diff options
author | Bjoern Schiessle <schiessle@owncloud.com> | 2015-03-27 18:10:32 +0100 |
---|---|---|
committer | Thomas Müller <thomas.mueller@tmit.eu> | 2015-04-07 13:30:28 +0200 |
commit | 24c6604388c0c3a32517e1aa18ebd851e1f7a6a1 (patch) | |
tree | 9e68ac5af49b2e16887345248f24b494020d4fb2 /apps/encryption/lib | |
parent | bd99042a66acef066bebac1694dd2c431166fe2b (diff) | |
download | nextcloud-server-24c6604388c0c3a32517e1aa18ebd851e1f7a6a1.tar.gz nextcloud-server-24c6604388c0c3a32517e1aa18ebd851e1f7a6a1.zip |
add public link share key to file if it was shared as public link
Diffstat (limited to 'apps/encryption/lib')
-rw-r--r-- | apps/encryption/lib/crypto/encryption.php | 6 | ||||
-rw-r--r-- | apps/encryption/lib/keymanager.php | 45 | ||||
-rw-r--r-- | apps/encryption/lib/users/setup.php | 2 |
3 files changed, 50 insertions, 3 deletions
diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index beb922afe72..da805892eaf 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -220,9 +220,15 @@ class Encryption implements IEncryptionModule { */ public function update($path, $uid, $accessList) { $fileKey = $this->keymanager->getFileKey($path, $uid); + $publicKeys = array(); foreach ($accessList['users'] as $user) { $publicKeys[$user] = $this->keymanager->getPublicKey($user); } + + if (!empty($accessList['public'])) { + $publicKeys[$this->keymanager->getPublicShareKeyId()] = $this->keymanager->getPublicShareKey(); + } + $encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys); $this->keymanager->deleteAllFileKeys($path); diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index fe7fe08d277..44a46458692 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -95,7 +95,13 @@ class KeyManager { * @param \OCP\ISession $session * @param ILogger $log */ - public function __construct(IStorage $keyStorage, Crypt $crypt, IConfig $config, IUserSession $userSession, ISession $session, ILogger $log) { + public function __construct( + IStorage $keyStorage, + Crypt $crypt, + IConfig $config, + IUserSession $userSession, + ISession $session, + ILogger $log) { self::$session = $session; $this->keyStorage = $keyStorage; @@ -105,6 +111,28 @@ class KeyManager { 'recoveryKeyId'); $this->publicShareKeyId = $this->config->getAppValue('encryption', 'publicShareKeyId'); + + if (empty($this->publicShareKeyId)) { + $this->publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8); + $this->config->setAppValue('encryption', 'publicShareKeyId', $this->publicShareKeyId); + + $keypair = $this->crypt->createKeyPair(); + + // Save public key + $this->keyStorage->setSystemUserKey( + $this->publicShareKeyId . '.publicKey', + $keypair['publicKey']); + + // Encrypt private key empty passphrase + $encryptedKey = $this->crypt->symmetricEncryptFileContent($keypair['privateKey'], ''); + if ($encryptedKey) { + $this->keyStorage->setSystemUserKey($this->publicShareKeyId . '.privateKey', $encryptedKey); + } else { + $this->log->error('Could not create public share keys'); + } + + } + $this->keyId = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false; $this->log = $log; } @@ -259,7 +287,7 @@ class KeyManager { $encryptedFileKey = $this->keyStorage->getFileKey($path, $this->fileKeyId); $shareKey = $this->getShareKey($path, $uid); - $privateKey = $this->session->get('privateKey'); + $privateKey = self::$session->get('privateKey'); if ($encryptedFileKey && $shareKey && $privateKey) { $key = $this->crypt->multiKeyDecrypt($encryptedFileKey, @@ -384,6 +412,19 @@ class KeyManager { throw new PublicKeyMissingException(); } + public function getPublicShareKeyId() { + return $this->publicShareKeyId; + } + + /** + * get public key for public link shares + * + * @return string + */ + public function getPublicShareKey() { + return $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.publicKey'); + } + /** * @param $purpose * @param bool $timestamp diff --git a/apps/encryption/lib/users/setup.php b/apps/encryption/lib/users/setup.php index 662a4b4b6af..bf415c81888 100644 --- a/apps/encryption/lib/users/setup.php +++ b/apps/encryption/lib/users/setup.php @@ -36,7 +36,7 @@ class Setup extends \OCA\Encryption\Setup { parent::__construct($logger, $userSession); $this->crypt = $crypt; $this->keyManager = $keyManager; - } + } /** * @param $uid userid |