iqb /
ecryptfs
@@ -64,7 +64,7 @@ discard block |
||
| 64 | 64 | private $position; |
| 65 | 65 | |
| 66 | 66 | |
| 67 | - public function stream_open(string $path, string $mode, int $options, string &$opened_path = null) : bool |
|
| 67 | + public function stream_open(string $path, string $mode, int $options, string & $opened_path = null) : bool |
|
| 68 | 68 | { |
| 69 | 69 | $prefix = self::STREAM_NAME . '://'; |
| 70 | 70 | |
@@ -135,7 +135,7 @@ discard block |
||
| 135 | 135 | $startBlock = \floor(($this->position - $this->header->metadataSize) / $this->header->extentSize); |
| 136 | 136 | |
| 137 | 137 | $return = ''; |
| 138 | - for ($i=0; $i<$readBlocks && !$this->stream_eof(); $i++) { |
|
| 138 | + for ($i = 0; $i < $readBlocks && !$this->stream_eof(); $i++) { |
|
| 139 | 139 | $block = $startBlock + $i; |
| 140 | 140 | $iv = \hash("md5", $this->header->rootIv . \str_pad("$block", 16, "\0", \STR_PAD_RIGHT), true); |
| 141 | 141 | |
@@ -33,7 +33,7 @@ discard block |
||
| 33 | 33 | |
| 34 | 34 | $cipher = self::CIPHER_MAPPING[$cipherCode]; |
| 35 | 35 | |
| 36 | - if (false === ($encrypted = \openssl_encrypt($data, $cipher, $key, \OPENSSL_RAW_DATA|\OPENSSL_NO_PADDING, $iv))) { |
|
| 36 | + if (false === ($encrypted = \openssl_encrypt($data, $cipher, $key, \OPENSSL_RAW_DATA | \OPENSSL_NO_PADDING, $iv))) { |
|
| 37 | 37 | throw new \RuntimeException("Encryption failed with error: " . \openssl_error_string()); |
| 38 | 38 | } |
| 39 | 39 | |
@@ -56,7 +56,7 @@ discard block |
||
| 56 | 56 | |
| 57 | 57 | $cipher = self::CIPHER_MAPPING[$cipherCode]; |
| 58 | 58 | |
| 59 | - if (false === ($decrypted = \openssl_decrypt($data, $cipher, $key, \OPENSSL_RAW_DATA|\OPENSSL_NO_PADDING, $iv))) { |
|
| 59 | + if (false === ($decrypted = \openssl_decrypt($data, $cipher, $key, \OPENSSL_RAW_DATA | \OPENSSL_NO_PADDING, $iv))) { |
|
| 60 | 60 | throw new \RuntimeException("Decryption failed with error: " . \openssl_error_string()); |
| 61 | 61 | } |
| 62 | 62 | |
@@ -52,7 +52,7 @@ discard block |
||
| 52 | 52 | $dstByteOffset = 0; |
| 53 | 53 | $dst = []; |
| 54 | 54 | |
| 55 | - for ($srcByteOffset=0; $srcByteOffset<$srcSize; $srcByteOffset++) { |
|
| 55 | + for ($srcByteOffset = 0; $srcByteOffset < $srcSize; $srcByteOffset++) { |
|
| 56 | 56 | $byte = self::FILENAME_REVERSE_MAPPING[\ord($encoded[$srcByteOffset])]; |
| 57 | 57 | |
| 58 | 58 | switch ($currentBitOffset) { |
@@ -100,11 +100,11 @@ discard block |
||
| 100 | 100 | } |
| 101 | 101 | |
| 102 | 102 | $encoded = ''; |
| 103 | - for ($i=0; $i<$inputLength; $i+=3) { |
|
| 103 | + for ($i = 0; $i < $inputLength; $i += 3) { |
|
| 104 | 104 | $code1 = (\ord($decoded[$i]) >> 2) & 0x3F; |
