let user enable recovery key

7 files changed, 65 insertions, 48 deletions

diff --git a/apps/encryption/appinfo/application.php b/apps/encryption/appinfo/application.php
index 372d49e5ef7..955146f7182 100644
--- a/apps/encryption/appinfo/application.php
+++ b/apps/encryption/appinfo/application.php
@@ -124,7 +124,8 @@ class Application extends \OCP\AppFramework\App {
 					$server->getConfig(),
 					$server->getUserSession(),
 					new \OCA\Encryption\Session($server->getSession()),
-					$server->getLogger()
+					$server->getLogger(),
+					$c->query('Util')
 				);
 			});
 
@@ -167,8 +168,12 @@ class Application extends \OCP\AppFramework\App {
 			function (IAppContainer $c) {
 				$server = $c->getServer();
 
-				return new Util(new View(), $c->query('Crypt'), $c->query('KeyManager'), $server->getLogger(), $server->getUserSession(), $server->getConfig()
-				);
+				return new Util(
+					new View(),
+					$c->query('Crypt'),
+					$server->getLogger(),
+					$server->getUserSession(),
+					$server->getConfig());
 			});
 
 	}
diff --git a/apps/encryption/js/settings-personal.js b/apps/encryption/js/settings-personal.js
index 7f0f4c6c26d..dcfbba4ecde 100644
--- a/apps/encryption/js/settings-personal.js
+++ b/apps/encryption/js/settings-personal.js
@@ -9,7 +9,7 @@ function updatePrivateKeyPasswd() {
 	var newPrivateKeyPassword = $('input:password[id="newPrivateKeyPassword"]').val();
 	OC.msg.startSaving('#encryption .msg');
 	$.post(
-	OC.filePath( 'files_encryption', 'ajax', 'updatePrivateKeyPassword.php' )
+	OC.generateUrl('/apps/encryption/ajax/updatePrivateKeyPassword')
 		, { oldPassword: oldPrivateKeyPassword, newPassword: newPrivateKeyPassword }
 		,  function( data ) {
 			if (data.status === "error") {
diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php
index 3c93f759407..aa620785824 100644
--- a/apps/encryption/lib/crypto/encryption.php
+++ b/apps/encryption/lib/crypto/encryption.php
@@ -131,6 +131,8 @@ class Encryption implements IEncryptionModule {
 				$publicKeys[$uid] = $this->keymanager->getPublicKey($uid);
 			}
 
+			$publicKeys = $this->keymanager->addSystemKeys($this->accessList, $publicKeys);
+
 			$encryptedKeyfiles = $this->crypt->multiKeyEncrypt($this->fileKey, $publicKeys);
 			$this->keymanager->setAllFileKeys($path, $encryptedKeyfiles);
 		}
@@ -235,7 +237,7 @@ class Encryption implements IEncryptionModule {
 			$publicKeys[$user] = $this->keymanager->getPublicKey($user);
 		}
 
-		$publicKeys = $this->addSystemKeys($accessList, $publicKeys);
+		$publicKeys = $this->keymanager->addSystemKeys($accessList, $publicKeys);
 
 		$encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys);
 
diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php
index 67a32d75908..9aae6fb2d9d 100644
--- a/apps/encryption/lib/keymanager.php
+++ b/apps/encryption/lib/keymanager.php
@@ -27,6 +27,7 @@ use OCA\Encryption\Exceptions\PrivateKeyMissingException;
 use OC\Encryption\Exceptions\PublicKeyMissingException;
 use OCA\Encryption\Crypto\Crypt;
 use OCP\Encryption\Keys\IStorage;
+use OCA\Encryption\Util;
 use OCP\IConfig;
 use OCP\ILogger;
 use OCP\IUserSession;
@@ -84,6 +85,10 @@ class KeyManager {
 	 * @var ILogger
 	 */
 	private $log;
+	/**
+	 * @var Util
+	 */
+	private $util;
 
 	/**
 	 * @param IStorage $keyStorage
@@ -92,6 +97,7 @@ class KeyManager {
 	 * @param IUserSession $userSession
 	 * @param Session $session
 	 * @param ILogger $log
+	 * @param Util $util
 	 */
 	public function __construct(
 		IStorage $keyStorage,
@@ -99,9 +105,11 @@ class KeyManager {
 		IConfig $config,
 		IUserSession $userSession,
 		Session $session,
-		ILogger $log
+		ILogger $log,
+		Util $util
 	) {
 
