diff options
| author | Bjoern Schiessle <schiessle@owncloud.com> | 2015-09-07 11:38:44 +0200 |
|---|---|---|
| committer | Bjoern Schiessle <schiessle@owncloud.com> | 2015-09-07 16:08:41 +0200 |
| commit | acfc7d7c4d4c2daf00ecd61b11eaa9d953868b92 (patch) | |
| tree | 19752216adf83b38b4e858a1759a98ba1b067931 /apps/encryption/lib/crypto | |
| parent | c4096767ccf6a88422a474e786b8e4a398ede84e (diff) | |
| download | nextcloud-server-acfc7d7c4d4c2daf00ecd61b11eaa9d953868b92.tar.gz nextcloud-server-acfc7d7c4d4c2daf00ecd61b11eaa9d953868b92.zip | |
enable usage of a master key
Diffstat (limited to 'apps/encryption/lib/crypto')
| -rw-r--r-- | apps/encryption/lib/crypto/encryption.php | 39 |
1 files changed, 25 insertions, 14 deletions
diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index 1bd6af2eca7..d2925e1b6be 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -84,6 +84,9 @@ class Encryption implements IEncryptionModule { /** @var EncryptAll */ private $encryptAll; + /** @var bool */ + private $useMasterPassword; + /** * * @param Crypt $crypt @@ -105,6 +108,7 @@ class Encryption implements IEncryptionModule { $this->encryptAll = $encryptAll; $this->logger = $logger; $this->l = $il10n; + $this->useMasterPassword = $util->isMasterKeyEnabled(); } /** @@ -193,23 +197,26 @@ class Encryption implements IEncryptionModule { $this->writeCache = ''; } $publicKeys = array(); - foreach ($this->accessList['users'] as $uid) { - try { - $publicKeys[$uid] = $this->keyManager->getPublicKey($uid); - } catch (PublicKeyMissingException $e) { - $this->logger->warning( - 'no public key found for user "{uid}", user will not be able to read the file', - ['app' => 'encryption', 'uid' => $uid] - ); - // if the public key of the owner is missing we should fail - if ($uid === $this->user) { - throw $e; + if ($this->useMasterPassword === true) { + $publicKeys[$this->keyManager->getMasterKeyId()] = $this->keyManager->getPublicMasterKey(); + } else { + foreach ($this->accessList['users'] as $uid) { + try { + $publicKeys[$uid] = $this->keyManager->getPublicKey($uid); + } catch (PublicKeyMissingException $e) { + $this->logger->warning( + 'no public key found for user "{uid}", user will not be able to read the file', + ['app' => 'encryption', 'uid' => $uid] + ); + // if the public key of the owner is missing we should fail + if ($uid === $this->user) { + throw $e; + } } } } $publicKeys = $this->keyManager->addSystemKeys($this->accessList, $publicKeys, $this->user); - $encryptedKeyfiles = $this->crypt->multiKeyEncrypt($this->fileKey, $publicKeys); $this->keyManager->setAllFileKeys($this->path, $encryptedKeyfiles); } @@ -318,8 +325,12 @@ class Encryption implements IEncryptionModule { if (!empty($fileKey)) { $publicKeys = array(); - foreach ($accessList['users'] as $user) { - $publicKeys[$user] = $this->keyManager->getPublicKey($user); + if ($this->useMasterPassword === true) { + $publicKeys[$this->keyManager->getMasterKeyId()] = $this->keyManager->getPublicMasterKey(); + } else { + foreach ($accessList['users'] as $user) { + $publicKeys[$user] = $this->keyManager->getPublicKey($user); + } } $publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys, $uid); |