Merge branch 'files_encryption' of github.com:owncloud/core into files_encryption

2013-05-18 10:33:44 +02:00 · 2013-05-18 10:33:44 +02:00 · 173332afcc
parent f70240f430 41165afa59
commit 173332afcc
2 changed files with 56 additions and 120 deletions
--- a/apps/files_encryption/lib/crypt.php
+++ b/apps/files_encryption/lib/crypt.php
@ -155,7 +155,7 @@ class Crypt {
 		// TODO: Use DI to get \OC\Files\Filesystem out of here
 	
 		// Fetch all file metadata from DB
-		$metadata = \OC\Files\Filesystem::getFileInfo( $path, '' );
+		$metadata = \OC\Files\Filesystem::getFileInfo( $path);
 		
 		// Return encryption status
 		return isset( $metadata['encrypted'] ) and ( bool )$metadata['encrypted'];
@ -474,78 +474,9 @@ class Crypt {
 	}
 		
 	/**
-	* @brief Symmetrically encrypt a file by combining encrypted component data blocks
-	*/
-	public static function symmetricBlockEncryptFileContent( $plainContent, $key ) {
-	
-		$crypted = '';
-		
-		$remaining = $plainContent;
-		
-		$testarray = array();
-		
-		while( strlen( $remaining ) ) {
-		
-			//echo "\n\n\$block = ".substr( $remaining, 0, 6126 );
-		
-			// Encrypt a chunk of unencrypted data and add it to the rest
-			$block = self::symmetricEncryptFileContent( substr( $remaining, 0, 6126 ), $key );
-			
-			$padded = self::addPadding( $block );
-			
-			$crypted .= $block;
-			
-			$testarray[] = $block;
-			
-			// Remove the data already encrypted from remaining unencrypted data
-			$remaining = substr( $remaining, 6126 );
-		
-		}
-		
-		//echo "hags   ";
-		
-		//echo "\n\n\n\$crypted = $crypted\n\n\n";
-		
-		//print_r($testarray);
-		
-		return $crypted;
-
-	}
-
-
-	/**
-	* @brief Symmetrically decrypt a file by combining encrypted component data blocks
-	*/
-	public static function symmetricBlockDecryptFileContent( $crypted, $key ) {
-		
-		$decrypted = '';
-		
-		$remaining = $crypted;
-		
-		$testarray = array();
-		
-		while( strlen( $remaining ) ) {
-			
-			$testarray[] = substr( $remaining, 0, 8192 );
-		
-			// Decrypt a chunk of unencrypted data and add it to the rest
-			$decrypted .= self::symmetricDecryptFileContent( $remaining, $key );
-			
-			// Remove the data already encrypted from remaining unencrypted data
-			$remaining = substr( $remaining, 8192 );
-			
-		}
-		
-		//echo "\n\n\$testarray = "; print_r($testarray);
-		
-		return $decrypted;
-		
-	}
-	
-        /**
-         * @brief Generates a pseudo random initialisation vector
-         * @return String $iv generated IV
-         */
+	 * @brief Generates a pseudo random initialisation vector
+	 * @return String $iv generated IV
+	 */
 	public static function generateIv() {
 		
 		if ( $random = openssl_random_pseudo_bytes( 12, $strong ) ) {
@ -571,10 +502,10 @@ class Crypt {
 		
 	}
 	
-        /**
-         * @brief Generate a pseudo random 1024kb ASCII key
-         * @returns $key Generated key
-         */
+	/**
+	 * @brief Generate a pseudo random 1024kb ASCII key
+	 * @returns $key Generated key
+	 */
 	public static function generateKey() {
 		
 		// Generate key
@ -597,29 +528,6 @@ class Crypt {
 		
 	}

-	public static function changekeypasscode( $oldPassword, $newPassword ) {
-
-		if ( \OCP\User::isLoggedIn() ) {
-		
-			$key = Keymanager::getPrivateKey( $user, $view );
-			
-			if ( ( $key = Crypt::symmetricDecryptFileContent($key,$oldpasswd) ) ) {
-			
-				if ( ( $key = Crypt::symmetricEncryptFileContent( $key, $newpasswd ) ) ) {
-				
-					Keymanager::setPrivateKey( $key );
-					
-					return true;
-				}
-				
-			}
-			
-		}
-		
-		return false;
-		
-	}
-	
 	/**
 	 * @brief Get the blowfish encryption handeler for a key
 	 * @param $key string (optional)
@ -652,7 +560,7 @@ class Crypt {
 		return $legacyEncKey;
 	
 	}
-	
+
 	/**
 	 * @brief encrypts content using legacy blowfish system
 	 * @param $content the cleartext message you want to encrypt
@ -683,7 +591,7 @@ class Crypt {
 		
