New SSE key format

* Encrypt the keys with the instance secret
* Store them as json (so we can add other things if needed)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

1 files changed, 131 insertions, 15 deletions

diff --git a/lib/private/Encryption/Keys/Storage.php b/lib/private/Encryption/Keys/Storage.php
index cee32691261..43a291b886c 100644
--- a/lib/private/Encryption/Keys/Storage.php
+++ b/lib/private/Encryption/Keys/Storage.php
@@ -31,8 +31,11 @@ namespace OC\Encryption\Keys;
 use OC\Encryption\Util;
 use OC\Files\Filesystem;
 use OC\Files\View;
+use OC\ServerNotAvailableException;
 use OC\User\NoUserException;
 use OCP\Encryption\Keys\IStorage;
+use OCP\IConfig;
+use OCP\Security\ICrypto;
 
 class Storage implements IStorage {
 
@@ -62,11 +65,17 @@ class Storage implements IStorage {
 	/** @var array */
 	private $keyCache = [];
 
+	/** @var ICrypto */
+	private $crypto;
+
+	/** @var IConfig */
+	private $config;
+
 	/**
 	 * @param View $view
 	 * @param Util $util
 	 */
-	public function __construct(View $view, Util $util) {
+	public function __construct(View $view, Util $util, ICrypto $crypto, IConfig $config) {
 		$this->view = $view;
 		$this->util = $util;
 
@@ -74,6 +83,8 @@ class Storage implements IStorage {
 		$this->keys_base_dir = $this->encryption_base_dir .'/keys';
 		$this->backup_base_dir = $this->encryption_base_dir .'/backup';
 		$this->root_dir = $this->util->getKeyStorageRoot();
+		$this->crypto = $crypto;
+		$this->config = $config;
 	}
 
 	/**
@@ -81,7 +92,7 @@ class Storage implements IStorage {
 	 */
 	public function getUserKey($uid, $keyId, $encryptionModuleId) {
 		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
-		return $this->getKey($path);
+		return base64_decode($this->getKeyWithUid($path, $uid));
 	}
 
 	/**
@@ -90,17 +101,17 @@ class Storage implements IStorage {
 	public function getFileKey($path, $keyId, $encryptionModuleId) {
 		$realFile = $this->util->stripPartialFileExtension($path);
 		$keyDir = $this->getFileKeyDir($encryptionModuleId, $realFile);
-		$key = $this->getKey($keyDir . $keyId);
+		$key = $this->getKey($keyDir . $keyId)['key'];
 
 		if ($key === '' && $realFile !== $path) {
 			// Check if the part file has keys and use them, if no normal keys
 			// exist. This is required to fix copyBetweenStorage() when we
 			// rename a .part file over storage borders.
 			$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
-			$key = $this->getKey($keyDir . $keyId);
+			$key = $this->getKey($keyDir . $keyId)['key'];
 		}
 
-		return $key;
+		return base64_decode($key);
 	}
 
 	/**
@@ -108,7 +119,7 @@ class Storage implements IStorage {
 	 */
 	public function getSystemUserKey($keyId, $encryptionModuleId) {
 		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
-		return $this->getKey($path);
+		return base64_decode($this->getKeyWithUid($path, null));
 	}
 
 	/**
@@ -116,7 +127,10 @@ class Storage implements IStorage {
 	 */
 	public function setUserKey($uid, $keyId, $key, $encryptionModuleId) {
 		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
-		return $this->setKey($path, $key);
+		return $this->setKey($path, [
+			'key' => base64_encode($key),
+			'uid' => $uid,
+		]);
 	}
 
 	/**
@@ -124,7 +138,9 @@ class Storage implements IStorage {
 	 */
 	public function setFileKey($path, $keyId, $key, $encryptionModuleId) {
 		$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
-		return $this->setKey($keyDir . $keyId, $key);
+		return $this->setKey($keyDir . $keyId, [
+			'key' => base64_encode($key),
+		]);
 	}
 
 	/**
@@ -132,7 +148,10 @@ class Storage implements IStorage {
 	 */
 	public function setSystemUserKey($keyId, $key, $encryptionModuleId) {
 		$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
-		return $this->setKey($path, $key);
+		return $this->setKey($path, [
+			'key' => base64_encode($key),
+			'uid' => null,
+		]);
 	}
 
