12 files changed, 124 insertions, 66 deletions
diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php
index de306462d79..85169e6a1d0 100644
--- a/apps/files_encryption/hooks/hooks.php
+++ b/apps/files_encryption/hooks/hooks.php
@@ -36,14 +36,6 @@ class Hooks {
 	 */
 	public static function login($params) {
 		$l = new \OC_L10N('files_encryption');
-		//check if all requirements are met
-		if(!Helper::checkRequirements() || !Helper::checkConfiguration() ) {
-			$error_msg = $l->t("Missing requirements.");
-			$hint = $l->t('Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled.');
-			\OC_App::disable('files_encryption');
-			\OCP\Util::writeLog('Encryption library', $error_msg . ' ' . $hint, \OCP\Util::ERROR);
-			\OCP\Template::printErrorPage($error_msg, $hint);
-		}
 
 		$view = new \OC_FilesystemView('/');
 
@@ -54,6 +46,15 @@ class Hooks {
 
 		$util = new Util($view, $params['uid']);
 
+		//check if all requirements are met
+		if(!$util->ready() && (!Helper::checkRequirements() || !Helper::checkConfiguration())) {
+			$error_msg = $l->t("Missing requirements.");
+			$hint = $l->t('Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled.');
+			\OC_App::disable('files_encryption');
+			\OCP\Util::writeLog('Encryption library', $error_msg . ' ' . $hint, \OCP\Util::ERROR);
+			\OCP\Template::printErrorPage($error_msg, $hint);
+		}
+
 		// setup user, if user not ready force relogin
 		if (Helper::setupUser($util, $params['password']) === false) {
 			return false;
diff --git a/apps/files_encryption/l10n/es.php b/apps/files_encryption/l10n/es.php
index 8341bafc9fd..2d644708c59 100644
--- a/apps/files_encryption/l10n/es.php
+++ b/apps/files_encryption/l10n/es.php
@@ -10,6 +10,8 @@ $TRANSLATIONS = array(
 "Could not update the private key password. Maybe the old password was not correct." => "No se pudo cambiar la contraseña. Puede que la contraseña antigua no sea correcta.",
 "Your private key is not valid! Likely your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." => "¡Su clave privada no es válida! Tal vez su contraseña ha sido cambiada desde fuera. Puede actualizar su clave privada en sus opciones personales para recuperar el acceso a sus ficheros.",
 "Missing requirements." => "Requisitos incompletos.",
+"Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." => "Por favor, asegúrese de que PHP 5.3.3 o posterior está instalado y que la extensión OpenSSL de PHP está habilitada y configurada correctamente. Por el momento, la aplicación de cifrado ha sido deshabilitada.",
+"Following users are not set up for encryption:" => "Los siguientes usuarios no han sido configurados para el cifrado:",
 "Saving..." => "Guardando...",
 "Your private key is not valid! Maybe the your password was changed from outside." => "¡Su clave privada no es válida! Tal vez su contraseña ha sido cambiada desde fuera.",
 "You can unlock your private key in your " => "Puede desbloquear su clave privada en su",
diff --git a/apps/files_encryption/l10n/es_AR.php b/apps/files_encryption/l10n/es_AR.php
index cac8c465362..666ea59687c 100644
--- a/apps/files_encryption/l10n/es_AR.php
+++ b/apps/files_encryption/l10n/es_AR.php
@@ -10,6 +10,8 @@ $TRANSLATIONS = array(
 "Could not update the private key password. Maybe the old password was not correct." => "No fue posible actualizar la contraseña de clave privada. Tal vez la contraseña anterior no es correcta.",
 "Your private key is not valid! Likely your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." => "¡Tu clave privada no es válida! Tal vez tu contraseña fue cambiada desde fuera del sistema de ownCloud (por ej. desde tu cuenta de sistema). Podés actualizar tu clave privada en la sección de \"configuración personal\", para recuperar el acceso a tus archivos.",
 "Missing requirements." => "Requisitos incompletos.",
+"Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." => "Por favor, asegúrese de que PHP 5.3.3 o una versión más reciente esté instalado y que OpenSSL junto con la extensión PHP esté habilitado y configurado apropiadamente. Por ahora, la aplicación de encriptación ha sido deshabilitada.",
+"Following users are not set up for encryption:" => "Los siguientes usuarios no fueron configurados para encriptar:",
 "Saving..." => "Guardando...",
 "Your private key is not valid! Maybe the your password was changed from outside." => "¡Tu clave privada no es válida! Tal vez tu contraseña fue cambiada desde afuera.",
 "You can unlock your private key in your " => "Podés desbloquear tu clave privada en tu",
diff --git a/apps/files_encryption/l10n/fi_FI.php b/apps/files_encryption/l10n/fi_FI.php
index 53b0a6b25cd..b3df41b1f42 100644
--- a/apps/files_encryption/l10n/fi_FI.php
+++ b/apps/files_encryption/l10n/fi_FI.php
@@ -1,11 +1,21 @@
 <?php
 $TRANSLATIONS = array(
+"Recovery key successfully enabled" => "Palautusavain kytketty päälle onnistuneesti",
