From 63e7fe608a5f507c5d2b417c45cf26589d091ebc Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Wed, 14 Jan 2015 20:39:23 +0100 Subject: [PATCH 001/119] create basic interfaces and wrapper to make encryption more modular --- lib/private/encryption/keystorage.php | 223 ++++++++++++++++++++++++++ lib/public/encryption/ikeystorage.php | 87 ++++++++++ 2 files changed, 310 insertions(+) create mode 100644 lib/private/encryption/keystorage.php create mode 100644 lib/public/encryption/ikeystorage.php diff --git a/lib/private/encryption/keystorage.php b/lib/private/encryption/keystorage.php new file mode 100644 index 0000000000..5b56f6af4e --- /dev/null +++ b/lib/private/encryption/keystorage.php @@ -0,0 +1,223 @@ + + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE + * License as published by the Free Software Foundation; either + * version 3 of the License, or any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU AFFERO GENERAL PUBLIC LICENSE for more details. + * + * You should have received a copy of the GNU Affero General Public + * License along with this library. If not, see . + */ + +namespace OC\Encryption; + +class KeyStorage implements \OCP\Encryption\IKeyStorage { + + /** @var \OC\Files\View */ + private $view; + + /** @var \OC\Encryption\Util */ + private $util; + + // base dir where all the file related keys are stored + private static $keys_base_dir = '/files_encryption/keys/'; + private static $encryption_base_dir = '/files_encryption'; + + private static $key_cache = array(); // cache keys + + /** + * @param \OC\Files\View $view + * @param \OC\Encryption\Util $util + */ + public function __construct(\OC\Files\View $view, \OC\Encryption\Util $util) { + $this->view = $view; + $this->util = $util; + } + + /** + * get user specific key + * + * @param string $uid ID if the user for whom we want the key + * @param string $keyid id of the key + * + * @return mixed key + */ + public function getUserKey($uid, $keyid) { + $path = '/' . $uid . self::$encryption_base_dir . '/' . $uid . '.' . $keyid; + return $this->getKey($path); + + } + + /** + * get file specific key + * + * @param string $path path to file + * @param string $keyId id of the key + * + * @return mixed key + */ + public function getFileKey($path, $keyId) { + $keyDir = $this->getFileKeyDir($path); + return $this->getKey($keyDir . $keyId); + } + + /** + * get system-wide encryption keys not related to a specific user, + * e.g something like a key for public link shares + * + * @param string $keyId id of the key + * + * @return mixed key + */ + public function getSystemUserKey($keyId) { + $path = '/' . self::$encryption_base_dir . '/' . $keyId; + return $this->getKey($path); + } + + /** + * set user specific key + * + * @param string $uid ID if the user for whom we want the key + * @param string $keyId id of the key + * @param mixed $key + */ + public function setUserKey($uid, $keyId, $key) { + $path = '/' . $uid . self::$encryption_base_dir . '/' . $uid . '.' . $keyId; + return $this->setKey($path, $key); + } + + /** + * set file specific key + * + * @param string $path path to file + * @param string $keyId id of the key + * @param mixed $key + */ + public function setFileKey($path, $keyId, $key) { + $keyDir = $this->getFileKeyDir($path); + return $this->setKey($keyDir . $keyId, $key); + } + + /** + * set system-wide encryption keys not related to a specific user, + * e.g something like a key for public link shares + * + * @param string $keyId id of the key + * @param mixed $key + * + * @return mixed key + */ + public function setSystemUserKey($keyId, $key) { + $path = '/' . self::$encryption_base_dir . '/' . $keyId; + return $this->setKey($path, $key); + } + + + /** + * read key from hard disk + * + * @param string $path to key + * @return string + */ + private function getKey($path) { + + $key = ''; + + if (isset(self::$key_cache[$path])) { + $key = self::$key_cache[$path]; + } else { + + /** @var \OCP\Files\Storage $storage */ + list($storage, $internalPath) = $this->view->resolvePath($path); + + if ($storage->file_exists($internalPath)) { + $key = $storage->file_get_contents($internalPath); + self::$key_cache[$path] = $key; + } + + } + + return $key; + } + + /** + * write key to disk + * + * + * @param string $path path to key directory + * @param string $key key + * @return bool + */ + private function setKey($path, $key) { + $this->keySetPreparation(dirname($path)); + + /** @var \OCP\Files\Storage $storage */ + list($storage, $internalPath) = \OC\Files\Filesystem::resolvePath($path); + $result = $storage->file_put_contents($internalPath, $key); + + if (is_int($result) && $result > 0) { + self::$key_cache[$path] = $key; + return true; + } + + return false; + } + + /** + * get path to key folder for a given file + * + * @param string $path path to the file, relative to the users file directory + * @return string + */ + private function getFileKeyDir($path) { + + if ($this->view->is_dir('/' . \OCP\User::getUser() . '/' . $path)) { + throw new Exception\EncryptionException('file was expected but directoy was given', Exception\EncryptionException::GENERIC); + } + + list($owner, $filename) = $this->util->getUidAndFilename($path); + $filename = $this->util->stripPartialFileExtension($filename); + $filePath_f = ltrim($filename, '/'); + + // in case of system wide mount points the keys are stored directly in the data directory + if ($this->util->isSystemWideMountPoint($filename)) { + $keyPath = self::$keys_base_dir . $filePath_f . '/'; + } else { + $keyPath = '/' . $owner . self::$keys_base_dir . $filePath_f . '/'; + } + + return $keyPath; + } + + /** + * Make preparations to filesystem for saving a keyfile + * + * @param string $path relative to the views root + */ + protected function keySetPreparation($path) { + // If the file resides within a subdirectory, create it + if (!$this->view->file_exists($path)) { + $sub_dirs = explode('/', $path); + $dir = ''; + foreach ($sub_dirs as $sub_dir) { + $dir .= '/' . $sub_dir; + if (!$this->view->is_dir($dir)) { + $this->view->mkdir($dir); + } + } + } + } + +} diff --git a/lib/public/encryption/ikeystorage.php b/lib/public/encryption/ikeystorage.php new file mode 100644 index 0000000000..cf94d56e59 --- /dev/null +++ b/lib/public/encryption/ikeystorage.php @@ -0,0 +1,87 @@ + + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE + * License as published by the Free Software Foundation; either + * version 3 of the License, or any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU AFFERO GENERAL PUBLIC LICENSE for more details. + * + * You should have received a copy of the GNU Affero General Public + * License along with this library. If not, see . + */ + +namespace OCP\Encryption; + +interface IKeyStorage { + + /** + * get user specific key + * + * @param string $uid ID if the user for whom we want the key + * @param string $keyid id of the key + * + * @return mixed key + */ + public function getUserKey($uid, $keyid); + + /** + * get file specific key + * + * @param string $path path to file + * @param string $keyid id of the key + * + * @return mixed key + */ + public function getFileKey($path, $keyid); + + /** + * get system-wide encryption keys not related to a specific user, + * e.g something like a key for public link shares + * + * @param string $keyid id of the key + * + * @return mixed key + */ + public function getSystemUserKey($uid, $keyid); + + /** + * set user specific key + * + * @param string $uid ID if the user for whom we want the key + * @param string $keyid id of the key + * @param mixed $key + */ + public function setUserKey($uid, $keyid, $key); + + /** + * set file specific key + * + * @param string $path path to file + * @param string $keyid id of the key + * @param mixed $key + */ + public function setFileKey($path, $keyid, $key); + + /** + * set system-wide encryption keys not related to a specific user, + * e.g something like a key for public link shares + * + * @param string $keyid id of the key + * @param mixed $key + * + * @return mixed key + */ + public function setSystemUserKey($uid, $keyid, $key); + +} From 39733c8da1c12cc79b7d650edf2ea1074330ee5f Mon Sep 17 00:00:00 2001 From: Clark Tomlinson Date: Tue, 24 Feb 2015 13:05:19 -0500 Subject: [PATCH 002/119] Initial commit --- apps/encryption/appinfo/app.php | 33 ++ apps/encryption/appinfo/encryption.php | 182 +++++++++ apps/encryption/appinfo/info.xml | 36 ++ apps/encryption/appinfo/routes.php | 39 ++ .../controller/recoverycontroller.php | 106 ++++++ apps/encryption/hooks/apphooks.php | 37 ++ apps/encryption/hooks/contracts/ihook.php | 32 ++ apps/encryption/hooks/filesystemhooks.php | 46 +++ apps/encryption/hooks/sharehooks.php | 40 ++ apps/encryption/hooks/userhooks.php | 304 +++++++++++++++ apps/encryption/lib/crypto/Encryption.php | 116 ++++++ apps/encryption/lib/crypto/crypt.php | 355 ++++++++++++++++++ apps/encryption/lib/hookmanager.php | 64 ++++ apps/encryption/lib/keymanager.php | 217 +++++++++++ apps/encryption/lib/migrator.php | 123 ++++++ apps/encryption/lib/recovery.php | 134 +++++++ apps/encryption/lib/setup.php | 38 ++ apps/encryption/lib/users/setup.php | 63 ++++ apps/encryption/settings/settings-admin.php | 24 ++ .../encryption/settings/settings-personal.php | 41 ++ apps/encryption/tests/lib/KeyManagerTest.php | 90 +++++ apps/encryption/tests/lib/MigratorTest.php | 62 +++ .../tests/lib/RequirementsCheckerTest.php | 51 +++ apps/files_encryption/lib/hooks.php | 226 ----------- .../exceptions/decryptionfailedexception.php | 28 ++ .../emptyencryptiondataexception.php | 28 ++ .../exceptions/encryptionfailedexception.php | 28 ++ .../encryptionheadertolargeexception.php | 28 ++ .../exceptions/genericencryptionexception.php | 27 ++ .../exceptions/privatekeymissingexception.php | 28 ++ .../exceptions/publickeymissingexception.php | 28 ++ .../unexpectedblocksizeexception.php | 28 ++ ...expectedendofencryptionheaderexception.php | 28 ++ .../exceptions/unknowncipherexception.php | 28 ++ lib/private/encryption/keystorage.php | 57 ++- lib/public/encryption/ikeystorage.php | 30 +- tests/lib/encryption/managertest.php | 58 +++ 37 files changed, 2630 insertions(+), 253 deletions(-) create mode 100644 apps/encryption/appinfo/app.php create mode 100644 apps/encryption/appinfo/encryption.php create mode 100644 apps/encryption/appinfo/info.xml create mode 100644 apps/encryption/appinfo/routes.php create mode 100644 apps/encryption/controller/recoverycontroller.php create mode 100644 apps/encryption/hooks/apphooks.php create mode 100644 apps/encryption/hooks/contracts/ihook.php create mode 100644 apps/encryption/hooks/filesystemhooks.php create mode 100644 apps/encryption/hooks/sharehooks.php create mode 100644 apps/encryption/hooks/userhooks.php create mode 100644 apps/encryption/lib/crypto/Encryption.php create mode 100644 apps/encryption/lib/crypto/crypt.php create mode 100644 apps/encryption/lib/hookmanager.php create mode 100644 apps/encryption/lib/keymanager.php create mode 100644 apps/encryption/lib/migrator.php create mode 100644 apps/encryption/lib/recovery.php create mode 100644 apps/encryption/lib/setup.php create mode 100644 apps/encryption/lib/users/setup.php create mode 100644 apps/encryption/settings/settings-admin.php create mode 100644 apps/encryption/settings/settings-personal.php create mode 100644 apps/encryption/tests/lib/KeyManagerTest.php create mode 100644 apps/encryption/tests/lib/MigratorTest.php create mode 100644 apps/encryption/tests/lib/RequirementsCheckerTest.php create mode 100644 lib/private/encryption/exceptions/decryptionfailedexception.php create mode 100644 lib/private/encryption/exceptions/emptyencryptiondataexception.php create mode 100644 lib/private/encryption/exceptions/encryptionfailedexception.php create mode 100644 lib/private/encryption/exceptions/encryptionheadertolargeexception.php create mode 100644 lib/private/encryption/exceptions/genericencryptionexception.php create mode 100644 lib/private/encryption/exceptions/privatekeymissingexception.php create mode 100644 lib/private/encryption/exceptions/publickeymissingexception.php create mode 100644 lib/private/encryption/exceptions/unexpectedblocksizeexception.php create mode 100644 lib/private/encryption/exceptions/unexpectedendofencryptionheaderexception.php create mode 100644 lib/private/encryption/exceptions/unknowncipherexception.php diff --git a/apps/encryption/appinfo/app.php b/apps/encryption/appinfo/app.php new file mode 100644 index 0000000000..72e7fc42ca --- /dev/null +++ b/apps/encryption/appinfo/app.php @@ -0,0 +1,33 @@ + + * @since 2/19/15, 9:52 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + +use OCA\Encryption\AppInfo\Encryption; + +if (!OC::$CLI) { + $di = \OC::$server; + $app = new Encryption('encryption', + [], + $di->getEncryptionManager(), + $di->getConfig()); + + $app->boot(); +} + diff --git a/apps/encryption/appinfo/encryption.php b/apps/encryption/appinfo/encryption.php new file mode 100644 index 0000000000..f2ab89aade --- /dev/null +++ b/apps/encryption/appinfo/encryption.php @@ -0,0 +1,182 @@ + + * @since 3/11/15, 11:03 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ +namespace OCA\Encryption\AppInfo; + + +use OCA\Encryption\Crypto\Crypt; +use OCA\Encryption\HookManager; +use OCA\Encryption\Hooks\AppHooks; +use OCA\Encryption\Hooks\FileSystemHooks; +use OCA\Encryption\Hooks\ShareHooks; +use OCA\Encryption\Hooks\UserHooks; +use OCA\Encryption\KeyManager; +use OCA\Encryption\Migrator; +use OCA\Encryption\Recovery; +use OCA\Encryption\Users\Setup; +use OCP\App; +use OCP\AppFramework\IAppContainer; +use OCP\Encryption\IManager; +use OCP\IConfig; + + +class Encryption extends \OCP\AppFramework\App { + /** + * @var IManager + */ + private $encryptionManager; + /** + * @var IConfig + */ + private $config; + + /** + * @param $appName + * @param array $urlParams + * @param IManager $encryptionManager + * @param IConfig $config + */ + public function __construct($appName, $urlParams = array(), IManager $encryptionManager, IConfig $config) { + parent::__construct($appName, $urlParams); + $this->encryptionManager = $encryptionManager; + $this->config = $config; + } + + /** + * + */ + public function boot() { + $this->registerServices(); + $this->registerHooks(); + $this->registerEncryptionModule(); + $this->registerSettings(); + } + + /** + * + */ + public function registerHooks() { + if (!$this->config->getSystemValue('maintenance', false)) { + + $container = $this->getContainer(); + $server = $container->getServer(); + // Register our hooks and fire them. + $hookManager = new HookManager(); + + $hookManager->registerHook([ + new UserHooks($container->query('KeyManager'), + $server->getLogger(), + $container->query('UserSetup'), + $container->query('Migrator'), + $server->getUserSession()), +// new ShareHooks(), +// new FileSystemHooks(), +// new AppHooks() + ]); + + $hookManager->fireHooks(); + + } else { + // Logout user if we are in maintenance to force re-login + $this->getContainer()->getServer()->getUserSession()->logout(); + } + } + + /** + * + */ + public function registerEncryptionModule() { +// $this->encryptionManager->registerEncryptionModule(new \OCA\Encryption\Crypto\Encryption()); + } + + /** + * + */ + public function registerServices() { + $container = $this->getContainer(); + + $container->registerService('Crypt', + function (IAppContainer $c) { + $server = $c->getServer(); + return new Crypt($server->getLogger(), + $server->getUserSession(), + $server->getConfig()); + }); + + $container->registerService('KeyManager', + function (IAppContainer $c) { + $server = $c->getServer(); + + return new KeyManager($server->getEncryptionKeyStorage(), + $c->query('Crypt'), + $server->getConfig(), + $server->getUserSession()); + }); + + + $container->registerService('Recovery', + function (IAppContainer $c) { + $server = $c->getServer(); + + return new Recovery( + $server->getUserSession(), + $c->query('Crypt'), + $server->getSecureRandom(), + $c->query('KeyManager'), + $server->getConfig(), + $server->getEncryptionKeyStorage()); + }); + + $container->registerService('UserSetup', + function (IAppContainer $c) { + $server = $c->getServer(); + return new Setup($server->getLogger(), + $server->getUserSession(), + $c->query('Crypt'), + $c->query('KeyManager')); + }); + + $container->registerService('Migrator', + function (IAppContainer $c) { + $server = $c->getServer(); + + return new Migrator($server->getUserSession(), + $server->getConfig(), + $server->getUserManager(), + $server->getLogger(), + $c->query('Crypt')); + }); + + } + + /** + * + */ + public function registerSettings() { + +// script('encryption', 'encryption'); +// script('encryption', 'detect-migration'); + + + // Register settings scripts + App::registerAdmin('encryption', 'settings/settings-admin'); + App::registerPersonal('encryption', 'settings/settings-personal'); + } +} diff --git a/apps/encryption/appinfo/info.xml b/apps/encryption/appinfo/info.xml new file mode 100644 index 0000000000..e4a7d790e9 --- /dev/null +++ b/apps/encryption/appinfo/info.xml @@ -0,0 +1,36 @@ + + + encryption + + This application encrypts all files accessed by ownCloud at rest, + wherever they are stored. As an example, with this application + enabled, external cloud based Amazon S3 storage will be encrypted, + protecting this data on storage outside of the control of the Admin. + When this application is enabled for the first time, all files are + encrypted as users log in and are prompted for their password. The + recommended recovery key option enables recovery of files in case + the key is lost. + Note that this app encrypts all files that are touched by ownCloud, + so external storage providers and applications such as SharePoint + will see new files encrypted when they are accessed. Encryption is + based on AES 128 or 256 bit keys. More information is available in + the Encryption documentation + +Encryption + AGPL + Bjoern Schiessle, Clark Tomlinson + 8 + true + + user-encryption + admin-encryption + + false + + + + + openssl + + + diff --git a/apps/encryption/appinfo/routes.php b/apps/encryption/appinfo/routes.php new file mode 100644 index 0000000000..a86f3717ce --- /dev/null +++ b/apps/encryption/appinfo/routes.php @@ -0,0 +1,39 @@ + + * @since 2/19/15, 11:22 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + + +use OCP\AppFramework\App; + +(new App('encryption'))->registerRoutes($this, array('routes' => array( + + [ + 'name' => 'recovery#adminRecovery', + 'url' => '/ajax/adminRecovery', + 'verb' => 'POST' + ], + [ + 'name' => 'recovery#userRecovery', + 'url' => '/ajax/userRecovery', + 'verb' => 'POST' + ] + + +))); diff --git a/apps/encryption/controller/recoverycontroller.php b/apps/encryption/controller/recoverycontroller.php new file mode 100644 index 0000000000..abea899333 --- /dev/null +++ b/apps/encryption/controller/recoverycontroller.php @@ -0,0 +1,106 @@ + + * @since 2/19/15, 11:25 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + +namespace OCA\Encryption\Controller; + + +use OCA\Encryption\Recovery; +use OCP\AppFramework\Controller; +use OCP\IConfig; +use OCP\IL10N; +use OCP\IRequest; +use OCP\JSON; +use Symfony\Component\HttpFoundation\JsonResponse; + +class RecoveryController extends Controller { + /** + * @var IConfig + */ + private $config; + /** + * @var IL10N + */ + private $l; + /** + * @var Recovery + */ + private $recovery; + + /** + * @param string $AppName + * @param IRequest $request + * @param IConfig $config + * @param IL10N $l10n + * @param Recovery $recovery + */ + public function __construct($AppName, IRequest $request, IConfig $config, IL10N $l10n, Recovery $recovery) { + parent::__construct($AppName, $request); + $this->config = $config; + $this->l = $l10n; + $this->recovery = $recovery; + } + + public function adminRecovery($recoveryPassword, $confirmPassword, $adminEnableRecovery) { + // Check if both passwords are the same + if (empty($recoveryPassword)) { + $errorMessage = $this->l->t('Missing recovery key password'); + return new JsonResponse(['data' => ['message' => $errorMessage]], 500); + } + + if (empty($confirmPassword)) { + $errorMessage = $this->l->t('Please repeat the recovery key password'); + return new JsonResponse(['data' => ['message' => $errorMessage]], 500); + } + + if ($recoveryPassword !== $confirmPassword) { + $errorMessage = $this->l->t('Repeated recovery key password does not match the provided recovery key password'); + return new JsonResponse(['data' => ['message' => $errorMessage]], 500); + } + + // Enable recoveryAdmin + $recoveryKeyId = $this->config->getAppValue('encryption', 'recoveryKeyId'); + + if (isset($adminEnableRecovery) && $adminEnableRecovery === '1') { + if ($this->recovery->enableAdminRecovery($recoveryKeyId, $recoveryPassword)) { + return new JsonResponse(['data' => array('message' => $this->l->t('Recovery key successfully enabled'))]); + } + return new JsonResponse(['data' => array('message' => $this->l->t('Could not enable recovery key. Please check your recovery key password!'))]); + } elseif (isset($adminEnableRecovery) && $adminEnableRecovery === '0') { + if ($this->recovery->disableAdminRecovery($recoveryKeyId, $recoveryPassword)) { + return new JsonResponse(['data' => array('message' => $this->l->t('Recovery key successfully disabled'))]); + } + return new JsonResponse(['data' => array('message' => $this->l->t('Could not disable recovery key. Please check your recovery key password!'))]); + } + } + + public function userRecovery($userEnableRecovery) { + if (isset($userEnableRecovery) && ($userEnableRecovery === '0' || $userEnableRecovery === '1')) { + $userId = $this->user->getUID(); + if ($userEnableRecovery === '1') { + // Todo xxx figure out if we need keyid's here or what. + return $this->recovery->addRecoveryKeys(); + } + // Todo xxx see :98 + return $this->recovery->removeRecoveryKeys(); + } + } + +} diff --git a/apps/encryption/hooks/apphooks.php b/apps/encryption/hooks/apphooks.php new file mode 100644 index 0000000000..713e9cadef --- /dev/null +++ b/apps/encryption/hooks/apphooks.php @@ -0,0 +1,37 @@ + + * @since 2/19/15, 10:02 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + +namespace OCA\Encryption\Hooks; + +use OCA\Encryption\Hooks\Contracts\IHook; +use OCP\Util; + +class AppHooks implements IHook { + /** + * Connects Hooks + * + * @return null + */ + public function addHooks() { + Util::connectHook('OC_App', 'pre_disable', 'OCA\Encryption\Hooks', 'preDisable'); + Util::connectHook('OC_App', 'post_disable', 'OCA\Encryption\Hooks', 'postEnable'); + } +} diff --git a/apps/encryption/hooks/contracts/ihook.php b/apps/encryption/hooks/contracts/ihook.php new file mode 100644 index 0000000000..2cc01fd7c9 --- /dev/null +++ b/apps/encryption/hooks/contracts/ihook.php @@ -0,0 +1,32 @@ + + * @since 2/19/15, 10:03 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + +namespace OCA\Encryption\Hooks\Contracts; + + +interface IHook { + /** + * Connects Hooks + * + * @return null + */ + public function addHooks(); +} diff --git a/apps/encryption/hooks/filesystemhooks.php b/apps/encryption/hooks/filesystemhooks.php new file mode 100644 index 0000000000..fda6b75b29 --- /dev/null +++ b/apps/encryption/hooks/filesystemhooks.php @@ -0,0 +1,46 @@ + + * @since 2/19/15, 10:02 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + +namespace OCA\Encryption\Hooks; + + +use OCA\Encryption\Hooks\Contracts\IHook; +use OCP\Util; + +class FileSystemHooks implements IHook { + + /** + * Connects Hooks + * + * @return null + */ + public function addHooks() { + Util::connectHook('OC_Filesystem', 'rename', 'OCA\Encryption\Hooks', 'preRename'); + Util::connectHook('OC_Filesystem', 'post_rename', 'OCA\Encryption\Hooks', 'postRenameOrCopy'); + Util::connectHook('OC_Filesystem', 'copy', 'OCA\Encryption\Hooks', 'preCopy'); + Util::connectHook('OC_Filesystem', 'post_copy', 'OCA\Encryption\Hooks', 'postRenameOrCopy'); + Util::connectHook('OC_Filesystem', 'post_delete', 'OCA\Encryption\Hooks', 'postDelete'); + Util::connectHook('OC_Filesystem', 'delete', 'OCA\Encryption\Hooks', 'preDelete'); + Util::connectHook('\OC\Core\LostPassword\Controller\LostController', 'post_passwordReset', 'OCA\Encryption\Hooks', 'postPasswordReset'); + Util::connectHook('OC_Filesystem', 'post_umount', 'OCA\Encryption\Hooks', 'postUnmount'); + Util::connectHook('OC_Filesystem', 'umount', 'OCA\Encryption\Hooks', 'preUnmount'); + } +} diff --git a/apps/encryption/hooks/sharehooks.php b/apps/encryption/hooks/sharehooks.php new file mode 100644 index 0000000000..fc50712b82 --- /dev/null +++ b/apps/encryption/hooks/sharehooks.php @@ -0,0 +1,40 @@ + + * @since 2/19/15, 10:02 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + +namespace OCA\Encryption\Hooks; + + +use OCA\Encryption\Hooks\Contracts\IHook; +use OCP\Util; + +class ShareHooks implements IHook { + + /** + * Connects Hooks + * + * @return null + */ + public function addHooks() { + Util::connectHook('OCP\Share', 'pre_shared', 'OCA\Encryption\Hooks', 'preShared'); + Util::connectHook('OCP\Share', 'post_shared', 'OCA\Encryption\Hooks', 'postShared'); + Util::connectHook('OCP\Share', 'post_unshare', 'OCA\Encryption\Hooks', 'postUnshare'); + } +} diff --git a/apps/encryption/hooks/userhooks.php b/apps/encryption/hooks/userhooks.php new file mode 100644 index 0000000000..79de70a6d0 --- /dev/null +++ b/apps/encryption/hooks/userhooks.php @@ -0,0 +1,304 @@ + + * @since 2/19/15, 10:02 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + +namespace OCA\Encryption\Hooks; + + +use OCA\Encryption\Hooks\Contracts\IHook; +use OCA\Encryption\KeyManager; +use OCA\Encryption\Migrator; +use OCA\Encryption\RequirementsChecker; +use OCA\Encryption\Users\Setup; +use OCP\App; +use OCP\ILogger; +use OCP\IUserSession; +use OCP\Util; +use Test\User; + +class UserHooks implements IHook { + /** + * @var KeyManager + */ + private $keyManager; + /** + * @var ILogger + */ + private $logger; + /** + * @var Setup + */ + private $userSetup; + /** + * @var Migrator + */ + private $migrator; + /** + * @var IUserSession + */ + private $user; + + /** + * UserHooks constructor. + * + * @param KeyManager $keyManager + * @param ILogger $logger + * @param Setup $userSetup + * @param Migrator $migrator + * @param IUserSession $user + */ + public function __construct( + KeyManager $keyManager, ILogger $logger, Setup $userSetup, Migrator $migrator, IUserSession $user) { + + $this->keyManager = $keyManager; + $this->logger = $logger; + $this->userSetup = $userSetup; + $this->migrator = $migrator; + $this->user = $user; + } + + /** + * Connects Hooks + * + * @return null + */ + public function addHooks() { + Util::connectHook('OC_User', 'post_login', $this, 'login'); + Util::connectHook('OC_User', 'logout', $this, 'logout'); + Util::connectHook('OC_User', 'post_setPassword', $this, 'setPassphrase'); + Util::connectHook('OC_User', 'pre_setPassword', $this, 'preSetPassphrase'); + Util::connectHook('OC_User', 'post_createUser', $this, 'postCreateUser'); + Util::connectHook('OC_User', 'post_deleteUser', $this, 'postDeleteUser'); + } + + + /** + * Startup encryption backend upon user login + * + * @note This method should never be called for users using client side encryption + */ + public function login($params) { + + if (!App::isEnabled('encryption')) { + return true; + } + + // ensure filesystem is loaded + // Todo: update? + if (!\OC\Files\Filesystem::$loaded) { + \OC_Util::setupFS($params['uid']); + } + + // setup user, if user not ready force relogin + if (!$this->userSetup->setupUser($params['password'])) { + return false; + } + + $cache = $this->keyManager->init(); + + // Check if first-run file migration has already been performed + $ready = false; + $migrationStatus = $this->migrator->getStatus($params['uid']); + if ($migrationStatus === Migrator::$migrationOpen && $cache !== false) { + $ready = $this->migrator->beginMigration(); + } elseif ($migrationStatus === Migrator::$migrationInProgress) { + // refuse login as long as the initial encryption is running + sleep(5); + $this->user->logout(); + return false; + } + + $result = true; + + // If migration not yet done + if ($ready) { + + // Encrypt existing user files + try { + $result = $util->encryptAll('/' . $params['uid'] . '/' . 'files'); + } catch (\Exception $ex) { + \OCP\Util::writeLog('Encryption library', 'Initial encryption failed! Error: ' . $ex->getMessage(), \OCP\Util::FATAL); + $result = false; + } + + if ($result) { + \OC_Log::write( + 'Encryption library', 'Encryption of existing files belonging to "' . $params['uid'] . '" completed' + , \OC_Log::INFO + ); + // Register successful migration in DB + $util->finishMigration(); + } else { + \OCP\Util::writeLog('Encryption library', 'Initial encryption failed!', \OCP\Util::FATAL); + $util->resetMigrationStatus(); + \OCP\User::logout(); + } + } + + return $result; + } + + /** + * remove keys from session during logout + */ + public function logout() { + $session = new Session(new \OC\Files\View()); + $session->removeKeys(); + } + + /** + * setup encryption backend upon user created + * + * @note This method should never be called for users using client side encryption + */ + public function postCreateUser($params) { + + if (App::isEnabled('files_encryption')) { + $view = new \OC\Files\View('/'); + $util = new Util($view, $params['uid']); + Helper::setupUser($util, $params['password']); + } + } + + /** + * cleanup encryption backend upon user deleted + * + * @note This method should never be called for users using client side encryption + */ + public function postDeleteUser($params) { + + if (App::isEnabled('files_encryption')) { + Keymanager::deletePublicKey(new \OC\Files\View(), $params['uid']); + } + } + + /** + * If the password can't be changed within ownCloud, than update the key password in advance. + */ + public function preSetPassphrase($params) { + if (App::isEnabled('files_encryption')) { + if (!\OC_User::canUserChangePassword($params['uid'])) { + self::setPassphrase($params); + } + } + } + + /** + * Change a user's encryption passphrase + * + * @param array $params keys: uid, password + */ + public function setPassphrase($params) { + if (App::isEnabled('files_encryption') === false) { + return true; + } + + // Only attempt to change passphrase if server-side encryption + // is in use (client-side encryption does not have access to + // the necessary keys) + if (Crypt::mode() === 'server') { + + $view = new \OC\Files\View('/'); + $session = new Session($view); + + // Get existing decrypted private key + $privateKey = $session->getPrivateKey(); + + if ($params['uid'] === \OCP\User::getUser() && $privateKey) { + + // Encrypt private key with new user pwd as passphrase + $encryptedPrivateKey = Crypt::symmetricEncryptFileContent($privateKey, $params['password'], Helper::getCipher()); + + // Save private key + if ($encryptedPrivateKey) { + Keymanager::setPrivateKey($encryptedPrivateKey, \OCP\User::getUser()); + } else { + \OCP\Util::writeLog('files_encryption', 'Could not update users encryption password', \OCP\Util::ERROR); + } + + // NOTE: Session does not need to be updated as the + // private key has not changed, only the passphrase + // used to decrypt it has changed + + + } else { // admin changed the password for a different user, create new keys and reencrypt file keys + + $user = $params['uid']; + $util = new Util($view, $user); + $recoveryPassword = isset($params['recoveryPassword']) ? $params['recoveryPassword'] : null; + + // we generate new keys if... + // ...we have a recovery password and the user enabled the recovery key + // ...encryption was activated for the first time (no keys exists) + // ...the user doesn't have any files + if (($util->recoveryEnabledForUser() && $recoveryPassword) + || !$util->userKeysExists() + || !$view->file_exists($user . '/files') + ) { + + // backup old keys + $util->backupAllKeys('recovery'); + + $newUserPassword = $params['password']; + + // make sure that the users home is mounted + \OC\Files\Filesystem::initMountPoints($user); + + $keypair = Crypt::createKeypair(); + + // Disable encryption proxy to prevent recursive calls + $proxyStatus = \OC_FileProxy::$enabled; + \OC_FileProxy::$enabled = false; + + // Save public key + Keymanager::setPublicKey($keypair['publicKey'], $user); + + // Encrypt private key with new password + $encryptedKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], $newUserPassword, Helper::getCipher()); + if ($encryptedKey) { + Keymanager::setPrivateKey($encryptedKey, $user); + + if ($recoveryPassword) { // if recovery key is set we can re-encrypt the key files + $util = new Util($view, $user); + $util->recoverUsersFiles($recoveryPassword); + } + } else { + \OCP\Util::writeLog('files_encryption', 'Could not update users encryption password', \OCP\Util::ERROR); + } + + \OC_FileProxy::$enabled = $proxyStatus; + } + } + } + } + + /** + * after password reset we create a new key pair for the user + * + * @param array $params + */ + public function postPasswordReset($params) { + $uid = $params['uid']; + $password = $params['password']; + + $util = new Util(new \OC\Files\View(), $uid); + $util->replaceUserKeys($password); + } +} diff --git a/apps/encryption/lib/crypto/Encryption.php b/apps/encryption/lib/crypto/Encryption.php new file mode 100644 index 0000000000..123581b83a --- /dev/null +++ b/apps/encryption/lib/crypto/Encryption.php @@ -0,0 +1,116 @@ + + * @since 3/6/15, 2:28 PM + * @link http:/www.clarkt.com + * @copyright Clark Tomlinson © 2015 + * + */ + +namespace OCA\Encryption\Crypto; + + +use OCP\Encryption\IEncryptionModule; + +class Encryption extends Crypt implements IEncryptionModule { + + /** + * @return string defining the technical unique id + */ + public function getId() { + // TODO: Implement getId() method. + } + + /** + * In comparison to getKey() this function returns a human readable (maybe translated) name + * + * @return string + */ + public function getDisplayName() { + // TODO: Implement getDisplayName() method. + } + + /** + * start receiving chunks from a file. This is the place where you can + * perform some initial step before starting encrypting/decrypting the + * chunks + * + * @param string $path to the file + * @param array $header contains the header data read from the file + * @param array $accessList who has access to the file contains the key 'users' and 'public' + * + * $return array $header contain data as key-value pairs which should be + * written to the header, in case of a write operation + * or if no additional data is needed return a empty array + */ + public function begin($path, $header, $accessList) { + // TODO: Implement begin() method. + } + + /** + * last chunk received. This is the place where you can perform some final + * operation and return some remaining data if something is left in your + * buffer. + * + * @param string $path to the file + * @return string remained data which should be written to the file in case + * of a write operation + */ + public function end($path) { + // TODO: Implement end() method. + } + + /** + * encrypt data + * + * @param string $data you want to encrypt + * @return mixed encrypted data + */ + public function encrypt($data) { + // Todo: xxx Update Signature and usages + $this->symmetricEncryptFileContent($data); + } + + /** + * decrypt data + * + * @param string $data you want to decrypt + * @param string $user decrypt as user (null for public access) + * @return mixed decrypted data + */ + public function decrypt($data, $user) { + // Todo: xxx Update Usages? + $this->symmetricDecryptFileContent($data, $user); + } + + /** + * update encrypted file, e.g. give additional users access to the file + * + * @param string $path path to the file which should be updated + * @param array $accessList who has access to the file contains the key 'users' and 'public' + * @return boolean + */ + public function update($path, $accessList) { + // TODO: Implement update() method. + } + + /** + * should the file be encrypted or not + * + * @param string $path + * @return boolean + */ + public function shouldEncrypt($path) { + // TODO: Implement shouldEncrypt() method. + } + + /** + * calculate unencrypted size + * + * @param string $path to file + * @return integer unencrypted size + */ + public function calculateUnencryptedSize($path) { + // TODO: Implement calculateUnencryptedSize() method. + } +} diff --git a/apps/encryption/lib/crypto/crypt.php b/apps/encryption/lib/crypto/crypt.php new file mode 100644 index 0000000000..8018f11a37 --- /dev/null +++ b/apps/encryption/lib/crypto/crypt.php @@ -0,0 +1,355 @@ + + * @since 2/19/15, 1:42 PM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + +namespace OCA\Encryption\Crypto; + + +use OC\Encryption\Exceptions\DecryptionFailedException; +use OC\Encryption\Exceptions\EncryptionFailedException; +use OC\Encryption\Exceptions\GenericEncryptionException; +use OCP\IConfig; +use OCP\ILogger; +use OCP\IUser; +use OCP\IUserSession; + +class Crypt { + + const ENCRYPTION_UKNOWN_ERROR = -1; + const ENCRYPTION_NOT_INIALIZED_ERROR = 1; + const ENCRYPTIION_PRIVATE_KEY_NOT_VALID_ERROR = 2; + const ENCRYPTION_NO_SHARE_KEY_FOUND = 3; + + const BLOCKSIZE = 8192; + const DEFAULT_CIPHER = 'AES-256-CFB'; + + const HEADERSTART = 'HBEGIN'; + const HEADEREND = 'HEND'; + /** + * @var ILogger + */ + private $logger; + /** + * @var IUser + */ + private $user; + /** + * @var IConfig + */ + private $config; + + /** + * @param ILogger $logger + * @param IUserSession $userSession + * @param IConfig $config + */ + public function __construct(ILogger $logger, IUserSession $userSession, IConfig $config) { + $this->logger = $logger; + $this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser() : false; + $this->config = $config; + } + + /** + * @param null $user + * @return string + */ + public function mode($user = null) { + return 'server'; + } + + /** + * + */ + public function createKeyPair() { + + $log = $this->logger; + $res = $this->getOpenSSLPKey(); + + if (!$res) { + $log->error("Encryption Library could'nt generate users key-pair for {$this->user->getUID()}", ['app' => 'encryption']); + + if (openssl_error_string()) { + $log->error('Encryption library openssl_pkey_new() fails: ' . openssl_error_string(), ['app' => 'encryption']); + } + } elseif (openssl_pkey_export($res, $privateKey, null, $this->getOpenSSLConfig())) { + $keyDetails = openssl_pkey_get_details($res); + $publicKey = $keyDetails['key']; + + return [ + 'publicKey' => $publicKey, + 'privateKey' => $privateKey + ]; + } + $log->error('Encryption library couldn\'t export users private key, please check your servers openSSL configuration.' . $user->getUID(), ['app' => 'encryption']); + if (openssl_error_string()) { + $log->error('Encryption Library:' . openssl_error_string(), ['app' => 'encryption']); + } + + return false; + } + + /** + * @return resource + */ + public function getOpenSSLPKey() { + $config = $this->getOpenSSLConfig(); + return openssl_pkey_new($config); + } + + /** + * @return array + */ + private function getOpenSSLConfig() { + $config = ['private_key_bits' => 4096]; + $config = array_merge(\OC::$server->getConfig()->getSystemValue('openssl', []), $config); + return $config; + } + + /** + * @param $plainContent + * @param $passphrase + * @return bool|string + * @throws GenericEncryptionException + */ + public function symmetricEncryptFileContent($plainContent, $passphrase) { + + if (!$plainContent) { + $this->logger->error('Encryption Library, symmetrical encryption failed no content given', ['app' => 'encryption']); + return false; + } + + $iv = $this->generateIv(); + + try { + $encryptedContent = $this->encrypt($plainContent, $iv, $passphrase, $this->getCipher()); + // combine content to encrypt the IV identifier and actual IV + $catFile = $this->concatIV($encryptedContent, $iv); + $padded = $this->addPadding($catFile); + + return $padded; + } catch (EncryptionFailedException $e) { + $message = 'Could not encrypt file content (code: ' . $e->getCode() . '): '; + $this->logger->error('files_encryption' . $message . $e->getMessage(), ['app' => 'encryption']); + return false; + } + + } + + /** + * @param $plainContent + * @param $iv + * @param string $passphrase + * @param string $cipher + * @return string + * @throws EncryptionFailedException + */ + private function encrypt($plainContent, $iv, $passphrase = '', $cipher = self::DEFAULT_CIPHER) { + $encryptedContent = openssl_encrypt($plainContent, $cipher, $passphrase, false, $iv); + + if (!$encryptedContent) { + $error = 'Encryption (symmetric) of content failed'; + $this->logger->error($error . openssl_error_string(), ['app' => 'encryption']); + throw new EncryptionFailedException($error); + } + + return $encryptedContent; + } + + /** + * @return mixed|string + */ + public function getCipher() { + $cipher = $this->config->getSystemValue('cipher', self::DEFAULT_CIPHER); + if ($cipher !== 'AES-256-CFB' || $cipher !== 'AES-128-CFB') { + $this->logger->warning('Wrong cipher defined in config.php only AES-128-CFB and AES-256-CFB are supported. Fall back' . self::DEFAULT_CIPHER, ['app' => 'encryption']); + $cipher = self::DEFAULT_CIPHER; + } + + return $cipher; + } + + /** + * @param $encryptedContent + * @param $iv + * @return string + */ + private function concatIV($encryptedContent, $iv) { + return $encryptedContent . '00iv00' . $iv; + } + + /** + * @param $data + * @return string + */ + private function addPadding($data) { + return $data . 