// Disable recoveryAdmin
} elseif (
isset($_POST['adminEnableRecovery'])
- && 0 == $_POST['adminEnableRecovery']
+ && 0 === $_POST['adminEnableRecovery']
) {
$return = \OCA\Encryption\Helper::adminDisableRecovery($_POST['recoveryPassword']);
$action = "disable";
// Only attempt to change passphrase if server-side encryption\r
// is in use (client-side encryption does not have access to \r
// the necessary keys)\r
- if (Crypt::mode() == 'server') {\r
+ if (Crypt::mode() === 'server') {\r
\r
- if ($params['uid'] == \OCP\User::getUser()) {\r
+ if ($params['uid'] === \OCP\User::getUser()) {\r
\r
$view = new \OC_FilesystemView('/');\r
\r
\r
$share = $util->getParentFromShare($params['id']);\r
//if parent is set, then this is a re-share action\r
- if ($share['parent'] != null) {\r
+ if ($share['parent'] !== null) {\r
\r
// get the parent from current share\r
$parent = $util->getShareParent($params['parent']);\r
}\r
\r
// for group shares get a list of the group members\r
- if ($params['shareType'] == \OCP\Share::SHARE_TYPE_GROUP) {\r
+ if ($params['shareType'] === \OCP\Share::SHARE_TYPE_GROUP) {\r
$userIds = \OC_Group::usersInGroup($params['shareWith']);\r
} else {\r
- if ($params['shareType'] == \OCP\Share::SHARE_TYPE_LINK) {\r
+ if ($params['shareType'] === \OCP\Share::SHARE_TYPE_LINK) {\r
$userIds = array($util->getPublicShareKeyId());\r
} else {\r
$userIds = array($params['shareWith']);\r
*/\r
public static function removePadding($padded) {\r
\r
- if (substr($padded, -2) == 'xx') {\r
+ if (substr($padded, -2) === 'xx') {\r
\r
$data = substr($padded, 0, -2);\r
\r
// Fetch identifier from start of metadata\r
$identifier = substr($meta, 0, 6);\r
\r
- if ($identifier == '00iv00') {\r
+ if ($identifier === '00iv00') {\r
\r
return true;\r
\r
$metadata = \OC\Files\Filesystem::getFileInfo($path);\r
\r
// Return encryption status\r
- return isset($metadata['encrypted']) and ( bool )$metadata['encrypted'];\r
+ return isset($metadata['encrypted']) && ( bool )$metadata['encrypted'];\r
\r
}\r
\r
// If a file is flagged with encryption in DB, but isn't a \r
// valid content + IV combination, it's probably using the \r
// legacy encryption system\r
- if (\r
- isset($metadata['encrypted'])\r
- and $metadata['encrypted'] === true\r
- and !self::isCatfileContent($data)\r
+ if (isset($metadata['encrypted'])\r
+ && $metadata['encrypted'] === true\r
+ && !self::isCatfileContent($data)\r
) {\r
\r
return true;\r
$encrypted = substr($catFile, 0, -22);\r
\r
$split = array(\r
- 'encrypted' => $encrypted\r
- ,\r
+ 'encrypted' => $encrypted,\r
'iv' => $iv\r
);\r
\r
\r
/**\r
* @brief Asymetrically encrypt a string using a public key\r
+ * @param $plainContent\r
+ * @param $publicKey\r
* @return string encrypted file\r
*/\r
public static function keyEncrypt($plainContent, $publicKey) {\r
\r
/**\r
* @brief Asymetrically decrypt a file using a private key\r
+ * @param $encryptedContent\r
+ * @param $privatekey\r
* @return string decrypted file\r
*/\r
public static function keyDecrypt($encryptedContent, $privatekey) {\r
/**\r
* @brief Get the blowfish encryption handeler for a key\r
* @param $key string (optional)\r
- * @return Crypt_Blowfish blowfish object\r
+ * @return \Crypt_Blowfish blowfish object\r
*\r
* if the key is left out, the default handeler will be used\r
*/\r
* @brief encrypts content using legacy blowfish system\r
* @param string $content the cleartext message you want to encrypt\r
* @param string $passphrase\r
- * @return\r
- * @internal param \OCA\Encryption\the $key encryption key (optional)\r
* @returns string encrypted content\r
*\r
* This function encrypts an content\r
* @brief decrypts content using legacy blowfish system\r
* @param string $content the cleartext message you want to decrypt\r
* @param string $passphrase\r
- * @return string\r