 "Password successfully changed." => "Salasana vaihdettiin onnistuneesti.",
 "Could not change the password. Maybe the old password was not correct." => "Salasanan vaihto epäonnistui. Kenties vanha salasana oli väärin.",
+"Following users are not set up for encryption:" => "Seuraavat käyttäjät eivät ole määrittäneet salausta:",
 "Saving..." => "Tallennetaan...",
+"personal settings" => "henkilökohtaiset asetukset",
 "Encryption" => "Salaus",
+"Recovery key password" => "Palautusavaimen salasana",
 "Enabled" => "Käytössä",
 "Disabled" => "Ei käytössä",
-"Change Password" => "Vaihda salasana"
+"Change recovery key password:" => "Vaihda palautusavaimen salasana:",
+"Old Recovery key password" => "Vanha palautusavaimen salasana",
+"New Recovery key password" => "Uusi palautusavaimen salasana",
+"Change Password" => "Vaihda salasana",
+"Old log-in password" => "Vanha kirjautumis-salasana",
+"Current log-in password" => "Nykyinen kirjautumis-salasana",
+"Enable password recovery:" => "Ota salasanan palautus käyttöön:"
 );
 $PLURAL_FORMS = "nplurals=2; plural=(n != 1);";
diff --git a/apps/files_encryption/l10n/fr.php b/apps/files_encryption/l10n/fr.php
index 12af8101394..358937441e2 100644
--- a/apps/files_encryption/l10n/fr.php
+++ b/apps/files_encryption/l10n/fr.php
@@ -10,6 +10,8 @@ $TRANSLATIONS = array(
 "Could not update the private key password. Maybe the old password was not correct." => "Impossible de mettre à jour le mot de passe de la clé privé. Peut-être que l'ancien mot de passe n'était pas correcte.",
 "Your private key is not valid! Likely your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." => "Votre clé de sécurité privée n'est pas valide! Il est probable que votre mot de passe ait été changé sans passer par le système ownCloud (par éxemple: le serveur de votre entreprise). Ain d'avoir à nouveau accès à vos fichiers cryptés, vous pouvez mettre à jour votre clé de sécurité privée dans les paramètres personnels de votre compte.",
 "Missing requirements." => "Système minimum requis non respecté.",
+"Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." => "Veuillez vous assurer qu'une version de PHP 5.3.3 ou supérieure est installée et qu'OpenSSL et son extension PHP sont activés et configurés correctement. En attendant, l'application de chiffrement été désactivée.",
+"Following users are not set up for encryption:" => "Les utilisateurs suivants ne sont pas configurés pour le chiffrement :",
 "Saving..." => "Enregistrement...",
 "Your private key is not valid! Maybe the your password was changed from outside." => "Votre clef privée est invalide ! Votre mot de passe a peut-être été modifié depuis l'extérieur.",
 "You can unlock your private key in your " => "Vous pouvez déverrouiller votre clé privée dans votre",
diff --git a/apps/files_encryption/l10n/hu_HU.php b/apps/files_encryption/l10n/hu_HU.php
index 49dcf817fb7..323291bbfbe 100644
--- a/apps/files_encryption/l10n/hu_HU.php
+++ b/apps/files_encryption/l10n/hu_HU.php
@@ -1,6 +1,18 @@
 <?php
 $TRANSLATIONS = array(
+"Recovery key successfully disabled" => "Visszaállítási kulcs sikeresen kikapcsolva",
+"Password successfully changed." => "Jelszó sikeresen megváltoztatva.",
+"Could not change the password. Maybe the old password was not correct." => "A jelszót nem lehet megváltoztatni! Lehet, hogy hibás volt a régi jelszó.",
+"Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." => "Kérlek győződj meg arról, hogy PHP 5.3.3 vagy annál frissebb van telepítve, valamint a PHP-hez tartozó OpenSSL bővítmény be van-e kapcsolva és az helyesen van-e konfigurálva! Ki lett kapcsolva ideiglenesen a titkosító alkalmazás.",
 "Saving..." => "Mentés...",
-"Encryption" => "Titkosítás"
+"personal settings" => "személyes beállítások",
+"Encryption" => "Titkosítás",
+"Enabled" => "Bekapcsolva",
+"Disabled" => "Kikapcsolva",
+"Change Password" => "Jelszó megváltoztatása",
+"Old log-in password" => "Régi bejelentkezési jelszó",
+"Current log-in password" => "Jelenlegi bejelentkezési jelszó",
+"Update Private Key Password" => "Privát kulcs jelszó frissítése",
+"Enable password recovery:" => "Jelszó-visszaállítás bekapcsolása"
 );
 $PLURAL_FORMS = "nplurals=2; plural=(n != 1);";
diff --git a/apps/files_encryption/l10n/nn_NO.php b/apps/files_encryption/l10n/nn_NO.php
index b99d0751540..bb30d69c592 100644
--- a/apps/files_encryption/l10n/nn_NO.php
+++ b/apps/files_encryption/l10n/nn_NO.php
@@ -1,5 +1,6 @@
 <?php
 $TRANSLATIONS = array(
-"Saving..." => "Lagrar …"
+"Saving..." => "Lagrar …",
+"Encryption" => "Kryptering"
 );
 $PLURAL_FORMS = "nplurals=2; plural=(n != 1);";
diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php
index e129bc9313e..c009718160a 100755
--- a/apps/files_encryption/lib/crypt.php
+++ b/apps/files_encryption/lib/crypt.php
@@ -52,14 +52,14 @@ class Crypt {
 
