diff options
| author | Sam Tuke <samtuke@owncloud.com> | 2012-07-25 16:51:48 +0100 |
|---|---|---|
| committer | Sam Tuke <samtuke@owncloud.com> | 2012-07-25 16:51:48 +0100 |
| commit | e6de086fb66b029d70d1e24db5224f236e43198d (patch) | |
| tree | d5f281671a918ecb44e8ff59a7b07f498cb2d524 | |
| parent | 66b461629be6d1585ae0171b9128ad19d2c85bfb (diff) | |
| download | nextcloud-server-e6de086fb66b029d70d1e24db5224f236e43198d.tar.gz nextcloud-server-e6de086fb66b029d70d1e24db5224f236e43198d.zip | |
Fixed various bugs in hooks class
Fixed documentation syntax in keymanager
| -rw-r--r-- | apps/files_encryption/appinfo/app.php | 11 | ||||
| -rw-r--r-- | apps/files_encryption/hooks/hooks.php | 16 | ||||
| -rw-r--r-- | apps/files_encryption/lib/keymanager.php | 104 |
3 files changed, 71 insertions, 60 deletions
diff --git a/apps/files_encryption/appinfo/app.php b/apps/files_encryption/appinfo/app.php index 679d0b95edc..969c824cfda 100644 --- a/apps/files_encryption/appinfo/app.php +++ b/apps/files_encryption/appinfo/app.php @@ -1,16 +1,19 @@ <?php -OC::$CLASSPATH['OC_Crypt'] = 'apps/files_encryption/lib/crypt.php'; +OC::$CLASSPATH['OCA_Encryption\Crypt'] = 'apps/files_encryption/lib/crypt.php'; +OC::$CLASSPATH['OCA_Encryption\Hooks'] = 'apps/files_encryption/hooks/hooks.php'; +OC::$CLASSPATH['OCA_Encryption\Util'] = 'apps/files_encryption/lib/util.php'; +OC::$CLASSPATH['OCA_Encryption\Keymanager'] = 'apps/files_encryption/lib/keymanager.php'; OC::$CLASSPATH['OC_CryptStream'] = 'apps/files_encryption/lib/cryptstream.php'; OC::$CLASSPATH['OC_FileProxy_Encryption'] = 'apps/files_encryption/lib/proxy.php'; -OC_FileProxy::register(new OC_FileProxy_Encryption()); +//OC_FileProxy::register(new OC_FileProxy_Encryption()); -OCP\Util::connectHook('OC_User','post_login','OC_Crypt','loginListener'); +OCP\Util::connectHook('OC_User','post_login','OCA_Encryption\Hooks','login'); stream_wrapper_register('crypt','OC_CryptStream'); -if(!isset($_SESSION['enckey']) and OCP\User::isLoggedIn()){//force the user to re-loggin if the encryption key isn't unlocked (happens when a user is logged in before the encryption app is enabled) +if( !isset($_SESSION['enckey']) and OCP\User::isLoggedIn() ){//force the user to re-loggin if the encryption key isn't unlocked (happens when a user is logged in before the encryption app is enabled) OCP\User::logout(); header("Location: ".OC::$WEBROOT.'/'); exit(); diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index a8304261e47..70bbbcf4789 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -28,19 +28,27 @@ namespace OCA_Encryption; class Hooks { + # TODO: use passphrase for encrypting private key that is separate to the login password + + /** + * @brief Startup encryption backend upon user login + * @note This method should never be called for users using client side encryption + */ public static function login( $params ){ $view = new \OC_FilesystemView( '/' ); - $storage = new Storage( $view, $params['uid'] ); + $util = new Util( $view, $params['uid'] ); - if ( !$storage->ready() ) { + if ( !$util->ready() ) { - return $storage->setup( $params['password'] ); + return $util->setup( $params['password'] ); } - $_SESSION['enckey'] = OC_Crypt::decrypt($key, $password); + $encryptedKey = Keymanager::getPrivateKey( $params['uid'] ); + + $_SESSION['enckey'] = Crypt::symmetricEncryptFileContent( $encryptedKey, $params['password'] ); return true; diff --git a/apps/files_encryption/lib/keymanager.php b/apps/files_encryption/lib/keymanager.php index 32ee77bb90c..a75242c7a2b 100644 --- a/apps/files_encryption/lib/keymanager.php +++ b/apps/files_encryption/lib/keymanager.php @@ -1,5 +1,5 @@ -<?php -/**
+<?php
+/***
* ownCloud
*
* @author Bjoern Schiessle
