diff options
| author | Robin Appelman <icewind1991@gmail.com> | 2011-11-24 01:44:54 +0100 |
|---|---|---|
| committer | Robin Appelman <icewind@owncloud.com> | 2012-02-21 20:48:48 +0100 |
| commit | f1cbb9effc7e0672dd9dd6fa810aba36c5749898 (patch) | |
| tree | d4c0625ffc75ab2c25ed9b7e03502110af05667a /lib | |
| parent | e53e7990c404e3ff2a1b7abad1e4c8ad4f89ee2a (diff) | |
| download | nextcloud-server-f1cbb9effc7e0672dd9dd6fa810aba36c5749898.tar.gz nextcloud-server-f1cbb9effc7e0672dd9dd6fa810aba36c5749898.zip | |
initial integration of encryption
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/crypt.php | 188 | ||||
| -rw-r--r-- | lib/user.php | 3 |
2 files changed, 1 insertions, 190 deletions
diff --git a/lib/crypt.php b/lib/crypt.php deleted file mode 100644 index 3e6fa05b85d..00000000000 --- a/lib/crypt.php +++ /dev/null @@ -1,188 +0,0 @@ -<?php -/** - * ownCloud - * - * @author Frank Karlitschek - * @copyright 2010 Frank Karlitschek karlitschek@kde.org - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE - * License as published by the Free Software Foundation; either - * version 3 of the License, or any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU AFFERO GENERAL PUBLIC LICENSE for more details. - * - * You should have received a copy of the GNU Affero General Public - * License along with this library. If not, see <http://www.gnu.org/licenses/>. - * - */ - - - -// Todo: -// - Crypt/decrypt button in the userinterface -// - Setting if crypto should be on by default -// - Add a setting "DonĀ“t encrypt files larger than xx because of performance reasons" -// - Transparent decrypt/encrpt in filesystem.php. Autodetect if a file is encrypted (.encrypted extensio) -// - Don't use a password directly as encryption key. but a key which is stored on the server and encrypted with the user password. -> password change faster -// - IMPORTANT! Check if the block lenght of the encrypted data stays the same - - -require_once('Crypt_Blowfish/Blowfish.php'); - -/** - * This class is for crypting and decrypting - */ -class OC_Crypt { - - static $encription_extension='.encrypted'; - - public static function init($login,$password) { - $_SESSION['user_password'] = $password; // save the password as passcode for the encryption - if(OC_User::isLoggedIn()){ - // does key exist? - if(!file_exists(OC_Config::getValue( "datadirectory").'/'.$login.'/encryption.key')){ - OC_Crypt::createkey($_SESSION['user_password']); - } - } - } - - - - public static function createkey($passcode) { - if(OC_User::isLoggedIn()){ - // generate a random key - $key=mt_rand(10000,99999).mt_rand(10000,99999).mt_rand(10000,99999).mt_rand(10000,99999); - - // encrypt the key with the passcode of the user - $enckey=OC_Crypt::encrypt($key,$passcode); - - // Write the file - $username=OC_USER::getUser(); - @file_put_contents(OC_Config::getValue( "datadirectory").'/'.$username.'/encryption.key', $enckey ); - } - } - - public static function changekeypasscode( $newpasscode) { - if(OC_User::isLoggedIn()){ - $username=OC_USER::getUser(); - - // read old key - $key=file_get_contents(OC_Config::getValue( "datadirectory").'/'.$username.'/encryption.key'); - - // decrypt key with old passcode - $key=OC_Crypt::decrypt($key, $_SESSION['user_password']); - - // encrypt again with new passcode - $key=OC_Crypt::encrypt($key,$newpassword); - - // store the new key - file_put_contents(OC_Config::getValue( "datadirectory").'/'.$username.'/encryption.key', $key ); - - $_SESSION['user_password']=$newpasscode; - } - } - - /** - * @brief encrypts an content - * @param $content the cleartext message you want to encrypt - * @param $key the encryption key - * @returns encrypted content - * - * This function encrypts an content - */ - public static function encrypt( $content, $key) { - $bf = new Crypt_Blowfish($key); - return($bf->encrypt($content)); - } - - - /** - * @brief decryption of an content - * @param $content the cleartext message you want to decrypt - * @param $key the encryption key - * @returns cleartext content - * - * This function decrypts an content - */ - public static function decrypt( $content, $key) { - $bf = new Crypt_Blowfish($key); - return($bf->encrypt($contents)); - } - - /** - * @brief encryption of a file - * @param $filename - * @param $key the encryption key - * - * This function encrypts a file - */ - public static function encryptfile( $filename, $key) { - $handleread = fopen($filename, "rb"); - if($handleread<>FALSE) { - $handlewrite = fopen($filename.OC_Crypt::$encription_extension, "wb"); - while (!feof($handleread)) { - $content = fread($handleread, 8192); - $enccontent=OC_CRYPT::encrypt( $content, $key); - fwrite($handlewrite, $enccontent); - } - fclose($handlewrite); - unlink($filename); - } - fclose($handleread); - } - - - /** - * @brief decryption of a file - * @param $filename - * @param $key the decryption key - * - * This function decrypts a file - */ - public static function decryptfile( $filename, $key) { - $handleread = fopen($filename.OC_Crypt::$encription_extension, "rb"); - if($handleread<>FALSE) { - $handlewrite = fopen($filename, "wb"); - while (!feof($handleread)) { - $content = fread($handleread, 8192); - $enccontent=OC_CRYPT::decrypt( $content, $key); - fwrite($handlewrite, $enccontent); - } - fclose($handlewrite); - unlink($filename.OC_Crypt::$encription_extension); - } - fclose($handleread); - } - - /** - * encrypt data in 8192b sized blocks - */ - public static function blockEncrypt($data){ - $result=''; - while(strlen($data)){ - $result=self::encrypt(substr($data,0,8192)); - $data=substr($data,8192); - } - return $result; - } - - /** - * decrypt data in 8192b sized blocks - */ - public static function blockDecrypt($data){ - $result=''; - while(strlen($data)){ - $result=self::decrypt(substr($data,0,8192)); - $data=substr($data,8192); - } - return $result; - } - - - - -} diff --git a/lib/user.php b/lib/user.php index 34f44f572e0..aa828de52f5 100644 --- a/lib/user.php +++ b/lib/user.php @@ -195,8 +195,8 @@ class OC_User { if( $run ){ $uid=self::checkPassword( $uid, $password ); if($uid){ - OC_Crypt::init($uid,$password); return self::setUserId($uid); + OC_Hook::emit( "OC_User", "post_login", array( "uid" => $uid, 'password'=>$password )); } } return false; @@ -209,7 +209,6 @@ class OC_User { */ public static function setUserId($uid) { $_SESSION['user_id'] = $uid; - OC_Hook::emit( "OC_User", "post_login", array( "uid" => $uid )); return true; } |