stream_wrapper_register('crypt', 'OC_CryptStream');
-if(!isset($_SESSION['enckey']) and OCP\User::isLoggedIn()) {//force the user to re-loggin if the encryption key isn't unlocked (happens when a user is logged in before the encryption app is enabled)
+// force the user to re-loggin if the encryption key isn't unlocked
+// (happens when a user is logged in before the encryption app is enabled)
+if ( ! isset($_SESSION['enckey']) and OCP\User::isLoggedIn()) {
OCP\User::logout();
header("Location: ".OC::$WEBROOT.'/');
exit();
}
-OCP\App::registerAdmin('files_encryption', 'settings');
+OCP\App::registerAdmin('files_encryption', 'settings');
\ No newline at end of file
// - Setting if crypto should be on by default
// - Add a setting "Don´t encrypt files larger than xx because of performance reasons"
// - Transparent decrypt/encrypt in filesystem.php. Autodetect if a file is encrypted (.encrypted extension)
-// - Don't use a password directly as encryption key. but a key which is stored on the server and encrypted with the user password. -> password change faster
+// - Don't use a password directly as encryption key, but a key which is stored on the server and encrypted with the
+// user password. -> password change faster
// - IMPORTANT! Check if the block lenght of the encrypted data stays the same
public static function init($login, $password) {
$view=new OC_FilesystemView('/');
- if(!$view->file_exists('/'.$login)) {
+ if ( ! $view->file_exists('/'.$login)) {
$view->mkdir('/'.$login);
}
OC_FileProxy::$enabled=false;
- if(!$view->file_exists('/'.$login.'/encryption.key')) {// does key exist?
+ if ( ! $view->file_exists('/'.$login.'/encryption.key')) {// does key exist?
OC_Crypt::createkey($login, $password);
}
$key=$view->file_get_contents('/'.$login.'/encryption.key');
* if the key is left out, the default handeler will be used
*/
public static function getBlowfish($key='') {
- if($key) {
+ if ($key) {
return new Crypt_Blowfish($key);
- }else{
- if(!isset($_SESSION['enckey'])) {
+ } else {
+ if ( ! isset($_SESSION['enckey'])) {
return false;
}
- if(!self::$bf) {
+ if ( ! self::$bf) {
self::$bf=new Crypt_Blowfish($_SESSION['enckey']);
}
return self::$bf;
}
public static function changekeypasscode($oldPassword, $newPassword) {
- if(OCP\User::isLoggedIn()) {
+ if (OCP\User::isLoggedIn()) {
$username=OCP\USER::getUser();
$view=new OC_FilesystemView('/'.$username);
*/
public static function encryptFile( $source, $target, $key='') {
$handleread = fopen($source, "rb");
- if($handleread!=false) {
+ if ($handleread!=false) {
$handlewrite = fopen($target, "wb");
while (!feof($handleread)) {
$content = fread($handleread, 8192);
*/
public static function decryptFile( $source, $target, $key='') {
$handleread = fopen($source, "rb");
- if($handleread!=false) {
+ if ($handleread!=false) {
$handlewrite = fopen($target, "wb");
while (!feof($handleread)) {
$content = fread($handleread, 8192);
$enccontent=OC_CRYPT::decrypt( $content, $key);
- if(feof($handleread)) {
+ if (feof($handleread)) {
$enccontent=rtrim($enccontent, "\0");
}
fwrite($handlewrite, $enccontent);
*/
public static function blockEncrypt($data, $key='') {
$result='';
- while(strlen($data)) {
+ while (strlen($data)) {
$result.=self::encrypt(substr($data, 0, 8192), $key);
$data=substr($data, 8192);
}
*/
public static function blockDecrypt($data, $key='', $maxLength=0) {
$result='';
- while(strlen($data)) {
+ while (strlen($data)) {
$result.=self::decrypt(substr($data, 0, 8192), $key);
$data=substr($data, 8192);
}
- if($maxLength>0) {
+ if ($maxLength>0) {
return substr($result, 0, $maxLength);
- }else{
+ } else {
return rtrim($result, "\0");
}
}
/**
* transparently encrypted filestream
*
- * you can use it as wrapper around an existing stream by setting OC_CryptStream::$sourceStreams['foo']=array('path'=>$path, 'stream'=>$stream)
- * and then fopen('crypt://streams/foo');
+ * you can use it as wrapper around an existing stream by setting
+ * OC_CryptStream::$sourceStreams['foo']=array('path'=>$path, 'stream'=>$stream)
+ * and then fopen('crypt://streams/foo');
*/
class OC_CryptStream{
private static $rootView;
public function stream_open($path, $mode, $options, &$opened_path) {
- if(!self::$rootView) {
+ if ( ! self::$rootView) {
