diff options
Diffstat (limited to 'apps/encryption/lib/Crypto/Crypt.php')
| -rw-r--r-- | apps/encryption/lib/Crypto/Crypt.php | 534 |
1 files changed, 327 insertions, 207 deletions
diff --git a/apps/encryption/lib/Crypto/Crypt.php b/apps/encryption/lib/Crypto/Crypt.php index 090ca6184d6..463ca4e22bb 100644 --- a/apps/encryption/lib/Crypto/Crypt.php +++ b/apps/encryption/lib/Crypto/Crypt.php @@ -1,43 +1,23 @@ <?php + /** - * @copyright Copyright (c) 2016, ownCloud, Inc. - * - * @author Bjoern Schiessle <bjoern@schiessle.org> - * @author Björn Schießle <bjoern@schiessle.org> - * @author Clark Tomlinson <fallen013@gmail.com> - * @author Joas Schilling <coding@schilljs.com> - * @author Lukas Reschke <lukas@statuscode.ch> - * @author Morris Jobke <hey@morrisjobke.de> - * @author Thomas Müller <thomas.mueller@tmit.eu> - * - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * + * SPDX-FileCopyrightText: 2017-2024 Nextcloud GmbH and Nextcloud contributors + * SPDX-FileCopyrightText: 2016 ownCloud, Inc. + * SPDX-License-Identifier: AGPL-3.0-only */ - namespace OCA\Encryption\Crypto; - use OC\Encryption\Exceptions\DecryptionFailedException; use OC\Encryption\Exceptions\EncryptionFailedException; +use OC\ServerNotAvailableException; use OCA\Encryption\Exceptions\MultiKeyDecryptException; use OCA\Encryption\Exceptions\MultiKeyEncryptException; use OCP\Encryption\Exceptions\GenericEncryptionException; use OCP\IConfig; use OCP\IL10N; -use OCP\ILogger; use OCP\IUserSession; +use phpseclib\Crypt\RC4; +use Psr\Log\LoggerInterface; /** * Class Crypt provides the encryption implementation of the default Nextcloud @@ -54,71 +34,66 @@ use OCP\IUserSession; * @package OCA\Encryption\Crypto */ class Crypt { - - const DEFAULT_CIPHER = 'AES-256-CTR'; + public const SUPPORTED_CIPHERS_AND_KEY_SIZE = [ + 'AES-256-CTR' => 32, + 'AES-128-CTR' => 16, + 'AES-256-CFB' => 32, + 'AES-128-CFB' => 16, + ]; + // one out of SUPPORTED_CIPHERS_AND_KEY_SIZE + public const DEFAULT_CIPHER = 'AES-256-CTR'; // default cipher from old Nextcloud versions - const LEGACY_CIPHER = 'AES-128-CFB'; + public const LEGACY_CIPHER = 'AES-128-CFB'; + public const SUPPORTED_KEY_FORMATS = ['hash2', 'hash', 'password']; + // one out of SUPPORTED_KEY_FORMATS + public const DEFAULT_KEY_FORMAT = 'hash2'; // default key format, old Nextcloud version encrypted the private key directly // with the user password - const LEGACY_KEY_FORMAT = 'password'; - - const HEADER_START = 'HBEGIN'; - const HEADER_END = 'HEND'; - - /** @var ILogger */ - private $logger; + public const LEGACY_KEY_FORMAT = 'password'; - /** @var string */ - private $user; + public const HEADER_START = 'HBEGIN'; + public const HEADER_END = 'HEND'; - /** @var IConfig */ - private $config; + // default encoding format, old Nextcloud versions used base64 + public const BINARY_ENCODING_FORMAT = 'binary'; - /** @var array */ - private $supportedKeyFormats; + private string $user; - /** @var IL10N */ - private $l; + private ?string $currentCipher = null; - /** @var array */ - private $supportedCiphersAndKeySize = [ - 'AES-256-CTR' => 32, - 'AES-128-CTR' => 16, - 'AES-256-CFB' => 32, - 'AES-128-CFB' => 16, - ]; + private bool $supportLegacy; /** - * @param ILogger $logger - * @param IUserSession $userSession - * @param IConfig $config - * @param IL10N $l + * Use the legacy base64 encoding instead of the more space-efficient binary encoding. */ - public function __construct(ILogger $logger, IUserSession $userSession, IConfig $config, IL10N $l) { - $this->logger = $logger; - $this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : '"no user given"'; - $this->config = $config; - $this->l = $l; - $this->supportedKeyFormats = ['hash', 'password']; + private bool $useLegacyBase64Encoding; + + public function __construct( + private