diff --git a/inc/SP/Account/Account.class.php b/inc/SP/Account/Account.class.php
index 714ca089..a52c4ac2 100644
--- a/inc/SP/Account/Account.class.php
+++ b/inc/SP/Account/Account.class.php
@@ -24,6 +24,7 @@
namespace SP\Account;
+use SP\Core\Crypt\Crypt;
use SP\Core\OldCrypt;
use SP\Core\Exceptions\SPException;
use SP\Core\Session;
@@ -303,9 +304,9 @@ class Account extends AccountBase implements AccountInterface
*/
protected function setPasswordEncrypted($masterPass = null)
{
- $securedKey = Crypt\Crypt::makeSecuredKey($masterPass);
+ $securedKey = Crypt::makeSecuredKey($masterPass);
- $this->accountData->setAccountPass(Crypt\Crypt::encrypt($this->accountData->getAccountPass(), $securedKey));
+ $this->accountData->setAccountPass(Crypt::encrypt($this->accountData->getAccountPass(), $securedKey));
$this->accountData->setAccountIV($securedKey);
}
diff --git a/inc/SP/Account/AccountCrypt.php b/inc/SP/Account/AccountCrypt.php
index 1594665c..34c2a2a5 100644
--- a/inc/SP/Account/AccountCrypt.php
+++ b/inc/SP/Account/AccountCrypt.php
@@ -24,6 +24,7 @@
namespace SP\Account;
+use SP\Core\Crypt\Crypt;
use SP\Core\OldCrypt;
use SP\Core\Exceptions\SPException;
use SP\Core\Session;
@@ -100,9 +101,9 @@ class AccountCrypt
$decryptedPass = OldCrypt::getDecrypt($account->account_pass, $account->account_IV, $currentMasterPass);
- $securedKey = Crypt\Crypt::makeSecuredKey($currentMasterPass);
+ $securedKey = Crypt::makeSecuredKey($currentMasterPass);
- $AccountData->setAccountPass(Crypt\Crypt::encrypt($decryptedPass, $securedKey));
+ $AccountData->setAccountPass(Crypt::encrypt($decryptedPass, $securedKey));
$AccountData->setAccountIV($securedKey);
try {
@@ -176,11 +177,11 @@ class AccountCrypt
$LogMessage->addDetails(__('IV de encriptación incorrecto', false), sprintf('%s (%d)', $account->account_name, $account->account_id));
}
- $currentSecuredKey = Crypt\Crypt::unlockSecuredKey($account->account_IV, $currentMasterPass);
- $decryptedPass = Crypt\Crypt::decrypt($account->account_pass, $currentSecuredKey);
+ $currentSecuredKey = Crypt::unlockSecuredKey($account->account_IV, $currentMasterPass);
+ $decryptedPass = Crypt::decrypt($account->account_pass, $currentSecuredKey);
- $newSecuredKey = Crypt\Crypt::makeSecuredKey($newMasterPass);
- $AccountData->setAccountPass(Crypt\Crypt::encrypt($decryptedPass, $newSecuredKey));
+ $newSecuredKey = Crypt::makeSecuredKey($newMasterPass);
+ $AccountData->setAccountPass(Crypt::encrypt($decryptedPass, $newSecuredKey));
$AccountData->setAccountIV($newSecuredKey);
try {
diff --git a/inc/SP/Account/AccountHistoryCrypt.php b/inc/SP/Account/AccountHistoryCrypt.php
index 3b816d78..4e11b986 100644
--- a/inc/SP/Account/AccountHistoryCrypt.php
+++ b/inc/SP/Account/AccountHistoryCrypt.php
@@ -25,6 +25,8 @@
namespace SP\Account;
use SP\Config\ConfigDB;
+use SP\Core\Crypt\Crypt;
+use SP\Core\Crypt\Hash;
use SP\Core\OldCrypt;
use SP\Core\Exceptions\SPException;
use SP\Log\Email;
@@ -83,7 +85,7 @@ class AccountHistoryCrypt
$AccountDataBase->id = 0;
$AccountDataBase->pass = '';
$AccountDataBase->iv = '';
- $AccountDataBase->hash = Crypt\Hash::hashKey($currentMasterPass);
+ $AccountDataBase->hash = Hash::hashKey($currentMasterPass);
foreach ($accountsPass as $account) {
$AccountData = clone $AccountDataBase;
@@ -107,9 +109,9 @@ class AccountHistoryCrypt
$decryptedPass = OldCrypt::getDecrypt($account->acchistory_pass, $account->acchistory_IV, $currentMasterPass);
- $securedKey = Crypt\Crypt::makeSecuredKey($currentMasterPass);
+ $securedKey = Crypt::makeSecuredKey($currentMasterPass);
- $AccountData->pass = Crypt\Crypt::encrypt($decryptedPass, $securedKey);
+ $AccountData->pass = Crypt::encrypt($decryptedPass, $securedKey);
$AccountData->iv = $securedKey;
try {
@@ -184,7 +186,7 @@ class AccountHistoryCrypt
$AccountDataBase->id = 0;
$AccountDataBase->pass = '';
$AccountDataBase->iv = '';
- $AccountDataBase->hash = Crypt\Hash::hashKey($newMasterPass);
+ $AccountDataBase->hash = Hash::hashKey($newMasterPass);
foreach ($accountsPass as $account) {
