430009b8e2
Add a test for multiKeyEncrypt/Decrypt methods
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-03-20 14:19:13 +07:00
24e762c59f
Fix encryption file key management
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-03-17 11:08:59 +07:00
8900d030d1
Adapt code to new encryption system
...
fileKey gets deleted upon save as it’s stored in shareKeys instead now.
We use presence of a fileKey to detect if a file is using the legacy
system or the new one, because we do not always have access to header
data.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-03-17 11:08:58 +07:00
fbe282caeb
Getting rid of openssl_seal and rc4 in server side encryption
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-03-17 11:08:50 +07:00
f2912ce8bc
Set functions as private to be able to refactor later
...
Also a few comment fixes
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-02-21 13:36:25 +07:00
71482576ad
Move to phpseclib implementation of RC4
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-02-21 13:36:25 +07:00
bd626e3693
Strong type custom openssl_seal implementation
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-02-21 13:36:25 +07:00
deed6393fb
Always wrap rc4, and throws on unknown cipher
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-02-21 13:36:25 +07:00
81638436e5
introduce wrapped_openssl_seal() and wrapped_openssl_open() to circument RC4 problems with OpenSSL v3
...
Signed-off-by: Kevin Niehage <k.niehage@syseleven.de>
2023-02-21 13:36:25 +07:00
7ebbb6b2ca
Remove workarounds specific to 7.4
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-01-20 11:22:08 +07:00
9430899f16
Fix psalm issues related to signature changes from PHP 8.0
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2022-12-29 12:36:34 +07:00
71e490090f
Replace getSystemValue in encryption app
...
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2022-12-05 14:30:58 +07:00
1258caeab7
Save encrypted files in binary format
...
Default to the more space-efficient binary encoding for newly encrypted files
instead of the traditional base64 encoding, eliminating the 33% overhead.
The new option 'encryption.use_legacy_encoding' allows to force the legacy
encoding format if needed. Files encoded in the old format remain readable.
Based on https://github.com/owncloud/encryption/pull/224 and
https://github.com/owncloud/core/pull/38249 by karakayasemi.
Signed-off-by: plumbeo <plumbeo@users.noreply.github.com>
2022-05-04 17:38:25 +07:00
aeecb72e96
Fix a few psalm issues and moved back to psalm/phar 4.18
...
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
2022-01-12 20:03:06 +07:00
91051d9207
Generate strong, human readable OTP
...
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2021-07-08 15:11:33 +07:00
c694b9d52b
Remember current cipher
...
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2021-06-29 13:41:22 +07:00
c6d5653a85
Merge pull request #26323 from J0WI/crypt-const
...
Use constant for supported formats
2021-06-23 11:17:05 +07:00
215aef3cbd
Update php licenses
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2021-06-04 22:02:41 +07:00
b9d00a96b3
l10n: Unify spelling
...
Spelling unification in Nextcloud applications.
2021-05-20 09:22:07 +07:00
7c30d1aa2d
Merge pull request #26219 from nextcloud/relative-path-null
...
getRelativePath can return null
2021-03-30 21:10:05 +07:00
e617361250
Use constant for supported formats
...
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2021-03-26 19:24:04 +07:00
21494a5b7b
Drop OpenSSL 0.9.8 workaround
...
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2021-03-26 19:23:10 +07:00
8a92229485
getStorage can also return null
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-03-24 14:56:40 +07:00
eb502c02ff
Bump nextcloud/coding-standard from 0.3.0 to 0.5.0
...
Bumps [nextcloud/coding-standard](https://github.com/nextcloud/coding-standard ) from 0.3.0 to 0.5.0.
- [Release notes](https://github.com/nextcloud/coding-standard/releases )
- [Changelog](https://github.com/nextcloud/coding-standard/blob/master/CHANGELOG.md )
- [Commits](https://github.com/nextcloud/coding-standard/compare/v0.3.0...v0.5.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-02-18 13:31:24 +07:00
918af40f05
Harden EncryptAll check for empty email
...
