Centralize decryption in jirafeau_decrypt_file()

Previously the decryption code in f.php was a copy of `jirafeau_decrypt_file()`. Now, we let the funtion write to `php://output`. `jirafeau_decrypt_file()` was previously broken because of me doing copy-paste...
2025-04-22 12:36:17 +02:00 · 2024-04-01 15:37:37 +02:00 · 2024-04-01 15:37:37 +02:00 · f2e7a2cb00
commit f2e7a2cb00
parent b1c96930b3
2 changed files with 10 additions and 25 deletions
--- a/f.php
+++ b/f.php
@ -248,29 +248,9 @@ if ($cfg['litespeed_workaround']) {
               $_SERVER['QUERY_STRING'] . '&litespeed_workaround=phase2');
    }
 }
-/* Read encrypted file. */
+/* Read encrypted file (Sodium mode). */
 elseif ($link['crypted']) {
-    /* Decrypt file. */
-    $r = fopen(VAR_FILES . $p . $link['hash'], 'rb');
-    $fs = fstat($r)['size'];
-
-    $crypt_header = fread($r, SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_HEADERBYTES);
-
-    /* Init module. */
-    $crypt_state = sodium_crypto_secretstream_xchacha20poly1305_init_pull($crypt_header, $crypt_key);
-
-    /* Decrypt file. */
-
-    for ($i = SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_HEADERBYTES; $i < $fs; $i += JIRAFEAU_SODIUM_CHUNKSIZE + SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES) {
-        $to_dec = fread($r, JIRAFEAU_SODIUM_CHUNKSIZE + SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES);
-        [$dec, $crypt_tag] = sodium_crypto_secretstream_xchacha20poly1305_pull($crypt_state, $to_dec);
-        echo $dec;
-    }
-
-    fclose($r);
-
-    /* Cleanup. */
-    sodium_memzero($crypt_state);
+    jirafeau_decrypt_file(VAR_FILES . $p . $link['hash'], 'php://output', $crypt_key);
 }
 /* Read encrypted file (legacy mode using mcrypt). */
 elseif ($link['crypted_legacy']) {
--- a/lib/functions.php
+++ b/lib/functions.php
@ -1267,22 +1267,27 @@ function jirafeau_decrypt_file($fp_src, $fp_dst, $k)
    }

    /* Decrypt file. */
-    $r = fopen(VAR_FILES . $p . $link['hash'], 'rb');
+    $r = fopen($fp_src, 'rb');
+    $w = fopen($fp_dst, 'wb');

    $crypt_header = fread($r, SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_HEADERBYTES);

    /* Init module. */
-    $crypt_state = sodium_crypto_secretstream_xchacha20poly1305_init_pull($crypt_header, $crypt_key);
+    $crypt_state = sodium_crypto_secretstream_xchacha20poly1305_init_pull($crypt_header, $k);

    /* Decrypt file. */

    for ($i = SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_HEADERBYTES; $i < $fs; $i += JIRAFEAU_SODIUM_CHUNKSIZE + SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES) {
        $to_dec = fread($r, JIRAFEAU_SODIUM_CHUNKSIZE + SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES);
        [$dec, $crypt_tag] = sodium_crypto_secretstream_xchacha20poly1305_pull($crypt_state, $to_dec);
-        echo $dec;
+        
+        if (fwrite($w, $dec) === false) {
+            return false;
+        }
    }

    fclose($r);
+    fclose($w);

    /* Cleanup. */
    sodium_memzero($crypt_state);