sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
72,217 Commits
650 Branches
1176 Tags
9.6 GiB
Commit Graph

49 Commits (7620d230df8756a9c439c4acbd756fbeae9345f7)

Author SHA1 Message Date
Joas Schilling aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-23 10:36:13 +07:00
Côme Chilliet 3e176f58af Improve typing as suggested by review 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-08-08 09:14:16 +07:00
Côme Chilliet 1e06b61f59 Migrate away from ILogger in encryption 
And modernize code a bit

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-08-08 09:14:16 +07:00
Côme Chilliet 2a6f347430 Increase from 100000 to 600000 iterations for hash_pbkdf2 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-05-23 20:53:33 +07:00
jld3103 2f653c8be8
Cleanup signature checking logic in encryption 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-04-14 09:07:20 +07:00
Côme Chilliet 430009b8e2
Add a test for multiKeyEncrypt/Decrypt methods 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-03-20 14:19:13 +07:00
Côme Chilliet 8900d030d1
Adapt code to new encryption system 
fileKey gets deleted upon save as it’s stored in shareKeys instead now.
We use presence of a fileKey to detect if a file is using the legacy
 system or the new one, because we do not always have access to header
 data.

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-03-17 11:08:58 +07:00
Côme Chilliet fbe282caeb
Getting rid of openssl_seal and rc4 in server side encryption 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-03-17 11:08:50 +07:00
Côme Chilliet f2912ce8bc Set functions as private to be able to refactor later 
Also a few comment fixes

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-02-21 13:36:25 +07:00
Côme Chilliet 71482576ad Move to phpseclib implementation of RC4 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-02-21 13:36:25 +07:00
Côme Chilliet bd626e3693 Strong type custom openssl_seal implementation 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-02-21 13:36:25 +07:00
Côme Chilliet deed6393fb Always wrap rc4, and throws on unknown cipher 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-02-21 13:36:25 +07:00
Kevin Niehage 81638436e5 introduce wrapped_openssl_seal() and wrapped_openssl_open() to circument RC4 problems with OpenSSL v3 
Signed-off-by: Kevin Niehage <k.niehage@syseleven.de>
 2023-02-21 13:36:25 +07:00
Côme Chilliet 7ebbb6b2ca
Remove workarounds specific to 7.4 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-01-20 11:22:08 +07:00
Côme Chilliet 9430899f16
Fix psalm issues related to signature changes from PHP 8.0 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-12-29 12:36:34 +07:00
J0WI 71e490090f Replace getSystemValue in encryption app 
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
 2022-12-05 14:30:58 +07:00
plumbeo 1258caeab7 Save encrypted files in binary format 
Default to the more space-efficient binary encoding for newly encrypted files
instead of the traditional base64 encoding, eliminating the 33% overhead.

The new option 'encryption.use_legacy_encoding' allows to force the legacy
encoding format if needed. Files encoded in the old format remain readable.

Based on https://github.com/owncloud/encryption/pull/224 and
https://github.com/owncloud/core/pull/38249 by karakayasemi.

Signed-off-by: plumbeo <plumbeo@users.noreply.github.com>
 2022-05-04 17:38:25 +07:00
Carl Schwan aeecb72e96
Fix a few psalm issues and moved back to psalm/phar 4.18 
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-01-12 20:03:06 +07:00
J0WI c694b9d52b Remember current cipher 
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
 2021-06-29 13:41:22 +07:00
blizzz c6d5653a85
Merge pull request #26323 from J0WI/crypt-const 
Use constant for supported formats
 2021-06-23 11:17:05 +07:00
John Molakvoæ (skjnldsv) 215aef3cbd
Update php licenses 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2021-06-04 22:02:41 +07:00
J0WI e617361250 Use constant for supported formats 
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
 2021-03-26 19:24:04 +07:00
J0WI 21494a5b7b Drop OpenSSL 0.9.8 workaround 
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
 2021-03-26 19:23:10 +07:00
Roeland Jago Douma b3037dee6a
FIXME use default RC4 method 
* We should pick better default method!

