Merge pull request #6 from rjaeckel/master

decode optimization using unbuffered dd instead of sed
Merge pull request #1 from arno01/master
1 changed files with 16 additions and 15 deletions
--- a/ocdec.sh
+++ b/ocdec.sh
@ -124,30 +124,31 @@ function decryptFile() {

  decFileKeyContent="$( openssl rc4 -d -in "$encFileKeyPath" -iv 0 -K $decUserFileShareKeyHEX )"
  decFileKeyContentHEX="$( echo -n $decFileKeyContent |od -An -tx1 |tr -dc '[:xdigit:]' )"
+  decFileKeyContentHEX=${decFileKeyContentHEX:0:64}
  # --- Get the FileKey ---

  # --- Decrypt the file ---
-  # TODO: to figure out how to speed-up the decryption process.
-  #       bottlenecks:
-  #        - awk is running really slow, consuming lot of CPU
-  encFileContentsALL="$(cat "${USER}/$encFilePath")"
-  encFileContentsNOHEAD=$(echo -n "$encFileContentsALL" | sed -r 's/^HBEGIN:.+:HEND-*//')
-  N=0
-  for IV in $(echo -n "$encFileContentsNOHEAD" |grep -E -o '00iv00.{16}xx' |sed -r 's/^00iv00//;s/xx$//'); do
-    N=$[N+1]
-    encFileContentsBASE64=$(echo -n "$encFileContentsNOHEAD" |awk -F '00iv00................xx' -v N=$N '{print $N}')
-    plainFileIVHEX=$(echo -n "$IV" |od -An -tx1 |tr -dc '[:xdigit:]')
-    openssl enc -AES-256-CFB -d -nosalt -base64 -A -K $decFileKeyContentHEX -iv $plainFileIVHEX -in <(echo "$encFileContentsBASE64")
-    #php -r "echo openssl_decrypt('$encFileContentsBASE64', 'AES-256-CFB', '$decFileKeyContent', false, '$IV');"
-  done
+  # OC writes the encrypted file in 8K chunks, each containing it's own iv in the end
+  chunkSize=8192
+  while read -d '' -n $chunkSize CHUNK || [ ! -z "$CHUNK" ]; do
+    #split chunk into payload an iv string (strip padding from iv)          
+    read payload iv <<<`echo $CHUNK | sed -r 's/(.*)00iv00(.{16})xx/\1 \2/'`
+    CHUNK=
+    #if [ -z $CHUNK ]; then break; fi
+    # convert base64 iv into hex
+    iv=$(echo -n "$iv" | od -An -tx1 | tr -dc '[:xdigit:]' )
+    # decode chunk
+    openssl enc -AES-256-CFB -d -nosalt -base64 -A -K $decFileKeyContentHEX -iv $iv -in <(echo "$payload")
+    #done <<<`sed -r 's/^HBEGIN:.+:HEND-*//' <"${USER}/$encFilePath"` # pipe the encrypted file without head into the loop
+    done < <(dd bs=$chunkSize skip=1 if="${USER}/$encFilePath")
  # --- Decrypt the file ---
 }

 # Get a username from the path (arg1)
-USER="$(echo $1 |cut -sd / -f 1)"
+USER="$(echo "$1" |cut -sd / -f 1)"

 # Strip off the username from the path (arg1)
-FILETD="$(echo $1 |cut -sd / -f 2-)"
+FILETD="$(echo "$1" |cut -sd / -f 2-)"

 if [ ! -r "$USER" ]; then
  echo "User directory cannot be found! Are you sure you are in ownCloud's data directory?"
Author	SHA1	Message	Date
Andy	a703dae710	Merge pull request #6 from rjaeckel/master decode optimization using unbuffered dd instead of sed	8 years ago
Robert Jäckel	d1cb5a5ac9	Merge pull request #1 from arno01/master patch	8 years ago
Robert Jäckel	163fb8eab7	decode optimization using unbuffered dd instead of sed redirecting the output of `sed` into the main loop of the decryption process lead to an unneccessary execution time and memory usage as the call had to end before the loop started it's work.	8 years ago
Andy	1375e66607	fixed path problem	8 years ago
Andy	a01fd0e848	Merge branch 'rjaeckel-master'	8 years ago
rjaeckel	2adaf0464f	clear CHUNK variable to avoid infinite loops	8 years ago
rjaeckel	f5156ef14c	missing user parameter in filepath	8 years ago
rjaeckel	6839809335	force to read last line of encrypted file	8 years ago
rjaeckel	d25fc4b5c8	refactored decryption to use a single file operation, increases performance extremely	8 years ago
rjaeckel	15bbe37986	bugfix as openssl 1.0.2 does not accept a key longer than 64Bytes in hex openssl 1.0.1 just strips the key	8 years ago