 	/**
@@ -200,19 +219,106 @@ class Storage implements IStorage {
 	}
 
 	/**
+	 * @param string $path
+	 * @param string|null $uid
+	 * @return string
+	 * @throws ServerNotAvailableException
+	 *
+	 * Small helper function to fetch the key and verify the value for user and system keys
+	 */
+	private function getKeyWithUid(string $path, ?string $uid): string {
+		$data = $this->getKey($path);
+
+		if (!isset($data['key'])) {
+			throw new ServerNotAvailableException('Key is invalid');
+		}
+
+		if ($data['key'] === '') {
+			return '';
+		}
+
+		if (!array_key_exists('uid', $data) || $data['uid'] !== $uid) {
+			// If the migration is done we error out
+			$versionFromBeforeUpdate = $this->config->getSystemValue('version', '0.0.0.0');
+			if (version_compare($versionFromBeforeUpdate, '20.0.0.1', '<=')) {
+				return $data['key'];
+			}
+
+			if ($this->config->getSystemValueBool('encryption.key_storage_migrated', true)) {
+				throw new ServerNotAvailableException('Key has been modified');
+			} else {
+				//Otherwise we migrate
+				$data['uid'] = $uid;
+				$this->setKey($path, $data);
+			}
+		}
+
+		return $data['key'];
+	}
+
+	/**
 	 * read key from hard disk
 	 *
 	 * @param string $path to key
-	 * @return string
+	 * @return array containing key as base64encoded key, and possible the uid
 	 */
-	private function getKey($path) {
-		$key = '';
+	private function getKey($path): array {
+		$key = [
+			'key' => '',
+		];
 
 		if ($this->view->file_exists($path)) {
 			if (isset($this->keyCache[$path])) {
 				$key =  $this->keyCache[$path];
 			} else {
-				$key = $this->view->file_get_contents($path);
+				$data = $this->view->file_get_contents($path);
+
+				// Version <20.0.0.1 doesn't have this
+				$versionFromBeforeUpdate = $this->config->getSystemValue('version', '0.0.0.0');
+				if (version_compare($versionFromBeforeUpdate, '20.0.0.1', '<=')) {
+					$key = [
+						'key' => base64_encode($data),
+					];
+				} else {
+					if ($this->config->getSystemValueBool('encryption.key_storage_migrated', true)) {
+						try {
+							$clearData = $this->crypto->decrypt($data);
+						} catch (\Exception $e) {
+							throw new ServerNotAvailableException('Could not decrypt key', 0, $e);
+						}
+
+						$dataArray = json_decode($clearData, true);
+						if ($dataArray === null) {
+							throw new ServerNotAvailableException('Invalid encryption key');
+						}
+
+						$key = $dataArray;
+					} else {
+						/*
+						 * Even if not all keys are migrated we should still try to decrypt it (in case some have moved).
+						 * However it is only a failure now if it is an array and decryption fails
+						 */
+						$fallback = false;
+						try {
+							$clearData = $this->crypto->decrypt($data);
+						} catch (\Exception $e) {
+							$fallback = true;
+						}
+
+						if (!$fallback) {
+							$dataArray = json_decode($clearData, true);
+							if ($dataArray === null) {
+								throw new ServerNotAvailableException('Invalid encryption key');
+							}
+							$key = $dataArray;
+						} else {
+							$key = [
+								'key' => base64_encode($data),
+							];
+						}
+					}
+				}
+
 				$this->keyCache[$path] = $key;
 			}
 		}
@@ -225,13 +331,23 @@ class Storage implements IStorage {
 	 *
 	 *
 	 * @param string $path path to key directory
-	 * @param string $key key
+	 * @param array $key key
 	 * @return bool
 	 */
 	private function setKey($path, $key) {
 		$this->keySetPreparation(dirname($path));
 
-		$result = $this->view->file_put_contents($path, $key);
+		$versionFromBeforeUpdate = $this->config->getSystemValue('version', '0.0.0.0');
+		if (version_compare($versionFromBeforeUpdate, '20.0.0.1', '<=')) {
+			// Only store old format if this happens during the migration.
+			// TODO: Remove for 21
+			$data = base64_decode($key['key']);
+		} else {
+			// Wrap the data
+			$data = $this->crypto->encrypt(json_encode($key));
+		}
+
+		$result = $this->view->file_put_contents($path, $data);
 
 		if (is_int($result) && $result > 0) {
 			$this->keyCache[$path] = $key;