diff --git a/app/Console/Commands/DecryptDatabase.php b/app/Console/Commands/DecryptDatabase.php index 437226fe2e..92cd9500ec 100644 --- a/app/Console/Commands/DecryptDatabase.php +++ b/app/Console/Commands/DecryptDatabase.php @@ -148,7 +148,7 @@ class DecryptDatabase extends Command private function tryDecrypt($value) { try { - $value = Crypt::decrypt($value); + $value = Crypt::decrypt($value); // verified } catch (DecryptException $e) { if ('The MAC is invalid.' === $e->getMessage()) { throw new FireflyException($e->getMessage()); // @codeCoverageIgnore diff --git a/app/Console/Commands/ScanAttachments.php b/app/Console/Commands/ScanAttachments.php index d6218c2f7e..89aaa7aeb8 100644 --- a/app/Console/Commands/ScanAttachments.php +++ b/app/Console/Commands/ScanAttachments.php @@ -30,6 +30,7 @@ use FireflyIII\Models\Attachment; use Illuminate\Console\Command; use Illuminate\Contracts\Encryption\DecryptException; use Illuminate\Contracts\Filesystem\FileNotFoundException; +use Log; use Storage; /** @@ -51,7 +52,7 @@ class ScanAttachments extends Command * * @var string */ - protected $signature = 'firefly:scan-attachments'; + protected $signature = 'firefly-iii:scan-attachments'; /** * Execute the console command. @@ -62,21 +63,22 @@ class ScanAttachments extends Command $disk = Storage::disk('upload'); /** @var Attachment $attachment */ foreach ($attachments as $attachment) { - $fileName = $attachment->fileName(); + $fileName = $attachment->fileName(); + $decryptedContent = ''; try { - $content = $disk->get($fileName); + $encryptedContent = $disk->get($fileName); } catch (FileNotFoundException $e) { $this->error(sprintf('Could not find data for attachment #%d: %s', $attachment->id, $e->getMessage())); continue; } try { - $decrypted = Crypt::decrypt($content); + $decryptedContent = Crypt::decrypt($encryptedContent); // verified } catch (DecryptException $e) { - $this->error(sprintf('Could not decrypt data of attachment #%d: %s', $attachment->id, $e->getMessage())); - continue; + Log::error(sprintf('Could not decrypt data of attachment #%d: %s', $attachment->id, $e->getMessage())); + $decryptedContent = $encryptedContent; } $tempFileName = tempnam(sys_get_temp_dir(), 'FireflyIII'); - file_put_contents($tempFileName, $decrypted); + file_put_contents($tempFileName, $decryptedContent); $md5 = md5_file($tempFileName); $mime = mime_content_type($tempFileName); $attachment->md5 = $md5; diff --git a/app/Helpers/Attachments/AttachmentHelper.php b/app/Helpers/Attachments/AttachmentHelper.php index 7ef3ce9a05..72c181be02 100644 --- a/app/Helpers/Attachments/AttachmentHelper.php +++ b/app/Helpers/Attachments/AttachmentHelper.php @@ -84,15 +84,20 @@ class AttachmentHelper implements AttachmentHelperInterface */ public function getAttachmentContent(Attachment $attachment): string { - + $encryptedData = ''; try { - $content = Crypt::decrypt($this->uploadDisk->get(sprintf('at-%d.data', $attachment->id))); + $encryptedData = $this->uploadDisk->get(sprintf('at-%d.data', $attachment->id)); + } catch (FileNotFoundException $e) { + Log::error($e->getMessage()); + } + try { + $unencryptedData = Crypt::decrypt($encryptedData); // verified } catch (DecryptException|FileNotFoundException $e) { Log::error(sprintf('Could not decrypt data of attachment #%d: %s', $attachment->id, $e->getMessage())); - $content = ''; + $unencryptedData = $encryptedData; } - return $content; + return $unencryptedData; } /** @@ -167,9 +172,8 @@ class AttachmentHelper implements AttachmentHelperInterface return false; } - // is allowed? Save the file! - $encrypted = Crypt::encrypt($content); - $this->uploadDisk->put($attachment->fileName(), $encrypted); + // is allowed? Save the file, without encryption. + $this->uploadDisk->put($attachment->fileName(), $content); // update attachment. $attachment->md5 = md5_file($path); @@ -275,12 +279,10 @@ class AttachmentHelper implements AttachmentHelperInterface } $content = $fileObject->fread($file->getSize()); - $encrypted = Crypt::encrypt($content); Log::debug(sprintf('Full file length is %d and upload size is %d.', strlen($content), $file->getSize())); - Log::debug(sprintf('Encrypted content is %d', strlen($encrypted))); // store it: - $this->uploadDisk->put($attachment->fileName(), $encrypted); + $this->uploadDisk->put($attachment->fileName(), $content); $attachment->uploaded = true; // update attachment $attachment->save(); $this->attachments->push($attachment); diff --git a/app/Repositories/Attachment/AttachmentRepository.php b/app/Repositories/Attachment/AttachmentRepository.php index 299c4c34a9..88cf9a2745 100644 --- a/app/Repositories/Attachment/AttachmentRepository.php +++ b/app/Repositories/Attachment/AttachmentRepository.php @@ -30,6 +30,7 @@ use FireflyIII\Helpers\Attachments\AttachmentHelperInterface; use FireflyIII\Models\Attachment; use FireflyIII\Models\Note; use FireflyIII\User; +use Illuminate\Contracts\Encryption\DecryptException; use Illuminate\Contracts\Filesystem\FileNotFoundException; use