* @brief Startup encryption backend upon user login\r
* @note This method should never be called for users using client side encryption\r
*/\r
- public static function login( $params ) {\r
- \r
+ public static function login($params) {\r
+\r
// Manually initialise Filesystem{} singleton with correct \r
// fake root path, in order to avoid fatal webdav errors\r
- // NOTE: disabled because this give errors on webdav!\r
+ // NOTE: disabled because this give errors on webdav!\r
//\OC\Files\Filesystem::init( $params['uid'], '/' . 'files' . '/' );\r
- \r
- $view = new \OC_FilesystemView( '/' );\r
\r
- $util = new Util( $view, $params['uid'] );\r
+ $view = new \OC_FilesystemView('/');\r
+\r
+ $util = new Util($view, $params['uid']);\r
+\r
+ // setup user, if user not ready force relogin\r
+ if (Helper::setupUser($util, $params['password']) === false) {\r
+ return false;\r
+ }\r
+\r
+ $encryptedKey = Keymanager::getPrivateKey($view, $params['uid']);\r
\r
- // setup user, if user not ready force relogin\r
- if(Helper::setupUser($util, $params['password']) === false) {\r
- return false;\r
- }\r
+ $privateKey = Crypt::symmetricDecryptFileContent($encryptedKey, $params['password']);\r
\r
- $session = new Session($view);\r
- $encryptedKey = Keymanager::getPrivateKey( $view, $params['uid'] );\r
- \r
- $privateKey = Crypt::symmetricDecryptFileContent( $encryptedKey, $params['password'] );\r
++ $session = new \OCA\Encryption\Session($view);\r
+\r
+ $session->setPrivateKey($privateKey, $params['uid']);\r
\r
- $session = new \OCA\Encryption\Session( $view );\r
- \r
- $session->setPrivateKey( $privateKey, $params['uid'] );\r
- \r
// Check if first-run file migration has already been performed\r
$migrationCompleted = $util->getMigrationStatus();\r
- \r
+\r
// If migration not yet done\r
- if ( ! $migrationCompleted ) {\r
- \r
- $userView = new \OC_FilesystemView( '/' . $params['uid'] );\r
- \r
+ if (!$migrationCompleted) {\r
+\r
+ $userView = new \OC_FilesystemView('/' . $params['uid']);\r
+\r
// Set legacy encryption key if it exists, to support \r
// depreciated encryption system\r
if (\r
- $userView->file_exists( 'encryption.key' )\r
- && $encLegacyKey = $userView->file_get_contents( 'encryption.key' )\r
+ $userView->file_exists('encryption.key')\r
+ && $encLegacyKey = $userView->file_get_contents('encryption.key')\r
) {\r
- \r
- $plainLegacyKey = Crypt::legacyBlockDecrypt( $encLegacyKey, $params['password'] );\r
- \r
- $session->setLegacyKey( $plainLegacyKey );\r
-- \r
++\r
+ $plainLegacyKey = Crypt::legacyBlockDecrypt($encLegacyKey, $params['password']);\r
- \r
++\r
+ $session->setLegacyKey($plainLegacyKey);\r
- \r
++\r
}\r
-- \r
++\r
// Encrypt existing user files:\r
// This serves to upgrade old versions of the encryption\r
// app (see appinfo/spec.txt)\r
\r
}\r
}\r
- \r
+\r
/**\r
- * @brief after a file is renamed, rename its keyfile and share-keys also fix the file size and fix also the sharing\r
- * @param array with oldpath and newpath\r
- *\r
- * This function is connected to the rename signal of OC_Filesystem and adjust the name and location\r
- * of the stored versions along the actual file\r
- */\r
- public static function postRename($params) {\r
- // Disable encryption proxy to prevent recursive calls\r
- $proxyStatus = \OC_FileProxy::$enabled;\r
- \OC_FileProxy::$enabled = false;\r
-\r
- $view = new \OC_FilesystemView('/');\r
- $session = new \OCA\Encryption\Session($view);\r
- $userId = \OCP\User::getUser();\r
- $util = new Util( $view, $userId );\r
-\r
- // Format paths to be relative to user files dir\r
- $oldKeyfilePath = \OC\Files\Filesystem::normalizePath($userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $params['oldpath']);\r
- $newKeyfilePath = \OC\Files\Filesystem::normalizePath($userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $params['newpath']);\r
-\r
- // add key ext if this is not an folder\r
- if (!$view->is_dir($oldKeyfilePath)) {\r
- $oldKeyfilePath .= '.key';\r
- $newKeyfilePath .= '.key';\r
-\r
- // handle share-keys\r
- $localKeyPath = $view->getLocalFile($userId.'/files_encryption/share-keys/'.$params['oldpath']);\r
- $matches = glob(preg_quote($localKeyPath).'*.shareKey');\r
- foreach ($matches as $src) {\r