 		$decrypted = $bf->decrypt( $content );
 		
-		return $decrypted;
+		return rtrim($decrypted, "\0");;
 		
 	}

@ -713,18 +621,5 @@ class Crypt {
 		return array( 'data' => $cryptedData['encrypted'], 'filekey' => $multiEncrypted['data'], 'sharekeys' => $multiEncrypted['keys'] );
 	
 	}
-	
-	/**
-	* @brief Re-encryptes a legacy blowfish encrypted file using AES with integrated IV
-	* @param $legacyContent the legacy encrypted content to re-encrypt
-	* @returns cleartext content
-	*
-	* This function decrypts an content
-	*/
-	public static function legacyRecrypt( $legacyContent, $legacyPassphrase, $newPassphrase ) {
-		
-		// TODO: write me
-	
-	}
-	
+
 }
--- a/apps/files_encryption/tests/crypt.php
+++ b/apps/files_encryption/tests/crypt.php
@ -340,7 +340,7 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase {
 		//print_r($r);
 		
 		// Join IVs and their respective data chunks
-		$e = array( $r[0].$r[1], $r[2].$r[3], $r[4].$r[5], $r[6].$r[7], $r[8].$r[9], $r[10].$r[11], $r[12].$r[13] );//.$r[11], $r[12].$r[13], $r[14] );
+		$e = array( $r[0].$r[1], $r[2].$r[3], $r[4].$r[5], $r[6].$r[7], $r[8].$r[9], $r[10].$r[11]);//.$r[11], $r[12].$r[13], $r[14] );
 		
 		//print_r($e);

@ -395,6 +395,14 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase {
 		// Test that data was successfully written
 		$this->assertTrue( is_int( $cryptedFile ) );

+		// Disable encryption proxy to prevent recursive calls
+		$proxyStatus = \OC_FileProxy::$enabled;
+		\OC_FileProxy::$enabled = false;
+
+		$this->assertTrue(Encryption\Crypt::isEncryptedMeta($filename));
+
+		\OC_FileProxy::$enabled = $proxyStatus;
+
        // Get file decrypted contents
        $decrypt = file_get_contents( 'crypt://' . $filename );
 		
@ -595,7 +603,7 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase {
 	 */
 	function testLegacyKeyRecryptKeyfileEncrypt( $crypted ) {
 	
-		$recrypted = Encryption\Crypt::LegacyKeyRecryptKeyfile( $crypted, $this->pass, $this->genPublicKey, $this->pass );
+		$recrypted = Encryption\Crypt::LegacyKeyRecryptKeyfile( $crypted, $this->pass, array($this->genPublicKey), $this->pass, '');
 		
 		$this->assertNotEquals( $this->dataLong, $recrypted['data'] );
 		
@ -616,7 +624,7 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase {
        // Test that data was successfully written
        $this->assertTrue( is_int( $cryptedFile ) );

-        // Get file decrypted contents
+		// Get file decrypted contents
        $decrypt = file_get_contents( 'crypt://' . $filename );

        $this->assertEquals( $this->dataLong, $decrypt );
@ -649,7 +657,7 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase {

        $this->assertEquals( $this->dataLong, $decrypt );

-        $newFolder = '/newfolder1';
+        $newFolder = '/newfolder'.time();
        $newFilename = 'tmp-new-'.time();
        $view = new \OC\Files\View('/' . $this->userId . '/files');
        $view->mkdir($newFolder);
@ -664,6 +672,39 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase {
        $view->unlink( $newFolder );
    }

+	function testMoveFolder() {
+
+		$view = new \OC\Files\View('/' . $this->userId . '/files');
+
+		$filename = '/tmp-'.time();
+		$folder = '/folder'.time();
+
+		$view->mkdir($folder);
+
+		// Save long data as encrypted file using stream wrapper
+		$cryptedFile = file_put_contents( 'crypt://' . $folder . $filename, $this->dataLong );
+
+		// Test that data was successfully written
+		$this->assertTrue( is_int( $cryptedFile ) );
+
+		// Get file decrypted contents
+		$decrypt = file_get_contents( 'crypt://' . $folder . $filename );
+
+		$this->assertEquals( $this->dataLong, $decrypt );
+
+		$newFolder = '/newfolder'.time();
+
+		$view->rename( $folder, $newFolder );
+
+		// Get file decrypted contents
+		$newDecrypt = file_get_contents( 'crypt://' . $newFolder . $filename );
+
+		$this->assertEquals( $this->dataLong, $newDecrypt );
+
+		// tear down
+		$view->unlink( $newFolder );
+	}
+
 	function testRenameFolder() {

 		$filename = '/tmp-'.time();