Improved support for detecting and recrypting legacy files. Bugs remain.

4 files changed, 37 insertions, 17 deletions

diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php
index dafa14fc000..cb9993b2389 100644
--- a/apps/files_encryption/hooks/hooks.php
+++ b/apps/files_encryption/hooks/hooks.php
@@ -70,7 +70,7 @@ class Hooks {
 				$view1->file_exists( 'encryption.key' )

 				&& $encLegacyKey = $view1->file_get_contents( 'encryption.key' ) 

 			) {

-				

+			

 				$plainLegacyKey = Crypt::legacyDecrypt( $encLegacyKey, $params['password'] );

 				

 				$session->setLegacyKey( $plainLegacyKey );

@@ -87,7 +87,7 @@ class Hooks {
 			) {

 				

 				\OC_Log::write( 

-					'Encryption library', 'Encryption of file belonging to "' . $params['uid'] . '" was started at login'

+					'Encryption library', 'Encryption of existing files belonging to "' . $params['uid'] . '" started at login'

 					, \OC_Log::INFO 

 				);

 			

diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php
index 106b757307d..6fbbd412b89 100755
--- a/apps/files_encryption/lib/crypt.php
+++ b/apps/files_encryption/lib/crypt.php
@@ -184,19 +184,18 @@ class Crypt {
          * @brief Check if a file is encrypted via legacy system

          * @return true / false

          */

-	public static function isLegacyEncryptedContent( $content ) {

+	public static function isLegacyEncryptedContent( $data, $path ) {

 	

 		// Fetch all file metadata from DB

-		$metadata = \OC\Files\Filesystem::getFileInfo( $content, '' );

-	

+		$metadata = \OC\Files\Filesystem::getFileInfo( $path, '' );

+		

 		// If a file is flagged with encryption in DB, but isn't a 

 		// valid content + IV combination, it's probably using the 

 		// legacy encryption system

 		if ( 

-		$content

-		and isset( $metadata['encrypted'] ) 

-		and $metadata['encrypted'] === true 

-		and ! self::isCatfile( $content ) 

+			isset( $metadata['encrypted'] ) 

+			and $metadata['encrypted'] === true 

+			and ! self::isCatfile( $data ) 

 		) {

 		

 			return true;

diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php
index 4abc8be689f..bda22ee3a03 100644
--- a/apps/files_encryption/lib/session.php
+++ b/apps/files_encryption/lib/session.php
@@ -70,7 +70,7 @@ class Session {
 	 */
 	public function setLegacyKey( $legacyKey ) {
 	
-		$_SESSION['legacyKey'] = $LegacyKey;
+		$_SESSION['legacyKey'] = $legacyKey;
 		
 		return true;
 		
diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php
index 2a69bba43c9..b1c128cf8c4 100644
--- a/apps/files_encryption/lib/util.php
+++ b/apps/files_encryption/lib/util.php
@@ -37,8 +37,9 @@ namespace OCA\Encryption;
 
 /**
  * @brief Class for utilities relating to encrypted file storage system
- * @param $view OC_FilesystemView object, expected to have OC '/' as root path
- * @param $client flag indicating status of client side encryption. Currently
+ * @param OC_FilesystemView $view expected to have OC '/' as root path
+ * @param string $userId ID of the logged in user
+ * @param int $client indicating status of client side encryption. Currently
  * unused, likely to become obsolete shortly
  */
 
@@ -262,17 +263,25 @@ class Util {
 					} elseif ( $this->view->is_file( $filePath ) ) {
 						
 						// Disable proxies again, some-
-						// how they get re-enabled :/
+						// where they got re-enabled :/
 						\OC_FileProxy::$enabled = false;
 						
+						$data = $this->view->file_get_contents( $filePath );
+						
 						// If the file is encrypted
-						if ( Keymanager::getFileKey( $this->view, $this->userId, $file ) ) {
+						// NOTE: If the userId is 
+						// empty or not set, file will 
+						// detected as plain
+						if ( 
+							Keymanager::getFileKey( $this->view, $this->userId, $file ) 
+							&& Crypt::isCatfile( $filePath )
+						) {
 						
 							$found['encrypted'][] = array( 'name' => $file, 'path' => $filePath );
 						
 						// If the file uses old 
 						// encryption system
-						} elseif (  Crypt::isLegacyEncryptedContent( $this->view->file_get_contents( $filePath ) ) ) {
+						} elseif (  Crypt::isLegacyEncryptedContent( $this->view->file_get_contents( $filePath ), $filePath ) ) {
 							
 							$found['legacy'][] = array( 'name' => $file, 'path' => $filePath );
 							
@@ -355,11 +364,16 @@ class Util {
 				$sliced = array_slice( $split, 2 );
 				$relPath = implode( '/', $sliced );
 				
-				// Save catfile
+				// Save keyfile
 				Keymanager::setFileKey( $this->view, $relPath, $this->userId, $encrypted['key'] );
 				
 				// Overwrite the existing file with the encrypted one
 				$this->view->file_put_contents( $plainFile['path'], $encrypted['data'] );
+				
+				$size = strlen( $encrypted['data'] );
+				
+				// Add the file to the cache
+				\OC\Files\Filesystem::putFileInfo( $plainFile['path'], array( 'encrypted'=>true, 'size' => $size ), '' );
 			
 			}
 			
@@ -370,6 +384,8 @@ class Util {
 				&& ! empty( $newPassphrase ) 
 			) {
 			
+				trigger_error("LEGACY FOUND");
+			
 				foreach ( $found['legacy'] as $legacyFilePath ) {
 				
 					// Fetch data from file
@@ -378,11 +394,16 @@ class Util {
 					// Recrypt data, generate catfile
 					$recrypted = Crypt::legacyKeyRecryptKeyfile( $legacyData, $legacyPassphrase, $publicKey, $newPassphrase );
 					
-					// Save catfile
+					// Save keyfile
 					Keymanager::setFileKey( $this->view, $plainFile['path'], $this->userId, $recrypted['key'] );
 					
 					// Overwrite the existing file with the encrypted one
 					$this->view->file_put_contents( $plainFile['path'], $recrypted['data'] );
+					
+					$size = strlen( $recrypted['data'] );
+					
+					// Add the file to the cache
+					\OC\Files\Filesystem::putFileInfo( $plainFile['path'], array( 'encrypted'=>true, 'size' => $size ), '' );
 				
 				}