diff options
| author | Sam Tuke <samtuke@owncloud.com> | 2012-07-31 19:38:28 +0100 |
|---|---|---|
| committer | Sam Tuke <samtuke@owncloud.com> | 2012-07-31 19:38:28 +0100 |
| commit | 82f5f73dff8e2d35fb450aea7d9b34bab34f002f (patch) | |
| tree | 4acf36cdc1fcc8e4003c9fee09a5ae7d02b43836 | |
| parent | eebf76d34457df616d2b739582d9630f58df60b1 (diff) | |
| parent | 84fd62b13047cb756d9f39c192e17fd5f2179f83 (diff) | |
| download | nextcloud-server-82f5f73dff8e2d35fb450aea7d9b34bab34f002f.tar.gz nextcloud-server-82f5f73dff8e2d35fb450aea7d9b34bab34f002f.zip | |
Merge commit '84fd62b13047cb756d9f39c192e17fd5f2179f83' into files_encryption
Conflicts:
apps/files_encryption/lib/crypt.php
| -rw-r--r-- | apps/files_encryption/appinfo/app.php | 1 | ||||
| -rw-r--r-- | apps/files_encryption/hooks/hooks.php | 12 | ||||
| -rw-r--r-- | apps/files_encryption/js/settings.js | 11 | ||||
| -rw-r--r-- | apps/files_encryption/lib/crypt.php | 827 | ||||
| -rw-r--r-- | apps/files_encryption/templates/settings.php | 11 | ||||
| -rw-r--r-- | lib/connector/sabre/node.php | 30 | ||||
| -rw-r--r-- | lib/ocs.php | 4 |
7 files changed, 481 insertions, 415 deletions
diff --git a/apps/files_encryption/appinfo/app.php b/apps/files_encryption/appinfo/app.php index 1a4021e9395..2047bdbb1fb 100644 --- a/apps/files_encryption/appinfo/app.php +++ b/apps/files_encryption/appinfo/app.php @@ -10,6 +10,7 @@ OC::$CLASSPATH['OCA_Encryption\Proxy'] = 'apps/files_encryption/lib/proxy.php'; OC_FileProxy::register(new OCA_Encryption\Proxy()); OCP\Util::connectHook('OC_User','post_login','OCA_Encryption\Hooks','login'); +OCP\Util::connectHook('OC_Webdav_Properties', 'update', 'OCA_Encryption\Hooks', 'updateKeyfile'); stream_wrapper_register('crypt','OC_CryptStream'); diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index 57d379b9365..d06e9a0d2d3 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -58,6 +58,18 @@ class Hooks { } +
+ /**
+ * @brief update the encryption key of the file uploaded by the client
+ */ + public static function updateKeyfile( $params ) { + if (Crypt::mode(\OCP\User::getUser()) == 'client') + if (isset($params['properties']['key'])) { + Keymanager::setFileKey(\OCP\User::getUser(), $params['path'], $params['properties']['key']); + } else { + error_log("Client side encryption is enabled but the client doesn't provide a encryption key for the file!"); + } + } } ?>
\ No newline at end of file diff --git a/apps/files_encryption/js/settings.js b/apps/files_encryption/js/settings.js index 8cc433246cb..49dcf2bfca3 100644 --- a/apps/files_encryption/js/settings.js +++ b/apps/files_encryption/js/settings.js @@ -21,4 +21,15 @@ $(document).ready(function(){ var checked=$('#enable_encryption').is(':checked'); OC.AppConfig.setValue('files_encryption','enable_encryption',(checked)?'true':'false'); }) + $('input[name=encryption_mode]').change(function(){ + var client=$('input[value="client"]:checked').val() + ,server=$('input[value="server"]:checked').val() + ,none=$('input[value="none"]:checked').val() + if (client) + OC.AppConfig.setValue('files_encryption','mode','client'); + if (server) + OC.AppConfig.setValue('files_encryption','mode','server'); + if (none) + OC.AppConfig.setValue('files_encryption','mode','none'); + }) })
\ No newline at end of file diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php index cd658601845..8cd8de73bce 100644 --- a/apps/files_encryption/lib/crypt.php +++ b/apps/files_encryption/lib/crypt.php @@ -1,422 +1,429 @@ -<?php
-/**
- * ownCloud
- *
- * @author Sam Tuke, Frank Karlitschek, Robin Appelman
- * @copyright 2012 Sam Tuke samtuke@owncloud.com,
- * Robin Appelman icewind@owncloud.com, Frank Karlitschek
- * frank@owncloud.org
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
- *
- * You should have received a copy of the GNU Affero General Public
- * License along with this library. If not, see <http://www.gnu.org/licenses/>.