 		$return = false;
 
-		$res = openssl_pkey_new(array('private_key_bits' => 4096));
+		$res = Helper::getOpenSSLPkey();
 
 		if ($res === false) {
 			\OCP\Util::writeLog('Encryption library', 'couldn\'t generate users key-pair for ' . \OCP\User::getUser(), \OCP\Util::ERROR);
 			while ($msg = openssl_error_string()) {
 				\OCP\Util::writeLog('Encryption library', 'openssl_pkey_new() fails:  ' . $msg, \OCP\Util::ERROR);
 			}
-		} elseif (openssl_pkey_export($res, $privateKey)) {
+		} elseif (openssl_pkey_export($res, $privateKey, null, Helper::getOpenSSLConfig())) {
 			// Get public key
 			$keyDetails = openssl_pkey_get_details($res);
 			$publicKey = $keyDetails['key'];
@@ -70,7 +70,9 @@ class Crypt {
 			);
 		} else {
 			\OCP\Util::writeLog('Encryption library', 'couldn\'t export users private key, please check your servers openSSL configuration.' . \OCP\User::getUser(), \OCP\Util::ERROR);
-			\OCP\Util::writeLog('Encryption library', openssl_error_string(), \OCP\Util::ERROR);
+			while($errMsg = openssl_error_string()) {
+				\OCP\Util::writeLog('Encryption library', $errMsg, \OCP\Util::ERROR);
+			}
 		}
 