Reported by psalm
For #25641
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-02-15 22:28:28 +07:00
24d436cb60
Remove unneeded casts that were found by Psalm
...
In preparation of the update of Psalm from 4.2.1 to 4.3.1+ (see https://github.com/nextcloud/server/pull/24521 )
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2021-01-11 13:14:41 +07:00
b3037dee6a
FIXME use default RC4 method
...
* We should pick better default method!
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-12-07 15:44:04 +07:00
98eede7f68
Fix encryption test
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-12-07 15:44:04 +07:00
b2de9a6f9e
The encryption decrypt position can be int or string
...
The public API said string, internally we treated it as int. In reality
both are used. Let's reflect that in the documented argument type.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-10-13 10:51:22 +07:00
d9015a8c94
Format code to a single space around binary operators
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-10-05 20:25:24 +07:00
2a054e6c04
Update the license headers for Nextcloud 20
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-08-24 14:54:25 +07:00
8928bbe969
Make legacy cipher opt in
...
* Systems that upgrade have this enabled by default
* New systems disable it
* We'll have to add some wargning in the setup checks if this is enabled
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-19 15:45:45 +07:00
9975b80d41
SSE enhancement
...
Do not blind concatenate ints. Lets add a _ between them. So that we can
distrinquis them properly
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-11 19:26:41 +07:00
fc1596fada
Encryption is ready if master key is enabled
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-07-21 09:16:43 +07:00
cb057829f7
Update license headers for 19
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-29 11:57:22 +07:00
28f8eb5dba
Add visibility to all constants
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-10 16:54:27 +07:00
caff1023ea
Format control structures, classes, methods and function
...
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.
This also removes and empty lines from method/function bodies at the
beginning and end.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-10 14:19:56 +07:00
14c996d982
Use elseif instead of else if
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-10 10:35:09 +07:00
42625a46be
Remove spaces after method or function call
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-09 16:05:56 +07:00
41b5e5923a
Use exactly one empty line after the namespace declaration
...
For PSR2
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-09 11:48:10 +07:00
1a9330cd69
Update the license headers for Nextcloud 19
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-31 14:52:54 +07:00
b80ebc9674
Use the short array syntax, everywhere
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-26 16:34:56 +07:00
5bf3d1bb38
Update license headers
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-05 15:38:45 +07:00
68748d4f85
Some php-cs fixes
...
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-22 20:52:10 +07:00
34d4c2bc16
improve variable naming
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-11-30 15:24:05 +07:00
8796c6bc78
in case 'encryption_skip_signature_check' was set to true we accept if the file doesn't has a signature
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-11-27 23:38:41 +07:00
7a61ffc3dd
Allow to disable the signature check
...
This allows you to recover encryption files even if the signature is broken
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-11-27 11:08:41 +07:00
87657fffd8
skip already encrypted files on encrypt all command
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-24 16:53:39 +07:00
375f167c67
Adding a check to see if keyFileContents is empty:
...
* this fixes a download error and an exception if the data content
for encryption is empty
* #3958 : for recovering encrypted files with a damaged signature
this is necessary in addition to turning the signature check off
Signed-off-by: Stefan Weiberg <sweiberg@suse.com>
2018-08-21 15:21:26 +07:00
a9e22c5f1c
make file cache updates more robust
...
only update the encrypted version after the write operation is finished and the stream is closed
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-07-31 12:24:38 +07:00
Côme Chilliet
Kevin Niehage
J0WI
plumbeo
Carl Schwan
blizzz
John Molakvoæ (skjnldsv)
Valdnet
Roeland Jago Douma
Robin Appelman
dependabot-preview[bot]
Roeland Jago Douma
Morris Jobke
Christoph Wurst
Julius Härtl
Bjoern Schiessle
Stefan Weiberg