fixes for software end-to-end encryption issues

Signed-off-by: Matthieu Gallien <matthieu.gallien@nextcloud.com>

diff --git a/src/libsync/clientsideencryption.cpp b/src/libsync/clientsideencryption.cpp
index 5392370c22d3e7a4279da5749e0342dbff5a9547..a80268dada01f5df928ba568cf79ec859d2f4844 100644 (file)
--- a/src/libsync/clientsideencryption.cpp
+++ b/src/libsync/clientsideencryption.cpp
@@ -757,12 +757,12 @@ std::optional<QByteArray> decryptStringAsymmetric(ENGINE *sslEngine,
         return {};
     }
 
-    if (pad_mode != RSA_PKCS1_PADDING && EVP_PKEY_CTX_set_rsa_oaep_md(ctx, EVP_sha1()) <= 0) {
+    if (pad_mode != RSA_PKCS1_PADDING && EVP_PKEY_CTX_set_rsa_oaep_md(ctx, EVP_sha256()) <= 0) {
         qCInfo(lcCseDecryption()) << "Error setting OAEP SHA 256" << handleErrors();
         return {};
     }
 
-    if (pad_mode != RSA_PKCS1_PADDING && EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, EVP_sha1()) <= 0) {
+    if (pad_mode != RSA_PKCS1_PADDING && EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, EVP_sha256()) <= 0) {
         qCInfo(lcCseDecryption()) << "Error setting MGF1 padding" << handleErrors();
         return {};
     }
@@ -807,12 +807,12 @@ std::optional<QByteArray> encryptStringAsymmetric(ENGINE *sslEngine,
         return {};
     }
 
-    if (pad_mode != RSA_PKCS1_PADDING && EVP_PKEY_CTX_set_rsa_oaep_md(ctx, EVP_sha1()) <= 0) {
+    if (pad_mode != RSA_PKCS1_PADDING && EVP_PKEY_CTX_set_rsa_oaep_md(ctx, EVP_sha256()) <= 0) {
         qCInfo(lcCseEncryption()) << "Error setting OAEP SHA 256" << handleErrors();
         return {};
     }
 
-    if (pad_mode != RSA_PKCS1_PADDING && EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, EVP_sha1()) <= 0) {
+    if (pad_mode != RSA_PKCS1_PADDING && EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, EVP_sha256()) <= 0) {
         qCInfo(lcCseEncryption()) << "Error setting MGF1 padding" << handleErrors();
         return {};
     }
@@ -902,7 +902,11 @@ CertificateInformation ClientSideEncryption::getCertificateInformationByFingerpr
 
 int ClientSideEncryption::paddingMode() const
 {
-    return RSA_PKCS1_PADDING;
+    if (useTokenBasedEncryption()) {
+        return RSA_PKCS1_PADDING;
+    } else {
+        return RSA_PKCS1_OAEP_PADDING;
+    }
 }
 
 CertificateInformation ClientSideEncryption::getTokenCertificateByFingerprint(const QByteArray &expectedFingerprint) const
@@ -2714,7 +2718,7 @@ bool EncryptionHelper::dataDecryption(const QByteArray &key, const QByteArray &i
     }
 
     if (1 != EVP_DecryptFinal_ex(ctx, unsignedData(out), &len)) {
-        qCInfo(lcCse()) << "Could finalize decryption";
+        qCInfo(lcCse()) << "Could not finalize decryption";
         return false;
     }
     outputBuffer.write(out, len);

diff --git a/src/libsync/foldermetadata.cpp b/src/libsync/foldermetadata.cpp
index 8ceb22dd1ea8049984fb5d70455d1cc95f4a7a5d..0a04c832dbe9a96affc1033f10e157e61e931428 100644 (file)
--- a/src/libsync/foldermetadata.cpp
+++ b/src/libsync/foldermetadata.cpp
@@ -190,7 +190,7 @@ void FolderMetadata::setupExistingMetadata(const QByteArray &metadata)
     if (_folderUsers.contains(_account->davUser())) {
         const auto currentFolderUser = _folderUsers.value(_account->davUser());
         _e2eCertificateFingerprint = QSslCertificate{currentFolderUser.certificatePem}.digest(QCryptographicHash::Sha256).toBase64();
-        _metadataKeyForEncryption = QByteArray::fromBase64(decryptDataWithPrivateKey(currentFolderUser.encryptedMetadataKey, _e2eCertificateFingerprint));
+        _metadataKeyForEncryption = QByteArray::fromBase64(decryptDataWithPrivateKey(currentFolderUser.encryptedMetadataKey.toBase64(), _e2eCertificateFingerprint));
         _metadataKeyForDecryption = _metadataKeyForEncryption;
     }
 
@@ -454,6 +454,7 @@ QByteArray FolderMetadata::decryptDataWithPrivateKey(const QByteArray &base64Dat
         _account->reportClientStatus(OCC::ClientStatusReportingStatus::E2EeError_GeneralError);
         return {};
     }
+
     return *decryptBase64Result;
 }