From f2e7a2cb00bebc22671aa02035242596dbce46de Mon Sep 17 00:00:00 2001
From: Patrick Canterino <patrick@patrick-canterino.de>
Date: Mon, 1 Apr 2024 15:37:37 +0200
Subject: [PATCH] Centralize decryption in `jirafeau_decrypt_file()`

Previously the decryption code in f.php was a copy of `jirafeau_decrypt_file()`.
Now, we let the funtion write to `php://output`.

`jirafeau_decrypt_file()` was previously broken because of me doing copy-paste...
---
 f.php             | 24 ++----------------------
 lib/functions.php | 11 ++++++++---
 2 files changed, 10 insertions(+), 25 deletions(-)

diff --git a/f.php b/f.php
index 854da83..e167154 100644
--- a/f.php
+++ b/f.php
@@ -248,29 +248,9 @@ if ($cfg['litespeed_workaround']) {
                $_SERVER['QUERY_STRING'] . '&litespeed_workaround=phase2');
     }
 }
-/* Read encrypted file. */
+/* Read encrypted file (Sodium mode). */
 elseif ($link['crypted']) {
-    /* Decrypt file. */
-    $r = fopen(VAR_FILES . $p . $link['hash'], 'rb');
-    $fs = fstat($r)['size'];
-
-    $crypt_header = fread($r, SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_HEADERBYTES);
-
-    /* Init module. */
-    $crypt_state = sodium_crypto_secretstream_xchacha20poly1305_init_pull($crypt_header, $crypt_key);
-
-    /* Decrypt file. */
-
-    for ($i = SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_HEADERBYTES; $i < $fs; $i += JIRAFEAU_SODIUM_CHUNKSIZE + SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES) {
-        $to_dec = fread($r, JIRAFEAU_SODIUM_CHUNKSIZE + SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES);
-        [$dec, $crypt_tag] = sodium_crypto_secretstream_xchacha20poly1305_pull($crypt_state, $to_dec);
-        echo $dec;
-    }
-
-    fclose($r);
-
-    /* Cleanup. */
-    sodium_memzero($crypt_state);
+    jirafeau_decrypt_file(VAR_FILES . $p . $link['hash'], 'php://output', $crypt_key);
 }
 /* Read encrypted file (legacy mode using mcrypt). */
 elseif ($link['crypted_legacy']) {
diff --git a/lib/functions.php b/lib/functions.php
index fff8c44..a92509b 100644
--- a/lib/functions.php
+++ b/lib/functions.php
@@ -1267,22 +1267,27 @@ function jirafeau_decrypt_file($fp_src, $fp_dst, $k)
     }
 
     /* Decrypt file. */
-    $r = fopen(VAR_FILES . $p . $link['hash'], 'rb');
+    $r = fopen($fp_src, 'rb');
+    $w = fopen($fp_dst, 'wb');
 
     $crypt_header = fread($r, SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_HEADERBYTES);
 
     /* Init module. */
-    $crypt_state = sodium_crypto_secretstream_xchacha20poly1305_init_pull($crypt_header, $crypt_key);
+    $crypt_state = sodium_crypto_secretstream_xchacha20poly1305_init_pull($crypt_header, $k);
 
     /* Decrypt file. */
 
     for ($i = SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_HEADERBYTES; $i < $fs; $i += JIRAFEAU_SODIUM_CHUNKSIZE + SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES) {
         $to_dec = fread($r, JIRAFEAU_SODIUM_CHUNKSIZE + SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES);
         [$dec, $crypt_tag] = sodium_crypto_secretstream_xchacha20poly1305_pull($crypt_state, $to_dec);
-        echo $dec;
+        
+        if (fwrite($w, $dec) === false) {
+            return false;
+        }
     }
 
     fclose($r);
+    fclose($w);
 
     /* Cleanup. */
     sodium_memzero($crypt_state);
-- 
2.34.1