$AccountData = clone $AccountDataBase;
@@ -206,11 +208,11 @@ class AccountHistoryCrypt
$LogMessage->addDetails(__('IV de encriptación incorrecto', false), sprintf('%s (%d)', $account->acchistory_name, $account->acchistory_id));
}
- $currentSecuredKey = Crypt\Crypt::unlockSecuredKey($account->acchistory_IV, $currentMasterPass);
- $decryptedPass = Crypt\Crypt::decrypt($account->acchistory_pass, $currentSecuredKey);
+ $currentSecuredKey = Crypt::unlockSecuredKey($account->acchistory_IV, $currentMasterPass);
+ $decryptedPass = Crypt::decrypt($account->acchistory_pass, $currentSecuredKey);
- $newSecuredKey = Crypt\Crypt::makeSecuredKey($newMasterPass);
- $AccountData->acchistory_pass = Crypt\Crypt::encrypt($decryptedPass, $newSecuredKey);
+ $newSecuredKey = Crypt::makeSecuredKey($newMasterPass);
+ $AccountData->acchistory_pass = Crypt::encrypt($decryptedPass, $newSecuredKey);
$AccountData->acchistory_IV = $newSecuredKey;
try {
diff --git a/inc/SP/Api/SyspassApi.class.php b/inc/SP/Api/SyspassApi.class.php
index 15535de8..50424aa9 100644
--- a/inc/SP/Api/SyspassApi.class.php
+++ b/inc/SP/Api/SyspassApi.class.php
@@ -31,6 +31,7 @@ use SP\Account\AccountUtil;
use SP\Core\Acl;
use SP\Core\ActionsInterface;
use SP\Core\Backup;
+use SP\Core\Crypt\Crypt;
use SP\Core\OldCrypt;
use SP\Core\Exceptions\SPException;
use SP\DataModel\AccountExtData;
@@ -84,11 +85,11 @@ class SyspassApi extends ApiBase
$LogMessage->addDetails(__('Origen', false), 'API');
$this->Log->writeLog();
- $securedKey = Crypt\Crypt::unlockSecuredKey($AccountData->getAccountIV(), $this->mPass);
+ $securedKey = Crypt::unlockSecuredKey($AccountData->getAccountIV(), $this->mPass);
$ret = [
'itemId' => $accountId,
- 'pass' => Crypt\Crypt::decrypt($AccountData->getAccountPass(), $securedKey)
+ 'pass' => Crypt::decrypt($AccountData->getAccountPass(), $securedKey)
];
if ($this->getParam('details', false, 0)) {
diff --git a/inc/SP/Controller/AccountController.class.php b/inc/SP/Controller/AccountController.class.php
index d8f00b17..463d0a68 100644
--- a/inc/SP/Controller/AccountController.class.php
+++ b/inc/SP/Controller/AccountController.class.php
@@ -34,6 +34,7 @@ use SP\Account\UserAccounts;
use SP\Config\Config;
use SP\Core\Acl;
use SP\Core\ActionsInterface;
+use SP\Core\Crypt\Crypt;
use SP\Core\OldCrypt;
use SP\Core\Exceptions\SPException;
use SP\Core\Init;
@@ -150,11 +151,11 @@ class AccountController extends ControllerBase implements ActionsInterface
$AccountPassData = $this->Account->getAccountPassData();
// Obtener la llave de la clave maestra
- $securedKey = Crypt\Crypt::unlockSecuredKey($PublicLinkData->getPassIV(), Config::getConfig()->getPasswordSalt() . $PublicLinkData->getLinkHash());
+ $securedKey = Crypt::unlockSecuredKey($PublicLinkData->getPassIV(), Config::getConfig()->getPasswordSalt() . $PublicLinkData->getLinkHash());
// Desencriptar la clave de la cuenta
- $accountSecuredKey = Crypt\Crypt::unlockSecuredKey($AccountPassData->getAccountIV(), Crypt\Crypt::decrypt($PublicLinkData->getPass(), $securedKey));
- $accountPass = Crypt\Crypt::decrypt($AccountPassData->getAccountPass(), $accountSecuredKey);
+ $accountSecuredKey = Crypt::unlockSecuredKey($AccountPassData->getAccountIV(), Crypt::decrypt($PublicLinkData->getPass(), $securedKey));
+ $accountPass = Crypt::decrypt($AccountPassData->getAccountPass(), $accountSecuredKey);
$this->view->assign('useImage', Config::getConfig()->isPublinksImageEnabled() || Config::getConfig()->isAccountPassToImage());
diff --git a/inc/SP/Controller/ConfigActionController.class.php b/inc/SP/Controller/ConfigActionController.class.php
index 9e7b52ae..6a9c4b00 100644
--- a/inc/SP/Controller/ConfigActionController.class.php
+++ b/inc/SP/Controller/ConfigActionController.class.php
@@ -24,25 +24,21 @@
namespace SP\Controller;
-use SP\Account\Account;
use SP\Account\AccountCrypt;
-use SP\Account\AccountHistory;
use SP\Account\AccountHistoryCrypt;
use SP\Config\Config;
use SP\Config\ConfigDB;
use SP\Core\ActionsInterface;
use SP\Core\Backup;
-use SP\Core\OldCrypt;
use SP\Core\Crypt\Hash;