- $dst = \OC\Files\Filesystem::normalizePath(str_replace($params['oldpath'], $params['newpath'], $src));\r
-\r
- // create destination folder if not exists\r
- if(!file_exists(dirname($dst))) {\r
- mkdir(dirname($dst), 0750, true);\r
- }\r
-\r
- rename($src, $dst);\r
- }\r
-\r
- } else {\r
- // handle share-keys folders\r
- $oldShareKeyfilePath = \OC\Files\Filesystem::normalizePath($userId . '/' . 'files_encryption' . '/' . 'share-keys' . '/' . $params['oldpath']);\r
- $newShareKeyfilePath = \OC\Files\Filesystem::normalizePath($userId . '/' . 'files_encryption' . '/' . 'share-keys' . '/' . $params['newpath']);\r
-\r
- // create destination folder if not exists\r
- if(!$view->file_exists(dirname($newShareKeyfilePath))) {\r
- $view->mkdir(dirname($newShareKeyfilePath), 0750, true);\r
- }\r
-\r
- $view->rename($oldShareKeyfilePath, $newShareKeyfilePath);\r
- }\r
-\r
- // Rename keyfile so it isn't orphaned\r
- if($view->file_exists($oldKeyfilePath)) {\r
-\r
- // create destination folder if not exists\r
- if(!$view->file_exists(dirname($newKeyfilePath))) {\r
- $view->mkdir(dirname($newKeyfilePath), 0750, true);\r
- }\r
-\r
- $view->rename($oldKeyfilePath, $newKeyfilePath);\r
- }\r
-\r
- // build the path to the file\r
- $newPath = '/' . $userId . '/files' .$params['newpath'];\r
- $newPathRelative = $params['newpath'];\r
-\r
- if($util->fixFileSize($newPath)) {\r
- // get sharing app state\r
- $sharingEnabled = \OCP\Share::isEnabled();\r
-\r
- // get users\r
- $usersSharing = $util->getSharingUsersArray($sharingEnabled, $newPathRelative);\r
-\r
- // update sharing-keys\r
- $util->setSharedFileKeyfiles($session, $usersSharing, $newPathRelative);\r
- }\r
-\r
- \OC_FileProxy::$enabled = $proxyStatus;\r
- }\r
+ * @brief after a file is renamed, rename its keyfile and share-keys also fix the file size and fix also the sharing\r
+ * @param array with oldpath and newpath\r
+ *\r
+ * This function is connected to the rename signal of OC_Filesystem and adjust the name and location\r
+ * of the stored versions along the actual file\r
+ */\r
+ public static function postRename($params) {\r
+ // Disable encryption proxy to prevent recursive calls\r
+ $proxyStatus = \OC_FileProxy::$enabled;\r
+ \OC_FileProxy::$enabled = false;\r
+\r
+ $view = new \OC_FilesystemView('/');\r
- $session = new Session($view);\r
++ $session = new \OCA\Encryption\Session($view);\r
+ $userId = \OCP\User::getUser();\r
+ $util = new Util($view, $userId);\r
+\r
+ // Format paths to be relative to user files dir\r
+ $oldKeyfilePath = \OC\Files\Filesystem::normalizePath(\r
+ $userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $params['oldpath']);\r
+ $newKeyfilePath = \OC\Files\Filesystem::normalizePath(\r
+ $userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $params['newpath']);\r
+\r
+ // add key ext if this is not an folder\r
+ if (!$view->is_dir($oldKeyfilePath)) {\r
+ $oldKeyfilePath .= '.key';\r
+ $newKeyfilePath .= '.key';\r
+\r
+ // handle share-keys\r
+ $localKeyPath = $view->getLocalFile($userId . '/files_encryption/share-keys/' . $params['oldpath']);\r
+ $matches = glob(preg_quote($localKeyPath) . '*.shareKey');\r
+ foreach ($matches as $src) {\r
+ $dst = \OC\Files\Filesystem::normalizePath(str_replace($params['oldpath'], $params['newpath'], $src));\r
+\r
+ // create destination folder if not exists\r
+ if (!file_exists(dirname($dst))) {\r
+ mkdir(dirname($dst), 0750, true);\r
+ }\r
+\r
+ rename($src, $dst);\r
+ }\r
+\r
+ } else {\r
+ // handle share-keys folders\r
+ $oldShareKeyfilePath = \OC\Files\Filesystem::normalizePath(\r
+ $userId . '/' . 'files_encryption' . '/' . 'share-keys' . '/' . $params['oldpath']);\r
+ $newShareKeyfilePath = \OC\Files\Filesystem::normalizePath(\r
+ $userId . '/' . 'files_encryption' . '/' . 'share-keys' . '/' . $params['newpath']);\r
+\r
+ // create destination folder if not exists\r
+ if (!$view->file_exists(dirname($newShareKeyfilePath))) {\r
+ $view->mkdir(dirname($newShareKeyfilePath), 0750, true);\r
+ }\r
+\r
+ $view->rename($oldShareKeyfilePath, $newShareKeyfilePath);\r
+ }\r
+\r
+ // Rename keyfile so it isn't orphaned\r
+ if ($view->file_exists($oldKeyfilePath)) {\r
+\r
+ // create destination folder if not exists\r
