$server->getConfig(),
$server->getUserSession(),
new \OCA\Encryption\Session($server->getSession()),
- $server->getLogger()
+ $server->getLogger(),
+ $c->query('Util')
);
});
function (IAppContainer $c) {
$server = $c->getServer();
- return new Util(new View(), $c->query('Crypt'), $c->query('KeyManager'), $server->getLogger(), $server->getUserSession(), $server->getConfig()
- );
+ return new Util(
+ new View(),
+ $c->query('Crypt'),
+ $server->getLogger(),
+ $server->getUserSession(),
+ $server->getConfig());
});
}
var newPrivateKeyPassword = $('input:password[id="newPrivateKeyPassword"]').val();
OC.msg.startSaving('#encryption .msg');
$.post(
- OC.filePath( 'files_encryption', 'ajax', 'updatePrivateKeyPassword.php' )
+ OC.generateUrl('/apps/encryption/ajax/updatePrivateKeyPassword')
, { oldPassword: oldPrivateKeyPassword, newPassword: newPrivateKeyPassword }
, function( data ) {
if (data.status === "error") {
$publicKeys[$uid] = $this->keymanager->getPublicKey($uid);
}
+ $publicKeys = $this->keymanager->addSystemKeys($this->accessList, $publicKeys);
+
$encryptedKeyfiles = $this->crypt->multiKeyEncrypt($this->fileKey, $publicKeys);
$this->keymanager->setAllFileKeys($path, $encryptedKeyfiles);
}
$publicKeys[$user] = $this->keymanager->getPublicKey($user);
}
- $publicKeys = $this->addSystemKeys($accessList, $publicKeys);
+ $publicKeys = $this->keymanager->addSystemKeys($accessList, $publicKeys);
$encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys);
use OC\Encryption\Exceptions\PublicKeyMissingException;
use OCA\Encryption\Crypto\Crypt;
use OCP\Encryption\Keys\IStorage;
+use OCA\Encryption\Util;
use OCP\IConfig;
use OCP\ILogger;
use OCP\IUserSession;
* @var ILogger
*/
private $log;
+ /**
+ * @var Util
+ */
+ private $util;
/**
* @param IStorage $keyStorage
* @param IUserSession $userSession
* @param Session $session
* @param ILogger $log
+ * @param Util $util
*/
public function __construct(
IStorage $keyStorage,
IConfig $config,
IUserSession $userSession,
Session $session,
- ILogger $log
+ ILogger $log,
+ Util $util
) {
+ $this->util = $util;
$this->session = $session;
$this->keyStorage = $keyStorage;
$this->crypt = $crypt;
* @return bool
*/
public function recoveryKeyExists() {
- return (!empty($this->keyStorage->getSystemUserKey($this->recoveryKeyId)));
+ return (!empty($this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.publicKey')));
}
/**
public function setSystemPrivateKey($keyId, $key) {
return $this->keyStorage->setSystemUserKey($keyId . '.' . $this->privateKeyId, $key);
}
+
+ /**
+ * add system keys such as the public share key and the recovery key
+ *
+ * @param array $accessList
+ * @param array $publicKeys
+ * @return array
+ */
+ public function addSystemKeys(array $accessList, array $publicKeys) {
+ if (!empty($accessList['public'])) {
+ $publicKeys[$this->getPublicShareKeyId()] = $this->getPublicShareKey();
+ }
+
+ if ($this->recoveryKeyExists() &&
+ $this->util->isRecoveryEnabledForUser()) {
+
+ $publicKeys[$this->getRecoveryKeyId()] = $this->getRecoveryKey();
+ }
+
+ return $publicKeys;
+ }
}
IStorage $keyStorage,
IFile $file,
View $view) {
- $this->user = $user && $user->isLoggedIn() ? $user->getUser() : false;
+ $this->user = ($user && $user->isLoggedIn()) ? $user->getUser() : false;
$this->crypt = $crypt;
$this->random = $random;
$this->keyManager = $keyManager;
$value);
if ($value === '1') {
- $this->addRecoveryKeys('/' . $this->user . '/files/');
+ $this->addRecoveryKeys('/' . $this->user->getUID() . '/files/');
} else {
$this->removeRecoveryKeys();
}
$dirContent = $this->view->getDirectoryContent($path);
foreach ($dirContent as $item) {
// get relative path from files_encryption/keyfiles/
- $filePath = $item['path'];
+ $filePath = $item->getPath();
if ($item['type'] === 'dir') {
$this->addRecoveryKeys($filePath . '/');
} else {
- $fileKey = $this->keyManager->getFileKey($filePath, $this->user);