+use SP\Core\Crypt\Session as CryptSession;
use SP\Core\CryptMasterPass;
use SP\Core\Exceptions\SPException;
use SP\Core\Init;
use SP\Core\Messages\LogMessage;
use SP\Core\Messages\NoticeMessage;
use SP\Core\Session;
-use SP\Core\SessionUtil;
use SP\Core\XmlExport;
-use SP\Html\Html;
use SP\Http\Request;
use SP\Import\Import;
use SP\Import\ImportParams;
@@ -590,7 +586,7 @@ class ConfigActionController implements ItemControllerInterface
$this->LogMessage->setAction(__('Actualizar Clave Maestra', false));
- if (ConfigDB::setValue('masterPwd', Hash::hashKey(Crypt\Session::getSessionKey()))) {
+ if (ConfigDB::setValue('masterPwd', Hash::hashKey(CryptSession::getSessionKey()))) {
$this->LogMessage->addDescription(__('Hash de clave maestra actualizado', false));
$this->JsonResponse->setStatus(0);
diff --git a/inc/SP/Controller/ItemShowController.class.php b/inc/SP/Controller/ItemShowController.class.php
index 8f4ec64c..7f348fd4 100644
--- a/inc/SP/Controller/ItemShowController.class.php
+++ b/inc/SP/Controller/ItemShowController.class.php
@@ -31,7 +31,8 @@ use SP\Account\AccountAcl;
use SP\Account\AccountHistory;
use SP\Api\ApiTokensUtil;
use SP\Core\ActionsInterface;
-use SP\Core\OldCrypt;
+use SP\Core\Crypt\Crypt;
+use SP\Core\Crypt\Session as CryptSession;
use SP\Core\Exceptions\ItemException;
use SP\Core\Plugin\PluginUtil;
use SP\Core\Session;
@@ -513,8 +514,8 @@ class ItemShowController extends ControllerBase implements ActionsInterface, Ite
throw new ItemException(__('Clave maestra actualizada', false) . '
' . __('Reinicie la sesión para cambiarla', false));
}
- $securedKey = Crypt\Crypt::unlockSecuredKey($AccountData->getAccountIV(), Crypt\Session::getSessionKey());
- $accountClearPass = Crypt\Crypt::decrypt($AccountData->getAccountPass(), $securedKey);
+ $securedKey = Crypt::unlockSecuredKey($AccountData->getAccountIV(), CryptSession::getSessionKey());
+ $accountClearPass = Crypt::decrypt($AccountData->getAccountPass(), $securedKey);
if (!$isHistory) {
$Account->incrementDecryptCounter();
diff --git a/inc/SP/Controller/LoginController.class.php b/inc/SP/Controller/LoginController.class.php
index 53a1788f..dc1030be 100644
--- a/inc/SP/Controller/LoginController.class.php
+++ b/inc/SP/Controller/LoginController.class.php
@@ -30,7 +30,6 @@ use SP\Auth\AuthUtil;
use SP\Auth\Browser\BrowserAuthData;
use SP\Auth\Database\DatabaseAuthData;
use SP\Auth\Ldap\LdapAuthData;
-use SP\Core\Crypt\Crypt;
use SP\Core\Crypt\Session as CryptSession;
use SP\Core\CryptMasterPass;
use SP\Core\DiFactory;
diff --git a/inc/SP/Core/Init.class.php b/inc/SP/Core/Init.class.php
index 585330f0..e43cb661 100644
--- a/inc/SP/Core/Init.class.php
+++ b/inc/SP/Core/Init.class.php
@@ -40,6 +40,7 @@ use SP\Storage\DBUtil;
use SP\Util\Checks;
use SP\Util\Json;
use SP\Util\Util;
+use SP\Core\Crypt\Session as CryptSession;
defined('APP_ROOT') || die();
@@ -143,7 +144,7 @@ class Init
Language::setLanguage(true);
DiFactory::getTheme()->initTheme(true);
- if (self::isLoggedIn()){
+ if (self::isLoggedIn()) {
// Recargar los permisos del perfil de usuario
Session::setUserProfile(Profile::getItem()->getById(Session::getUserData()->getUserProfileId()));
// Reset de los datos de ACL de cuentas
@@ -165,8 +166,8 @@ class Init
// Comprobar si es cierre de sesión
self::checkLogout();
- // Comprobar la versión y actualizarla
- self::checkDbVersion();
+ // Comprobar si es necesario actualizar componentes
+ self::checkUpgrade();
// Inicializar la sesión
self::initSession();
@@ -305,8 +306,8 @@ class Init
* Devuelve un error utilizando la plantilla de error o en formato JSON
*
* @param string $message con la descripción del error
- * @param string $hint opcional, con una ayuda sobre el error
- * @param bool $headers
+ * @param string $hint opcional, con una ayuda sobre el error
+ * @param bool $headers
* @throws \SP\Core\Exceptions\SPException
*/
public static function initError($message, $hint = '', $headers = false)
@@ -495,6 +496,16 @@ class Init
}
}
+ /**
+ * Comprobar si el usuario está logado.