'xx'; + } + + /** + * @param $recoveryKey + * @param $password + * @return bool|string + */ + public function decryptPrivateKey($recoveryKey, $password) { + + $header = $this->parseHeader($recoveryKey); + $cipher = $this->getCipher($header); + + // If we found a header we need to remove it from the key we want to decrypt + if (!empty($header)) { + $recoveryKey = substr($recoveryKey, strpos($recoveryKey, self::HEADEREND) + strlen(self::HEADERSTART)); + } + + $plainKey = $this->symmetricDecryptFileContent($recoveryKey, $password, $cipher); + + // Check if this is a valid private key + $res = openssl_get_privatekey($plainKey); + if (is_resource($res)) { + $sslInfo = openssl_pkey_get_details($res); + if (!isset($sslInfo['key'])) { + return false; + } + } else { + return false; + } + + return $plainKey; + } + + /** + * @param $keyFileContents + * @param string $passphrase + * @param string $cipher + * @return bool|string + * @throws DecryptionFailedException + */ + public function symmetricDecryptFileContent($keyFileContents, $passphrase = '', $cipher = self::DEFAULT_CIPHER) { + // Remove Padding + $noPadding = $this->removePadding($keyFileContents); + + $catFile = $this->splitIv($noPadding); + + $plainContent = $this->decrypt($catFile['encrypted'], $catFile['iv'], $passphrase, $cipher); + + if ($plainContent) { + return $plainContent; + } + + return false; + } + + /** + * @param $padded + * @return bool|string + */ + private function removePadding($padded) { + if (substr($padded, -2) === 'xx') { + return substr($padded, 0, -2); + } + return false; + } + + /** + * @param $catFile + * @return array + */ + private function splitIv($catFile) { + // Fetch encryption metadata from end of file + $meta = substr($catFile, -22); + + // Fetch IV from end of file + $iv = substr($meta, -16); + + // Remove IV and IV Identifier text to expose encrypted content + + $encrypted = substr($catFile, 0, -22); + + return [ + 'encrypted' => $encrypted, + 'iv' => $iv + ]; + } + + /** + * @param $encryptedContent + * @param $iv + * @param string $passphrase + * @param string $cipher + * @return string + * @throws DecryptionFailedException + */ + private function decrypt($encryptedContent, $iv, $passphrase = '', $cipher = self::DEFAULT_CIPHER) { + $plainContent = openssl_decrypt($encryptedContent, $cipher, $passphrase, false, $iv); + + if ($plainContent) { + return $plainContent; + } else { + throw new DecryptionFailedException('Encryption library: Decryption (symmetric) of content failed'); + } + } + + /** + * @param $data + * @return array + */ + private function parseHeader($data) { + $result = []; + + if (substr($data, 0, strlen(self::HEADERSTART)) === self::HEADERSTART) { + $endAt = strpos($data, self::HEADEREND); + $header = substr($data, 0, $endAt + strlen(self::HEADEREND)); + + // +1 not to start with an ':' which would result in empty element at the beginning + $exploded = explode(':', substr($header, strlen(self::HEADERSTART) + 1)); + + $element = array_shift($exploded); + + while ($element != self::HEADEREND) { + $result[$element] = array_shift($exploded); + $element = array_shift($exploded); + } + } + + return $result; + } + + /** + * @return string + * @throws GenericEncryptionException + */ + private function generateIv() { + $random = openssl_random_pseudo_bytes(12, $strong); + if ($random) { + if (!$strong) { + // If OpenSSL indicates randomness is insecure log error + $this->logger->error('Encryption Library: Insecure symmetric key was generated using openssl_random_psudo_bytes()', ['app' => 'encryption']); + } + + /* + * We encode the iv purely for string manipulation + * purposes -it gets decoded before use + */ + return base64_encode($random); + } + // If we ever get here we've failed anyway no need for an else + throw new GenericEncryptionException('Generating IV Failed'); + } +} + diff --git a/apps/encryption/lib/hookmanager.php b/apps/encryption/lib/hookmanager.php new file mode 100644 index 0000000000..a535230a6a --- /dev/null +++ b/apps/encryption/lib/hookmanager.php @@ -0,0 +1,64 @@ + + * @since 2/19/15, 10:13 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + +namespace OCA\Encryption; + + +use OCA\Encryption\Hooks\Contracts\IHook; + +class HookManager { + + private $hookInstances = []; + + /** + * @param array|IHook $instances + * - This accepts either a single instance of IHook or an array of instances of IHook + * @return bool + */ + public function registerHook($instances) { + if (is_array($instances)) { + foreach ($instances as $instance) { + if (!$instance instanceof IHook) { + return false; + } + $this->hookInstances[] = $instance; + return true; + } + + } + $this->hookInstances[] = $instances; + return true; + } + + /** + * + */ + public function fireHooks() { + foreach ($this->hookInstances as $instance) { + /** + * @var $instance IHook + */ + $instance->addHooks(); + } + + } + +} diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php new file mode 100644 index 0000000000..272bf0849c --- /dev/null +++ b/apps/encryption/lib/keymanager.php @@ -0,0 +1,217 @@ + + * @since 2/19/15, 1:20 PM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + +namespace OCA\Encryption; + + +use OC\Encryption\Exceptions\PrivateKeyMissingException; +use OC\Encryption\Exceptions\PublicKeyMissingException; +use OCA\Encryption\Crypto\Crypt; +use OCP\Encryption\IKeyStorage; +use OCP\IConfig; +use OCP\IUser; +use OCP\IUserSession; + +class KeyManager { + + /** + * @var IKeyStorage + */ + private $keyStorage; + + /** + * @var Crypt + */ + private $crypt; + /** + * @var string + */ + private $recoveryKeyId; + /** + * @var string + */ + private $publicShareKeyId; + /** + * @var string UserID + */ + private $keyId; + + /** + * @var string + */ + private $publicKeyId = '.public'; + /** + * @var string + */ + private $privateKeyId = '.private'; + /** + * @var IConfig + */ + private $config; + + /** + * @param IKeyStorage $keyStorage + * @param Crypt $crypt + * @param IConfig $config + * @param IUserSession $userSession + */ + public function __construct(IKeyStorage $keyStorage, Crypt $crypt, IConfig $config, IUserSession $userSession) { + + $this->keyStorage = $keyStorage; + $this->crypt = $crypt; + $this->config = $config; + $this->recoveryKeyId = $this->config->getAppValue('encryption', 'recoveryKeyId'); + $this->publicShareKeyId = $this->config->getAppValue('encryption', 'publicShareKeyId'); + $this->keyId = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false; + + } + + /** + * @param $userId + * @return mixed + * @throws PrivateKeyMissingException + */ + public function getPrivateKey($userId) { + $privateKey = $this->keyStorage->getUserKey($userId, $this->privateKeyId); + + if (strlen($privateKey) !== 0) { + return $privateKey; + } + throw new PrivateKeyMissingException(); + } + + /** + * @param $userId + * @return mixed + * @throws PublicKeyMissingException + */ + public function getPublicKey($userId) { + $publicKey = $this->keyStorage->getUserKey($userId, $this->publicKeyId); + + if (strlen($publicKey) !== 0) { + return $publicKey; + } + throw new PublicKeyMissingException(); + } + + /** + * @return bool + */ + public function recoveryKeyExists() { + return (strlen($this->keyStorage->getSystemUserKey($this->recoveryKeyId)) !== 0); + } + + /** + * @param $userId + * @return bool + */ + public function userHasKeys($userId) { + try { + $this->getPrivateKey($userId); + $this->getPublicKey($userId); + } catch (PrivateKeyMissingException $e) { + return false; + } catch (PublicKeyMissingException $e) { + return false; + } + return true; + } + + /** + * @param $password + * @return bool + */ + public function checkRecoveryPassword($password) { + $recoveryKey = $this->keyStorage->getSystemUserKey($this->recoveryKeyId); + $decryptedRecoveryKey = $this->crypt->decryptPrivateKey($recoveryKey, $password); + + if ($decryptedRecoveryKey) { + return true; + } + return false; + } + + /** + * @param $userId + * @param $key + * @return bool + */ + public function setPublicKey($userId, $key) { + return $this->keyStorage->setUserKey($userId, $this->publicKeyId, $key); + } + + /** + * @param $userId + * @param $key + * @return bool + */ + public function setPrivateKey($userId, $key) { + return $this->keyStorage->setUserKey($userId, $this->privateKeyId, $key); + } + + + /** + * @param $password + * @param $keyPair + * @return bool + */ + public function storeKeyPair($password, $keyPair) { + // Save Public Key + $this->setPublicKey($this->keyId, $keyPair['publicKey']); + + $encryptedKey = $this->crypt->symmetricEncryptFileContent($keyPair['privateKey'], $password); + + if ($encryptedKey) { + $this->setPrivateKey($this->keyId, $encryptedKey); + $this->config->setAppValue('encryption', 'recoveryAdminEnabled', 1); + return true; + } + return false; + } + + /** + * @return bool + */ + public function ready() { + return $this->keyStorage->ready(); + } + + + /** + * @return \OCP\ICache + * @throws PrivateKeyMissingException + */ + public function init() { + try { + $privateKey = $this->getPrivateKey($this->keyId); + } catch (PrivateKeyMissingException $e) { + return false; + } + + $cache = \OC::$server->getMemCacheFactory(); + + $cacheInstance = $cache->create('Encryption'); + $cacheInstance->set('privateKey', $privateKey); + + return $cacheInstance; + } + +} diff --git a/apps/encryption/lib/migrator.php b/apps/encryption/lib/migrator.php new file mode 100644 index 0000000000..8f7823cb1a --- /dev/null +++ b/apps/encryption/lib/migrator.php @@ -0,0 +1,123 @@ + + * @since 3/9/15, 2:44 PM + * @link http:/www.clarkt.com + * @copyright Clark Tomlinson © 2015 + * + */ + +namespace OCA\Encryption; + + +use OCA\Encryption\Crypto\Crypt; +use OCP\IConfig; +use OCP\ILogger; +use OCP\IUserManager; +use OCP\IUserSession; +use OCP\PreConditionNotMetException; + +class Migrator { + + /** + * @var bool + */ + private $status = false; + /** + * @var IUserManager + */ + private $user; + /** + * @var IConfig + */ + private $config; + /** + * @var string + */ + public static $migrationOpen = '0'; + /** + * @var string + */ + public static $migrationInProgress = '-1'; + /** + * @var string + */ + public static $migrationComplete = '1'; + /** + * @var IUserManager + */ + private $userManager; + /** + * @var ILogger + */ + private $log; + /** + * @var Crypt + */ + private $crypt; + + /** + * Migrator constructor. + * + * @param IUserSession $userSession + * @param IConfig $config + * @param IUserManager $userManager + * @param ILogger $log + * @param Crypt $crypt + */ + public function __construct(IUserSession $userSession, IConfig $config, IUserManager $userManager, ILogger $log, Crypt $crypt) { + $this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser() : false; + $this->config = $config; + $this->userManager = $userManager; + $this->log = $log; + $this->crypt = $crypt; + } + + /** + * @param $userId + * @return bool|string + */ + public function getStatus($userId) { + if ($this->userManager->userExists($userId)) { + $this->status = $this->config->getUserValue($userId, 'encryption', 'migrationStatus', false); + + if (!$this->status) { + $this->config->setUserValue($userId, 'encryption', 'migrationStatus', self::$migrationOpen); + $this->status = self::$migrationOpen; + } + } + + return $this->status; + } + + /** + * @return bool + */ + public function beginMigration() { + $status = $this->setMigrationStatus(self::$migrationInProgress, self::$migrationOpen); + + if ($status) { + $this->log->info('Encryption Library Start migration to encrypt for ' . $this->user->getUID()); + return $status; + } + $this->log->warning('Encryption Library Could not activate migration for ' . $this->user->getUID() . '. Probably another process already started the inital encryption'); + return $status; + } + + /** + * @param $status + * @param bool $preCondition + * @return bool + */ + private function setMigrationStatus($status, $preCondition = false) { + // Convert to string if preCondition is set + $preCondition = ($preCondition === false) ? false : (string)$preCondition; + + try { + $this->config->setUserValue($this->user->getUID(), 'encryption', 'migrationStatus', (string)$status, $preCondition); + return true; + } catch (PreConditionNotMetException $e) { + return false; + } + } +} diff --git a/apps/encryption/lib/recovery.php b/apps/encryption/lib/recovery.php new file mode 100644 index 0000000000..88350e96c5 --- /dev/null +++ b/apps/encryption/lib/recovery.php @@ -0,0 +1,134 @@ + + * @since 2/19/15, 11:45 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + +namespace OCA\Encryption; + + +use OC\Files\View; +use OCA\Encryption\Crypto\Crypt; +use OCP\Encryption\IKeyStorage; +use OCP\IConfig; +use OCP\IUser; +use OCP\Security\ISecureRandom; + +class Recovery { + + + /** + * @var null|IUser + */ + protected $user; + /** + * @var Crypt + */ + protected $crypt; + /** + * @var ISecureRandom + */ + private $random; + /** + * @var KeyManager + */ + private $keyManager; + /** + * @var IConfig + */ + private $config; + /** + * @var IEncryptionKeyStorage + */ + private $keyStorage; + + /** + * @param IUser $user + * @param Crypt $crypt + * @param ISecureRandom $random + * @param KeyManager $keyManager + * @param IConfig $config + * @param IKeyStorage $keyStorage + */ + public function __construct(IUser $user, + Crypt $crypt, + ISecureRandom $random, + KeyManager $keyManager, + IConfig $config, + IKeyStorage $keyStorage) { + $this->user = $user; + $this->crypt = $crypt; + $this->random = $random; + $this->keyManager = $keyManager; + $this->config = $config; + $this->keyStorage = $keyStorage; + } + + /** + * @param $recoveryKeyId + * @param $password + * @return bool + */ + public function enableAdminRecovery($recoveryKeyId, $password) { + $appConfig = $this->config; + + if ($recoveryKeyId === null) { + $recoveryKeyId = $this->random->getLowStrengthGenerator(); + $appConfig->setAppValue('encryption', 'recoveryKeyId', $recoveryKeyId); + } + + $keyManager = $this->keyManager; + + if (!$keyManager->recoveryKeyExists()) { + $keyPair = $this->crypt->createKeyPair(); + + return $this->keyManager->storeKeyPair($password, $keyPair); + } + + if ($keyManager->checkRecoveryPassword($password)) { + $appConfig->setAppValue('encryption', 'recoveryAdminEnabled', 1); + return true; + } + + return false; + } + + /** + * @param $recoveryPassword + * @return bool + */ + public function disableAdminRecovery($recoveryPassword) { + $keyManager = $this->keyManager; + + if ($keyManager->checkRecoveryPassword($recoveryPassword)) { + // Set recoveryAdmin as disabled + $this->config->setAppValue('encryption', 'recoveryAdminEnabled', 0); + return true; + } + return false; + } + + public function addRecoveryKeys($keyId) { + // No idea new way to do this.... + } + + public function removeRecoveryKeys() { + // No idea new way to do this.... + } + +} diff --git a/apps/encryption/lib/setup.php b/apps/encryption/lib/setup.php new file mode 100644 index 0000000000..cc8f00f0a4 --- /dev/null +++ b/apps/encryption/lib/setup.php @@ -0,0 +1,38 @@ + + * @since 3/6/15, 11:30 AM + * @link http:/www.clarkt.com + * @copyright Clark Tomlinson © 2015 + * + */ + +namespace OCA\Encryption; + + +use OCP\ILogger; +use OCP\IUser; +use OCP\IUserSession; + +class Setup { + /** + * @var ILogger + */ + protected $logger; + /** + * @var IUser + */ + protected $user; + + /** + * Setup constructor. + * + * @param ILogger $logger + * @param IUserSession $userSession + */ + public function __construct(ILogger $logger, IUserSession $userSession) { + $this->logger = $logger; + $this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false; + + } +} diff --git a/apps/encryption/lib/users/setup.php b/apps/encryption/lib/users/setup.php new file mode 100644 index 0000000000..123d6973be --- /dev/null +++ b/apps/encryption/lib/users/setup.php @@ -0,0 +1,63 @@ + + * @since 3/6/15, 11:36 AM + * @link http:/www.clarkt.com + * @copyright Clark Tomlinson © 2015 + * + */ + +namespace OCA\Encryption\Users; + + +use OCA\Encryption\Crypto\Crypt; +use OCA\Encryption\KeyManager; +use OCP\ILogger; +use OCP\IUserSession; + +class Setup extends \OCA\Encryption\Setup { + /** + * @var Crypt + */ + private $crypt; + /** + * @var KeyManager + */ + private $keyManager; + + + /** + * @param ILogger $logger + * @param IUserSession $userSession + * @param Crypt $crypt + * @param KeyManager $keyManager + */ + public function __construct(ILogger $logger, IUserSession $userSession, Crypt $crypt, KeyManager $keyManager) { + parent::__construct($logger, $userSession); + $this->crypt = $crypt; + $this->keyManager = $keyManager; + } + + /** + * @param $password + * @return bool + */ + public function setupUser($password) { + if ($this->keyManager->ready()) { + $this->logger->debug('Encryption Library: User Account ' . $this->user->getUID() . ' Is not ready for encryption; configuration started'); + return $this->setupServerSide($password); + } + } + + /** + * @param $password + * @return bool + */ + private function setupServerSide($password) { + // Check if user already has keys + if (!$this->keyManager->userHasKeys($this->user->getUID())) { + return $this->keyManager->storeKeyPair($password, $this->crypt->createKeyPair()); + } + return true; + } +} diff --git a/apps/encryption/settings/settings-admin.php b/apps/encryption/settings/settings-admin.php new file mode 100644 index 0000000000..0f5d56a373 --- /dev/null +++ b/apps/encryption/settings/settings-admin.php @@ -0,0 +1,24 @@ + + * This file is licensed under the Affero General Public License version 3 or + * later. + * See the COPYING-README file. + */ + +\OC_Util::checkAdminUser(); + +$tmpl = new OCP\Template('files_encryption', 'settings-admin'); + +// Check if an adminRecovery account is enabled for recovering files after lost pwd +$recoveryAdminEnabled = \OC::$server->getAppConfig()->getValue('files_encryption', 'recoveryAdminEnabled', '0'); +$session = new \OCA\Files_Encryption\Session(new \OC\Files\View('/')); +$initStatus = $session->getInitialized(); + +$tmpl->assign('recoveryEnabled', $recoveryAdminEnabled); +$tmpl->assign('initStatus', $initStatus); + +\OCP\Util::addscript('files_encryption', 'settings-admin'); +\OCP\Util::addscript('core', 'multiselect'); + +return $tmpl->fetchPage(); diff --git a/apps/encryption/settings/settings-personal.php b/apps/encryption/settings/settings-personal.php new file mode 100644 index 0000000000..fe2d846f50 --- /dev/null +++ b/apps/encryption/settings/settings-personal.php @@ -0,0 +1,41 @@ + + * This file is licensed under the Affero General Public License version 3 or + * later. + * See the COPYING-README file. + */ + +// Add CSS stylesheet +\OC_Util::addStyle('files_encryption', 'settings-personal'); + +$tmpl = new OCP\Template('files_encryption', 'settings-personal'); + +$user = \OCP\USER::getUser(); +$view = new \OC\Files\View('/'); +$util = new \OCA\Files_Encryption\Util($view, $user); +$session = new \OCA\Files_Encryption\Session($view); + +$privateKeySet = $session->getPrivateKey() !== false; +// did we tried to initialize the keys for this session? +$initialized = $session->getInitialized(); + +$recoveryAdminEnabled = \OC::$server->getAppConfig()->getValue('files_encryption', 'recoveryAdminEnabled'); +$recoveryEnabledForUser = $util->recoveryEnabledForUser(); + +$result = false; + +if ($recoveryAdminEnabled || !$privateKeySet) { + + \OCP\Util::addscript('files_encryption', 'settings-personal'); + + $tmpl->assign('recoveryEnabled', $recoveryAdminEnabled); + $tmpl->assign('recoveryEnabledForUser', $recoveryEnabledForUser); + $tmpl->assign('privateKeySet', $privateKeySet); + $tmpl->assign('initialized', $initialized); + + $result = $tmpl->fetchPage(); +} + +return $result; + diff --git a/apps/encryption/tests/lib/KeyManagerTest.php b/apps/encryption/tests/lib/KeyManagerTest.php new file mode 100644 index 0000000000..260e69a73b --- /dev/null +++ b/apps/encryption/tests/lib/KeyManagerTest.php @@ -0,0 +1,90 @@ + + * @since 3/5/15, 10:53 AM + * @link http:/www.clarkt.com + * @copyright Clark Tomlinson © 2015 + * + */ + +namespace OCA\Encryption\Tests; + + +use OCA\Encryption\KeyManager; +use Test\TestCase; + +class KeyManagerTest extends TestCase { + /** + * @var KeyManager + */ + private $instance; + /** + * @var + */ + private $userId; + /** + * @var + */ + private $dummyKeys; + + public function setUp() { + parent::setUp(); + $keyStorageMock = $this->getMock('OCP\Encryption\IKeyStorage'); + $cryptMock = $this->getMockBuilder('OCA\Encryption\Crypt') + ->disableOriginalConstructor() + ->getMock(); + $configMock = $this->getMock('OCP\IConfig'); + $userMock = $this->getMock('OCP\IUser'); + $userMock->expects($this->once()) + ->method('getUID') + ->will($this->returnValue('admin')); + $this->userId = 'admin'; + $this->instance = new KeyManager($keyStorageMock, $cryptMock, $configMock, $userMock); + + $this->dummyKeys = ['public' => 'randomweakpublickeyhere', + 'private' => 'randomweakprivatekeyhere']; + } + + /** + * @expectedException OC\Encryption\Exceptions\PrivateKeyMissingException + */ + public function testGetPrivateKey() { + $this->assertFalse($this->instance->getPrivateKey($this->userId)); + } + + /** + * @expectedException OC\Encryption\Exceptions\PublicKeyMissingException + */ + public function testGetPublicKey() { + $this->assertFalse($this->instance->getPublicKey($this->userId)); + } + + /** + * + */ + public function testRecoveryKeyExists() { + $this->assertFalse($this->instance->recoveryKeyExists()); + } + + /** + * + */ + public function testCheckRecoveryKeyPassword() { + $this->assertFalse($this->instance->checkRecoveryPassword('pass')); + } + + public function testSetPublicKey() { + + $this->assertTrue($this->instance->setPublicKey($this->userId, $this->dummyKeys['public'])); + } + + public function testSetPrivateKey() { + $this->assertTrue($this->instance->setPrivateKey($this->userId, $this->dummyKeys['private'])); + } + + public function testUserHasKeys() { + $this->assertFalse($this->instance->userHasKeys($this->userId)); + } + + +} diff --git a/apps/encryption/tests/lib/MigratorTest.php b/apps/encryption/tests/lib/MigratorTest.php new file mode 100644 index 0000000000..a9d57b3420 --- /dev/null +++ b/apps/encryption/tests/lib/MigratorTest.php @@ -0,0 +1,62 @@ + + * @since 3/9/15, 2:56 PM + * @link http:/www.clarkt.com + * @copyright Clark Tomlinson © 2015 + * + */ + +namespace OCA\Encryption\Tests; + + +use OCA\Encryption\Migrator; +use Test\TestCase; + +class MigratorTest extends TestCase { + + /** + * @var Migrator + */ + private $instance; + + /** + * + */ + public function testGetStatus() { + $this->assertFalse($this->instance->getStatus('admin')); + } + + /** + * + */ + public function testBeginMigration() { + $this->assertTrue($this->instance->beginMigration()); + } + + /** + * + */ + public function testSetMigrationStatus() { + $this->assertTrue(\Test_Helper::invokePrivate($this->instance, + 'setMigrationStatus', + ['0', '-1']) + ); + } + + /** + * + */ + protected function setUp() { + parent::setUp(); + + $cryptMock = $this->getMockBuilder('OCA\Encryption\Crypto\Crypt')->disableOriginalConstructor()->getMock(); + $this->instance = new Migrator($this->getMock('OCP\IUser'), + $this->getMock('OCP\IConfig'), + $this->getMock('OCP\IUserManager'), + $this->getMock('OCP\ILogger'), + $cryptMock); + } + + +} diff --git a/apps/encryption/tests/lib/RequirementsCheckerTest.php b/apps/encryption/tests/lib/RequirementsCheckerTest.php new file mode 100644 index 0000000000..97ddd76b75 --- /dev/null +++ b/apps/encryption/tests/lib/RequirementsCheckerTest.php @@ -0,0 +1,51 @@ + + * @since 3/6/15, 10:36 AM + * @link http:/www.clarkt.com + * @copyright Clark Tomlinson © 2015 + * + */ + +namespace OCA\Encryption\Tests; + + +use OCA\Encryption\RequirementsChecker; +use Test\TestCase; + +class RequirementsCheckerTest extends TestCase { + /** + * @var RequirementsChecker + */ + private $instance; + + /** + * + */ + protected function setUp() { + parent::setUp(); + $log = $this->getMock('OCP\ILogger'); + $crypt = $this->getMockBuilder('OCA\Encryption\Crypt') + ->disableOriginalConstructor() + ->getMock(); + $crypt + ->method('getOpenSSLPkey') + ->will($this->returnValue(true)); + $this->instance = new RequirementsChecker($crypt, $log); + } + + /** + * + */ + public function testCanCheckConfigration() { + $this->assertTrue($this->instance->checkConfiguration()); + } + + /** + * + */ + public function testCanCheckRequiredExtensions() { + $this->assertTrue($this->instance->checkExtensions()); + } + +} diff --git a/apps/files_encryption/lib/hooks.php b/apps/files_encryption/lib/hooks.php index 4a29ffaaed..536e512bdb 100644 --- a/apps/files_encryption/lib/hooks.php +++ b/apps/files_encryption/lib/hooks.php @@ -34,233 +34,7 @@ class Hooks { // file for which we want to delete the keys after the delete operation was successful private static $unmountedFiles = array(); - /** - * Startup encryption backend upon user login - * @note This method should never be called for users using client side encryption - */ - public static function login($params) { - if (\OCP\App::isEnabled('files_encryption') === false) { - return true; - } - - - $l = new \OC_L10N('files_encryption'); - - $view = new \OC\Files\View('/'); - - // ensure filesystem is loaded - if (!\OC\Files\Filesystem::$loaded) { - \OC_Util::setupFS($params['uid']); - } - - $privateKey = Keymanager::getPrivateKey($view, $params['uid']); - - // if no private key exists, check server configuration - if (!$privateKey) { - //check if all requirements are met - if (!Helper::checkRequirements() || !Helper::checkConfiguration()) { - $error_msg = $l->t("Missing requirements."); - $hint = $l->t('Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled.'); - \OC_App::disable('files_encryption'); - \OCP\Util::writeLog('Encryption library', $error_msg . ' ' . $hint, \OCP\Util::ERROR); - \OCP\Template::printErrorPage($error_msg, $hint); - } - } - - $util = new Util($view, $params['uid']); - - // setup user, if user not ready force relogin - if (Helper::setupUser($util, $params['password']) === false) { - return false; - } - - $session = $util->initEncryption($params); - - // Check if first-run file migration has already been performed - $ready = false; - $migrationStatus = $util->getMigrationStatus(); - if ($migrationStatus === Util::MIGRATION_OPEN && $session !== false) { - $ready = $util->beginMigration(); - } elseif ($migrationStatus === Util::MIGRATION_IN_PROGRESS) { - // refuse login as long as the initial encryption is running - sleep(5); - \OCP\User::logout(); - return false; - } - - $result = true; - - // If migration not yet done - if ($ready) { - - // Encrypt existing user files - try { - $result = $util->encryptAll('/' . $params['uid'] . '/' . 'files'); - } catch (\Exception $ex) { - \OCP\Util::writeLog('Encryption library', 'Initial encryption failed! Error: ' . $ex->getMessage(), \OCP\Util::FATAL); - $result = false; - } - - if ($result) { - \OC_Log::write( - 'Encryption library', 'Encryption of existing files belonging to "' . $params['uid'] . '" completed' - , \OC_Log::INFO - ); - // Register successful migration in DB - $util->finishMigration(); - } else { - \OCP\Util::writeLog('Encryption library', 'Initial encryption failed!', \OCP\Util::FATAL); - $util->resetMigrationStatus(); - \OCP\User::logout(); - } - } - - return $result; - } - - /** - * remove keys from session during logout - */ - public static function logout() { - $session = new Session(new \OC\Files\View()); - $session->removeKeys(); - } - - /** - * setup encryption backend upon user created - * @note This method should never be called for users using client side encryption - */ - public static function postCreateUser($params) { - - if (\OCP\App::isEnabled('files_encryption')) { - $view = new \OC\Files\View('/'); - $util = new Util($view, $params['uid']); - Helper::setupUser($util, $params['password']); - } - } - - /** - * cleanup encryption backend upon user deleted - * @note This method should never be called for users using client side encryption - */ - public static function postDeleteUser($params) { - - if (\OCP\App::isEnabled('files_encryption')) { - Keymanager::deletePublicKey(new \OC\Files\View(), $params['uid']); - } - } - - /** - * If the password can't be changed within ownCloud, than update the key password in advance. - */ - public static function preSetPassphrase($params) { - if (\OCP\App::isEnabled('files_encryption')) { - if ( ! \OC_User::canUserChangePassword($params['uid']) ) { - self::setPassphrase($params); - } - } - } - - /** - * Change a user's encryption passphrase - * @param array $params keys: uid, password - */ - public static function setPassphrase($params) { - if (\OCP\App::isEnabled('files_encryption') === false) { - return true; - } - - // Only attempt to change passphrase if server-side encryption - // is in use (client-side encryption does not have access to - // the necessary keys) - if (Crypt::mode() === 'server') { - - $view = new \OC\Files\View('/'); - $session = new Session($view); - - // Get existing decrypted private key - $privateKey = $session->getPrivateKey(); - - if ($params['uid'] === \OCP\User::getUser() && $privateKey) { - - // Encrypt private key with new user pwd as passphrase - $encryptedPrivateKey = Crypt::symmetricEncryptFileContent($privateKey, $params['password'], Helper::getCipher()); - - // Save private key - if ($encryptedPrivateKey) { - Keymanager::setPrivateKey($encryptedPrivateKey, \OCP\User::getUser()); - } else { - \OCP\Util::writeLog('files_encryption', 'Could not update users encryption password', \OCP\Util::ERROR); - } - - // NOTE: Session does not need to be updated as the - // private key has not changed, only the passphrase - // used to decrypt it has changed - - - } else { // admin changed the password for a different user, create new keys and reencrypt file keys - - $user = $params['uid']; - $util = new Util($view, $user); - $recoveryPassword = isset($params['recoveryPassword']) ? $params['recoveryPassword'] : null; - - // we generate new keys if... - // ...we have a recovery password and the user enabled the recovery key - // ...encryption was activated for the first time (no keys exists) - // ...the user doesn't have any files - if (($util->recoveryEnabledForUser() && $recoveryPassword) - || !$util->userKeysExists() - || !$view->file_exists($user . '/files')) { - - // backup old keys - $util->backupAllKeys('recovery'); - - $newUserPassword = $params['password']; - - // make sure that the users home is mounted - \OC\Files\Filesystem::initMountPoints($user); - - $keypair = Crypt::createKeypair(); - - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // Save public key - Keymanager::setPublicKey($keypair['publicKey'], $user); - - // Encrypt private key with new password - $encryptedKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], $newUserPassword, Helper::getCipher()); - if ($encryptedKey) { - Keymanager::setPrivateKey($encryptedKey, $user); - - if ($recoveryPassword) { // if recovery key is set we can re-encrypt the key files - $util = new Util($view, $user); - $util->recoverUsersFiles($recoveryPassword); - } - } else { - \OCP\Util::writeLog('files_encryption', 'Could not update users encryption password', \OCP\Util::ERROR); - } - - \OC_FileProxy::$enabled = $proxyStatus; - } - } - } - } - - /** - * after password reset we create a new key pair for the user - * - * @param array $params - */ - public static function postPasswordReset($params) { - $uid = $params['uid']; - $password = $params['password']; - - $util = new Util(new \OC\Files\View(), $uid); - $util->replaceUserKeys($password); - } /* * check if files can be encrypted to every user. diff --git a/lib/private/encryption/exceptions/decryptionfailedexception.php b/lib/private/encryption/exceptions/decryptionfailedexception.php new file mode 100644 index 0000000000..43fea90fed --- /dev/null +++ b/lib/private/encryption/exceptions/decryptionfailedexception.php @@ -0,0 +1,28 @@ + + * @since 2/25/15, 9:38 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + + +namespace OC\Encryption\Exceptions; + + +class DecryptionFailedException extends GenericEncryptionException { + +} diff --git a/lib/private/encryption/exceptions/emptyencryptiondataexception.php b/lib/private/encryption/exceptions/emptyencryptiondataexception.php new file mode 100644 index 0000000000..ea18180985 --- /dev/null +++ b/lib/private/encryption/exceptions/emptyencryptiondataexception.php @@ -0,0 +1,28 @@ + + * @since 2/25/15, 9:38 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + + +namespace OC\Encryption\Exceptions; + + +class EmptyEncryptionDataException extends GenericEncryptionException{ + +} diff --git a/lib/private/encryption/exceptions/encryptionfailedexception.php b/lib/private/encryption/exceptions/encryptionfailedexception.php new file mode 100644 index 0000000000..9e6648f7bf --- /dev/null +++ b/lib/private/encryption/exceptions/encryptionfailedexception.php @@ -0,0 +1,28 @@ + + * @since 2/25/15, 9:37 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + + +namespace OC\Encryption\Exceptions; + + +class EncryptionFailedException extends GenericEncryptionException{ + +} diff --git a/lib/private/encryption/exceptions/encryptionheadertolargeexception.php b/lib/private/encryption/exceptions/encryptionheadertolargeexception.php new file mode 100644 index 0000000000..cc980aa4be --- /dev/null +++ b/lib/private/encryption/exceptions/encryptionheadertolargeexception.php @@ -0,0 +1,28 @@ + + * @since 2/25/15, 9:35 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + + +namespace OC\Encryption\Exceptions; + + +class EncryptionHeaderToLargeException extends GenericEncryptionException { + +} diff --git a/lib/private/encryption/exceptions/genericencryptionexception.php b/lib/private/encryption/exceptions/genericencryptionexception.php new file mode 100644 index 0000000000..608e5e6010 --- /dev/null +++ b/lib/private/encryption/exceptions/genericencryptionexception.php @@ -0,0 +1,27 @@ + + * @since 2/25/15, 9:30 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + +namespace OC\Encryption\Exceptions; + + +class GenericEncryptionException extends \Exception { + +} diff --git a/lib/private/encryption/exceptions/privatekeymissingexception.php b/lib/private/encryption/exceptions/privatekeymissingexception.php new file mode 100644 index 0000000000..878b83d240 --- /dev/null +++ b/lib/private/encryption/exceptions/privatekeymissingexception.php @@ -0,0 +1,28 @@ + + * @since 2/25/15, 9:39 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + + +namespace OC\Encryption\Exceptions; + + +class PrivateKeyMissingException extends GenericEncryptionException{ + +} diff --git a/lib/private/encryption/exceptions/publickeymissingexception.php b/lib/private/encryption/exceptions/publickeymissingexception.php new file mode 100644 index 0000000000..d5f2aae42c --- /dev/null +++ b/lib/private/encryption/exceptions/publickeymissingexception.php @@ -0,0 +1,28 @@ + + * @since 2/25/15, 9:39 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + + +namespace OC\Encryption\Exceptions; + + +class PublicKeyMissingException extends GenericEncryptionException { + +} diff --git a/lib/private/encryption/exceptions/unexpectedblocksizeexception.php b/lib/private/encryption/exceptions/unexpectedblocksizeexception.php new file mode 100644 index 0000000000..799d08e6ba --- /dev/null +++ b/lib/private/encryption/exceptions/unexpectedblocksizeexception.php @@ -0,0 +1,28 @@ + + * @since 2/25/15, 9:35 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + + +namespace OC\Encryption\Exceptions; + + +interface UnexpectedBlockSize { + +} diff --git a/lib/private/encryption/exceptions/unexpectedendofencryptionheaderexception.php b/lib/private/encryption/exceptions/unexpectedendofencryptionheaderexception.php new file mode 100644 index 0000000000..04f65cf762 --- /dev/null +++ b/lib/private/encryption/exceptions/unexpectedendofencryptionheaderexception.php @@ -0,0 +1,28 @@ + + * @since 2/25/15, 9:34 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + + +namespace OC\Encryption\Exceptions; + + +class UnexpectedEndOfEncryptionHeaderException extends GenericEncryptionException { + +} diff --git a/lib/private/encryption/exceptions/unknowncipherexception.php b/lib/private/encryption/exceptions/unknowncipherexception.php new file mode 100644 index 0000000000..5177af6106 --- /dev/null +++ b/lib/private/encryption/exceptions/unknowncipherexception.php @@ -0,0 +1,28 @@ + + * @since 2/25/15, 9:36 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + + +namespace OC\Encryption\Exceptions; + + +class UnknownCipherException extends GenericEncryptionException{ + +} diff --git a/lib/private/encryption/keystorage.php b/lib/private/encryption/keystorage.php index 5b56f6af4e..fbc427edf0 100644 --- a/lib/private/encryption/keystorage.php +++ b/lib/private/encryption/keystorage.php @@ -23,25 +23,29 @@ namespace OC\Encryption; +use OC\Encryption\Util; +use OC\Files\View; +use OCA\Files_Encryption\Exception\EncryptionException; + class KeyStorage implements \OCP\Encryption\IKeyStorage { - /** @var \OC\Files\View */ + /** @var View */ private $view; - /** @var \OC\Encryption\Util */ + /** @var Util */ private $util; // base dir where all the file related keys are stored private static $keys_base_dir = '/files_encryption/keys/'; private static $encryption_base_dir = '/files_encryption'; - private static $key_cache = array(); // cache keys + private $keyCache = array(); /** - * @param \OC\Files\View $view - * @param \OC\Encryption\Util $util + * @param View $view + * @param Util $util */ - public function __construct(\OC\Files\View $view, \OC\Encryption\Util $util) { + public function __construct(View $view, Util $util) { $this->view = $view; $this->util = $util; } @@ -50,14 +54,13 @@ class KeyStorage implements \OCP\Encryption\IKeyStorage { * get user specific key * * @param string $uid ID if the user for whom we want the key - * @param string $keyid id of the key + * @param string $keyId id of the key * * @return mixed key */ - public function getUserKey($uid, $keyid) { - $path = '/' . $uid . self::$encryption_base_dir . '/' . $uid . '.' . $keyid; + public function getUserKey($uid, $keyId) { + $path = '/' . $uid . self::$encryption_base_dir . '/' . $uid . '.' . $keyId; return $this->getKey($path); - } /** @@ -135,8 +138,8 @@ class KeyStorage implements \OCP\Encryption\IKeyStorage { $key = ''; - if (isset(self::$key_cache[$path])) { - $key = self::$key_cache[$path]; + if (isset($this->keyCache[$path])) { + $key = $this->keyCache[$path]; } else { /** @var \OCP\Files\Storage $storage */ @@ -144,7 +147,7 @@ class KeyStorage implements \OCP\Encryption\IKeyStorage { if ($storage->file_exists($internalPath)) { $key = $storage->file_get_contents($internalPath); - self::$key_cache[$path] = $key; + $this->keyCache[$path] = $key; } } @@ -168,7 +171,7 @@ class KeyStorage implements \OCP\Encryption\IKeyStorage { $result = $storage->file_put_contents($internalPath, $key); if (is_int($result) && $result > 0) { - self::$key_cache[$path] = $key; + $this->keyCache[$path] = $key; return true; } @@ -180,11 +183,16 @@ class KeyStorage implements \OCP\Encryption\IKeyStorage { * * @param string $path path to the file, relative to the users file directory * @return string + * @throws EncryptionException + * @internal param string $keyId */ private function getFileKeyDir($path) { + // + // TODO: NO DEPRICATED API !!! + // if ($this->view->is_dir('/' . \OCP\User::getUser() . '/' . $path)) { - throw new Exception\EncryptionException('file was expected but directoy was given', Exception\EncryptionException::GENERIC); + throw new EncryptionException('file was expected but directory was given', EncryptionException::GENERIC); } list($owner, $filename) = $this->util->getUidAndFilename($path); @@ -220,4 +228,23 @@ class KeyStorage implements \OCP\Encryption\IKeyStorage { } } + /** + * Check if encryption system is ready to begin encrypting + * all the things + * + * @return bool + */ + public function ready() { + $paths = [ + self::$encryption_base_dir, + self::$keys_base_dir + ]; + foreach ($paths as $path) { + if (!