- *
- */
-
-namespace OCA_Encryption;
-
-/**
- * Class for common cryptography functionality
- */
-
-class Crypt {
-
+<?php +/** + * ownCloud + * + * @author Sam Tuke, Frank Karlitschek, Robin Appelman + * @copyright 2012 Sam Tuke samtuke@owncloud.com, + * Robin Appelman icewind@owncloud.com, Frank Karlitschek + * frank@owncloud.org + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE + * License as published by the Free Software Foundation; either + * version 3 of the License, or any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU AFFERO GENERAL PUBLIC LICENSE for more details. + * + * You should have received a copy of the GNU Affero General Public + * License along with this library. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA_Encryption; + +/** + * Class for common cryptography functionality + */ + +class Crypt { + /**
- * @brief return encryption mode client or server side encryption
- * @param string user name
+ * @brief return encryption mode client or server side encryption + * @param string user name (use system wide setting if name=null)
* @return string 'client' or 'server'
*/
- public static function mode( $user ) {
-
- //TODO: allow user to set encryption mode and check the selection of the user
- // for the moment I just return 'client' for test purposes
- return 'server';
+ public static function mode( $user = null ) {
- }
-
- /**
- * @brief Create a new encryption keypair
- * @return array publicKey, privatekey
- */
- public static function createKeypair() {
-
- $res = openssl_pkey_new();
-
- // Get private key
- openssl_pkey_export( $res, $privateKey );
-
- // Get public key
- $publicKey = openssl_pkey_get_details( $res );
+ $mode = \OC_Appconfig::getValue( 'files_encryption', 'mode', 'unknown' );
- $publicKey = $publicKey['key'];
+ if ( $mode == 'unknown' ) {
- return( array( 'publicKey' => $publicKey, 'privateKey' => $privateKey ) );
-
- }
-
- /**
- * @brief Check if a file's contents contains an IV and is symmetrically encrypted
- * @return true / false
- */
- public static function isEncryptedContent( $content ) {
-
- if ( !$content ) {
-
- return false;
+ error_log('no encryption mode configured');
- }
-
- // Fetch encryption metadata from end of file
- $meta = substr( $content, -22 );
-
- // Fetch IV from end of file
- $iv = substr( $meta, -16 );
-
- // Fetch identifier from start of metadata
- $identifier = substr( $meta, 0, 6 );
-
- if ( $identifier == '00iv00') {
-
- return true;
-
- } else {
-
return false;
}
-
- }
-
- /**
- * @brief Check if a file is encrypted via legacy system
- * @return true / false
- */
- public static function isLegacyEncryptedContent( $content, $path ) {
-
- // Fetch all file metadata from DB
- $metadata = \OC_FileCache_Cached::get( $content, '' );
-
- // If a file is flagged with encryption in DB, but isn't a valid content + IV combination, it's probably using the legacy encryption system
- if (
- $content
- and isset( $metadata['encrypted'] )
- and $metadata['encrypted'] === true
- and !self::isEncryptedContent( $content )
- ) {
-
- return true;
-
- } else {
- return false;
-
- }
-
- }
-
- /**
- * @brief Symmetrically encrypt a string
- * @returns encrypted file
- */
- public static function encrypt( $plainContent, $iv, $passphrase = '' ) {
-
- if ( $encryptedContent = openssl_encrypt( $plainContent, 'AES-128-CFB', $passphrase, false, $iv ) ) {
-
- return $encryptedContent;
-
- } else {
-
- \OC_Log::write( 'Encryption library', 'Encryption (symmetric) of content failed' , \OC_Log::ERROR );
-
- return false;
-
- }
-
- }
-
- /**
- * @brief Symmetrically decrypt a string
- * @returns decrypted file
- */
- public static function decrypt( $encryptedContent, $iv, $passphrase ) {
-
- if ( $plainContent = openssl_decrypt( $encryptedContent, 'AES-128-CFB', $passphrase, false, $iv ) ) {
-
- return $plainContent;
-
-
- } else {
-
- \OC_Log::write( 'Encryption library', 'Decryption (symmetric) of content failed' , \OC_Log::ERROR );
-
- return false;
-
- }
-
- }
-
- /**
- * @brief Symmetrically encrypts a string and returns keyfile content
- * @param $plainContent content to be encrypted in keyfile
- * @returns encrypted content combined with IV
- * @note IV need not be specified, as it will be stored in the returned keyfile
- * and remain accessible therein.
