wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Allow to disable the signature check

Browse source 
This allows you to recover encryption files even if the signature is broken

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
This commit is contained in:
Bjoern Schiessle 2018-11-27 11:08:41 +01:00
parent 68ad2ae118
commit 7a61ffc3dd
No known key found for this signature in database
GPG key ID: 2378A753E2BF04F6
1 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
apps/encryption/lib/Crypto/Crypt.php
View file

@ -482,9 +482,15 @@ class Crypt {
* @throws GenericEncryptionException
*/
private function checkSignature($data, $passPhrase, $expectedSignature) {
$skipSignatureCheck = $this->config->getSystemValue('encryption_skip_signature_check', false);
$signature = $this->createSignature($data, $passPhrase);
if (!hash_equals($expectedSignature, $signature)) {
$hash = hash_equals($expectedSignature, $signature);
if (!$hash && $skipSignatureCheck === false) {
throw new GenericEncryptionException('Bad Signature', $this->l->t('Bad Signature'));
} else if (!$hash && $skipSignatureCheck) {
$this->logger->info("Signature check skipped", ['app' => 'encryption']);
}
}