OC::$CLASSPATH['OCA\Encryption\Capabilities'] = 'files_encryption/lib/capabilities.php';
OC::$CLASSPATH['OCA\Encryption\Helper'] = 'files_encryption/lib/helper.php';
+// Exceptions
+OC::$CLASSPATH['OCA\Encryption\Exceptions\MultiKeyEncryptException'] = 'files_encryption/lib/exceptions.php';
+OC::$CLASSPATH['OCA\Encryption\Exceptions\MultiKeyDecryptException'] = 'files_encryption/lib/exceptions.php';
+
\OCP\Util::addscript('files_encryption', 'encryption');
\OCP\Util::addscript('files_encryption', 'detect-migration');
* @param string $plainContent content to be encrypted\r
* @param array $publicKeys array keys must be the userId of corresponding user\r
* @return array keys: keys (array, key = userId), data\r
+ * @throws \OCA\Encryption\Exceptions\\MultiKeyEncryptException if encryption failed\r
* @note symmetricDecryptFileContent() can decrypt files created using this method\r
*/\r
public static function multiKeyEncrypt($plainContent, array $publicKeys) {\r
// openssl_seal returns false without errors if $plainContent\r
// is empty, so trigger our own error\r
if (empty($plainContent)) {\r
-\r
- throw new \Exception('Cannot mutliKeyEncrypt empty plain content');\r
-\r
+ throw new Exceptions\MultiKeyEncryptException('Cannot mutliKeyEncrypt empty plain content', 10);\r
}\r
\r
// Set empty vars to be set by openssl by reference\r
);\r
\r
} else {\r
-\r
- return false;\r
-\r
+ throw new Exceptions\MultiKeyEncryptException('multi key encryption failed: ' . openssl_error_string(), 20);\r
}\r
\r
}\r
* @param string $encryptedContent\r
* @param string $shareKey\r
* @param mixed $privateKey\r
- * @return false|string\r
- * @internal param string $plainContent content to be encrypted\r
+ * @throws \OCA\Encryption\Exceptions\\MultiKeyDecryptException if decryption failed\r
+ * @internal param string $plainContent contains decrypted content\r
* @return string $plainContent decrypted string\r
* @note symmetricDecryptFileContent() can be used to decrypt files created using this method\r
*\r
public static function multiKeyDecrypt($encryptedContent, $shareKey, $privateKey) {\r
\r
if (!$encryptedContent) {\r
-\r
- return false;\r
-\r
+ throw new Exceptions\MultiKeyDecryptException('Cannot mutliKeyDecrypt empty plain content', 10);\r
}\r
\r
if (openssl_open($encryptedContent, $plainContent, $shareKey, $privateKey)) {\r
return $plainContent;\r
\r
} else {\r
-\r
- \OCP\Util::writeLog('Encryption library', 'Decryption (asymmetric) of sealed content with share-key "'.$shareKey.'" failed', \OCP\Util::ERROR);\r
-\r
- return false;\r
-\r
+ throw new Exceptions\MultiKeyDecryptException('multiKeyDecrypt with share-key' . $shareKey . 'failed: ' . openssl_error_string(), 20);\r
}\r
\r
}\r
--- /dev/null
+<?php
+/**
+ * ownCloud
+ *
+ * @author Bjoern Schiessle
+ * @copyright 2014 Bjoern Schiessle <schiessle@owncloud.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\Encryption\Exceptions;
+
+class EncryptionException extends \Exception {
+}
+
+/**
+ * Throw this exception if multi key encrytion fails
+ *
+ * Possible error codes:
+ * 10 - empty plain content was given
+ * 20 - openssl_seal failed
+ */
+class MultiKeyEncryptException extends EncryptionException {
+}
+
+/**
+ * Throw this encryption if multi key decryption failed
+ *
+ * Possible error codes:
+ * 10 - empty encrypted content was given
+ * 20 - openssl_open failed
+ */
+class MultiKeyDecryptException extends EncryptionException {
+}
// Get the current users's private key for decrypting existing keyfile
$privateKey = $session->getPrivateKey();
- $fileOwner = \OC\Files\Filesystem::getOwner($filePath);
-
- // Decrypt keyfile
- $plainKeyfile = $this->decryptKeyfile($filePath, $privateKey);
-
- // Re-enc keyfile to (additional) sharekeys
- $multiEncKey = Crypt::multiKeyEncrypt($plainKeyfile, $userPubKeys);
+ try {
+ // Decrypt keyfile
+ $plainKeyfile = $this->decryptKeyfile($filePath, $privateKey);
+ // Re-enc keyfile to (additional) sharekeys
+ $multiEncKey = Crypt::multiKeyEncrypt($plainKeyfile, $userPubKeys);
+ } catch (Exceptions\EncryptionException $e) {
+ $msg = 'set shareFileKeyFailed (code: ' . $e->getCode() . '): ' . $e->getMessage();
+ \OCP\Util::writeLog('files_encryption', $msg, \OCP\Util::FATAL);
+ return false;
+ } catch (\Exception $e) {
+ $msg = 'set shareFileKeyFailed (unknown error): ' . $e->getMessage();
+ \OCP\Util::writeLog('files_encryption', $msg, \OCP\Util::FATAL);
+ return false;
+ }
// Save the recrypted key to it's owner's keyfiles directory
// Save new sharekeys to all necessary user directory
if (
- !Keymanager::setFileKey($this->view, $this, $filePath, $multiEncKey['data'])
- || !Keymanager::setShareKeys($this->view, $this, $filePath, $multiEncKey['keys'])
+ !Keymanager::setFileKey($this->view, $this, $filePath, $multiEncKey['data'])
+ || !Keymanager::setShareKeys($this->view, $this, $filePath, $multiEncKey['keys'])
) {
\OCP\Util::writeLog('Encryption library',