 		return $return;
diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php
index 0209a5d18b7..445d7ff8ca7 100755
--- a/apps/files_encryption/lib/helper.php
+++ b/apps/files_encryption/lib/helper.php
@@ -265,7 +265,7 @@ class Helper {
 	 * @return bool true if configuration seems to be OK
 	 */
 	public static function checkConfiguration() {
-		if(openssl_pkey_new(array('private_key_bits' => 4096))) {
+		if(self::getOpenSSLPkey()) {
 			return true;
 		} else {
 			while ($msg = openssl_error_string()) {
@@ -276,6 +276,26 @@ class Helper {
 	}
 
 	/**
+	 * Create an openssl pkey with config-supplied settings
+	 * WARNING: This initializes a new private keypair, which is computationally expensive
+	 * @return resource The pkey resource created
+	 */
+	public static function getOpenSSLPkey() {
+		return openssl_pkey_new(self::getOpenSSLConfig());
+	}
+
+	/**
+	 * Return an array of OpenSSL config options, default + config
+	 * Used for multiple OpenSSL functions
+	 * @return array The combined defaults and config settings
+	 */
+	public static function getOpenSSLConfig() {
+		$config = array('private_key_bits' => 4096);
+		$config = array_merge(\OCP\Config::getSystemValue('openssl', array()), $config);
+		return $config;
+	}
+
+	/**
 	 * @brief glob uses different pattern than regular expressions, escape glob pattern only
 	 * @param unescaped path
 	 * @return escaped path
diff --git a/apps/files_encryption/lib/keymanager.php b/apps/files_encryption/lib/keymanager.php
index 5386de486e1..9be3dda7ce3 100755
--- a/apps/files_encryption/lib/keymanager.php
+++ b/apps/files_encryption/lib/keymanager.php
@@ -220,22 +220,10 @@ class Keymanager {
 	 */
 	public static function getFileKey(\OC_FilesystemView $view, $userId, $filePath) {
 
-		// try reusing key file if part file
-		if (self::isPartialFilePath($filePath)) {
-
-			$result = self::getFileKey($view, $userId, self::fixPartialFilePath($filePath));
-
-			if ($result) {
-
-				return $result;
-
-			}
-
-		}
-
 		$util = new Util($view, \OCP\User::getUser());
 
 		list($owner, $filename) = $util->getUidAndFilename($filePath);
+		$filename = self::fixPartialFilePath($filename);
 		$filePath_f = ltrim($filename, '/');
 
 		// in case of system wide mount points the keys are stored directly in the data directory
@@ -424,18 +412,6 @@ class Keymanager {
 	public static function getShareKey(\OC_FilesystemView $view, $userId, $filePath) {
 
 		// try reusing key file if part file
-		if (self::isPartialFilePath($filePath)) {
-
-			$result = self::getShareKey($view, $userId, self::fixPartialFilePath($filePath));
-
-			if ($result) {
-
-				return $result;
-
-			}
-
-		}
-
 		$proxyStatus = \OC_FileProxy::$enabled;
 		\OC_FileProxy::$enabled = false;
 
@@ -443,7 +419,7 @@ class Keymanager {
 		$util = new Util($view, \OCP\User::getUser());
 
 		list($owner, $filename) = $util->getUidAndFilename($filePath);
-
+		$filename = self::fixPartialFilePath($filename);
 		// in case of system wide mount points the keys are stored directly in the data directory
 		if ($util->isSystemWideMountPoint($filename)) {
 			$shareKeyPath = '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey';
diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php
index 335ea3733eb..083b33c03cb 100644
--- a/apps/files_encryption/lib/stream.php
+++ b/apps/files_encryption/lib/stream.php
@@ -81,7 +81,7 @@ class Stream {
 	 * @return bool
 	 */
 	public function stream_open($path, $mode, $options, &$opened_path) {
-		
+
 		// assume that the file already exist before we decide it finally in getKey()
 		$this->newFile = false;
 
