nextcloud/apps/files_encryption/lib/proxy.php

131 lines
3.7 KiB
PHP
Raw Normal View History

2011-10-21 19:02:11 +04:00
<?php
/**
* ownCloud
*
* @author Robin Appelman
* @copyright 2011 Robin Appelman icewind1991@gmail.com
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
/**
* transparent encryption
*/
class OC_FileProxy_Encryption extends OC_FileProxy{
2011-11-24 04:44:54 +04:00
private static $blackList=null; //mimetypes blacklisted from encryption
2012-04-18 18:02:35 +04:00
private static $enableEncryption=null;
2012-08-29 10:42:49 +04:00
2011-11-24 04:44:54 +04:00
/**
* check if a file should be encrypted during write
* @param string $path
* @return bool
*/
2012-09-07 17:22:01 +04:00
private static function shouldEncrypt($path) {
if(is_null(self::$enableEncryption)) {
2012-05-02 16:11:29 +04:00
self::$enableEncryption=(OCP\Config::getAppValue('files_encryption','enable_encryption','true')=='true');
2012-04-18 18:02:35 +04:00
}
2012-09-07 17:22:01 +04:00
if(!self::$enableEncryption) {
2012-04-18 18:02:35 +04:00
return false;
}
2012-09-07 17:22:01 +04:00
if(is_null(self::$blackList)) {
2012-10-24 01:01:10 +04:00
self::$blackList=explode(',', OCP\Config::getAppValue('files_encryption', 'type_blacklist', 'jpg,png,jpeg,avi,mpg,mpeg,mkv,mp3,oga,ogv,ogg'));
2011-11-24 04:44:54 +04:00
}
2012-09-07 17:22:01 +04:00
if(self::isEncrypted($path)) {
2011-11-24 04:44:54 +04:00
return true;
}
2012-10-24 01:01:10 +04:00
$extension=substr($path, strrpos($path, '.')+1);
if(array_search($extension, self::$blackList)===false) {
2011-11-24 04:44:54 +04:00
return true;
}
}
/**
* check if a file is encrypted
* @param string $path
* @return bool
*/
2012-09-07 17:22:01 +04:00
private static function isEncrypted($path) {
$metadata=OC_FileCache_Cached::get($path,'');
2012-04-25 02:10:29 +04:00
return isset($metadata['encrypted']) and (bool)$metadata['encrypted'];
2011-11-24 04:44:54 +04:00
}
2012-08-29 10:42:49 +04:00
2012-09-07 17:22:01 +04:00
public function preFile_put_contents($path,&$data) {
if(self::shouldEncrypt($path)) {
if (!is_resource($data)) {//stream put contents should have been converter to fopen
$size=strlen($data);
$data=OC_Crypt::blockEncrypt($data);
2012-10-24 00:53:54 +04:00
OC_FileCache::put($path, array('encrypted'=>true,'size'=>$size),'');
2011-10-21 19:02:11 +04:00
}
}
}
2012-08-29 10:42:49 +04:00
2012-09-07 17:22:01 +04:00
public function postFile_get_contents($path,$data) {
if(self::isEncrypted($path)) {
$cached=OC_FileCache_Cached::get($path,'');
$data=OC_Crypt::blockDecrypt($data,'',$cached['size']);
2011-10-21 19:02:11 +04:00
}
2011-11-24 04:44:54 +04:00
return $data;
2011-10-21 19:02:11 +04:00
}
2012-08-29 10:42:49 +04:00
2012-09-07 17:22:01 +04:00
public function postFopen($path,&$result) {
if(!$result) {
2011-11-24 04:44:54 +04:00
return $result;
}
$meta=stream_get_meta_data($result);
2012-09-07 17:22:01 +04:00
if(self::isEncrypted($path)) {
2011-10-21 19:02:11 +04:00
fclose($result);
2011-11-24 04:44:54 +04:00
$result=fopen('crypt://'.$path,$meta['mode']);
2012-09-07 17:22:01 +04:00
}elseif(self::shouldEncrypt($path) and $meta['mode']!='r' and $meta['mode']!='rb') {
if(OC_Filesystem::file_exists($path) and OC_Filesystem::filesize($path)>0) {
2011-11-24 04:44:54 +04:00
//first encrypt the target file so we don't end up with a half encrypted file
OCP\Util::writeLog('files_encryption','Decrypting '.$path.' before writing',OCP\Util::DEBUG);
$tmp=fopen('php://temp');
OCP\Files::streamCopy($result,$tmp);
fclose($result);
OC_Filesystem::file_put_contents($path,$tmp);
fclose($tmp);
2011-11-24 04:44:54 +04:00
}
2011-10-22 16:11:15 +04:00
$result=fopen('crypt://'.$path,$meta['mode']);
2011-10-21 19:02:11 +04:00
}
2011-11-24 04:44:54 +04:00
return $result;
2011-10-21 19:02:11 +04:00
}
2012-02-16 00:44:58 +04:00
2012-09-07 17:22:01 +04:00
public function postGetMimeType($path,$mime) {
if(self::isEncrypted($path)) {
$mime=OCP\Files::getMimeType('crypt://'.$path,'w');
}
return $mime;
2012-02-16 00:44:58 +04:00
}
2012-09-07 17:22:01 +04:00
public function postStat($path,$data) {
if(self::isEncrypted($path)) {
$cached=OC_FileCache_Cached::get($path,'');
$data['size']=$cached['size'];
}
return $data;
}
2012-09-07 17:22:01 +04:00
public function postFileSize($path,$size) {
if(self::isEncrypted($path)) {
$cached=OC_FileCache_Cached::get($path,'');
return $cached['size'];
}else{
return $size;
}
}
2011-10-21 19:02:11 +04:00
}