From 11561aab211287e60dc6edcbd72d049840149ba4 Mon Sep 17 00:00:00 2001 From: Roeland Jago Douma Date: Tue, 11 Aug 2020 19:26:41 +0200 Subject: [PATCH] SSE enhancement Do not blind concatenate ints. Lets add a _ between them. So that we can distrinquis them properly Signed-off-by: Roeland Jago Douma --- apps/encryption/lib/Crypto/Crypt.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/apps/encryption/lib/Crypto/Crypt.php b/apps/encryption/lib/Crypto/Crypt.php index b2fdec513d227..c8311f4cf73bf 100644 --- a/apps/encryption/lib/Crypto/Crypt.php +++ b/apps/encryption/lib/Crypto/Crypt.php @@ -191,7 +191,7 @@ public function symmetricEncryptFileContent($plainContent, $passPhrase, $version $this->getCipher()); // Create a signature based on the key as well as the current version - $sig = $this->createSignature($encryptedContent, $passPhrase.$version.$position); + $sig = $this->createSignature($encryptedContent, $passPhrase.'_'.$version.'_'.$position); // combine content to encrypt the IV identifier and actual IV $catFile = $this->concatIV($encryptedContent, $iv); @@ -464,7 +464,13 @@ public function symmetricDecryptFileContent($keyFileContents, $passPhrase, $ciph $catFile = $this->splitMetaData($keyFileContents, $cipher); if ($catFile['signature'] !== false) { - $this->checkSignature($catFile['encrypted'], $passPhrase.$version.$position, $catFile['signature']); + try { + // First try the new format + $this->checkSignature($catFile['encrypted'], $passPhrase . '_' . $version . '_' . $position, $catFile['signature']); + } catch (GenericEncryptionException $e) { + // For compatibility with old files check the version without _ + $this->checkSignature($catFile['encrypted'], $passPhrase . $version . $position, $catFile['signature']); + } } return $this->decrypt($catFile['encrypted'],