+ *
+ * @returns bool
+ */
+ public static function isLoggedIn()
+ {
+ return (DiFactory::getDBStorage()->getDbStatus() === 0 && Session::getUserData()->getUserLogin());
+ }
+
/**
* Comprueba que la aplicación esté instalada
* Esta función comprueba si la aplicación está instalada. Si no lo está, redirige al instalador.
@@ -555,16 +566,6 @@ class Init
return false;
}
- /**
- * Comprobar si el usuario está logado.
- *
- * @returns bool
- */
- public static function isLoggedIn()
- {
- return (DiFactory::getDBStorage()->getDbStatus() === 0 && Session::getUserData()->getUserLogin());
- }
-
/**
* Comprobar si es necesario cerrar la sesión
*/
@@ -613,62 +614,17 @@ class Init
}
/**
- * Comrpueba y actualiza la versión de la aplicación.
- *
- * @throws \SP\Core\Exceptions\SPException
+ * Comprobar si es necesario actualizar componentes
*/
- private static function checkDbVersion()
+ private static function checkUpgrade()
{
- if (self::$SUBURI !== '/index.php' || Request::analyze('logout', 0) === 1) {
+ if (self::$SUBURI !== '/index.php') {
return;
}
- $update = false;
- $databaseVersion = (int)str_replace('.', '', ConfigDB::getValue('version'));
$appVersion = (int)implode(Util::getVersion(true));
- if ($databaseVersion < $appVersion
- && Request::analyze('nodbupgrade', 0) === 0
- && Upgrade::needDBUpgrade($databaseVersion)
- ) {
- if (!self::checkMaintenanceMode(true)) {
- $upgradeKey = Config::getConfig()->getUpgradeKey();
-
- if (empty($upgradeKey)) {
- Config::getConfig()->setUpgradeKey(sha1(uniqid(mt_rand(), true)));
- Config::getConfig()->setMaintenance(true);
- Config::saveConfig(null, false);
- }
-
- self::initError(__('La aplicación necesita actualizarse'), sprintf(__('Si es un administrador pulse en el enlace: %s'), '' . __('Actualizar') . ''));
- } else {
- $action = Request::analyze('a');
- $hash = Request::analyze('h');
- $confirm = Request::analyze('chkConfirm', false, false, true);
-
- if ($confirm === true
- && $action === 'upgrade'
- && $hash === Config::getConfig()->getUpgradeKey()
- ) {
- try {
- $update = Upgrade::doUpgrade($databaseVersion);
-
- ConfigDB::setValue('version', $appVersion);
- Config::getConfig()->setMaintenance(false);
- Config::getConfig()->setUpgradeKey('');
- Config::saveConfig();
- } catch (SPException $e) {
- $hint = $e->getHint() . '' . __('Acceder') . '
';
- self::initError($e->getMessage(), $hint);
- }
- } else {
- $controller = new MainController();
- $controller->getUpgrade();
- }
- }
- }
-
- if ($update === true) {
+ if (self::checkDbVersion($appVersion)) {
$Log = new Log();
$LogMessage = $Log->getLogMessage();
$LogMessage->setAction(__('Actualización', false));
@@ -683,6 +639,55 @@ class Init
}
}
+ /**
+ * Comrpueba y actualiza la versión de la aplicación.