- */
- public static function symmetricEncryptFileContent( $plainContent, $passphrase = '' ) {
-
- if ( !$plainContent ) {
-
- return false;
-
- }
-
- $iv = self::generateIv();
-
- if ( $encryptedContent = self::encrypt( $plainContent, $iv, $passphrase ) ) {
-
- // Combine content to encrypt with IV identifier and actual IV
- $combinedKeyfile = $encryptedContent . '00iv00' . $iv;
-
- return $combinedKeyfile;
-
- } else {
-
- \OC_Log::write( 'Encryption library', 'Encryption (symmetric) of keyfile content failed' , \OC_Log::ERROR );
-
- return false;
-
- }
-
- }
-
-
- /**
- * @brief Symmetrically decrypts keyfile content
- * @param string $source
- * @param string $target
- * @param string $key the decryption key
- *
- * This function decrypts a file
- */
- public static function symmetricDecryptFileContent( $keyfileContent, $passphrase = '' ) {
-
- if ( !$keyfileContent ) {
-
- return false;
-
- }
-
- // Fetch IV from end of file
- $iv = substr( $keyfileContent, -16 );
-
- // Remove IV and IV identifier text to expose encrypted content
- $encryptedContent = substr( $keyfileContent, 0, -22 );
-
- if ( $plainContent = self::decrypt( $encryptedContent, $iv, $passphrase ) ) {
-
- return $plainContent;
-
- } else {
-
- \OC_Log::write( 'Encryption library', 'Decryption (symmetric) of keyfile content failed' , \OC_Log::ERROR );
-
- return false;
-
- }
-
- }
-
- /**
- * @brief Creates symmetric keyfile content using a generated key
- * @param string $plainContent content to be encrypted
- * @returns array keys: key, encrypted
- * @note symmetricDecryptFileContent() can be used to decrypt files created using this method
- *
- * This function decrypts a file
- */
- public static function symmetricEncryptFileContentKeyfile( $plainContent ) {
-
- $key = self::generateKey();
-
- if( $encryptedContent = self::symmetricEncryptFileContent( $plainContent, $key ) ) {
-
- return array(
- 'key' => $key
- , 'encrypted' => $encryptedContent
- );
-
- } else {
-
- return false;
-
- }
-
- }
-
- /**
- * @brief Create asymmetrically encrypted keyfile content using a generated key
- * @param string $plainContent content to be encrypted
- * @returns array keys: key, encrypted
- * @note symmetricDecryptFileContent() can be used to decrypt files created using this method
- *
- * This function decrypts a file
- */
- public static function multiKeyEncrypt( $plainContent, array $publicKeys ) {
-
- $envKeys = array();
-
- if( openssl_seal( $plainContent, $sealed, $envKeys, $publicKeys ) ) {
-
- return array(
- 'keys' => $envKeys
- , 'encrypted' => $sealed
- );
-
- } else {
-
- return false;
-
- }
-
- }
-
- /**
- * @brief Asymmetrically encrypt a file using multiple public keys
- * @param string $plainContent content to be encrypted
- * @returns array keys: key, encrypted
- * @note symmetricDecryptFileContent() can be used to decrypt files created using this method
- *
- * This function decrypts a file
- */
- public static function multiKeyDecrypt( $encryptedContent, $envKey, $privateKey ) {
-
- if ( !$encryptedContent ) {
-
- return false;
-
- }
-
- if ( openssl_open( $encryptedContent, $plainContent, $envKey, $privateKey ) ) {
-
- return $plainContent;
-
- } else {
-
- \OC_Log::write( 'Encryption library', 'Decryption (asymmetric) of sealed content failed' , \OC_Log::ERROR );
-
- return false;
-
- }
-
- }
-
- /**
- * @brief Asymetrically encrypt a string using a public key
- * @returns encrypted file
- */
- public static function keyEncrypt( $plainContent, $publicKey ) {
-
- openssl_public_encrypt( $plainContent, $encryptedContent, $publicKey );
-
- return $encryptedContent;
-
- }
-
- /**
- * @brief Asymetrically decrypt a file using a private key
- * @returns decrypted file
- */