LoggerInterface $logger, + IUserSession $userSession, + private IConfig $config, + private IL10N $l, + ) { + $this->user = $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : '"no user given"'; + $this->supportLegacy = $this->config->getSystemValueBool('encryption.legacy_format_support', false); + $this->useLegacyBase64Encoding = $this->config->getSystemValueBool('encryption.use_legacy_base64_encoding', false); } /** * create new private/public key-pair for user * - * @return array|bool + * @return array{publicKey: string, privateKey: string}|false */ public function createKeyPair() { - - $log = $this->logger; $res = $this->getOpenSSLPKey(); if (!$res) { - $log->error("Encryption Library couldn't generate users key-pair for {$this->user}", + $this->logger->error("Encryption Library couldn't generate users key-pair for {$this->user}", ['app' => 'encryption']); if (openssl_error_string()) { - $log->error('Encryption library openssl_pkey_new() fails: ' . openssl_error_string(), + $this->logger->error('Encryption library openssl_pkey_new() fails: ' . openssl_error_string(), ['app' => 'encryption']); } } elseif (openssl_pkey_export($res, @@ -133,10 +108,10 @@ class Crypt { 'privateKey' => $privateKey ]; } - $log->error('Encryption library couldn\'t export users private key, please check your servers OpenSSL configuration.' . $this->user, + $this->logger->error('Encryption library couldn\'t export users private key, please check your servers OpenSSL configuration.' . $this->user, ['app' => 'encryption']); if (openssl_error_string()) { - $log->error('Encryption Library:' . openssl_error_string(), + $this->logger->error('Encryption Library:' . openssl_error_string(), ['app' => 'encryption']); } @@ -146,19 +121,14 @@ class Crypt { /** * Generates a new private key * - * @return resource + * @return \OpenSSLAsymmetricKey|false */ public function getOpenSSLPKey() { $config = $this->getOpenSSLConfig(); return openssl_pkey_new($config); } - /** - * get openSSL Config - * - * @return array - */ - private function getOpenSSLConfig() { + private function getOpenSSLConfig(): array { $config = ['private_key_bits' => 4096]; $config = array_merge( $config, @@ -168,15 +138,9 @@ class Crypt { } /** - * @param string $plainContent - * @param string $passPhrase - * @param int $version - * @param int $position - * @return false|string * @throws EncryptionFailedException */ - public function symmetricEncryptFileContent($plainContent, $passPhrase, $version, $position) { - + public function symmetricEncryptFileContent(string $plainContent, string $passPhrase, int $version, string $position): string|false { if (!$plainContent) { $this->logger->error('Encryption Library, symmetrical encryption failed no content given', ['app' => 'encryption']); @@ -191,52 +155,48 @@ class Crypt { $this->getCipher()); // Create a signature based on the key as well as the current version - $sig = $this->createSignature($encryptedContent, $passPhrase.$version.$position); + $sig = $this->createSignature($encryptedContent, $passPhrase . '_' . $version . '_' . $position); // combine content to encrypt the IV identifier and actual IV $catFile = $this->concatIV($encryptedContent, $iv); $catFile = $this->concatSig($catFile, $sig); - $padded = $this->addPadding($catFile); - - return $padded; + return $this->addPadding($catFile); } /** * generate header for encrypted file * - * @param string $keyFormat (can be 'hash' or 'password') + * @param string $keyFormat see SUPPORTED_KEY_FORMATS * @return string * @throws \InvalidArgumentException */ - public function generateHeader($keyFormat = 'hash') { - - if (in_array($keyFormat, $this->supportedKeyFormats, true) === false) { + public function generateHeader($keyFormat = self::DEFAULT_KEY_FORMAT) { + if (in_array($keyFormat, self::SUPPORTED_KEY_FORMATS, true) === false) { throw new \InvalidArgumentException('key format "' . $keyFormat . '" is not supported'); } - $cipher = $this->getCipher(); - $header = self::HEADER_START - . ':cipher:' . $cipher - . ':keyFormat:' . $keyFormat - . ':' . self::HEADER_END; + . ':cipher:' . $this->getCipher() + . ':keyFormat:' . $keyFormat; + + if ($this->useLegacyBase64Encoding !