+ *
+ * @param $appVersion
+ * @return bool
+ */
+ private static function checkDbVersion($appVersion)
+ {
+ $databaseVersion = (int)str_replace('.', '', ConfigDB::getValue('version'));
+
+ if ($databaseVersion < $appVersion
+ && Request::analyze('nodbupgrade', 0) === 0
+ && Upgrade::needDBUpgrade($databaseVersion)
+ ) {
+ if (!self::checkMaintenanceMode(true)) {
+ Upgrade::setUpgradeKey('db');
+ } else {
+ $action = Request::analyze('a');
+ $hash = Request::analyze('h');
+ $confirm = Request::analyze('chkConfirm', false, false, true);
+
+ if ($confirm === true
+ && $action === 'upgrade'
+ && $hash === Config::getConfig()->getUpgradeKey()
+ ) {
+ try {
+ Upgrade::doUpgrade($databaseVersion);
+
+ ConfigDB::setValue('version', $appVersion);
+
+ Config::getConfig()->setMaintenance(false);
+ Config::getConfig()->setUpgradeKey('');
+ Config::saveConfig();
+
+ return true;
+ } catch (SPException $e) {
+ $hint = $e->getHint() . '' . __('Acceder') . '
';
+ self::initError($e->getMessage(), $hint);
+ }
+ } else {
+ $controller = new MainController();
+ $controller->getUpgrade();
+ }
+ }
+ }
+
+ return false;
+ }
+
/**
* Inicialiar la sesión de usuario
*
@@ -711,13 +716,15 @@ class Init
if (Session::getSidStartTime() === 0) {
Session::setSidStartTime(time());
Session::setStartActivity(time());
- } else if (Session::getUserData()->getUserId() > 0 && time() - Session::getSidStartTime() > $sessionLifeTime / 2) {
- $sessionMPass = Crypt\Session::getSessionKey();
+ } else if (Session::getUserData()->getUserId() > 0
+ && time() - Session::getSidStartTime() > $sessionLifeTime / 2
+ ) {
+ $sessionMPass = CryptSession::getSessionKey();
session_regenerate_id(true);
// Regenerar la clave maestra
- Crypt\Session::saveSessionKey($sessionMPass);
+ CryptSession::saveSessionKey($sessionMPass);
Session::setSidStartTime(time());
// Recargar los permisos del perfil de usuario
diff --git a/inc/SP/Core/SessionUtil.class.php b/inc/SP/Core/SessionUtil.class.php
index 05f97c7b..a71debf8 100644
--- a/inc/SP/Core/SessionUtil.class.php
+++ b/inc/SP/Core/SessionUtil.class.php
@@ -27,7 +27,7 @@ namespace SP\Core;
use SP\Config\Config;
use SP\DataModel\UserData;
use SP\Mgmt\Profiles\Profile;
-use SP\Core\Crypt\Session as SessionCrypt;
+use SP\Core\Crypt\Session as CryptSession;
defined('APP_ROOT') || die();
@@ -70,7 +70,7 @@ class SessionUtil
*/
public static function getSessionMPass()
{
- return SessionCrypt::getSessionKey();
+ return CryptSession::getSessionKey();
}
/**
diff --git a/inc/SP/Core/Upgrade.class.php b/inc/SP/Core/Upgrade.class.php
index 2879fb7b..c0c24683 100644
--- a/inc/SP/Core/Upgrade.class.php
+++ b/inc/SP/Core/Upgrade.class.php
@@ -28,6 +28,7 @@ namespace SP\Core;
use SP\Config\Config;
use SP\Config\ConfigData;
use SP\Core\Exceptions\SPException;
+use SP\Core\Upgrade\Crypt;
use SP\Core\Upgrade\Group;
use SP\Core\Upgrade\Profile;
use SP\Core\Upgrade\User;
@@ -42,6 +43,7 @@ use SP\Mgmt\Users\UserMigrate;
use SP\Mgmt\Users\UserPreferencesUtil;
use SP\Storage\DB;
use SP\Storage\QueryData;
+use SP\Util\Util;
defined('APP_ROOT') || die();
@@ -52,7 +54,7 @@ class Upgrade
{
private static $dbUpgrade = [110, 1121, 1122, 1123, 11213, 11219, 11220, 12001, 12002, 1316011001, 1316020501, 1316100601, 20017011302, 20017011701, 20017012901];
private static $cfgUpgrade = [1124, 1316020501, 20017011202];
- private static $auxUpgrade = [12001, 12002, 20017010901, 20017011202];
+ private static $auxUpgrade = [12001, 12002, 20017010901, 20017011202, 20017021601];
/**
* Inicia el proceso de actualización de la BBDD.
@@ -70,7 +72,7 @@ class Upgrade
foreach (self::$dbUpgrade as $upgradeVersion) {
if ($version < $upgradeVersion) {
- if (self::auxPreUpgrades($upgradeVersion) === false) {
+ if (self::auxPreDbUpgrade($upgradeVersion) === false) {
DB::rollbackTransaction();
throw new SPException(SPException::SP_CRITICAL,
@@ -108,7 +110,7 @@ class Upgrade
* @param $version
* @return bool
*/
- private static function auxPreUpgrades($version)
+ private static function auxPreDbUpgrade($version)
{
switch ($version) {
case 1316011001:
@@ -219,6 +221,10 @@ class Upgrade
return CustomFieldsUtil::migrateCustomFields() && UserPreferencesUtil::migrate();