+		$this->util = $util;
 		$this->session = $session;
 		$this->keyStorage = $keyStorage;
 		$this->crypt = $crypt;
@@ -153,7 +161,7 @@ class KeyManager {
 	 * @return bool
 	 */
 	public function recoveryKeyExists() {
-		return (!empty($this->keyStorage->getSystemUserKey($this->recoveryKeyId)));
+		return (!empty($this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.publicKey')));
 	}
 
 	/**
@@ -471,4 +479,25 @@ class KeyManager {
 	public function setSystemPrivateKey($keyId, $key) {
 		return $this->keyStorage->setSystemUserKey($keyId . '.' . $this->privateKeyId, $key);
 	}
+
+	/**
+	 * add system keys such as the public share key and the recovery key
+	 *
+	 * @param array $accessList
+	 * @param array $publicKeys
+	 * @return array
+	 */
+	public function addSystemKeys(array $accessList, array $publicKeys) {
+		if (!empty($accessList['public'])) {
+			$publicKeys[$this->getPublicShareKeyId()] = $this->getPublicShareKey();
+		}
+
+		if ($this->recoveryKeyExists() &&
+			$this->util->isRecoveryEnabledForUser()) {
+
+			$publicKeys[$this->getRecoveryKeyId()] = $this->getRecoveryKey();
+		}
+
+		return $publicKeys;
+	}
 }
diff --git a/apps/encryption/lib/recovery.php b/apps/encryption/lib/recovery.php
index 701c0934c95..b3da82a3cc5 100644
--- a/apps/encryption/lib/recovery.php
+++ b/apps/encryption/lib/recovery.php
@@ -90,7 +90,7 @@ class Recovery {
 								IStorage $keyStorage,
 								IFile $file,
 								View $view) {
-		$this->user = $user && $user->isLoggedIn() ? $user->getUser() : false;
+		$this->user = ($user && $user->isLoggedIn()) ? $user->getUser() : false;
 		$this->crypt = $crypt;
 		$this->random = $random;
 		$this->keyManager = $keyManager;
@@ -180,7 +180,7 @@ class Recovery {
 				$value);
 
 			if ($value === '1') {
-				$this->addRecoveryKeys('/' . $this->user . '/files/');
+				$this->addRecoveryKeys('/' . $this->user->getUID() . '/files/');
 			} else {
 				$this->removeRecoveryKeys();
 			}
@@ -198,20 +198,22 @@ class Recovery {
 		$dirContent = $this->view->getDirectoryContent($path);
 		foreach ($dirContent as $item) {
 			// get relative path from files_encryption/keyfiles/
-			$filePath = $item['path'];
+			$filePath = $item->getPath();
 			if ($item['type'] === 'dir') {
 				$this->addRecoveryKeys($filePath . '/');
 			} else {
-				$fileKey = $this->keyManager->getFileKey($filePath, $this->user);
+				$fileKey = $this->keyManager->getFileKey($filePath, $this->user->getUID());
 				if (!empty($fileKey)) {
-					$accessList = $this->file->getAccessList($path);
+					$accessList = $this->file->getAccessList($filePath);
 					$publicKeys = array();
 					foreach ($accessList['users'] as $uid) {
-						$publicKeys[$uid] = $this->keymanager->getPublicKey($uid);
+						$publicKeys[$uid] = $this->keyManager->getPublicKey($uid);
 					}
 
+					$publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys);
+
 					$encryptedKeyfiles = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys);
-					$this->keymanager->setAllFileKeys($path, $encryptedKeyfiles);
+					$this->keyManager->setAllFileKeys($filePath, $encryptedKeyfiles);
 				}
 			}
 		}
@@ -221,6 +223,7 @@ class Recovery {
 	 * remove recovery key to all encrypted files
 	 */
 	private function removeRecoveryKeys($path = '/') {
+		return true;
 		$dirContent = $this->view->getDirectoryContent($this->keyfilesPath . $path);
 		foreach ($dirContent as $item) {
 			// get relative path from files_encryption/keyfiles
diff --git a/apps/encryption/lib/util.php b/apps/encryption/lib/util.php
index 45891be5dad..6b6b8b6b38c 100644
--- a/apps/encryption/lib/util.php
+++ b/apps/encryption/lib/util.php
@@ -23,16 +23,13 @@
 namespace OCA\Encryption;
 