$this->view->file_exists($path)) { + return false; + } + } + return true; + } + } diff --git a/lib/public/encryption/ikeystorage.php b/lib/public/encryption/ikeystorage.php index cf94d56e59..2ab5048709 100644 --- a/lib/public/encryption/ikeystorage.php +++ b/lib/public/encryption/ikeystorage.php @@ -29,59 +29,65 @@ interface IKeyStorage { * get user specific key * * @param string $uid ID if the user for whom we want the key - * @param string $keyid id of the key + * @param string $keyId id of the key * * @return mixed key */ - public function getUserKey($uid, $keyid); + public function getUserKey($uid, $keyId); /** * get file specific key * * @param string $path path to file - * @param string $keyid id of the key + * @param string $keyId id of the key * * @return mixed key */ - public function getFileKey($path, $keyid); + public function getFileKey($path, $keyId); /** * get system-wide encryption keys not related to a specific user, * e.g something like a key for public link shares * - * @param string $keyid id of the key + * @param string $keyId id of the key * * @return mixed key */ - public function getSystemUserKey($uid, $keyid); + public function getSystemUserKey($keyId); /** * set user specific key * * @param string $uid ID if the user for whom we want the key - * @param string $keyid id of the key + * @param string $keyId id of the key * @param mixed $key */ - public function setUserKey($uid, $keyid, $key); + public function setUserKey($uid, $keyId, $key); /** * set file specific key * * @param string $path path to file - * @param string $keyid id of the key + * @param string $keyId id of the key * @param mixed $key */ - public function setFileKey($path, $keyid, $key); + public function setFileKey($path, $keyId, $key); /** * set system-wide encryption keys not related to a specific user, * e.g something like a key for public link shares * - * @param string $keyid id of the key + * @param string $keyId id of the key * @param mixed $key * * @return mixed key */ - public function setSystemUserKey($uid, $keyid, $key); + public function setSystemUserKey($keyId, $key); + /** + * Return if encryption is setup and ready encrypt things + * + * @return bool + */ + public function ready(); } diff --git a/tests/lib/encryption/managertest.php b/tests/lib/encryption/managertest.php index ab297bae0c..5a0efa37b3 100644 --- a/tests/lib/encryption/managertest.php +++ b/tests/lib/encryption/managertest.php @@ -111,4 +111,62 @@ class ManagerTest extends TestCase { $en0 = $m->getEncryptionModule(0); $this->assertEquals(0, $en0->getId()); } + + /** + * @expectedException \OC\Encryption\Exceptions\ModuleAlreadyExistsException + * @expectedExceptionMessage At the moment it is not allowed to register more than one encryption module + */ + public function testModuleRegistration() { + $config = $this->getMock('\OCP\IConfig'); + $config->expects($this->any())->method('getSystemValue')->willReturn(true); + $em = $this->getMock('\OCP\Encryption\IEncryptionModule'); + $em->expects($this->any())->method('getId')->willReturn(0); + $em->expects($this->any())->method('getDisplayName')->willReturn('TestDummyModule0'); + $m = new Manager($config); + $m->registerEncryptionModule($em); + $this->assertTrue($m->isEnabled()); + $m->registerEncryptionModule($em); + } + + public function testModuleUnRegistration() { + $config = $this->getMock('\OCP\IConfig'); + $config->expects($this->any())->method('getSystemValue')->willReturn(true); + $em = $this->getMock('\OCP\Encryption\IEncryptionModule'); + $em->expects($this->any())->method('getId')->willReturn(0); + $em->expects($this->any())->method('getDisplayName')->willReturn('TestDummyModule0'); + $m = new Manager($config); + $m->registerEncryptionModule($em); + $this->assertTrue($m->isEnabled()); + $m->unregisterEncryptionModule($em); + $this->assertFalse($m->isEnabled()); + } + + /** + * @expectedException \OC\Encryption\Exceptions\ModuleDoesNotExistsException + * @expectedExceptionMessage Module with id: unknown does not exists. + */ + public function testGetEncryptionModuleUnknown() { + $config = $this->getMock('\OCP\IConfig'); + $config->expects($this->any())->method('getSystemValue')->willReturn(true); + $em = $this->getMock('\OCP\Encryption\IEncryptionModule'); + $em->expects($this->any())->method('getId')->willReturn(0); + $em->expects($this->any())->method('getDisplayName')->willReturn('TestDummyModule0'); + $m = new Manager($config); + $m->registerEncryptionModule($em); + $this->assertTrue($m->isEnabled()); + $m->getEncryptionModule('unknown'); + } + + public function testGetEncryptionModule() { + $config = $this->getMock('\OCP\IConfig'); + $config->expects($this->any())->method('getSystemValue')->willReturn(true); + $em = $this->getMock('\OCP\Encryption\IEncryptionModule'); + $em->expects($this->any())->method('getId')->willReturn(0); + $em->expects($this->any())->method('getDisplayName')->willReturn('TestDummyModule0'); + $m = new Manager($config); + $m->registerEncryptionModule($em); + $this->assertTrue($m->isEnabled()); + $en0 = $m->getEncryptionModule(0); + $this->assertEquals(0, $en0->getId()); + } } From 5bc9ababeb06c3e901b7d11b8c2c1d44865d3339 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Tue, 17 Mar 2015 13:11:38 +0100 Subject: [PATCH 003/119] fix keystorage and add unit tests --- lib/private/encryption/keys/storage.php | 105 +--------- lib/private/encryption/keystorage.php | 250 ------------------------ lib/public/encryption/ikeystorage.php | 93 --------- lib/public/encryption/keys/istorage.php | 2 +- 4 files changed, 9 insertions(+), 441 deletions(-) delete mode 100644 lib/private/encryption/keystorage.php delete mode 100644 lib/public/encryption/ikeystorage.php diff --git a/lib/private/encryption/keys/storage.php b/lib/private/encryption/keys/storage.php index 041db2a2cb..fba86e1737 100644 --- a/lib/private/encryption/keys/storage.php +++ b/lib/private/encryption/keys/storage.php @@ -67,7 +67,8 @@ class Storage implements \OCP\Encryption\Keys\IStorage { * @return mixed key */ public function getUserKey($uid, $keyId) { - $path = $this->constructUserKeyPath($keyId, $uid); + $path = '/' . $uid . $this->encryption_base_dir . '/' + . $this->encryptionModuleId . '/' . $uid . '.' . $keyId; return $this->getKey($path); } @@ -93,7 +94,7 @@ class Storage implements \OCP\Encryption\Keys\IStorage { * @return mixed key */ public function getSystemUserKey($keyId) { - $path = $this->constructUserKeyPath($keyId); + $path = $this->encryption_base_dir . '/' . $this->encryptionModuleId . '/' . $keyId; return $this->getKey($path); } @@ -105,7 +106,8 @@ class Storage implements \OCP\Encryption\Keys\IStorage { * @param mixed $key */ public function setUserKey($uid, $keyId, $key) { - $path = $this->constructUserKeyPath($keyId, $uid); + $path = '/' . $uid . $this->encryption_base_dir . '/' + . $this->encryptionModuleId . '/' . $uid . '.' . $keyId; return $this->setKey($path, $key); } @@ -114,7 +116,7 @@ class Storage implements \OCP\Encryption\Keys\IStorage { * * @param string $path path to file * @param string $keyId id of the key - * @param boolean + * @param mixed $key */ public function setFileKey($path, $keyId, $key) { $keyDir = $this->getFileKeyDir($path); @@ -131,79 +133,11 @@ class Storage implements \OCP\Encryption\Keys\IStorage { * @return mixed key */ public function setSystemUserKey($keyId, $key) { - $path = $this->constructUserKeyPath($keyId); + $path = $this->encryption_base_dir . '/' + . $this->encryptionModuleId . '/' . $keyId; return $this->setKey($path, $key); } - /** - * delete user specific key - * - * @param string $uid ID if the user for whom we want to delete the key - * @param string $keyId id of the key - * - * @return boolean - */ - public function deleteUserKey($uid, $keyId) { - $path = $this->constructUserKeyPath($keyId, $uid); - return $this->view->unlink($path); - } - - /** - * delete file specific key - * - * @param string $path path to file - * @param string $keyId id of the key - * - * @return boolean - */ - public function deleteFileKey($path, $keyId) { - $keyDir = $this->getFileKeyDir($path); - return $this->view->unlink($keyDir . $keyId); - } - - /** - * delete all file keys for a given file - * - * @param string $path to the file - * @return boolean - */ - public function deleteAllFileKeys($path) { - $keyDir = $this->getFileKeyDir($path); - return $this->view->deleteAll(dirname($keyDir)); - } - - /** - * delete system-wide encryption keys not related to a specific user, - * e.g something like a key for public link shares - * - * @param string $keyId id of the key - * - * @return boolean - */ - public function deleteSystemUserKey($keyId) { - $path = $this->constructUserKeyPath($keyId); - return $this->view->unlink($path); - } - - - /** - * construct path to users key - * - * @param string $keyId - * @param string $uid - * @return string - */ - protected function constructUserKeyPath($keyId, $uid = null) { - - if ($uid === null) { - $path = $this->encryption_base_dir . '/' . $this->encryptionModuleId . '/' . $keyId; - } else { - $path = '/' . $uid . $this->encryption_base_dir . '/' - . $this->encryptionModuleId . '/' . $uid . '.' . $keyId; - } - - return $path; - } /** * read key from hard disk @@ -275,29 +209,6 @@ class Storage implements \OCP\Encryption\Keys\IStorage { return \OC\Files\Filesystem::normalizePath($keyPath . $this->encryptionModuleId . '/', false); } - /** - * move keys if a file was renamed - * - * @param string $source - * @param string $target - * @param string $owner - * @param bool $systemWide - */ - public function renameKeys($source, $target, $owner, $systemWide) { - if ($systemWide) { - $sourcePath = $this->keys_base_dir . $source . '/'; - $targetPath = $this->keys_base_dir . $target . '/'; - } else { - $sourcePath = '/' . $owner . $this->keys_base_dir . $source . '/'; - $targetPath = '/' . $owner . $this->keys_base_dir . $target . '/'; - } - - if ($this->view->file_exists($sourcePath)) { - $this->keySetPreparation(dirname($targetPath)); - $this->view->rename($sourcePath, $targetPath); - } - } - /** * Make preparations to filesystem for saving a keyfile * diff --git a/lib/private/encryption/keystorage.php b/lib/private/encryption/keystorage.php deleted file mode 100644 index fbc427edf0..0000000000 --- a/lib/private/encryption/keystorage.php +++ /dev/null @@ -1,250 +0,0 @@ - - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE - * License as published by the Free Software Foundation; either - * version 3 of the License, or any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU AFFERO GENERAL PUBLIC LICENSE for more details. - * - * You should have received a copy of the GNU Affero General Public - * License along with this library. If not, see . - */ - -namespace OC\Encryption; - -use OC\Encryption\Util; -use OC\Files\View; -use OCA\Files_Encryption\Exception\EncryptionException; - -class KeyStorage implements \OCP\Encryption\IKeyStorage { - - /** @var View */ - private $view; - - /** @var Util */ - private $util; - - // base dir where all the file related keys are stored - private static $keys_base_dir = '/files_encryption/keys/'; - private static $encryption_base_dir = '/files_encryption'; - - private $keyCache = array(); - - /** - * @param View $view - * @param Util $util - */ - public function __construct(View $view, Util $util) { - $this->view = $view; - $this->util = $util; - } - - /** - * get user specific key - * - * @param string $uid ID if the user for whom we want the key - * @param string $keyId id of the key - * - * @return mixed key - */ - public function getUserKey($uid, $keyId) { - $path = '/' . $uid . self::$encryption_base_dir . '/' . $uid . '.' . $keyId; - return $this->getKey($path); - } - - /** - * get file specific key - * - * @param string $path path to file - * @param string $keyId id of the key - * - * @return mixed key - */ - public function getFileKey($path, $keyId) { - $keyDir = $this->getFileKeyDir($path); - return $this->getKey($keyDir . $keyId); - } - - /** - * get system-wide encryption keys not related to a specific user, - * e.g something like a key for public link shares - * - * @param string $keyId id of the key - * - * @return mixed key - */ - public function getSystemUserKey($keyId) { - $path = '/' . self::$encryption_base_dir . '/' . $keyId; - return $this->getKey($path); - } - - /** - * set user specific key - * - * @param string $uid ID if the user for whom we want the key - * @param string $keyId id of the key - * @param mixed $key - */ - public function setUserKey($uid, $keyId, $key) { - $path = '/' . $uid . self::$encryption_base_dir . '/' . $uid . '.' . $keyId; - return $this->setKey($path, $key); - } - - /** - * set file specific key - * - * @param string $path path to file - * @param string $keyId id of the key - * @param mixed $key - */ - public function setFileKey($path, $keyId, $key) { - $keyDir = $this->getFileKeyDir($path); - return $this->setKey($keyDir . $keyId, $key); - } - - /** - * set system-wide encryption keys not related to a specific user, - * e.g something like a key for public link shares - * - * @param string $keyId id of the key - * @param mixed $key - * - * @return mixed key - */ - public function setSystemUserKey($keyId, $key) { - $path = '/' . self::$encryption_base_dir . '/' . $keyId; - return $this->setKey($path, $key); - } - - - /** - * read key from hard disk - * - * @param string $path to key - * @return string - */ - private function getKey($path) { - - $key = ''; - - if (isset($this->keyCache[$path])) { - $key = $this->keyCache[$path]; - } else { - - /** @var \OCP\Files\Storage $storage */ - list($storage, $internalPath) = $this->view->resolvePath($path); - - if ($storage->file_exists($internalPath)) { - $key = $storage->file_get_contents($internalPath); - $this->keyCache[$path] = $key; - } - - } - - return $key; - } - - /** - * write key to disk - * - * - * @param string $path path to key directory - * @param string $key key - * @return bool - */ - private function setKey($path, $key) { - $this->keySetPreparation(dirname($path)); - - /** @var \OCP\Files\Storage $storage */ - list($storage, $internalPath) = \OC\Files\Filesystem::resolvePath($path); - $result = $storage->file_put_contents($internalPath, $key); - - if (is_int($result) && $result > 0) { - $this->keyCache[$path] = $key; - return true; - } - - return false; - } - - /** - * get path to key folder for a given file - * - * @param string $path path to the file, relative to the users file directory - * @return string - * @throws EncryptionException - * @internal param string $keyId - */ - private function getFileKeyDir($path) { - - // - // TODO: NO DEPRICATED API !!! - // - if ($this->view->is_dir('/' . \OCP\User::getUser() . '/' . $path)) { - throw new EncryptionException('file was expected but directory was given', EncryptionException::GENERIC); - } - - list($owner, $filename) = $this->util->getUidAndFilename($path); - $filename = $this->util->stripPartialFileExtension($filename); - $filePath_f = ltrim($filename, '/'); - - // in case of system wide mount points the keys are stored directly in the data directory - if ($this->util->isSystemWideMountPoint($filename)) { - $keyPath = self::$keys_base_dir . $filePath_f . '/'; - } else { - $keyPath = '/' . $owner . self::$keys_base_dir . $filePath_f . '/'; - } - - return $keyPath; - } - - /** - * Make preparations to filesystem for saving a keyfile - * - * @param string $path relative to the views root - */ - protected function keySetPreparation($path) { - // If the file resides within a subdirectory, create it - if (!$this->view->file_exists($path)) { - $sub_dirs = explode('/', $path); - $dir = ''; - foreach ($sub_dirs as $sub_dir) { - $dir .= '/' . $sub_dir; - if (!$this->view->is_dir($dir)) { - $this->view->mkdir($dir); - } - } - } - } - - /** - * Check if encryption system is ready to begin encrypting - * all the things - * - * @return bool - */ - public function ready() { - $paths = [ - self::$encryption_base_dir, - self::$keys_base_dir - ]; - foreach ($paths as $path) { - if (!$this->view->file_exists($path)) { - return false; - } - } - return true; - } - -} diff --git a/lib/public/encryption/ikeystorage.php b/lib/public/encryption/ikeystorage.php deleted file mode 100644 index 2ab5048709..0000000000 --- a/lib/public/encryption/ikeystorage.php +++ /dev/null @@ -1,93 +0,0 @@ - - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE - * License as published by the Free Software Foundation; either - * version 3 of the License, or any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU AFFERO GENERAL PUBLIC LICENSE for more details. - * - * You should have received a copy of the GNU Affero General Public - * License along with this library. If not, see . - */ - -namespace OCP\Encryption; - -interface IKeyStorage { - - /** - * get user specific key - * - * @param string $uid ID if the user for whom we want the key - * @param string $keyId id of the key - * - * @return mixed key - */ - public function getUserKey($uid, $keyId); - - /** - * get file specific key - * - * @param string $path path to file - * @param string $keyId id of the key - * - * @return mixed key - */ - public function getFileKey($path, $keyId); - - /** - * get system-wide encryption keys not related to a specific user, - * e.g something like a key for public link shares - * - * @param string $keyId id of the key - * - * @return mixed key - */ - public function getSystemUserKey($keyId); - - /** - * set user specific key - * - * @param string $uid ID if the user for whom we want the key - * @param string $keyId id of the key - * @param mixed $key - */ - public function setUserKey($uid, $keyId, $key); - - /** - * set file specific key - * - * @param string $path path to file - * @param string $keyId id of the key - * @param mixed $key - */ - public function setFileKey($path, $keyId, $key); - - /** - * set system-wide encryption keys not related to a specific user, - * e.g something like a key for public link shares - * - * @param string $keyId id of the key - * @param mixed $key - * - * @return mixed key - */ - public function setSystemUserKey($keyId, $key); - - /** - * Return if encryption is setup and ready encrypt things - * - * @return bool - */ - public function ready(); -} diff --git a/lib/public/encryption/keys/istorage.php b/lib/public/encryption/keys/istorage.php index 4c2b01f4ad..c4c970804e 100644 --- a/lib/public/encryption/keys/istorage.php +++ b/lib/public/encryption/keys/istorage.php @@ -69,7 +69,7 @@ interface IStorage { * * @param string $path path to file * @param string $keyId id of the key - * @param boolean + * @param mixed $key */ public function setFileKey($path, $keyId, $key); From e2f714263f50a27ed0894710faead3e9f9d1d9d6 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Wed, 18 Mar 2015 10:58:02 +0100 Subject: [PATCH 004/119] fix encryption manager to handle more than one encryption module --- lib/private/encryption/manager.php | 24 ++++++++++++++++++------ tests/lib/encryption/managertest.php | 2 +- 2 files changed, 19 insertions(+), 7 deletions(-) diff --git a/lib/private/encryption/manager.php b/lib/private/encryption/manager.php index 5164025239..fa50d32218 100644 --- a/lib/private/encryption/manager.php +++ b/lib/private/encryption/manager.php @@ -106,12 +106,24 @@ class Manager implements \OCP\Encryption\IManager { * @return IEncryptionModule * @throws Exceptions\ModuleDoesNotExistsException */ - public function getEncryptionModule($moduleId) { - if (isset($this->encryptionModules[$moduleId])) { - return $this->encryptionModules[$moduleId]; - } else { - $message = "Module with id: $moduleId does not exists."; - throw new Exceptions\ModuleDoesNotExistsException($message); + public function getEncryptionModule($moduleId = '') { + if (!empty($moduleId)) { + if (isset($this->encryptionModules[$moduleId])) { + return $this->encryptionModules[$moduleId]; + } else { + $message = "Module with id: $moduleId does not exists."; + throw new Exceptions\ModuleDoesNotExistsException($message); + } + } else { // get default module and return this + // For now we simply return the first module until we have a way + // to enable multiple modules and define a default module + $module = reset($this->encryptionModules); + if ($module) { + return $module; + } else { + $message = 'No encryption module registered'; + throw new Exceptions\ModuleDoesNotExistsException($message); + } } } diff --git a/tests/lib/encryption/managertest.php b/tests/lib/encryption/managertest.php index 5a0efa37b3..e5a1898515 100644 --- a/tests/lib/encryption/managertest.php +++ b/tests/lib/encryption/managertest.php @@ -114,7 +114,7 @@ class ManagerTest extends TestCase { /** * @expectedException \OC\Encryption\Exceptions\ModuleAlreadyExistsException - * @expectedExceptionMessage At the moment it is not allowed to register more than one encryption module + * @expectedExceptionMessage Id "0" already used by encryption module "TestDummyModule0" */ public function testModuleRegistration() { $config = $this->getMock('\OCP\IConfig'); From 506222567e71fc0d77fa77ee7805c93fa7655b6c Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Fri, 20 Mar 2015 16:24:44 +0100 Subject: [PATCH 005/119] add deleteKey methods to key storage --- lib/private/encryption/keys/storage.php | 69 ++++++++++++++++++++++--- lib/public/encryption/keys/istorage.php | 1 + 2 files changed, 63 insertions(+), 7 deletions(-) diff --git a/lib/private/encryption/keys/storage.php b/lib/private/encryption/keys/storage.php index fba86e1737..8f1822ca49 100644 --- a/lib/private/encryption/keys/storage.php +++ b/lib/private/encryption/keys/storage.php @@ -67,8 +67,7 @@ class Storage implements \OCP\Encryption\Keys\IStorage { * @return mixed key */ public function getUserKey($uid, $keyId) { - $path = '/' . $uid . $this->encryption_base_dir . '/' - . $this->encryptionModuleId . '/' . $uid . '.' . $keyId; + $path = $this->constructUserKeyPath($keyId, $uid); return $this->getKey($path); } @@ -94,7 +93,7 @@ class Storage implements \OCP\Encryption\Keys\IStorage { * @return mixed key */ public function getSystemUserKey($keyId) { - $path = $this->encryption_base_dir . '/' . $this->encryptionModuleId . '/' . $keyId; + $path = $this->constructUserKeyPath($keyId); return $this->getKey($path); } @@ -106,8 +105,7 @@ class Storage implements \OCP\Encryption\Keys\IStorage { * @param mixed $key */ public function setUserKey($uid, $keyId, $key) { - $path = '/' . $uid . $this->encryption_base_dir . '/' - . $this->encryptionModuleId . '/' . $uid . '.' . $keyId; + $path = $this->constructUserKeyPath($keyId, $uid); return $this->setKey($path, $key); } @@ -133,11 +131,68 @@ class Storage implements \OCP\Encryption\Keys\IStorage { * @return mixed key */ public function setSystemUserKey($keyId, $key) { - $path = $this->encryption_base_dir . '/' - . $this->encryptionModuleId . '/' . $keyId; + $path = $this->constructUserKeyPath($keyId); return $this->setKey($path, $key); } + /** + * delete user specific key + * + * @param string $uid ID if the user for whom we want to delete the key + * @param string $keyId id of the key + * + * @return boolean + */ + public function deleteUserKey($uid, $keyId) { + $path = $this->constructUserKeyPath($keyId, $uid); + return $this->view->unlink($path); + } + + /** + * delete file specific key + * + * @param string $path path to file + * @param string $keyId id of the key + * + * @return boolean + */ + public function deleteFileKey($path, $keyId) { + $keyDir = $this->getFileKeyDir($path); + return $this->view->unlink($keyDir . $keyId); + } + + /** + * delete system-wide encryption keys not related to a specific user, + * e.g something like a key for public link shares + * + * @param string $keyId id of the key + * + * @return boolean + */ + public function deleteSystemUserKey($keyId) { + $path = $this->constructUserKeyPath($keyId); + return $this->view->unlink($path); + } + + + /** + * construct path to users key + * + * @param string $keyId + * @param string $uid + * @return string + */ + protected function constructUserKeyPath($keyId, $uid = null) { + + if ($uid === null) { + $path = $this->encryption_base_dir . '/' . $this->encryptionModuleId . '/' . $keyId; + } else { + $path = '/' . $uid . $this->encryption_base_dir . '/' + . $this->encryptionModuleId . '/' . $uid . '.' . $keyId; + } + + return $path; + } /** * read key from hard disk diff --git a/lib/public/encryption/keys/istorage.php b/lib/public/encryption/keys/istorage.php index c4c970804e..3a2562102c 100644 --- a/lib/public/encryption/keys/istorage.php +++ b/lib/public/encryption/keys/istorage.php @@ -113,6 +113,7 @@ interface IStorage { public function deleteAllFileKeys($path); /** + * delete system-wide encryption keys not related to a specific user, * e.g something like a key for public link shares * From 0c2f9ca849ef41232511cf576cc9a9de2caa43f0 Mon Sep 17 00:00:00 2001 From: Clark Tomlinson Date: Tue, 24 Mar 2015 17:29:10 -0400 Subject: [PATCH 006/119] Updating keystorage movement and fixing hooks --- apps/encryption/appinfo/encryption.php | 43 +- apps/encryption/hooks/userhooks.php | 215 +++------- apps/encryption/lib/crypto/Encryption.php | 17 +- apps/encryption/lib/crypto/crypt.php | 153 ++++++- apps/encryption/lib/hookmanager.php | 2 + apps/encryption/lib/keymanager.php | 368 ++++++++++++----- apps/encryption/lib/migrator.php | 123 ------ apps/encryption/lib/recovery.php | 58 ++- apps/encryption/lib/users/setup.php | 20 +- apps/encryption/lib/util.php | 394 +++++++++++++++++++ apps/encryption/settings/settings-admin.php | 8 +- apps/encryption/tests/lib/KeyManagerTest.php | 39 +- apps/encryption/tests/lib/MigratorTest.php | 3 +- apps/files_encryption/lib/hooks.php | 226 +++++++++++ lib/private/server.php | 2 +- 15 files changed, 1225 insertions(+), 446 deletions(-) delete mode 100644 apps/encryption/lib/migrator.php create mode 100644 apps/encryption/lib/util.php diff --git a/apps/encryption/appinfo/encryption.php b/apps/encryption/appinfo/encryption.php index f2ab89aade..1a4c17eb60 100644 --- a/apps/encryption/appinfo/encryption.php +++ b/apps/encryption/appinfo/encryption.php @@ -21,16 +21,16 @@ namespace OCA\Encryption\AppInfo; +use OC\Files\Filesystem; +use OC\Files\View; use OCA\Encryption\Crypto\Crypt; use OCA\Encryption\HookManager; -use OCA\Encryption\Hooks\AppHooks; -use OCA\Encryption\Hooks\FileSystemHooks; -use OCA\Encryption\Hooks\ShareHooks; use OCA\Encryption\Hooks\UserHooks; use OCA\Encryption\KeyManager; use OCA\Encryption\Migrator; use OCA\Encryption\Recovery; use OCA\Encryption\Users\Setup; +use OCA\Encryption\Util; use OCP\App; use OCP\AppFramework\IAppContainer; use OCP\Encryption\IManager; @@ -81,14 +81,7 @@ class Encryption extends \OCP\AppFramework\App { $hookManager = new HookManager(); $hookManager->registerHook([ - new UserHooks($container->query('KeyManager'), - $server->getLogger(), - $container->query('UserSetup'), - $container->query('Migrator'), - $server->getUserSession()), -// new ShareHooks(), -// new FileSystemHooks(), -// new AppHooks() + new UserHooks($container->query('KeyManager'), $server->getLogger(), $container->query('UserSetup'), $server->getUserSession(), new \OCP\Util(), $container->query('Util')), ]); $hookManager->fireHooks(); @@ -103,7 +96,7 @@ class Encryption extends \OCP\AppFramework\App { * */ public function registerEncryptionModule() { -// $this->encryptionManager->registerEncryptionModule(new \OCA\Encryption\Crypto\Encryption()); + $this->encryptionManager->registerEncryptionModule(new \OCA\Encryption\Crypto\Encryption()); } /** @@ -124,10 +117,13 @@ class Encryption extends \OCP\AppFramework\App { function (IAppContainer $c) { $server = $c->getServer(); - return new KeyManager($server->getEncryptionKeyStorage(), + return new KeyManager($server->getEncryptionKeyStorage('encryption'), $c->query('Crypt'), $server->getConfig(), - $server->getUserSession()); + $server->getUserSession(), + $server->getMemCacheFactory(), + $server->getLogger() + ); }); @@ -141,7 +137,7 @@ class Encryption extends \OCP\AppFramework\App { $server->getSecureRandom(), $c->query('KeyManager'), $server->getConfig(), - $server->getEncryptionKeyStorage()); + $server->getEncryptionKeyStorage('encryption')); }); $container->registerService('UserSetup', @@ -157,13 +153,26 @@ class Encryption extends \OCP\AppFramework\App { function (IAppContainer $c) { $server = $c->getServer(); - return new Migrator($server->getUserSession(), - $server->getConfig(), + return new Migrator($server->getConfig(), $server->getUserManager(), $server->getLogger(), $c->query('Crypt')); }); + $container->registerService('Util', + function (IAppContainer $c) { + $server = $c->getServer(); + + return new Util(new View(), + new Filesystem(), + $c->query('Crypt'), + $c->query('KeyManager'), + $server->getLogger(), + $server->getUserSession(), + $server->getConfig() + ); + }); + } /** diff --git a/apps/encryption/hooks/userhooks.php b/apps/encryption/hooks/userhooks.php index 79de70a6d0..096fd3beb9 100644 --- a/apps/encryption/hooks/userhooks.php +++ b/apps/encryption/hooks/userhooks.php @@ -22,15 +22,14 @@ namespace OCA\Encryption\Hooks; +use OCP\Util as OCUtil; use OCA\Encryption\Hooks\Contracts\IHook; use OCA\Encryption\KeyManager; -use OCA\Encryption\Migrator; -use OCA\Encryption\RequirementsChecker; use OCA\Encryption\Users\Setup; use OCP\App; use OCP\ILogger; use OCP\IUserSession; -use OCP\Util; +use OCA\Encryption\Util; use Test\User; class UserHooks implements IHook { @@ -46,14 +45,14 @@ class UserHooks implements IHook { * @var Setup */ private $userSetup; - /** - * @var Migrator - */ - private $migrator; /** * @var IUserSession */ private $user; + /** + * @var Util + */ + private $util; /** * UserHooks constructor. @@ -61,17 +60,19 @@ class UserHooks implements IHook { * @param KeyManager $keyManager * @param ILogger $logger * @param Setup $userSetup - * @param Migrator $migrator * @param IUserSession $user + * @param OCUtil $ocUtil + * @param Util $util + * @internal param Migrator $migrator */ public function __construct( - KeyManager $keyManager, ILogger $logger, Setup $userSetup, Migrator $migrator, IUserSession $user) { + KeyManager $keyManager, ILogger $logger, Setup $userSetup, IUserSession $user, OCUtil $ocUtil, Util $util) { $this->keyManager = $keyManager; $this->logger = $logger; $this->userSetup = $userSetup; - $this->migrator = $migrator; $this->user = $user; + $this->util = $util; } /** @@ -80,12 +81,24 @@ class UserHooks implements IHook { * @return null */ public function addHooks() { - Util::connectHook('OC_User', 'post_login', $this, 'login'); - Util::connectHook('OC_User', 'logout', $this, 'logout'); - Util::connectHook('OC_User', 'post_setPassword', $this, 'setPassphrase'); - Util::connectHook('OC_User', 'pre_setPassword', $this, 'preSetPassphrase'); - Util::connectHook('OC_User', 'post_createUser', $this, 'postCreateUser'); - Util::connectHook('OC_User', 'post_deleteUser', $this, 'postDeleteUser'); + OCUtil::connectHook('OC_User', 'post_login', $this, 'login'); + OCUtil::connectHook('OC_User', 'logout', $this, 'logout'); + OCUtil::connectHook('OC_User', + 'post_setPassword', + $this, + 'setPassphrase'); + OCUtil::connectHook('OC_User', + 'pre_setPassword', + $this, + 'preSetPassphrase'); + OCUtil::connectHook('OC_User', + 'post_createUser', + $this, + 'postCreateUser'); + OCUtil::connectHook('OC_User', + 'post_deleteUser', + $this, + 'postDeleteUser'); } @@ -93,6 +106,8 @@ class UserHooks implements IHook { * Startup encryption backend upon user login * * @note This method should never be called for users using client side encryption + * @param array $params + * @return bool */ public function login($params) { @@ -107,187 +122,66 @@ class UserHooks implements IHook { } // setup user, if user not ready force relogin - if (!$this->userSetup->setupUser($params['password'])) { + if (!$this->userSetup->setupUser($params['uid'], $params['password'])) { return false; } - $cache = $this->keyManager->init(); - - // Check if first-run file migration has already been performed - $ready = false; - $migrationStatus = $this->migrator->getStatus($params['uid']); - if ($migrationStatus === Migrator::$migrationOpen && $cache !== false) { - $ready = $this->migrator->beginMigration(); - } elseif ($migrationStatus === Migrator::$migrationInProgress) { - // refuse login as long as the initial encryption is running - sleep(5); - $this->user->logout(); - return false; - } - - $result = true; - - // If migration not yet done - if ($ready) { - - // Encrypt existing user files - try { - $result = $util->encryptAll('/' . $params['uid'] . '/' . 'files'); - } catch (\Exception $ex) { - \OCP\Util::writeLog('Encryption library', 'Initial encryption failed! Error: ' . $ex->getMessage(), \OCP\Util::FATAL); - $result = false; - } - - if ($result) { - \OC_Log::write( - 'Encryption library', 'Encryption of existing files belonging to "' . $params['uid'] . '" completed' - , \OC_Log::INFO - ); - // Register successful migration in DB - $util->finishMigration(); - } else { - \OCP\Util::writeLog('Encryption library', 'Initial encryption failed!', \OCP\Util::FATAL); - $util->resetMigrationStatus(); - \OCP\User::logout(); - } - } - - return $result; + $this->keyManager->init($params['uid'], $params['password']); } /** * remove keys from session during logout */ public function logout() { - $session = new Session(new \OC\Files\View()); - $session->removeKeys(); + KeyManager::$cacheFactory->clear(); } /** * setup encryption backend upon user created * * @note This method should never be called for users using client side encryption + * @param array $params */ public function postCreateUser($params) { - if (App::isEnabled('files_encryption')) { - $view = new \OC\Files\View('/'); - $util = new Util($view, $params['uid']); - Helper::setupUser($util, $params['password']); + if (App::isEnabled('encryption')) { + $this->userSetup->setupUser($params['uid'], $params['password']); } } /** * cleanup encryption backend upon user deleted * + * @param array $params : uid, password * @note This method should never be called for users using client side encryption */ public function postDeleteUser($params) { - if (App::isEnabled('files_encryption')) { - Keymanager::deletePublicKey(new \OC\Files\View(), $params['uid']); + if (App::isEnabled('encryption')) { + $this->keyManager->deletePublicKey($params['uid']); } } /** * If the password can't be changed within ownCloud, than update the key password in advance. + * + * @param array $params : uid, password + * @return bool */ public function preSetPassphrase($params) { - if (App::isEnabled('files_encryption')) { - if (!\OC_User::canUserChangePassword($params['uid'])) { - self::setPassphrase($params); + if (App::isEnabled('encryption')) { + + if (!$this->user->getUser()->canChangePassword()) { + if (App::isEnabled('encryption') === false) { + return true; + } + $this->keyManager->setPassphrase($params, + $this->user, + $this->util); } } } - /** - * Change a user's encryption passphrase - * - * @param array $params keys: uid, password - */ - public function setPassphrase($params) { - if (App::isEnabled('files_encryption') === false) { - return true; - } - - // Only attempt to change passphrase if server-side encryption - // is in use (client-side encryption does not have access to - // the necessary keys) - if (Crypt::mode() === 'server') { - - $view = new \OC\Files\View('/'); - $session = new Session($view); - - // Get existing decrypted private key - $privateKey = $session->getPrivateKey(); - - if ($params['uid'] === \OCP\User::getUser() && $privateKey) { - - // Encrypt private key with new user pwd as passphrase - $encryptedPrivateKey = Crypt::symmetricEncryptFileContent($privateKey, $params['password'], Helper::getCipher()); - - // Save private key - if ($encryptedPrivateKey) { - Keymanager::setPrivateKey($encryptedPrivateKey, \OCP\User::getUser()); - } else { - \OCP\Util::writeLog('files_encryption', 'Could not update users encryption password', \OCP\Util::ERROR); - } - - // NOTE: Session does not need to be updated as the - // private key has not changed, only the passphrase - // used to decrypt it has changed - - - } else { // admin changed the password for a different user, create new keys and reencrypt file keys - - $user = $params['uid']; - $util = new Util($view, $user); - $recoveryPassword = isset($params['recoveryPassword']) ? $params['recoveryPassword'] : null; - - // we generate new keys if... - // ...we have a recovery password and the user enabled the recovery key - // ...encryption was activated for the first time (no keys exists) - // ...the user doesn't have any files - if (($util->recoveryEnabledForUser() && $recoveryPassword) - || !$util->userKeysExists() - || !$view->file_exists($user . '/files') - ) { - - // backup old keys - $util->backupAllKeys('recovery'); - - $newUserPassword = $params['password']; - - // make sure that the users home is mounted - \OC\Files\Filesystem::initMountPoints($user); - - $keypair = Crypt::createKeypair(); - - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // Save public key - Keymanager::setPublicKey($keypair['publicKey'], $user); - - // Encrypt private key with new password - $encryptedKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], $newUserPassword, Helper::getCipher()); - if ($encryptedKey) { - Keymanager::setPrivateKey($encryptedKey, $user); - - if ($recoveryPassword) { // if recovery key is set we can re-encrypt the key files - $util = new Util($view, $user); - $util->recoverUsersFiles($recoveryPassword); - } - } else { - \OCP\Util::writeLog('files_encryption', 'Could not update users encryption password', \OCP\Util::ERROR); - } - - \OC_FileProxy::$enabled = $proxyStatus; - } - } - } - } /** * after password reset we create a new key pair for the user @@ -295,10 +189,9 @@ class UserHooks implements IHook { * @param array $params */ public function postPasswordReset($params) { - $uid = $params['uid']; $password = $params['password']; - $util = new Util(new \OC\Files\View(), $uid); - $util->replaceUserKeys($password); + $this->keyManager->replaceUserKeys($params['uid']); + $this->userSetup->setupServerSide($params['uid'], $password); } } diff --git a/apps/encryption/lib/crypto/Encryption.php b/apps/encryption/lib/crypto/Encryption.php index 123581b83a..b8429d7124 100644 --- a/apps/encryption/lib/crypto/Encryption.php +++ b/apps/encryption/lib/crypto/Encryption.php @@ -18,7 +18,7 @@ class Encryption extends Crypt implements IEncryptionModule { * @return string defining the technical unique id */ public function getId() { - // TODO: Implement getId() method. + return md5($this->getDisplayName()); } /** @@ -27,7 +27,7 @@ class Encryption extends Crypt implements IEncryptionModule { * @return string */ public function getDisplayName() { - // TODO: Implement getDisplayName() method. + return 'ownCloud Default Encryption'; } /** @@ -44,7 +44,9 @@ class Encryption extends Crypt implements IEncryptionModule { * or if no additional data is needed return a empty array */ public function begin($path, $header, $accessList) { + // TODO: Implement begin() method. + // return additional header information that needs to be written i.e. cypher used } /** @@ -68,6 +70,7 @@ class Encryption extends Crypt implements IEncryptionModule { */ public function encrypt($data) { // Todo: xxx Update Signature and usages + // passphrase is file key decrypted with user private/share key $this->symmetricEncryptFileContent($data); } @@ -113,4 +116,14 @@ class Encryption extends Crypt implements IEncryptionModule { public function calculateUnencryptedSize($path) { // TODO: Implement calculateUnencryptedSize() method. } + + /** + * get size of the unencrypted payload per block. + * ownCloud read/write files with a block size of 8192 byte + * + * @return integer + */ + public function getUnencryptedBlockSize() { + // TODO: Implement getUnencryptedBlockSize() method. + } } diff --git a/apps/encryption/lib/crypto/crypt.php b/apps/encryption/lib/crypto/crypt.php index 8018f11a37..f9fe4f9bec 100644 --- a/apps/encryption/lib/crypto/crypt.php +++ b/apps/encryption/lib/crypto/crypt.php @@ -25,6 +25,8 @@ namespace OCA\Encryption\Crypto; use OC\Encryption\Exceptions\DecryptionFailedException; use OC\Encryption\Exceptions\EncryptionFailedException; use OC\Encryption\Exceptions\GenericEncryptionException; +use OCA\Files_Encryption\Exception\MultiKeyDecryptException; +use OCA\Files_Encryption\Exception\MultiKeyEncryptException; use OCP\IConfig; use OCP\ILogger; use OCP\IUser; @@ -83,12 +85,17 @@ class Crypt { $res = $this->getOpenSSLPKey(); if (!$res) { - $log->error("Encryption Library could'nt generate users key-pair for {$this->user->getUID()}", ['app' => 'encryption']); + $log->error("Encryption Library could'nt generate users key-pair for {$this->user->getUID()}", + ['app' => 'encryption']); if (openssl_error_string()) { - $log->error('Encryption library openssl_pkey_new() fails: ' . openssl_error_string(), ['app' => 'encryption']); + $log->error('Encryption library openssl_pkey_new() fails: ' . openssl_error_string(), + ['app' => 'encryption']); } - } elseif (openssl_pkey_export($res, $privateKey, null, $this->getOpenSSLConfig())) { + } elseif (openssl_pkey_export($res, + $privateKey, + null, + $this->getOpenSSLConfig())) { $keyDetails = openssl_pkey_get_details($res); $publicKey = $keyDetails['key']; @@ -97,9 +104,11 @@ class Crypt { 'privateKey' => $privateKey ]; } - $log->error('Encryption library couldn\'t export users private key, please check your servers openSSL configuration.' . $user->getUID(), ['app' => 'encryption']); + $log->error('Encryption library couldn\'t export users private key, please check your servers openSSL configuration.' . $user->getUID(), + ['app' => 'encryption']); if (openssl_error_string()) { - $log->error('Encryption Library:' . openssl_error_string(), ['app' => 'encryption']); + $log->error('Encryption Library:' . openssl_error_string(), + ['app' => 'encryption']); } return false; @@ -118,7 +127,9 @@ class Crypt { */ private function getOpenSSLConfig() { $config = ['private_key_bits' => 4096]; - $config = array_merge(\OC::$server->getConfig()->getSystemValue('openssl', []), $config); + $config = array_merge(\OC::$server->getConfig()->getSystemValue('openssl', + []), + $config); return $config; } @@ -131,14 +142,18 @@ class Crypt { public function symmetricEncryptFileContent($plainContent, $passphrase) { if (!