\r
if( openssl_seal( $plainContent, $sealed, $shareKeys, $publicKeys ) ) {\r
\r
+// trigger_error("SEALED = $sealed");\r
+ \r
$i = 0;\r
\r
// Ensure each shareKey is labelled with its \r
*/\r
public static function setFileKey( \OC_FilesystemView $view, $path, $userId, $catfile ) {\r
\r
+ \OC_FileProxy::$enabled = false;\r
+ \r
\OC\Files\Filesystem::initMountPoints($userId);\r
$basePath = '/' . $userId . '/files_encryption/keyfiles';\r
\r
\r
if ( $view->is_dir( $basePath . '/' . $targetPath ) ) {\r
\r
- \r
+ // FIXME: write me\r
\r
} else {\r
\r
// Save the keyfile in parallel directory\r
- return $view->file_put_contents( $basePath . '/' . $targetPath . '.key', $catfile );\r
+ $result = $view->file_put_contents( $basePath . '/' . $targetPath . '.key', $catfile );\r
\r
}\r
\r
+ \OC_FileProxy::$enabled = true;\r
+ \r
+ return $result;\r
+ \r
}\r
\r
/**\r
\r
$keyfilePath = '/' . $userId . '/files_encryption/keyfiles/' . $filePath_f . '.key';\r
\r
+ \OC_FileProxy::$enabled = false;\r
+ \r
if ( $view->file_exists( $keyfilePath ) ) {\r
\r
- return $view->file_get_contents( $keyfilePath );\r
+ $result = $view->file_get_contents( $keyfilePath );\r
\r
} else {\r
\r
- return false;\r
+ $result = false;\r
\r
}\r
\r
+ \OC_FileProxy::$enabled = true;\r
+ \r
+ return $result;\r
+ \r
}\r
\r
/**\r
return false;
}
- public function preFile_put_contents( $path, &$data ) {
+ public function preFile_put_contents( $path, &$data ) {
+
// TODO check for existing key file and reuse it if possible to avoid problems with versioning etc.
if ( self::shouldEncrypt( $path ) ) {
// Get the encrypted keyfile
$encKeyfile = Keymanager::getFileKey( $view, $fileOwner, $relPath );
- trigger_error("\$encKeyfile = ". var_export($encKeyfile, 1));
-
// Attempt to fetch the user's shareKey
$shareKey = Keymanager::getShareKey( $view, $userId, $relPath );
- trigger_error("\$shareKey = ".var_export($shareKey, 1));
-
// Check if key is shared or not
if ( $shareKey ) {
\OC_FileProxy::$enabled = false;
+// trigger_error("\$encKeyfile = $encKeyfile, \$shareKey = $shareKey, \$privateKey = $privateKey");
+
// Decrypt keyfile with shareKey
$plainKeyfile = Crypt::multiKeyDecrypt( $encKeyfile, $shareKey, $privateKey );
- trigger_error("PROXY plainkeyfile = ". var_export($plainKeyfile, 1));
+// $plainKeyfile = $encKeyfile;
+
+// trigger_error("PROXY plainkeyfile = ". var_export($plainKeyfile, 1));
} else {
}
$plainData = Crypt::symmetricDecryptFileContent( $data, $plainKeyfile );
+
+// trigger_error("PLAINDATA = ". var_export($plainData, 1));
} elseif (
Crypt::mode() == 'server'
*
*/
-// Todo:
+# Bugs
+# ----
+# Sharing a file to a user without encryption set up will not provide them with access but won't notify the sharer
+# Deleting files if keyfile is missing fails
+# When encryption app is disabled files become unreadable
+# Timeouts on first login due to encryption of very large files
+# MultiKeyEncrypt() may be failing
+
+
+# Missing features
+# ----------------
+# Unshare a file
+# Re-use existing keyfiles so they don't need version control
+# Make sure user knows if large files weren't encrypted
+# Trashbin support
+
+
+// Old Todo:
// - Crypt/decrypt button in the userinterface
// - Setting if crypto should be on by default
// - Add a setting "DonĀ“t encrypt files larger than xx because of performance
// reasons"
-// - Transparent decrypt/encrypt in filesystem.php. Autodetect if a file is
-// encrypted (.encrypted extension)
-// - Don't use a password directly as encryption key. but a key which is
-// stored on the server and encrypted with the user password. -> password
-// change faster
-// - IMPORTANT! Check if the block lenght of the encrypted data stays the same
namespace OCA\Encryption;
}
// Re-enc keyfile to (additional) sharekeys
- $newShareKeys = Crypt::multiKeyEncrypt( $plainKeyfile, $userPubKeys );
-
- // Save new sharekeys to all necessary user folders
- if ( ! Keymanager::setShareKeys( $this->view, $filePath, $newShareKeys['keys'] ) ) {
+ $multiEncKey = Crypt::multiKeyEncrypt( $plainKeyfile, $userPubKeys );
+
+ // Save the recrypted key to it's owner's keyfiles directory
+ // Save new sharekeys to all necessary user directory
+ if (
+ ! Keymanager::setFileKey( $this->view, $filePath, $fileOwner, $multiEncKey['data'] )
+ || ! Keymanager::setShareKeys( $this->view, $filePath, $multiEncKey['keys'] )
+ ) {
trigger_error( "SET Share keys failed" );
projects / nextcloud-server.git / commitdiff