upgrade from old encryption to the new one needs to generate share keys too

diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php
index 0af0845d7c1e611529b5d86401b5dd6a5f71e8d7..a91bd9183f57a4cd2981407c6ff9532e27880097 100644 (file)
--- a/apps/files_encryption/hooks/hooks.php
+++ b/apps/files_encryption/hooks/hooks.php
@@ -97,9 +97,10 @@ class Hooks {
                                );\r
                        \r
                        }\r
-                       \r
+\r
+                       // DISABLED JUST FOR TESTING PURPOSE, ACTIVATE AGAIN!\r
                        // Register successful migration in DB\r
-                       $util->setMigrationStatus( 1 );\r
+                       //$util->setMigrationStatus( 1 );\r
                \r
                }\r
 \r

diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php
index 5267ba81f574144e5accd3b233422b17c03ffe6e..74f8a1ffa3bb54745c8cf7abd96bccf9a2422c16 100755 (executable)
--- a/apps/files_encryption/lib/crypt.php
+++ b/apps/files_encryption/lib/crypt.php
@@ -479,15 +479,33 @@ class Crypt {
          * keys: data, key\r
          * @note this method is a wrapper for combining other crypt class methods\r
          */\r
-       public static function keyEncryptKeyfile( $plainContent, $publicKey ) {\r
-               \r
+       public static function keyEncryptKeyfile( $plainContent, $publicKey, $path ) {\r
+\r
+               $user = \OCP\User::getUser();\r
+               $view = new \OC_FilesystemView('/');\r
+               $util = new Util($view, $user);\r
+\r
                // Encrypt plain data, generate keyfile & encrypted file\r
                $cryptedData = self::symmetricEncryptFileContentKeyfile( $plainContent );\r
                \r
                // Encrypt keyfile\r
-               $cryptedKey = self::keyEncrypt( $cryptedData['key'], $publicKey );\r
-               \r
-               return array( 'data' => $cryptedData['encrypted'], 'key' => $cryptedKey );\r
+\r
+               $sharingEnabled = \OCP\Share::isEnabled();\r
+\r
+               // if file exists try to get sharing users\r
+               if($view->file_exists($path)) {\r
+                       $uniqueUserIds = $util->getSharingUsersArray( $sharingEnabled, $path, $user );\r
+               } else {\r
+                       $uniqueUserIds[] = $user;\r
+               }\r
+\r
+               // Fetch public keys for all users who will share the file\r
+               $publicKeys = Keymanager::getPublicKeys( $view, $uniqueUserIds );\r
+\r
+               // Encrypt plain keyfile to multiple sharefiles\r
+               $multiEncrypted = Crypt::multiKeyEncrypt( $cryptedData['key'], $publicKeys );\r
+\r
+               return array( 'data' => $cryptedData['encrypted'], 'filekey' => $multiEncrypted['data'], 'sharekeys' => $multiEncrypted['keys'] );\r
                \r
        }\r
        \r
@@ -725,11 +743,11 @@ class Crypt {
                \r
        }\r
        \r
-       public static function legacyKeyRecryptKeyfile( $legacyEncryptedContent, $legacyPassphrase, $publicKey, $newPassphrase ) {\r
+       public static function legacyKeyRecryptKeyfile( $legacyEncryptedContent, $legacyPassphrase, $publicKey, $newPassphrase, $path ) {\r
        \r
                $decrypted = self::legacyDecrypt( $legacyEncryptedContent, $legacyPassphrase );\r
        \r
-               $recrypted = self::keyEncryptKeyfile( $decrypted, $publicKey );\r
+               $recrypted = self::keyEncryptKeyfile( $decrypted, $publicKey, $path );\r
                \r
                return $recrypted;\r
        \r

diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php
index fab807b0141aa22b5feb4dcff142d29bdfdc7bd3..5a6583465e0ba5f774a4013f99ee30bd2a85bc9e 100644 (file)
--- a/apps/files_encryption/lib/util.php
+++ b/apps/files_encryption/lib/util.php
@@ -714,16 +714,19 @@ class Util {
                                
                                        // Fetch data from file
                                        $legacyData = $this->view->file_get_contents( $legacyFile['path'] );
-                               
+
                                        // Recrypt data, generate catfile
-                                       $recrypted = Crypt::legacyKeyRecryptKeyfile( $legacyData, $legacyPassphrase, $publicKey, $newPassphrase );
+                                       $recrypted = Crypt::legacyKeyRecryptKeyfile( $legacyData, $legacyPassphrase, $publicKey, $newPassphrase, $legacyFile['path'] );
                                        
-                                       $relPath = $legacyFile['path'];
-                                       $rawPath = $this->userId . '/files/' .  $plainFile['path'];
+                                       $rawPath = $legacyFile['path'];
+                                       $relPath = $this->stripUserFilesPath($rawPath);
                                        
                                        // Save keyfile
-                                       Keymanager::setFileKey( $this->view, $relPath, $this->userId, $recrypted['key'] );
-                                       
+                                       Keymanager::setFileKey( $this->view, $relPath, $this->userId, $recrypted['filekey'] );
+
+                                       // Save sharekeys to user folders
+                                       Keymanager::setShareKeys( $this->view, $relPath, $recrypted['sharekeys'] );
+
                                        // Overwrite the existing file with the encrypted one
                                        $this->view->file_put_contents( $rawPath, $recrypted['data'] );