== true) { + $header .= ':encoding:' . self::BINARY_ENCODING_FORMAT; + } + + $header .= ':' . self::HEADER_END; return $header; } /** - * @param string $plainContent - * @param string $iv - * @param string $passPhrase - * @param string $cipher - * @return string * @throws EncryptionFailedException */ - private function encrypt($plainContent, $iv, $passPhrase = '', $cipher = self::DEFAULT_CIPHER) { + private function encrypt(string $plainContent, string $iv, string $passPhrase = '', string $cipher = self::DEFAULT_CIPHER): string { + $options = $this->useLegacyBase64Encoding ? 0 : OPENSSL_RAW_DATA; $encryptedContent = openssl_encrypt($plainContent, $cipher, $passPhrase, - false, + $options, $iv); if (!$encryptedContent) { @@ -250,32 +210,40 @@ class Crypt { } /** - * return Cipher either from config.php or the default cipher defined in + * return cipher either from config.php or the default cipher defined in * this class - * - * @return string */ - public function getCipher() { - $cipher = $this->config->getSystemValue('cipher', self::DEFAULT_CIPHER); - if (!isset($this->supportedCiphersAndKeySize[$cipher])) { + private function getCachedCipher(): string { + if (isset($this->currentCipher)) { + return $this->currentCipher; + } + + // Get cipher either from config.php or the default cipher defined in this class + $cipher = $this->config->getSystemValueString('cipher', self::DEFAULT_CIPHER); + if (!isset(self::SUPPORTED_CIPHERS_AND_KEY_SIZE[$cipher])) { $this->logger->warning( - sprintf( - 'Unsupported cipher (%s) defined in config.php supported. Falling back to %s', - $cipher, - self::DEFAULT_CIPHER - ), - ['app' => 'encryption']); + sprintf( + 'Unsupported cipher (%s) defined in config.php supported. Falling back to %s', + $cipher, + self::DEFAULT_CIPHER + ), + ['app' => 'encryption'] + ); $cipher = self::DEFAULT_CIPHER; } - // Workaround for OpenSSL 0.9.8. Fallback to an old cipher that should work. - if(OPENSSL_VERSION_NUMBER < 0x1000101f) { - if($cipher === 'AES-256-CTR' || $cipher === 'AES-128-CTR') { - $cipher = self::LEGACY_CIPHER; - } - } + // Remember current cipher to avoid frequent lookups + $this->currentCipher = $cipher; + return $this->currentCipher; + } - return $cipher; + /** + * return current encryption cipher + * + * @return string + */ + public function getCipher() { + return $this->getCachedCipher(); } /** @@ -286,14 +254,14 @@ class Crypt { * @throws \InvalidArgumentException */ protected function getKeySize($cipher) { - if(isset($this->supportedCiphersAndKeySize[$cipher])) { - return $this->supportedCiphersAndKeySize[$cipher]; + if (isset(self::SUPPORTED_CIPHERS_AND_KEY_SIZE[$cipher])) { + return self::SUPPORTED_CIPHERS_AND_KEY_SIZE[$cipher]; } throw new \InvalidArgumentException( sprintf( - 'Unsupported cipher (%s) defined.', - $cipher + 'Unsupported cipher (%s) defined.', + $cipher ) ); } @@ -304,24 +272,18 @@ class Crypt { * @return string */ public function getLegacyCipher() { + if (!