From fcda3a20f455795b898161ec4ada0aeb500b9218 Mon Sep 17 00:00:00 2001
From: Bjoern Schiessle <bjoern@schiessle.org>
Date: Mon, 2 Jan 2017 21:24:37 +0100
Subject: create new encryption keys on password reset and backup the old one

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
---
 lib/private/Encryption/Keys/Storage.php | 35 +++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

(limited to 'lib/private/Encryption/Keys')

diff --git a/lib/private/Encryption/Keys/Storage.php b/lib/private/Encryption/Keys/Storage.php
index 8149ffe9dce..e8d152581fe 100644
--- a/lib/private/Encryption/Keys/Storage.php
+++ b/lib/private/Encryption/Keys/Storage.php
@@ -51,6 +51,9 @@ class Storage implements IStorage {
 	/** @var string */
 	private $encryption_base_dir;
 
+	/** @var string */
+	private $backup_base_dir;
+
 	/** @var array */
 	private $keyCache = [];
 
@@ -64,6 +67,7 @@ class Storage implements IStorage {
 
 		$this->encryption_base_dir = '/files_encryption';
 		$this->keys_base_dir = $this->encryption_base_dir .'/keys';
+		$this->backup_base_dir = $this->encryption_base_dir .'/backup';
 		$this->root_dir = $this->util->getKeyStorageRoot();
 	}
 
@@ -286,6 +290,37 @@ class Storage implements IStorage {
 		return false;
 	}
 
+	/**
+	 * backup keys of a given encryption module
+	 *
+	 * @param string $encryptionModuleId
+	 * @param string $purpose
+	 * @param string $uid
+	 * @return bool
+	 * @since 12.0.0
+	 */
+	public function backupUserKeys($encryptionModuleId, $purpose, $uid) {
+		$source = $uid . $this->encryption_base_dir . '/' . $encryptionModuleId;
+		$backupDir = $uid . $this->backup_base_dir;
+		if (!$this->view->file_exists($backupDir)) {
+			$this->view->mkdir($backupDir);
+		}
+
+		$backupDir = $backupDir . '/' . $purpose . '.' . $encryptionModuleId . '.' . $this->getTimestamp();
+		$this->view->mkdir($backupDir);
+
+		return $this->view->copy($source, $backupDir);
+	}
+
+	/**
+	 * get the current timestamp
+	 *
+	 * @return int
+	 */
+	protected function getTimestamp() {
+		return time();
+	}
+
 	/**
 	 * get system wide path and detect mount points
 	 *
-- 
cgit v1.2.3