| 105 | - $code2 = ((\ord($decoded[$i]) << 4) & 0x30) | ((\ord($decoded[$i+1]) >> 4) & 0x0F); |
|
| 106 | - $code3 = ((\ord($decoded[$i+1]) << 2) & 0x3C) | ((\ord($decoded[$i+2]) >> 6) & 0x03); |
|
| 107 | - $code4 = \ord($decoded[$i+2]) & 0x3F; |
|
| 105 | + $code2 = ((\ord($decoded[$i]) << 4) & 0x30) | ((\ord($decoded[$i + 1]) >> 4) & 0x0F); |
|
| 106 | + $code3 = ((\ord($decoded[$i + 1]) << 2) & 0x3C) | ((\ord($decoded[$i + 2]) >> 6) & 0x03); |
|
| 107 | + $code4 = \ord($decoded[$i + 2]) & 0x3F; |
|
| 108 | 108 | |
| 109 | 109 | $encoded .= self::PORTABLE_FILENAME_CHARS[$code1]; |
| 110 | 110 | $encoded .= self::PORTABLE_FILENAME_CHARS[$code2]; |
@@ -65,7 +65,7 @@ discard block |
||
| 65 | 65 | { |
| 66 | 66 | $key = \hash(self::KEY_DERIVATION_ALGO, \substr($salt, 0, ECRYPTFS_SALT_SIZE) . $passPhrase, true); |
| 67 | 67 | |
| 68 | - for ($i=1; $i<self::DEFAULT_NUM_HASH_ITERATIONS; $i++) { |
|
| 68 | + for ($i = 1; $i < self::DEFAULT_NUM_HASH_ITERATIONS; $i++) { |
|
| 69 | 69 | $key = \hash(self::KEY_DERIVATION_ALGO, $key, true); |
| 70 | 70 | } |
| 71 | 71 | |
@@ -119,7 +119,7 @@ discard block |
||
| 119 | 119 | * @param int $pos |
| 120 | 120 | * @return int |
| 121 | 121 | */ |
| 122 | - final public static function parseTagPacketLength(string $data, int &$pos = 0) : int |
|
| 122 | + final public static function parseTagPacketLength(string $data, int & $pos = 0) : int |
|
| 123 | 123 | { |
| 124 | 124 | $packetSize = \ord($data[$pos]); |
| 125 | 125 | if ($packetSize > 224) { |
@@ -149,7 +149,7 @@ discard block |
||
| 149 | 149 | throw new \InvalidArgumentException("Length must be an unsigned integer."); |
| 150 | 150 | } |
| 151 | 151 | |
| 152 | - if ($length > (32*256 + 255)) { |
|
| 152 | + if ($length > (32 * 256 + 255)) { |
|
| 153 | 153 | throw new \InvalidArgumentException("Length too large."); |
| 154 | 154 | } |
| 155 | 155 | |
@@ -172,7 +172,7 @@ discard block |
||
| 172 | 172 | */ |
| 173 | 173 | public static function isEncryptedFilename(string $filename) : bool |
| 174 | 174 | { |
| 175 | - return (\substr(\basename($filename), 0, \strlen(self::FNEK_ENCRYPTED_FILENAME_PREFIX )) === self::FNEK_ENCRYPTED_FILENAME_PREFIX); |
|
| 175 | + return (\substr(\basename($filename), 0, \strlen(self::FNEK_ENCRYPTED_FILENAME_PREFIX)) === self::FNEK_ENCRYPTED_FILENAME_PREFIX); |
|
| 176 | 176 | } |
| 177 | 177 | |
| 178 | 178 | |
@@ -191,7 +191,7 @@ discard block |
||
| 191 | 191 | public static function encryptFilename(CryptoEngineInterface $cryptoEngine, string $filename, string $fnek, int $cipherCode = Tag70Packet::DEFAULT_CIPHER, int $cipherKeySize = null) : string |
| 192 | 192 | { |
| 193 | 193 | $tag = Tag70Packet::generate($cryptoEngine, $filename, $fnek, $cipherCode, $cipherKeySize); |
