summaryrefslogtreecommitdiffstats
path: root/apps/files_encryption/lib/helper.php
diff options
context:
space:
mode:
Diffstat (limited to 'apps/files_encryption/lib/helper.php')
-rwxr-xr-xapps/files_encryption/lib/helper.php39
1 files changed, 28 insertions, 11 deletions
diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php
index 214e212b675..d427c51732f 100755
--- a/apps/files_encryption/lib/helper.php
+++ b/apps/files_encryption/lib/helper.php
@@ -144,19 +144,17 @@ class Helper {
$view->file_put_contents('/public-keys/' . $recoveryKeyId . '.public.key', $keypair['publicKey']);
- // Encrypt private key empty passphrase
- $encryptedPrivateKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($keypair['privateKey'], $recoveryPassword);
-
- // Save private key
- $view->file_put_contents('/owncloud_private_key/' . $recoveryKeyId . '.private.key', $encryptedPrivateKey);
+ $cipher = \OCA\Encryption\Helper::getCipher();
+ $encryptedKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($keypair['privateKey'], $recoveryPassword, $cipher);
+ if ($encryptedKey) {
+ Keymanager::setPrivateSystemKey($encryptedKey, $recoveryKeyId . '.private.key');
+ // Set recoveryAdmin as enabled
+ $appConfig->setValue('files_encryption', 'recoveryAdminEnabled', 1);
+ $return = true;
+ }
\OC_FileProxy::$enabled = true;
- // Set recoveryAdmin as enabled
- $appConfig->setValue('files_encryption', 'recoveryAdminEnabled', 1);
-
- $return = true;
-
} else { // get recovery key and check the password
$util = new \OCA\Encryption\Util(new \OC\Files\View('/'), \OCP\User::getUser());
$return = $util->checkRecoveryPassword($recoveryPassword);
@@ -230,7 +228,6 @@ class Helper {
return $return;
}
-
/**
* checks if access is public/anonymous user
* @return bool
@@ -478,5 +475,25 @@ class Helper {
return false;
}
+
+ /**
+ * read the cipher used for encryption from the config.php
+ *
+ * @return string
+ */
+ public static function getCipher() {
+
+ $cipher = \OCP\Config::getSystemValue('cipher', Crypt::DEFAULT_CIPHER);
+
+ if ($cipher !== 'AES-256-CFB' && $cipher !== 'AES-128-CFB') {
+ \OCP\Util::writeLog('files_encryption',
+ 'wrong cipher defined in config.php, only AES-128-CFB and AES-256-CFB is supported. Fall back ' . Crypt::DEFAULT_CIPHER,
+ \OCP\Util::WARN);
+
+ $cipher = Crypt::DEFAULT_CIPHER;
+ }
+
+ return $cipher;
+ }
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-19 03:43:38 +0000