- public static function keyDecrypt( $encryptedContent, $privatekey ) {
-
- openssl_private_decrypt( $encryptedContent, $plainContent, $privatekey );
-
- return $plainContent;
-
- }
-
- /**
- * @brief Generate a pseudo random 1024kb ASCII key
- * @returns $key Generated key
- */
- public static function generateIv() {
-
- if ( $random = openssl_random_pseudo_bytes( 13, $strong ) ) {
-
- if ( !$strong ) {
-
- // If OpenSSL indicates randomness is insecure, log error
- \OC_Log::write( 'Encryption library', 'Insecure symmetric key was generated using openssl_random_pseudo_bytes()' , \OC_Log::WARN );
-
- }
-
- $iv = substr( base64_encode( $random ), 0, -4 );
-
- return $iv;
-
- } else {
-
- return false;
-
- }
-
- }
-
- /**
- * @brief Generate a pseudo random 1024kb ASCII key
- * @returns $key Generated key
- */
- public static function generateKey() {
-
- // $key = mt_rand( 10000, 99999 ) . mt_rand( 10000, 99999 ) . mt_rand( 10000, 99999 ) . mt_rand( 10000, 99999 );
-
- // Generate key
- if ( $key = base64_encode( openssl_random_pseudo_bytes( 768000, $strong ) ) ) {
-
- if ( !$strong ) {
-
- // If OpenSSL indicates randomness is insecure, log error
- \OC_Log::write( 'Encryption library', 'Insecure symmetric key was generated using openssl_random_pseudo_bytes()' , \OC_Log::WARN );
-
- }
-
- return $key;
-
- } else {
-
- return false;
-
- }
-
- }
-
- public static function changekeypasscode($oldPassword, $newPassword) {
- if(OCP\User::isLoggedIn()){
- $username=OCP\USER::getUser();
- $view=new OC_FilesystemView('/'.$username);
-
- // read old key
- $key=$view->file_get_contents('/encryption.key');
-
- // decrypt key with old passcode
- $key=OC_Crypt::decrypt($key, $oldPassword);
-
- // encrypt again with new passcode
- $key=OC_Crypt::encrypt($key, $newPassword);
-
- // store the new key
- $view->file_put_contents('/encryption.key', $key );
- }
- }
-
-}
-
+ return $mode;
+ } + + /** + * @brief Create a new encryption keypair + * @return array publicKey, privatekey + */ + public static function createKeypair() { + + $res = openssl_pkey_new(); + + // Get private key + openssl_pkey_export( $res, $privateKey ); + + // Get public key + $publicKey = openssl_pkey_get_details( $res ); + + $publicKey = $publicKey['key']; + + return( array( 'publicKey' => $publicKey, 'privateKey' => $privateKey ) ); + + } + + /** + * @brief Check if a file's contents contains an IV and is symmetrically encrypted + * @return true / false + */ + public static function isEncryptedContent( $content ) { + + if ( !$content ) { + + return false; + + } + + // Fetch encryption metadata from end of file + $meta = substr( $content, -22 ); + + // Fetch IV from end of file + $iv = substr( $meta, -16 ); + + // Fetch identifier from start of metadata + $identifier = substr( $meta, 0, 6 ); + + if ( $identifier == '00iv00') { + + return true; + + } else { + + return false; + + } + + } + + /** + * @brief Check if a file is encrypted via legacy system + * @return true / false + */ + public static function isLegacyEncryptedContent( $content, $path ) { + + // Fetch all file metadata from DB + $metadata = \OC_FileCache_Cached::get( $content, '' ); + + // If a file is flagged with encryption in DB, but isn't a valid content + IV combination, it's probably using the legacy encryption system + if ( + $content + and isset( $metadata['encrypted'] ) + and $metadata['encrypted'] === true + and !self::isEncryptedContent( $content ) + ) { + + return true; + + } else { + + return false; + + } + + } + + /** + * @brief Symmetrically encrypt a string + * @returns encrypted file + */ + public static function encrypt( $plainContent, $iv, $passphrase = '' ) { + + if ( $encryptedContent = openssl_encrypt( $plainContent, 'AES-128-CFB', $passphrase, false, $iv ) ) { + + return $encryptedContent; + + } else { + + \OC_Log::write( 'Encryption library', 'Encryption (symmetric) of content failed' , \OC_Log::ERROR ); + + return false; + + } + + } + + /** + * @brief Symmetrically decrypt a string + * @returns decrypted file + */ + public static function decrypt( $encryptedContent, $iv, $passphrase ) { + + if ( $plainContent = openssl_decrypt( $encryptedContent, 'AES-128-CFB', $passphrase, false, $iv ) ) { + + return $plainContent; + + + } else { + + \OC_Log::write( 'Encryption library', 'Decryption (symmetric) of content failed' , \OC_Log::ERROR ); + + return false; + + } + + } + + /** + * @brief Symmetrically encrypts a string and returns keyfile content + * @param $plainContent content to be encrypted in keyfile + * @returns encrypted content combined with IV + * @note IV need not be specified, as it will be stored in the returned keyfile + * and remain accessible therein. + */ + public static function symmetricEncryptFileContent( $plainContent, $passphrase = '' ) { + + if ( !$plainContent ) { + + return false; + + } + + $iv = self::generateIv(); + + if ( $encryptedContent = self::encrypt( $plainContent, $iv, $passphrase ) ) { + + // Combine content to encrypt with IV identifier and actual IV + $combinedKeyfile = $encryptedContent . '00iv00' . $iv; + + return $combinedKeyfile; + + } else { + + \OC_Log::write( 'Encryption library', 'Encryption (symmetric) of keyfile content failed' , \OC_Log::ERROR ); + + return false; + + } + + } + + + /** + * @brief Symmetrically decrypts keyfile content + * @param string $source + * @param string $target + * @param string $key the decryption key + * + * This function decrypts a file + */ + public static function symmetricDecryptFileContent( $keyfileContent, $passphrase = '' ) { + + if ( !$keyfileContent ) { + + return false; + + } + + // Fetch IV from end of file + $iv = substr( $keyfileContent, -16 ); + + // Remove IV and IV identifier text to expose encrypted content + $encryptedContent = substr( $keyfileContent, 0, -22 ); + + if ( $plainContent = self::decrypt( $encryptedContent, $iv, $passphrase ) ) { + + return $plainContent; + + } else { + + \OC_Log::write( 'Encryption library', 'Decryption (symmetric) of keyfile content failed' , \OC_Log::ERROR ); + + return false; + + } + + } + + /** + * @brief Creates symmetric keyfile content using a generated key + * @param string $plainContent content to be encrypted + * @returns array keys: key, encrypted + * @note symmetricDecryptFileContent() can be used to decrypt files created using this method + * + * This function decrypts a file + */ + public static function symmetricEncryptFileContentKeyfile( $plainContent ) { + + $key = self::generateKey(); + + if( $encryptedContent = self::symmetricEncryptFileContent( $plainContent, $key ) ) { + + return array( + 'key' => $key + , 'encrypted' => $encryptedContent + ); + + } else { + + return false; + + } + + } + + /** + * @brief Create asymmetrically encrypted keyfile content using a generated key + * @param string $plainContent content to be encrypted + * @returns array keys: key, encrypted + * @note symmetricDecryptFileContent() can be used to decrypt files created using this method + * + * This function decrypts a file + */ + public static function multiKeyEncrypt( $plainContent, array $publicKeys ) { + + $envKeys = array(); + + if( openssl_seal( $plainContent, $sealed, $envKeys, $publicKeys ) ) { + + return array( + 'keys' => $envKeys + , 'encrypted' => $sealed + ); + + } else { + + return false; + + } + + } + + /** + * @brief Asymmetrically encrypt a file using multiple public keys + * @param string $plainContent content to be encrypted + * @returns array keys: key, encrypted + * @note symmetricDecryptFileContent() can be used to decrypt files created using this method + * + * This function decrypts a file + */ + public static function multiKeyDecrypt( $encryptedContent, $envKey, $privateKey ) { + + if ( !