Illuminate\Support\Collection; use Illuminate\Support\Facades\Storage; @@ -105,25 +106,27 @@ class AttachmentRepository implements AttachmentRepositoryInterface public function getContent(Attachment $attachment): string { // create a disk. - $disk = Storage::disk('upload'); - $file = $attachment->fileName(); - $content = ''; + $disk = Storage::disk('upload'); + $file = $attachment->fileName(); + $unencryptedContent = ''; if ($disk->exists($file)) { + $encryptedContent = ''; try { - $content = Crypt::decrypt($disk->get($file)); + $encryptedContent = $disk->get($file); } catch (FileNotFoundException $e) { - Log::debug(sprintf('File not found: %e', $e->getMessage())); - $content = false; + Log::error($e->getMessage()); + } + + try { + $unencryptedContent = Crypt::decrypt($encryptedContent); // verified + } catch (DecryptException $e) { + Log::debug(sprintf('Could not decrypt: %e', $e->getMessage())); + $unencryptedContent = $encryptedContent; } } - if (\is_bool($content)) { - Log::error(sprintf('Attachment #%d may be corrupted: the content could not be decrypted.', $attachment->id)); - return ''; - } - - return $content; + return $unencryptedContent; } /** diff --git a/app/Repositories/ImportJob/ImportJobRepository.php b/app/Repositories/ImportJob/ImportJobRepository.php index 155fd4e095..b3c70e3409 100644 --- a/app/Repositories/ImportJob/ImportJobRepository.php +++ b/app/Repositories/ImportJob/ImportJobRepository.php @@ -243,10 +243,10 @@ class ImportJobRepository implements ImportJobRepositoryInterface { // this will overwrite all transactions currently in the job. $disk = Storage::disk('upload'); - $filename = sprintf('%s-%s.crypt.json', $job->created_at->format('Ymd'), $job->key); + $filename = sprintf('%s-%s.json', $job->created_at->format('Ymd'), $job->key); $array = []; if ($disk->exists($filename)) { - $json = Crypt::decrypt($disk->get($filename)); + $json = $disk->get($filename); $array = json_decode($json, true); } if (false === $array) { @@ -329,8 +329,8 @@ class ImportJobRepository implements ImportJobRepositoryInterface { // this will overwrite all transactions currently in the job. $disk = Storage::disk('upload'); - $filename = sprintf('%s-%s.crypt.json', $job->created_at->format('Ymd'), $job->key); - $json = Crypt::encrypt(json_encode($transactions)); + $filename = sprintf('%s-%s.json', $job->created_at->format('Ymd'), $job->key); + $json = json_encode($transactions); // set count for easy access $array = ['count' => count($transactions)]; @@ -389,9 +389,8 @@ class ImportJobRepository implements ImportJobRepositoryInterface $attachment->size = strlen($content); $attachment->uploaded = false; $attachment->save(); - $encrypted = Crypt::encrypt($content); - $this->uploadDisk->put($attachment->fileName(), $encrypted); + $this->uploadDisk->put($attachment->fileName(), $content); $attachment->uploaded = true; // update attachment $attachment->save(); @@ -446,8 +445,7 @@ class ImportJobRepository implements ImportJobRepositoryInterface } $content = $fileObject->fread($file->getSize()); - $encrypted = Crypt::encrypt($content); - $this->uploadDisk->put($attachment->fileName(), $encrypted); + $this->uploadDisk->put($attachment->fileName(), $content); $attachment->uploaded = true; // update attachment $attachment->save(); diff --git a/app/Support/Amount.php b/app/Support/Amount.php index 6155581e39..f651bebcef 100644 --- a/app/Support/Amount.php +++ b/app/Support/Amount.php @@ -343,7 +343,7 @@ class Amount private function tryDecrypt(string $value): string { try { - $value = Crypt::decrypt($value); + $value = Crypt::decrypt($value); // verified } catch (DecryptException $e) { Log::debug(sprintf('Could not decrypt "%s". %s', $value, $e->getMessage())); } diff --git a/app/Support/FinTS/FinTS.php b/app/Support/FinTS/FinTS.php index dff4c57b53..3eec3de973 100644 --- a/app/Support/FinTS/FinTS.php +++ b/app/Support/FinTS/FinTS.php @@ -50,7 +50,7 @@ class FinTS $config['fints_port'], $config['fints_bank_code'], $config['fints_username'], - Crypt::decrypt($config['fints_password']) + Crypt::decrypt($config['fints_password']) // verified ); } diff --git a/app/Support/Import/JobConfiguration/FinTS/NewFinTSJobHandler.php b/app/Support/Import/JobConfiguration/FinTS/NewFinTSJobHandler.php index 7fa93a0189..730dba473a 100644 --- a/app/Support/Import/JobConfiguration/FinTS/NewFinTSJobHandler.php +++ b/app/Support/Import/JobConfiguration/FinTS/NewFinTSJobHandler.php @@ -57,7 +57,7 @@ class NewFinTSJobHandler implements FinTSConfigurationInterface $config['fints_port'] = (int)($data['fints_port'] ?? ''); $config['fints_bank_code'] = (string)($data['fints_bank_code'] ?? ''); $config['fints_username'] = (string)($data['fints_username'] ?? ''); - $config['fints_password'] = (string)(Crypt::encrypt($data['fints_password']) ?? ''); + $config['fints_password'] = (string)(Crypt::encrypt($data['fints_password']) ?? ''); // verified $config['apply-rules'] = 1 === (int)$data['apply_rules']; // sanitize FinTS URL.