diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2013-02-06 11:47:55 -0800 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2013-02-06 11:47:55 -0800 |
| commit | 93b15973951e00f066eacf92cc3bff8fc24dbefd (patch) | |
| tree | 43c29786f3fc7b20b47e0ab2e77a54eb479cb920 /apps | |
| parent | e522872408e4fab2277d6deee475d0241ad6a825 (diff) | |
| parent | 2c22619a18961d107b61b7486f2caf5cff4bc6a5 (diff) | |
| download | nextcloud-server-93b15973951e00f066eacf92cc3bff8fc24dbefd.tar.gz nextcloud-server-93b15973951e00f066eacf92cc3bff8fc24dbefd.zip | |
Merge pull request #1506 from owncloud/files_encryption
Files encryption
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/files_encryption/appinfo/app.php | 2 | ||||
| -rw-r--r-- | apps/files_encryption/hooks/hooks.php | 9 | ||||
| -rwxr-xr-x | apps/files_encryption/lib/crypt.php | 24 | ||||
| -rw-r--r-- | apps/files_encryption/lib/util.php | 14 |
4 files changed, 14 insertions, 35 deletions
diff --git a/apps/files_encryption/appinfo/app.php b/apps/files_encryption/appinfo/app.php index e426f237bbe..f83109a18ea 100644 --- a/apps/files_encryption/appinfo/app.php +++ b/apps/files_encryption/appinfo/app.php @@ -12,7 +12,7 @@ OC_FileProxy::register( new OCA\Encryption\Proxy() ); // User-related hooks OCP\Util::connectHook( 'OC_User', 'post_login', 'OCA\Encryption\Hooks', 'login' ); -OCP\Util::connectHook( 'OC_User', 'post_setPassword','OCA\Encryption\Hooks', 'setPassphrase' ); +OCP\Util::connectHook( 'OC_User', 'pre_setPassword','OCA\Encryption\Hooks', 'setPassphrase' ); // Sharing-related hooks OCP\Util::connectHook( 'OCP\Share', 'post_shared', 'OCA\Encryption\Hooks', 'postShared' ); diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index 065ef9d2410..8bdeee0937b 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -38,12 +38,15 @@ class Hooks { */
public static function login( $params ) {
+ // Manually initialise Filesystem{} singleton with correct
+ // fake root path, in order to avoid fatal webdav errors
\OC\Files\Filesystem::init( $params['uid'] . '/' . 'files' . '/' );
$view = new \OC_FilesystemView( '/' );
$util = new Util( $view, $params['uid'] );
+ // Check files_encryption infrastructure is ready for action
if ( ! $util->ready() ) {
\OC_Log::write( 'Encryption library', 'User account "' . $params['uid'] . '" is not ready for encryption; configuration started', \OC_Log::DEBUG );
@@ -104,14 +107,16 @@ class Hooks { * @param array $params keys: uid, password
*/
public static function setPassphrase( $params ) {
-
+
// Only attempt to change passphrase if server-side encryption
// is in use (client-side encryption does not have access to
// the necessary keys)
if ( Crypt::mode() == 'server' ) {
+ $session = new Session();
+
// Get existing decrypted private key
- $privateKey = $_SESSION['privateKey'];
+ $privateKey = $session->getPrivateKey();
// Encrypt private key with new user pwd as passphrase
$encryptedPrivateKey = Crypt::symmetricEncryptFileContent( $privateKey, $params['password'] );
diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php index e3ffacabc9a..d00f71b6141 100755 --- a/apps/files_encryption/lib/crypt.php +++ b/apps/files_encryption/lib/crypt.php @@ -45,24 +45,6 @@ class Crypt { * @return string 'client' or 'server'
*/
public static function mode( $user = null ) {
-
-// $mode = \OC_Appconfig::getValue( 'files_encryption', 'mode', 'none' );
-//
-// if ( $mode == 'user') {
-// if ( !$user ) {
-// $user = \OCP\User::getUser();
-// }
-// $mode = 'none';
-// if ( $user ) {
-// $query = \OC_DB::prepare( "SELECT mode FROM *PREFIX*encryption WHERE uid = ?" );
-// $result = $query->execute(array($user));
-// if ($row = $result->fetchRow()){
-// $mode = $row['mode'];
-// }
-// }
-// }
-//
-// return $mode;
return 'server';
@@ -133,12 +115,6 @@ class Crypt { * @note see also OCA\Encryption\Util->isEncryptedPath()
*/
public static function isCatfile( $content ) {
-
- if ( !$content ) {
-
- return false;
-
- }
$noPadding = self::removePadding( $content );
diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index 355ffb90ef0..52bc74db27a 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -69,11 +69,6 @@ class Util { //// DONE: add method to fetch legacy key //// DONE: add method to decrypt legacy encrypted data - //// TODO: add method to encrypt all user files using new system - //// TODO: add method to decrypt all user files using new system - //// TODO: add method to encrypt all user files using old system - //// TODO: add method to decrypt all user files using old system - // Admin UI: @@ -93,7 +88,6 @@ class Util { // Integration testing: - //// TODO: test new encryption with webdav //// TODO: test new encryption with versioning //// TODO: test new encryption with sharing //// TODO: test new encryption with proxies @@ -278,7 +272,7 @@ class Util { // will eat server resources :( if ( Keymanager::getFileKey( $this->view, $this->userId, $file ) - && Crypt::isCatfile( $filePath ) + && Crypt::isCatfile( $data ) ) { $found['encrypted'][] = array( 'name' => $file, 'path' => $filePath ); @@ -391,7 +385,6 @@ class Util { } - // FIXME: Legacy recrypting here isn't finished yet // Encrypt legacy encrypted files if ( ! empty( $legacyPassphrase ) @@ -437,6 +430,11 @@ class Util { } + /** + * @brief Return important encryption related paths + * @param string $pathName Name of the directory to return the path of + * @return string path + */ public function getPath( $pathName ) { switch ( $pathName ) { |