$encryptedContent ) { + + return false; + + } + + if ( openssl_open( $encryptedContent, $plainContent, $envKey, $privateKey ) ) { + + return $plainContent; + + } else { + + \OC_Log::write( 'Encryption library', 'Decryption (asymmetric) of sealed content failed' , \OC_Log::ERROR ); + + return false; + + } + + } + + /** + * @brief Asymetrically encrypt a string using a public key + * @returns encrypted file + */ + public static function keyEncrypt( $plainContent, $publicKey ) { + + openssl_public_encrypt( $plainContent, $encryptedContent, $publicKey ); + + return $encryptedContent; + + } + + /** + * @brief Asymetrically decrypt a file using a private key + * @returns decrypted file + */ + public static function keyDecrypt( $encryptedContent, $privatekey ) { + + openssl_private_decrypt( $encryptedContent, $plainContent, $privatekey ); + + return $plainContent; + + } + + /** + * @brief Generate a pseudo random 1024kb ASCII key + * @returns $key Generated key + */ + public static function generateIv() { + + if ( $random = openssl_random_pseudo_bytes( 13, $strong ) ) { + + if ( !$strong ) { + + // If OpenSSL indicates randomness is insecure, log error + \OC_Log::write( 'Encryption library', 'Insecure symmetric key was generated using openssl_random_pseudo_bytes()' , \OC_Log::WARN ); + + } + + $iv = substr( base64_encode( $random ), 0, -4 ); + + return $iv; + + } else { + + return false; + + } + + } + + /** + * @brief Generate a pseudo random 1024kb ASCII key + * @returns $key Generated key + */ + public static function generateKey() { + + // $key = mt_rand( 10000, 99999 ) . mt_rand( 10000, 99999 ) . mt_rand( 10000, 99999 ) . mt_rand( 10000, 99999 ); + + // Generate key + if ( $key = base64_encode( openssl_random_pseudo_bytes( 768000, $strong ) ) ) { + + if ( !$strong ) { + + // If OpenSSL indicates randomness is insecure, log error + \OC_Log::write( 'Encryption library', 'Insecure symmetric key was generated using openssl_random_pseudo_bytes()' , \OC_Log::WARN ); + + } + + return $key; + + } else { + + return false; + + } + + } + + public static function changekeypasscode($oldPassword, $newPassword) { + if(OCP\User::isLoggedIn()){ + $username=OCP\USER::getUser(); + $view=new OC_FilesystemView('/'.$username); + + // read old key + $key=$view->file_get_contents('/encryption.key'); + + // decrypt key with old passcode + $key=OC_Crypt::decrypt($key, $oldPassword); + + // encrypt again with new passcode + $key=OC_Crypt::encrypt($key, $newPassword); + + // store the new key + $view->file_put_contents('/encryption.key', $key ); + } + } + +} + ?>
\ No newline at end of file diff --git a/apps/files_encryption/templates/settings.php b/apps/files_encryption/templates/settings.php index 79780d694cf..80b3da84caa 100644 --- a/apps/files_encryption/templates/settings.php +++ b/apps/files_encryption/templates/settings.php @@ -1,5 +1,14 @@ <form id="calendar"> <fieldset class="personalblock"> + + <strong>Choose encryption mode:</strong> + + <p> + <input type="radio" name="encryption_mode" value="client" style="width:20px;" /> Client side encryption (most secure but makes it impossible to access your data from the web interface)<br /> + <input type="radio" name="encryption_mode" value="server" style="width:20px;" /> Server side encryption (allows you to access your files from the web interface and the desktop client)<br /> + <input type="radio" name="encryption_mode" value="none" style="width:20px; checked="checked" /> None (no encryption at all)<br/> + </p> + <p> <strong><?php echo $l->t('Encryption'); ?