$plainContent) { - $this->logger->error('Encryption Library, symmetrical encryption failed no content given', ['app' => 'encryption']); + $this->logger->error('Encryption Library, symmetrical encryption failed no content given', + ['app' => 'encryption']); return false; } $iv = $this->generateIv(); try { - $encryptedContent = $this->encrypt($plainContent, $iv, $passphrase, $this->getCipher()); + $encryptedContent = $this->encrypt($plainContent, + $iv, + $passphrase, + $this->getCipher()); // combine content to encrypt the IV identifier and actual IV $catFile = $this->concatIV($encryptedContent, $iv); $padded = $this->addPadding($catFile); @@ -146,7 +161,8 @@ class Crypt { return $padded; } catch (EncryptionFailedException $e) { $message = 'Could not encrypt file content (code: ' . $e->getCode() . '): '; - $this->logger->error('files_encryption' . $message . $e->getMessage(), ['app' => 'encryption']); + $this->logger->error('files_encryption' . $message . $e->getMessage(), + ['app' => 'encryption']); return false; } @@ -161,11 +177,16 @@ class Crypt { * @throws EncryptionFailedException */ private function encrypt($plainContent, $iv, $passphrase = '', $cipher = self::DEFAULT_CIPHER) { - $encryptedContent = openssl_encrypt($plainContent, $cipher, $passphrase, false, $iv); + $encryptedContent = openssl_encrypt($plainContent, + $cipher, + $passphrase, + false, + $iv); if (!$encryptedContent) { $error = 'Encryption (symmetric) of content failed'; - $this->logger->error($error . openssl_error_string(), ['app' => 'encryption']); + $this->logger->error($error . openssl_error_string(), + ['app' => 'encryption']); throw new EncryptionFailedException($error); } @@ -177,8 +198,9 @@ class Crypt { */ public function getCipher() { $cipher = $this->config->getSystemValue('cipher', self::DEFAULT_CIPHER); - if ($cipher !== 'AES-256-CFB' || $cipher !== 'AES-128-CFB') { - $this->logger->warning('Wrong cipher defined in config.php only AES-128-CFB and AES-256-CFB are supported. Fall back' . self::DEFAULT_CIPHER, ['app' => 'encryption']); + if ($cipher !== 'AES-256-CFB' && $cipher !== 'AES-128-CFB') { + $this->logger->warning('Wrong cipher defined in config.php only AES-128-CFB and AES-256-CFB are supported. Fall back' . self::DEFAULT_CIPHER, + ['app' => 'encryption']); $cipher = self::DEFAULT_CIPHER; } @@ -214,10 +236,14 @@ class Crypt { // If we found a header we need to remove it from the key we want to decrypt if (!empty($header)) { - $recoveryKey = substr($recoveryKey, strpos($recoveryKey, self::HEADEREND) + strlen(self::HEADERSTART)); + $recoveryKey = substr($recoveryKey, + strpos($recoveryKey, + self::HEADEREND) + strlen(self::HEADERSTART)); } - $plainKey = $this->symmetricDecryptFileContent($recoveryKey, $password, $cipher); + $plainKey = $this->symmetricDecryptFileContent($recoveryKey, + $password, + $cipher); // Check if this is a valid private key $res = openssl_get_privatekey($plainKey); @@ -246,7 +272,10 @@ class Crypt { $catFile = $this->splitIv($noPadding); - $plainContent = $this->decrypt($catFile['encrypted'], $catFile['iv'], $passphrase, $cipher); + $plainContent = $this->decrypt($catFile['encrypted'], + $catFile['iv'], + $passphrase, + $cipher); if ($plainContent) { return $plainContent; @@ -296,7 +325,11 @@ class Crypt { * @throws DecryptionFailedException */ private function decrypt($encryptedContent, $iv, $passphrase = '', $cipher = self::DEFAULT_CIPHER) { - $plainContent = openssl_decrypt($encryptedContent, $cipher, $passphrase, false, $iv); + $plainContent = openssl_decrypt($encryptedContent, + $cipher, + $passphrase, + false, + $iv); if ($plainContent) { return $plainContent; @@ -317,7 +350,8 @@ class Crypt { $header = substr($data, 0, $endAt + strlen(self::HEADEREND)); // +1 not to start with an ':' which would result in empty element at the beginning - $exploded = explode(':', substr($header, strlen(self::HEADERSTART) + 1)); + $exploded = explode(':', + substr($header, strlen(self::HEADERSTART) + 1)); $element = array_shift($exploded); @@ -339,7 +373,8 @@ class Crypt { if ($random) { if (!$strong) { // If OpenSSL indicates randomness is insecure log error - $this->logger->error('Encryption Library: Insecure symmetric key was generated using openssl_random_psudo_bytes()', ['app' => 'encryption']); + $this->logger->error('Encryption Library: Insecure symmetric key was generated using openssl_random_psudo_bytes()', + ['app' => 'encryption']); } /* @@ -351,5 +386,85 @@ class Crypt { // If we ever get here we've failed anyway no need for an else throw new GenericEncryptionException('Generating IV Failed'); } + + /** + * Check if a file's contents contains an IV and is symmetrically encrypted + * + * @param $content + * @return bool + */ + public function isCatFileContent($content) { + if (!$content) { + return false; + } + + $noPadding = $this->removePadding($content); + + // Fetch encryption metadata from end of file + $meta = substr($noPadding, -22); + + // Fetch identifier from start of metadata + $identifier = substr($meta, 0, 6); + + if ($identifier === '00iv00') { + return true; + } + return false; + } + + /** + * @param $encKeyFile + * @param $shareKey + * @param $privateKey + * @return mixed + * @throws MultiKeyDecryptException + */ + public function multiKeyDecrypt($encKeyFile, $shareKey, $privateKey) { + if (!$encKeyFile) { + throw new MultiKeyDecryptException('Cannot multikey decrypt empty plain content'); + } + + if (openssl_open($encKeyFile, $plainContent, $shareKey, $privateKey)) { + return $plainContent; + } else { + throw new MultiKeyDecryptException('multikeydecrypt with share key failed'); + } + } + + /** + * @param $plainContent + * @param array $keyFiles + * @return array + * @throws MultiKeyEncryptException + */ + public function multiKeyEncrypt($plainContent, array $keyFiles) { + // openssl_seal returns false without errors if plaincontent is empty + // so trigger our own error + if (empty($plainContent)) { + throw new MultiKeyEncryptException('Cannot multikeyencrypt empty plain content'); + } + + // Set empty vars to be set by openssl by reference + $sealed = ''; + $shareKeys = []; + $mappedShareKeys = []; + + if (openssl_seal($plainContent, $sealed, $shareKeys, $keyFiles)) { + $i = 0; + + // Ensure each shareKey is labelled with its coreesponding keyid + foreach ($keyFiles as $userId => $publicKey) { + $mappedShareKeys[$userId] = $shareKeys[$i]; + $i++; + } + + return [ + 'keys' => $mappedShareKeys, + 'data' => $sealed + ]; + } else { + throw new MultiKeyEncryptException('multikeyencryption failed ' . openssl_error_string()); + } + } } diff --git a/apps/encryption/lib/hookmanager.php b/apps/encryption/lib/hookmanager.php index a535230a6a..9e6d9cd855 100644 --- a/apps/encryption/lib/hookmanager.php +++ b/apps/encryption/lib/hookmanager.php @@ -54,6 +54,8 @@ class HookManager { public function fireHooks() { foreach ($this->hookInstances as $instance) { /** + * Fire off the add hooks method of each instance stored in cache + * * @var $instance IHook */ $instance->addHooks(); diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index 272bf0849c..83b24c79b8 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -22,21 +22,27 @@ namespace OCA\Encryption; +use OC\Encryption\Exceptions\DecryptionFailedException; use OC\Encryption\Exceptions\PrivateKeyMissingException; use OC\Encryption\Exceptions\PublicKeyMissingException; use OCA\Encryption\Crypto\Crypt; -use OCP\Encryption\IKeyStorage; +use OCP\Encryption\Keys\IStorage; +use OCP\ICache; +use OCP\ICacheFactory; use OCP\IConfig; -use OCP\IUser; +use OCP\ILogger; use OCP\IUserSession; class KeyManager { /** - * @var IKeyStorage + * @var ICache + */ + public static $cacheFactory; + /** + * @var IStorage */ private $keyStorage; - /** * @var Crypt */ @@ -53,63 +59,55 @@ class KeyManager { * @var string UserID */ private $keyId; + /** + * @var string + */ + private $publicKeyId = 'public'; + /** + * @var string + */ + private $privateKeyId = 'private'; /** * @var string */ - private $publicKeyId = '.public'; + private $shareKeyId = 'sharekey'; + /** * @var string */ - private $privateKeyId = '.private'; + private $fileKeyId = 'filekey'; /** * @var IConfig */ private $config; + /** + * @var ILogger + */ + private $log; /** - * @param IKeyStorage $keyStorage + * @param IStorage $keyStorage * @param Crypt $crypt * @param IConfig $config * @param IUserSession $userSession + * @param ICacheFactory $cacheFactory + * @param ILogger $log */ - public function __construct(IKeyStorage $keyStorage, Crypt $crypt, IConfig $config, IUserSession $userSession) { + public function __construct(IStorage $keyStorage, Crypt $crypt, IConfig $config, IUserSession $userSession, ICacheFactory $cacheFactory, ILogger $log) { $this->keyStorage = $keyStorage; $this->crypt = $crypt; $this->config = $config; - $this->recoveryKeyId = $this->config->getAppValue('encryption', 'recoveryKeyId'); - $this->publicShareKeyId = $this->config->getAppValue('encryption', 'publicShareKeyId'); + $this->recoveryKeyId = $this->config->getAppValue('encryption', + 'recoveryKeyId'); + $this->publicShareKeyId = $this->config->getAppValue('encryption', + 'publicShareKeyId'); $this->keyId = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false; - } - - /** - * @param $userId - * @return mixed - * @throws PrivateKeyMissingException - */ - public function getPrivateKey($userId) { - $privateKey = $this->keyStorage->getUserKey($userId, $this->privateKeyId); - - if (strlen($privateKey) !== 0) { - return $privateKey; - } - throw new PrivateKeyMissingException(); - } - - /** - * @param $userId - * @return mixed - * @throws PublicKeyMissingException - */ - public function getPublicKey($userId) { - $publicKey = $this->keyStorage->getUserKey($userId, $this->publicKeyId); - - if (strlen($publicKey) !== 0) { - return $publicKey; - } - throw new PublicKeyMissingException(); + self::$cacheFactory = $cacheFactory; + self::$cacheFactory = self::$cacheFactory->create('encryption'); + $this->log = $log; } /** @@ -119,29 +117,14 @@ class KeyManager { return (strlen($this->keyStorage->getSystemUserKey($this->recoveryKeyId)) !== 0); } - /** - * @param $userId - * @return bool - */ - public function userHasKeys($userId) { - try { - $this->getPrivateKey($userId); - $this->getPublicKey($userId); - } catch (PrivateKeyMissingException $e) { - return false; - } catch (PublicKeyMissingException $e) { - return false; - } - return true; - } - /** * @param $password * @return bool */ public function checkRecoveryPassword($password) { $recoveryKey = $this->keyStorage->getSystemUserKey($this->recoveryKeyId); - $decryptedRecoveryKey = $this->crypt->decryptPrivateKey($recoveryKey, $password); + $decryptedRecoveryKey = $this->crypt->decryptPrivateKey($recoveryKey, + $password); if ($decryptedRecoveryKey) { return true; @@ -149,6 +132,27 @@ class KeyManager { return false; } + /** + * @param string $uid + * @param string $password + * @param string $keyPair + * @return bool + */ + public function storeKeyPair($uid, $password, $keyPair) { + // Save Public Key + $this->setPublicKey($uid, $keyPair['publicKey']); + + $encryptedKey = $this->crypt->symmetricEncryptFileContent($keyPair['privateKey'], + $password); + + if ($encryptedKey) { + $this->setPrivateKey($uid, $encryptedKey); + $this->config->setAppValue('encryption', 'recoveryAdminEnabled', 1); + return true; + } + return false; + } + /** * @param $userId * @param $key @@ -164,54 +168,234 @@ class KeyManager { * @return bool */ public function setPrivateKey($userId, $key) { - return $this->keyStorage->setUserKey($userId, $this->privateKeyId, $key); - } - - - /** - * @param $password - * @param $keyPair - * @return bool - */ - public function storeKeyPair($password, $keyPair) { - // Save Public Key - $this->setPublicKey($this->keyId, $keyPair['publicKey']); - - $encryptedKey = $this->crypt->symmetricEncryptFileContent($keyPair['privateKey'], $password); - - if ($encryptedKey) { - $this->setPrivateKey($this->keyId, $encryptedKey); - $this->config->setAppValue('encryption', 'recoveryAdminEnabled', 1); - return true; - } - return false; + return $this->keyStorage->setUserKey($userId, + $this->privateKeyId, + $key); } /** - * @return bool + * Decrypt private key and store it + * + * @param string $uid userid + * @param string $passPhrase users password + * @return ICache */ - public function ready() { - return $this->keyStorage->ready(); - } - - - /** - * @return \OCP\ICache - * @throws PrivateKeyMissingException - */ - public function init() { + public function init($uid, $passPhrase) { try { - $privateKey = $this->getPrivateKey($this->keyId); + $privateKey = $this->getPrivateKey($uid); + $privateKey = $this->crypt->decryptPrivateKey($privateKey, + $passPhrase); } catch (PrivateKeyMissingException $e) { return false; + } catch (DecryptionFailedException $e) { + return false; } - $cache = \OC::$server->getMemCacheFactory(); + self::$cacheFactory->set('privateKey', $privateKey); + self::$cacheFactory->set('initStatus', true); - $cacheInstance = $cache->create('Encryption'); - $cacheInstance->set('privateKey', $privateKey); - return $cacheInstance; + return self::$cacheFactory; } + /** + * @param $userId + * @return mixed + * @throws PrivateKeyMissingException + */ + public function getPrivateKey($userId) { + $privateKey = $this->keyStorage->getUserKey($userId, + $this->privateKeyId); + + if (strlen($privateKey) !== 0) { + return $privateKey; + } + throw new PrivateKeyMissingException(); + } + + /** + * @param $path + * @return mixed + */ + public function getFileKey($path) { + return $this->keyStorage->getFileKey($path, $this->fileKeyId); + } + + /** + * @param $path + * @return mixed + */ + public function getShareKey($path) { + return $this->keyStorage->getFileKey($path, $this->keyId . $this->shareKeyId); + } + + /** + * Change a user's encryption passphrase + * + * @param array $params keys: uid, password + * @param IUserSession $user + * @param Util $util + * @return bool + */ + public function setPassphrase($params, IUserSession $user, Util $util) { + + // Only attempt to change passphrase if server-side encryption + // is in use (client-side encryption does not have access to + // the necessary keys) + if ($this->crypt->mode() === 'server') { + + // Get existing decrypted private key + $privateKey = self::$cacheFactory->get('privateKey'); + + if ($params['uid'] === $user->getUser()->getUID() && $privateKey) { + + // Encrypt private key with new user pwd as passphrase + $encryptedPrivateKey = $this->crypt->symmetricEncryptFileContent($privateKey, + $params['password']); + + // Save private key + if ($encryptedPrivateKey) { + $this->setPrivateKey($user->getUser()->getUID(), + $encryptedPrivateKey); + } else { + $this->log->error('Encryption could not update users encryption password'); + } + + // NOTE: Session does not need to be updated as the + // private key has not changed, only the passphrase + // used to decrypt it has changed + + + } else { // admin changed the password for a different user, create new keys and reencrypt file keys + + $user = $params['uid']; + $recoveryPassword = isset($params['recoveryPassword']) ? $params['recoveryPassword'] : null; + + // we generate new keys if... + // ...we have a recovery password and the user enabled the recovery key + // ...encryption was activated for the first time (no keys exists) + // ...the user doesn't have any files + if (($util->recoveryEnabledForUser() && $recoveryPassword) + + || !$this->userHasKeys($user) + || !$util->userHasFiles($user) + ) { + + // backup old keys + $this->backupAllKeys('recovery'); + + $newUserPassword = $params['password']; + + $keypair = $this->crypt->createKeyPair(); + + // Disable encryption proxy to prevent recursive calls + $proxyStatus = \OC_FileProxy::$enabled; + \OC_FileProxy::$enabled = false; + + // Save public key + $this->setPublicKey($user, $keypair['publicKey']); + + // Encrypt private key with new password + $encryptedKey = $this->crypt->symmetricEncryptFileContent($keypair['privateKey'], + $newUserPassword); + + if ($encryptedKey) { + $this->setPrivateKey($user, $encryptedKey); + + if ($recoveryPassword) { // if recovery key is set we can re-encrypt the key files + $util->recoverUsersFiles($recoveryPassword); + } + } else { + $this->log->error('Encryption Could not update users encryption password'); + } + + \OC_FileProxy::$enabled = $proxyStatus; + } + } + } + } + + /** + * @param $userId + * @return bool + */ + public function userHasKeys($userId) { + try { + $this->getPrivateKey($userId); + $this->getPublicKey($userId); + } catch (PrivateKeyMissingException $e) { + return false; + } catch (PublicKeyMissingException $e) { + return false; + } + return true; + } + + /** + * @param $userId + * @return mixed + * @throws PublicKeyMissingException + */ + public function getPublicKey($userId) { + $publicKey = $this->keyStorage->getUserKey($userId, $this->publicKeyId); + + if (strlen($publicKey) !== 0) { + return $publicKey; + } + throw new PublicKeyMissingException(); + } + + /** + * @param $purpose + * @param bool $timestamp + * @param bool $includeUserKeys + */ + public function backupAllKeys($purpose, $timestamp = true, $includeUserKeys = true) { +// $backupDir = $this->keyStorage->; + } + + /** + * @param string $uid + */ + public function replaceUserKeys($uid) { + $this->backupAllKeys('password_reset'); + $this->deletePublicKey($uid); + $this->deletePrivateKey($uid); + } + + /** + * @param $uid + * @return bool + */ + public function deletePublicKey($uid) { + return $this->keyStorage->deleteUserKey($uid, $this->publicKeyId); + } + + /** + * @param $uid + * @return bool + */ + private function deletePrivateKey($uid) { + return $this->keyStorage->deleteUserKey($uid, $this->privateKeyId); + } + + /** + * @param array $userIds + * @return array + * @throws PublicKeyMissingException + */ + public function getPublicKeys(array $userIds) { + $keys = []; + + foreach ($userIds as $userId) { + try { + $keys[$userId] = $this->getPublicKey($userId); + } catch (PublicKeyMissingException $e) { + continue; + } + } + + return $keys; + + } } diff --git a/apps/encryption/lib/migrator.php b/apps/encryption/lib/migrator.php deleted file mode 100644 index 8f7823cb1a..0000000000 --- a/apps/encryption/lib/migrator.php +++ /dev/null @@ -1,123 +0,0 @@ - - * @since 3/9/15, 2:44 PM - * @link http:/www.clarkt.com - * @copyright Clark Tomlinson © 2015 - * - */ - -namespace OCA\Encryption; - - -use OCA\Encryption\Crypto\Crypt; -use OCP\IConfig; -use OCP\ILogger; -use OCP\IUserManager; -use OCP\IUserSession; -use OCP\PreConditionNotMetException; - -class Migrator { - - /** - * @var bool - */ - private $status = false; - /** - * @var IUserManager - */ - private $user; - /** - * @var IConfig - */ - private $config; - /** - * @var string - */ - public static $migrationOpen = '0'; - /** - * @var string - */ - public static $migrationInProgress = '-1'; - /** - * @var string - */ - public static $migrationComplete = '1'; - /** - * @var IUserManager - */ - private $userManager; - /** - * @var ILogger - */ - private $log; - /** - * @var Crypt - */ - private $crypt; - - /** - * Migrator constructor. - * - * @param IUserSession $userSession - * @param IConfig $config - * @param IUserManager $userManager - * @param ILogger $log - * @param Crypt $crypt - */ - public function __construct(IUserSession $userSession, IConfig $config, IUserManager $userManager, ILogger $log, Crypt $crypt) { - $this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser() : false; - $this->config = $config; - $this->userManager = $userManager; - $this->log = $log; - $this->crypt = $crypt; - } - - /** - * @param $userId - * @return bool|string - */ - public function getStatus($userId) { - if ($this->userManager->userExists($userId)) { - $this->status = $this->config->getUserValue($userId, 'encryption', 'migrationStatus', false); - - if (!$this->status) { - $this->config->setUserValue($userId, 'encryption', 'migrationStatus', self::$migrationOpen); - $this->status = self::$migrationOpen; - } - } - - return $this->status; - } - - /** - * @return bool - */ - public function beginMigration() { - $status = $this->setMigrationStatus(self::$migrationInProgress, self::$migrationOpen); - - if ($status) { - $this->log->info('Encryption Library Start migration to encrypt for ' . $this->user->getUID()); - return $status; - } - $this->log->warning('Encryption Library Could not activate migration for ' . $this->user->getUID() . '. Probably another process already started the inital encryption'); - return $status; - } - - /** - * @param $status - * @param bool $preCondition - * @return bool - */ - private function setMigrationStatus($status, $preCondition = false) { - // Convert to string if preCondition is set - $preCondition = ($preCondition === false) ? false : (string)$preCondition; - - try { - $this->config->setUserValue($this->user->getUID(), 'encryption', 'migrationStatus', (string)$status, $preCondition); - return true; - } catch (PreConditionNotMetException $e) { - return false; - } - } -} diff --git a/apps/encryption/lib/recovery.php b/apps/encryption/lib/recovery.php index 88350e96c5..457184b4b9 100644 --- a/apps/encryption/lib/recovery.php +++ b/apps/encryption/lib/recovery.php @@ -22,11 +22,12 @@ namespace OCA\Encryption; -use OC\Files\View; use OCA\Encryption\Crypto\Crypt; -use OCP\Encryption\IKeyStorage; +use OCP\Encryption\Keys\IStorage; use OCP\IConfig; use OCP\IUser; +use OCP\IUserSession; +use OCP\PreConditionNotMetException; use OCP\Security\ISecureRandom; class Recovery { @@ -58,20 +59,20 @@ class Recovery { private $keyStorage; /** - * @param IUser $user + * @param IUserSession $user * @param Crypt $crypt * @param ISecureRandom $random * @param KeyManager $keyManager * @param IConfig $config - * @param IKeyStorage $keyStorage + * @param IStorage $keyStorage */ - public function __construct(IUser $user, + public function __construct(IUserSession $user, Crypt $crypt, ISecureRandom $random, KeyManager $keyManager, IConfig $config, - IKeyStorage $keyStorage) { - $this->user = $user; + IStorage $keyStorage) { + $this->user = $user && $user->isLoggedIn() ? $user->getUser() : false; $this->crypt = $crypt; $this->random = $random; $this->keyManager = $keyManager; @@ -97,7 +98,7 @@ class Recovery { if (!$keyManager->recoveryKeyExists()) { $keyPair = $this->crypt->createKeyPair(); - return $this->keyManager->storeKeyPair($password, $keyPair); + return $this->keyManager->storeKeyPair($this->user->getUID(), $password, $keyPair); } if ($keyManager->checkRecoveryPassword($password)) { @@ -131,4 +132,45 @@ class Recovery { // No idea new way to do this.... } + /** + * @return bool + */ + public function recoveryEnabledForUser() { + $recoveryMode = $this->config->getUserValue($this->user->getUID(), + 'encryption', + 'recoveryEnabled', + 0); + + return ($recoveryMode === '1'); + } + /** + * @param $enabled + * @return bool + */ + public function setRecoveryForUser($enabled) { + $value = $enabled ? '1' : '0'; + + try { + $this->config->setUserValue($this->user->getUID(), + 'encryption', + 'recoveryEnabled', + $value); + return true; + } catch (PreConditionNotMetException $e) { + return false; + } + } + + /** + * @param $recoveryPassword + */ + public function recoverUsersFiles($recoveryPassword) { + // todo: get system private key here +// $this->keyManager->get + $privateKey = $this->crypt->decryptPrivateKey($encryptedKey, + $recoveryPassword); + + $this->recoverAllFiles('/', $privateKey); + } + } diff --git a/apps/encryption/lib/users/setup.php b/apps/encryption/lib/users/setup.php index 123d6973be..662a4b4b6a 100644 --- a/apps/encryption/lib/users/setup.php +++ b/apps/encryption/lib/users/setup.php @@ -39,24 +39,24 @@ class Setup extends \OCA\Encryption\Setup { } /** - * @param $password + * @param $uid userid + * @param $password user password * @return bool */ - public function setupUser($password) { - if ($this->keyManager->ready()) { - $this->logger->debug('Encryption Library: User Account ' . $this->user->getUID() . ' Is not ready for encryption; configuration started'); - return $this->setupServerSide($password); - } + public function setupUser($uid, $password) { + return $this->setupServerSide($uid, $password); } /** - * @param $password + * @param $uid userid + * @param $password user password * @return bool */ - private function setupServerSide($password) { + public function setupServerSide($uid, $password) { // Check if user already has keys - if (!$this->keyManager->userHasKeys($this->user->getUID())) { - return $this->keyManager->storeKeyPair($password, $this->crypt->createKeyPair()); + if (!$this->keyManager->userHasKeys($uid)) { + return $this->keyManager->storeKeyPair($uid, $password, + $this->crypt->createKeyPair()); } return true; } diff --git a/apps/encryption/lib/util.php b/apps/encryption/lib/util.php new file mode 100644 index 0000000000..5cc658a313 --- /dev/null +++ b/apps/encryption/lib/util.php @@ -0,0 +1,394 @@ + + * @since 3/17/15, 10:31 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + + +namespace OCA\Encryption; + + +use OC\Files\Filesystem; +use OC\Files\View; +use OCA\Encryption\Crypto\Crypt; +use OCA\Files_Versions\Storage; +use OCP\App; +use OCP\IConfig; +use OCP\ILogger; +use OCP\IUser; +use OCP\IUserSession; +use OCP\PreConditionNotMetException; +use OCP\Share; + +class Util { + /** + * @var View + */ + private $files; + /** + * @var Filesystem + */ + private $filesystem; + /** + * @var Crypt + */ + private $crypt; + /** + * @var KeyManager + */ + private $keyManager; + /** + * @var ILogger + */ + private $logger; + /** + * @var bool|IUser + */ + private $user; + /** + * @var IConfig + */ + private $config; + + /** + * Util constructor. + * + * @param View $files + * @param Filesystem $filesystem + * @param Crypt $crypt + * @param KeyManager $keyManager + * @param ILogger $logger + * @param IUserSession $userSession + * @param IConfig $config + */ + public function __construct( + View $files, + Filesystem $filesystem, + Crypt $crypt, + KeyManager $keyManager, + ILogger $logger, + IUserSession $userSession, + IConfig $config + ) { + $this->files = $files; + $this->filesystem = $filesystem; + $this->crypt = $crypt; + $this->keyManager = $keyManager; + $this->logger = $logger; + $this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser() : false; + $this->config = $config; + } + + /** + * @param $dirPath + * @param bool $found + * @return array|bool + */ + private function findEncryptedFiles($dirPath, &$found = false) { + + if ($found === false) { + $found = [ + 'plain' => [], + 'encrypted' => [], + 'broken' => [], + ]; + } + + if ($this->files->is_dir($dirPath) && $handle = $this->files->opendir($dirPath)) { + if (is_resource($handle)) { + while (($file = readdir($handle) !== false)) { + if ($file !== '.' && $file !== '..') { + + // Skip stray part files + if ($this->isPartialFilePath($file)) { + continue; + } + + $filePath = $dirPath . '/' . $this->files->getRelativePath('/' . $file); + $relPath = $this->stripUserFilesPath($filePath); + + // If the path is a directory, search its contents + if ($this->files->is_dir($filePath)) { + // Recurse back + $this->findEncryptedFiles($filePath); + + /* + * If the path is a file, + * determine where they got re-enabled :/ + */ + } elseif ($this->files->is_file($filePath)) { + $isEncryptedPath = $this->isEncryptedPath($filePath); + + /** + * If the file is encrypted + * + * @note: if the userId is + * empty or not set, file will + * be detected as plain + * @note: this is inefficient; + * scanning every file like this + * will eat server resources :( + * fixMe: xxx find better way + */ + if ($isEncryptedPath) { + $fileKey = $this->keyManager->getFileKey($relPath); + $shareKey = $this->keyManager->getShareKey($relPath); + // If file is encrypted but now file key is available, throw exception + if (!$fileKey || !$shareKey) { + $this->logger->error('Encryption library, no keys avilable to decrypt the file: ' . $file); + $found['broken'][] = [ + 'name' => $file, + 'path' => $filePath, + ]; + } else { + $found['encrypted'][] = [ + 'name' => $file, + 'path' => $filePath + ]; + } + } else { + $found['plain'][] = [ + 'name' => $file, + 'path' => $filePath + ]; + } + } + } + + } + } + } + + return $found; + } + + /** + * @param $path + * @return bool + */ + private function isPartialFilePath($path) { + $extension = pathinfo($path, PATHINFO_EXTENSION); + + if ($extension === 'part') { + return true; + } + return false; + } + + /** + * @param $filePath + * @return bool|string + */ + private function stripUserFilesPath($filePath) { + $split = $this->splitPath($filePath); + + // It is not a file relative to data/user/files + if (count($split) < 4 || $split[2] !== 'files') { + return false; + } + + $sliced = array_slice($split, 3); + + return implode('/', $sliced); + + } + + /** + * @param $filePath + * @return array + */ + private function splitPath($filePath) { + $normalized = $this->filesystem->normalizePath($filePath); + + return explode('/', $normalized); + } + + /** + * @param $filePath + * @return bool + */ + private function isEncryptedPath($filePath) { + $data = ''; + + // We only need 24 bytes from the last chunck + if ($this->files->file_exists($filePath)) { + $handle = $this->files->fopen($filePath, 'r'); + if (is_resource($handle)) { + // Suppress fseek warning, we handle the case that fseek + // doesn't work in the else branch + if (@fseek($handle, -24, SEEK_END) === 0) { + $data = fgets($handle); + } else { + // if fseek failed on the storage we create a local copy + // from the file and read this one + fclose($handle); + $localFile = $this->files->getLocalFile($filePath); + $handle = fopen($localFile, 'r'); + + if (is_resource($handle) && fseek($handle, + -24, + SEEK_END) === 0 + ) { + $data = fgets($handle); + } + } + fclose($handle); + return $this->crypt->isCatfileContent($data); + } + } + } + + /** + * @return bool + */ + public function recoveryEnabledForUser() { + $recoveryMode = $this->config->getUserValue($this->user->getUID(), + 'encryption', + 'recoveryEnabled', + 0); + + return ($recoveryMode === '1'); + } + + /** + * @param $enabled + * @return bool + */ + public function setRecoveryForUser($enabled) { + $value = $enabled ? '1' : '0'; + + try { + $this->config->setUserValue($this->user->getUID(), + 'encryption', + 'recoveryEnabled', + $value); + return true; + } catch (PreConditionNotMetException $e) { + return false; + } + } + + /** + * @param $recoveryPassword + */ + public function recoverUsersFiles($recoveryPassword) { + // todo: get system private key here +// $this->keyManager->get + $privateKey = $this->crypt->decryptPrivateKey($encryptedKey, + $recoveryPassword); + + $this->recoverAllFiles('/', $privateKey); + } + + /** + * @param string $uid + * @return bool + */ + public function userHasFiles($uid) { + return $this->files->file_exists($uid . '/files'); + } + + /** + * @param $path + * @param $privateKey + */ + private function recoverAllFiles($path, $privateKey) { + // Todo relocate to storage + $dirContent = $this->files->getDirectoryContent($path); + + foreach ($dirContent as $item) { + // Get relative path from encryption/keyfiles + $filePath = substr($item['path'], strlen('encryption/keys')); + if ($this->files->is_dir($this->user->getUID() . '/files' . '/' . $filePath)) { + $this->recoverAllFiles($filePath . '/', $privateKey); + } else { + $this->recoverFile($filePath, $privateKey); + } + } + + } + + /** + * @param $filePath + * @param $privateKey + */ + private function recoverFile($filePath, $privateKey) { + $sharingEnabled = Share::isEnabled(); + + // Find out who, if anyone, is sharing the file + if ($sharingEnabled) { + $result = Share::getUsersSharingFile($filePath, + $this->user->getUID(), + true); + $userIds = $result['users']; + $userIds[] = 'public'; + } else { + $userIds = [ + $this->user->getUID(), + $this->recoveryKeyId + ]; + } + $filteredUids = $this->filterShareReadyUsers($userIds); + + // Decrypt file key + $encKeyFile = $this->keyManager->getFileKey($filePath); + $shareKey = $this->keyManager->getShareKey($filePath); + $plainKeyFile = $this->crypt->multiKeyDecrypt($encKeyFile, + $shareKey, + $privateKey); + + // Encrypt the file key again to all users, this time with the new publick keyt for the recovered user + $userPublicKeys = $this->keyManager->getPublicKeys($filteredUids['ready']); + $multiEncryptionKey = $this->crypt->multiKeyEncrypt($plainKeyFile, + $userPublicKeys); + + $this->keyManager->setFileKeys($multiEncryptionKey['data']); + $this->keyManager->setShareKeys($multiEncryptionKey['keys']); + } + + /** + * @param $userIds + * @return array + */ + private function filterShareReadyUsers($userIds) { + // This array will collect the filtered IDs + $readyIds = $unreadyIds = []; + + // Loop though users and create array of UIDs that need new keyfiles + foreach ($userIds as $user) { + // Check that the user is encryption capable, or is the + // public system user (for public shares) + if ($this->isUserReady($user)) { + // construct array of ready UIDs for keymanager + $readyIds[] = $user; + } else { + // Construct array of unready UIDs for keymanager + $unreadyIds[] = $user; + + // Log warning; we cant do necessary setup here + // because we don't have the user passphrase + $this->logger->warning('Encryption Library ' . $this->user->getUID() . ' is not setup for encryption'); + } + } + return [ + 'ready' => $readyIds, + 'unready' => $unreadyIds + ]; + } + +} diff --git a/apps/encryption/settings/settings-admin.php b/apps/encryption/settings/settings-admin.php index 0f5d56a373..d3acdfe2ba 100644 --- a/apps/encryption/settings/settings-admin.php +++ b/apps/encryption/settings/settings-admin.php @@ -6,17 +6,17 @@ * See the COPYING-README file. */ +use OCA\Encryption\KeyManager; + \OC_Util::checkAdminUser(); $tmpl = new OCP\Template('files_encryption', 'settings-admin'); // Check if an adminRecovery account is enabled for recovering files after lost pwd -$recoveryAdminEnabled = \OC::$server->getAppConfig()->getValue('files_encryption', 'recoveryAdminEnabled', '0'); -$session = new \OCA\Files_Encryption\Session(new \OC\Files\View('/')); -$initStatus = $session->getInitialized(); +$recoveryAdminEnabled = \OC::$server->getConfig()->getAppValue('encryption', 'recoveryAdminEnabled', '0'); $tmpl->assign('recoveryEnabled', $recoveryAdminEnabled); -$tmpl->assign('initStatus', $initStatus); +$tmpl->assign('initStatus', KeyManager::$cacheFactory->get('initStatus')); \OCP\Util::addscript('files_encryption', 'settings-admin'); \OCP\Util::addscript('core', 'multiselect'); diff --git a/apps/encryption/tests/lib/KeyManagerTest.php b/apps/encryption/tests/lib/KeyManagerTest.php index 260e69a73b..01c5e1d2d0 100644 --- a/apps/encryption/tests/lib/KeyManagerTest.php +++ b/apps/encryption/tests/lib/KeyManagerTest.php @@ -27,33 +27,42 @@ class KeyManagerTest extends TestCase { */ private $dummyKeys; + /** + * + */ public function setUp() { parent::setUp(); - $keyStorageMock = $this->getMock('OCP\Encryption\IKeyStorage'); - $cryptMock = $this->getMockBuilder('OCA\Encryption\Crypt') + $keyStorageMock = $this->getMock('OCP\Encryption\Keys\IStorage'); + $keyStorageMock->method('getUserKey') + ->will($this->returnValue(false)); + $keyStorageMock->method('setUserKey') + ->will($this->returnValue(true)); + $cryptMock = $this->getMockBuilder('OCA\Encryption\Crypto\Crypt') ->disableOriginalConstructor() ->getMock(); $configMock = $this->getMock('OCP\IConfig'); - $userMock = $this->getMock('OCP\IUser'); - $userMock->expects($this->once()) + $userMock = $this->getMock('OCP\IUserSession'); + $userMock ->method('getUID') ->will($this->returnValue('admin')); + $cacheMock = $this->getMock('OCP\ICacheFactory'); + $logMock = $this->getMock('OCP\ILogger'); $this->userId = 'admin'; - $this->instance = new KeyManager($keyStorageMock, $cryptMock, $configMock, $userMock); + $this->instance = new KeyManager($keyStorageMock, $cryptMock, $configMock, $userMock, $cacheMock, $logMock); $this->dummyKeys = ['public' => 'randomweakpublickeyhere', 'private' => 'randomweakprivatekeyhere']; } /** - * @expectedException OC\Encryption\Exceptions\PrivateKeyMissingException + * @expectedException \OC\Encryption\Exceptions\PrivateKeyMissingException */ public function testGetPrivateKey() { $this->assertFalse($this->instance->getPrivateKey($this->userId)); } /** - * @expectedException OC\Encryption\Exceptions\PublicKeyMissingException + * @expectedException \OC\Encryption\Exceptions\PublicKeyMissingException */ public function testGetPublicKey() { $this->assertFalse($this->instance->getPublicKey($this->userId)); @@ -73,18 +82,34 @@ class KeyManagerTest extends TestCase { $this->assertFalse($this->instance->checkRecoveryPassword('pass')); } + /** + * + */ public function testSetPublicKey() { $this->assertTrue($this->instance->setPublicKey($this->userId, $this->dummyKeys['public'])); } + /** + * + */ public function testSetPrivateKey() { $this->assertTrue($this->instance->setPrivateKey($this->userId, $this->dummyKeys['private'])); } + /** + * + */ public function testUserHasKeys() { $this->assertFalse($this->instance->userHasKeys($this->userId)); } + /** + * + */ + public function testInit() { + $this->assertFalse($this->instance->init($this->userId, 'pass')); + } + } diff --git a/apps/encryption/tests/lib/MigratorTest.php b/apps/encryption/tests/lib/MigratorTest.php index a9d57b3420..0d30b9865b 100644 --- a/apps/encryption/tests/lib/MigratorTest.php +++ b/apps/encryption/tests/lib/MigratorTest.php @@ -51,8 +51,7 @@ class MigratorTest extends TestCase { parent::setUp(); $cryptMock = $this->getMockBuilder('OCA\Encryption\Crypto\Crypt')->disableOriginalConstructor()->getMock(); - $this->instance = new Migrator($this->getMock('OCP\IUser'), - $this->getMock('OCP\IConfig'), + $this->instance = new Migrator($this->getMock('OCP\IConfig'), $this->getMock('OCP\IUserManager'), $this->getMock('OCP\ILogger'), $cryptMock); diff --git a/apps/files_encryption/lib/hooks.php b/apps/files_encryption/lib/hooks.php index 536e512bdb..4a29ffaaed 100644 --- a/apps/files_encryption/lib/hooks.php +++ b/apps/files_encryption/lib/hooks.php @@ -34,7 +34,233 @@ class Hooks { // file for which we want to delete the keys after the delete operation was successful private static $unmountedFiles = array(); + /** + * Startup encryption backend upon user login + * @note This method should never be called for users using client side encryption + */ + public static function login($params) { + if (\OCP\App::isEnabled('files_encryption') === false) { + return true; + } + + + $l = new \OC_L10N('files_encryption'); + + $view = new \OC\Files\View('/'); + + // ensure filesystem is loaded + if (!\OC\Files\Filesystem::$loaded) { + \OC_Util::setupFS($params['uid']); + } + + $privateKey = Keymanager::getPrivateKey($view, $params['uid']); + + // if no private key exists, check server configuration + if (!$privateKey) { + //check if all requirements are met + if (!Helper::checkRequirements() || !Helper::checkConfiguration()) { + $error_msg = $l->t("Missing requirements."); + $hint = $l->t('Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled.'); + \OC_App::disable('files_encryption'); + \OCP\Util::writeLog('Encryption library', $error_msg . ' ' . $hint, \OCP\Util::ERROR); + \OCP\Template::printErrorPage($error_msg, $hint); + } + } + + $util = new Util($view, $params['uid']); + + // setup user, if user not ready force relogin + if (Helper::setupUser($util, $params['password']) === false) { + return false; + } + + $session = $util->initEncryption($params); + + // Check if first-run file migration has already been performed + $ready = false; + $migrationStatus = $util->getMigrationStatus(); + if ($migrationStatus === Util::MIGRATION_OPEN && $session !== false) { + $ready = $util->beginMigration(); + } elseif ($migrationStatus === Util::MIGRATION_IN_PROGRESS) { + // refuse login as long as the initial encryption is running + sleep(5); + \OCP\User::logout(); + return false; + } + + $result = true; + + // If migration not yet done + if ($ready) { + + // Encrypt existing user files + try { + $result = $util->encryptAll('/' . $params['uid'] . '/' . 