aboutsummaryrefslogtreecommitdiffstats
path: root/apps/files_encryption/lib
diff options
context:
space:
mode:
authorBjoern Schiessle <schiessle@owncloud.com>2014-11-05 14:42:36 +0100
committerBjoern Schiessle <schiessle@owncloud.com>2014-11-07 13:48:31 +0100
commita10ae2816eac4ab9b891972567d20e15dd2cb202 (patch)
treecb74867eb03dc75a3a315dfaa59206b62040fdeb /apps/files_encryption/lib
parente345697cabd6670e652f4bba7b91269e4efcd794 (diff)
downloadnextcloud-server-a10ae2816eac4ab9b891972567d20e15dd2cb202.tar.gz
nextcloud-server-a10ae2816eac4ab9b891972567d20e15dd2cb202.zip
clean up encryption exceptions
Diffstat (limited to 'apps/files_encryption/lib')
-rw-r--r--apps/files_encryption/lib/crypt.php37
-rw-r--r--apps/files_encryption/lib/exceptions.php63
-rw-r--r--apps/files_encryption/lib/stream.php22
-rw-r--r--apps/files_encryption/lib/util.php2
4 files changed, 34 insertions, 90 deletions
diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php
index 59b191097af..cf915ae27b2 100644
--- a/apps/files_encryption/lib/crypt.php
+++ b/apps/files_encryption/lib/crypt.php
@@ -3,10 +3,12 @@
/**
* ownCloud
*
- * @author Sam Tuke, Frank Karlitschek, Robin Appelman
- * @copyright 2012 Sam Tuke samtuke@owncloud.com,
- * Robin Appelman icewind@owncloud.com, Frank Karlitschek
- * frank@owncloud.org
+ * @copyright (C) 2014 ownCloud, Inc.
+ *
+ * @author Bjoern Schiessle <schiessle@owncloud.com>
+ * @author Sam Tuke <samtuke@owncloud.com>
+ * @author Frank Karlitschek <frank@owncloud.com>
+ * @author Robin Appelman <icewind@owncloud.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
@@ -24,7 +26,6 @@
*/
namespace OCA\Encryption;
-use OCA\Encryption\Exceptions\EncryptionException;
/**
* Class for common cryptography functionality
@@ -189,7 +190,7 @@ class Crypt {
* @param string $passphrase
* @param string $cypher used for encryption, currently we support AES-128-CFB and AES-256-CFB
* @return string encrypted file content
- * @throws \OCA\Encryption\Exceptions\EncryptionException
+ * @throws \OCA\Encryption\Exception\EncryptionException
*/
private static function encrypt($plainContent, $iv, $passphrase = '', $cipher = Crypt::DEFAULT_CIPHER) {
@@ -198,7 +199,7 @@ class Crypt {
if (!$encryptedContent) {
$error = "Encryption (symmetric) of content failed: " . openssl_error_string();
\OCP\Util::writeLog('Encryption library', $error, \OCP\Util::ERROR);
- throw new Exceptions\EncryptionException($error, 50);
+ throw new Exception\EncryptionException($error, Exception\EncryptionException::ENCRYPTION_FAILED);
}
return $encryptedContent;
@@ -290,7 +291,7 @@ class Crypt {
$padded = self::addPadding($catfile);
return $padded;
- } catch (EncryptionException $e) {
+ } catch (Exception\EncryptionException $e) {
$message = 'Could not encrypt file content (code: ' . $e->getCode() . '): ';
\OCP\Util::writeLog('files_encryption', $message . $e->getMessage(), \OCP\Util::ERROR);
return false;
@@ -378,7 +379,7 @@ class Crypt {
* @param string $plainContent content to be encrypted
* @param array $publicKeys array keys must be the userId of corresponding user
* @return array keys: keys (array, key = userId), data
- * @throws \OCA\Encryption\Exceptions\\MultiKeyEncryptException if encryption failed
+ * @throws \OCA\Encryption\Exception\MultiKeyEncryptException if encryption failed
* @note symmetricDecryptFileContent() can decrypt files created using this method
*/