 
-use OC\Files\Filesystem;
 use OC\Files\View;
 use OCA\Encryption\Crypto\Crypt;
-use OCP\App;
 use OCP\IConfig;
 use OCP\ILogger;
 use OCP\IUser;
 use OCP\IUserSession;
 use OCP\PreConditionNotMetException;
-use OCP\Share;
 
 class Util {
 	/**
@@ -44,10 +41,6 @@ class Util {
 	 */
 	private $crypt;
 	/**
-	 * @var KeyManager
-	 */
-	private $keyManager;
-	/**
 	 * @var ILogger
 	 */
 	private $logger;
@@ -65,21 +58,18 @@ class Util {
 	 *
 	 * @param View $files
 	 * @param Crypt $crypt
-	 * @param KeyManager $keyManager
 	 * @param ILogger $logger
 	 * @param IUserSession $userSession
 	 * @param IConfig $config
 	 */
 	public function __construct(View $files,
 								Crypt $crypt,
-								KeyManager $keyManager,
 								ILogger $logger,
 								IUserSession $userSession,
 								IConfig $config
 	) {
 		$this->files = $files;
 		$this->crypt = $crypt;
-		$this->keyManager = $keyManager;
 		$this->logger = $logger;
 		$this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser() : false;
 		$this->config = $config;
@@ -88,7 +78,7 @@ class Util {
 	/**
 	 * @return bool
 	 */
-	public function recoveryEnabledForUser() {
+	public function isRecoveryEnabledForUser() {
 		$recoveryMode = $this->config->getUserValue($this->user->getUID(),
 			'encryption',
 			'recoveryEnabled',
@@ -116,18 +106,6 @@ class Util {
 	}
 
 	/**
-	 * @param $recoveryPassword
-	 */
-	public function recoverUsersFiles($recoveryPassword) {
-		$encryptedKey = $this->keyManager->getSystemPrivateKey();
-
-		$privateKey = $this->crypt->decryptPrivateKey($encryptedKey,
-			$recoveryPassword);
-
-		$this->recoverAllFiles('/', $privateKey);
-	}
-
-	/**
 	 * @param string $uid
 	 * @return bool
 	 */
diff --git a/apps/encryption/settings/settings-personal.php b/apps/encryption/settings/settings-personal.php
index 8caacbd19ca..417bf1433bf 100644
--- a/apps/encryption/settings/settings-personal.php
+++ b/apps/encryption/settings/settings-personal.php
@@ -16,38 +16,38 @@ $crypt = new \OCA\Encryption\Crypto\Crypt(
 	\OC::$server->getLogger(),
 	\OC::$server->getUserSession(),
 	\OC::$server->getConfig());
+
+$util = new \OCA\Encryption\Util(
+	new \OC\Files\View(),
+	$crypt,
+	\OC::$server->getLogger(),
+	\OC::$server->getUserSession(),
+	\OC::$server->getConfig());
+
 $keymanager = new \OCA\Encryption\KeyManager(
 	\OC::$server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID),
 	$crypt,
 	\OC::$server->getConfig(),
 	\OC::$server->getUserSession(),
 	$session,
-	\OC::$server->getLogger(), null);
+	\OC::$server->getLogger(), $util);
 
 $user = \OCP\User::getUser();
 
 $view = new \OC\Files\View('/');
 
-$util = new \OCA\Encryption\Util(
-	new \OC\Files\View(),
-	$crypt, $keymanager,
-	\OC::$server->getLogger(),
-	\OC::$server->getUserSession(),
-	\OC::$server->getConfig());
+
 
 $privateKeySet = $session->isPrivateKeySet();
 // did we tried to initialize the keys for this session?
 $initialized = $session->getStatus();
 
 $recoveryAdminEnabled = \OC::$server->getConfig()->getAppValue('encryption', 'recoveryAdminEnabled');
-$recoveryEnabledForUser = $util->recoveryEnabledForUser();
+$recoveryEnabledForUser = $util->isRecoveryEnabledForUser();
 
 $result = false;
 
 if ($recoveryAdminEnabled || !$privateKeySet) {
-
-	\OCP\Util::addscript('encryption', 'settings-personal');
-
 	$tmpl->assign('recoveryEnabled', $recoveryAdminEnabled);
 	$tmpl->assign('recoveryEnabledForUser', $recoveryEnabledForUser);
 	$tmpl->assign('privateKeySet', $privateKeySet);