From 24c6604388c0c3a32517e1aa18ebd851e1f7a6a1 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Fri, 27 Mar 2015 18:10:32 +0100 Subject: [PATCH] add public link share key to file if it was shared as public link --- apps/encryption/lib/crypto/encryption.php | 6 +++ apps/encryption/lib/keymanager.php | 45 ++++++++++++++++++- apps/encryption/lib/users/setup.php | 2 +- .../encryption/settings/settings-personal.php | 26 ++++++++++- 4 files changed, 74 insertions(+), 5 deletions(-) diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index beb922afe72..da805892eaf 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -220,9 +220,15 @@ class Encryption implements IEncryptionModule { */ public function update($path, $uid, $accessList) { $fileKey = $this->keymanager->getFileKey($path, $uid); + $publicKeys = array(); foreach ($accessList['users'] as $user) { $publicKeys[$user] = $this->keymanager->getPublicKey($user); } + + if (!empty($accessList['public'])) { + $publicKeys[$this->keymanager->getPublicShareKeyId()] = $this->keymanager->getPublicShareKey(); + } + $encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys); $this->keymanager->deleteAllFileKeys($path); diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index fe7fe08d277..44a46458692 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -95,7 +95,13 @@ class KeyManager { * @param \OCP\ISession $session * @param ILogger $log */ - public function __construct(IStorage $keyStorage, Crypt $crypt, IConfig $config, IUserSession $userSession, ISession $session, ILogger $log) { + public function __construct( + IStorage $keyStorage, + Crypt $crypt, + IConfig $config, + IUserSession $userSession, + ISession $session, + ILogger $log) { self::$session = $session; $this->keyStorage = $keyStorage; @@ -105,6 +111,28 @@ class KeyManager { 'recoveryKeyId'); $this->publicShareKeyId = $this->config->getAppValue('encryption', 'publicShareKeyId'); + + if (empty($this->publicShareKeyId)) { + $this->publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8); + $this->config->setAppValue('encryption', 'publicShareKeyId', $this->publicShareKeyId); + + $keypair = $this->crypt->createKeyPair(); + + // Save public key + $this->keyStorage->setSystemUserKey( + $this->publicShareKeyId . '.publicKey', + $keypair['publicKey']); + + // Encrypt private key empty passphrase + $encryptedKey = $this->crypt->symmetricEncryptFileContent($keypair['privateKey'], ''); + if ($encryptedKey) { + $this->keyStorage->setSystemUserKey($this->publicShareKeyId . '.privateKey', $encryptedKey); + } else { + $this->log->error('Could not create public share keys'); + } + + } + $this->keyId = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false; $this->log = $log; } @@ -259,7 +287,7 @@ class KeyManager { $encryptedFileKey = $this->keyStorage->getFileKey($path, $this->fileKeyId); $shareKey = $this->getShareKey($path, $uid); - $privateKey = $this->session->get('privateKey'); + $privateKey = self::$session->get('privateKey'); if ($encryptedFileKey && $shareKey && $privateKey) { $key = $this->crypt->multiKeyDecrypt($encryptedFileKey, @@ -384,6 +412,19 @@ class KeyManager { throw new PublicKeyMissingException(); } + public function getPublicShareKeyId() { + return $this->publicShareKeyId; + } + + /** + * get public key for public link shares + * + * @return string + */ + public function getPublicShareKey() { + return $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.publicKey'); + } + /** * @param $purpose * @param bool $timestamp diff --git a/apps/encryption/lib/users/setup.php b/apps/encryption/lib/users/setup.php index 662a4b4b6af..bf415c81888 100644 --- a/apps/encryption/lib/users/setup.php +++ b/apps/encryption/lib/users/setup.php @@ -36,7 +36,7 @@ class Setup extends \OCA\Encryption\Setup { parent::__construct($logger, $userSession); $this->crypt = $crypt; $this->keyManager = $keyManager; - } + } /** * @param $uid userid diff --git a/apps/encryption/settings/settings-personal.php b/apps/encryption/settings/settings-personal.php index dc1ef167b11..d1da649e374 100644 --- a/apps/encryption/settings/settings-personal.php +++ b/apps/encryption/settings/settings-personal.php @@ -10,13 +10,35 @@ \OC_Util::addStyle('encryption', 'settings-personal'); $tmpl = new OCP\Template('encryption', 'settings-personal'); +$crypt = new \OCA\Encryption\Crypto\Crypt( + \OC::$server->getLogger(), + \OC::$server->getUserSession(), + \OC::$server->getConfig()); +$keymanager = new \OCA\Encryption\KeyManager( + \OC::$server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID), + $crypt, + \OC::$server->getConfig(), + \OC::$server->getUserSession(), + \OC::$server->getSession(), + \OC::$server->getLogger()); $user = \OCP\User::getUser(); + $view = new \OC\Files\View('/'); -$util = new \OCA\Files_Encryption\Util($view, $user); + +$util = new \OCA\Encryption\Util( + new \OC\Files\View(), + new \OC\Files\Filesystem(), + $crypt, + $keymanager, + \OC::$server->getLogger(), + \OC::$server->getUserSession(), + \OC::$server->getConfig()); + $session = new \OCA\Files_Encryption\Session($view); +$session = \OC::$server->getSession(); -$privateKeySet = $session->getPrivateKey() !== false; +$privateKeySet = $session->get('privateKey') !== false; // did we tried to initialize the keys for this session? $initialized = $session->getInitialized(); -- 2.39.5