'files'); + } catch (\Exception $ex) { + \OCP\Util::writeLog('Encryption library', 'Initial encryption failed! Error: ' . $ex->getMessage(), \OCP\Util::FATAL); + $result = false; + } + + if ($result) { + \OC_Log::write( + 'Encryption library', 'Encryption of existing files belonging to "' . $params['uid'] . '" completed' + , \OC_Log::INFO + ); + // Register successful migration in DB + $util->finishMigration(); + } else { + \OCP\Util::writeLog('Encryption library', 'Initial encryption failed!', \OCP\Util::FATAL); + $util->resetMigrationStatus(); + \OCP\User::logout(); + } + } + + return $result; + } + + /** + * remove keys from session during logout + */ + public static function logout() { + $session = new Session(new \OC\Files\View()); + $session->removeKeys(); + } + + /** + * setup encryption backend upon user created + * @note This method should never be called for users using client side encryption + */ + public static function postCreateUser($params) { + + if (\OCP\App::isEnabled('files_encryption')) { + $view = new \OC\Files\View('/'); + $util = new Util($view, $params['uid']); + Helper::setupUser($util, $params['password']); + } + } + + /** + * cleanup encryption backend upon user deleted + * @note This method should never be called for users using client side encryption + */ + public static function postDeleteUser($params) { + + if (\OCP\App::isEnabled('files_encryption')) { + Keymanager::deletePublicKey(new \OC\Files\View(), $params['uid']); + } + } + + /** + * If the password can't be changed within ownCloud, than update the key password in advance. + */ + public static function preSetPassphrase($params) { + if (\OCP\App::isEnabled('files_encryption')) { + if ( ! \OC_User::canUserChangePassword($params['uid']) ) { + self::setPassphrase($params); + } + } + } + + /** + * Change a user's encryption passphrase + * @param array $params keys: uid, password + */ + public static function setPassphrase($params) { + if (\OCP\App::isEnabled('files_encryption') === false) { + return true; + } + + // Only attempt to change passphrase if server-side encryption + // is in use (client-side encryption does not have access to + // the necessary keys) + if (Crypt::mode() === 'server') { + + $view = new \OC\Files\View('/'); + $session = new Session($view); + + // Get existing decrypted private key + $privateKey = $session->getPrivateKey(); + + if ($params['uid'] === \OCP\User::getUser() && $privateKey) { + + // Encrypt private key with new user pwd as passphrase + $encryptedPrivateKey = Crypt::symmetricEncryptFileContent($privateKey, $params['password'], Helper::getCipher()); + + // Save private key + if ($encryptedPrivateKey) { + Keymanager::setPrivateKey($encryptedPrivateKey, \OCP\User::getUser()); + } else { + \OCP\Util::writeLog('files_encryption', 'Could not update users encryption password', \OCP\Util::ERROR); + } + + // NOTE: Session does not need to be updated as the + // private key has not changed, only the passphrase + // used to decrypt it has changed + + + } else { // admin changed the password for a different user, create new keys and reencrypt file keys + + $user = $params['uid']; + $util = new Util($view, $user); + $recoveryPassword = isset($params['recoveryPassword']) ? $params['recoveryPassword'] : null; + + // we generate new keys if... + // ...we have a recovery password and the user enabled the recovery key + // ...encryption was activated for the first time (no keys exists) + // ...the user doesn't have any files + if (($util->recoveryEnabledForUser() && $recoveryPassword) + || !$util->userKeysExists() + || !$view->file_exists($user . '/files')) { + + // backup old keys + $util->backupAllKeys('recovery'); + + $newUserPassword = $params['password']; + + // make sure that the users home is mounted + \OC\Files\Filesystem::initMountPoints($user); + + $keypair = Crypt::createKeypair(); + + // Disable encryption proxy to prevent recursive calls + $proxyStatus = \OC_FileProxy::$enabled; + \OC_FileProxy::$enabled = false; + + // Save public key + Keymanager::setPublicKey($keypair['publicKey'], $user); + + // Encrypt private key with new password + $encryptedKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], $newUserPassword, Helper::getCipher()); + if ($encryptedKey) { + Keymanager::setPrivateKey($encryptedKey, $user); + + if ($recoveryPassword) { // if recovery key is set we can re-encrypt the key files + $util = new Util($view, $user); + $util->recoverUsersFiles($recoveryPassword); + } + } else { + \OCP\Util::writeLog('files_encryption', 'Could not update users encryption password', \OCP\Util::ERROR); + } + + \OC_FileProxy::$enabled = $proxyStatus; + } + } + } + } + + /** + * after password reset we create a new key pair for the user + * + * @param array $params + */ + public static function postPasswordReset($params) { + $uid = $params['uid']; + $password = $params['password']; + + $util = new Util(new \OC\Files\View(), $uid); + $util->replaceUserKeys($password); + } /* * check if files can be encrypted to every user. diff --git a/lib/private/server.php b/lib/private/server.php index 8c5169f229..6a2e45aa59 100644 --- a/lib/private/server.php +++ b/lib/private/server.php @@ -702,7 +702,7 @@ class Server extends SimpleContainer implements IServerContainer { * * @return \OCP\Security\ISecureRandom */ - function getSecureRandom() { +function getSecureRandom() { return $this->query('SecureRandom'); } From 810ca9105ca7b25c98d7bc265dfb4c8e37b9b8e8 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 26 Mar 2015 09:24:28 +0100 Subject: [PATCH 007/119] implement rename and delete of encryption keys --- lib/private/encryption/keys/storage.php | 34 +++++++++++++++++++ .../files/storage/wrapper/encryption.php | 1 + 2 files changed, 35 insertions(+) diff --git a/lib/private/encryption/keys/storage.php b/lib/private/encryption/keys/storage.php index 8f1822ca49..c8afcbbd21 100644 --- a/lib/private/encryption/keys/storage.php +++ b/lib/private/encryption/keys/storage.php @@ -161,6 +161,17 @@ class Storage implements \OCP\Encryption\Keys\IStorage { return $this->view->unlink($keyDir . $keyId); } + /** + * delete all file keys for a given file + * + * @param string $path to the file + * @return boolean + */ + public function deleteAllFileKeys($path) { + $keyDir = $this->getFileKeyDir($path); + return $this->view->deleteAll(dirname($keyDir)); + } + /** * delete system-wide encryption keys not related to a specific user, * e.g something like a key for public link shares @@ -264,6 +275,29 @@ class Storage implements \OCP\Encryption\Keys\IStorage { return \OC\Files\Filesystem::normalizePath($keyPath . $this->encryptionModuleId . '/', false); } + /** + * move keys if a file was renamed + * + * @param string $source + * @param string $target + * @param string $owner + * @param bool $systemWide + */ + public function renameKeys($source, $target, $owner, $systemWide) { + if ($systemWide) { + $sourcePath = $this->keys_base_dir . $source . '/'; + $targetPath = $this->keys_base_dir . $target . '/'; + } else { + $sourcePath = '/' . $owner . $this->keys_base_dir . $source . '/'; + $targetPath = '/' . $owner . $this->keys_base_dir . $target . '/'; + } + + if ($this->view->file_exists($sourcePath)) { + $this->keySetPreparation(dirname($targetPath)); + $this->view->rename($sourcePath, $targetPath); + } + } + /** * Make preparations to filesystem for saving a keyfile * diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php index 0e70c99c8d..2a5b9926f6 100644 --- a/lib/private/files/storage/wrapper/encryption.php +++ b/lib/private/files/storage/wrapper/encryption.php @@ -62,6 +62,7 @@ class Encryption extends Wrapper { $this->mountPoint = $parameters['mountPoint']; $this->encryptionManager = $encryptionManager; + $this->keyStorage = $keyStorage; $this->util = $util; $this->logger = $logger; $this->uid = $uid; From ecb3834554c05c82ea3129299673dca4a0917b30 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 26 Mar 2015 09:32:08 +0100 Subject: [PATCH 008/119] fixing obvious bugs while testing --- apps/encryption/appinfo/encryption.php | 25 ++-- apps/encryption/hooks/userhooks.php | 1 - apps/encryption/lib/crypto/Encryption.php | 129 -------------------- apps/encryption/lib/crypto/encryption.php | 138 ++++++++++++++++++++++ 4 files changed, 149 insertions(+), 144 deletions(-) delete mode 100644 apps/encryption/lib/crypto/Encryption.php create mode 100644 apps/encryption/lib/crypto/encryption.php diff --git a/apps/encryption/appinfo/encryption.php b/apps/encryption/appinfo/encryption.php index 1a4c17eb60..a3ca8ec562 100644 --- a/apps/encryption/appinfo/encryption.php +++ b/apps/encryption/appinfo/encryption.php @@ -64,8 +64,8 @@ class Encryption extends \OCP\AppFramework\App { */ public function boot() { $this->registerServices(); - $this->registerHooks(); $this->registerEncryptionModule(); + $this->registerHooks(); $this->registerSettings(); } @@ -96,7 +96,12 @@ class Encryption extends \OCP\AppFramework\App { * */ public function registerEncryptionModule() { - $this->encryptionManager->registerEncryptionModule(new \OCA\Encryption\Crypto\Encryption()); + $container = $this->getContainer(); + $container->registerService('EncryptionModule', function (IAppContainer $c) { + return new \OCA\Encryption\Crypto\Encryption($c->query('Crypt')); + }); + $module = $container->query('EncryptionModule'); + $this->encryptionManager->registerEncryptionModule($module); } /** @@ -117,7 +122,8 @@ class Encryption extends \OCP\AppFramework\App { function (IAppContainer $c) { $server = $c->getServer(); - return new KeyManager($server->getEncryptionKeyStorage('encryption'), + $moduleId = $c->query('EncryptionModule')->getId(); + return new KeyManager($server->getEncryptionKeyStorage($moduleId), $c->query('Crypt'), $server->getConfig(), $server->getUserSession(), @@ -131,13 +137,14 @@ class Encryption extends \OCP\AppFramework\App { function (IAppContainer $c) { $server = $c->getServer(); + $moduleId = $c->query('EncryptionModule')->getId(); return new Recovery( $server->getUserSession(), $c->query('Crypt'), $server->getSecureRandom(), $c->query('KeyManager'), $server->getConfig(), - $server->getEncryptionKeyStorage('encryption')); + $server->getEncryptionKeyStorage($moduleId)); }); $container->registerService('UserSetup', @@ -149,16 +156,6 @@ class Encryption extends \OCP\AppFramework\App { $c->query('KeyManager')); }); - $container->registerService('Migrator', - function (IAppContainer $c) { - $server = $c->getServer(); - - return new Migrator($server->getConfig(), - $server->getUserManager(), - $server->getLogger(), - $c->query('Crypt')); - }); - $container->registerService('Util', function (IAppContainer $c) { $server = $c->getServer(); diff --git a/apps/encryption/hooks/userhooks.php b/apps/encryption/hooks/userhooks.php index 096fd3beb9..e8c5fb8bfb 100644 --- a/apps/encryption/hooks/userhooks.php +++ b/apps/encryption/hooks/userhooks.php @@ -63,7 +63,6 @@ class UserHooks implements IHook { * @param IUserSession $user * @param OCUtil $ocUtil * @param Util $util - * @internal param Migrator $migrator */ public function __construct( KeyManager $keyManager, ILogger $logger, Setup $userSetup, IUserSession $user, OCUtil $ocUtil, Util $util) { diff --git a/apps/encryption/lib/crypto/Encryption.php b/apps/encryption/lib/crypto/Encryption.php deleted file mode 100644 index b8429d7124..0000000000 --- a/apps/encryption/lib/crypto/Encryption.php +++ /dev/null @@ -1,129 +0,0 @@ - - * @since 3/6/15, 2:28 PM - * @link http:/www.clarkt.com - * @copyright Clark Tomlinson © 2015 - * - */ - -namespace OCA\Encryption\Crypto; - - -use OCP\Encryption\IEncryptionModule; - -class Encryption extends Crypt implements IEncryptionModule { - - /** - * @return string defining the technical unique id - */ - public function getId() { - return md5($this->getDisplayName()); - } - - /** - * In comparison to getKey() this function returns a human readable (maybe translated) name - * - * @return string - */ - public function getDisplayName() { - return 'ownCloud Default Encryption'; - } - - /** - * start receiving chunks from a file. This is the place where you can - * perform some initial step before starting encrypting/decrypting the - * chunks - * - * @param string $path to the file - * @param array $header contains the header data read from the file - * @param array $accessList who has access to the file contains the key 'users' and 'public' - * - * $return array $header contain data as key-value pairs which should be - * written to the header, in case of a write operation - * or if no additional data is needed return a empty array - */ - public function begin($path, $header, $accessList) { - - // TODO: Implement begin() method. - // return additional header information that needs to be written i.e. cypher used - } - - /** - * last chunk received. This is the place where you can perform some final - * operation and return some remaining data if something is left in your - * buffer. - * - * @param string $path to the file - * @return string remained data which should be written to the file in case - * of a write operation - */ - public function end($path) { - // TODO: Implement end() method. - } - - /** - * encrypt data - * - * @param string $data you want to encrypt - * @return mixed encrypted data - */ - public function encrypt($data) { - // Todo: xxx Update Signature and usages - // passphrase is file key decrypted with user private/share key - $this->symmetricEncryptFileContent($data); - } - - /** - * decrypt data - * - * @param string $data you want to decrypt - * @param string $user decrypt as user (null for public access) - * @return mixed decrypted data - */ - public function decrypt($data, $user) { - // Todo: xxx Update Usages? - $this->symmetricDecryptFileContent($data, $user); - } - - /** - * update encrypted file, e.g. give additional users access to the file - * - * @param string $path path to the file which should be updated - * @param array $accessList who has access to the file contains the key 'users' and 'public' - * @return boolean - */ - public function update($path, $accessList) { - // TODO: Implement update() method. - } - - /** - * should the file be encrypted or not - * - * @param string $path - * @return boolean - */ - public function shouldEncrypt($path) { - // TODO: Implement shouldEncrypt() method. - } - - /** - * calculate unencrypted size - * - * @param string $path to file - * @return integer unencrypted size - */ - public function calculateUnencryptedSize($path) { - // TODO: Implement calculateUnencryptedSize() method. - } - - /** - * get size of the unencrypted payload per block. - * ownCloud read/write files with a block size of 8192 byte - * - * @return integer - */ - public function getUnencryptedBlockSize() { - // TODO: Implement getUnencryptedBlockSize() method. - } -} diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php new file mode 100644 index 0000000000..a29575c11e --- /dev/null +++ b/apps/encryption/lib/crypto/encryption.php @@ -0,0 +1,138 @@ + + * @since 3/6/15, 2:28 PM + * @link http:/www.clarkt.com + * @copyright Clark Tomlinson © 2015 + * + */ + +namespace OCA\Encryption\Crypto; + + +use OCP\Encryption\IEncryptionModule; + +class Encryption implements IEncryptionModule { + + /** + * @var Crypt + */ + private $crypt; + + public function __construct(Crypt $crypt) { + $this->crypt = $crypt; + } + + /** + * @return string defining the technical unique id + */ + public function getId() { + // we need to hard code this value + return md5($this->getDisplayName()); + } + + /** + * In comparison to getKey() this function returns a human readable (maybe translated) name + * + * @return string + */ + public function getDisplayName() { + return 'ownCloud Default Encryption'; + } + + /** + * start receiving chunks from a file. This is the place where you can + * perform some initial step before starting encrypting/decrypting the + * chunks + * + * @param string $path to the file + * @param array $header contains the header data read from the file + * @param array $accessList who has access to the file contains the key 'users' and 'public' + * + * $return array $header contain data as key-value pairs which should be + * written to the header, in case of a write operation + * or if no additional data is needed return a empty array + */ + public function begin($path, $header, $accessList) { + + $cipher = $header['']; + } + + /** + * last chunk received. This is the place where you can perform some final + * operation and return some remaining data if something is left in your + * buffer. + * + * @param string $path to the file + * @return string remained data which should be written to the file in case + * of a write operation + */ + public function end($path) { + // TODO: Implement end() method. + } + + /** + * encrypt data + * + * @param string $data you want to encrypt + * @return mixed encrypted data + */ + public function encrypt($data) { + // Todo: xxx Update Signature and usages + // passphrase is file key decrypted with user private/share key + $this->symmetricEncryptFileContent($data); + } + + /** + * decrypt data + * + * @param string $data you want to decrypt + * @param string $user decrypt as user (null for public access) + * @return mixed decrypted data + */ + public function decrypt($data, $user) { + // Todo: xxx Update Usages? + $this->symmetricDecryptFileContent($data, $user); + } + + /** + * update encrypted file, e.g. give additional users access to the file + * + * @param string $path path to the file which should be updated + * @param array $accessList who has access to the file contains the key 'users' and 'public' + * @return boolean + */ + public function update($path, $accessList) { + // TODO: Implement update() method. + } + + /** + * should the file be encrypted or not + * + * @param string $path + * @return boolean + */ + public function shouldEncrypt($path) { + // TODO: Implement shouldEncrypt() method. + } + + /** + * calculate unencrypted size + * + * @param string $path to file + * @return integer unencrypted size + */ + public function calculateUnencryptedSize($path) { + // TODO: Implement calculateUnencryptedSize() method. + } + + /** + * get size of the unencrypted payload per block. + * ownCloud read/write files with a block size of 8192 byte + * + * @return integer + */ + public function getUnencryptedBlockSize() { + // TODO: Implement getUnencryptedBlockSize() method. + } +} From c00e728e5f77722bceaa0bba25a02128039d7127 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 26 Mar 2015 09:58:31 +0100 Subject: [PATCH 009/119] encryption app: remove legacy code, we do only server-side encryption --- apps/encryption/lib/crypto/crypt.php | 8 --- apps/encryption/lib/keymanager.php | 99 ++++++++++++---------------- 2 files changed, 42 insertions(+), 65 deletions(-) diff --git a/apps/encryption/lib/crypto/crypt.php b/apps/encryption/lib/crypto/crypt.php index f9fe4f9bec..9fb93485ef 100644 --- a/apps/encryption/lib/crypto/crypt.php +++ b/apps/encryption/lib/crypto/crypt.php @@ -68,14 +68,6 @@ class Crypt { $this->config = $config; } - /** - * @param null $user - * @return string - */ - public function mode($user = null) { - return 'server'; - } - /** * */ diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index 83b24c79b8..c1c1f9811d 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -239,78 +239,63 @@ class KeyManager { */ public function setPassphrase($params, IUserSession $user, Util $util) { - // Only attempt to change passphrase if server-side encryption - // is in use (client-side encryption does not have access to - // the necessary keys) - if ($this->crypt->mode() === 'server') { + // Get existing decrypted private key + $privateKey = self::$cacheFactory->get('privateKey'); - // Get existing decrypted private key - $privateKey = self::$cacheFactory->get('privateKey'); + if ($params['uid'] === $user->getUser()->getUID() && $privateKey) { - if ($params['uid'] === $user->getUser()->getUID() && $privateKey) { + // Encrypt private key with new user pwd as passphrase + $encryptedPrivateKey = $this->crypt->symmetricEncryptFileContent($privateKey, $params['password']); - // Encrypt private key with new user pwd as passphrase - $encryptedPrivateKey = $this->crypt->symmetricEncryptFileContent($privateKey, - $params['password']); + // Save private key + if ($encryptedPrivateKey) { + $this->setPrivateKey($user->getUser()->getUID(), $encryptedPrivateKey); + } else { + $this->log->error('Encryption could not update users encryption password'); + } - // Save private key - if ($encryptedPrivateKey) { - $this->setPrivateKey($user->getUser()->getUID(), - $encryptedPrivateKey); - } else { - $this->log->error('Encryption could not update users encryption password'); - } + // NOTE: Session does not need to be updated as the + // private key has not changed, only the passphrase + // used to decrypt it has changed + } else { // admin changed the password for a different user, create new keys and reencrypt file keys + $user = $params['uid']; + $recoveryPassword = isset($params['recoveryPassword']) ? $params['recoveryPassword'] : null; - // NOTE: Session does not need to be updated as the - // private key has not changed, only the passphrase - // used to decrypt it has changed + // we generate new keys if... + // ...we have a recovery password and the user enabled the recovery key + // ...encryption was activated for the first time (no keys exists) + // ...the user doesn't have any files + if (($util->recoveryEnabledForUser() && $recoveryPassword) || !$this->userHasKeys($user) || !$util->userHasFiles($user) + ) { + // backup old keys + $this->backupAllKeys('recovery'); - } else { // admin changed the password for a different user, create new keys and reencrypt file keys + $newUserPassword = $params['password']; - $user = $params['uid']; - $recoveryPassword = isset($params['recoveryPassword']) ? $params['recoveryPassword'] : null; + $keypair = $this->crypt->createKeyPair(); - // we generate new keys if... - // ...we have a recovery password and the user enabled the recovery key - // ...encryption was activated for the first time (no keys exists) - // ...the user doesn't have any files - if (($util->recoveryEnabledForUser() && $recoveryPassword) + // Disable encryption proxy to prevent recursive calls + $proxyStatus = \OC_FileProxy::$enabled; + \OC_FileProxy::$enabled = false; - || !$this->userHasKeys($user) - || !$util->userHasFiles($user) - ) { + // Save public key + $this->setPublicKey($user, $keypair['publicKey']); - // backup old keys - $this->backupAllKeys('recovery'); + // Encrypt private key with new password + $encryptedKey = $this->crypt->symmetricEncryptFileContent($keypair['privateKey'], $newUserPassword); - $newUserPassword = $params['password']; + if ($encryptedKey) { + $this->setPrivateKey($user, $encryptedKey); - $keypair = $this->crypt->createKeyPair(); - - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // Save public key - $this->setPublicKey($user, $keypair['publicKey']); - - // Encrypt private key with new password - $encryptedKey = $this->crypt->symmetricEncryptFileContent($keypair['privateKey'], - $newUserPassword); - - if ($encryptedKey) { - $this->setPrivateKey($user, $encryptedKey); - - if ($recoveryPassword) { // if recovery key is set we can re-encrypt the key files - $util->recoverUsersFiles($recoveryPassword); - } - } else { - $this->log->error('Encryption Could not update users encryption password'); + if ($recoveryPassword) { // if recovery key is set we can re-encrypt the key files + $util->recoverUsersFiles($recoveryPassword); } - - \OC_FileProxy::$enabled = $proxyStatus; + } else { + $this->log->error('Encryption Could not update users encryption password'); } + + \OC_FileProxy::$enabled = $proxyStatus; } } } From 7ffd77fac9f0baadbbaac6e0dd7e62de78197b52 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 26 Mar 2015 11:46:32 +0100 Subject: [PATCH 010/119] enable encryption unit test execution --- apps/encryption/tests/lib/MigratorTest.php | 61 ------------------- .../tests/lib/RequirementsCheckerTest.php | 51 ---------------- tests/enable_all.php | 1 + 3 files changed, 1 insertion(+), 112 deletions(-) delete mode 100644 apps/encryption/tests/lib/MigratorTest.php delete mode 100644 apps/encryption/tests/lib/RequirementsCheckerTest.php diff --git a/apps/encryption/tests/lib/MigratorTest.php b/apps/encryption/tests/lib/MigratorTest.php deleted file mode 100644 index 0d30b9865b..0000000000 --- a/apps/encryption/tests/lib/MigratorTest.php +++ /dev/null @@ -1,61 +0,0 @@ - - * @since 3/9/15, 2:56 PM - * @link http:/www.clarkt.com - * @copyright Clark Tomlinson © 2015 - * - */ - -namespace OCA\Encryption\Tests; - - -use OCA\Encryption\Migrator; -use Test\TestCase; - -class MigratorTest extends TestCase { - - /** - * @var Migrator - */ - private $instance; - - /** - * - */ - public function testGetStatus() { - $this->assertFalse($this->instance->getStatus('admin')); - } - - /** - * - */ - public function testBeginMigration() { - $this->assertTrue($this->instance->beginMigration()); - } - - /** - * - */ - public function testSetMigrationStatus() { - $this->assertTrue(\Test_Helper::invokePrivate($this->instance, - 'setMigrationStatus', - ['0', '-1']) - ); - } - - /** - * - */ - protected function setUp() { - parent::setUp(); - - $cryptMock = $this->getMockBuilder('OCA\Encryption\Crypto\Crypt')->disableOriginalConstructor()->getMock(); - $this->instance = new Migrator($this->getMock('OCP\IConfig'), - $this->getMock('OCP\IUserManager'), - $this->getMock('OCP\ILogger'), - $cryptMock); - } - - -} diff --git a/apps/encryption/tests/lib/RequirementsCheckerTest.php b/apps/encryption/tests/lib/RequirementsCheckerTest.php deleted file mode 100644 index 97ddd76b75..0000000000 --- a/apps/encryption/tests/lib/RequirementsCheckerTest.php +++ /dev/null @@ -1,51 +0,0 @@ - - * @since 3/6/15, 10:36 AM - * @link http:/www.clarkt.com - * @copyright Clark Tomlinson © 2015 - * - */ - -namespace OCA\Encryption\Tests; - - -use OCA\Encryption\RequirementsChecker; -use Test\TestCase; - -class RequirementsCheckerTest extends TestCase { - /** - * @var RequirementsChecker - */ - private $instance; - - /** - * - */ - protected function setUp() { - parent::setUp(); - $log = $this->getMock('OCP\ILogger'); - $crypt = $this->getMockBuilder('OCA\Encryption\Crypt') - ->disableOriginalConstructor() - ->getMock(); - $crypt - ->method('getOpenSSLPkey') - ->will($this->returnValue(true)); - $this->instance = new RequirementsChecker($crypt, $log); - } - - /** - * - */ - public function testCanCheckConfigration() { - $this->assertTrue($this->instance->checkConfiguration()); - } - - /** - * - */ - public function testCanCheckRequiredExtensions() { - $this->assertTrue($this->instance->checkExtensions()); - } - -} diff --git a/tests/enable_all.php b/tests/enable_all.php index e9b538713a..61c94e6eff 100644 --- a/tests/enable_all.php +++ b/tests/enable_all.php @@ -19,6 +19,7 @@ function enableApp($app) { enableApp('files_sharing'); enableApp('files_trashbin'); enableApp('files_encryption'); +enableApp('encryption'); enableApp('user_ldap'); enableApp('files_versions'); enableApp('provisioning_api'); From 198b73fe322281a297fd8fcc5e7a10762996ce86 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 26 Mar 2015 12:23:36 +0100 Subject: [PATCH 011/119] write encrypted file to disc --- apps/encryption/appinfo/encryption.php | 9 +- apps/encryption/lib/crypto/crypt.php | 16 +++ apps/encryption/lib/crypto/encryption.php | 144 +++++++++++++++++++--- apps/encryption/lib/keymanager.php | 8 +- 4 files changed, 152 insertions(+), 25 deletions(-) diff --git a/apps/encryption/appinfo/encryption.php b/apps/encryption/appinfo/encryption.php index a3ca8ec562..8be3cae5ad 100644 --- a/apps/encryption/appinfo/encryption.php +++ b/apps/encryption/appinfo/encryption.php @@ -27,7 +27,6 @@ use OCA\Encryption\Crypto\Crypt; use OCA\Encryption\HookManager; use OCA\Encryption\Hooks\UserHooks; use OCA\Encryption\KeyManager; -use OCA\Encryption\Migrator; use OCA\Encryption\Recovery; use OCA\Encryption\Users\Setup; use OCA\Encryption\Util; @@ -98,7 +97,7 @@ class Encryption extends \OCP\AppFramework\App { public function registerEncryptionModule() { $container = $this->getContainer(); $container->registerService('EncryptionModule', function (IAppContainer $c) { - return new \OCA\Encryption\Crypto\Encryption($c->query('Crypt')); + return new \OCA\Encryption\Crypto\Encryption($c->query('Crypt'), $c->query('KeyManager')); }); $module = $container->query('EncryptionModule'); $this->encryptionManager->registerEncryptionModule($module); @@ -122,8 +121,7 @@ class Encryption extends \OCP\AppFramework\App { function (IAppContainer $c) { $server = $c->getServer(); - $moduleId = $c->query('EncryptionModule')->getId(); - return new KeyManager($server->getEncryptionKeyStorage($moduleId), + return new KeyManager($server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID), $c->query('Crypt'), $server->getConfig(), $server->getUserSession(), @@ -137,14 +135,13 @@ class Encryption extends \OCP\AppFramework\App { function (IAppContainer $c) { $server = $c->getServer(); - $moduleId = $c->query('EncryptionModule')->getId(); return new Recovery( $server->getUserSession(), $c->query('Crypt'), $server->getSecureRandom(), $c->query('KeyManager'), $server->getConfig(), - $server->getEncryptionKeyStorage($moduleId)); + $server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID)); }); $container->registerService('UserSetup', diff --git a/apps/encryption/lib/crypto/crypt.php b/apps/encryption/lib/crypto/crypt.php index 9fb93485ef..c9f02bfa1c 100644 --- a/apps/encryption/lib/crypto/crypt.php +++ b/apps/encryption/lib/crypto/crypt.php @@ -25,6 +25,7 @@ namespace OCA\Encryption\Crypto; use OC\Encryption\Exceptions\DecryptionFailedException; use OC\Encryption\Exceptions\EncryptionFailedException; use OC\Encryption\Exceptions\GenericEncryptionException; +use OCA\Encryption\KeyManager; use OCA\Files_Encryption\Exception\MultiKeyDecryptException; use OCA\Files_Encryption\Exception\MultiKeyEncryptException; use OCP\IConfig; @@ -379,6 +380,21 @@ class Crypt { throw new GenericEncryptionException('Generating IV Failed'); } + /** + * Generate a pseudo random 256-bit ASCII key, used as file key + * @return string + */ + public static function generateFileKey() { + // Generate key + $key = base64_encode(openssl_random_pseudo_bytes(32, $strong)); + if (!$key || !$strong) { + // If OpenSSL indicates randomness is insecure, log error + throw new \Exception('Encryption library, Insecure symmetric key was generated using openssl_random_pseudo_bytes()'); + } + + return $key; + } + /** * Check if a file's contents contains an IV and is symmetrically encrypted * diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index a29575c11e..66cb1dc434 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -11,24 +11,51 @@ namespace OCA\Encryption\Crypto; use OCP\Encryption\IEncryptionModule; +use OCA\Encryption\KeyManager; class Encryption implements IEncryptionModule { + const ID = '42'; + /** * @var Crypt */ private $crypt; - public function __construct(Crypt $crypt) { + /** @var string */ + private $cipher; + + /** @var string */ + private $path; + + /** @var string */ + private $user; + + /** @var string */ + private $fileKey; + + /** @var string */ + private $writeCache; + + /** @var KeyManager */ + private $keymanager; + + /** @var array */ + private $accessList; + + /** @var boolean */ + private $isWriteOperation; + + public function __construct(Crypt $crypt, KeyManager $keymanager) { $this->crypt = $crypt; + $this->keymanager = $keymanager; } /** * @return string defining the technical unique id */ public function getId() { - // we need to hard code this value - return md5($this->getDisplayName()); + return self::ID; } /** @@ -46,6 +73,7 @@ class Encryption implements IEncryptionModule { * chunks * * @param string $path to the file + * @param string $user who read/write the file * @param array $header contains the header data read from the file * @param array $accessList who has access to the file contains the key 'users' and 'public' * @@ -53,9 +81,23 @@ class Encryption implements IEncryptionModule { * written to the header, in case of a write operation * or if no additional data is needed return a empty array */ - public function begin($path, $header, $accessList) { + public function begin($path, $user, $header, $accessList) { - $cipher = $header['']; + if (isset($header['cipher'])) { + $this->cipher = $header['cipher']; + } else { + $this->cipher = $this->crypt->getCipher(); + } + + $this->path = $path; + $this->accessList = $accessList; + $this->user = $user; + $this->writeCache = ''; + $this->isWriteOperation = false; + + $this->fileKey = $this->keymanager->getFileKey($path); + + return array('cipher' => $this->cipher); } /** @@ -68,7 +110,20 @@ class Encryption implements IEncryptionModule { * of a write operation */ public function end($path) { - // TODO: Implement end() method. + $result = ''; + if ($this->isWriteOperation) { + if (!empty($this->writeCache)) { + $result = $this->crypt->symmetricEncryptFileContent($this->writeCache, $this->fileKey); + $this->writeCache = ''; + } + $publicKeys = array(); + foreach ($this->accessList['users'] as $user) { + $publicKeys[] = $this->keymanager->getPublicKey($user); + } + + $result = $this->crypt->multiKeyEncrypt($this->fileKey, $publicKeys); + } + return $result; } /** @@ -78,21 +133,80 @@ class Encryption implements IEncryptionModule { * @return mixed encrypted data */ public function encrypt($data) { - // Todo: xxx Update Signature and usages - // passphrase is file key decrypted with user private/share key - $this->symmetricEncryptFileContent($data); + $this->isWriteOperation = true; + if (empty($this->fileKey)) { + $this->fileKey = $this->crypt->generateFileKey(); + } + + // If extra data is left over from the last round, make sure it + // is integrated into the next 6126 / 8192 block + if ($this->writeCache) { + + // Concat writeCache to start of $data + $data = $this->writeCache . $data; + + // Clear the write cache, ready for reuse - it has been + // flushed and its old contents processed + $this->writeCache = ''; + + } + + $encrypted = ''; + // While there still remains some data to be processed & written + while (strlen($data) > 0) { + + // Remaining length for this iteration, not of the + // entire file (may be greater than 8192 bytes) + $remainingLength = strlen($data); + + // If data remaining to be written is less than the + // size of 1 6126 byte block + if ($remainingLength < 6126) { + + // Set writeCache to contents of $data + // The writeCache will be carried over to the + // next write round, and added to the start of + // $data to ensure that written blocks are + // always the correct length. If there is still + // data in writeCache after the writing round + // has finished, then the data will be written + // to disk by $this->flush(). + $this->writeCache = $data; + + // Clear $data ready for next round + $data = ''; + + } else { + + // Read the chunk from the start of $data + $chunk = substr($data, 0, 6126); + + $encrypted .= $this->crypt->symmetricEncryptFileContent($chunk, $this->fileKey); + + // Remove the chunk we just processed from + // $data, leaving only unprocessed data in $data + // var, for handling on the next round + $data = substr($data, 6126); + + } + + } + + return $encrypted; } /** * decrypt data * * @param string $data you want to decrypt - * @param string $user decrypt as user (null for public access) * @return mixed decrypted data */ - public function decrypt($data, $user) { - // Todo: xxx Update Usages? - $this->symmetricDecryptFileContent($data, $user); + public function decrypt($data) { + $result = ''; + if (!empty($data)) { + $result = $this->crypt->symmetricDecryptFileContent($data, $this->fileKey); + } + return $result; } /** @@ -113,7 +227,7 @@ class Encryption implements IEncryptionModule { * @return boolean */ public function shouldEncrypt($path) { - // TODO: Implement shouldEncrypt() method. + return true; } /** @@ -133,6 +247,6 @@ class Encryption implements IEncryptionModule { * @return integer */ public function getUnencryptedBlockSize() { - // TODO: Implement getUnencryptedBlockSize() method. + return 6126; } } diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index c1c1f9811d..120254defd 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -62,21 +62,21 @@ class KeyManager { /** * @var string */ - private $publicKeyId = 'public'; + private $publicKeyId = 'publicKey'; /** * @var string */ - private $privateKeyId = 'private'; + private $privateKeyId = 'privateKey'; /** * @var string */ - private $shareKeyId = 'sharekey'; + private $shareKeyId = 'shareKey'; /** * @var string */ - private $fileKeyId = 'filekey'; + private $fileKeyId = 'fileKey'; /** * @var IConfig */ From cb9980823d62ab1ed843779bcac65152ed5379fe Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 26 Mar 2015 12:24:02 +0100 Subject: [PATCH 012/119] core: small fixes --- lib/private/files/storage/wrapper/encryption.php | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php index 2a5b9926f6..0e70c99c8d 100644 --- a/lib/private/files/storage/wrapper/encryption.php +++ b/lib/private/files/storage/wrapper/encryption.php @@ -62,7 +62,6 @@ class Encryption extends Wrapper { $this->mountPoint = $parameters['mountPoint']; $this->encryptionManager = $encryptionManager; - $this->keyStorage = $keyStorage; $this->util = $util; $this->logger = $logger; $this->uid = $uid; From 6c9251d9f8bd105ed5e3a99e124f0bab997fb477 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 26 Mar 2015 13:37:14 +0100 Subject: [PATCH 013/119] make sure that all file keys are written to the key storage --- apps/encryption/lib/crypto/encryption.php | 11 ++++++++--- apps/encryption/lib/keymanager.php | 24 +++++++++++++++++++++++ 2 files changed, 32 insertions(+), 3 deletions(-) diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index 66cb1dc434..516d7b1304 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -117,11 +117,16 @@ class Encryption implements IEncryptionModule { $this->writeCache = ''; } $publicKeys = array(); - foreach ($this->accessList['users'] as $user) { - $publicKeys[] = $this->keymanager->getPublicKey($user); + foreach ($this->accessList['users'] as $uid) { + $publicKeys[$uid] = $this->keymanager->getPublicKey($uid); } - $result = $this->crypt->multiKeyEncrypt($this->fileKey, $publicKeys); + $encryptedKeyfiles = $this->crypt->multiKeyEncrypt($this->fileKey, $publicKeys); + + $this->keymanager->setFileKey($path, $encryptedKeyfiles['data']); + foreach ($encryptedKeyfiles['keys'] as $uid => $keyFile) { + $this->keymanager->setShareKey($path, $uid, $keyFile); + } } return $result; } diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index 120254defd..59f904ecf1 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -173,6 +173,30 @@ class KeyManager { $key); } + /** + * write file key to key storage + * + * @param string $path + * @param string $key + * @return boolean + */ + public function setFileKey($path, $key) { + return $this->keyStorage->setFileKey($path, $this->fileKeyId, $key); + } + + /** + * write share key to the key storage + * + * @param string $path + * @param string $uid + * @param string $key + * @return boolean + */ + public function setShareKey($path, $uid, $key) { + $keyId = $uid . '.' . $this->shareKeyId; + return $this->keyStorage->setFileKey($path, $keyId, $key); + } + /** * Decrypt private key and store it * From 2244ea998da0b49ef76144979f4bce02393eac89 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 26 Mar 2015 13:37:34 +0100 Subject: [PATCH 014/119] core: documentation fixes --- lib/private/encryption/keys/storage.php | 2 +- lib/public/encryption/keys/istorage.