></strong> <?php echo $l->t("Exclude the following file types from encryption"); ?> <select id='encryption_blacklist' title="<?php echo $l->t('None')?>" multiple="multiple"> @@ -7,6 +16,6 @@ <option selected="selected" value="<?php echo $type;?>"><?php echo $type;?></option> <?php endforeach;?> </select> - <input type='checkbox' id='enable_encryption' <?php if($_['encryption_enabled']){echo 'checked="checked"';} ?>></input><label for='enable_encryption'><?php echo $l->t('Enable Encryption')?></label> + </p> </fieldset> </form> diff --git a/lib/connector/sabre/node.php b/lib/connector/sabre/node.php index be315a0ffd9..90f88566a4a 100644 --- a/lib/connector/sabre/node.php +++ b/lib/connector/sabre/node.php @@ -22,6 +22,7 @@ */ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IProperties { + const GETETAG_PROPERTYNAME = '{DAV:}getetag'; /** * The path to the current node @@ -140,7 +141,9 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr */ public function updateProperties($properties) { $existing = $this->getProperties(array()); + OC_Hook::emit('OC_Webdav_Properties', 'update', array('properties' => $properties, 'path' => $this->path)); foreach($properties as $propertyName => $propertyValue) { + $propertyName = preg_replace("/^{.*}/", "", $propertyName); // remove leading namespace from property name // If it was null, we need to delete the property if (is_null($propertyValue)) { if(array_key_exists( $propertyName, $existing )){ @@ -178,7 +181,7 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr * @param array $properties * @return void */ - function getProperties($properties) { + public function getProperties($properties) { if (is_null($this->property_cache)) { $query = OC_DB::prepare( 'SELECT * FROM *PREFIX*properties WHERE userid = ? AND propertypath = ?' ); $result = $query->execute( array( OC_User::getUser(), $this->path )); @@ -200,4 +203,29 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr } return $props; } + + /** + * Returns the ETag surrounded by double-quotes for this path. + * @param string $path Path of the file + * @return string|null Returns null if the ETag can not effectively be determined + */ + static public function getETagPropertyForFile($path) { + $tag = OC_Filesystem::hash('md5', $path); + if (empty($tag)) { + return null; + } + $etag = '"'.$tag.'"'; + $query = OC_DB::prepare( 'INSERT INTO *PREFIX*properties (userid,propertypath,propertyname,propertyvalue) VALUES(?,?,?,?)' ); + $query->execute( array( OC_User::getUser(), $path, self::GETETAG_PROPERTYNAME, $etag )); + return $etag; + } + + /** + * Remove the ETag from the cache. + * @param string $path Path of the file + */ + static public function removeETagPropertyForFile($path) { + $query = OC_DB::prepare( 'DELETE FROM *PREFIX*properties WHERE userid = ? AND propertypath = ? AND propertyname = ?' ); + $query->execute( array( OC_User::getUser(), $path, self::GETETAG_PROPERTYNAME )); + } } diff --git a/lib/ocs.php b/lib/ocs.php index cf4248395f3..17ae649deb6 100644 --- a/lib/ocs.php +++ b/lib/ocs.php @@ -808,8 +808,7 @@ class OC_OCS { $login=OC_OCS::checkpassword();
if(($login==$user)) {
if(OC_App::isEnabled('files_encryption') && OCA_Encryption\Crypt::mode($user) === 'client') {
- if (($key = OCA_Encryption\Keymanager::setFileKey($user, $file, $key))) { - // TODO: emit hook to move file from tmp location to the right place
+ if (($key = OCA_Encryption\Keymanager::setFileKey($user, $file, $key))) {
echo self::generateXml('', 'ok', 100, ''); return true;
} else {
@@ -821,7 +820,6 @@ class OC_OCS { }else{
echo self::generateXml('', 'fail', 300, 'You donĀ“t have permission to access this ressource.');
} - //TODO: emit signal to remove file from tmp location return false;
} |