| 194 | - return self::FNEK_ENCRYPTED_FILENAME_PREFIX . BaseConverter::encode($tag->dump()); |
|
| 194 | + return self::FNEK_ENCRYPTED_FILENAME_PREFIX . BaseConverter::encode($tag->dump()); |
|
| 195 | 195 | } |
| 196 | 196 | |
| 197 | 197 | |
@@ -205,7 +205,7 @@ discard block |
||
| 205 | 205 | } |
| 206 | 206 | |
| 207 | 207 | $dirname = \dirname($filename); |
| 208 | - $decoded = BaseConverter::decode(\substr(\basename($filename), \strlen(self::FNEK_ENCRYPTED_FILENAME_PREFIX ))); |
|
| 208 | + $decoded = BaseConverter::decode(\substr(\basename($filename), \strlen(self::FNEK_ENCRYPTED_FILENAME_PREFIX))); |
|
| 209 | 209 | $tag = Tag70Packet::parse($decoded); |
| 210 | 210 | $tag->decrypt($cryptoEngine, $key); |
| 211 | 211 | |
@@ -111,7 +111,7 @@ discard block |
||
| 111 | 111 | public function generate() : string |
| 112 | 112 | { |
| 113 | 113 | return |
| 114 | - \chr(Tag3Packet::PACKET_TYPE) |
|
| 114 | + \chr(Tag3Packet::PACKET_TYPE) |
|
| 115 | 115 | . Util::generateTagPacketLength(\strlen($this->encryptedKey) + ECRYPTFS_SALT_SIZE + 5) |
| 116 | 116 | . \chr(Tag3Packet::PACKET_VERSION) |
| 117 | 117 | . \chr($this->cipherCode) |
@@ -175,7 +175,7 @@ discard block |
||
| 175 | 175 | $cur += ECRYPTFS_SALT_SIZE; |
| 176 | 176 | |
| 177 | 177 | /* This conversion was taken straight from RFC2440 */ |
| 178 | - $hashIterations = (16 + (\ord($data[$cur]) & 15)) << ((\ord($data[$cur]) >> 4) + 6); |
|
| 178 | + $hashIterations = (16 + (\ord($data[$cur]) & 15)) << ((\ord($data[$cur]) >> 4) + 6); |
|
| 179 | 179 | $cur++; |
| 180 | 180 | |
| 181 | 181 | $encryptedKey = \substr($data, $cur, $encryptedKeySize); |
@@ -132,7 +132,7 @@ |
||
| 132 | 132 | * |
| 133 | 133 | * @link https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/tree/fs/ecryptfs/keystore.c?h=v4.11.3#n1360 |
| 134 | 134 | */ |
| 135 | - public static function parse(string $data, int &$pos = 0) : self |
|
| 135 | + public static function parse(string $data, int & $pos = 0) : self |
|
| 136 | 136 | { |
| 137 | 137 | $cur = $pos; |
| 138 | 138 | |
@@ -123,7 +123,7 @@ |
||
| 123 | 123 | $header->encryptedFileKey = $tag3->encryptedKey; |
| 124 | 124 | |
| 125 | 125 | if (!\in_array(\strlen($header->encryptedFileKey), CryptoEngineInterface::CIPHER_KEY_SIZES[$header->cipherCode])) { |
| 126 | - throw new \RuntimeException(\sprintf("Invalid key size (%u bit) for cipher 0x%x detected, file header may be corrupt!", \strlen($header->encryptedFileKey)*8, $header->cipherCode)); |
|
| 126 | + throw new \RuntimeException(\sprintf("Invalid key size (%u bit) for cipher 0x%x detected, file header may be corrupt!", \strlen($header->encryptedFileKey) * 8, $header->cipherCode)); |
|
| 127 | 127 | } |