@@ -18,93 +18,93 @@ * You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
- */ - -namespace OCA_Encryption; - -/* - * This class provides basic operations to read/write encryption keys from/to the filesystem - */ -class Keymanager { - - - /* - * @brief retrieve private key from a user - * - * @param string user name - * @return string private key or false - */ - public static function getPrivateKey($user) { + */
+
+namespace OCA_Encryption;
+
+/**
+ * This class provides basic operations to read/write encryption keys from/to the filesystem
+ */
+class Keymanager {
+
+
+ /**
+ * @brief retrieve private key from a user
+ *
+ * @param string user name
+ * @return string private key or false
+ */
+ public static function getPrivateKey($user) {
$privateKeyStorage = \OCP\Config::getSystemValue('datadirectory').'/'.$user.'/files_encryption/';
- $view = new \OC_FilesystemView($privateKeyStorage); - return $view->file_get_contents($user.'.private.key'); - } - - /*
+ $view = new \OC_FilesystemView($privateKeyStorage);
+ return $view->file_get_contents($user.'.private.key');
+ }
+
+ /**
* @brief retrieve public key from a user
*
* @param string user name
* @return string private key or false
*/
public static function getPublicKey($user) {
- $publicKeyStorage = \OCP\Config::getSystemValue('datadirectory').'/public-keys/'; - $view = $view = new \OC_FilesystemView($publicKeyStorage); + $publicKeyStorage = \OCP\Config::getSystemValue('datadirectory').'/public-keys/';
+ $view = $view = new \OC_FilesystemView($publicKeyStorage);
return $view->file_get_contents($user.'.public.key');
- } - - /*
+ }
+
+ /**
* @brief retrieve file encryption key
*
- * @param string file name - * @param string user name of the file owner + * @param string file name
+ * @param string user name of the file owner
* @return string file key or false
*/
public static function getFileKey($user, $file) {
- $fileKeyStorage = \OCP\Config::getSystemValue('datadirectory').'/'.$user.'/files_encryption/keyfiles/'; - $view = new \OC_FilesystemView($fileKeyStorage); + $fileKeyStorage = \OCP\Config::getSystemValue('datadirectory').'/'.$user.'/files_encryption/keyfiles/';
+ $view = new \OC_FilesystemView($fileKeyStorage);
return $view->file_get_contents($file.'.key');
- } - - /*
+ }
+
+ /**
* @brief store private key from a user
*
- * @param string user name + * @param string user name
* @param string key
* @return bool true/false
- */ + */
public static function setPrivateKey($user, $key) {
$privateKeyStorage = \OCP\Config::getSystemValue('datadirectory').'/'.$user.'/files_encryption/';
- $view = new \OC_FilesystemView($privateKeyStorage); + $view = new \OC_FilesystemView($privateKeyStorage);
return $view->file_put_contents($user.'.private.key', $key);
- } - - - /*
+ }
+
+
+ /**
* @brief store public key from a user
*
* @param string user name
* @param string key
* @return bool true/false
- */ - public static function setPublicKey($user, $key) { + */
+ public static function setPublicKey($user, $key) {
$publicKeyStorage = \OCP\Config::getSystemValue('datadirectory').'/public-keys/';
$view = new \OC_FilesystemView($publicKeyStorage);
return $view->file_put_contents($user.'.public.key', $key);
}
- - /*
+
+ /**
* @brief store file encryption key
- * - * @param string user name of the file owner + *
+ * @param string user name of the file owner
* @param string file name
* @param string key
* @return bool true/false
*/
- public static function setFileKey($user, $file, $key) { + public static function setFileKey($user, $file, $key) {
$fileKeyStorage = \OCP\Config::getSystemValue('datadirectory').'/'.$user.'/files_encryption/keyfiles/';
$view = new \OC_FilesystemView($fileKeyStorage);
return $view->file_put_contents($file.'.key', $key);
- } - + }
+
}
\ No newline at end of file |