$this->supportLegacy) { + throw new ServerNotAvailableException('Legacy cipher is no longer supported!'); + } + return self::LEGACY_CIPHER; } - /** - * @param string $encryptedContent - * @param string $iv - * @return string - */ - private function concatIV($encryptedContent, $iv) { + private function concatIV(string $encryptedContent, string $iv): string { return $encryptedContent . '00iv00' . $iv; } - /** - * @param string $encryptedContent - * @param string $signature - * @return string - */ - private function concatSig($encryptedContent, $signature) { + private function concatSig(string $encryptedContent, string $signature): string { return $encryptedContent . '00sig00' . $signature; } @@ -329,38 +291,30 @@ class Crypt { * Note: This is _NOT_ a padding used for encryption purposes. It is solely * used to achieve the PHP stream size. It has _NOTHING_ to do with the * encrypted content and is not used in any crypto primitive. - * - * @param string $data - * @return string */ - private function addPadding($data) { + private function addPadding(string $data): string { return $data . 'xxx'; } /** * generate password hash used to encrypt the users private key * - * @param string $password - * @param string $cipher * @param string $uid only used for user keys - * @return string */ - protected function generatePasswordHash($password, $cipher, $uid = '') { + protected function generatePasswordHash(string $password, string $cipher, string $uid = '', int $iterations = 600000): string { $instanceId = $this->config->getSystemValue('instanceid'); $instanceSecret = $this->config->getSystemValue('secret'); $salt = hash('sha256', $uid . $instanceId . $instanceSecret, true); $keySize = $this->getKeySize($cipher); - $hash = hash_pbkdf2( + return hash_pbkdf2( 'sha256', $password, $salt, - 100000, + $iterations, $keySize, true ); - - return $hash; } /** @@ -378,7 +332,7 @@ class Crypt { $privateKey, $hash, 0, - 0 + '0' ); return $encryptedKey; @@ -391,13 +345,12 @@ class Crypt { * @return false|string */ public function decryptPrivateKey($privateKey, $password = '', $uid = '') { - $header = $this->parseHeader($privateKey); if (isset($header['cipher'])) { $cipher = $header['cipher']; } else { - $cipher = self::LEGACY_CIPHER; + $cipher = $this->getLegacyCipher(); } if (isset($header['keyFormat'])) { @@ -407,9 +360,13 @@ class Crypt { } if ($keyFormat === 'hash') { - $password = $this->generatePasswordHash($password, $cipher, $uid); + $password = $this->generatePasswordHash($password, $cipher, $uid, 100000); + } elseif ($keyFormat === 'hash2') { + $password = $this->generatePasswordHash($password, $cipher, $uid, 600000); } + $binaryEncoding = isset($header['encoding']) && $header['encoding'] === self::BINARY_ENCODING_FORMAT; + // If we found a header we need to remove it from the key we want to decrypt if (!empty($header)) { $privateKey = substr($privateKey, @@ -421,7 +378,9 @@ class Crypt { $privateKey, $password, $cipher, - 0 + 0, + 0, + $binaryEncoding ); if ($this->isValidPrivateKey($plainKey) === false) { @@ -439,7 +398,7 @@ class Crypt { */ protected function isValidPrivateKey($plainKey) { $res = openssl_get_privatekey($plainKey); - if (is_resource($res)) { + if (is_object($res) && get_class($res) === 'OpenSSLAsymmetricKey') { $sslInfo = openssl_pkey_get_details($res); if (isset($sslInfo['key'])) { return true; @@ -454,60 +413,68 @@ class Crypt { * @param string $passPhrase * @param string $cipher * @param int $version - * @param int $position + * @param int|string $position + * @param boolean $binaryEncoding * @return string * @throws DecryptionFailedException */ - public function symmetricDecryptFileContent($keyFileContents, $passPhrase, $cipher = self::DEFAULT_CIPHER, $version = 0, $position = 0) { + public function symmetricDecryptFileContent($keyFileContents, $passPhrase, $cipher = self::DEFAULT_CIPHER, $version = 0, $position = 0, bool $binaryEncoding = false) { + if ($keyFileContents == '') { + return ''; + } + $catFile = $this->splitMetaData($keyFileContents, $cipher); if ($catFile['signature'] !== false) { - $this->checkSignature($catFile['encrypted'], $passPhrase.$version.