| 128 | 128 | |
| 129 | 129 | return $header; |
@@ -61,7 +61,7 @@ discard block |
||
| 61 | 61 | . \chr(self::FORMAT_SPECIFIER) |
| 62 | 62 | . \chr(\strlen(self::PACKET_FILENAME)) |
| 63 | 63 | . self::PACKET_FILENAME |
| 64 | - . \chr(0).\chr(0).\chr(0).\chr(0) |
|
| 64 | + . \chr(0) . \chr(0) . \chr(0) . \chr(0) |
|
| 65 | 65 | . $this->contents |
| 66 | 66 | ; |
| 67 | 67 | } |
@@ -71,12 +71,12 @@ discard block |
||
| 71 | 71 | * Try to parse a Tag11 packet from the supplied data string. |
| 72 | 72 | * If the parsing was successfully, $pos will be incremented to point after the parsed data. |
| 73 | 73 | */ |
| 74 | - public static function parse(string $data, int &$pos = 0) : self |
|
| 74 | + public static function parse(string $data, int & $pos = 0) : self |
|
| 75 | 75 | { |
| 76 | 76 | $cur = $pos; |
| 77 | 77 | $remaining = \strlen($data) - $cur; |
| 78 | 78 | |
| 79 | - if ($remaining < self::MIN_PACKET_LENGTH+2) { |
|
| 79 | + if ($remaining < self::MIN_PACKET_LENGTH + 2) { |
|
| 80 | 80 | throw new ParseException('Not enough data available to read for minimum packet length.'); |
| 81 | 81 | } |
| 82 | 82 | |
@@ -110,7 +110,7 @@ discard block |
||
| 110 | 110 | } |
| 111 | 111 | $cur += $filenameLength; |
| 112 | 112 | |
| 113 | - if (\substr($data, $cur, 4) !== \chr(0).\chr(0).\chr(0).\chr(0)) { |
|
| 113 | + if (\substr($data, $cur, 4) !== \chr(0) . \chr(0) . \chr(0) . \chr(0)) { |
|
| 114 | 114 | throw new ParseException('Expected file date to be zero.'); |
| 115 | 115 | } |
| 116 | 116 | $cur += 4; |
@@ -182,7 +182,7 @@ discard block |
||
| 182 | 182 | } |
| 183 | 183 | |
| 184 | 184 | if (!$correctKeySize) { |
| 185 | - throw new \RuntimeException(\sprintf("Unable to decrypt filename, filename encryption key (FNEK) invalid or invalid key length for cipher 0x%x, tested key sizes: (%s)", $this->cipherCode, \implode(', ', \array_map(function($bytes) { return $bytes*8; }, $possibleCipherKeySizes)))); |
|
| 185 | + throw new \RuntimeException(\sprintf("Unable to decrypt filename, filename encryption key (FNEK) invalid or invalid key length for cipher 0x%x, tested key sizes: (%s)", $this->cipherCode, \implode(', ', \array_map(function($bytes) { return $bytes * 8; }, $possibleCipherKeySizes)))); |
|
| 186 | 186 | } |
| 187 | 187 | |
| 188 | 188 | list($this->padding, $this->decryptedFilename) = \explode("\0", $decrypted, 2); |
@@ -264,7 +264,7 @@ discard block |
||
| 264 | 264 | $prefix = ''; |
| 265 | 265 | $hash = $fnek; |
| 266 | 266 | |
| 267 | - for ($i=0; $i<\ceil($requiredBytes / self::DIGEST_SIZE); $i++) { |
|
| 267 | + for ($i = 0; $i < \ceil($requiredBytes / self::DIGEST_SIZE); $i++) { |
|
| 268 | 268 | $hash = \hash(self::DIGEST, $hash, true); |
