From 064ac77e449ac4227d2c973ba1c96be4fec6ffbc Mon Sep 17 00:00:00 2001 From: Thomas Müller Date: Tue, 8 Jul 2014 13:07:05 +0200 Subject: Kill legacy encryption migration --- apps/files_encryption/lib/crypt.php | 90 ----------------------------------- apps/files_encryption/lib/proxy.php | 15 ------ apps/files_encryption/lib/session.php | 32 ------------- apps/files_encryption/lib/util.php | 52 +------------------- 4 files changed, 2 insertions(+), 187 deletions(-) (limited to 'apps/files_encryption/lib') diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php index ee2c4024e09..5632a2bc298 100755 --- a/apps/files_encryption/lib/crypt.php +++ b/apps/files_encryption/lib/crypt.php @@ -25,8 +25,6 @@ namespace OCA\Encryption; -require_once __DIR__ . '/../3rdparty/Crypt_Blowfish/Blowfish.php'; - /** * Class for common cryptography functionality */ @@ -178,36 +176,6 @@ class Crypt { } - /** - * Check if a file is encrypted via legacy system - * @param boolean $isCatFileContent - * @param string $relPath The path of the file, relative to user/data; - * e.g. filename or /Docs/filename, NOT admin/files/filename - * @return boolean - */ - public static function isLegacyEncryptedContent($isCatFileContent, $relPath) { - - // Fetch all file metadata from DB - $metadata = \OC\Files\Filesystem::getFileInfo($relPath, ''); - - // If a file is flagged with encryption in DB, but isn't a - // valid content + IV combination, it's probably using the - // legacy encryption system - if (isset($metadata['encrypted']) - && $metadata['encrypted'] === true - && $isCatFileContent === false - ) { - - return true; - - } else { - - return false; - - } - - } - /** * Symmetrically encrypt a string * @param string $plainContent @@ -522,62 +490,4 @@ class Crypt { } - /** - * Get the blowfish encryption handler for a key - * @param string $key (optional) - * @return \Crypt_Blowfish blowfish object - * - * if the key is left out, the default handler will be used - */ - private static function getBlowfish($key = '') { - - if ($key) { - - return new \Legacy_Crypt_Blowfish($key); - - } else { - - return false; - - } - - } - - /** - * decrypts content using legacy blowfish system - * @param string $content the cleartext message you want to decrypt - * @param string $passphrase - * @return string cleartext content - * - * This function decrypts an content - */ - public static function legacyDecrypt($content, $passphrase = '') { - - $bf = self::getBlowfish($passphrase); - - $decrypted = $bf->decrypt($content); - - return $decrypted; - } - - /** - * @param string $data - * @param string $key - * @param int $maxLength - * @return string - */ - public static function legacyBlockDecrypt($data, $key = '', $maxLength = 0) { - - $result = ''; - while (strlen($data)) { - $result .= self::legacyDecrypt(substr($data, 0, 8192), $key); - $data = substr($data, 8192); - } - if ($maxLength > 0) { - return substr($result, 0, $maxLength); - } else { - return rtrim($result, "\0"); - } - } - } diff --git a/apps/files_encryption/lib/proxy.php b/apps/files_encryption/lib/proxy.php index 852b9111c12..c814e6cb55b 100644 --- a/apps/files_encryption/lib/proxy.php +++ b/apps/files_encryption/lib/proxy.php @@ -203,9 +203,6 @@ class Proxy extends \OC_FileProxy { $plainData = null; $view = new \OC\Files\View('/'); - // init session - $session = new \OCA\Encryption\Session($view); - // If data is a catfile if ( Crypt::mode() === 'server' @@ -220,18 +217,6 @@ class Proxy extends \OC_FileProxy { } } - } elseif ( - Crypt::mode() == 'server' - && \OC::$session->exists('legacyenckey') - && Crypt::isEncryptedMeta($path) - ) { - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - $plainData = Crypt::legacyBlockDecrypt($data, $session->getLegacyKey()); - - \OC_FileProxy::$enabled = $proxyStatus; } if (!isset($plainData)) { diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php index ef18b924dd8..4b28f0ce676 100644 --- a/apps/files_encryption/lib/session.php +++ b/apps/files_encryption/lib/session.php @@ -204,36 +204,4 @@ class Session { } } - - /** - * Sets user legacy key to session - * @param string $legacyKey - * @return bool - */ - public function setLegacyKey($legacyKey) { - - \OC::$session->set('legacyKey', $legacyKey); - - return true; - } - - /** - * Gets user legacy key from session - * @return string $legacyKey The user's plaintext legacy key - * - */ - public function getLegacyKey() { - - if (!is_null(\OC::$session->get('legacyKey'))) { - - return \OC::$session->get('legacyKey'); - - } else { - - return false; - - } - - } - } diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index eb18507b4d5..ee9939318c6 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -236,7 +236,7 @@ class Util { * Find all files and their encryption status within a directory * @param string $directory The path of the parent directory to search * @param bool $found the founded files if called again - * @return array keys: plain, encrypted, legacy, broken + * @return array keys: plain, encrypted, broken * @note $directory needs to be a path relative to OC data dir. e.g. * /admin/files NOT /backup OR /home/www/oc/data/admin/files */ @@ -250,7 +250,6 @@ class Util { $found = array( 'plain' => array(), 'encrypted' => array(), - 'legacy' => array(), 'broken' => array(), ); } @@ -304,15 +303,6 @@ class Util { ); } - // If the file uses old - // encryption system - } elseif (Crypt::isLegacyEncryptedContent($isEncryptedPath, $relPath)) { - - $found['legacy'][] = array( - 'name' => $file, - 'path' => $filePath - ); - // If the file is not encrypted } else { @@ -691,12 +681,10 @@ class Util { /** * Encrypt all files in a directory * @param string $dirPath the directory whose files will be encrypted - * @param null $legacyPassphrase - * @param null $newPassphrase * @return bool * @note Encryption is recursive */ - public function encryptAll($dirPath, $legacyPassphrase = null, $newPassphrase = null) { + public function encryptAll($dirPath) { $result = true; @@ -765,42 +753,6 @@ class Util { } } - // Encrypt legacy encrypted files - if (!empty($legacyPassphrase) && !empty($newPassphrase)) { - - foreach ($found['legacy'] as $legacyFile) { - - // Fetch data from file - $legacyData = $this->view->file_get_contents($legacyFile['path']); - - // decrypt data, generate catfile - $decrypted = Crypt::legacyBlockDecrypt($legacyData, $legacyPassphrase); - - $rawPath = $legacyFile['path']; - - // enable proxy the ensure encryption is handled - \OC_FileProxy::$enabled = true; - - // Open enc file handle for binary writing, with same filename as original plain file - $encHandle = $this->view->fopen($rawPath, 'wb'); - - if (is_resource($encHandle)) { - - // write data to stream - fwrite($encHandle, $decrypted); - - // close stream - fclose($encHandle); - } else { - \OCP\Util::writeLog('files_encryption', 'initial encryption: could not encrypt legacy file ' . $rawPath, \OCP\Util::FATAL); - $result = false; - } - - // disable proxy to prevent file being encrypted twice - \OC_FileProxy::$enabled = false; - } - } - \OC_FileProxy::$enabled = true; if ($versionStatus) { -- cgit v1.2.3