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/private/encryption/keys/storage.php b/lib/private/encryption/keys/storage.php index c8afcbbd21..041db2a2cb 100644 --- a/lib/private/encryption/keys/storage.php +++ b/lib/private/encryption/keys/storage.php @@ -114,7 +114,7 @@ class Storage implements \OCP\Encryption\Keys\IStorage { * * @param string $path path to file * @param string $keyId id of the key - * @param mixed $key + * @param boolean */ public function setFileKey($path, $keyId, $key) { $keyDir = $this->getFileKeyDir($path); diff --git a/lib/public/encryption/keys/istorage.php b/lib/public/encryption/keys/istorage.php index 3a2562102c..426057b80d 100644 --- a/lib/public/encryption/keys/istorage.php +++ b/lib/public/encryption/keys/istorage.php @@ -69,7 +69,7 @@ interface IStorage { * * @param string $path path to file * @param string $keyId id of the key - * @param mixed $key + * @param boolean */ public function setFileKey($path, $keyId, $key); From 2e00acda079644ce4eb61b8a3812b095df8d05e3 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 26 Mar 2015 14:13:39 +0100 Subject: [PATCH 015/119] read encrypted files --- apps/encryption/appinfo/encryption.php | 1 + apps/encryption/lib/crypto/encryption.php | 2 +- apps/encryption/lib/keymanager.php | 38 ++++++++++++++++++----- 3 files changed, 33 insertions(+), 8 deletions(-) diff --git a/apps/encryption/appinfo/encryption.php b/apps/encryption/appinfo/encryption.php index 8be3cae5ad..d57f1b0b7b 100644 --- a/apps/encryption/appinfo/encryption.php +++ b/apps/encryption/appinfo/encryption.php @@ -125,6 +125,7 @@ class Encryption extends \OCP\AppFramework\App { $c->query('Crypt'), $server->getConfig(), $server->getUserSession(), + $server->getSession(), $server->getMemCacheFactory(), $server->getLogger() ); diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index 516d7b1304..43d3b84268 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -95,7 +95,7 @@ class Encryption implements IEncryptionModule { $this->writeCache = ''; $this->isWriteOperation = false; - $this->fileKey = $this->keymanager->getFileKey($path); + $this->fileKey = $this->keymanager->getFileKey($path, $this->user); return array('cipher' => $this->cipher); } diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index 59f904ecf1..4b898217d6 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -32,6 +32,7 @@ use OCP\ICacheFactory; use OCP\IConfig; use OCP\ILogger; use OCP\IUserSession; +use \OCP\ISession; class KeyManager { @@ -86,16 +87,24 @@ class KeyManager { */ private $log; + /** + * @var \OCP\ISession + */ + private $session; + /** * @param IStorage $keyStorage * @param Crypt $crypt * @param IConfig $config - * @param IUserSession $userSession + * @param Session $userSession + * @param \OCP\ISession $session * @param ICacheFactory $cacheFactory * @param ILogger $log */ - public function __construct(IStorage $keyStorage, Crypt $crypt, IConfig $config, IUserSession $userSession, ICacheFactory $cacheFactory, ILogger $log) { + public function __construct(IStorage $keyStorage, Crypt $crypt, IConfig $config, + IUserSession $userSession, ISession $session ,ICacheFactory $cacheFactory, ILogger $log) { + $this->session = $session; $this->keyStorage = $keyStorage; $this->crypt = $crypt; $this->config = $config; @@ -215,6 +224,9 @@ class KeyManager { return false; } + + $this->session->set('privateKey', $privateKey); + $this->session->set('initStatus', true); self::$cacheFactory->set('privateKey', $privateKey); self::$cacheFactory->set('initStatus', true); @@ -239,18 +251,30 @@ class KeyManager { /** * @param $path - * @return mixed + * @param $uid + * @return string */ - public function getFileKey($path) { - return $this->keyStorage->getFileKey($path, $this->fileKeyId); + public function getFileKey($path, $uid) { + $key = ''; + $encryptedFileKey = $this->keyStorage->getFileKey($path, $this->fileKeyId); + $shareKey = $this->getShareKey($path, $uid); + $privateKey = $this->session->get('privateKey'); + + if ($encryptedFileKey && $shareKey && $privateKey) { + $key = $this->crypt->multiKeyDecrypt($encryptedFileKey, $shareKey, $privateKey); + } + + return $key; } /** * @param $path + * @param $uid * @return mixed */ - public function getShareKey($path) { - return $this->keyStorage->getFileKey($path, $this->keyId . $this->shareKeyId); + public function getShareKey($path, $uid) { + $keyId = $uid . '.' . $this->shareKeyId; + return $this->keyStorage->getFileKey($path, $keyId); } /** From d15c2e52b0576e7846a09fd84e0e10f3054623c6 Mon Sep 17 00:00:00 2001 From: Clark Tomlinson Date: Thu, 26 Mar 2015 20:35:36 -0400 Subject: [PATCH 016/119] cleanup and removing cachefactory --- apps/encryption/appinfo/encryption.php | 8 +- apps/encryption/css/settings-personal.css | 10 + apps/encryption/hooks/apphooks.php | 37 ---- apps/encryption/hooks/filesystemhooks.php | 46 ---- apps/encryption/hooks/sharehooks.php | 40 ---- apps/encryption/hooks/userhooks.php | 18 +- apps/encryption/js/detect-migration.js | 33 +++ apps/encryption/js/encryption.js | 16 ++ apps/encryption/js/settings-admin.js | 55 +++++ apps/encryption/js/settings-personal.js | 89 ++++++++ apps/encryption/l10n/.gitkeep | 0 apps/encryption/lib/crypto/encryption.php | 2 +- apps/encryption/lib/keymanager.php | 54 ++--- apps/encryption/lib/util.php | 202 ++---------------- apps/encryption/settings/settings-admin.php | 4 +- .../encryption/settings/settings-personal.php | 12 +- apps/encryption/tests/lib/KeyManagerTest.php | 15 +- 17 files changed, 287 insertions(+), 354 deletions(-) create mode 100644 apps/encryption/css/settings-personal.css delete mode 100644 apps/encryption/hooks/apphooks.php delete mode 100644 apps/encryption/hooks/filesystemhooks.php delete mode 100644 apps/encryption/hooks/sharehooks.php create mode 100644 apps/encryption/js/detect-migration.js create mode 100644 apps/encryption/js/encryption.js create mode 100644 apps/encryption/js/settings-admin.js create mode 100644 apps/encryption/js/settings-personal.js create mode 100644 apps/encryption/l10n/.gitkeep diff --git a/apps/encryption/appinfo/encryption.php b/apps/encryption/appinfo/encryption.php index d57f1b0b7b..a389abe5da 100644 --- a/apps/encryption/appinfo/encryption.php +++ b/apps/encryption/appinfo/encryption.php @@ -80,7 +80,12 @@ class Encryption extends \OCP\AppFramework\App { $hookManager = new HookManager(); $hookManager->registerHook([ - new UserHooks($container->query('KeyManager'), $server->getLogger(), $container->query('UserSetup'), $server->getUserSession(), new \OCP\Util(), $container->query('Util')), + new UserHooks($container->query('KeyManager'), + $server->getLogger(), + $container->query('UserSetup'), + $server->getUserSession(), + new \OCP\Util(), + $container->query('Util'),), ]); $hookManager->fireHooks(); @@ -126,7 +131,6 @@ class Encryption extends \OCP\AppFramework\App { $server->getConfig(), $server->getUserSession(), $server->getSession(), - $server->getMemCacheFactory(), $server->getLogger() ); }); diff --git a/apps/encryption/css/settings-personal.css b/apps/encryption/css/settings-personal.css new file mode 100644 index 0000000000..8eb5bedcb0 --- /dev/null +++ b/apps/encryption/css/settings-personal.css @@ -0,0 +1,10 @@ +/* Copyright (c) 2013, Sam Tuke, + This file is licensed under the Affero General Public License version 3 or later. + See the COPYING-README file. */ + +#encryptAllError +, #encryptAllSuccess +, #recoveryEnabledError +, #recoveryEnabledSuccess { + display: none; +} diff --git a/apps/encryption/hooks/apphooks.php b/apps/encryption/hooks/apphooks.php deleted file mode 100644 index 713e9cadef..0000000000 --- a/apps/encryption/hooks/apphooks.php +++ /dev/null @@ -1,37 +0,0 @@ - - * @since 2/19/15, 10:02 AM - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Encryption\Hooks; - -use OCA\Encryption\Hooks\Contracts\IHook; -use OCP\Util; - -class AppHooks implements IHook { - /** - * Connects Hooks - * - * @return null - */ - public function addHooks() { - Util::connectHook('OC_App', 'pre_disable', 'OCA\Encryption\Hooks', 'preDisable'); - Util::connectHook('OC_App', 'post_disable', 'OCA\Encryption\Hooks', 'postEnable'); - } -} diff --git a/apps/encryption/hooks/filesystemhooks.php b/apps/encryption/hooks/filesystemhooks.php deleted file mode 100644 index fda6b75b29..0000000000 --- a/apps/encryption/hooks/filesystemhooks.php +++ /dev/null @@ -1,46 +0,0 @@ - - * @since 2/19/15, 10:02 AM - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Encryption\Hooks; - - -use OCA\Encryption\Hooks\Contracts\IHook; -use OCP\Util; - -class FileSystemHooks implements IHook { - - /** - * Connects Hooks - * - * @return null - */ - public function addHooks() { - Util::connectHook('OC_Filesystem', 'rename', 'OCA\Encryption\Hooks', 'preRename'); - Util::connectHook('OC_Filesystem', 'post_rename', 'OCA\Encryption\Hooks', 'postRenameOrCopy'); - Util::connectHook('OC_Filesystem', 'copy', 'OCA\Encryption\Hooks', 'preCopy'); - Util::connectHook('OC_Filesystem', 'post_copy', 'OCA\Encryption\Hooks', 'postRenameOrCopy'); - Util::connectHook('OC_Filesystem', 'post_delete', 'OCA\Encryption\Hooks', 'postDelete'); - Util::connectHook('OC_Filesystem', 'delete', 'OCA\Encryption\Hooks', 'preDelete'); - Util::connectHook('\OC\Core\LostPassword\Controller\LostController', 'post_passwordReset', 'OCA\Encryption\Hooks', 'postPasswordReset'); - Util::connectHook('OC_Filesystem', 'post_umount', 'OCA\Encryption\Hooks', 'postUnmount'); - Util::connectHook('OC_Filesystem', 'umount', 'OCA\Encryption\Hooks', 'preUnmount'); - } -} diff --git a/apps/encryption/hooks/sharehooks.php b/apps/encryption/hooks/sharehooks.php deleted file mode 100644 index fc50712b82..0000000000 --- a/apps/encryption/hooks/sharehooks.php +++ /dev/null @@ -1,40 +0,0 @@ - - * @since 2/19/15, 10:02 AM - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Encryption\Hooks; - - -use OCA\Encryption\Hooks\Contracts\IHook; -use OCP\Util; - -class ShareHooks implements IHook { - - /** - * Connects Hooks - * - * @return null - */ - public function addHooks() { - Util::connectHook('OCP\Share', 'pre_shared', 'OCA\Encryption\Hooks', 'preShared'); - Util::connectHook('OCP\Share', 'post_shared', 'OCA\Encryption\Hooks', 'postShared'); - Util::connectHook('OCP\Share', 'post_unshare', 'OCA\Encryption\Hooks', 'postUnshare'); - } -} diff --git a/apps/encryption/hooks/userhooks.php b/apps/encryption/hooks/userhooks.php index e8c5fb8bfb..1629aca0f5 100644 --- a/apps/encryption/hooks/userhooks.php +++ b/apps/encryption/hooks/userhooks.php @@ -22,6 +22,7 @@ namespace OCA\Encryption\Hooks; +use OCP\ISession; use OCP\Util as OCUtil; use OCA\Encryption\Hooks\Contracts\IHook; use OCA\Encryption\KeyManager; @@ -53,6 +54,10 @@ class UserHooks implements IHook { * @var Util */ private $util; + /** + * @var ISession + */ + private $session; /** * UserHooks constructor. @@ -63,15 +68,22 @@ class UserHooks implements IHook { * @param IUserSession $user * @param OCUtil $ocUtil * @param Util $util + * @param ISession $session */ - public function __construct( - KeyManager $keyManager, ILogger $logger, Setup $userSetup, IUserSession $user, OCUtil $ocUtil, Util $util) { + public function __construct(KeyManager $keyManager, + ILogger $logger, + Setup $userSetup, + IUserSession $user, + OCUtil $ocUtil, + Util $util, + ISession $session) { $this->keyManager = $keyManager; $this->logger = $logger; $this->userSetup = $userSetup; $this->user = $user; $this->util = $util; + $this->session = $session; } /** @@ -132,7 +144,7 @@ class UserHooks implements IHook { * remove keys from session during logout */ public function logout() { - KeyManager::$cacheFactory->clear(); + KeyManager::$session->clear(); } /** diff --git a/apps/encryption/js/detect-migration.js b/apps/encryption/js/detect-migration.js new file mode 100644 index 0000000000..f5627edf4e --- /dev/null +++ b/apps/encryption/js/detect-migration.js @@ -0,0 +1,33 @@ +/** + * Copyright (c) 2013 + * Bjoern Schiessle + * This file is licensed under the Affero General Public License version 3 or later. + * See the COPYING-README file. + */ + + +$(document).ready(function(){ + $('form[name="login"]').on('submit', function() { + var user = $('#user').val(); + var password = $('#password').val(); + $.ajax({ + type: 'POST', + url: OC.linkTo('files_encryption', 'ajax/getMigrationStatus.php'), + dataType: 'json', + data: {user: user, password: password}, + async: false, + success: function(response) { + if (response.data.migrationStatus === OC.Encryption.MIGRATION_OPEN) { + var message = t('files_encryption', 'Initial encryption started... This can take some time. Please wait.'); + $('#messageText').text(message); + $('#message').removeClass('hidden').addClass('update'); + } else if (response.data.migrationStatus === OC.Encryption.MIGRATION_IN_PROGRESS) { + var message = t('files_encryption', 'Initial encryption running... Please try again later.'); + $('#messageText').text(message); + $('#message').removeClass('hidden').addClass('update'); + } + } + }); + }); + +}); diff --git a/apps/encryption/js/encryption.js b/apps/encryption/js/encryption.js new file mode 100644 index 0000000000..d2d1c3a1fc --- /dev/null +++ b/apps/encryption/js/encryption.js @@ -0,0 +1,16 @@ +/** + * Copyright (c) 2014 + * Bjoern Schiessle + * This file is licensed under the Affero General Public License version 3 or later. + * See the COPYING-README file. + */ + +/** + * @namespace + * @memberOf OC + */ +OC.Encryption={ + MIGRATION_OPEN:0, + MIGRATION_COMPLETED:1, + MIGRATION_IN_PROGRESS:-1, +}; diff --git a/apps/encryption/js/settings-admin.js b/apps/encryption/js/settings-admin.js new file mode 100644 index 0000000000..2242c1f712 --- /dev/null +++ b/apps/encryption/js/settings-admin.js @@ -0,0 +1,55 @@ +/** + * Copyright (c) 2013 + * Sam Tuke + * Robin Appelman + * Bjoern Schiessle + * This file is licensed under the Affero General Public License version 3 or later. + * See the COPYING-README file. + */ + +$(document).ready(function(){ + + $( 'input:radio[name="adminEnableRecovery"]' ).change( + function() { + var recoveryStatus = $( this ).val(); + var oldStatus = (1+parseInt(recoveryStatus)) % 2; + var recoveryPassword = $( '#encryptionRecoveryPassword' ).val(); + var confirmPassword = $( '#repeatEncryptionRecoveryPassword' ).val(); + OC.msg.startSaving('#encryptionSetRecoveryKey .msg'); + $.post( + OC.filePath( 'files_encryption', 'ajax', 'adminrecovery.php' ) + , { adminEnableRecovery: recoveryStatus, recoveryPassword: recoveryPassword, confirmPassword: confirmPassword } + , function( result ) { + OC.msg.finishedSaving('#encryptionSetRecoveryKey .msg', result); + if (result.status === "error") { + $('input:radio[name="adminEnableRecovery"][value="'+oldStatus.toString()+'"]').attr("checked", "true"); + } else { + if (recoveryStatus === "0") { + $('p[name="changeRecoveryPasswordBlock"]').addClass("hidden"); + } else { + $('input:password[name="changeRecoveryPassword"]').val(""); + $('p[name="changeRecoveryPasswordBlock"]').removeClass("hidden"); + } + } + } + ); + } + ); + + // change recovery password + + $('button:button[name="submitChangeRecoveryKey"]').click(function() { + var oldRecoveryPassword = $('#oldEncryptionRecoveryPassword').val(); + var newRecoveryPassword = $('#newEncryptionRecoveryPassword').val(); + var confirmNewPassword = $('#repeatedNewEncryptionRecoveryPassword').val(); + OC.msg.startSaving('#encryptionChangeRecoveryKey .msg'); + $.post( + OC.filePath( 'files_encryption', 'ajax', 'changeRecoveryPassword.php' ) + , { oldPassword: oldRecoveryPassword, newPassword: newRecoveryPassword, confirmPassword: confirmNewPassword } + , function( data ) { + OC.msg.finishedSaving('#encryptionChangeRecoveryKey .msg', data); + } + ); + }); + +}); diff --git a/apps/encryption/js/settings-personal.js b/apps/encryption/js/settings-personal.js new file mode 100644 index 0000000000..b798ba7e4e --- /dev/null +++ b/apps/encryption/js/settings-personal.js @@ -0,0 +1,89 @@ +/** + * Copyright (c) 2013, Sam Tuke + * This file is licensed under the Affero General Public License version 3 or later. + * See the COPYING-README file. + */ + +function updatePrivateKeyPasswd() { + var oldPrivateKeyPassword = $('input:password[id="oldPrivateKeyPassword"]').val(); + var newPrivateKeyPassword = $('input:password[id="newPrivateKeyPassword"]').val(); + OC.msg.startSaving('#encryption .msg'); + $.post( + OC.filePath( 'files_encryption', 'ajax', 'updatePrivateKeyPassword.php' ) + , { oldPassword: oldPrivateKeyPassword, newPassword: newPrivateKeyPassword } + , function( data ) { + if (data.status === "error") { + OC.msg.finishedSaving('#encryption .msg', data); + } else { + OC.msg.finishedSaving('#encryption .msg', data); + } + } + ); +} + +$(document).ready(function(){ + + // Trigger ajax on recoveryAdmin status change + $( 'input:radio[name="userEnableRecovery"]' ).change( + function() { + var recoveryStatus = $( this ).val(); + OC.msg.startAction('#userEnableRecovery .msg', 'Updating recovery keys. This can take some time...'); + $.post( + OC.filePath( 'files_encryption', 'ajax', 'userrecovery.php' ) + , { userEnableRecovery: recoveryStatus } + , function( data ) { + OC.msg.finishedAction('#userEnableRecovery .msg', data); + } + ); + // Ensure page is not reloaded on form submit + return false; + } + ); + + $("#encryptAll").click( + function(){ + + // Hide feedback messages in case they're already visible + $('#encryptAllSuccess').hide(); + $('#encryptAllError').hide(); + + var userPassword = $( '#userPassword' ).val(); + var encryptAll = $( '#encryptAll' ).val(); + + $.post( + OC.filePath( 'files_encryption', 'ajax', 'encryptall.php' ) + , { encryptAll: encryptAll, userPassword: userPassword } + , function( data ) { + if ( data.status == "success" ) { + $('#encryptAllSuccess').show(); + } else { + $('#encryptAllError').show(); + } + } + ); + // Ensure page is not reloaded on form submit + return false; + } + + ); + + // update private key password + + $('input:password[name="changePrivateKeyPassword"]').keyup(function(event) { + var oldPrivateKeyPassword = $('input:password[id="oldPrivateKeyPassword"]').val(); + var newPrivateKeyPassword = $('input:password[id="newPrivateKeyPassword"]').val(); + if (newPrivateKeyPassword !== '' && oldPrivateKeyPassword !== '' ) { + $('button:button[name="submitChangePrivateKeyPassword"]').removeAttr("disabled"); + if(event.which === 13) { + updatePrivateKeyPasswd(); + } + } else { + $('button:button[name="submitChangePrivateKeyPassword"]').attr("disabled", "true"); + } + }); + + $('button:button[name="submitChangePrivateKeyPassword"]').click(function() { + updatePrivateKeyPasswd(); + }); + +}); diff --git a/apps/encryption/l10n/.gitkeep b/apps/encryption/l10n/.gitkeep new file mode 100644 index 0000000000..e69de29bb2 diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index 43d3b84268..f036ea42cb 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -77,7 +77,7 @@ class Encryption implements IEncryptionModule { * @param array $header contains the header data read from the file * @param array $accessList who has access to the file contains the key 'users' and 'public' * - * $return array $header contain data as key-value pairs which should be + * @return array $header contain data as key-value pairs which should be * written to the header, in case of a write operation * or if no additional data is needed return a empty array */ diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index 4b898217d6..e03852c1f6 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -37,9 +37,9 @@ use \OCP\ISession; class KeyManager { /** - * @var ICache + * @var ISession */ - public static $cacheFactory; + public static $session; /** * @var IStorage */ @@ -87,24 +87,17 @@ class KeyManager { */ private $log; - /** - * @var \OCP\ISession - */ - private $session; - /** * @param IStorage $keyStorage * @param Crypt $crypt * @param IConfig $config - * @param Session $userSession + * @param IUserSession $userSession * @param \OCP\ISession $session - * @param ICacheFactory $cacheFactory * @param ILogger $log */ - public function __construct(IStorage $keyStorage, Crypt $crypt, IConfig $config, - IUserSession $userSession, ISession $session ,ICacheFactory $cacheFactory, ILogger $log) { + public function __construct(IStorage $keyStorage, Crypt $crypt, IConfig $config, IUserSession $userSession, ISession $session, ILogger $log) { - $this->session = $session; + self::$session = $session; $this->keyStorage = $keyStorage; $this->crypt = $crypt; $this->config = $config; @@ -113,9 +106,6 @@ class KeyManager { $this->publicShareKeyId = $this->config->getAppValue('encryption', 'publicShareKeyId'); $this->keyId = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false; - - self::$cacheFactory = $cacheFactory; - self::$cacheFactory = self::$cacheFactory->create('encryption'); $this->log = $log; } @@ -211,7 +201,7 @@ class KeyManager { * * @param string $uid userid * @param string $passPhrase users password - * @return ICache + * @return ISession */ public function init($uid, $passPhrase) { try { @@ -225,13 +215,10 @@ class KeyManager { } - $this->session->set('privateKey', $privateKey); - $this->session->set('initStatus', true); - self::$cacheFactory->set('privateKey', $privateKey); - self::$cacheFactory->set('initStatus', true); + self::$session->set('privateKey', $privateKey); + self::$session->set('initStatus', true); - - return self::$cacheFactory; + return self::$session; } /** @@ -256,12 +243,15 @@ class KeyManager { */ public function getFileKey($path, $uid) { $key = ''; - $encryptedFileKey = $this->keyStorage->getFileKey($path, $this->fileKeyId); + $encryptedFileKey = $this->keyStorage->getFileKey($path, + $this->fileKeyId); $shareKey = $this->getShareKey($path, $uid); $privateKey = $this->session->get('privateKey'); if ($encryptedFileKey && $shareKey && $privateKey) { - $key = $this->crypt->multiKeyDecrypt($encryptedFileKey, $shareKey, $privateKey); + $key = $this->crypt->multiKeyDecrypt($encryptedFileKey, + $shareKey, + $privateKey); } return $key; @@ -293,11 +283,13 @@ class KeyManager { if ($params['uid'] === $user->getUser()->getUID() && $privateKey) { // Encrypt private key with new user pwd as passphrase - $encryptedPrivateKey = $this->crypt->symmetricEncryptFileContent($privateKey, $params['password']); + $encryptedPrivateKey = $this->crypt->symmetricEncryptFileContent($privateKey, + $params['password']); // Save private key if ($encryptedPrivateKey) { - $this->setPrivateKey($user->getUser()->getUID(), $encryptedPrivateKey); + $this->setPrivateKey($user->getUser()->getUID(), + $encryptedPrivateKey); } else { $this->log->error('Encryption could not update users encryption password'); } @@ -331,7 +323,8 @@ class KeyManager { $this->setPublicKey($user, $keypair['publicKey']); // Encrypt private key with new password - $encryptedKey = $this->crypt->symmetricEncryptFileContent($keypair['privateKey'], $newUserPassword); + $encryptedKey = $this->crypt->symmetricEncryptFileContent($keypair['privateKey'], + $newUserPassword); if ($encryptedKey) { $this->setPrivateKey($user, $encryptedKey); @@ -431,4 +424,11 @@ class KeyManager { return $keys; } + + /** + * @return string returns openssl key + */ + public function getSystemPrivateKey() { + return $this->keyStorage->getSystemUserKey($this->privateKeyId); + } } diff --git a/apps/encryption/lib/util.php b/apps/encryption/lib/util.php index 5cc658a313..5fc08c6cc7 100644 --- a/apps/encryption/lib/util.php +++ b/apps/encryption/lib/util.php @@ -94,120 +94,6 @@ class Util { $this->config = $config; } - /** - * @param $dirPath - * @param bool $found - * @return array|bool - */ - private function findEncryptedFiles($dirPath, &$found = false) { - - if ($found === false) { - $found = [ - 'plain' => [], - 'encrypted' => [], - 'broken' => [], - ]; - } - - if ($this->files->is_dir($dirPath) && $handle = $this->files->opendir($dirPath)) { - if (is_resource($handle)) { - while (($file = readdir($handle) !== false)) { - if ($file !== '.' && $file !== '..') { - - // Skip stray part files - if ($this->isPartialFilePath($file)) { - continue; - } - - $filePath = $dirPath . '/' . $this->files->getRelativePath('/' . $file); - $relPath = $this->stripUserFilesPath($filePath); - - // If the path is a directory, search its contents - if ($this->files->is_dir($filePath)) { - // Recurse back - $this->findEncryptedFiles($filePath); - - /* - * If the path is a file, - * determine where they got re-enabled :/ - */ - } elseif ($this->files->is_file($filePath)) { - $isEncryptedPath = $this->isEncryptedPath($filePath); - - /** - * If the file is encrypted - * - * @note: if the userId is - * empty or not set, file will - * be detected as plain - * @note: this is inefficient; - * scanning every file like this - * will eat server resources :( - * fixMe: xxx find better way - */ - if ($isEncryptedPath) { - $fileKey = $this->keyManager->getFileKey($relPath); - $shareKey = $this->keyManager->getShareKey($relPath); - // If file is encrypted but now file key is available, throw exception - if (!$fileKey || !$shareKey) { - $this->logger->error('Encryption library, no keys avilable to decrypt the file: ' . $file); - $found['broken'][] = [ - 'name' => $file, - 'path' => $filePath, - ]; - } else { - $found['encrypted'][] = [ - 'name' => $file, - 'path' => $filePath - ]; - } - } else { - $found['plain'][] = [ - 'name' => $file, - 'path' => $filePath - ]; - } - } - } - - } - } - } - - return $found; - } - - /** - * @param $path - * @return bool - */ - private function isPartialFilePath($path) { - $extension = pathinfo($path, PATHINFO_EXTENSION); - - if ($extension === 'part') { - return true; - } - return false; - } - - /** - * @param $filePath - * @return bool|string - */ - private function stripUserFilesPath($filePath) { - $split = $this->splitPath($filePath); - - // It is not a file relative to data/user/files - if (count($split) < 4 || $split[2] !== 'files') { - return false; - } - - $sliced = array_slice($split, 3); - - return implode('/', $sliced); - - } - /** * @param $filePath * @return array @@ -218,41 +104,6 @@ class Util { return explode('/', $normalized); } - /** - * @param $filePath - * @return bool - */ - private function isEncryptedPath($filePath) { - $data = ''; - - // We only need 24 bytes from the last chunck - if ($this->files->file_exists($filePath)) { - $handle = $this->files->fopen($filePath, 'r'); - if (is_resource($handle)) { - // Suppress fseek warning, we handle the case that fseek - // doesn't work in the else branch - if (@fseek($handle, -24, SEEK_END) === 0) { - $data = fgets($handle); - } else { - // if fseek failed on the storage we create a local copy - // from the file and read this one - fclose($handle); - $localFile = $this->files->getLocalFile($filePath); - $handle = fopen($localFile, 'r'); - - if (is_resource($handle) && fseek($handle, - -24, - SEEK_END) === 0 - ) { - $data = fgets($handle); - } - } - fclose($handle); - return $this->crypt->isCatfileContent($data); - } - } - } - /** * @return bool */ @@ -287,8 +138,8 @@ class Util { * @param $recoveryPassword */ public function recoverUsersFiles($recoveryPassword) { - // todo: get system private key here -// $this->keyManager->get + $encryptedKey = $this->keyManager->getSystemPrivateKey(); + $privateKey = $this->crypt->decryptPrivateKey($encryptedKey, $recoveryPassword); @@ -329,25 +180,30 @@ class Util { */ private function recoverFile($filePath, $privateKey) { $sharingEnabled = Share::isEnabled(); + $uid = $this->user->getUID(); // Find out who, if anyone, is sharing the file if ($sharingEnabled) { $result = Share::getUsersSharingFile($filePath, - $this->user->getUID(), + $uid, true); $userIds = $result['users']; $userIds[] = 'public'; } else { $userIds = [ - $this->user->getUID(), + $uid, $this->recoveryKeyId ]; } $filteredUids = $this->filterShareReadyUsers($userIds); // Decrypt file key - $encKeyFile = $this->keyManager->getFileKey($filePath); - $shareKey = $this->keyManager->getShareKey($filePath); + $encKeyFile = $this->keyManager->getFileKey($filePath, + $uid); + + $shareKey = $this->keyManager->getShareKey($filePath, + $uid); + $plainKeyFile = $this->crypt->multiKeyDecrypt($encKeyFile, $shareKey, $privateKey); @@ -357,38 +213,12 @@ class Util { $multiEncryptionKey = $this->crypt->multiKeyEncrypt($plainKeyFile, $userPublicKeys); - $this->keyManager->setFileKeys($multiEncryptionKey['data']); - $this->keyManager->setShareKeys($multiEncryptionKey['keys']); - } + $this->keyManager->setFileKey($multiEncryptionKey['data'], + $uid); - /** - * @param $userIds - * @return array - */ - private function filterShareReadyUsers($userIds) { - // This array will collect the filtered IDs - $readyIds = $unreadyIds = []; - - // Loop though users and create array of UIDs that need new keyfiles - foreach ($userIds as $user) { - // Check that the user is encryption capable, or is the - // public system user (for public shares) - if ($this->isUserReady($user)) { - // construct array of ready UIDs for keymanager - $readyIds[] = $user; - } else { - // Construct array of unready UIDs for keymanager - $unreadyIds[] = $user; - - // Log warning; we cant do necessary setup here - // because we don't have the user passphrase - $this->logger->warning('Encryption Library ' . $this->user->getUID() . ' is not setup for encryption'); - } - } - return [ - 'ready' => $readyIds, - 'unready' => $unreadyIds - ]; + $this->keyManager->setShareKey($filePath, + $uid, + $multiEncryptionKey['keys']); } } diff --git a/apps/encryption/settings/settings-admin.php b/apps/encryption/settings/settings-admin.php index d3acdfe2ba..a32359bdfa 100644 --- a/apps/encryption/settings/settings-admin.php +++ b/apps/encryption/settings/settings-admin.php @@ -1,6 +1,6 @@ + * Copyright (c) 2015 Clark Tomlinson * This file is licensed under the Affero General Public License version 3 or * later. * See the COPYING-README file. @@ -16,7 +16,7 @@ $tmpl = new OCP\Template('files_encryption', 'settings-admin'); $recoveryAdminEnabled = \OC::$server->getConfig()->getAppValue('encryption', 'recoveryAdminEnabled', '0'); $tmpl->assign('recoveryEnabled', $recoveryAdminEnabled); -$tmpl->assign('initStatus', KeyManager::$cacheFactory->get('initStatus')); +$tmpl->assign('initStatus', KeyManager::$session->get('initStatus')); \OCP\Util::addscript('files_encryption', 'settings-admin'); \OCP\Util::addscript('core', 'multiselect'); diff --git a/apps/encryption/settings/settings-personal.php b/apps/encryption/settings/settings-personal.php index fe2d846f50..dc1ef167b1 100644 --- a/apps/encryption/settings/settings-personal.php +++ b/apps/encryption/settings/settings-personal.php @@ -1,17 +1,17 @@ + * Copyright (c) 2015 Clark Tomlinson * This file is licensed under the Affero General Public License version 3 or * later. * See the COPYING-README file. */ // Add CSS stylesheet -\OC_Util::addStyle('files_encryption', 'settings-personal'); +\OC_Util::addStyle('encryption', 'settings-personal'); -$tmpl = new OCP\Template('files_encryption', 'settings-personal'); +$tmpl = new OCP\Template('encryption', 'settings-personal'); -$user = \OCP\USER::getUser(); +$user = \OCP\User::getUser(); $view = new \OC\Files\View('/'); $util = new \OCA\Files_Encryption\Util($view, $user); $session = new \OCA\Files_Encryption\Session($view); @@ -20,14 +20,14 @@ $privateKeySet = $session->getPrivateKey() !== false; // did we tried to initialize the keys for this session? $initialized = $session->getInitialized(); -$recoveryAdminEnabled = \OC::$server->getAppConfig()->getValue('files_encryption', 'recoveryAdminEnabled'); +$recoveryAdminEnabled = \OC::$server->getConfig()->getAppValue('encryption', 'recoveryAdminEnabled'); $recoveryEnabledForUser = $util->recoveryEnabledForUser(); $result = false; if ($recoveryAdminEnabled || !$privateKeySet) { - \OCP\Util::addscript('files_encryption', 'settings-personal'); + \OCP\Util::addscript('encryption', 'settings-personal'); $tmpl->assign('recoveryEnabled', $recoveryAdminEnabled); $tmpl->assign('recoveryEnabledForUser', $recoveryEnabledForUser); diff --git a/apps/encryption/tests/lib/KeyManagerTest.php b/apps/encryption/tests/lib/KeyManagerTest.php index 01c5e1d2d0..ed6048d764 100644 --- a/apps/encryption/tests/lib/KeyManagerTest.php +++ b/apps/encryption/tests/lib/KeyManagerTest.php @@ -45,10 +45,15 @@ class KeyManagerTest extends TestCase { $userMock ->method('getUID') ->will($this->returnValue('admin')); - $cacheMock = $this->getMock('OCP\ICacheFactory'); + $sessionMock = $this->getMock('OCP\ISession'); $logMock = $this->getMock('OCP\ILogger'); $this->userId = 'admin'; - $this->instance = new KeyManager($keyStorageMock, $cryptMock, $configMock, $userMock, $cacheMock, $logMock); + $this->instance = new KeyManager($keyStorageMock, + $cryptMock, + $configMock, + $userMock, + $sessionMock, + $logMock); $this->dummyKeys = ['public' => 'randomweakpublickeyhere', 'private' => 'randomweakprivatekeyhere']; @@ -87,14 +92,16 @@ class KeyManagerTest extends TestCase { */ public function testSetPublicKey() { - $this->assertTrue($this->instance->setPublicKey($this->userId, $this->dummyKeys['public'])); + $this->assertTrue($this->instance->setPublicKey($this->userId, + $this->dummyKeys['public'])); } /** * */ public function testSetPrivateKey() { - $this->assertTrue($this->instance->setPrivateKey($this->userId, $this->dummyKeys['private'])); + $this->assertTrue($this->instance->setPrivateKey($this->userId, + $this->dummyKeys['private'])); } /** From 8dde93254680bfb481e8c737fd3696ee5a9e74da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Fri, 27 Mar 2015 10:07:59 +0100 Subject: [PATCH 017/119] Comment duplicate test methods --- tests/lib/encryption/managertest.php | 114 +++++++++++++-------------- 1 file changed, 57 insertions(+), 57 deletions(-) diff --git a/tests/lib/encryption/managertest.php b/tests/lib/encryption/managertest.php index e5a1898515..4fcbc3b998 100644 --- a/tests/lib/encryption/managertest.php +++ b/tests/lib/encryption/managertest.php @@ -112,61 +112,61 @@ class ManagerTest extends TestCase { $this->assertEquals(0, $en0->getId()); } - /** - * @expectedException \OC\Encryption\Exceptions\ModuleAlreadyExistsException - * @expectedExceptionMessage Id "0" already used by encryption module "TestDummyModule0" - */ - public function testModuleRegistration() { - $config = $this->getMock('\OCP\IConfig'); - $config->expects($this->any())->method('getSystemValue')->willReturn(true); - $em = $this->getMock('\OCP\Encryption\IEncryptionModule'); - $em->expects($this->any())->method('getId')->willReturn(0); - $em->expects($this->any())->method('getDisplayName')->willReturn('TestDummyModule0'); - $m = new Manager($config); - $m->registerEncryptionModule($em); - $this->assertTrue($m->isEnabled()); - $m->registerEncryptionModule($em); - } - - public function testModuleUnRegistration() { - $config = $this->getMock('\OCP\IConfig'); - $config->expects($this->any())->method('getSystemValue')->willReturn(true); - $em = $this->getMock('\OCP\Encryption\IEncryptionModule'); - $em->expects($this->any())->method('getId')->willReturn(0); - $em->expects($this->any())->method('getDisplayName')->willReturn('TestDummyModule0'); - $m = new Manager($config); - $m->registerEncryptionModule($em); - $this->assertTrue($m->isEnabled()); - $m->unregisterEncryptionModule($em); - $this->assertFalse($m->isEnabled()); - } - - /** - * @expectedException \OC\Encryption\Exceptions\ModuleDoesNotExistsException - * @expectedExceptionMessage Module with id: unknown does not exists. - */ - public function testGetEncryptionModuleUnknown() { - $config = $this->getMock('\OCP\IConfig'); - $config->expects($this->any())->method('getSystemValue')->willReturn(true); - $em = $this->getMock('\OCP\Encryption\IEncryptionModule'); - $em->expects($this->any())->method('getId')->willReturn(0); - $em->expects($this->any())->method('getDisplayName')->willReturn('TestDummyModule0'); - $m = new Manager($config); - $m->registerEncryptionModule($em); - $this->assertTrue($m->isEnabled()); - $m->getEncryptionModule('unknown'); - } - - public function testGetEncryptionModule() { - $config = $this->getMock('\OCP\IConfig'); - $config->expects($this->any())->method('getSystemValue')->willReturn(true); - $em = $this->getMock('\OCP\Encryption\IEncryptionModule'); - $em->expects($this->any())->method('getId')->willReturn(0); - $em->expects($this->any())->method('getDisplayName')->willReturn('TestDummyModule0'); - $m = new Manager($config); - $m->registerEncryptionModule($em); - $this->assertTrue($m->isEnabled()); - $en0 = $m->getEncryptionModule(0); - $this->assertEquals(0, $en0->getId()); - } +// /** +// * @expectedException \OC\Encryption\Exceptions\ModuleAlreadyExistsException +// * @expectedExceptionMessage Id "0" already used by encryption module "TestDummyModule0" +// */ +// public function testModuleRegistration() { +// $config = $this->getMock('\OCP\IConfig'); +// $config->expects($this->any())->method('getSystemValue')->willReturn(true); +// $em = $this->getMock('\OCP\Encryption\IEncryptionModule'); +// $em->expects($this->any())->method('getId')->willReturn(0); +// $em->expects($this->any())->method('getDisplayName')->willReturn('TestDummyModule0'); +// $m = new Manager($config); +// $m->registerEncryptionModule($em); +// $this->assertTrue($m->isEnabled()); +// $m->registerEncryptionModule($em); +// } +// +// public function testModuleUnRegistration() { +// $config = $this->getMock('\OCP\IConfig'); +// $config->expects($this->any())->method('getSystemValue')->willReturn(true); +// $em = $this->getMock('\OCP\Encryption\IEncryptionModule'); +// $em->expects($this->any())->method('getId')->willReturn(0); +// $em->expects($this->any())->method('getDisplayName')->willReturn('TestDummyModule0'); +// $m = new Manager($config); +// $m->registerEncryptionModule($em); +// $this->assertTrue($m->isEnabled()); +// $m->unregisterEncryptionModule($em); +// $this->assertFalse($m->isEnabled()); +// } +// +// /** +// * @expectedException \OC\Encryption\Exceptions\ModuleDoesNotExistsException +// * @expectedExceptionMessage Module with id: unknown does not exists. +// */ +// public function testGetEncryptionModuleUnknown() { +// $config = $this->getMock('\OCP\IConfig'); +// $config->expects($this->any())->method('getSystemValue')->willReturn(true); +// $em = $this->getMock('\OCP\Encryption\IEncryptionModule'); +// $em->expects($this->any())->method('getId')->willReturn(0); +// $em->expects($this->any())->method('getDisplayName')->willReturn('TestDummyModule0'); +// $m = new Manager($config); +// $m->registerEncryptionModule($em); +// $this->assertTrue($m->isEnabled()); +// $m->getEncryptionModule('unknown'); +// } +// +// public function testGetEncryptionModule() { +// $config = $this->getMock('\OCP\IConfig'); +// $config->expects($this->any())->method('getSystemValue')->willReturn(true); +// $em = $this->getMock('\OCP\Encryption\IEncryptionModule'); +// $em->expects($this->any())->method('getId')->willReturn(0); +// $em->expects($this->any())->method('getDisplayName')->willReturn('TestDummyModule0'); +// $m = new Manager($config); +// $m->registerEncryptionModule($em); +// $this->assertTrue($m->isEnabled()); +// $en0 = $m->getEncryptionModule(0); +// $this->assertEquals(0, $en0->getId()); +// } } From 37e8268447b93f6a74c69b0b489c9c3a95ed1fa5 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Fri, 27 Mar 2015 11:43:02 +0100 Subject: [PATCH 018/119] make sharing and unsharing work --- apps/encryption/lib/crypto/encryption.php | 21 ++++++++++++++------- apps/encryption/lib/keymanager.php | 17 +++++++++++++++++ 2 files changed, 31 insertions(+), 7 deletions(-) diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index f036ea42cb..beb922afe7 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -122,11 +122,7 @@ class Encryption implements IEncryptionModule { } $encryptedKeyfiles = $this->crypt->multiKeyEncrypt($this->fileKey, $publicKeys); - - $this->keymanager->setFileKey($path, $encryptedKeyfiles['data']); - foreach ($encryptedKeyfiles['keys'] as $uid => $keyFile) { - $this->keymanager->setShareKey($path, $uid, $keyFile); - } + $this->keymanager->setAllFileKeys($path, $encryptedKeyfiles); } return $result; } @@ -218,11 +214,22 @@ class Encryption implements IEncryptionModule { * update encrypted file, e.g. give additional users access to the file * * @param string $path path to the file which should be updated + * @param string $uid of the user who performs the operation * @param array $accessList who has access to the file contains the key 'users' and 'public' * @return boolean */ - public function update($path, $accessList) { - // TODO: Implement update() method. + public function update($path, $uid, $accessList) { + $fileKey = $this->keymanager->getFileKey($path, $uid); + foreach ($accessList['users'] as $user) { + $publicKeys[$user] = $this->keymanager->getPublicKey($user); + } + $encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys); + + $this->keymanager->deleteAllFileKeys($path); + + $this->keymanager->setAllFileKeys($path, $encryptedFileKey); + + return true; } /** diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index e03852c1f6..fe7fe08d27 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -183,6 +183,19 @@ class KeyManager { return $this->keyStorage->setFileKey($path, $this->fileKeyId, $key); } + /** + * set all file keys (the file key and the corresponding share keys) + * + * @param string $path + * @param array $keys + */ + public function setAllFileKeys($path, $keys) { + $this->setFileKey($path, $keys['data']); + foreach ($keys['keys'] as $uid => $keyFile) { + $this->setShareKey($path, $uid, $keyFile); + } + } + /** * write share key to the key storage * @@ -405,6 +418,10 @@ class KeyManager { return $this->keyStorage->deleteUserKey($uid, $this->privateKeyId); } + public function deleteAllFileKeys($path) { + return $this->keyStorage->deleteAllFileKeys($path); + } + /** * @param array $userIds * @return array From bd99042a66acef066bebac1694dd2c431166fe2b Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Fri, 27 Mar 2015 15:01:46 +0100 Subject: [PATCH 019/119] add setting templates --- apps/encryption/appinfo/encryption.php | 2 +- apps/encryption/settings/settings-admin.php | 2 +- .../templates/invalid_private_key.php | 12 ++++ apps/encryption/templates/settings-admin.php | 71 +++++++++++++++++++ .../templates/settings-personal.php | 70 ++++++++++++++++++ 5 files changed, 155 insertions(+), 2 deletions(-) create mode 100644 apps/encryption/templates/invalid_private_key.php create mode 100644 apps/encryption/templates/settings-admin.php create mode 100644 apps/encryption/templates/settings-personal.php diff --git a/apps/encryption/appinfo/encryption.php b/apps/encryption/appinfo/encryption.php index a389abe5da..d97aa07738 100644 --- a/apps/encryption/appinfo/encryption.php +++ b/apps/encryption/appinfo/encryption.php @@ -85,7 +85,7 @@ class Encryption extends \OCP\AppFramework\App { $container->query('UserSetup'), $server->getUserSession(), new \OCP\Util(), - $container->query('Util'),), + $container->query('Util')), ]); $hookManager->fireHooks(); diff --git a/apps/encryption/settings/settings-admin.php b/apps/encryption/settings/settings-admin.php index a32359bdfa..813956aa0a 100644 --- a/apps/encryption/settings/settings-admin.php +++ b/apps/encryption/settings/settings-admin.php @@ -10,7 +10,7 @@ use OCA\Encryption\KeyManager; \OC_Util::checkAdminUser(); -$tmpl = new OCP\Template('files_encryption', 'settings-admin'); +$tmpl = new OCP\Template('encryption', 'settings-admin'); // Check if an adminRecovery account is enabled for recovering files after lost pwd $recoveryAdminEnabled = \OC::$server->getConfig()->getAppValue('encryption', 'recoveryAdminEnabled', '0'); diff --git a/apps/encryption/templates/invalid_private_key.php b/apps/encryption/templates/invalid_private_key.php new file mode 100644 index 0000000000..b148e65b19 --- /dev/null +++ b/apps/encryption/templates/invalid_private_key.php @@ -0,0 +1,12 @@ +
    +
  • + + + +
    + + t('Go directly to your %spersonal settings%s.', array('', ''))); ?> + +
    +
  • +
diff --git a/apps/encryption/templates/settings-admin.php b/apps/encryption/templates/settings-admin.php new file mode 100644 index 0000000000..252701e9ed --- /dev/null +++ b/apps/encryption/templates/settings-admin.php @@ -0,0 +1,71 @@ + +
+