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2020-12-07 15:44:04 +07:00
Roeland Jago Douma 98eede7f68
Fix encryption test 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2020-12-07 15:44:04 +07:00
Christoph Wurst b2de9a6f9e
The encryption decrypt position can be int or string 
The public API said string, internally we treated it as int. In reality
both are used. Let's reflect that in the documented argument type.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-10-13 10:51:22 +07:00
Christoph Wurst 2a054e6c04
Update the license headers for Nextcloud 20 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-08-24 14:54:25 +07:00
Roeland Jago Douma 8928bbe969
Make legacy cipher opt in 
* Systems that upgrade have this enabled by default
* New systems disable it
* We'll have to add some wargning in the setup checks if this is enabled

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2020-08-19 15:45:45 +07:00
Roeland Jago Douma 9975b80d41
SSE enhancement 
Do not blind concatenate ints. Lets add a _ between them. So that we can
distrinquis them properly

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2020-08-11 19:26:41 +07:00
Christoph Wurst cb057829f7
Update license headers for 19 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-29 11:57:22 +07:00
Christoph Wurst 28f8eb5dba
Add visibility to all constants 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-10 16:54:27 +07:00
Christoph Wurst caff1023ea
Format control structures, classes, methods and function 
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.

This also removes and empty lines from method/function bodies at the
beginning and end.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-10 14:19:56 +07:00
Christoph Wurst 14c996d982
Use elseif instead of else if 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-10 10:35:09 +07:00
Christoph Wurst 41b5e5923a
Use exactly one empty line after the namespace declaration 
For PSR2

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 11:48:10 +07:00
Christoph Wurst 5bf3d1bb38
Update license headers 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-12-05 15:38:45 +07:00
Roeland Jago Douma 68748d4f85
Some php-cs fixes 
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-22 20:52:10 +07:00
Bjoern Schiessle 34d4c2bc16
improve variable naming 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-11-30 15:24:05 +07:00
Bjoern Schiessle 8796c6bc78
in case 'encryption_skip_signature_check' was set to true we accept if the file doesn't has a signature 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-11-27 23:38:41 +07:00
Bjoern Schiessle 7a61ffc3dd
Allow to disable the signature check 
This allows you to recover encryption files even if the signature is broken

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-11-27 11:08:41 +07:00
Stefan Weiberg 375f167c67 Adding a check to see if keyFileContents is empty: 
* this fixes a download error and an exception if the data content
  for encryption is empty
* #3958: for recovering encrypted files with a damaged signature
  this is necessary in addition to turning the signature check off

Signed-off-by: Stefan Weiberg <sweiberg@suse.com>
 2018-08-21 15:21:26 +07:00
Morris Jobke e2974f1133
Simplify return statement 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-02-13 21:55:24 +07:00
Morris Jobke 464f024fa9
Use stripos instead of strpos(strtolower(), 'something') 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-01-25 22:59:50 +07:00
Morris Jobke 0eebff152a
Update license headers 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-11-06 16:56:19 +07:00
Joas Schilling 0ebdf871e0 Fix comparisons in encryption app 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-08-01 13:54:07 +07:00
Morris Jobke 1729e4471f
Update comments to Nextcloud 
* based on PR by @Ardinis
* see #4311

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-11 23:16:27 +07:00
Bjoern Schiessle 9ce32d9941
always throw a encryption exception 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2017-03-14 12:11:28 +07:00
Joas Schilling 813f0a0f40
Fix apps/ 2016-07-21 18:13:57 +07:00
Lukas Reschke aba539703c
Update license headers 2016-05-26 19:57:24 +07:00
Joas Schilling 4a3311f430 Move Encryption app to PSR-4 (#24524) 
* Move Encryption to PSR-4

* Move encryption tests to PSR-4

* Fix the tests
 2016-05-12 09:42:19 +07:00