From 0ce5debad2d4619ed33344a872e16fec131b8e7e Mon Sep 17 00:00:00 2001
From: Ilja Neumann <node512@gmail.com>
Date: Wed, 20 Jul 2022 17:34:11 +0200
Subject: [PATCH] Disable signature check via env-variable

---
 lib/Crypto/Crypt.php | 24 +++++++++++++++---------
 1 file changed, 15 insertions(+), 9 deletions(-)

diff --git a/lib/Crypto/Crypt.php b/lib/Crypto/Crypt.php
index cd4e176..fbd7aab 100644
--- a/lib/Crypto/Crypt.php
+++ b/lib/Crypto/Crypt.php
@@ -496,15 +496,19 @@ protected function isValidPrivateKey($plainKey) {
 	public function symmetricDecryptFileContent($keyFileContents, $passPhrase, $cipher = self::DEFAULT_CIPHER, $version = 0, $position = 0, $binaryEncode = false) {
 		$catFile = $this->splitMetaData($keyFileContents, $cipher);
 
-		if ($catFile['signature'] !== false) {
-			try {
-				$this->checkSignature($catFile['encrypted'], $passPhrase . $version . "-" . $position, $catFile['signature']);
-			} catch (HintException $e) {
-				// Check legacy format...
-				$this->checkSignature($catFile['encrypted'], $passPhrase . $version . $position, $catFile['signature']);
+
+		if (\getenv('ENCRYPTION_DISABLE_SIGNATURE', false) === false) {
+			if ($catFile['signature'] !== false) {
+				try {
+					$this->checkSignature($catFile['encrypted'], $passPhrase . $version . "-" . $position, $catFile['signature']);
+				} catch (HintException $e) {
+					// Check legacy format...
+					$this->checkSignature($catFile['encrypted'], $passPhrase . $version . $position, $catFile['signature']);
+				}
 			}
 		}
 
+
 		return $this->decrypt(
 			$catFile['encrypted'],
 			$catFile['iv'],
@@ -601,9 +605,11 @@ private function hasSignature($catFile, $cipher) {
 		$meta = \substr($catFile, -93);
 		$signaturePosition = \strpos($meta, '00sig00');
 
-		// enforce signature for the new 'CTR' ciphers
-		if ($signaturePosition === false && \strpos(\strtolower($cipher), 'ctr') !== false) {
-			throw new HintException('Missing Signature', $this->l->t('Missing Signature'));
+		if (\getenv('ENCRYPTION_DISABLE_SIGNATURE', false) === false) {
+			// enforce signature for the new 'CTR' ciphers
+			if ($signaturePosition === false && \strpos(\strtolower($cipher), 'ctr') !== false) {
+				throw new HintException('Missing Signature', $this->l->t('Missing Signature'));
+			}
 		}
 
 		return ($signaturePosition !== false);