server icon indicating copy to clipboard operation
server copied to clipboard

Published 20 hours ago verified publisher icon nextcloud

Get rid of openssl_seal in encryption code

Open LukasReschke opened this issue 8 years ago • 5 comments

We should get rid of openssl_seal in the encryption app as that uses the RC4 cipher which considered out-of-date. At the moment it is used for encrypting multi-keys to file recipients.

We should replace the openssl_seal part with an approach using openssl_public_encrypt (OPENSSL_PKCS1_OAEP_PADDING).

cc @schiessle @oparoz @karlitschek

LukasReschke avatar Nov 17 '16 15:11 LukasReschke

agreed. 👍 Please keep backward compatibility in mind.

karlitschek avatar Nov 17 '16 16:11 karlitschek

I would suggest to make this changes in a new encryption module, there are some other stuff we can improve as well. The advantage of doing this in a second encryption module is that backward compatibility is easy and we don't face any limitations because of backward compatibility for the new module: Admin can just enable the new module along the old one and set the new one to "default". Every file newly encrypted will be encrypted with the new module and old files can still be loaded with the old encryption module. I think a good time for a new module would be if we can also chose a Cipher which takes care about all the signing stuff.

schiessle avatar Nov 29 '16 10:11 schiessle

Ok. Good point. Let's take a look at that for 12. Going this approach we should take the less error-prone approach and use the OpenSSL AEAD support in PHP 7.1. So basically a new encryption module that requires at least PHP 7.1. I checked with @oparoz on that and this would be ok for this customer.

LukasReschke avatar Dec 08 '16 17:12 LukasReschke

See also https://github.com/nextcloud/server/issues/20146#issuecomment-604731263

J0WI avatar Mar 26 '20 23:03 J0WI

Getting rid of RC4 isn't dependent on replacing openssl_seal() and openssl_open() nowadays as the functions got an argument to switch the cipher algorithm. However, the functions still don't support AEADs as they don't return the corresponding tags.

With https://github.com/nextcloud/server/pull/35916 I introduced wrapped_openssl_seal() and wrapped_openssl_open() which contains a reimplementation of openssl_seal() and openssl_open(). These functions therefore contain everything that's needed to replace the standard functions with something individual which could also properly handle AEAD tags.

yahesh avatar Dec 30 '22 10:12 yahesh

Preparations have been done in https://github.com/nextcloud/server/pull/36173.

yahesh avatar Mar 02 '23 15:03 yahesh

Implemented in #37243.

yahesh avatar Apr 25 '23 07:04 yahesh