$position, $catFile['signature']); + try { + // First try the new format + $this->checkSignature($catFile['encrypted'], $passPhrase . '_' . $version . '_' . $position, $catFile['signature']); + } catch (GenericEncryptionException $e) { + // For compatibility with old files check the version without _ + $this->checkSignature($catFile['encrypted'], $passPhrase . $version . $position, $catFile['signature']); + } } return $this->decrypt($catFile['encrypted'], $catFile['iv'], $passPhrase, - $cipher); + $cipher, + $binaryEncoding); } /** * check for valid signature * - * @param string $data - * @param string $passPhrase - * @param string $expectedSignature * @throws GenericEncryptionException */ - private function checkSignature($data, $passPhrase, $expectedSignature) { + private function checkSignature(string $data, string $passPhrase, string $expectedSignature): void { + $enforceSignature = !$this->config->getSystemValueBool('encryption_skip_signature_check', false); + $signature = $this->createSignature($data, $passPhrase); - if (!hash_equals($expectedSignature, $signature)) { - throw new GenericEncryptionException('Bad Signature', $this->l->t('Bad Signature')); + $isCorrectHash = hash_equals($expectedSignature, $signature); + + if (!$isCorrectHash) { + if ($enforceSignature) { + throw new GenericEncryptionException('Bad Signature', $this->l->t('Bad Signature')); + } else { + $this->logger->info('Signature check skipped', ['app' => 'encryption']); + } } } /** * create signature - * - * @param string $data - * @param string $passPhrase - * @return string */ - private function createSignature($data, $passPhrase) { + private function createSignature(string $data, string $passPhrase): string { $passPhrase = hash('sha512', $passPhrase . 'a', true); - $signature = hash_hmac('sha256', $data, $passPhrase); - return $signature; + return hash_hmac('sha256', $data, $passPhrase); } /** - * remove padding - * - * @param string $padded * @param bool $hasSignature did the block contain a signature, in this case we use a different padding - * @return string|false */ - private function removePadding($padded, $hasSignature = false) { + private function removePadding(string $padded, bool $hasSignature = false): string|false { if ($hasSignature === false && substr($padded, -2) === 'xx') { return substr($padded, 0, -2); } elseif ($hasSignature === true && substr($padded, -3) === 'xxx') { @@ -520,12 +487,8 @@ class Crypt { * split meta data from encrypted file * Note: for now, we assume that the meta data always start with the iv * followed by the signature, if available - * - * @param string $catFile - * @param string $cipher - * @return array */ - private function splitMetaData($catFile, $cipher) { + private function splitMetaData(string $catFile, string $cipher): array { if ($this->hasSignature($catFile, $cipher)) { $catFile = $this->removePadding($catFile, true); $meta = substr($catFile, -93); @@ -550,17 +513,21 @@ class Crypt { /** * check if encrypted block is signed * - * @param string $catFile - * @param string $cipher - * @return bool * @throws GenericEncryptionException */ - private function hasSignature($catFile, $cipher) { + private function hasSignature(string $catFile, string $cipher): bool { + $skipSignatureCheck = $this->config->getSystemValueBool('encryption_skip_signature_check', false); + $meta = substr($catFile, -93); $signaturePosition = strpos($meta, '00sig00'); - // enforce signature for the new 'CTR' ciphers - if ($signaturePosition === false && strpos(strtolower($cipher), 'ctr') !== false) { + // If we no longer support the legacy format then everything needs a signature + if (!$skipSignatureCheck && !$this->supportLegacy && $signaturePosition === false) { + throw new GenericEncryptionException('Missing Signature', $this->l->t('Missing Signature')); + } + + // Enforce signature for the new 'CTR' ciphers + if (!