Merge pull request #38584 from nextcloud/backport/38206/stable24

[stable24] Increase from 100000 to 600000 iterations for hash_pbkdf2 (cherry picked from commit a7dc41f) (cherry picked from commit 18de4a2)
nextcloud · Jul 31, 2023 · aabc8b6 · aabc8b6
1 parent 9309047
commit aabc8b6
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 11 deletions.
diff --git a/apps/encryption/lib/Crypto/Crypt.php b/apps/encryption/lib/Crypto/Crypt.php
@@ -104,7 +104,7 @@ public function __construct(ILogger $logger, IUserSession $userSession, IConfig
 		$this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : '"no user given"';
 		$this->config = $config;
 		$this->l = $l;
-		$this->supportedKeyFormats = ['hash', 'password'];
+		$this->supportedKeyFormats = ['hash2', 'hash', 'password'];
 
 		$this->supportLegacy = $this->config->getSystemValueBool('encryption.legacy_format_support', true);
 	}
@@ -208,12 +208,11 @@ public function symmetricEncryptFileContent($plainContent, $passPhrase, $version
 	/**
 	 * generate header for encrypted file
 	 *
-	 * @param string $keyFormat (can be 'hash' or 'password')
+	 * @param string $keyFormat (can be 'hash2', 'hash' or 'password')
 	 * @return string
 	 * @throws \InvalidArgumentException
 	 */
-	public function generateHeader($keyFormat = 'hash') {
-
+	public function generateHeader($keyFormat = 'hash2') {
 		if (in_array($keyFormat, $this->supportedKeyFormats, true) === false) {
 			throw new \InvalidArgumentException('key format "' . $keyFormat . '" is not supported');
 		}
@@ -353,22 +352,20 @@ private function addPadding($data) {
 	 * @param string $uid only used for user keys
 	 * @return string
 	 */
-	protected function generatePasswordHash($password, $cipher, $uid = '') {
+	protected function generatePasswordHash(string $password, string $cipher, string $uid = '', int $iterations = 600000): string {
 		$instanceId = $this->config->getSystemValue('instanceid');
 		$instanceSecret = $this->config->getSystemValue('secret');
 		$salt = hash('sha256', $uid . $instanceId . $instanceSecret, true);
 		$keySize = $this->getKeySize($cipher);
 
-		$hash = hash_pbkdf2(
+		return hash_pbkdf2(
 			'sha256',
 			$password,
 			$salt,
-			100000,
+			$iterations,
 			$keySize,
 			true
 		);
-
-		return $hash;
 	}
 
 	/**
@@ -415,7 +412,9 @@ public function decryptPrivateKey($privateKey, $password = '', $uid = '') {
 		}
 
 		if ($keyFormat === 'hash') {
-			$password = $this->generatePasswordHash($password, $cipher, $uid);
+			$password = $this->generatePasswordHash($password, $cipher, $uid, 100000);
+		} elseif ($keyFormat === 'hash2') {
+			$password = $this->generatePasswordHash($password, $cipher, $uid, 600000);
 		}
 
 		// If we found a header we need to remove it from the key we want to decrypt

diff --git a/apps/encryption/tests/Crypto/CryptTest.php b/apps/encryption/tests/Crypto/CryptTest.php
@@ -144,7 +144,7 @@ public function testGenerateHeaderInvalid() {
 	 */
 	public function dataTestGenerateHeader() {
 		return [
-			[null, 'HBEGIN:cipher:AES-128-CFB:keyFormat:hash:HEND'],
+			[null, 'HBEGIN:cipher:AES-128-CFB:keyFormat:hash2:HEND'],
 			['password', 'HBEGIN:cipher:AES-128-CFB:keyFormat:password:HEND'],
 			['hash', 'HBEGIN:cipher:AES-128-CFB:keyFormat:hash:HEND']
 		];