diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php
index e129bc9313ef3836b0ff3709e26d8428efaf35ca..7eab620baa5f892a9f37a07d60ec61eefd605c21 100755
--- a/apps/files_encryption/lib/crypt.php
+++ b/apps/files_encryption/lib/crypt.php
@@ -52,6 +52,7 @@ class Crypt {
$return = false;
+ $res = \OCA\Encryption\Helper::getOpenSSLPkey();
$res = openssl_pkey_new(array('private_key_bits' => 4096));
if ($res === false) {
diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php
index 0209a5d18b78a555bfd17397428aed58cded46e1..2cc905c291410f9c8ab7ac0cffbed3337128b417 100755
--- a/apps/files_encryption/lib/helper.php
+++ b/apps/files_encryption/lib/helper.php
@@ -265,7 +265,7 @@ class Helper {
* @return bool true if configuration seems to be OK
*/
public static function checkConfiguration() {
- if(openssl_pkey_new(array('private_key_bits' => 4096))) {
+ if(self::getOpenSSLPkey()) {
return true;
} else {
while ($msg = openssl_error_string()) {
@@ -275,6 +275,16 @@ class Helper {
}
}
+ /**
+ * Create an openssl pkey with config-supplied settings
+ * @return resource The pkey resource created
+ */
+ public static function getOpenSSLPkey() {
+ $config = array('private_key_bits' => 4096);
+ $config = array_merge(\OCP\Config::getSystemValue('openssl'), $config);
+ return openssl_pkey_new($config);
+ }
+
/**
* @brief glob uses different pattern than regular expressions, escape glob pattern only
* @param unescaped path
diff --git a/config/config.sample.php b/config/config.sample.php
index 5f748438bc7ab605623ad85c70a171255a48b437..6425baf87cbd178212f8a498d8a39d28124fd3d2 100644
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@ -214,4 +214,9 @@ $CONFIG = array(
'preview_libreoffice_path' => '/usr/bin/libreoffice',
/* cl parameters for libreoffice / openoffice */
'preview_office_cl_parameters' => '',
+
+// Extra SSL options to be used for configuration
+'openssl' => array(
+ //'config' => '/path/to/openssl.cnf',
+),
);