summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorBjoern Schiessle <bjoern@schiessle.org>2017-01-02 21:24:37 +0100
committerBjoern Schiessle <bjoern@schiessle.org>2017-01-10 17:04:32 +0100
commitfcda3a20f455795b898161ec4ada0aeb500b9218 (patch)
treed1819e6c04954377ede49bbf80ebc02335acf2a2 /lib
parent40239decb1b36f1daff53710e01d81e18c24f4fc (diff)
downloadnextcloud-server-fcda3a20f455795b898161ec4ada0aeb500b9218.tar.gz
nextcloud-server-fcda3a20f455795b898161ec4ada0aeb500b9218.zip
create new encryption keys on password reset and backup the old one
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
Diffstat (limited to 'lib')
-rw-r--r--lib/private/Encryption/Keys/Storage.php35
-rw-r--r--lib/public/Encryption/Keys/IStorage.php10
2 files changed, 45 insertions, 0 deletions
diff --git a/lib/private/Encryption/Keys/Storage.php b/lib/private/Encryption/Keys/Storage.php
index 8149ffe9dce..e8d152581fe 100644
--- a/lib/private/Encryption/Keys/Storage.php
+++ b/lib/private/Encryption/Keys/Storage.php
@@ -51,6 +51,9 @@ class Storage implements IStorage {
/** @var string */
private $encryption_base_dir;
+ /** @var string */
+ private $backup_base_dir;
+
/** @var array */
private $keyCache = [];
@@ -64,6 +67,7 @@ class Storage implements IStorage {
$this->encryption_base_dir = '/files_encryption';
$this->keys_base_dir = $this->encryption_base_dir .'/keys';
+ $this->backup_base_dir = $this->encryption_base_dir .'/backup';
$this->root_dir = $this->util->getKeyStorageRoot();
}
@@ -287,6 +291,37 @@ class Storage implements IStorage {
}
/**
+ * backup keys of a given encryption module
+ *
+ * @param string $encryptionModuleId
+ * @param string $purpose
+ * @param string $uid
+ * @return bool
+ * @since 12.0.0
+ */
+ public function backupUserKeys($encryptionModuleId, $purpose, $uid) {
+ $source = $uid . $this->encryption_base_dir . '/' . $encryptionModuleId;
+ $backupDir = $uid . $this->backup_base_dir;
+ if (!$this->view->file_exists($backupDir)) {
+ $this->view->mkdir($backupDir);
+ }
+
+ $backupDir = $backupDir . '/' . $purpose . '.' . $encryptionModuleId . '.' . $this->getTimestamp();
+ $this->view->mkdir($backupDir);
+
+ return $this->view->copy($source, $backupDir);
+ }
+
+ /**
+ * get the current timestamp
+ *
+ * @return int
+ */
+ protected function getTimestamp() {
+ return time();
+ }
+
+ /**
* get system wide path and detect mount points
*
* @param string $path
diff --git a/lib/public/Encryption/Keys/IStorage.php b/lib/public/Encryption/Keys/IStorage.php
index e17de04316b..c96d1573b38 100644
--- a/lib/public/Encryption/Keys/IStorage.php
+++ b/lib/public/Encryption/Keys/IStorage.php
@@ -170,4 +170,14 @@ interface IStorage {
*/
public function copyKeys($source, $target);
+ /**
+ * backup keys of a given encryption module
+ *
+ * @param string $encryptionModuleId
+ * @param string $purpose
+ * @param string $uid
+ * @return bool
+ * @since 12.0.0
+ */
+ public function backupUserKeys($encryptionModuleId, $purpose, $uid);
}