arno/ocdec
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: arno:stream-read-bash
Branches Tags
arno:master
arno:stream-read-bash
..
compare: arno:master
Branches Tags
arno:master
arno:stream-read-bash

10 Commits
stream-rea ... master

Author SHA1 Message Date
Andrey Arapov
a703dae710 Merge pull request #6 from rjaeckel/master 
decode optimization using unbuffered dd instead of sed
 2016-07-21 15:37:06 +02:00
Robert Jäckel
d1cb5a5ac9 Merge pull request #1 from arno01/master 
patch
 2016-07-21 00:14:42 +02:00
Robert Jäckel
163fb8eab7 decode optimization using unbuffered dd instead of sed 
redirecting the output of `sed` into the main loop of the decryption process lead to an unneccessary execution time and memory usage as the call had to end before the loop started it's work.
 2016-07-20 22:39:31 +02:00
Andrey Arapov
1375e66607
fixed path problem 2016-02-07 10:18:50 +01:00
Andrey Arapov
a01fd0e848
Merge branch 'rjaeckel-master' 2016-02-07 10:16:01 +01:00
rjaeckel
2adaf0464f clear CHUNK variable to avoid infinite loops 2016-01-31 23:44:19 +01:00
rjaeckel
f5156ef14c missing user parameter in filepath 2016-01-31 23:17:49 +01:00
rjaeckel
6839809335 force to read last line of encrypted file 2016-01-31 23:17:09 +01:00
rjaeckel
d25fc4b5c8 refactored decryption to use a single file operation, increases performance extremely 2016-01-30 20:58:28 +01:00
rjaeckel
15bbe37986 bugfix as openssl 1.0.2 does not accept a key longer than 64Bytes in hex 
openssl 1.0.1 just strips the key
 2016-01-30 20:54:10 +01:00
1 changed files with 16 additions and 23 deletions
Show Stats Expand all files Collapse all files

39
ocdec.sh
View File

@ -124,38 +124,31 @@ function decryptFile() {
decFileKeyContent="$( openssl rc4 -d -in "$encFileKeyPath" -iv 0 -K $decUserFileShareKeyHEX )"
decFileKeyContentHEX="$( echo -n $decFileKeyContent |od -An -tx1 |tr -dc '[:xdigit:]' )"
decFileKeyContentHEX=${decFileKeyContentHEX:0:64}
# --- Get the FileKey ---
# --- Decrypt the file ---
encFileContentsALL="$(cat "${USER}/$encFilePath")"
encFileContentsNOHEAD=$(echo -n "$encFileContentsALL" | sed -r 's/^HBEGIN:.+:HEND-*//')
pos=0; posc=0; encStream="";
# bottleneck: bash read by character is super slow
while IFS= read -r -n1 char; do
(( posc++ ))
if $(echo ${encStream: -24} |grep -Eq "^00iv00.{16}xx$"); then
plainIV=$(echo ${encStream: -24} |sed -r 's/^00iv00//;s/xx$//')
encStreamReady=${encStream:((posc - pos - 1)):((pos - 24))}
(( pos=0 ))
#echo "[::] DEBUG: " $encStreamReady with $plainIV
# can decrypt now
plainFileIVHEX=$(echo -n "$plainIV" |od -An -tx1 |tr -dc '[:xdigit:]')
openssl enc -AES-256-CFB -d -nosalt -base64 -A -K $decFileKeyContentHEX -iv $plainFileIVHEX -in <(echo "$encStreamReady")
#php -r "echo openssl_decrypt('$encStreamReady', 'AES-256-CFB', '$decFileKeyContent', false, '$plainIV');"
fi
(( pos++ ))
encStream="$encStream$char"
done <<< $encFileContentsNOHEAD
# OC writes the encrypted file in 8K chunks, each containing it's own iv in the end
chunkSize=8192
while read -d '' -n $chunkSize CHUNK || [ ! -z "$CHUNK" ]; do
#split chunk into payload an iv string (strip padding from iv)
read payload iv <<<`echo $CHUNK | sed -r 's/(.*)00iv00(.{16})xx/\1 \2/'`
CHUNK=
#if [ -z $CHUNK ]; then break; fi
# convert base64 iv into hex
iv=$(echo -n "$iv" | od -An -tx1 | tr -dc '[:xdigit:]' )
# decode chunk
openssl enc -AES-256-CFB -d -nosalt -base64 -A -K $decFileKeyContentHEX -iv $iv -in <(echo "$payload")
#done <<<`sed -r 's/^HBEGIN:.+:HEND-*//' <"${USER}/$encFilePath"` # pipe the encrypted file without head into the loop
done < <(dd bs=$chunkSize skip=1 if="${USER}/$encFilePath")
# --- Decrypt the file ---
}
# Get a username from the path (arg1)
USER="$(echo $1 |cut -sd / -f 1)"
USER="$(echo "$1" |cut -sd / -f 1)"
# Strip off the username from the path (arg1)
FILETD="$(echo $1 |cut -sd / -f 2-)"
FILETD="$(echo "$1" |cut -sd / -f 2-)"
if [ ! -r "$USER" ]; then
echo "User directory cannot be found! Are you sure you are in ownCloud's data directory?"