 * @param array $keyFiles
 	 * @return array
 	 * @throws MultiKeyEncryptException
+	 * @deprecated 27.0.0 use multiKeyEncrypt
 	 */
-	public function multiKeyEncrypt($plainContent, array $keyFiles) {
+	public function multiKeyEncryptLegacy($plainContent, array $keyFiles) {
 		// openssl_seal returns false without errors if plaincontent is empty
 		// so trigger our own error
 		if (empty($plainContent)) {
@@ -711,7 +692,7 @@ class Crypt {
 		$shareKeys = [];
 		$mappedShareKeys = [];
 
-		if (openssl_seal($plainContent, $sealed, $shareKeys, $keyFiles, 'RC4')) {
+		if ($this->opensslSeal($plainContent, $sealed, $shareKeys, $keyFiles, 'RC4')) {
 			$i = 0;
 
 			// Ensure each shareKey is labelled with its corresponding key id
@@ -728,4 +709,107 @@ class Crypt {
 			throw new MultiKeyEncryptException('multikeyencryption failed ' . openssl_error_string());
 		}
 	}
+
+	/**
+	 * returns the value of $useLegacyBase64Encoding
+	 *
+	 * @return bool
+	 */
+	public function useLegacyBase64Encoding(): bool {
+		return $this->useLegacyBase64Encoding;
+	}
+
+	/**
+	 * Uses phpseclib RC4 implementation
+	 */
+	private function rc4Decrypt(string $data, string $secret): string {
+		$rc4 = new RC4();
+		/** @psalm-suppress InternalMethod */
+		$rc4->setKey($secret);
+
+		return $rc4->decrypt($data);
+	}
+
+	/**
+	 * Uses phpseclib RC4 implementation
+	 */
+	private function rc4Encrypt(string $data, string $secret): string {
+		$rc4 = new RC4();
+		/** @psalm-suppress InternalMethod */
+		$rc4->setKey($secret);
+
+		return $rc4->encrypt($data);
+	}
+
+	/**
+	 * Custom implementation of openssl_open()
+	 *
+	 * @param \OpenSSLAsymmetricKey|\OpenSSLCertificate|array|string $private_key
+	 * @throws DecryptionFailedException
+	 */
+	private function opensslOpen(string $data, string &$output, string $encrypted_key, $private_key, string $cipher_algo): bool {
+		$result = false;
+
+		// check if RC4 is used
+		if (strcasecmp($cipher_algo, 'rc4') === 0) {
+			// decrypt the intermediate key with RSA
+			if (openssl_private_decrypt($encrypted_key, $intermediate, $private_key, OPENSSL_PKCS1_PADDING)) {
+				// decrypt the file key with the intermediate key
+				// using our own RC4 implementation
+				$output = $this->rc4Decrypt($data, $intermediate);
+				$result = (strlen($output) === strlen($data));
+			}
+		} else {
+			throw new DecryptionFailedException('Unsupported cipher ' . $cipher_algo);
+		}
+
+		return $result;
+	}
+
+	/**
+	 * Custom implementation of openssl_seal()
+	 *
+	 * @deprecated 27.0.0 use multiKeyEncrypt
+	 * @throws EncryptionFailedException
+	 */
+	private function opensslSeal(string $data, string &$sealed_data, array &$encrypted_keys, array $public_key, string $cipher_algo): int|false {
+		$result = false;
+
+		// check if RC4 is used
+		if (strcasecmp($cipher_algo, 'rc4') === 0) {
+			// make sure that there is at least one public key to use
+			if (count($public_key) >= 1) {
+				// generate the intermediate key
+				$intermediate = openssl_random_pseudo_bytes(16, $strong_result);
+
+				// check if we got strong random data
+				if ($strong_result) {
+					// encrypt the file key with the intermediate key
+					// using our own RC4 implementation
+					$sealed_data = $this->rc4Encrypt($data, $intermediate);
+					if (strlen($sealed_data) === strlen($data)) {
+						// prepare the encrypted keys
+						$encrypted_keys = [];
+
+						// iterate over the public keys and encrypt the intermediate
+						// for each of them with RSA
+						foreach ($public_key as $tmp_key) {
+							if (openssl_public_encrypt($intermediate, $tmp_output, $tmp_key, OPENSSL_PKCS1_PADDING)) {
+								$encrypted_keys[] = $tmp_output;
+							}
+						}
+
+						// set the result if everything worked fine
+						if (count($public_key) === count($encrypted_keys)) {
+							$result = strlen($sealed_data);
+						}
+					}
+				}
+			}
+		} else {
+			throw new EncryptionFailedException('Unsupported cipher ' . $cipher_algo);
+		}
+
+		return $result;
+	}
 }