self::$rootView=new OC_FilesystemView('');
}
$path=str_replace('crypt://', '', $path);
- if(dirname($path)=='streams' and isset(self::$sourceStreams[basename($path)])) {
+ if (dirname($path)=='streams' and isset(self::$sourceStreams[basename($path)])) {
$this->source=self::$sourceStreams[basename($path)]['stream'];
$this->path=self::$sourceStreams[basename($path)]['path'];
$this->size=self::$sourceStreams[basename($path)]['size'];
- }else{
+ } else {
$this->path=$path;
- if($mode=='w' or $mode=='w+' or $mode=='wb' or $mode=='wb+') {
+ if ($mode=='w' or $mode=='w+' or $mode=='wb' or $mode=='wb+') {
$this->size=0;
- }else{
+ } else {
$this->size=self::$rootView->filesize($path, $mode);
}
OC_FileProxy::$enabled=false;//disable fileproxies so we can open the source file
$this->source=self::$rootView->fopen($path, $mode);
OC_FileProxy::$enabled=true;
- if(!is_resource($this->source)) {
+ if ( ! is_resource($this->source)) {
OCP\Util::writeLog('files_encryption', 'failed to open '.$path, OCP\Util::ERROR);
}
}
- if(is_resource($this->source)) {
+ if (is_resource($this->source)) {
$this->meta=stream_get_meta_data($this->source);
}
return is_resource($this->source);
//$count will always be 8192 https://bugs.php.net/bug.php?id=21641
//This makes this function a lot simpler but will breake everything the moment it's fixed
$this->writeCache='';
- if($count!=8192) {
- OCP\Util::writeLog('files_encryption', 'php bug 21641 no longer holds, decryption will not work', OCP\Util::FATAL);
+ if ($count!=8192) {
+ OCP\Util::writeLog('files_encryption',
+ 'php bug 21641 no longer holds, decryption will not work',
+ OCP\Util::FATAL);
die();
}
$pos=ftell($this->source);
$data=fread($this->source, 8192);
- if(strlen($data)) {
+ if (strlen($data)) {
$result=OC_Crypt::decrypt($data);
- }else{
+ } else {
$result='';
}
$length=$this->size-$pos;
- if($length<8192) {
+ if ($length<8192) {
$result=substr($result, 0, $length);
}
return $result;
public function stream_write($data) {
$length=strlen($data);
$currentPos=ftell($this->source);
- if($this->writeCache) {
+ if ($this->writeCache) {
$data=$this->writeCache.$data;
$this->writeCache='';
}
- if($currentPos%8192!=0) {
+ if ($currentPos%8192!=0) {
//make sure we always start on a block start
fseek($this->source, -($currentPos%8192), SEEK_CUR);
$encryptedBlock=fread($this->source, 8192);
fseek($this->source, -($currentPos%8192), SEEK_CUR);
}
$currentPos=ftell($this->source);
- while($remainingLength=strlen($data)>0) {
- if($remainingLength<8192) {
+ while ($remainingLength=strlen($data)>0) {
+ if ($remainingLength<8192) {
$this->writeCache=$data;
$data='';
- }else{
+ } else {
$encrypted=OC_Crypt::encrypt(substr($data, 0, 8192));
fwrite($this->source, $encrypted);
$data=substr($data, 8192);
}
private function flush() {
- if($this->writeCache) {
+ if ($this->writeCache) {
$encrypted=OC_Crypt::encrypt($this->writeCache);
fwrite($this->source, $encrypted);
$this->writeCache='';
public function stream_close() {
$this->flush();
- if($this->meta['mode']!='r' and $this->meta['mode']!='rb') {
+ if ($this->meta['mode']!='r' and $this->meta['mode']!='rb') {
OC_FileCache::put($this->path, array('encrypted'=>true, 'size'=>$this->size), '');
}
return fclose($this->source);
* @return bool
*/
private static function shouldEncrypt($path) {
- if(is_null(self::$enableEncryption)) {
+ if (is_null(self::$enableEncryption)) {
self::$enableEncryption=(OCP\Config::getAppValue('files_encryption', 'enable_encryption', 'true')=='true');
}
- if(!self::$enableEncryption) {
+ if ( ! self::$enableEncryption) {
return false;
}
- if(is_null(self::$blackList)) {
- self::$blackList=explode(',', OCP\Config::getAppValue('files_encryption', 'type_blacklist', 'jpg,png,jpeg,avi,mpg,mpeg,mkv,mp3,oga,ogv,ogg'));
+ if (is_null(self::$blackList)) {
+ self::$blackList=explode(',', OCP\Config::getAppValue('files_encryption',
+ 'type_blacklist',
+ 'jpg,png,jpeg,avi,mpg,mpeg,mkv,mp3,oga,ogv,ogg'));
}
- if(self::isEncrypted($path)) {
+ if (self::isEncrypted($path)) {
return true;
}
$extension=substr($path, strrpos($path, '.')+1);
- if(array_search($extension, self::$blackList)===false) {
+ if (array_search($extension, self::$blackList)===false) {
return true;
}
}
}
public function preFile_put_contents($path,&$data) {