case 20017011202:
return UserPreferencesUtil::migrate();
+ case 20017021601:
+ $masterPass = Request::analyze('mpass');
+
+ return !empty($masterPass) && Crypt::migrateHash($masterPass) && Crypt::migrate($masterPass);
}
return true;
@@ -398,4 +404,22 @@ class Upgrade
'setWikiSearchUrl' => ['wikisearchurl', 'wiki_searchurl']
];
}
+
+ /**
+ * Establecer la key de actualización
+ *
+ * @param string $type Tipo de actualización
+ */
+ public static function setUpgradeKey($type)
+ {
+ $upgradeKey = Config::getConfig()->getUpgradeKey();
+
+ if (empty($upgradeKey)) {
+ Config::getConfig()->setUpgradeKey(Util::generateRandomBytes(64));
+ Config::getConfig()->setMaintenance(true);
+ Config::saveConfig(null, false);
+ }
+
+ Init::initError(__('La aplicación necesita actualizarse'), sprintf(__('Si es un administrador pulse en el enlace: %s'), '' . __('Actualizar') . ''));
+ }
}
\ No newline at end of file
diff --git a/inc/SP/Core/Upgrade/Crypt.class.php b/inc/SP/Core/Upgrade/Crypt.class.php
index 3141ad21..e4b77f4d 100644
--- a/inc/SP/Core/Upgrade/Crypt.class.php
+++ b/inc/SP/Core/Upgrade/Crypt.class.php
@@ -33,6 +33,7 @@ use SP\Core\Crypt\Hash;
use SP\Core\Exceptions\SPException;
use SP\Log\Log;
use SP\Mgmt\CustomFields\CustomFieldsUtil;
+use SP\Storage\DB;
/**
* Class Crypt
@@ -50,11 +51,19 @@ class Crypt
public static function migrate(&$masterPass)
{
try {
+ DB::beginTransaction();
+
self::migrateAccounts($masterPass);
self::migrateCustomFields($masterPass);
+
+ DB::endTransaction();
} catch (CryptoException $e) {
+ DB::rollbackTransaction();
+
return false;
} catch (SPException $e) {
+ DB::rollbackTransaction();
+
return false;
}
@@ -115,13 +124,14 @@ class Crypt
return true;
}
- // Hash de clave maestra anterior a 2.0.0.17013101
+ // Hash de clave maestra anterior a 2.0.0.17013101
+ // Hash de clave maestra anterior a 2.0.0.17021601
} elseif (hash_equals(crypt($masterPass, substr($configHashMPass, 0, 72)), substr($configHashMPass, 72))
|| hash_equals(crypt($masterPass, substr($configHashMPass, 0, 30)), substr($configHashMPass, 30))
) {
ConfigDB::setValue('masterPwd', Hash::hashKey($masterPass));
-
Log::writeNewLog(__('Aviso', false), __('Se ha regenerado el HASH de clave maestra. No es necesaria ninguna acción.', false), Log::NOTICE);
+
return true;
}
diff --git a/inc/SP/Import/ImportBase.class.php b/inc/SP/Import/ImportBase.class.php
index 1627e3a7..1ebc7804 100644
--- a/inc/SP/Import/ImportBase.class.php
+++ b/inc/SP/Import/ImportBase.class.php
@@ -25,6 +25,7 @@
namespace SP\Import;
use SP\Account\Account;
+use SP\Core\Crypt\Crypt;
use SP\Core\OldCrypt;
use SP\Core\Exceptions\SPException;
use SP\Core\Messages\LogMessage;
@@ -126,8 +127,8 @@ abstract class ImportBase implements ImportInterface
}
if ($this->ImportParams->getImportMasterPwd() !== '') {
- $securedKey = Crypt\Crypt::unlockSecuredKey($AccountData->getAccountIV(), $this->ImportParams->getImportMasterPwd());
- $pass = Crypt\Crypt::decrypt($AccountData->getAccountPass(), $securedKey);
+ $securedKey = Crypt::unlockSecuredKey($AccountData->getAccountIV(), $this->ImportParams->getImportMasterPwd());
+ $pass = Crypt::decrypt($AccountData->getAccountPass(), $securedKey);
// TODO: importar con encriptación anterior
// $pass = Crypt::getDecrypt($AccountData->getAccountPass(), $AccountData->getAccountIV(), $this->ImportParams->getImportMasterPwd());
diff --git a/inc/SP/Import/SyspassImport.class.php b/inc/SP/Import/SyspassImport.class.php
index 21e1b246..654347f6 100644
--- a/inc/SP/Import/SyspassImport.class.php
+++ b/inc/SP/Import/SyspassImport.class.php
@@ -24,6 +24,7 @@
namespace SP\Import;
+use SP\Core\Crypt\Crypt;
use SP\Core\OldCrypt;
use SP\Core\Crypt\Hash;
use SP\Core\Exceptions\SPException;
@@ -117,8 +118,8 @@ class SyspassImport extends ImportBase
if ($iv = base64_decode($node->getAttribute('iv'))) {
$xmlDecrypted = OldCrypt::getDecrypt($data, $iv, $this->ImportParams->getImportPwd());
} else {
- $securedKey = Crypt\Crypt::unlockSecuredKey($node->getAttribute('key'), $this->ImportParams->getImportPwd());
- $xmlDecrypted = Crypt\Crypt::decrypt($data, $securedKey);
+ $securedKey = Crypt::unlockSecuredKey($node->getAttribute('key'), $this->ImportParams->getImportPwd());