public static function multiKeyEncrypt($plainContent, array $publicKeys) {
@@ -386,7 +387,7 @@ class Crypt {
// openssl_seal returns false without errors if $plainContent
// is empty, so trigger our own error
if (empty($plainContent)) {
- throw new Exceptions\MultiKeyEncryptException('Cannot multiKeyEncrypt empty plain content', 10);
+ throw new Exception\MultiKeyEncryptException('Cannot multiKeyEncrypt empty plain content', Exception\MultiKeyEncryptException::EMPTY_DATA);
}
// Set empty vars to be set by openssl by reference
@@ -413,7 +414,8 @@ class Crypt {
);
} else {
- throw new Exceptions\MultiKeyEncryptException('multi key encryption failed: ' . openssl_error_string(), 20);
+ throw new Exception\MultiKeyEncryptException('multi key encryption failed: ' . openssl_error_string(),
+ Exception\MultiKeyEncryptException::OPENSSL_SEAL_FAILED);
}
}
@@ -423,7 +425,7 @@ class Crypt {
* @param string $encryptedContent
* @param string $shareKey
* @param mixed $privateKey
- * @throws \OCA\Encryption\Exceptions\\MultiKeyDecryptException if decryption failed
+ * @throws \OCA\Encryption\Exception\MultiKeyDecryptException if decryption failed
* @internal param string $plainContent contains decrypted content
* @return string $plainContent decrypted string
* @note symmetricDecryptFileContent() can be used to decrypt files created using this method
@@ -433,7 +435,8 @@ class Crypt {
public static function multiKeyDecrypt($encryptedContent, $shareKey, $privateKey) {
if (!$encryptedContent) {
- throw new Exceptions\MultiKeyDecryptException('Cannot mutliKeyDecrypt empty plain content', 10);
+ throw new Exception\MultiKeyDecryptException('Cannot mutliKeyDecrypt empty plain content',
+ Exception\MultiKeyDecryptException::EMPTY_DATA);
}
if (openssl_open($encryptedContent, $plainContent, $shareKey, $privateKey)) {
@@ -441,7 +444,8 @@ class Crypt {
return $plainContent;
} else {
- throw new Exceptions\MultiKeyDecryptException('multiKeyDecrypt with share-key' . $shareKey . 'failed: ' . openssl_error_string(), 20);
+ throw new Exception\MultiKeyDecryptException('multiKeyDecrypt with share-key' . $shareKey . 'failed: ' . openssl_error_string(),
+ Exception\MultiKeyDecryptException::OPENSSL_OPEN_FAILED);
}
}
@@ -550,14 +554,15 @@ class Crypt {
* get chiper from header
*
* @param array $header
- * @throws \OCA\Encryption\Exceptions\EncryptionException
+ * @throws \OCA\Encryption\Exception\EncryptionException
*/
public static function getCipher($header) {
$cipher = isset($header['cipher']) ? $header['cipher'] : 'AES-128-CFB';
if ($cipher !== 'AES-256-CFB' && $cipher !== 'AES-128-CFB') {
- throw new \OCA\Encryption\Exceptions\EncryptionException('file header broken, no supported cipher defined', 40);
+ throw new Exception\EncryptionException('file header broken, no supported cipher defined',
+ Exception\EncryptionException::UNKNOWN_CIPHER);
}
return $cipher;
diff --git a/apps/files_encryption/lib/exceptions.php b/apps/files_encryption/lib/exceptions.php
deleted file mode 100644
index 5b92f4afe74..00000000000
--- a/apps/files_encryption/lib/exceptions.php
+++ /dev/null
@@ -1,63 +0,0 @@
-<?php
-/**
- * ownCloud
- *
- * @author Bjoern Schiessle
- * @copyright 2014 Bjoern Schiessle <schiessle@owncloud.com>
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
- *
- * You should have received a copy of the GNU Affero General Public
- * License along with this library. If not, see <http://www.gnu.org/licenses/>.
