FIXED upgrade Recrypt not working with changed cipher (#4245)

* FIX legacy cipher change

* FIX Recrypt Custom fields column names

* FIX ReCrypt Clean un-needed code
This commit is contained in:
Tõnis Ormisson 2017-10-18 15:43:54 +03:00 committed by snipe
parent ed4aa7dec2
commit a4eeff01f0

View file

@ -48,6 +48,7 @@ class RecryptFromMcrypt extends Command
// If not, we can try to use the current APP_KEY if looks like it's old // If not, we can try to use the current APP_KEY if looks like it's old
$legacy_key = env('LEGACY_APP_KEY'); $legacy_key = env('LEGACY_APP_KEY');
$key_parts = explode(':', $legacy_key); $key_parts = explode(':', $legacy_key);
$legacy_cipher = env('LEGACY_CIPHER');
$errors = array(); $errors = array();
if (!$legacy_key) { if (!$legacy_key) {
@ -60,6 +61,7 @@ class RecryptFromMcrypt extends Command
if (strlen($legacy_key) == 32) { if (strlen($legacy_key) == 32) {
$legacy_length_check = true; $legacy_length_check = true;
} elseif (array_key_exists('1', $key_parts) && (strlen($key_parts[1])==44)) { } elseif (array_key_exists('1', $key_parts) && (strlen($key_parts[1])==44)) {
$legacy_key = base64_decode($key_parts[1],true);
$legacy_length_check = true; $legacy_length_check = true;
} else { } else {
$legacy_length_check = false; $legacy_length_check = false;
@ -91,13 +93,17 @@ class RecryptFromMcrypt extends Command
} }
$mcrypter = new McryptEncrypter($legacy_key); if($legacy_cipher){
$mcrypter = new McryptEncrypter($legacy_key,$legacy_cipher);
}else{
$mcrypter = new McryptEncrypter($legacy_key);
}
$settings = Setting::getSettings(); $settings = Setting::getSettings();
if ($settings->ldap_password=='') { if ($settings->ldap_password=='') {
$this->comment('INFO: No LDAP password found. Skipping... '); $this->comment('INFO: No LDAP password found. Skipping... ');
} }
/** @var CustomField[] $custom_fields */
$custom_fields = CustomField::where('field_encrypted','=', 1)->get(); $custom_fields = CustomField::where('field_encrypted','=', 1)->get();
$this->comment('INFO: Retrieving encrypted custom fields...'); $this->comment('INFO: Retrieving encrypted custom fields...');
@ -110,32 +116,22 @@ class RecryptFromMcrypt extends Command
// Get all assets with a value in any of the fields that were encrypted // Get all assets with a value in any of the fields that were encrypted
/** @var Asset[] $assets */
$assets = $query->get(); $assets = $query->get();
$bar = $this->output->createProgressBar(count($assets)); $bar = $this->output->createProgressBar(count($assets));
foreach ($custom_fields as $encrypted_field) {
// Try to decrypt the payload using the legacy app key
try {
$decrypted_field = $mcrypter->decrypt($encrypted_field);
$this->comment($decrypted_field);
} catch (\Exception $e) {
$errors[] = ' - ERROR: Could not decrypt field ['.$encrypted_field->name.']: '.$e->getMessage();
}
$bar->advance();
}
foreach ($assets as $asset) { foreach ($assets as $asset) {
foreach ($custom_fields as $encrypted_field) { foreach ($custom_fields as $encrypted_field) {
$columnName = $encrypted_field->db_column;
// Make sure the value isn't null // Make sure the value isn't null
if ($asset->{$encrypted_field}!='') { if ($asset->{$columnName}!='') {
// Try to decrypt the payload using the legacy app key // Try to decrypt the payload using the legacy app key
try { try {
$decrypted_field = $mcrypter->decrypt($asset->{$encrypted_field}); $decrypted_field = $mcrypter->decrypt($asset->{$columnName});
$asset->{$encrypted_field} = \Crypt::encrypt($decrypted_field); $asset->{$columnName} = \Crypt::encrypt($decrypted_field);
$this->comment($decrypted_field); $this->comment($decrypted_field);
} catch (\Exception $e) { } catch (\Exception $e) {
$errors[] = ' - ERROR: Could not decrypt field ['.$encrypted_field->name.']: '.$e->getMessage(); $errors[] = ' - ERROR: Could not decrypt field ['.$encrypted_field->name.']: '.$e->getMessage();