From e6173612506560205e1a1d89879b57372aaef960 Mon Sep 17 00:00:00 2001 From: J0WI Date: Fri, 26 Mar 2021 18:58:13 +0100 Subject: [PATCH] Use constant for supported formats Signed-off-by: J0WI --- apps/encryption/lib/Crypto/Crypt.php | 50 +++++++++++++--------------- 1 file changed, 24 insertions(+), 26 deletions(-) diff --git a/apps/encryption/lib/Crypto/Crypt.php b/apps/encryption/lib/Crypto/Crypt.php index 2ba30425c7f63..0acf74baeca2d 100644 --- a/apps/encryption/lib/Crypto/Crypt.php +++ b/apps/encryption/lib/Crypto/Crypt.php @@ -57,10 +57,20 @@ * @package OCA\Encryption\Crypto */ class Crypt { + public const SUPPORTED_CIPHERS_AND_KEY_SIZE = [ + 'AES-256-CTR' => 32, + 'AES-128-CTR' => 16, + 'AES-256-CFB' => 32, + 'AES-128-CFB' => 16, + ]; + // one out of SUPPORTED_CIPHERS_AND_KEY_SIZE public const DEFAULT_CIPHER = 'AES-256-CTR'; // default cipher from old Nextcloud versions public const LEGACY_CIPHER = 'AES-128-CFB'; + public const SUPPORTED_KEY_FORMATS = ['hash', 'password']; + // one out of SUPPORTED_KEY_FORMATS + public const DEFAULT_KEY_FORMAT = 'hash'; // default key format, old Nextcloud version encrypted the private key directly // with the user password public const LEGACY_KEY_FORMAT = 'password'; @@ -77,20 +87,9 @@ class Crypt { /** @var IConfig */ private $config; - /** @var array */ - private $supportedKeyFormats; - /** @var IL10N */ private $l; - /** @var array */ - private $supportedCiphersAndKeySize = [ - 'AES-256-CTR' => 32, - 'AES-128-CTR' => 16, - 'AES-256-CFB' => 32, - 'AES-128-CFB' => 16, - ]; - /** @var bool */ private $supportLegacy; @@ -105,8 +104,6 @@ public function __construct(ILogger $logger, IUserSession $userSession, IConfig $this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : '"no user given"'; $this->config = $config; $this->l = $l; - $this->supportedKeyFormats = ['hash', 'password']; - $this->supportLegacy = $this->config->getSystemValueBool('encryption.legacy_format_support', false); } @@ -207,12 +204,12 @@ public function symmetricEncryptFileContent($plainContent, $passPhrase, $version /** * generate header for encrypted file * - * @param string $keyFormat (can be 'hash' or 'password') + * @param string $keyFormat see SUPPORTED_KEY_FORMATS * @return string * @throws \InvalidArgumentException */ - public function generateHeader($keyFormat = 'hash') { - if (in_array($keyFormat, $this->supportedKeyFormats, true) === false) { + public function generateHeader($keyFormat = self::DEFAULT_KEY_FORMAT) { + if (in_array($keyFormat, self::SUPPORTED_KEY_FORMATS, true) === false) { throw new \InvalidArgumentException('key format "' . $keyFormat . '" is not supported'); } @@ -259,14 +256,15 @@ private function encrypt($plainContent, $iv, $passPhrase = '', $cipher = self::D */ public function getCipher() { $cipher = $this->config->getSystemValue('cipher', self::DEFAULT_CIPHER); - if (!isset($this->supportedCiphersAndKeySize[$cipher])) { + if (!isset(self::SUPPORTED_CIPHERS_AND_KEY_SIZE[$cipher])) { $this->logger->warning( - sprintf( - 'Unsupported cipher (%s) defined in config.php supported. Falling back to %s', - $cipher, - self::DEFAULT_CIPHER - ), - ['app' => 'encryption']); + sprintf( + 'Unsupported cipher (%s) defined in config.php supported. Falling back to %s', + $cipher, + self::DEFAULT_CIPHER + ), + ['app' => 'encryption'] + ); $cipher = self::DEFAULT_CIPHER; } @@ -288,8 +286,8 @@ public function getCipher() { * @throws \InvalidArgumentException */ protected function getKeySize($cipher) { - if (isset($this->supportedCiphersAndKeySize[$cipher])) { - return $this->supportedCiphersAndKeySize[$cipher]; + if (isset(self::SUPPORTED_CIPHERS_AND_KEY_SIZE[$cipher])) { + return self::SUPPORTED_CIPHERS_AND_KEY_SIZE[$cipher]; } throw new \InvalidArgumentException( @@ -411,7 +409,7 @@ public function decryptPrivateKey($privateKey, $password = '', $uid = '') { $keyFormat = self::LEGACY_KEY_FORMAT; } - if ($keyFormat === 'hash') { + if ($keyFormat === self::DEFAULT_KEY_FORMAT) { $password = $this->generatePasswordHash($password, $cipher, $uid); }