$l = OC_L10N::get('files_encryption');
- if (isset($_GET['i']) && $_GET['i'] === '0') {
- $errorMsg = $l->t('Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app.');
- $init = '0';
+ if (isset($_GET['errorCode'])) {
+ $errorCode = $_GET['errorCode'];
+ switch ($errorCode) {
+ case \OCA\Encryption\Crypt::ENCRYPTION_NOT_INITIALIZED_ERROR:
+ $errorMsg = $l->t('Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app.');
+ break;
+ case \OCA\Encryption\Crypt::ENCRYPTION_PRIVATE_KEY_NOT_VALID_ERROR:
+ $errorMsg = $l->t('Your private key is not valid! Likely your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.');
+ break;
+ case \OCA\Encryption\Crypt::ENCRYPTION_NO_SHARE_KEY_FOUND:
+ $errorMsg = $l->t('Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you.');
+ break;
+ default:
+ $errorMsg = $l->t("Unknwon error please check your system settings or contact your administrator");
+ break;
+ }
} else {
- $errorMsg = $l->t('Your private key is not valid! Likely your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.');
- $init = '1';
+ $errorCode = \OCA\Encryption\Crypt::ENCRYPTION_UNKNOWN_ERROR;
+ $errorMsg = $l->t("Unknwon error please check your system settings or contact your administrator");
}
if (isset($_GET['p']) && $_GET['p'] === '1') {
header('HTTP/1.0 404 ' . $errorMsg);
$tmpl = new OC_Template('files_encryption', 'invalid_private_key', 'guest');
$tmpl->assign('message', $errorMsg);
- $tmpl->assign('init', $init);
+ $tmpl->assign('errorCode', $errorCode);
$tmpl->printPage();
}
\r
class Crypt {\r
\r
+ const ENCRYPTION_UNKNOWN_ERROR = -1;\r
+ const ENCRYPTION_NOT_INITIALIZED_ERROR = 1;\r
+ const ENCRYPTION_PRIVATE_KEY_NOT_VALID_ERROR = 2;\r
+ const ENCRYPTION_NO_SHARE_KEY_FOUND = 3;\r
+\r
+\r
/**\r
* @brief return encryption mode client or server side encryption\r
* @param string $user name (use system wide setting if name=null)\r
// Fetch all file metadata from DB\r
$metadata = \OC\Files\Filesystem::getFileInfo($relPath, '');\r
\r
- // If a file is flagged with encryption in DB, but isn't a \r
- // valid content + IV combination, it's probably using the \r
+ // If a file is flagged with encryption in DB, but isn't a\r
+ // valid content + IV combination, it's probably using the\r
// legacy encryption system\r
if (isset($metadata['encrypted'])\r
&& $metadata['encrypted'] === true\r
*/\r
public static function multiKeyEncrypt($plainContent, array $publicKeys) {\r
\r
- // openssl_seal returns false without errors if $plainContent \r
+ // openssl_seal returns false without errors if $plainContent\r
// is empty, so trigger our own error\r
if (empty($plainContent)) {\r
\r
\r
$i = 0;\r
\r
- // Ensure each shareKey is labelled with its \r
+ // Ensure each shareKey is labelled with its\r
// corresponding userId\r
foreach ($publicKeys as $userId => $publicKey) {\r
\r
\r
}\r
\r
- // We encode the iv purely for string manipulation \r
+ // We encode the iv purely for string manipulation\r
// purposes - it gets decoded before use\r
$iv = base64_encode($random);\r
\r
/**
* @brief redirect to a error page
*/
- public static function redirectToErrorPage($session) {
-
- $init = $session->getInitialized();
+ public static function redirectToErrorPage($session, $errorCode = null) {
+
+ if ($errorCode === null) {
+ $init = $session->getInitialized();
+ switch ($init) {
+ case \OCA\Encryption\Session::INIT_EXECUTED:
+ $errorCode = \OCA\Encryption\Crypt::ENCRYPTION_PRIVATE_KEY_NOT_VALID_ERROR;
+ break;
+ case \OCA\Encryption\Session::NOT_INITIALIZED:
+ $errorCode = \OCA\Encryption\Crypt::ENCRYPTION_NOT_INITIALIZED_ERROR;
+ break;
+ default:
+ $errorCode = \OCA\Encryption\Crypt::ENCRYPTION_UNKNOWN_ERROR;
+ }
+ }
$location = \OC_Helper::linkToAbsolute('apps/files_encryption/files', 'error.php');
$post = 0;
if(count($_POST) > 0) {
$post = 1;
}
- header('Location: ' . $location . '?p=' . $post . '&i=' . $init);
+ header('Location: ' . $location . '?p=' . $post . '&errorCode=' . $errorCode);
exit();
}
// If a keyfile already exists
if ($this->encKeyfile) {
+ $shareKey = Keymanager::getShareKey($this->rootView, $this->userId, $this->relPath);
+
// if there is no valid private key return false
if ($this->privateKey === false) {
-
// if private key is not valid redirect user to a error page
- \OCA\Encryption\Helper::redirectToErrorPage();
-
+ \OCA\Encryption\Helper::redirectToErrorPage($this->session);
return false;
}
- $shareKey = Keymanager::getShareKey($this->rootView, $this->userId, $this->relPath);
+ if ($shareKey === false) {
+ // if no share key is available redirect user to a error page
+ \OCA\Encryption\Helper::redirectToErrorPage($this->session, \OCA\Encryption\Crypt::ENCRYPTION_NO_SHARE_KEY_FOUND);
+ return false;
+ }
$this->plainKey = Crypt::multiKeyDecrypt($this->encKeyfile, $shareKey, $this->privateKey);
<?php p($_['message']); ?>
<br/>
- <?php if($_['init']): ?>
+ <?php if($_['errorCode'] === \OCA\Encryption\Crypt::ENCRYPTION_PRIVATE_KEY_NOT_VALID_ERROR): ?>
<?php>p($l->t('Go directly to your ')); ?> <a href="<?php echo $location?>"><?php p($l->t('personal settings')); ?>.</a>
<?php endif; ?>
<br/>
projects / nextcloud-server.git / commitdiff