summaryrefslogtreecommitdiffstats
path: root/apps/files_encryption/lib/stream.php
diff options
context:
space:
mode:
Diffstat (limited to 'apps/files_encryption/lib/stream.php')
-rw-r--r--apps/files_encryption/lib/stream.php102
1 files changed, 59 insertions, 43 deletions
diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php
index 3c1eb2c5f5e..335ea3733eb 100644
--- a/apps/files_encryption/lib/stream.php
+++ b/apps/files_encryption/lib/stream.php
@@ -62,6 +62,7 @@ class Stream {
private $unencryptedSize;
private $publicKey;
private $encKeyfile;
+ private $newFile; // helper var, we only need to write the keyfile for new files
/**
* @var \OC\Files\View
*/
@@ -73,13 +74,16 @@ class Stream {
private $privateKey;
/**
- * @param $path
+ * @param $path raw path relative to data/
* @param $mode
* @param $options
* @param $opened_path
* @return bool
*/
public function stream_open($path, $mode, $options, &$opened_path) {
+
+ // assume that the file already exist before we decide it finally in getKey()
+ $this->newFile = false;
if (!isset($this->rootView)) {
$this->rootView = new \OC_FilesystemView('/');
@@ -93,12 +97,21 @@ class Stream {
$this->userId = $util->getUserId();
- // Strip identifier text from path, this gives us the path relative to data/<user>/files
- $this->relPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path));
-
// rawPath is relative to the data directory
- $this->rawPath = $util->getUserFilesDir() . $this->relPath;
+ $this->rawPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path));
+ // Strip identifier text from path, this gives us the path relative to data/<user>/files
+ $this->relPath = Helper::stripUserFilesPath($this->rawPath);
+ // if raw path doesn't point to a real file, check if it is a version or a file in the trash bin
+ if ($this->relPath === false) {
+ $this->relPath = Helper::getPathToRealFile($this->rawPath);
+ }
+
+ if($this->relPath === false) {
+ \OCP\Util::writeLog('Encryption library', 'failed to open file "' . $this->rawPath . '" expecting a path to user/files or to user/files_versions', \OCP\Util::ERROR);
+ return false;
+ }
+
// Disable fileproxies so we can get the file size and open the source file without recursive encryption
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
@@ -258,6 +271,8 @@ class Stream {
} else {
+ $this->newFile = true;
+
return false;
}
@@ -436,9 +451,7 @@ class Stream {
fwrite($this->handle, $encrypted);
$this->writeCache = '';
-
}
-
}
/**
@@ -451,56 +464,63 @@ class Stream {
// if there is no valid private key return false
if ($this->privateKey === false) {
- // cleanup
- if ($this->meta['mode'] !== 'r' && $this->meta['mode'] !== 'rb') {
+ // cleanup
+ if ($this->meta['mode'] !== 'r' && $this->meta['mode'] !== 'rb') {
- // Disable encryption proxy to prevent recursive calls
- $proxyStatus = \OC_FileProxy::$enabled;
- \OC_FileProxy::$enabled = false;
+ // Disable encryption proxy to prevent recursive calls
+ $proxyStatus = \OC_FileProxy::$enabled;
+ \OC_FileProxy::$enabled = false;
- if ($this->rootView->file_exists($this->rawPath) && $this->size === 0) {
- $this->rootView->unlink($this->rawPath);
- }
-
- // Re-enable proxy - our work is done
- \OC_FileProxy::$enabled = $proxyStatus;
+ if ($this->rootView->file_exists($this->rawPath) && $this->size === 0) {
+ $this->rootView->unlink($this->rawPath);
}
+ // Re-enable proxy - our work is done
+ \OC_FileProxy::$enabled = $proxyStatus;
+ }
+
// if private key is not valid redirect user to a error page
\OCA\Encryption\Helper::redirectToErrorPage();
}
if (
- $this->meta['mode'] !== 'r'
- and $this->meta['mode'] !== 'rb'
- and $this->size > 0
+ $this->meta['mode'] !== 'r' &&
+ $this->meta['mode'] !== 'rb' &&
+ $this->size > 0
) {
- // Disable encryption proxy to prevent recursive calls
- $proxyStatus = \OC_FileProxy::$enabled;
- \OC_FileProxy::$enabled = false;
+ // only write keyfiles if it was a new file
+ if ($this->newFile === true) {
+
+ // Disable encryption proxy to prevent recursive calls
+ $proxyStatus = \OC_FileProxy::$enabled;
+ \OC_FileProxy::$enabled = false;
- // Fetch user's public key
- $this->publicKey = Keymanager::getPublicKey($this->rootView, $this->userId);
+ // Fetch user's public key
+ $this->publicKey = Keymanager::getPublicKey($this->rootView, $this->userId);
- // Check if OC sharing api is enabled
- $sharingEnabled = \OCP\Share::isEnabled();
+ // Check if OC sharing api is enabled
+ $sharingEnabled = \OCP\Share::isEnabled();
- $util = new Util($this->rootView, $this->userId);
+ $util = new Util($this->rootView, $this->userId);
- // Get all users sharing the file includes current user
- $uniqueUserIds = $util->getSharingUsersArray($sharingEnabled, $this->relPath, $this->userId);
+ // Get all users sharing the file includes current user
+ $uniqueUserIds = $util->getSharingUsersArray($sharingEnabled, $this->relPath, $this->userId);
- // Fetch public keys for all sharing users
- $publicKeys = Keymanager::getPublicKeys($this->rootView, $uniqueUserIds);
+ // Fetch public keys for all sharing users
+ $publicKeys = Keymanager::getPublicKeys($this->rootView, $uniqueUserIds);
- // Encrypt enc key for all sharing users
- $this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
+ // Encrypt enc key for all sharing users
+ $this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
- // Save the new encrypted file key
- Keymanager::setFileKey($this->rootView, $this->relPath, $this->userId, $this->encKeyfiles['data']);
+ // Save the new encrypted file key
+ Keymanager::setFileKey($this->rootView, $this->relPath, $this->userId, $this->encKeyfiles['data']);
- // Save the sharekeys
- Keymanager::setShareKeys($this->rootView, $this->relPath, $this->encKeyfiles['keys']);
+ // Save the sharekeys
+ Keymanager::setShareKeys($this->rootView, $this->relPath, $this->encKeyfiles['keys']);
+
+ // Re-enable proxy - our work is done
+ \OC_FileProxy::$enabled = $proxyStatus;
+ }
// get file info
$fileInfo = $this->rootView->getFileInfo($this->rawPath);
@@ -508,9 +528,6 @@ class Stream {
$fileInfo = array();
}
- // Re-enable proxy - our work is done
- \OC_FileProxy::$enabled = $proxyStatus;
-
// set encryption data
$fileInfo['encrypted'] = true;
$fileInfo['size'] = $this->size;
@@ -521,7 +538,6 @@ class Stream {
}
return fclose($this->handle);
-
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-31 00:18:04 +0000