+ if (!$view->file_exists(dirname($newKeyfilePath))) {\r
+ $view->mkdir(dirname($newKeyfilePath), 0750, true);\r
+ }\r
+\r
+ $view->rename($oldKeyfilePath, $newKeyfilePath);\r
+ }\r
+\r
+ // build the path to the file\r
+ $newPath = '/' . $userId . '/files' . $params['newpath'];\r
+ $newPathRelative = $params['newpath'];\r
+\r
+ if ($util->fixFileSize($newPath)) {\r
+ // get sharing app state\r
+ $sharingEnabled = \OCP\Share::isEnabled();\r
+\r
+ // get users\r
+ $usersSharing = $util->getSharingUsersArray($sharingEnabled, $newPathRelative);\r
+\r
+ // update sharing-keys\r
+ $util->setSharedFileKeyfiles($session, $usersSharing, $newPathRelative);\r
+ }\r
+\r
+ \OC_FileProxy::$enabled = $proxyStatus;\r
+ }\r
}\r
* @param $data
* @return bool
*/
- public function preFile_put_contents( $path, &$data ) {
+ public function preFile_put_contents($path, &$data) {
- if ( self::shouldEncrypt( $path ) ) {
+ if (self::shouldEncrypt($path)) {
// Stream put contents should have been converted to fopen
- if ( !is_resource( $data ) ) {
+ if (!is_resource($data)) {
$userId = \OCP\USER::getUser();
- $view = new \OC_FilesystemView( '/' );
- $util = new Util( $view, $userId );
- $session = new \OCA\Encryption\Session( $view );
+ $view = new \OC_FilesystemView('/');
+ $util = new Util($view, $userId);
- $session = new Session($view);
++ $session = new \OCA\Encryption\Session($view);
$privateKey = $session->getPrivateKey();
- $filePath = $util->stripUserFilesPath( $path );
+ $filePath = $util->stripUserFilesPath($path);
// Set the filesize for userland, before encrypting
- $size = strlen( $data );
+ $size = strlen($data);
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// init session
- $session = new Session($view);
- $session = new \OCA\Encryption\Session( $view );
++ $session = new \OCA\Encryption\Session($view);
// If data is a catfile
if (
- Crypt::mode() == 'server'
- && Crypt::isCatfileContent( $data )
+ Crypt::mode() === 'server'
+ && Crypt::isCatfileContent($data)
) {
- $privateKey = $session->getPrivateKey( $userId );
+ $privateKey = $session->getPrivateKey($userId);
// Get the encrypted keyfile
- $encKeyfile = Keymanager::getFileKey( $view, $userId, $relPath );
+ $encKeyfile = Keymanager::getFileKey($view, $userId, $relPath);
// Attempt to fetch the user's shareKey
- $shareKey = Keymanager::getShareKey( $view, $userId, $relPath );
+ $shareKey = Keymanager::getShareKey($view, $userId, $relPath);
// Decrypt keyfile with shareKey
- $plainKeyfile = Crypt::multiKeyDecrypt( $encKeyfile, $shareKey, $privateKey );
+ $plainKeyfile = Crypt::multiKeyDecrypt($encKeyfile, $shareKey, $privateKey);
- $plainData = Crypt::symmetricDecryptFileContent( $data, $plainKeyfile );
+ $plainData = Crypt::symmetricDecryptFileContent($data, $plainKeyfile);
} elseif (
- Crypt::mode() === 'server'
- && isset($_SESSION['legacyenckey'])
+ Crypt::mode() == 'server'
- &&\OC::$session->exists('legacyenckey')
- && Crypt::isEncryptedMeta( $path )
++ && \OC::$session->exists('legacyenckey')
+ && Crypt::isEncryptedMeta($path)
) {
- $plainData = Crypt::legacyBlockDecrypt( $data, $session->getLegacyKey() );
+ $plainData = Crypt::legacyBlockDecrypt($data, $session->getLegacyKey());
}
\OC_FileProxy::$enabled = $proxyStatus;
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
- $view = new \OC_FilesystemView( '/' );
- $session = new \OCA\Encryption\Session( $view );
+ $view = new \OC_FilesystemView('/');
- $session = new Session($view);
++ $session = new \OCA\Encryption\Session($view);
$userId = \OCP\User::getUser();
- $util = new Util( $view, $userId );
+ $util = new Util($view, $userId);
// Reformat path for use with OC_FSV
- $path_split = explode( '/', $path );
- $path_f = implode( '/', array_slice( $path_split, 3 ) );
+ $path_split = explode('/', $path);
+ $path_f = implode('/', array_slice($path_split, 3));
// only if file is on 'files' folder fix file size and sharing
- if ( count($path_split) >= 2 && $path_split[2] == 'files' && $util->fixFileSize( $path ) ) {
+ if (isset($path_split) && $path_split[2] === 'files' && $util->fixFileSize($path)) {
// get sharing app state
$sharingEnabled = \OCP\Share::isEnabled();
projects / nextcloud-server.git / commitdiff