+ $xmlDecrypted = Crypt::decrypt($data, $securedKey);
}
$newXmlData = new \DOMDocument();
diff --git a/inc/SP/Mgmt/CustomFields/CustomField.class.php b/inc/SP/Mgmt/CustomFields/CustomField.class.php
index 5a56c19a..f138f5eb 100644
--- a/inc/SP/Mgmt/CustomFields/CustomField.class.php
+++ b/inc/SP/Mgmt/CustomFields/CustomField.class.php
@@ -26,7 +26,8 @@ namespace SP\Mgmt\CustomFields;
defined('APP_ROOT') || die();
-use SP\Core\OldCrypt;
+use SP\Core\Crypt\Crypt;
+use SP\Core\Crypt\Session as CryptSession;
use SP\DataModel\CustomFieldData;
use SP\DataModel\CustomFieldDefData;
use SP\Mgmt\ItemInterface;
@@ -79,7 +80,7 @@ class CustomField extends CustomFieldBase implements ItemInterface
return $this->delete($this->itemData->getId());
}
- $securedKey = Crypt\Crypt::makeSecuredKey(Crypt\Session::getSessionKey());
+ $securedKey = Crypt::makeSecuredKey(CryptSession::getSessionKey());
$query = /** @lang SQL */
'UPDATE customFieldsData SET
@@ -91,7 +92,7 @@ class CustomField extends CustomFieldBase implements ItemInterface
$Data = new QueryData();
$Data->setQuery($query);
- $Data->addParam(Crypt\Crypt::encrypt($this->itemData->getValue(), $securedKey));
+ $Data->addParam(Crypt::encrypt($this->itemData->getValue(), $securedKey));
$Data->addParam($securedKey);
$Data->addParam($this->itemData->getModule());
$Data->addParam($this->itemData->getId());
@@ -136,7 +137,7 @@ class CustomField extends CustomFieldBase implements ItemInterface
return true;
}
- $securedKey = Crypt\Crypt::makeSecuredKey(Crypt\Session::getSessionKey());
+ $securedKey = Crypt::makeSecuredKey(CryptSession::getSessionKey());
$query = /** @lang SQL */
'INSERT INTO customFieldsData SET
@@ -151,7 +152,7 @@ class CustomField extends CustomFieldBase implements ItemInterface
$Data->addParam($this->itemData->getId());
$Data->addParam($this->itemData->getModule());
$Data->addParam($this->itemData->getDefinitionId());
- $Data->addParam(Crypt\Crypt::encrypt($this->itemData->getValue(), $securedKey));
+ $Data->addParam(Crypt::encrypt($this->itemData->getValue(), $securedKey));
$Data->addParam($securedKey);
return DB::getQuery($Data);
@@ -248,9 +249,9 @@ class CustomField extends CustomFieldBase implements ItemInterface
protected function unencryptData(CustomFieldData $CustomFieldData)
{
if ($CustomFieldData->getCustomfielddataData() !== '') {
- $securedKey = Crypt\Crypt::unlockSecuredKey($CustomFieldData->getCustomfielddataIv(), Crypt\Session::getSessionKey());
+ $securedKey = Crypt::unlockSecuredKey($CustomFieldData->getCustomfielddataIv(), CryptSession::getSessionKey());
- return $this->formatValue(Crypt\Crypt::decrypt($CustomFieldData->getCustomfielddataData(), $securedKey));
+ return $this->formatValue(Crypt::decrypt($CustomFieldData->getCustomfielddataData(), $securedKey));
}
return '';
diff --git a/inc/SP/Mgmt/CustomFields/CustomFieldsUtil.class.php b/inc/SP/Mgmt/CustomFields/CustomFieldsUtil.class.php
index 22e2ccab..12421bda 100644
--- a/inc/SP/Mgmt/CustomFields/CustomFieldsUtil.class.php
+++ b/inc/SP/Mgmt/CustomFields/CustomFieldsUtil.class.php
@@ -26,6 +26,7 @@ namespace SP\Mgmt\CustomFields;
defined('APP_ROOT') || die();
+use SP\Core\Crypt\Crypt;
use SP\Core\OldCrypt;
use SP\Core\Exceptions\SPException;
use SP\DataModel\CustomFieldData;
@@ -92,10 +93,10 @@ class CustomFieldsUtil
$success = [];
foreach ($queryRes as $CustomField) {
- $currentSecuredKey = Crypt\Crypt::unlockSecuredKey($CustomField->getCustomfielddataIv(), $currentMasterPass);
- $fieldData = Crypt\Crypt::decrypt($CustomField->getCustomfielddataData(), $currentSecuredKey);
+ $currentSecuredKey = Crypt::unlockSecuredKey($CustomField->getCustomfielddataIv(), $currentMasterPass);
+ $fieldData = Crypt::decrypt($CustomField->getCustomfielddataData(), $currentSecuredKey);
- $securedKey = Crypt\Crypt::makeSecuredKey($newMasterPassword);
+ $securedKey = Crypt::makeSecuredKey($newMasterPassword);
$query = /** @lang SQL */
'UPDATE customFieldsData SET
@@ -105,7 +106,7 @@ class CustomFieldsUtil
$Data = new QueryData();
$Data->setQuery($query);
- $Data->addParam(Crypt\Crypt::encrypt($fieldData, $securedKey));
+ $Data->addParam(Crypt::encrypt($fieldData, $securedKey));