t('ownCloud basic encryption module')); ?>

+ + + t("Encryption App is enabled but your keys are not initialized, please log-out and log-in again")); ?> + +

+ t("Enable recovery key (allow to recover users files in case of password loss):")); ?> + +
+
+ + +
+ + +
+ /> + +
+ + /> + +

+

+ +

> + t("Change recovery key password:")); ?> + +

+ + +
+
+ + +
+ + +
+ +

+ +
diff --git a/apps/encryption/templates/settings-personal.php b/apps/encryption/templates/settings-personal.php new file mode 100644 index 0000000000..a28df9ac0e --- /dev/null +++ b/apps/encryption/templates/settings-personal.php @@ -0,0 +1,70 @@ + +
+

t('ownCloud basic encryption module')); ?>

+ + + + t("Encryption App is enabled but your keys are not initialized, please log-out and log-in again")); ?> + + +

+ + +
+ t( "Set your old private key password to your current log-in password:" ) ); ?> + t( " If you don't remember your old password you can ask your administrator to recover your files." ) ); + endif; ?> +
+ + +
+ + +
+ + +

+ + +
+

+ + +
+ t( "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" ) ); ?> +
+ /> + +
+ + /> + +

+ + From 24c6604388c0c3a32517e1aa18ebd851e1f7a6a1 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Fri, 27 Mar 2015 18:10:32 +0100 Subject: [PATCH 020/119] add public link share key to file if it was shared as public link --- apps/encryption/lib/crypto/encryption.php | 6 +++ apps/encryption/lib/keymanager.php | 45 ++++++++++++++++++- apps/encryption/lib/users/setup.php | 2 +- .../encryption/settings/settings-personal.php | 30 +++++++++++-- 4 files changed, 76 insertions(+), 7 deletions(-) diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index beb922afe7..da805892ea 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -220,9 +220,15 @@ class Encryption implements IEncryptionModule { */ public function update($path, $uid, $accessList) { $fileKey = $this->keymanager->getFileKey($path, $uid); + $publicKeys = array(); foreach ($accessList['users'] as $user) { $publicKeys[$user] = $this->keymanager->getPublicKey($user); } + + if (!empty($accessList['public'])) { + $publicKeys[$this->keymanager->getPublicShareKeyId()] = $this->keymanager->getPublicShareKey(); + } + $encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys); $this->keymanager->deleteAllFileKeys($path); diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index fe7fe08d27..44a4645869 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -95,7 +95,13 @@ class KeyManager { * @param \OCP\ISession $session * @param ILogger $log */ - public function __construct(IStorage $keyStorage, Crypt $crypt, IConfig $config, IUserSession $userSession, ISession $session, ILogger $log) { + public function __construct( + IStorage $keyStorage, + Crypt $crypt, + IConfig $config, + IUserSession $userSession, + ISession $session, + ILogger $log) { self::$session = $session; $this->keyStorage = $keyStorage; @@ -105,6 +111,28 @@ class KeyManager { 'recoveryKeyId'); $this->publicShareKeyId = $this->config->getAppValue('encryption', 'publicShareKeyId'); + + if (empty($this->publicShareKeyId)) { + $this->publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8); + $this->config->setAppValue('encryption', 'publicShareKeyId', $this->publicShareKeyId); + + $keypair = $this->crypt->createKeyPair(); + + // Save public key + $this->keyStorage->setSystemUserKey( + $this->publicShareKeyId . '.publicKey', + $keypair['publicKey']); + + // Encrypt private key empty passphrase + $encryptedKey = $this->crypt->symmetricEncryptFileContent($keypair['privateKey'], ''); + if ($encryptedKey) { + $this->keyStorage->setSystemUserKey($this->publicShareKeyId . '.privateKey', $encryptedKey); + } else { + $this->log->error('Could not create public share keys'); + } + + } + $this->keyId = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false; $this->log = $log; } @@ -259,7 +287,7 @@ class KeyManager { $encryptedFileKey = $this->keyStorage->getFileKey($path, $this->fileKeyId); $shareKey = $this->getShareKey($path, $uid); - $privateKey = $this->session->get('privateKey'); + $privateKey = self::$session->get('privateKey'); if ($encryptedFileKey && $shareKey && $privateKey) { $key = $this->crypt->multiKeyDecrypt($encryptedFileKey, @@ -384,6 +412,19 @@ class KeyManager { throw new PublicKeyMissingException(); } + public function getPublicShareKeyId() { + return $this->publicShareKeyId; + } + + /** + * get public key for public link shares + * + * @return string + */ + public function getPublicShareKey() { + return $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.publicKey'); + } + /** * @param $purpose * @param bool $timestamp diff --git a/apps/encryption/lib/users/setup.php b/apps/encryption/lib/users/setup.php index 662a4b4b6a..bf415c8188 100644 --- a/apps/encryption/lib/users/setup.php +++ b/apps/encryption/lib/users/setup.php @@ -36,7 +36,7 @@ class Setup extends \OCA\Encryption\Setup { parent::__construct($logger, $userSession); $this->crypt = $crypt; $this->keyManager = $keyManager; - } + } /** * @param $uid userid diff --git a/apps/encryption/settings/settings-personal.php b/apps/encryption/settings/settings-personal.php index dc1ef167b1..d1da649e37 100644 --- a/apps/encryption/settings/settings-personal.php +++ b/apps/encryption/settings/settings-personal.php @@ -10,13 +10,35 @@ \OC_Util::addStyle('encryption', 'settings-personal'); $tmpl = new OCP\Template('encryption', 'settings-personal'); +$crypt = new \OCA\Encryption\Crypto\Crypt( + \OC::$server->getLogger(), + \OC::$server->getUserSession(), + \OC::$server->getConfig()); +$keymanager = new \OCA\Encryption\KeyManager( + \OC::$server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID), + $crypt, + \OC::$server->getConfig(), + \OC::$server->getUserSession(), + \OC::$server->getSession(), + \OC::$server->getLogger()); $user = \OCP\User::getUser(); -$view = new \OC\Files\View('/'); -$util = new \OCA\Files_Encryption\Util($view, $user); -$session = new \OCA\Files_Encryption\Session($view); -$privateKeySet = $session->getPrivateKey() !== false; +$view = new \OC\Files\View('/'); + +$util = new \OCA\Encryption\Util( + new \OC\Files\View(), + new \OC\Files\Filesystem(), + $crypt, + $keymanager, + \OC::$server->getLogger(), + \OC::$server->getUserSession(), + \OC::$server->getConfig()); + +$session = new \OCA\Files_Encryption\Session($view); +$session = \OC::$server->getSession(); + +$privateKeySet = $session->get('privateKey') !== false; // did we tried to initialize the keys for this session? $initialized = $session->getInitialized(); From c64e0af4fb44b1464ca3433e99b12b729a2084b2 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Sat, 28 Mar 2015 11:02:26 +0100 Subject: [PATCH 021/119] check if recovery key exists and encrypt the file with the recovery key if needed --- apps/encryption/appinfo/encryption.php | 5 ++- apps/encryption/lib/crypto/encryption.php | 39 ++++++++++++++++++++--- apps/encryption/lib/keymanager.php | 20 +++++++++++- lib/private/encryption/util.php | 23 ++++++++++++- 4 files changed, 80 insertions(+), 7 deletions(-) diff --git a/apps/encryption/appinfo/encryption.php b/apps/encryption/appinfo/encryption.php index d97aa07738..dd8004a488 100644 --- a/apps/encryption/appinfo/encryption.php +++ b/apps/encryption/appinfo/encryption.php @@ -102,7 +102,10 @@ class Encryption extends \OCP\AppFramework\App { public function registerEncryptionModule() { $container = $this->getContainer(); $container->registerService('EncryptionModule', function (IAppContainer $c) { - return new \OCA\Encryption\Crypto\Encryption($c->query('Crypt'), $c->query('KeyManager')); + return new \OCA\Encryption\Crypto\Encryption( + $c->query('Crypt'), + $c->query('KeyManager'), + $c->query('Util')); }); $module = $container->query('EncryptionModule'); $this->encryptionManager->registerEncryptionModule($module); diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index da805892ea..8c00077729 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -46,9 +46,19 @@ class Encryption implements IEncryptionModule { /** @var boolean */ private $isWriteOperation; - public function __construct(Crypt $crypt, KeyManager $keymanager) { + /** @var \OC\Encryption\Util */ + private $util; + + /** + * + * @param \OCA\Encryption\Crypto\Crypt $crypt + * @param KeyManager $keymanager + * @param \OC\Encryption\Util $util + */ + public function __construct(Crypt $crypt, KeyManager $keymanager, \OC\Encryption\Util $util) { $this->crypt = $crypt; $this->keymanager = $keymanager; + $this->util = $util; } /** @@ -225,9 +235,7 @@ class Encryption implements IEncryptionModule { $publicKeys[$user] = $this->keymanager->getPublicKey($user); } - if (!empty($accessList['public'])) { - $publicKeys[$this->keymanager->getPublicShareKeyId()] = $this->keymanager->getPublicShareKey(); - } + $publicKeys = $this->addSystemKeys($accessList, $publicKeys); $encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys); @@ -238,6 +246,29 @@ class Encryption implements IEncryptionModule { return true; } + /** + * add system keys such as the public share key and the recovery key + * + * @param array $accessList + * @param array $publicKeys + * @return array + */ + public function addSystemKeys(array $accessList, array $publicKeys) { + if (!empty($accessList['public'])) { + $publicKeys[$this->keymanager->getPublicShareKeyId()] = $this->keymanager->getPublicShareKey(); + } + + if ($this->keymanager->recoveryKeyExists() && + $this->util->recoveryEnabled($this->user)) { + + $publicKeys[$this->keymanager->getRecoveryKeyId()] = $this->keymanager->getRecoveryKey(); + } + + + return $publicKeys; + } + + /** * should the file be encrypted or not * diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index 44a4645869..ea338f88ea 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -141,7 +141,25 @@ class KeyManager { * @return bool */ public function recoveryKeyExists() { - return (strlen($this->keyStorage->getSystemUserKey($this->recoveryKeyId)) !== 0); + return (!empty($this->keyStorage->getSystemUserKey($this->recoveryKeyId))); + } + + /** + * get recovery key + * + * @return string + */ + public function getRecoveryKey() { + return $this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.publicKey'); + } + + /** + * get recovery key ID + * + * @return string + */ + public function getRecoveryKeyId() { + return $this->recoveryKeyId; } /** diff --git a/lib/private/encryption/util.php b/lib/private/encryption/util.php index 85e852ec2c..e3390f155d 100644 --- a/lib/private/encryption/util.php +++ b/lib/private/encryption/util.php @@ -26,6 +26,7 @@ namespace OC\Encryption; use OC\Encryption\Exceptions\EncryptionHeaderToLargeException; use OC\Encryption\Exceptions\EncryptionHeaderKeyExistsException; use OCP\Encryption\IEncryptionModule; +use OCP\IConfig; class Util { @@ -58,19 +59,27 @@ class Util { /** @var \OC\User\Manager */ protected $userManager; + /** @var IConfig */ + protected $config; + /** @var array paths excluded from encryption */ protected $excludedPaths; /** * @param \OC\Files\View $view root view */ - public function __construct(\OC\Files\View $view, \OC\User\Manager $userManager) { + public function __construct( + \OC\Files\View $view, + \OC\User\Manager $userManager, + IConfig $config) { + $this->ocHeaderKeys = [ self::HEADER_ENCRYPTION_MODULE_KEY ]; $this->view = $view; $this->userManager = $userManager; + $this->config = $config; $this->excludedPaths[] = 'files_encryption'; } @@ -411,4 +420,16 @@ class Util { return false; } + /** + * check if recovery key is enabled for user + * + * @param string $uid + * @return boolean + */ + public function recoveryEnabled($uid) { + $enabled = $this->config->getUserValue($uid, 'encryption', 'recovery_enabled', '0'); + + return ($enabled === '1') ? true : false; + } + } From c266b3b5b7c382c34c8ffaad5746b3251bb4fbb5 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Sat, 28 Mar 2015 11:27:21 +0100 Subject: [PATCH 022/119] remove debug code from core --- lib/private/encryption/util.php | 3 --- 1 file changed, 3 deletions(-) diff --git a/lib/private/encryption/util.php b/lib/private/encryption/util.php index e3390f155d..961e7eceb2 100644 --- a/lib/private/encryption/util.php +++ b/lib/private/encryption/util.php @@ -407,9 +407,6 @@ class Util { return true; } - $v1 = $this->userManager->userExists($root[1]); - $v2 = in_array($root[2], $this->excludedPaths); - // detect user specific folders if ($this->userManager->userExists($root[1]) && in_array($root[2], $this->excludedPaths)) { From 48fc3f3afe410ee02ed9e98f4cafaaeca99ce70c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 30 Mar 2015 09:59:28 +0200 Subject: [PATCH 023/119] fix unit test execution, variable naming and kill no longer used $cacheFactory --- apps/encryption/lib/keymanager.php | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index ea338f88ea..b3961c8566 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -111,20 +111,21 @@ class KeyManager { 'recoveryKeyId'); $this->publicShareKeyId = $this->config->getAppValue('encryption', 'publicShareKeyId'); + $this->log = $log; if (empty($this->publicShareKeyId)) { $this->publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8); $this->config->setAppValue('encryption', 'publicShareKeyId', $this->publicShareKeyId); - $keypair = $this->crypt->createKeyPair(); + $keyPair = $this->crypt->createKeyPair(); // Save public key $this->keyStorage->setSystemUserKey( $this->publicShareKeyId . '.publicKey', - $keypair['publicKey']); + $keyPair['publicKey']); // Encrypt private key empty passphrase - $encryptedKey = $this->crypt->symmetricEncryptFileContent($keypair['privateKey'], ''); + $encryptedKey = $this->crypt->symmetricEncryptFileContent($keyPair['privateKey'], ''); if ($encryptedKey) { $this->keyStorage->setSystemUserKey($this->publicShareKeyId . '.privateKey', $encryptedKey); } else { @@ -337,7 +338,7 @@ class KeyManager { public function setPassphrase($params, IUserSession $user, Util $util) { // Get existing decrypted private key - $privateKey = self::$cacheFactory->get('privateKey'); + $privateKey = self::$session->get('privateKey'); if ($params['uid'] === $user->getUser()->getUID() && $privateKey) { @@ -372,17 +373,17 @@ class KeyManager { $newUserPassword = $params['password']; - $keypair = $this->crypt->createKeyPair(); + $keyPair = $this->crypt->createKeyPair(); // Disable encryption proxy to prevent recursive calls $proxyStatus = \OC_FileProxy::$enabled; \OC_FileProxy::$enabled = false; // Save public key - $this->setPublicKey($user, $keypair['publicKey']); + $this->setPublicKey($user, $keyPair['publicKey']); // Encrypt private key with new password - $encryptedKey = $this->crypt->symmetricEncryptFileContent($keypair['privateKey'], + $encryptedKey = $this->crypt->symmetricEncryptFileContent($keyPair['privateKey'], $newUserPassword); if ($encryptedKey) { From 937efe856d5f65706f2074a45d781d5944ba2494 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 30 Mar 2015 10:37:31 +0200 Subject: [PATCH 024/119] fix lib/private/encryption/util.php call --- lib/base.php | 30 ++++++++++++++++++------------ lib/private/encryption/util.php | 5 ++++- lib/private/server.php | 2 +- 3 files changed, 23 insertions(+), 14 deletions(-) diff --git a/lib/base.php b/lib/base.php index 98da75b61a..5d1e16296c 100644 --- a/lib/base.php +++ b/lib/base.php @@ -704,17 +704,20 @@ class OC { $enabled = self::$server->getEncryptionManager()->isEnabled(); if ($enabled) { \OC\Files\Filesystem::addStorageWrapper('oc_encryption', function ($mountPoint, $storage, \OCP\Files\Mount\IMountPoint $mount) { - if($mount->getOption('encrypt', true)) { - $parameters = array('storage' => $storage, 'mountPoint' => $mountPoint); - $manager = \OC::$server->getEncryptionManager(); - $util = new \OC\Encryption\Util(new \OC\Files\View(), \OC::$server->getUserManager()); - $user = \OC::$server->getUserSession()->getUser(); - $logger = \OC::$server->getLogger(); - $uid = $user ? $user->getUID() : null; - return new \OC\Files\Storage\Wrapper\Encryption($parameters, $manager, $util, $logger, $uid); - } else { - return $storage; - } + + $parameters = [ + 'storage' => $storage, + 'mountPoint' => $mountPoint, + 'mount' => $mount]; + $manager = \OC::$server->getEncryptionManager(); + $util = new \OC\Encryption\Util( + new \OC\Files\View(), + \OC::$server->getUserManager(), + \OC::$server->getConfig()); + $user = \OC::$server->getUserSession()->getUser(); + $logger = \OC::$server->getLogger(); + $uid = $user ? $user->getUID() : null; + return new \OC\Files\Storage\Wrapper\Encryption($parameters, $manager, $util, $logger, $uid); }); } @@ -730,7 +733,10 @@ class OC { } $updater = new \OC\Encryption\Update( new \OC\Files\View(), - new \OC\Encryption\Util(new \OC\Files\View(), \OC::$server->getUserManager()), + new \OC\Encryption\Util( + new \OC\Files\View(), + \OC::$server->getUserManager(), + \OC::$server->getConfig()), \OC\Files\Filesystem::getMountManager(), \OC::$server->getEncryptionManager(), $uid diff --git a/lib/private/encryption/util.php b/lib/private/encryption/util.php index 961e7eceb2..d983c92781 100644 --- a/lib/private/encryption/util.php +++ b/lib/private/encryption/util.php @@ -66,7 +66,10 @@ class Util { protected $excludedPaths; /** - * @param \OC\Files\View $view root view + * + * @param \OC\Files\View $view + * @param \OC\User\Manager $userManager + * @param IConfig $config */ public function __construct( \OC\Files\View $view, diff --git a/lib/private/server.php b/lib/private/server.php index 6a2e45aa59..d9c580c0f0 100644 --- a/lib/private/server.php +++ b/lib/private/server.php @@ -414,7 +414,7 @@ class Server extends SimpleContainer implements IServerContainer { */ function getEncryptionKeyStorage($encryptionModuleId) { $view = new \OC\Files\View(); - $util = new \OC\Encryption\Util($view, \OC::$server->getUserManager()); + $util = new \OC\Encryption\Util($view, \OC::$server->getUserManager(), \OC::$server->getConfig()); return $this->query('EncryptionKeyStorageFactory')->get($encryptionModuleId, $view, $util); } From 2331298380690c9326b6d189c96e0201d6b0b9e1 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 30 Mar 2015 10:43:37 +0200 Subject: [PATCH 025/119] fix parameter declaration and class initialisation --- apps/encryption/appinfo/encryption.php | 3 ++- apps/encryption/lib/crypto/encryption.php | 6 +++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/apps/encryption/appinfo/encryption.php b/apps/encryption/appinfo/encryption.php index dd8004a488..6aad921902 100644 --- a/apps/encryption/appinfo/encryption.php +++ b/apps/encryption/appinfo/encryption.php @@ -85,7 +85,8 @@ class Encryption extends \OCP\AppFramework\App { $container->query('UserSetup'), $server->getUserSession(), new \OCP\Util(), - $container->query('Util')), + $container->query('Util'), + $server->getSession()), ]); $hookManager->fireHooks(); diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index 8c00077729..3c93f75940 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -46,16 +46,16 @@ class Encryption implements IEncryptionModule { /** @var boolean */ private $isWriteOperation; - /** @var \OC\Encryption\Util */ + /** @var \OCA\Encryption\Util */ private $util; /** * * @param \OCA\Encryption\Crypto\Crypt $crypt * @param KeyManager $keymanager - * @param \OC\Encryption\Util $util + * @param \OCA\Encryption\Util $util */ - public function __construct(Crypt $crypt, KeyManager $keymanager, \OC\Encryption\Util $util) { + public function __construct(Crypt $crypt, KeyManager $keymanager, \OCA\Encryption\Util $util) { $this->crypt = $crypt; $this->keymanager = $keymanager; $this->util = $util; From 4aa125cc0a2b5a129c4f97d807f7a225a7620199 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 30 Mar 2015 11:01:06 +0200 Subject: [PATCH 026/119] fix unit test execution --- tests/lib/encryption/utiltest.php | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/tests/lib/encryption/utiltest.php b/tests/lib/encryption/utiltest.php index 672f9ff5e9..03aefe6115 100644 --- a/tests/lib/encryption/utiltest.php +++ b/tests/lib/encryption/utiltest.php @@ -20,6 +20,9 @@ class UtilTest extends TestCase { /** @var \PHPUnit_Framework_MockObject_MockObject */ protected $userManager; + /** @var \PHPUnit_Framework_MockObject_MockObject */ + private $config; + public function setUp() { parent::setUp(); $this->view = $this->getMockBuilder('OC\Files\View') @@ -29,13 +32,18 @@ class UtilTest extends TestCase { $this->userManager = $this->getMockBuilder('OC\User\Manager') ->disableOriginalConstructor() ->getMock(); + + $this->config = $this->getMockBuilder('OCP\IConfig') + ->disableOriginalConstructor() + ->getMock(); + } /** * @dataProvider providesHeadersForEncryptionModule */ public function testGetEncryptionModuleId($expected, $header) { - $u = new Util($this->view, $this->userManager); + $u = new Util($this->view, $this->userManager, $this->config); $id = $u->getEncryptionModuleId($header); $this->assertEquals($expected, $id); } @@ -53,7 +61,7 @@ class UtilTest extends TestCase { */ public function testReadHeader($header, $expected, $moduleId) { $expected['oc_encryption_module'] = $moduleId; - $u = new Util($this->view, $this->userManager); + $u = new Util($this->view, $this->userManager, $this->config); $result = $u->readHeader($header); $this->assertSameSize($expected, $result); foreach ($expected as $key => $value) { @@ -70,7 +78,7 @@ class UtilTest extends TestCase { $em = $this->getMock('\OCP\Encryption\IEncryptionModule'); $em->expects($this->any())->method('getId')->willReturn($moduleId); - $u = new Util($this->view, $this->userManager); + $u = new Util($this->view, $this->userManager, $this->config); $result = $u->createHeader($header, $em); $this->assertEquals($expected, $result); } @@ -94,7 +102,7 @@ class UtilTest extends TestCase { $em = $this->getMock('\OCP\Encryption\IEncryptionModule'); $em->expects($this->any())->method('getId')->willReturn('moduleId'); - $u = new Util($this->view, $this->userManager); + $u = new Util($this->view, $this->userManager, $this->config); $u->createHeader($header, $em); } @@ -107,7 +115,7 @@ class UtilTest extends TestCase { ->method('userExists') ->will($this->returnCallback(array($this, 'isExcludedCallback'))); - $u = new Util($this->view, $this->userManager); + $u = new Util($this->view, $this->userManager, $this->config); $this->assertSame($expected, $u->isExcluded($path) From a85e2e0bfdb86de029f7b5fde42ead60498aed82 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 30 Mar 2015 11:49:03 +0200 Subject: [PATCH 027/119] make recovery settings work --- apps/encryption/appinfo/app.php | 11 ++------ .../{encryption.php => application.php} | 28 ++++++++++--------- apps/encryption/appinfo/routes.php | 8 +++--- apps/encryption/js/settings-admin.js | 4 +-- apps/encryption/lib/keymanager.php | 2 +- apps/encryption/settings/settings-admin.php | 3 -- apps/encryption/templates/settings-admin.php | 6 ++-- lib/private/encryption/manager.php | 5 +++- lib/public/iservercontainer.php | 12 ++++++++ 9 files changed, 45 insertions(+), 34 deletions(-) rename apps/encryption/appinfo/{encryption.php => application.php} (88%) diff --git a/apps/encryption/appinfo/app.php b/apps/encryption/appinfo/app.php index 72e7fc42ca..38f9ff2f04 100644 --- a/apps/encryption/appinfo/app.php +++ b/apps/encryption/appinfo/app.php @@ -19,15 +19,10 @@ * */ -use OCA\Encryption\AppInfo\Encryption; +namespace OCA\Encryption\AppInfo; -if (!OC::$CLI) { +if (!\OC::$CLI) { $di = \OC::$server; - $app = new Encryption('encryption', - [], - $di->getEncryptionManager(), - $di->getConfig()); - - $app->boot(); + $app = new Application(); } diff --git a/apps/encryption/appinfo/encryption.php b/apps/encryption/appinfo/application.php similarity index 88% rename from apps/encryption/appinfo/encryption.php rename to apps/encryption/appinfo/application.php index 6aad921902..606c0cc5c4 100644 --- a/apps/encryption/appinfo/encryption.php +++ b/apps/encryption/appinfo/application.php @@ -36,7 +36,7 @@ use OCP\Encryption\IManager; use OCP\IConfig; -class Encryption extends \OCP\AppFramework\App { +class Application extends \OCP\AppFramework\App { /** * @var IManager */ @@ -49,19 +49,11 @@ class Encryption extends \OCP\AppFramework\App { /** * @param $appName * @param array $urlParams - * @param IManager $encryptionManager - * @param IConfig $config */ - public function __construct($appName, $urlParams = array(), IManager $encryptionManager, IConfig $config) { - parent::__construct($appName, $urlParams); - $this->encryptionManager = $encryptionManager; - $this->config = $config; - } - - /** - * - */ - public function boot() { + public function __construct($urlParams = array()) { + parent::__construct('encryption', $urlParams); + $this->encryptionManager = \OC::$server->getEncryptionManager(); + $this->config = \OC::$server->getConfig(); $this->registerServices(); $this->registerEncryptionModule(); $this->registerHooks(); @@ -153,6 +145,16 @@ class Encryption extends \OCP\AppFramework\App { $server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID)); }); + $container->registerService('RecoveryController', function (IAppContainer $c) { + $server = $c->getServer(); + return new \OCA\Encryption\Controller\RecoveryController( + $c->getAppName(), + $server->getRequest(), + $server->getConfig(), + $server->getL10N($c->getAppName()), + $c->query('Recovery')); + }); + $container->registerService('UserSetup', function (IAppContainer $c) { $server = $c->getServer(); diff --git a/apps/encryption/appinfo/routes.php b/apps/encryption/appinfo/routes.php index a86f3717ce..b2c00c8334 100644 --- a/apps/encryption/appinfo/routes.php +++ b/apps/encryption/appinfo/routes.php @@ -20,17 +20,17 @@ */ -use OCP\AppFramework\App; +namespace OCA\Encryption\AppInfo; -(new App('encryption'))->registerRoutes($this, array('routes' => array( +(new Application())->registerRoutes($this, array('routes' => array( [ - 'name' => 'recovery#adminRecovery', + 'name' => 'Recovery#adminRecovery', 'url' => '/ajax/adminRecovery', 'verb' => 'POST' ], [ - 'name' => 'recovery#userRecovery', + 'name' => 'Recovery#userRecovery', 'url' => '/ajax/userRecovery', 'verb' => 'POST' ] diff --git a/apps/encryption/js/settings-admin.js b/apps/encryption/js/settings-admin.js index 2242c1f712..e5d3bebb20 100644 --- a/apps/encryption/js/settings-admin.js +++ b/apps/encryption/js/settings-admin.js @@ -17,7 +17,7 @@ $(document).ready(function(){ var confirmPassword = $( '#repeatEncryptionRecoveryPassword' ).val(); OC.msg.startSaving('#encryptionSetRecoveryKey .msg'); $.post( - OC.filePath( 'files_encryption', 'ajax', 'adminrecovery.php' ) + OC.generateUrl('/apps/encryption/ajax/adminRecovery') , { adminEnableRecovery: recoveryStatus, recoveryPassword: recoveryPassword, confirmPassword: confirmPassword } , function( result ) { OC.msg.finishedSaving('#encryptionSetRecoveryKey .msg', result); @@ -44,7 +44,7 @@ $(document).ready(function(){ var confirmNewPassword = $('#repeatedNewEncryptionRecoveryPassword').val(); OC.msg.startSaving('#encryptionChangeRecoveryKey .msg'); $.post( - OC.filePath( 'files_encryption', 'ajax', 'changeRecoveryPassword.php' ) + OC.filePath( 'encryption', 'ajax', 'changeRecoveryPassword.php' ) , { oldPassword: oldRecoveryPassword, newPassword: newRecoveryPassword, confirmPassword: confirmNewPassword } , function( data ) { OC.msg.finishedSaving('#encryptionChangeRecoveryKey .msg', data); diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index b3961c8566..68fb722c5e 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -193,7 +193,7 @@ class KeyManager { if ($encryptedKey) { $this->setPrivateKey($uid, $encryptedKey); - $this->config->setAppValue('encryption', 'recoveryAdminEnabled', 1); + $this->config->setAppValue('encryption', 'recoveryAdminEnabled', 0); return true; } return false; diff --git a/apps/encryption/settings/settings-admin.php b/apps/encryption/settings/settings-admin.php index 813956aa0a..a34d30d1de 100644 --- a/apps/encryption/settings/settings-admin.php +++ b/apps/encryption/settings/settings-admin.php @@ -18,7 +18,4 @@ $recoveryAdminEnabled = \OC::$server->getConfig()->getAppValue('encryption', 're $tmpl->assign('recoveryEnabled', $recoveryAdminEnabled); $tmpl->assign('initStatus', KeyManager::$session->get('initStatus')); -\OCP\Util::addscript('files_encryption', 'settings-admin'); -\OCP\Util::addscript('core', 'multiselect'); - return $tmpl->fetchPage(); diff --git a/apps/encryption/templates/settings-admin.php b/apps/encryption/templates/settings-admin.php index 252701e9ed..616c593f6f 100644 --- a/apps/encryption/templates/settings-admin.php +++ b/apps/encryption/templates/settings-admin.php @@ -1,6 +1,8 @@