- *
- */
-
-namespace OCA\Encryption\Exceptions;
-
-/**
- * General encryption exception
- * Possible Error Codes:
- * 10 - unexpected end of encryption header
- * 20 - unexpected blog size
- * 30 - encryption header to large
- * 40 - unknown cipher
- * 50 - encryption failed
- * 60 - no private key available
- */
-class EncryptionException extends \Exception {
- const UNEXPECTED_END_OF_ENCRTYPTION_HEADER = 10;
- const UNEXPECTED_BLOG_SIZE = 20;
- const ENCRYPTION_HEADER_TO_LARGE = 30;
- const UNKNOWN_CIPHER = 40;
- const ENCRYPTION_FAILED = 50;
- const NO_PRIVATE_KEY_AVAILABLE = 60;
-
-}
-
-/**
- * Throw this exception if multi key encrytion fails
- *
- * Possible error codes:
- * 10 - empty plain content was given
- * 20 - openssl_seal failed
- */
-class MultiKeyEncryptException extends EncryptionException {
-}
-
-/**
- * Throw this encryption if multi key decryption failed
- *
- * Possible error codes:
- * 10 - empty encrypted content was given
- * 20 - openssl_open failed
- */
-class MultiKeyDecryptException extends EncryptionException {
-}
diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php
index 046c38152b8..647ac6a88c0 100644
--- a/apps/files_encryption/lib/stream.php
+++ b/apps/files_encryption/lib/stream.php
@@ -2,10 +2,11 @@
/**
* ownCloud
*
- * @author Bjoern Schiessle, Robin Appelman
- * @copyright 2014 Bjoern Schiessle <schiessle@owncloud.com>
- * 2012 Sam Tuke <samtuke@owncloud.com>,
- * 2011 Robin Appelman <icewind1991@gmail.com>
+ * @copyright (C) 2014 ownCloud, Inc.
+ *
+ * @author Bjoern Schiessle <schiessle@owncloud.com>
+ * @author Robin Appelman <icewind@owncloud.com>
+ * @author Sam Tuke <samtuke@owncloud.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
@@ -30,7 +31,7 @@
*/
namespace OCA\Encryption;
-use OCA\Encryption\Exceptions\EncryptionException;
+use OCA\Encryption\Exception\EncryptionException;
/**
* Provides 'crypt://' stream wrapper protocol.
@@ -91,6 +92,7 @@ class Stream {
* @param int $options
* @param string $opened_path
* @return bool
+ * @throw \OCA\Encryption\Exception\EncryptionException
*/
public function stream_open($path, $mode, $options, &$opened_path) {
@@ -109,7 +111,7 @@ class Stream {
$this->privateKey = $this->session->getPrivateKey();
if ($this->privateKey === false) {
throw new EncryptionException('Session does not contain a private key, maybe your login password changed?',
- EncryptionException::NO_PRIVATE_KEY_AVAILABLE);
+ EncryptionException::PRIVATE_KEY_MISSING);
}
$normalizedPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path));
@@ -249,7 +251,7 @@ class Stream {
/**
* @param int $count
* @return bool|string
- * @throws \OCA\Encryption\Exceptions\EncryptionException
+ * @throws \OCA\Encryption\Exception\EncryptionException
*/
public function stream_read($count) {
@@ -257,7 +259,7 @@ class Stream {
if ($count !== Crypt::BLOCKSIZE) {
\OCP\Util::writeLog('Encryption library', 'PHP "bug" 21641 no longer holds, decryption system requires refactoring', \OCP\Util::FATAL);
- throw new \OCA\Encryption\Exceptions\EncryptionException('expected a blog size of 8192 byte', 20);
+ throw new EncryptionException('expected a blog size of 8192 byte', EncryptionException::UNEXPECTED_BLOG_SIZE);
}
// Get the data from the file handle
@@ -365,14 +367,14 @@ class Stream {
/**
* write header at beginning of encrypted file
*
- * @throws Exceptions\EncryptionException
+ * @throws Exception\EncryptionException
*/
private function writeHeader() {
$header = Crypt::generateHeader();
if (strlen($header) > Crypt::BLOCKSIZE) {
- throw new Exceptions\EncryptionException('max header size exceeded', 30);
+ throw new EncryptionException('max header size exceeded', EncryptionException::ENCRYPTION_HEADER_TO_LARGE);
}
$paddedHeader = str_pad($header, Crypt::BLOCKSIZE, self::PADDING_CHAR, STR_PAD_RIGHT);
diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php
index ce5e8c8b54c..c8697ae7c80 100644
--- a/apps/files_encryption/lib/util.php
+++ b/apps/files_encryption/lib/util.php
@@ -960,7 +960,7 @@ class Util {
$plainKeyfile = $this->decryptKeyfile($filePath, $privateKey);
// Re-enc keyfile to (additional) sharekeys
$multiEncKey = Crypt::multiKeyEncrypt($plainKeyfile, $userPubKeys);
- } catch (Exceptions\EncryptionException $e) {
+ } catch (Exception\EncryptionException $e) {
$msg = 'set shareFileKeyFailed (code: ' . $e->getCode() . '): ' . $e->getMessage();
\OCP\Util::writeLog('files_encryption', $msg, \OCP\Util::FATAL);
return false;