- * @internal param \OCA\Encryption\the $key encryption key (optional)\r
* @return string cleartext content\r
*\r
* This function decrypts an content\r
namespace OCA\Encryption;
- /**
- * @brief Class to manage registration of hooks an various helper methods
- */
/**
- * Class Helper
+ * @brief Class to manage registration of hooks an various helper methods
* @package OCA\Encryption
*/
class Helper {
public static function getUserKeys(\OC_FilesystemView $view, $userId) {
return array(
- 'publicKey' => self::getPublicKey($view, $userId)
- ,
+ 'publicKey' => self::getPublicKey($view, $userId),
'privateKey' => self::getPrivateKey($view, $userId)
);
if (is_null(self::$enableEncryption)) {
if (
- \OCP\Config::getAppValue('files_encryption', 'enable_encryption', 'true') == 'true'
- && Crypt::mode() == 'server'
+ \OCP\Config::getAppValue('files_encryption', 'enable_encryption', 'true') === 'true'
+ && Crypt::mode() === 'server'
) {
self::$enableEncryption = true;
// If data is a catfile
if (
- Crypt::mode() == 'server'
+ Crypt::mode() === 'server'
&& Crypt::isCatfileContent($data)
) {
$plainData = Crypt::symmetricDecryptFileContent($data, $plainKeyfile);
} elseif (
- Crypt::mode() == 'server'
+ Crypt::mode() === 'server'
&& isset($_SESSION['legacyenckey'])
&& Crypt::isEncryptedMeta($path)
) {
$path_f = implode('/', array_slice($path_split, 3));
// FIXME: handling for /userId/cache used by webdav for chunking. The cache chunks are NOT encrypted
- if (count($path_split) >= 2 && $path_split[2] == 'cache') {
+ if (isset($path_split) && $path_split[2] === 'cache') {
return $result;
}
// If file is already encrypted, decrypt using crypto protocol
if (
- Crypt::mode() == 'server'
+ Crypt::mode() === 'server'
&& $util->isEncryptedPath($path)
) {
} elseif (
self::shouldEncrypt($path)
- and $meta ['mode'] != 'r'
- and $meta['mode'] != 'rb'
+ and $meta ['mode'] !== 'r'
+ and $meta['mode'] !== 'rb'
) {
$result = fopen('crypt://' . $path_f, $meta['mode']);
}
$path_f = implode('/', array_slice($path_split, 3));
// only if file is on 'files' folder fix file size and sharing
- if (count($path_split) >= 2 && $path_split[2] == 'files' && $util->fixFileSize($path)) {
+ if (isset($path_split) && $path_split[2] === 'files' && $util->fixFileSize($path)) {
// get sharing app state
$sharingEnabled = \OCP\Share::isEnabled();
}
if (\OCP\USER::getUser() === false
- || (isset($_GET['service']) && $_GET['service'] == 'files'
+ || (isset($_GET['service']) && $_GET['service'] === 'files'
&& isset($_GET['t']))
) {
// Disable encryption proxy to prevent recursive calls
\OC_FileProxy::$enabled = false;
if (
- $mode == 'w'
- or $mode == 'w+'
- or $mode == 'wb'
- or $mode == 'wb+'
+ $mode === 'w'
+ or $mode === 'w+'
+ or $mode === 'wb'
+ or $mode === 'wb+'
) {
// We're writing a new file so start write counter with 0 bytes
$this->writeCache = '';
- if ($count != 8192) {
+ if ($count !== 8192) {
// $count will always be 8192 https://bugs.php.net/bug.php?id=21641
// This makes this function a lot simpler, but will break this class if the above 'bug' gets 'fixed'
$this->flush();
if (
- $this->meta['mode'] != 'r'
- and $this->meta['mode'] != 'rb'
+ $this->meta['mode'] !== 'r'
+ and $this->meta['mode'] !== 'rb'
and $this->size > 0
) {
// Disable encryption proxy to prevent recursive calls
// if we are anonymous/public
if ($this->userId === false
- || (isset($_GET['service']) && $_GET['service'] == 'files' && isset($_GET['t']))
+ || (isset($_GET['service']) && $_GET['service'] === 'files' && isset($_GET['t']))
) {
$this->userId = $this->publicShareKeyId;
// we handle them
\OC_FileProxy::$enabled = false;
- if ($found == false) {
+ if ($found === false) {
$found = array(
'plain' => array(),
'encrypted' => array(),
while (false !== ($file = readdir($handle))) {
if (
- $file != "."