$skipSignatureCheck && $signaturePosition === false && stripos($cipher, 'ctr') !== false) { throw new GenericEncryptionException('Missing Signature', $this->l->t('Missing Signature')); } @@ -569,18 +536,14 @@ class Crypt { /** - * @param string $encryptedContent - * @param string $iv - * @param string $passPhrase - * @param string $cipher - * @return string * @throws DecryptionFailedException */ - private function decrypt($encryptedContent, $iv, $passPhrase = '', $cipher = self::DEFAULT_CIPHER) { + private function decrypt(string $encryptedContent, string $iv, string $passPhrase = '', string $cipher = self::DEFAULT_CIPHER, bool $binaryEncoding = false): string { + $options = $binaryEncoding === true ? OPENSSL_RAW_DATA : 0; $plainContent = openssl_decrypt($encryptedContent, $cipher, $passPhrase, - false, + $options, $iv); if ($plainContent) { @@ -619,10 +582,9 @@ class Crypt { /** * generate initialization vector * - * @return string * @throws GenericEncryptionException */ - private function generateIv() { + private function generateIv(): string { return random_bytes(16); } @@ -638,18 +600,31 @@ class Crypt { } /** - * @param $encKeyFile - * @param $shareKey - * @param $privateKey - * @return string + * @param \OpenSSLAsymmetricKey|\OpenSSLCertificate|array|string $privateKey * @throws MultiKeyDecryptException */ - public function multiKeyDecrypt($encKeyFile, $shareKey, $privateKey) { + public function multiKeyDecrypt(string $shareKey, $privateKey): string { + $plainContent = ''; + + // decrypt the intermediate key with RSA + if (openssl_private_decrypt($shareKey, $intermediate, $privateKey, OPENSSL_PKCS1_OAEP_PADDING)) { + return $intermediate; + } else { + throw new MultiKeyDecryptException('multikeydecrypt with share key failed:' . openssl_error_string()); + } + } + + /** + * @param \OpenSSLAsymmetricKey|\OpenSSLCertificate|array|string $privateKey + * @throws MultiKeyDecryptException + */ + public function multiKeyDecryptLegacy(string $encKeyFile, string $shareKey, $privateKey): string { if (!$encKeyFile) { throw new MultiKeyDecryptException('Cannot multikey decrypt empty plain content'); } - if (openssl_open($encKeyFile, $plainContent, $shareKey, $privateKey)) { + $plainContent = ''; + if ($this->opensslOpen($encKeyFile, $plainContent, $shareKey, $privateKey, 'RC4')) { return $plainContent; } else { throw new MultiKeyDecryptException('multikeydecrypt with share key failed:' . openssl_error_string()); @@ -657,12 +632,55 @@ class Crypt { } /** + * @param array<string,\OpenSSLAsymmetricKey|\OpenSSLCertificate|array|string> $keyFiles + * @throws MultiKeyEncryptException + */ + public function multiKeyEncrypt(string $plainContent, array $keyFiles): array { + if (empty($plainContent)) { + throw new MultiKeyEncryptException('Cannot multikeyencrypt empty plain content'); + } + + // Set empty vars to be set by openssl by reference + $shareKeys = []; + $mappedShareKeys = []; + + // make sure that there is at least one public key to use + if (count($keyFiles) >= 1) { + // prepare the encrypted keys + $shareKeys = []; + + // iterate over the public keys and encrypt the intermediate + // for each of them with RSA + foreach ($keyFiles as $tmp_key) { + if (openssl_public_encrypt($plainContent, $tmp_output, $tmp_key, OPENSSL_PKCS1_OAEP_PADDING)) { + $shareKeys[] = $tmp_output; + } + } + + // set the result if everything worked fine + if (count($keyFiles) === count($shareKeys)) { + $i = 0; + + // Ensure each shareKey is labelled with its corresponding key id + foreach ($keyFiles as $userId => $publicKey) { + $mappedShareKeys[$userId] = $shareKeys[$i]; + $i++; + } + + return $mappedShareKeys; + } + } + throw new MultiKeyEncryptException('multikeyencryption failed ' . openssl_error_string()); + } + + /** * @param string $plainContent * @param array $keyFiles * @return array * @throws MultiKeyEncryptException + * @deprecated 27.0.0 use multiKeyEncrypt */ - public function multiKeyEncrypt($plainContent, array $keyFiles) { + public function multiKeyEncryptLegacy($plainContent, array $keyFiles) { // openssl_seal returns false without errors if plaincontent is empty // so trigger our own error if (empty($plainContent)) { @@ -674,7 +692,7 @@ class Crypt { $shareKeys = []; $mappedShareKeys = []; - if (openssl_seal($plainContent, $sealed, $shareKeys, $keyFiles)) { + if ($this->opensslSeal($plainContent, $sealed, $shareKeys, $keyFiles, 'RC4')) { $i = 0; // Ensure each shareKey is labelled with its corresponding key id @@ -691,5 +709,107 @@ class Crypt { throw new MultiKeyEncryptException('multikeyencryption failed ' . openssl_error_string()); } } -} + /** + * returns the value of $useLegacyBase64Encoding + * + * @return bool + */ + public function useLegacyBase64Encoding(): bool { + return $this->useLegacyBase64Encoding; + } + + /** + * Uses phpseclib RC4 implementation + */ + private function rc4Decrypt(string $data, string $secret): string { + $rc4 = new RC4(); + /** @psalm-suppress InternalMethod */ + $rc4->setKey($secret); + + return $rc4->decrypt($data); + } + + /** + * Uses phpseclib RC4 implementation + */ + private function rc4Encrypt(string $data, string $secret): string { + $rc4 = new RC4(); + /** @psalm-suppress InternalMethod */ + $rc4->setKey($secret); + + return $rc4->encrypt($data); + } + + /** + * Custom implementation of openssl_open() + * + * @param \OpenSSLAsymmetricKey|\OpenSSLCertificate|array|string $private_key + * @throws DecryptionFailedException + */ + private function opensslOpen(string $data, string &$output, string $encrypted_key, $private_key, string $cipher_algo): bool { + $result = false; + + // check if RC4 is used + if (strcasecmp($cipher_algo, 'rc4') === 0) { + // decrypt the intermediate key with RSA + if (openssl_private_decrypt($encrypted_key, $intermediate, $private_key, OPENSSL_PKCS1_PADDING)) { + // decrypt the file key with the intermediate key + // using our own RC4 implementation + $output = $this->rc4Decrypt($data, $intermediate); + $result = (strlen($output) === strlen($data)); + } + } else { + throw new DecryptionFailedException('Unsupported cipher ' . $cipher_algo); + } + + return $result; + } + + /** + * Custom implementation of openssl_seal() + * + * @deprecated 27.0.0 use multiKeyEncrypt + * @throws EncryptionFailedException + */ + private function opensslSeal(string $data, string &$sealed_data, array &$encrypted_keys, array $public_key, string $cipher_algo): int|false { + $result = false; + + // check if RC4 is used + if (strcasecmp($cipher_algo, 'rc4') === 0) { + // make sure that there is at least one public key to use + if (count($public_key) >= 1) { + // generate the intermediate key + $intermediate = openssl_random_pseudo_bytes(16, $strong_result); + + // check if we got strong random data + if ($strong_result) { + // encrypt the file key with the intermediate key + // using our own RC4 implementation + $sealed_data = $this->rc4Encrypt($data, $intermediate); + if (strlen($sealed_data) === strlen($data)) { + // prepare the encrypted keys + $encrypted_keys = []; + + // iterate over the public keys and encrypt the intermediate + // for each of them with RSA + foreach ($public_key as $tmp_key) { + if (openssl_public_encrypt($intermediate, $tmp_output, $tmp_key, OPENSSL_PKCS1_PADDING)) { + $encrypted_keys[] = $tmp_output; + } + } + + // set the result if everything worked fine + if (count($public_key) === count($encrypted_keys)) { + $result = strlen($sealed_data); + } + } + } + } + } else { + throw new EncryptionFailedException('Unsupported cipher ' . $cipher_algo); + } + + return $result; + } +} |