- if(self::shouldEncrypt($path)) {
- if (!is_resource($data)) {//stream put contents should have been converter to fopen
+ if (self::shouldEncrypt($path)) {
+ if ( ! is_resource($data)) {//stream put contents should have been converter to fopen
$size=strlen($data);
$data=OC_Crypt::blockEncrypt($data);
OC_FileCache::put($path, array('encrypted'=>true,'size'=>$size), '');
}
public function postFile_get_contents($path, $data) {
- if(self::isEncrypted($path)) {
+ if (self::isEncrypted($path)) {
$cached=OC_FileCache_Cached::get($path, '');
$data=OC_Crypt::blockDecrypt($data, '', $cached['size']);
}
}
public function postFopen($path,&$result) {
- if(!$result) {
+ if ( ! $result) {
return $result;
}
$meta=stream_get_meta_data($result);
- if(self::isEncrypted($path)) {
+ if (self::isEncrypted($path)) {
fclose($result);
$result=fopen('crypt://'.$path, $meta['mode']);
- }elseif(self::shouldEncrypt($path) and $meta['mode']!='r' and $meta['mode']!='rb') {
- if(OC_Filesystem::file_exists($path) and OC_Filesystem::filesize($path)>0) {
+ } elseif (self::shouldEncrypt($path) and $meta['mode']!='r' and $meta['mode']!='rb') {
+ if (OC_Filesystem::file_exists($path) and OC_Filesystem::filesize($path)>0) {
//first encrypt the target file so we don't end up with a half encrypted file
OCP\Util::writeLog('files_encryption', 'Decrypting '.$path.' before writing', OCP\Util::DEBUG);
$tmp=fopen('php://temp');
}
public function postGetMimeType($path, $mime) {
- if(self::isEncrypted($path)) {
+ if (self::isEncrypted($path)) {
$mime=OCP\Files::getMimeType('crypt://'.$path, 'w');
}
return $mime;
}
public function postStat($path, $data) {
- if(self::isEncrypted($path)) {
+ if (self::isEncrypted($path)) {
$cached=OC_FileCache_Cached::get($path, '');
$data['size']=$cached['size'];
}
}
public function postFileSize($path, $size) {
- if(self::isEncrypted($path)) {
+ if (self::isEncrypted($path)) {
$cached=OC_FileCache_Cached::get($path, '');
return $cached['size'];
- }else{
+ } else {
return $size;
}
}
*/
$tmpl = new OCP\Template( 'files_encryption', 'settings');
-$blackList=explode(',', OCP\Config::getAppValue('files_encryption', 'type_blacklist', 'jpg,png,jpeg,avi,mpg,mpeg,mkv,mp3,oga,ogv,ogg'));
+$blackList=explode(',', OCP\Config::getAppValue('files_encryption',
+ 'type_blacklist',
+ 'jpg,png,jpeg,avi,mpg,mpeg,mkv,mp3,oga,ogv,ogg'));
$enabled=(OCP\Config::getAppValue('files_encryption', 'enable_encryption', 'true')=='true');
$tmpl->assign('blacklist', $blackList);
$tmpl->assign('encryption_enabled', $enabled);
OCP\Util::addscript('files_encryption', 'settings');
OCP\Util::addscript('core', 'multiselect');
-return $tmpl->fetchPage();
+return $tmpl->fetchPage();
\ No newline at end of file
<form id="calendar">
<fieldset class="personalblock">
<strong><?php echo $l->t('Encryption'); ?></strong>
- <?php echo $l->t("Exclude the following file types from encryption"); ?>
+ <?php echo $l->t('Exclude the following file types from encryption'); ?>
<select id='encryption_blacklist' title="<?php echo $l->t('None')?>" multiple="multiple">
- <?php foreach($_["blacklist"] as $type): ?>
+ <?php foreach ($_['blacklist'] as $type): ?>
<option selected="selected" value="<?php echo $type;?>"><?php echo $type;?></option>
<?php endforeach;?>
</select>
- <input type='checkbox' id='enable_encryption' <?php if($_['encryption_enabled']) {echo 'checked="checked"';} ?>></input><label for='enable_encryption'><?php echo $l->t('Enable Encryption')?></label>
+ <input type='checkbox'<?php if ($_['encryption_enabled']): ?> checked="checked"<?php endif; ?>
+ id='enable_encryption' ></input>
+ <label for='enable_encryption'><?php echo $l->t('Enable Encryption')?></label>
</fieldset>
</form>
public function tearDown() {
OCP\Config::setAppValue('files_encryption', 'enable_encryption', $this->oldConfig);
- if(!is_null($this->oldKey)) {
+ if ( ! is_null($this->oldKey)) {
$_SESSION['enckey']=$this->oldKey;
}
}
* @return resource
*/
function getStream($id, $mode, $size) {
- if($id==='') {
+ if ($id==='') {
$id=uniqid();
}
- if(!isset($this->tmpFiles[$id])) {
+ if ( ! isset($this->tmpFiles[$id])) {
$file=OCP\Files::tmpFile();
$this->tmpFiles[$id]=$file;
- }else{
+ } else {
$file=$this->tmpFiles[$id];
}
$stream=fopen($file, $mode);
projects / nextcloud-server.git / commitdiff