+ $fileKey = $this->keyManager->getFileKey($filePath, $this->user->getUID());
if (!empty($fileKey)) {
- $accessList = $this->file->getAccessList($path);
+ $accessList = $this->file->getAccessList($filePath);
$publicKeys = array();
foreach ($accessList['users'] as $uid) {
- $publicKeys[$uid] = $this->keymanager->getPublicKey($uid);
+ $publicKeys[$uid] = $this->keyManager->getPublicKey($uid);
}
+ $publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys);
+
$encryptedKeyfiles = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys);
- $this->keymanager->setAllFileKeys($path, $encryptedKeyfiles);
+ $this->keyManager->setAllFileKeys($filePath, $encryptedKeyfiles);
}
}
}
* remove recovery key to all encrypted files
*/
private function removeRecoveryKeys($path = '/') {
+ return true;
$dirContent = $this->view->getDirectoryContent($this->keyfilesPath . $path);
foreach ($dirContent as $item) {
// get relative path from files_encryption/keyfiles
namespace OCA\Encryption;
-use OC\Files\Filesystem;
use OC\Files\View;
use OCA\Encryption\Crypto\Crypt;
-use OCP\App;
use OCP\IConfig;
use OCP\ILogger;
use OCP\IUser;
use OCP\IUserSession;
use OCP\PreConditionNotMetException;
-use OCP\Share;
class Util {
/**
* @var Crypt
*/
private $crypt;
- /**
- * @var KeyManager
- */
- private $keyManager;
/**
* @var ILogger
*/
*
* @param View $files
* @param Crypt $crypt
- * @param KeyManager $keyManager
* @param ILogger $logger
* @param IUserSession $userSession
* @param IConfig $config
*/
public function __construct(View $files,
Crypt $crypt,
- KeyManager $keyManager,
ILogger $logger,
IUserSession $userSession,
IConfig $config
) {
$this->files = $files;
$this->crypt = $crypt;
- $this->keyManager = $keyManager;
$this->logger = $logger;
$this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser() : false;
$this->config = $config;
/**
* @return bool
*/
- public function recoveryEnabledForUser() {
+ public function isRecoveryEnabledForUser() {
$recoveryMode = $this->config->getUserValue($this->user->getUID(),
'encryption',
'recoveryEnabled',
}
}
- /**
- * @param $recoveryPassword
- */
- public function recoverUsersFiles($recoveryPassword) {
- $encryptedKey = $this->keyManager->getSystemPrivateKey();
-
- $privateKey = $this->crypt->decryptPrivateKey($encryptedKey,
- $recoveryPassword);
-
- $this->recoverAllFiles('/', $privateKey);
- }
-
/**
* @param string $uid
* @return bool
\OC::$server->getLogger(),
\OC::$server->getUserSession(),
\OC::$server->getConfig());
+
+$util = new \OCA\Encryption\Util(
+ new \OC\Files\View(),
+ $crypt,
+ \OC::$server->getLogger(),
+ \OC::$server->getUserSession(),
+ \OC::$server->getConfig());
+
$keymanager = new \OCA\Encryption\KeyManager(
\OC::$server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID),
$crypt,
\OC::$server->getConfig(),
\OC::$server->getUserSession(),
$session,
- \OC::$server->getLogger(), null);
+ \OC::$server->getLogger(), $util);
$user = \OCP\User::getUser();
$view = new \OC\Files\View('/');
-$util = new \OCA\Encryption\Util(
- new \OC\Files\View(),
- $crypt, $keymanager,
- \OC::$server->getLogger(),
- \OC::$server->getUserSession(),
- \OC::$server->getConfig());
+
$privateKeySet = $session->isPrivateKeySet();
// did we tried to initialize the keys for this session?
$initialized = $session->getStatus();
$recoveryAdminEnabled = \OC::$server->getConfig()->getAppValue('encryption', 'recoveryAdminEnabled');
-$recoveryEnabledForUser = $util->recoveryEnabledForUser();
+$recoveryEnabledForUser = $util->isRecoveryEnabledForUser();
$result = false;
if ($recoveryAdminEnabled || !$privateKeySet) {
-
- \OCP\Util::addscript('encryption', 'settings-personal');
-
$tmpl->assign('recoveryEnabled', $recoveryAdminEnabled);
$tmpl->assign('recoveryEnabledForUser', $recoveryEnabledForUser);
$tmpl->assign('privateKeySet', $privateKeySet);
projects / nextcloud-server.git / commitdiff