| 269 | 269 | $prefix .= $hash; |
| 270 | 270 | } |
@@ -291,7 +291,7 @@ discard block |
||
| 291 | 291 | * |
| 292 | 292 | * @link https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/tree/fs/ecryptfs/keystore.c?h=v4.11.3#n892 |
| 293 | 293 | */ |
| 294 | - public static function parse(string $data, int &$pos = 0) : self |
|
| 294 | + public static function parse(string $data, int & $pos = 0) : self |
|
| 295 | 295 | { |
| 296 | 296 | $cur = $pos; |
| 297 | 297 | $tag = new self(); |
@@ -205,13 +205,9 @@ |
||
| 205 | 205 | { |
| 206 | 206 | if ($cipherKeySize === null) { |
| 207 | 207 | $cipherKeySize = Util::findCipherKeySize($cipherCode, \strlen($fnek)); |
| 208 | - } |
|
| 209 | - |
|
| 210 | - elseif (\strlen($fnek) < $cipherKeySize) { |
|
| 208 | + } elseif (\strlen($fnek) < $cipherKeySize) { |
|
| 211 | 209 | throw new \InvalidArgumentException(\şprintf("Supplied key has only %u bytes but %u bytes required for encryption.", \strlen($$fnek), $cipherKeySize)); |
| 212 | - } |
|
| 213 | - |
|
| 214 | - elseif (!\in_array($cipherKeySize, CryptoEngineInterface::CIPHER_KEY_SIZES[$cipherCode])) { |
|
| 210 | + } elseif (!\in_array($cipherKeySize, CryptoEngineInterface::CIPHER_KEY_SIZES[$cipherCode])) { |
|
| 215 | 211 | throw new \InvalidArgumentException(\şprintf("Requested key size %u bytes is unsupported for cipher 0x%x.", $cipherKeySize, $cipherCode)); |
| 216 | 212 | } |
| 217 | 213 | |
@@ -141,11 +141,11 @@ discard block |
||
| 141 | 141 | { |
| 142 | 142 | $key = \hash(ECRYPTFS_KEY_DERIVATION_ALGO, \substr($salt, 0, ECRYPTFS_SALT_SIZE) . $passphrase, true); |
| 143 | 143 | |
| 144 | - for ($i=1; $i<ECRYPTFS_DEFAULT_NUM_HASH_ITERATIONS; $i++) { |
|
| 144 | + for ($i = 1; $i < ECRYPTFS_DEFAULT_NUM_HASH_ITERATIONS; $i++) { |
|
| 145 | 145 | $key = \hash(ECRYPTFS_KEY_DERIVATION_ALGO, $key, true); |
| 146 | 146 | } |
| 147 | 147 | |
| 148 | - $signature = \substr(\hash(ECRYPTFS_KEY_DERIVATION_ALGO, $key, false), 0, ECRYPTFS_SIG_SIZE*2); |
|
| 148 | + $signature = \substr(\hash(ECRYPTFS_KEY_DERIVATION_ALGO, $key, false), 0, ECRYPTFS_SIG_SIZE * 2); |
|
| 149 | 149 | $this->keys[$signature] = \bin2hex($key); |
| 150 | 150 | |
| 151 | 151 | return $signature; |
@@ -271,7 +271,7 @@ discard block |
||
| 271 | 271 | $algo = "AES-256-ECB"; |
| 272 | 272 | } |
| 273 | 273 | |
| 274 | - if (false === ($decrypted = \openssl_decrypt($data, $algo, $key, \OPENSSL_RAW_DATA|\OPENSSL_NO_PADDING, $iv))) { |
|
| 274 | + if (false === ($decrypted = \openssl_decrypt($data, $algo, $key, \OPENSSL_RAW_DATA | \OPENSSL_NO_PADDING, $iv))) { |
|
| 275 | 275 | throw new \DomainException("Decryption failed with error: " . \openssl_error_string()); |
| 276 | 276 | } |
| 277 | 277 | |