- && $file != ".."
+ $file !== "."
+ && $file !== ".."
) {
$filePath = $directory . '/' . $this->view->getRelativePath('/' . $file);
$pathSplit = explode('/', $path);
$pathRelative = implode('/', array_slice($pathSplit, 3));
- if ($pathSplit[2] == 'files' && $this->view->file_exists($path) && $this->isEncryptedPath($path)) {
+ if (isset($pathSplit[2]) && $pathSplit[2] === 'files' && $this->view->file_exists($path) && $this->isEncryptedPath($path)) {
// get the size from filesystem
$fullPath = $this->view->getLocalFile($path);
$trimmed = ltrim($path, '/');
$split = explode('/', $trimmed);
- if ($split[2] == "Shared") {
+ if (isset($split[2]) && $split[2] === 'Shared') {
return true;
// Check that the user is encryption capable, or is the
// public system user 'ownCloud' (for public shares)
if (
- $user == $this->publicShareKeyId
- or $user == $this->recoveryKeyId
+ $user === $this->publicShareKeyId
+ or $user === $this->recoveryKeyId
or $util->ready()
) {
// We need to decrypt the keyfile
// Has the file been shared yet?
if (
- $this->userId == $fileOwner
+ $this->userId === $fileOwner
&& !Keymanager::getShareKey($this->view, $this->userId, $filePath) // NOTE: we can't use isShared() here because it's a post share hook so it always returns true
) {
}
// add current user if given
- if ($currentUserId != false) {
+ if ($currentUserId !== false) {
$userIds[] = $currentUserId;
\OC\Files\Filesystem::initMountPoints($fileOwnerUid);
// If the file owner is the currently logged in user
- if ($fileOwnerUid == $this->userId) {
+ if ($fileOwnerUid === $this->userId) {
// Assume the path supplied is correct
$filename = $path;
$path = $dir . $path;
- if ($c['type'] === "dir") {
+ if ($c['type'] === 'dir') {
$result = array_merge($result, $this->getAllFiles($path));
foreach ($dirContent as $item) {
// get relative path from files_encryption/keyfiles/
$filePath = substr($item['path'], strlen('files_encryption/keyfiles'));
- if ($item['type'] == 'dir') {
+ if ($item['type'] === 'dir') {
$this->addRecoveryKeys($filePath . '/');
} else {
$session = new Session(new \OC_FilesystemView('/'));
foreach ($dirContent as $item) {
// get relative path from files_encryption/keyfiles
$filePath = substr($item['path'], strlen('files_encryption/keyfiles'));
- if ($item['type'] == 'dir') {
+ if ($item['type'] === 'dir') {
$this->removeRecoveryKeys($filePath . '/');
} else {
$file = substr($filePath, 0, -4);
$dirContent = $this->view->getDirectoryContent($this->keyfilesPath . $path);
foreach ($dirContent as $item) {
$filePath = substr($item['path'], 25);
- if ($item['type'] == 'dir') {
+ if ($item['type'] === 'dir') {
$this->recoverAllFiles($filePath . '/', $privateKey);
} else {
$file = substr($filePath, 0, -4);