$Data->addParam($securedKey);
$Data->addParam($CustomField->getCustomfielddataId());
@@ -162,7 +163,7 @@ class CustomFieldsUtil
$success = [];
foreach ($queryRes as $CustomField) {
- $securedKey = Crypt\Crypt::makeSecuredKey($currentMasterPass);
+ $securedKey = Crypt::makeSecuredKey($currentMasterPass);
$fieldData = OldCrypt::getDecrypt($CustomField->getCustomfielddataData(), $CustomField->getCustomfielddataIv(), $currentMasterPass);
$query = /** @lang SQL */
@@ -173,7 +174,7 @@ class CustomFieldsUtil
$Data = new QueryData();
$Data->setQuery($query);
- $Data->addParam(Crypt\Crypt::encrypt($fieldData, $securedKey));
+ $Data->addParam(Crypt::encrypt($fieldData, $securedKey));
$Data->addParam($securedKey);
$Data->addParam($CustomField->getCustomfielddataId());
diff --git a/inc/SP/Mgmt/PublicLinks/PublicLinkBase.class.php b/inc/SP/Mgmt/PublicLinks/PublicLinkBase.class.php
index 5b9b6793..eae81843 100644
--- a/inc/SP/Mgmt/PublicLinks/PublicLinkBase.class.php
+++ b/inc/SP/Mgmt/PublicLinks/PublicLinkBase.class.php
@@ -27,13 +27,12 @@ namespace SP\Mgmt\PublicLinks;
defined('APP_ROOT') || die();
use SP\Config\Config;
-use SP\Core\OldCrypt;
+use SP\Core\Crypt\Crypt;
+use SP\Core\Crypt\Session as CryptSession;
use SP\Core\Exceptions\SPException;
-use SP\Core\SessionUtil;
use SP\DataModel\PublicLinkData;
use SP\Mgmt\ItemBase;
use SP\DataModel\PublicLinkBaseData;
-use SP\Util\Util;
/**
* Class PublicLinks para la gestión de enlaces públicos
@@ -77,9 +76,9 @@ abstract class PublicLinkBase extends ItemBase
*/
protected final function createLinkPass()
{
- $securedKey = Crypt\Crypt::makeSecuredKey(Config::getConfig()->getPasswordSalt() . $this->createLinkHash());
+ $securedKey = Crypt::makeSecuredKey(Config::getConfig()->getPasswordSalt() . $this->createLinkHash());
- $this->itemData->setPass(Crypt\Crypt::encrypt(Crypt\Session::getSessionKey(), $securedKey));
+ $this->itemData->setPass(Crypt::encrypt(CryptSession::getSessionKey(), $securedKey));
$this->itemData->setPassIV($securedKey);
}
diff --git a/inc/SP/Mgmt/Users/UserPass.class.php b/inc/SP/Mgmt/Users/UserPass.class.php
index e7612490..be2c66c1 100644
--- a/inc/SP/Mgmt/Users/UserPass.class.php
+++ b/inc/SP/Mgmt/Users/UserPass.class.php
@@ -27,15 +27,14 @@ namespace SP\Mgmt\Users;
defined('APP_ROOT') || die();
use SP\Config\ConfigDB;
-use SP\Core\OldCrypt;
+use SP\Core\Crypt\Crypt;
use SP\Core\Crypt\Hash;
-use SP\Core\Exceptions\SPException;
-use SP\Core\SessionUtil;
use SP\DataModel\UserPassData;
use SP\Log\Email;
use SP\Log\Log;
use SP\Storage\DB;
use SP\Storage\QueryData;
+use SP\Core\Crypt\Session as CryptSession;
/**
* Class UserPass para la gestión de las claves de un usuario
@@ -190,7 +189,7 @@ class UserPass extends UserBase
} elseif (Hash::checkHashKey($userMPass, $configHashMPass)) {
$this->clearUserMPass = $userMPass;
- Crypt\Session::saveSessionKey($userMPass);
+ CryptSession::saveSessionKey($userMPass);
return true;
}
@@ -226,9 +225,9 @@ class UserPass extends UserBase
$this->itemData->setUserMPass($queryRes->user_mPass);
$this->itemData->setUserMIV($queryRes->user_mIV);
- $securedKey = Crypt\Crypt::unlockSecuredKey($queryRes->user_mIV, $this->getCypherPass($cypher));
+ $securedKey = Crypt::unlockSecuredKey($queryRes->user_mIV, $this->getCypherPass($cypher));
- return Crypt\Crypt::decrypt($queryRes->user_mPass, $securedKey);
+ return Crypt::decrypt($queryRes->user_mPass, $securedKey);
}
/**
@@ -241,7 +240,7 @@ class UserPass extends UserBase
{
$pass = $cypher === null ? $this->itemData->getUserPass() : $cypher;
- return Crypt\Crypt::makeSecuredKey($pass . $this->itemData->getUserLogin());
+ return Crypt::makeSecuredKey($pass . $this->itemData->getUserLogin());
}
/**
@@ -291,8 +290,8 @@ class UserPass extends UserBase
if (Hash::checkHashKey($masterPwd, $configHashMPass)
|| \SP\Core\Upgrade\Crypt::migrateHash($masterPwd)
) {
- $securedKey = Crypt\Crypt::makeSecuredKey($this->getCypherPass());
- $cryptMPass = Crypt\Crypt::encrypt($masterPwd, $securedKey);
+ $securedKey = Crypt::makeSecuredKey($this->getCypherPass());
+ $cryptMPass = Crypt::encrypt($masterPwd, $securedKey);
if (!empty($cryptMPass)) {
$query = /** @lang SQL */