@@ -106,12 +106,12 @@ class Stream {
 		if ($this->relPath === false) {
 			$this->relPath = Helper::getPathToRealFile($this->rawPath);
 		}
-		
+
 		if($this->relPath === false) {
 			\OCP\Util::writeLog('Encryption library', 'failed to open file "' . $this->rawPath . '" expecting a path to user/files or to user/files_versions', \OCP\Util::ERROR);
 			return false;
 		}
-		
+
 		// Disable fileproxies so we can get the file size and open the source file without recursive encryption
 		$proxyStatus = \OC_FileProxy::$enabled;
 		\OC_FileProxy::$enabled = false;
@@ -188,7 +188,7 @@ class Stream {
 		}
 
 		// Get the data from the file handle
-		$data = fread($this->handle, 8192);
+		$data = fread($this->handle, $count);
 
 		$result = null;
 
@@ -272,7 +272,7 @@ class Stream {
 		} else {
 
 			$this->newFile = true;
-			
+
 			return false;
 
 		}
@@ -296,9 +296,9 @@ class Stream {
 			return strlen($data);
 		}
 
-		// Disable the file proxies so that encryption is not 
-		// automatically attempted when the file is written to disk - 
-		// we are handling that separately here and we don't want to 
+		// Disable the file proxies so that encryption is not
+		// automatically attempted when the file is written to disk -
+		// we are handling that separately here and we don't want to
 		// get into an infinite loop
 		$proxyStatus = \OC_FileProxy::$enabled;
 		\OC_FileProxy::$enabled = false;
@@ -311,7 +311,7 @@ class Stream {
 		$pointer = ftell($this->handle);
 
 		// Get / generate the keyfile for the file we're handling
-		// If we're writing a new file (not overwriting an existing 
+		// If we're writing a new file (not overwriting an existing
 		// one), save the newly generated keyfile
 		if (!$this->getKey()) {
 
@@ -319,7 +319,7 @@ class Stream {
 
 		}
 
-		// If extra data is left over from the last round, make sure it 
+		// If extra data is left over from the last round, make sure it
 		// is integrated into the next 6126 / 8192 block
 		if ($this->writeCache) {
 
@@ -344,12 +344,12 @@ class Stream {
 			if ($remainingLength < 6126) {
 
 				// Set writeCache to contents of $data
-				// The writeCache will be carried over to the 
-				// next write round, and added to the start of 
-				// $data to ensure that written blocks are 
-				// always the correct length. If there is still 
-				// data in writeCache after the writing round 
-				// has finished, then the data will be written 
+				// The writeCache will be carried over to the
+				// next write round, and added to the start of
+				// $data to ensure that written blocks are
+				// always the correct length. If there is still
+				// data in writeCache after the writing round
+				// has finished, then the data will be written
 				// to disk by $this->flush().
 				$this->writeCache = $data;
 
@@ -363,7 +363,7 @@ class Stream {
 
 				$encrypted = $this->preWriteEncrypt($chunk, $this->plainKey);
 
-				// Write the data chunk to disk. This will be 
+				// Write the data chunk to disk. This will be
 				// attended to the last data chunk if the file
 				// being handled totals more than 6126 bytes
 				fwrite($this->handle, $encrypted);
@@ -488,6 +488,7 @@ class Stream {
 				$this->meta['mode'] !== 'rb' &&
 				$this->size > 0
 		) {
+
 			// only write keyfiles if it was a new file
 			if ($this->newFile === true) {
 
