Merge branch 'rjaeckel-master'

This commit is contained in:
Andy 2016-02-07 10:16:01 +01:00
commit a01fd0e848
Signed by: arno
GPG Key ID: 368DDA2E9A471EAC

View File

@ -124,22 +124,22 @@ function decryptFile() {
decFileKeyContent="$( openssl rc4 -d -in "$encFileKeyPath" -iv 0 -K $decUserFileShareKeyHEX )" decFileKeyContent="$( openssl rc4 -d -in "$encFileKeyPath" -iv 0 -K $decUserFileShareKeyHEX )"
decFileKeyContentHEX="$( echo -n $decFileKeyContent |od -An -tx1 |tr -dc '[:xdigit:]' )" decFileKeyContentHEX="$( echo -n $decFileKeyContent |od -An -tx1 |tr -dc '[:xdigit:]' )"
decFileKeyContentHEX=${decFileKeyContentHEX:0:64}
# --- Get the FileKey --- # --- Get the FileKey ---
# --- Decrypt the file --- # --- Decrypt the file ---
# TODO: to figure out how to speed-up the decryption process. # OC writes the encrypted file in 8K chunks, each containing it's own iv in the end
# bottlenecks: chunkSize=8192
# - awk is running really slow, consuming lot of CPU while read -d '' -n $chunkSize CHUNK || [ ! -z "$CHUNK" ]; do
encFileContentsALL="$(cat "${USER}/$encFilePath")" #split chunk into payload an iv string (strip padding from iv)
encFileContentsNOHEAD=$(echo -n "$encFileContentsALL" | sed -r 's/^HBEGIN:.+:HEND-*//') read payload iv <<<`echo $CHUNK | sed -r 's/(.*)00iv00(.{16})xx/\1 \2/'`
N=0 CHUNK=
for IV in $(echo -n "$encFileContentsNOHEAD" |grep -E -o '00iv00.{16}xx' |sed -r 's/^00iv00//;s/xx$//'); do #if [ -z $CHUNK ]; then break; fi
N=$[N+1] # convert base64 iv into hex
encFileContentsBASE64=$(echo -n "$encFileContentsNOHEAD" |awk -F '00iv00................xx' -v N=$N '{print $N}') iv=$(echo -n "$iv" | od -An -tx1 | tr -dc '[:xdigit:]' )
plainFileIVHEX=$(echo -n "$IV" |od -An -tx1 |tr -dc '[:xdigit:]') # decode chunk
openssl enc -AES-256-CFB -d -nosalt -base64 -A -K $decFileKeyContentHEX -iv $plainFileIVHEX -in <(echo "$encFileContentsBASE64") openssl enc -AES-256-CFB -d -nosalt -base64 -A -K $decFileKeyContentHEX -iv $iv -in <(echo "$payload")
#php -r "echo openssl_decrypt('$encFileContentsBASE64', 'AES-256-CFB', '$decFileKeyContent', false, '$IV');" done <<<`sed -r 's/^HBEGIN:.+:HEND-*//' <"${USER}/$encFilePath"` # pipe the encrypted file without head into the loop
done
# --- Decrypt the file --- # --- Decrypt the file ---
} }