@@ -535,6 +536,7 @@ class Stream {
 
 			// set fileinfo
 			$this->rootView->putFileInfo($this->rawPath, $fileInfo);
+
 		}
 
 		return fclose($this->handle);
diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php
index b8d68623493..cd4db05fb9b 100644
--- a/apps/files_encryption/lib/util.php
+++ b/apps/files_encryption/lib/util.php
@@ -508,10 +508,11 @@ class Util {
 
 			// get the size from filesystem
 			$fullPath = $this->view->getLocalFile($path);
-			$size = filesize($fullPath);
+			$size = $this->view->filesize($path);
 
 			// calculate last chunk nr
 			$lastChunkNr = floor($size / 8192);
+			$lastChunkSize = $size - ($lastChunkNr * 8192);
 
 			// open stream
 			$stream = fopen('crypt://' . $path, "r");
@@ -524,7 +525,7 @@ class Util {
 				fseek($stream, $lastChunckPos);
 
 				// get the content of the last chunk
-				$lastChunkContent = fread($stream, 8192);
+				$lastChunkContent = fread($stream, $lastChunkSize);
 
 				// calc the real file size with the size of the last chunk
 				$realSize = (($lastChunkNr * 6126) + strlen($lastChunkContent));
@@ -1136,6 +1137,11 @@ class Util {
 		// Make sure that a share key is generated for the owner too
 		list($owner, $ownerPath) = $this->getUidAndFilename($filePath);
 
+		$pathinfo = pathinfo($ownerPath);
+		if(array_key_exists('extension', $pathinfo) && $pathinfo['extension'] === 'part') {
+			$ownerPath = $pathinfo['dirname'] . '/' . $pathinfo['filename'];
+		}
+
 		$userIds = array();
 		if ($sharingEnabled) {
 
@@ -1289,8 +1295,25 @@ class Util {
 	 */
 	public function getUidAndFilename($path) {
 
+		$pathinfo = pathinfo($path);
+		$partfile = false;
+		$parentFolder = false;
+		if (array_key_exists('extension', $pathinfo) && $pathinfo['extension'] === 'part') {
+			// if the real file exists we check this file
+			$filePath = $this->userFilesDir . '/' .$pathinfo['dirname'] . '/' . $pathinfo['filename'];
+			if ($this->view->file_exists($filePath)) {
+				$pathToCheck = $pathinfo['dirname'] . '/' . $pathinfo['filename'];
+			} else { // otherwise we look for the parent
+				$pathToCheck = $pathinfo['dirname'];
+				$parentFolder = true;
+			}
+			$partfile = true;
+		} else {
+			$pathToCheck = $path;
+		}
+
 		$view = new \OC\Files\View($this->userFilesDir);
-		$fileOwnerUid = $view->getOwner($path);
+		$fileOwnerUid = $view->getOwner($pathToCheck);
 
 		// handle public access
 		if ($this->isPublic) {
@@ -1319,12 +1342,18 @@ class Util {
 				$filename = $path;
 
 			} else {
-
-				$info = $view->getFileInfo($path);
+				$info = $view->getFileInfo($pathToCheck);
 				$ownerView = new \OC\Files\View('/' . $fileOwnerUid . '/files');
 
 				// Fetch real file path from DB
-				$filename = $ownerView->getPath($info['fileid']); // TODO: Check that this returns a path without including the user data dir
+				$filename = $ownerView->getPath($info['fileid']);
+				if ($parentFolder) {
+					$filename = $filename . '/'. $pathinfo['filename'];
+				}
+
+				if ($partfile) {
+					$filename = $filename . '.' . $pathinfo['extension'];
+				}
 
 			}
 
@@ -1333,10 +1362,9 @@ class Util {
 				\OC_Filesystem::normalizePath($filename)
 			);
 		}
-
-
 	}
 
+
 	/**
 	 * @brief go recursively through a dir and collect all files and sub files.
 	 * @param string $dir relative to the users files folder