t('ownCloud basic encryption module')); ?>

diff --git a/lib/private/encryption/manager.php b/lib/private/encryption/manager.php index fa50d32218..7cd49d1c0e 100644 --- a/lib/private/encryption/manager.php +++ b/lib/private/encryption/manager.php @@ -66,12 +66,15 @@ class Manager implements \OCP\Encryption\IManager { public function registerEncryptionModule(IEncryptionModule $module) { $id = $module->getId(); $name = $module->getDisplayName(); + + // FIXME why do we load the same encryption module multiple times + /* if (isset($this->encryptionModules[$id])) { $message = 'Id "' . $id . '" already used by encryption module "' . $name . '"'; throw new Exceptions\ModuleAlreadyExistsException($message); } - +*/ $defaultEncryptionModuleId = $this->getDefaultEncryptionModuleId(); if (empty($defaultEncryptionModuleId)) { diff --git a/lib/public/iservercontainer.php b/lib/public/iservercontainer.php index d7df884adf..2db1fc3249 100644 --- a/lib/public/iservercontainer.php +++ b/lib/public/iservercontainer.php @@ -172,6 +172,18 @@ interface IServerContainer { */ function getL10N($app, $lang = null); + /** + * @return \OC\Encryption\Manager + */ + function getEncryptionManager(); + + /** + * @param string $encryptionModuleId encryption module ID + * + * @return \OCP\Encryption\Keys\IStorage + */ + function getEncryptionKeyStorage($encryptionModuleId); + /** * Returns the URL generator * From 3e6eb28ee39d366bccfb8a1c96839f4b05c9da6e Mon Sep 17 00:00:00 2001 From: jknockaert Date: Mon, 30 Mar 2015 12:21:59 +0200 Subject: [PATCH 028/119] Applying diff as of https://github.com/owncloud/core/pull/15303 --- lib/private/files/stream/encryption.php | 70 ++++++++++++++++--------- 1 file changed, 46 insertions(+), 24 deletions(-) diff --git a/lib/private/files/stream/encryption.php b/lib/private/files/stream/encryption.php index ddef9067ba..0cefa53ad8 100644 --- a/lib/private/files/stream/encryption.php +++ b/lib/private/files/stream/encryption.php @@ -43,6 +43,9 @@ class Encryption extends Wrapper { /** @var string */ protected $internalPath; + /** @var string */ + protected $cache; + /** @var integer */ protected $size; @@ -79,6 +82,9 @@ class Encryption extends Wrapper { /** @var bool */ protected $readOnly; + /** @var bool */ + protected $writeFlag; + /** @var array */ protected $expectedContextProperties; @@ -235,18 +241,18 @@ class Encryption extends Wrapper { while ($count > 0) { $remainingLength = $count; // update the cache of the current block - $data = parent::stream_read($this->util->getBlockSize()); - $decrypted = $this->encryptionModule->decrypt($data); + $this->readCache(); // determine the relative position in the current block $blockPosition = ($this->position % $this->unencryptedBlockSize); // if entire read inside current block then only position needs to be updated if ($remainingLength < ($this->unencryptedBlockSize - $blockPosition)) { - $result .= substr($decrypted, $blockPosition, $remainingLength); + $result .= substr($this->cache, $blockPosition, $remainingLength); $this->position += $remainingLength; $count = 0; // otherwise remainder of current block is fetched, the block is flushed and the position updated } else { - $result .= substr($decrypted, $blockPosition); + $result .= substr($this->cache, $blockPosition); + $this->flush(); $this->position += ($this->unencryptedBlockSize - $blockPosition); $count -= ($this->unencryptedBlockSize - $blockPosition); } @@ -266,9 +272,8 @@ class Encryption extends Wrapper { while (strlen($data) > 0) { $remainingLength = strlen($data); - // read current block - $currentBlock = parent::stream_read($this->util->getBlockSize()); - $decrypted = $this->encryptionModule->decrypt($currentBlock, $this->uid); + // set the cache to the current 6126 block + $this->readCache(); // for seekable streams the pointer is moved back to the beginning of the encrypted block // flush will start writing there when the position moves to another block @@ -277,7 +282,10 @@ class Encryption extends Wrapper { $resultFseek = parent::stream_seek($positionInFile); // only allow writes on seekable streams, or at the end of the encrypted stream - if ($resultFseek || $positionInFile === $this->size) { + if (!($this->readOnly) && ($resultFseek || $positionInFile === $this->size)) { + + // switch the writeFlag so flush() will write the block + $this->writeFlag=true; // determine the relative position in the current block $blockPosition = ($this->position % $this->unencryptedBlockSize); @@ -285,28 +293,22 @@ class Encryption extends Wrapper { // if so, overwrite existing data (if any) // update position and liberate $data if ($remainingLength < ($this->unencryptedBlockSize - $blockPosition)) { - $decrypted = substr($decrypted, 0, $blockPosition) - . $data . substr($decrypted, $blockPosition + $remainingLength); - $encrypted = $this->encryptionModule->encrypt($decrypted); - parent::stream_write($encrypted); + $this->cache = substr($this->cache, 0, $blockPosition) + . $data . substr($this->cache, $blockPosition + $remainingLength); $this->position += $remainingLength; $length += $remainingLength; $data = ''; // if $data doens't fit the current block, the fill the current block and reiterate // after the block is filled, it is flushed and $data is updatedxxx } else { - $decrypted = substr($decrypted, 0, $blockPosition) . + $this->cache = substr($this->cache, 0, $blockPosition) . substr($data, 0, $this->unencryptedBlockSize - $blockPosition); - $encrypted = $this->encryptionModule->encrypt($decrypted); - parent::stream_write($encrypted); + $this->flush(); $this->position += ($this->unencryptedBlockSize - $blockPosition); - $this->size = max($this->size, $this->stream_tell()); $length += ($this->unencryptedBlockSize - $blockPosition); $data = substr($data, $this->unencryptedBlockSize - $blockPosition); } } else { - $encrypted = $this->encryptionModule->encrypt($data); - parent::stream_write($encrypted); $data = ''; } } @@ -346,6 +348,7 @@ class Encryption extends Wrapper { * $this->util->getBlockSize() + $this->util->getHeaderSize(); if (parent::stream_seek($newFilePosition)) { + $this->flush(); $this->position = $newPosition; $return = true; } @@ -359,18 +362,37 @@ class Encryption extends Wrapper { } /** - * tell encryption module that we are done and write remaining data to the file + * write block to file */ protected function flush() { - $remainingData = $this->encryptionModule->end($this->fullPath); - if ($this->readOnly === false) { - if(!empty($remainingData)) { - parent::stream_write($remainingData); - } + // write to disk only when writeFlag was set to 1 + if ($this->writeFlag) { + // Disable the file proxies so that encryption is not + // automatically attempted when the file is written to disk - + // we are handling that separately here and we don't want to + // get into an infinite loop + $encrypted = $this->encryptionModule->encrypt($this->cache); + parent::stream_write($encrypted); + $this->writeFlag = false; $this->encryptionStorage->updateUnencryptedSize($this->fullPath, $this->unencryptedSize); + $this->size = max($this->size,parent::stream_tell()); } + // always empty the cache (otherwise readCache() will not fill it with the new block) + $this->cache = ''; } + /** + * read block to file + */ + protected function readCache() { + // cache should always be empty string when this function is called + // don't try to fill the cache when trying to write at the end of the unencrypted file when it coincides with new block + if ($this->cache === '' && !($this->position===$this->unencryptedSize && ($this->position % $this->unencryptedBlockSize)===0)) { + // Get the data from the file handle + $data = parent::stream_read($this->util->getBlockSize()); + $this->cache = $this->encryptionModule->decrypt($data); + } + } /** * write header at beginning of encrypted file From a905f641b3e619838c945caa29a1604f5b3ab8ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 30 Mar 2015 13:23:10 +0200 Subject: [PATCH 029/119] various fixes & start to unit test the encryption storage wrapper --- apps/encryption_dummy/lib/dummymodule.php | 28 ++++++----- .../encryptionheaderkeyexistsexception.php | 6 ++- lib/private/encryption/util.php | 33 ++++++------ .../files/storage/wrapper/encryption.php | 6 ++- .../lib/files/storage/wrapper/encryption.php | 50 +++++++++++++++++++ tests/lib/files/storage/wrapper/jail.php | 4 -- 6 files changed, 91 insertions(+), 36 deletions(-) create mode 100644 tests/lib/files/storage/wrapper/encryption.php diff --git a/apps/encryption_dummy/lib/dummymodule.php b/apps/encryption_dummy/lib/dummymodule.php index 8ca9cd4f9a..55e8f26af9 100644 --- a/apps/encryption_dummy/lib/dummymodule.php +++ b/apps/encryption_dummy/lib/dummymodule.php @@ -23,7 +23,9 @@ namespace OCA\Encryption_Dummy; -class DummyModule implements \OCP\Encryption\IEncryptionModule { +use OCP\Encryption\IEncryptionModule; + +class DummyModule implements IEncryptionModule { /** @var boolean */ protected $isWriteOperation; @@ -103,17 +105,6 @@ class DummyModule implements \OCP\Encryption\IEncryptionModule { return $data; } - /** - * update encrypted file, e.g. give additional users access to the file - * - * @param string $path path to the file which should be updated - * @param array $accessList who has access to the file contains the key 'users' and 'public' - * @return boolean - */ - public function update($path, $accessList) { - return true; - } - /** * should the file be encrypted or not * @@ -142,4 +133,15 @@ class DummyModule implements \OCP\Encryption\IEncryptionModule { return 6126; } -} \ No newline at end of file + /** + * update encrypted file, e.g. give additional users access to the file + * + * @param string $path path to the file which should be updated + * @param string $uid of the user who performs the operation + * @param array $accessList who has access to the file contains the key 'users' and 'public' + * @return boolean + */ + public function update($path, $uid, $accessList) { + return true; + } +} diff --git a/lib/private/encryption/exceptions/encryptionheaderkeyexistsexception.php b/lib/private/encryption/exceptions/encryptionheaderkeyexistsexception.php index d401f0323b..23103b90c4 100644 --- a/lib/private/encryption/exceptions/encryptionheaderkeyexistsexception.php +++ b/lib/private/encryption/exceptions/encryptionheaderkeyexistsexception.php @@ -26,4 +26,8 @@ namespace OC\Encryption\Exceptions; class EncryptionHeaderKeyExistsException extends \Exception { -} \ No newline at end of file +} + +class EncryptionHeaderToLargeException extends \Exception { + +} diff --git a/lib/private/encryption/util.php b/lib/private/encryption/util.php index d983c92781..1308d27c92 100644 --- a/lib/private/encryption/util.php +++ b/lib/private/encryption/util.php @@ -23,8 +23,9 @@ namespace OC\Encryption; -use OC\Encryption\Exceptions\EncryptionHeaderToLargeException; use OC\Encryption\Exceptions\EncryptionHeaderKeyExistsException; +use OC\Encryption\Exceptions\EncryptionHeaderToLargeException; +use OC\Files\View; use OCP\Encryption\IEncryptionModule; use OCP\IConfig; @@ -50,13 +51,13 @@ class Util { */ protected $blockSize = 8192; - /** @var \OC\Files\View */ + /** @var View */ protected $view; /** @var array */ protected $ocHeaderKeys; - /** @var \OC\User\Manager */ + /** @var Manager */ protected $userManager; /** @var IConfig */ @@ -93,7 +94,7 @@ class Util { * @param array $header * @return string */ - public function getEncryptionModuleId(array $header) { + public function getEncryptionModuleId(array $header = null) { $id = ''; $encryptionModuleKey = self::HEADER_ENCRYPTION_MODULE_KEY; @@ -153,7 +154,7 @@ class Util { $header .= self::HEADER_END; if (strlen($header) > $this->getHeaderSize()) { - throw new EncryptionHeaderToLargeException('max header size exceeded', EncryptionException::ENCRYPTION_HEADER_TO_LARGE); + throw new EncryptionHeaderToLargeException('max header size exceeded'); } $paddedHeader = str_pad($header, $this->headerSize, self::HEADER_PADDING_CHAR, STR_PAD_RIGHT); @@ -208,7 +209,7 @@ class Util { * go recursively through a dir and collect all files and sub files. * * @param string $dir relative to the users files folder - * @param strinf $mountPoint + * @param string $mountPoint * @return array with list of files relative to the users files folder */ public function getAllFiles($dir, $mountPoint = '') { @@ -285,19 +286,19 @@ class Util { throw new \BadMethodCallException('path needs to be relative to the system wide data folder and point to a user specific file'); } - $pathinfo = pathinfo($path); - $partfile = false; + $pathInfo = pathinfo($path); + $partFile = false; $parentFolder = false; - if (array_key_exists('extension', $pathinfo) && $pathinfo['extension'] === 'part') { + if (array_key_exists('extension', $pathInfo) && $pathInfo['extension'] === 'part') { // if the real file exists we check this file - $filePath = $pathinfo['dirname'] . '/' . $pathinfo['filename']; + $filePath = $pathInfo['dirname'] . '/' . $pathInfo['filename']; if ($this->view->file_exists($filePath)) { - $pathToCheck = $pathinfo['dirname'] . '/' . $pathinfo['filename']; + $pathToCheck = $pathInfo['dirname'] . '/' . $pathInfo['filename']; } else { // otherwise we look for the parent - $pathToCheck = $pathinfo['dirname']; + $pathToCheck = $pathInfo['dirname']; $parentFolder = true; } - $partfile = true; + $partFile = true; } else { $pathToCheck = $path; } @@ -320,11 +321,11 @@ class Util { $this->view->chroot('/'); if ($parentFolder) { - $ownerPath = $ownerPath . '/'. $pathinfo['filename']; + $ownerPath = $ownerPath . '/'. $pathInfo['filename']; } - if ($partfile) { - $ownerPath = $ownerPath . '.' . $pathinfo['extension']; + if ($partFile) { + $ownerPath = $ownerPath . '.' . $pathInfo['extension']; } return array( diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php index 0e70c99c8d..a9e65a0014 100644 --- a/lib/private/files/storage/wrapper/encryption.php +++ b/lib/private/files/storage/wrapper/encryption.php @@ -295,7 +295,9 @@ class Encryption extends Wrapper { * read encryption module needed to read/write the file located at $path * * @param string $path - * @return \OCP\Encryption\IEncryptionModule|null + * @return null|\OCP\Encryption\IEncryptionModule + * @throws ModuleDoesNotExistsException + * @throws \Exception */ protected function getEncryptionModule($path) { $encryptionModule = null; @@ -305,7 +307,7 @@ class Encryption extends Wrapper { try { $encryptionModule = $this->encryptionManager->getEncryptionModule($encryptionModuleId); } catch (ModuleDoesNotExistsException $e) { - $this->logger->critical('Encryption module defined in "' . $path . '" mot loaded!'); + $this->logger->critical('Encryption module defined in "' . $path . '" not loaded!'); throw $e; } } diff --git a/tests/lib/files/storage/wrapper/encryption.php b/tests/lib/files/storage/wrapper/encryption.php new file mode 100644 index 0000000000..b8d4e962c5 --- /dev/null +++ b/tests/lib/files/storage/wrapper/encryption.php @@ -0,0 +1,50 @@ +getMockBuilder('\OC\Encryption\Manager') + ->disableOriginalConstructor() + ->setMethods(['getDefaultEncryptionModule', 'getEncryptionModule']) + ->getMock(); + $encryptionManager->expects($this->any()) + ->method('getDefaultEncryptionModule') + ->willReturn(new DummyModule()); + + $util = new \OC\Encryption\Util(new View(), new \OC\User\Manager()); + + $logger = $this->getMock('\OC\Log'); + + $this->sourceStorage = new \OC\Files\Storage\Temporary(array()); + $this->instance = new \OC\Files\Storage\Wrapper\Encryption([ + 'storage' => $this->sourceStorage, + 'root' => 'foo', + 'mountPoint' => '/' + ], + $encryptionManager, $util, $logger + ); + } + +// public function testMkDirRooted() { +// $this->instance->mkdir('bar'); +// $this->assertTrue($this->sourceStorage->is_dir('foo/bar')); +// } +// +// public function testFilePutContentsRooted() { +// $this->instance->file_put_contents('bar', 'asd'); +// $this->assertEquals('asd', $this->sourceStorage->file_get_contents('foo/bar')); +// } +} diff --git a/tests/lib/files/storage/wrapper/jail.php b/tests/lib/files/storage/wrapper/jail.php index 270ce750ec..a7bd684df4 100644 --- a/tests/lib/files/storage/wrapper/jail.php +++ b/tests/lib/files/storage/wrapper/jail.php @@ -9,10 +9,6 @@ namespace Test\Files\Storage\Wrapper; class Jail extends \Test\Files\Storage\Storage { - /** - * @var string tmpDir - */ - private $tmpDir; /** * @var \OC\Files\Storage\Temporary From 498625ea3a9c5ad44597d39a8c4e1b1cdfe57929 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 30 Mar 2015 13:59:48 +0200 Subject: [PATCH 030/119] adding unit tests for stream wrapper --- lib/private/files/stream/encryption.php | 31 +++++++++++-------- tests/lib/files/stream/encryption.php | 41 +++++++++++++++++++++++++ 2 files changed, 59 insertions(+), 13 deletions(-) create mode 100644 tests/lib/files/stream/encryption.php diff --git a/lib/private/files/stream/encryption.php b/lib/private/files/stream/encryption.php index 0cefa53ad8..bd90f00825 100644 --- a/lib/private/files/stream/encryption.php +++ b/lib/private/files/stream/encryption.php @@ -75,7 +75,7 @@ class Encryption extends Wrapper { /** * user who perform the read/write operation null for public access * - * @var string + * @var string */ protected $uid; @@ -112,10 +112,10 @@ class Encryption extends Wrapper { * @param string $internalPath relative to mount point * @param string $fullPath relative to data/ * @param array $header - * @param sting $uid + * @param string $uid * @param \OCP\Encryption\IEncryptionModule $encryptionModule * @param \OC\Files\Storage\Storage $storage - * @param OC\Files\Storage\Wrapper\Encryption $encStorage + * @param \OC\Files\Storage\Wrapper\Encryption $encStorage * @param \OC\Encryption\Util $util * @param string $mode * @param int $size @@ -125,9 +125,14 @@ class Encryption extends Wrapper { * @throws \BadMethodCallException */ public static function wrap($source, $internalPath, $fullPath, array $header, - $uid, \OCP\Encryption\IEncryptionModule $encryptionModule, - \OC\Files\Storage\Storage $storage, \OC\Files\Storage\Wrapper\Encryption $encStorage, - \OC\Encryption\Util $util, $mode, $size, $unencryptedSize) { + $uid, + \OCP\Encryption\IEncryptionModule $encryptionModule, + \OC\Files\Storage\Storage $storage, + \OC\Files\Storage\Wrapper\Encryption $encStorage, + \OC\Encryption\Util $util, + $mode, + $size, + $unencryptedSize) { $context = stream_context_create(array( 'ocencryption' => array( @@ -249,7 +254,7 @@ class Encryption extends Wrapper { $result .= substr($this->cache, $blockPosition, $remainingLength); $this->position += $remainingLength; $count = 0; - // otherwise remainder of current block is fetched, the block is flushed and the position updated + // otherwise remainder of current block is fetched, the block is flushed and the position updated } else { $result .= substr($this->cache, $blockPosition); $this->flush(); @@ -285,7 +290,7 @@ class Encryption extends Wrapper { if (!($this->readOnly) && ($resultFseek || $positionInFile === $this->size)) { // switch the writeFlag so flush() will write the block - $this->writeFlag=true; + $this->writeFlag = true; // determine the relative position in the current block $blockPosition = ($this->position % $this->unencryptedBlockSize); @@ -298,8 +303,8 @@ class Encryption extends Wrapper { $this->position += $remainingLength; $length += $remainingLength; $data = ''; - // if $data doens't fit the current block, the fill the current block and reiterate - // after the block is filled, it is flushed and $data is updatedxxx + // if $data doesn't fit the current block, the fill the current block and reiterate + // after the block is filled, it is flushed and $data is updatedxxx } else { $this->cache = substr($this->cache, 0, $blockPosition) . substr($data, 0, $this->unencryptedBlockSize - $blockPosition); @@ -358,6 +363,7 @@ class Encryption extends Wrapper { public function stream_close() { $this->flush(); + $this->encryptionStorage->updateUnencryptedSize($this->fullPath, $this->unencryptedSize); return parent::stream_close(); } @@ -374,8 +380,7 @@ class Encryption extends Wrapper { $encrypted = $this->encryptionModule->encrypt($this->cache); parent::stream_write($encrypted); $this->writeFlag = false; - $this->encryptionStorage->updateUnencryptedSize($this->fullPath, $this->unencryptedSize); - $this->size = max($this->size,parent::stream_tell()); + $this->size = max($this->size, parent::stream_tell()); } // always empty the cache (otherwise readCache() will not fill it with the new block) $this->cache = ''; @@ -387,7 +392,7 @@ class Encryption extends Wrapper { protected function readCache() { // cache should always be empty string when this function is called // don't try to fill the cache when trying to write at the end of the unencrypted file when it coincides with new block - if ($this->cache === '' && !($this->position===$this->unencryptedSize && ($this->position % $this->unencryptedBlockSize)===0)) { + if ($this->cache === '' && !($this->position === $this->unencryptedSize && ($this->position % $this->unencryptedBlockSize) === 0)) { // Get the data from the file handle $data = parent::stream_read($this->util->getBlockSize()); $this->cache = $this->encryptionModule->decrypt($data); diff --git a/tests/lib/files/stream/encryption.php b/tests/lib/files/stream/encryption.php new file mode 100644 index 0000000000..51ccc3de39 --- /dev/null +++ b/tests/lib/files/stream/encryption.php @@ -0,0 +1,41 @@ +getMockBuilder('\OC\Files\Storage\Storage') + ->disableOriginalConstructor()->getMock(); + $encStorage = $this->getMockBuilder('\OC\Files\Storage\Wrapper\Encryption') + ->disableOriginalConstructor()->getMock(); + $util = new \OC\Encryption\Util(new View(), new \OC\User\Manager());; + $size = 12; + $unencryptedSize = 8000; + + return \OC\Files\Stream\Encryption::wrap($source, $internalPath, + $fullPath, $header, $uid, $encryptionModule, $storage, $encStorage, + $util, $mode, $size, $unencryptedSize); + } + + public function testWriteEnoughSpace() { + $stream = $this->getStream('w+'); + $this->assertEquals(6, fwrite($stream, 'foobar')); + rewind($stream); + $this->assertEquals('foobar', fread($stream, 100)); + } +} From 0c48b069ba6cabe16522b72ac276ab266a326e9e Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 30 Mar 2015 16:07:41 +0200 Subject: [PATCH 031/119] call end() before closing the file --- lib/private/files/stream/encryption.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/private/files/stream/encryption.php b/lib/private/files/stream/encryption.php index bd90f00825..40cbc1c141 100644 --- a/lib/private/files/stream/encryption.php +++ b/lib/private/files/stream/encryption.php @@ -363,7 +363,13 @@ class Encryption extends Wrapper { public function stream_close() { $this->flush(); - $this->encryptionStorage->updateUnencryptedSize($this->fullPath, $this->unencryptedSize); + $remainingData = $this->encryptionModule->end($this->fullPath); + if ($this->readOnly === false) { + if(!empty($remainingData)) { + parent::stream_write($remainingData); + } + $this->encryptionStorage->updateUnencryptedSize($this->fullPath, $this->unencryptedSize); + } return parent::stream_close(); } From 90487384f77d916ab2dbe495b46bdf5182fb875a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 30 Mar 2015 16:24:03 +0200 Subject: [PATCH 032/119] initializing some variables --- lib/private/files/stream/encryption.php | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/private/files/stream/encryption.php b/lib/private/files/stream/encryption.php index 40cbc1c141..62b2ad9d9a 100644 --- a/lib/private/files/stream/encryption.php +++ b/lib/private/files/stream/encryption.php @@ -270,6 +270,7 @@ class Encryption extends Wrapper { if ($this->position === 0) { $this->writeHeader(); + $this->size+=$this->util->getBlockSize(); } $length = 0; From 4441835d189d037a021ba9a11fd96cf55ba2db3f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 30 Mar 2015 13:36:56 +0200 Subject: [PATCH 033/119] https://github.com/owncloud/core/pull/15305#discussion_r27382305 Conflicts: lib/private/files/stream/encryption.php --- lib/private/files/stream/encryption.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/private/files/stream/encryption.php b/lib/private/files/stream/encryption.php index 62b2ad9d9a..3e8c3a912d 100644 --- a/lib/private/files/stream/encryption.php +++ b/lib/private/files/stream/encryption.php @@ -205,6 +205,8 @@ class Encryption extends Wrapper { $this->loadContext('ocencryption'); $this->position = 0; + $this->cache = ''; + $this->writeFlag = false; $this->unencryptedBlockSize = $this->encryptionModule->getUnencryptedBlockSize(); if ( From d185761d31f4845e9bf39dbbe0c61d199689deb7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 30 Mar 2015 17:13:42 +0200 Subject: [PATCH 034/119] initializing some variables + update size after writing the headers --- lib/private/files/stream/encryption.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/private/files/stream/encryption.php b/lib/private/files/stream/encryption.php index 3e8c3a912d..df74eeff89 100644 --- a/lib/private/files/stream/encryption.php +++ b/lib/private/files/stream/encryption.php @@ -271,8 +271,7 @@ class Encryption extends Wrapper { public function stream_write($data) { if ($this->position === 0) { - $this->writeHeader(); - $this->size+=$this->util->getBlockSize(); + $this->size+=$this->writeHeader(); } $length = 0; @@ -411,11 +410,12 @@ class Encryption extends Wrapper { /** * write header at beginning of encrypted file * + * @return integer * @throws EncryptionHeaderKeyExistsException if header key is already in use */ private function writeHeader() { $header = $this->util->createHeader($this->newHeader, $this->encryptionModule); - parent::stream_write($header); + return parent::stream_write($header); } } From 0eee3a2618235bcb59ce1bcb98526a7592de4578 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 30 Mar 2015 17:29:05 +0200 Subject: [PATCH 035/119] remove unencrypted_size from the cache, size will contain the unencrypted size --- apps/files_sharing/lib/cache.php | 9 ++---- apps/files_sharing/lib/share/file.php | 7 +---- lib/private/files/cache/cache.php | 29 +++++-------------- lib/private/files/cache/homecache.php | 14 ++------- lib/private/files/fileinfo.php | 7 ----- .../files/storage/wrapper/encryption.php | 18 ++---------- lib/private/files/storage/wrapper/quota.php | 5 ---- lib/private/files/stream/encryption.php | 3 +- lib/private/share/share.php | 2 +- tests/lib/files/cache/cache.php | 7 ++--- tests/lib/files/storage/wrapper/quota.php | 6 ++-- 11 files changed, 25 insertions(+), 82 deletions(-) diff --git a/apps/files_sharing/lib/cache.php b/apps/files_sharing/lib/cache.php index 69b8f62939..e9b2addea3 100644 --- a/apps/files_sharing/lib/cache.php +++ b/apps/files_sharing/lib/cache.php @@ -122,7 +122,7 @@ class Shared_Cache extends Cache { } $query = \OC_DB::prepare( 'SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`,' - . ' `size`, `mtime`, `encrypted`, `unencrypted_size`, `storage_mtime`, `etag`, `permissions`' + . ' `size`, `mtime`, `encrypted`, `storage_mtime`, `etag`, `permissions`' . ' FROM `*PREFIX*filecache` WHERE `fileid` = ?'); $result = $query->execute(array($sourceId)); $data = $result->fetchRow(); @@ -135,12 +135,7 @@ class Shared_Cache extends Cache { if ($data['storage_mtime'] === 0) { $data['storage_mtime'] = $data['mtime']; } - if ($data['encrypted'] or ($data['unencrypted_size'] > 0 and $data['mimetype'] === 'httpd/unix-directory')) { - $data['encrypted_size'] = (int)$data['size']; - $data['size'] = (int)$data['unencrypted_size']; - } else { - $data['size'] = (int)$data['size']; - } + $data['size'] = (int)$data['size']; $data['permissions'] = (int)$data['permissions']; if (!is_int($file) || $file === 0) { $data['path'] = ''; diff --git a/apps/files_sharing/lib/share/file.php b/apps/files_sharing/lib/share/file.php index 22d6f29ff9..1822c2468f 100644 --- a/apps/files_sharing/lib/share/file.php +++ b/apps/files_sharing/lib/share/file.php @@ -128,12 +128,7 @@ class OC_Share_Backend_File implements OCP\Share_Backend_File_Dependent { $storage = \OC\Files\Filesystem::getStorage('/'); $cache = $storage->getCache(); - if ($item['encrypted'] or ($item['unencrypted_size'] > 0 and $cache->getMimetype($item['mimetype']) === 'httpd/unix-directory')) { - $file['size'] = $item['unencrypted_size']; - $file['encrypted_size'] = $item['size']; - } else { - $file['size'] = $item['size']; - } + $file['size'] = $item['size']; $files[] = $file; } return $files; diff --git a/lib/private/files/cache/cache.php b/lib/private/files/cache/cache.php index 9a785d071f..c5e118946e 100644 --- a/lib/private/files/cache/cache.php +++ b/lib/private/files/cache/cache.php @@ -152,7 +152,7 @@ class Cache { $params = array($file); } $sql = 'SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, - `storage_mtime`, `encrypted`, `unencrypted_size`, `etag`, `permissions` + `storage_mtime`, `encrypted`, `etag`, `permissions` FROM `*PREFIX*filecache` ' . $where; $result = \OC_DB::executeAudited($sql, $params); $data = $result->fetchRow(); @@ -175,7 +175,6 @@ class Cache { $data['mtime'] = (int)$data['mtime']; $data['storage_mtime'] = (int)$data['storage_mtime']; $data['encrypted'] = (bool)$data['encrypted']; - $data['unencrypted_size'] = 0 + $data['unencrypted_size']; $data['storage'] = $this->storageId; $data['mimetype'] = $this->getMimetype($data['mimetype']); $data['mimepart'] = $this->getMimetype($data['mimepart']); @@ -208,7 +207,7 @@ class Cache { public function getFolderContentsById($fileId) { if ($fileId > -1) { $sql = 'SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, - `storage_mtime`, `encrypted`, `unencrypted_size`, `etag`, `permissions` + `storage_mtime`, `encrypted`, `etag`, `permissions` FROM `*PREFIX*filecache` WHERE `parent` = ? ORDER BY `name` ASC'; $result = \OC_DB::executeAudited($sql, array($fileId)); $files = $result->fetchAll(); @@ -218,10 +217,6 @@ class Cache { if ($file['storage_mtime'] == 0) { $file['storage_mtime'] = $file['mtime']; } - if ($file['encrypted'] or ($file['unencrypted_size'] > 0 and $file['mimetype'] === 'httpd/unix-directory')) { - $file['encrypted_size'] = $file['size']; - $file['size'] = $file['unencrypted_size']; - } $file['permissions'] = (int)$file['permissions']; $file['mtime'] = (int)$file['mtime']; $file['storage_mtime'] = (int)$file['storage_mtime']; @@ -325,7 +320,7 @@ class Cache { */ function buildParts(array $data) { $fields = array( - 'path', 'parent', 'name', 'mimetype', 'size', 'mtime', 'storage_mtime', 'encrypted', 'unencrypted_size', + 'path', 'parent', 'name', 'mimetype', 'size', 'mtime', 'storage_mtime', 'encrypted', 'etag', 'permissions'); $params = array(); $queryParts = array(); @@ -521,7 +516,7 @@ class Cache { $sql = ' SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, `encrypted`, - `unencrypted_size`, `etag`, `permissions` + `etag`, `permissions` FROM `*PREFIX*filecache` WHERE `storage` = ? AND `name` ILIKE ?'; $result = \OC_DB::executeAudited($sql, @@ -549,7 +544,7 @@ class Cache { } else { $where = '`mimepart` = ?'; } - $sql = 'SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, `encrypted`, `unencrypted_size`, `etag`, `permissions` + $sql = 'SELECT `fileid`, `storage`, `path`, `parent`, `name`, `mimetype`, `mimepart`, `size`, `mtime`, `encrypted`, `etag`, `permissions` FROM `*PREFIX*filecache` WHERE ' . $where . ' AND `storage` = ?'; $mimetype = $this->getMimetypeId($mimetype); $result = \OC_DB::executeAudited($sql, array($mimetype, $this->getNumericStorageId())); @@ -574,7 +569,7 @@ class Cache { public function searchByTag($tag, $userId) { $sql = 'SELECT `fileid`, `storage`, `path`, `parent`, `name`, ' . '`mimetype`, `mimepart`, `size`, `mtime`, ' . - '`encrypted`, `unencrypted_size`, `etag`, `permissions` ' . + '`encrypted`, `etag`, `permissions` ' . 'FROM `*PREFIX*filecache` `file`, ' . '`*PREFIX*vcategory_to_object` `tagmap`, ' . '`*PREFIX*vcategory` `tag` ' . @@ -638,17 +633,15 @@ class Cache { } if (isset($entry['mimetype']) && $entry['mimetype'] === 'httpd/unix-directory') { $id = $entry['fileid']; - $sql = 'SELECT SUM(`size`) AS f1, MIN(`size`) AS f2, ' . - 'SUM(`unencrypted_size`) AS f3 ' . + $sql = 'SELECT SUM(`size`) AS f1, MIN(`size`) AS f2 ' . 'FROM `*PREFIX*filecache` ' . 'WHERE `parent` = ? AND `storage` = ?'; $result = \OC_DB::executeAudited($sql, array($id, $this->getNumericStorageId())); if ($row = $result->fetchRow()) { $result->closeCursor(); - list($sum, $min, $unencryptedSum) = array_values($row); + list($sum, $min) = array_values($row); $sum = 0 + $sum; $min = 0 + $min; - $unencryptedSum = 0 + $unencryptedSum; if ($min === -1) { $totalSize = $min; } else { @@ -658,15 +651,9 @@ class Cache { if ($entry['size'] !== $totalSize) { $update['size'] = $totalSize; } - if (!isset($entry['unencrypted_size']) or $entry['unencrypted_size'] !== $unencryptedSum) { - $update['unencrypted_size'] = $unencryptedSum; - } if (count($update) > 0) { $this->update($id, $update); } - if ($totalSize !== -1 and $unencryptedSum > 0) { - $totalSize = $unencryptedSum; - } } else { $result->closeCursor(); } diff --git a/lib/private/files/cache/homecache.php b/lib/private/files/cache/homecache.php index aa075d4122..1b85462d61 100644 --- a/lib/private/files/cache/homecache.php +++ b/lib/private/files/cache/homecache.php @@ -48,26 +48,18 @@ class HomeCache extends Cache { } if ($entry && $entry['mimetype'] === 'httpd/unix-directory') { $id = $entry['fileid']; - $sql = 'SELECT SUM(`size`) AS f1, ' . - 'SUM(`unencrypted_size`) AS f2 FROM `*PREFIX*filecache` ' . + $sql = 'SELECT SUM(`size`) AS f1 ' . + 'FROM `*PREFIX*filecache` ' . 'WHERE `parent` = ? AND `storage` = ? AND `size` >= 0'; $result = \OC_DB::executeAudited($sql, array($id, $this->getNumericStorageId())); if ($row = $result->fetchRow()) { $result->closeCursor(); - list($sum, $unencryptedSum) = array_values($row); + list($sum) = array_values($row); $totalSize = 0 + $sum; - $unencryptedSize = 0 + $unencryptedSum; $entry['size'] += 0; - if (!isset($entry['unencrypted_size'])) { - $entry['unencrypted_size'] = 0; - } - $entry['unencrypted_size'] += 0; if ($entry['size'] !== $totalSize) { $this->update($id, array('size' => $totalSize)); } - if ($entry['unencrypted_size'] !== $unencryptedSize) { - $this->update($id, array('unencrypted_size' => $unencryptedSize)); - } } } return $totalSize; diff --git a/lib/private/files/fileinfo.php b/lib/private/files/fileinfo.php index 03aad56e10..82c8f3de69 100644 --- a/lib/private/files/fileinfo.php +++ b/lib/private/files/fileinfo.php @@ -167,13 +167,6 @@ class FileInfo implements \OCP\Files\FileInfo, \ArrayAccess { return $this->data['encrypted']; } - /** - * @return int - */ - public function getUnencryptedSize() { - return isset($this->data['unencrypted_size']) ? $this->data['unencrypted_size'] : 0; - } - /** * @return int */ diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php index a9e65a0014..8892194f32 100644 --- a/lib/private/files/storage/wrapper/encryption.php +++ b/lib/private/files/storage/wrapper/encryption.php @@ -77,27 +77,15 @@ class Encryption extends Wrapper { * @return int */ public function filesize($path) { - $size = 0; $fullPath = $this->getFullPath($path); - - $encryptedSize = $this->storage->filesize($path); + $size = $this->storage->filesize($path); $info = $this->getCache()->get($path); - if($encryptedSize > 0 && $info['encrypted']) { - $size = $info['unencrypted_size']; - if ($size <= 0) { - $encryptionModule = $this->getEncryptionModule($path); - if ($encryptionModule) { - $size = $encryptionModule->calculateUnencryptedSize($fullPath); - $this->getCache()->update($info['fileid'], array('unencrypted_size' => $size)); - } - } - } else if (isset($this->unencryptedSize[$fullPath]) && isset($info['fileid'])) { + if (isset($this->unencryptedSize[$fullPath]) && isset($info['fileid'])) { $size = $this->unencryptedSize[$fullPath]; $info['encrypted'] = true; - $info['unencrypted_size'] = $size; - $info['size'] = $encryptedSize; + $info['size'] = $size; $this->getCache()->put($path, $info); } diff --git a/lib/private/files/storage/wrapper/quota.php b/lib/private/files/storage/wrapper/quota.php index 34bd258994..3c0fda98da 100644 --- a/lib/private/files/storage/wrapper/quota.php +++ b/lib/private/files/storage/wrapper/quota.php @@ -60,11 +60,6 @@ class Quota extends Wrapper { $cache = $this->getCache(); $data = $cache->get($path); if (is_array($data) and isset($data['size'])) { - if (isset($data['unencrypted_size']) - && $data['unencrypted_size'] > 0 - ) { - return $data['unencrypted_size']; - } return $data['size']; } else { return \OCP\Files\FileInfo::SPACE_NOT_COMPUTED; diff --git a/lib/private/files/stream/encryption.php b/lib/private/files/stream/encryption.php index df74eeff89..e3927edff2 100644 --- a/lib/private/files/stream/encryption.php +++ b/lib/private/files/stream/encryption.php @@ -271,7 +271,8 @@ class Encryption extends Wrapper { public function stream_write($data) { if ($this->position === 0) { - $this->size+=$this->writeHeader(); + $this->writeHeader(); + $this->size+=$this->util->getHeaderSize(); } $length = 0; diff --git a/lib/private/share/share.php b/lib/private/share/share.php index 90f3f28f2e..98c612d5eb 100644 --- a/lib/private/share/share.php +++ b/lib/private/share/share.php @@ -2214,7 +2214,7 @@ class Share extends \OC\Share\Constants { $select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `*PREFIX*share`.`parent`, `uid_owner`, ' . '`share_type`, `share_with`, `file_source`, `path`, `file_target`, `stime`, ' . '`*PREFIX*share`.`permissions`, `expiration`, `storage`, `*PREFIX*filecache`.`parent` as `file_parent`, ' - . '`name`, `mtime`, `mimetype`, `mimepart`, `size`, `unencrypted_size`, `encrypted`, `etag`, `mail_send`'; + . '`name`, `mtime`, `mimetype`, `mimepart`, `size`, `encrypted`, `etag`, `mail_send`'; } else { $select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `item_target`,' . '`*PREFIX*share`.`parent`, `share_type`, `share_with`, `uid_owner`,' diff --git a/tests/lib/files/cache/cache.php b/tests/lib/files/cache/cache.php index f0ad6cf3ab..3d7f77cb54 100644 --- a/tests/lib/files/cache/cache.php +++ b/tests/lib/files/cache/cache.php @@ -183,8 +183,8 @@ class Cache extends \Test\TestCase { $file3 = 'folder/foo'; $data1 = array('size' => 100, 'mtime' => 50, 'mimetype' => 'httpd/unix-directory'); $fileData = array(); - $fileData['bar'] = array('size' => 1000, 'unencrypted_size' => 900, 'encrypted' => 1, 'mtime' => 20, 'mimetype' => 'foo/file'); - $fileData['foo'] = array('size' => 20, 'unencrypted_size' => 16, 'encrypted' => 1, 'mtime' => 25, 'mimetype' => 'foo/file'); + $fileData['bar'] = array('size' => 1000, 'encrypted' => 1, 'mtime' => 20, 'mimetype' => 'foo/file'); + $fileData['foo'] = array('size' => 20, 'encrypted' => 1, 'mtime' => 25, 'mimetype' => 'foo/file'); $this->cache->put($file1, $data1); $this->cache->put($file2, $fileData['bar']); @@ -194,8 +194,6 @@ class Cache extends \Test\TestCase { $this->assertEquals(count($content), 2); foreach ($content as $cachedData) { $data = $fileData[$cachedData['name']]; - // indirect retrieval swaps unencrypted_size and size - $this->assertEquals($data['unencrypted_size'], $cachedData['size']); } $file4 = 'folder/unkownSize'; @@ -211,7 +209,6 @@ class Cache extends \Test\TestCase { // direct cache entry retrieval returns the original values $entry = $this->cache->get($file1); $this->assertEquals(1025, $entry['size']); - $this->assertEquals(916, $entry['unencrypted_size']); $this->cache->remove($file2); $this->cache->remove($file3); diff --git a/tests/lib/files/storage/wrapper/quota.php b/tests/lib/files/storage/wrapper/quota.php index 8ca8f308b7..ec2c907ba9 100644 --- a/tests/lib/files/storage/wrapper/quota.php +++ b/tests/lib/files/storage/wrapper/quota.php @@ -59,7 +59,7 @@ class Quota extends \Test\Files\Storage\Storage { public function testFreeSpaceWithUsedSpace() { $instance = $this->getLimitedStorage(9); $instance->getCache()->put( - '', array('size' => 3, 'unencrypted_size' => 0) + '', array('size' => 3) ); $this->assertEquals(6, $instance->free_space('')); } @@ -77,7 +77,7 @@ class Quota extends \Test\Files\Storage\Storage { $instance = new \OC\Files\Storage\Wrapper\Quota(array('storage' => $storage, 'quota' => 9)); $instance->getCache()->put( - '', array('size' => 3, 'unencrypted_size' => 0) + '', array('size' => 3) ); $this->assertEquals(6, $instance->free_space('')); } @@ -85,7 +85,7 @@ class Quota extends \Test\Files\Storage\Storage { public function testFreeSpaceWithUsedSpaceAndEncryption() { $instance = $this->getLimitedStorage(9); $instance->getCache()->put( - '', array('size' => 7, 'unencrypted_size' => 3) + '', array('size' => 7) ); $this->assertEquals(6, $instance->free_space('')); } From e7a68d1c21c52a39ddec59579ab7701dfef82b2a Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 30 Mar 2015 17:29:07 +0200 Subject: [PATCH 036/119] remove old encryption app --- apps/files_encryption/ajax/adminrecovery.php | 91 - .../ajax/changeRecoveryPassword.php | 92 - .../ajax/getMigrationStatus.php | 44 - .../ajax/updatePrivateKeyPassword.php | 81 - apps/files_encryption/ajax/userrecovery.php | 63 - apps/files_encryption/appinfo/app.php | 57 - apps/files_encryption/appinfo/info.xml | 25 - .../appinfo/register_command.php | 26 - apps/files_encryption/appinfo/routes.php | 39 - apps/files_encryption/appinfo/spec.txt | 77 - apps/files_encryption/appinfo/update.php | 31 - apps/files_encryption/appinfo/version | 1 - apps/files_encryption/command/migratekeys.php | 95 - .../css/settings-personal.css | 10 - .../exception/encryptionexception.php | 50 - .../exception/multikeydecryptexception.php | 34 - .../exception/multikeyencryptexception.php | 34 - apps/files_encryption/files/error.php | 75 - apps/files_encryption/img/app.svg | 51 - apps/files_encryption/js/detect-migration.js | 33 - apps/files_encryption/js/encryption.js | 16 - apps/files_encryption/js/settings-admin.js | 55 - apps/files_encryption/js/settings-personal.js | 89 - apps/files_encryption/l10n/.gitkeep | 0 apps/files_encryption/l10n/ar.js | 40 - apps/files_encryption/l10n/ar.json | 38 - apps/files_encryption/l10n/ast.js | 41 - apps/files_encryption/l10n/ast.json | 39 - apps/files_encryption/l10n/az.js | 53 - apps/files_encryption/l10n/az.json | 51 - apps/files_encryption/l10n/bg_BG.js | 53 - apps/files_encryption/l10n/bg_BG.json | 51 - apps/files_encryption/l10n/bn_BD.js | 22 - apps/files_encryption/l10n/bn_BD.json | 20 - apps/files_encryption/l10n/bs.js | 9 - apps/files_encryption/l10n/bs.json | 7 - apps/files_encryption/l10n/ca.js | 42 - apps/files_encryption/l10n/ca.json | 40 - apps/files_encryption/l10n/cs_CZ.js | 53 - apps/files_encryption/l10n/cs_CZ.json | 51 - apps/files_encryption/l10n/cy_GB.js | 6 - apps/files_encryption/l10n/cy_GB.json | 4 - apps/files_encryption/l10n/da.js | 53 - apps/files_encryption/l10n/da.json | 51 - apps/files_encryption/l10n/de.js | 53 - apps/files_encryption/l10n/de.json | 51 - apps/files_encryption/l10n/de_CH.js | 33 - apps/files_encryption/l10n/de_CH.json | 31 - apps/files_encryption/l10n/de_DE.js | 53 - apps/files_encryption/l10n/de_DE.json | 51 - apps/files_encryption/l10n/el.js | 53 - apps/files_encryption/l10n/el.json | 51 - apps/files_encryption/l10n/en_GB.js | 53 - apps/files_encryption/l10n/en_GB.json | 51 - apps/files_encryption/l10n/eo.js | 17 - apps/files_encryption/l10n/eo.json | 15 - apps/files_encryption/l10n/es.js | 53 - apps/files_encryption/l10n/es.json | 51 - apps/files_encryption/l10n/es_AR.js | 38 - apps/files_encryption/l10n/es_AR.json | 36 - apps/files_encryption/l10n/es_CL.js | 6 - apps/files_encryption/l10n/es_CL.json | 4 - apps/files_encryption/l10n/es_MX.js | 37 - apps/files_encryption/l10n/es_MX.json | 35 - apps/files_encryption/l10n/et_EE.js | 51 - apps/files_encryption/l10n/et_EE.json | 49 - apps/files_encryption/l10n/eu.js | 53 - apps/files_encryption/l10n/eu.json | 51 - apps/files_encryption/l10n/fa.js | 30 - apps/files_encryption/l10n/fa.json | 28 - apps/files_encryption/l10n/fi_FI.js | 51 - apps/files_encryption/l10n/fi_FI.json | 49 - apps/files_encryption/l10n/fr.js | 53 - apps/files_encryption/l10n/fr.json | 51 - apps/files_encryption/l10n/gl.js | 53 - apps/files_encryption/l10n/gl.json | 51 - apps/files_encryption/l10n/he.js | 6 - apps/files_encryption/l10n/he.json | 4 - apps/files_encryption/l10n/hr.js | 42 - apps/files_encryption/l10n/hr.json | 40 - apps/files_encryption/l10n/hu_HU.js | 38 - apps/files_encryption/l10n/hu_HU.json | 36 - apps/files_encryption/l10n/ia.js | 6 - apps/files_encryption/l10n/ia.json | 4 - apps/files_encryption/l10n/id.js | 53 - apps/files_encryption/l10n/id.json | 51 - apps/files_encryption/l10n/is.js | 6 - apps/files_encryption/l10n/is.json | 4 - apps/files_encryption/l10n/it.js | 53 - apps/files_encryption/l10n/it.json | 51 - apps/files_encryption/l10n/ja.js | 53 - apps/files_encryption/l10n/ja.json | 51 - apps/files_encryption/l10n/ka_GE.js | 6 - apps/files_encryption/l10n/ka_GE.json | 4 - apps/files_encryption/l10n/km.js | 11 - apps/files_encryption/l10n/km.json | 9 - apps/files_encryption/l10n/kn.js | 8 - apps/files_encryption/l10n/kn.json | 6 - apps/files_encryption/l10n/ko.js | 53 - apps/files_encryption/l10n/ko.json | 51 - apps/files_encryption/l10n/ku_IQ.js | 6 - apps/files_encryption/l10n/ku_IQ.json | 4 - apps/files_encryption/l10n/lb.js | 6 - apps/files_encryption/l10n/lb.json | 4 - apps/files_encryption/l10n/lo.js | 6 - apps/files_encryption/l10n/lo.json | 4 - apps/files_encryption/l10n/lt_LT.js | 37 - apps/files_encryption/l10n/lt_LT.json | 35 - apps/files_encryption/l10n/lv.js | 8 - apps/files_encryption/l10n/lv.json | 6 - apps/files_encryption/l10n/mk.js | 18 - apps/files_encryption/l10n/mk.json | 16 - apps/files_encryption/l10n/nb_NO.js | 53 - apps/files_encryption/l10n/nb_NO.json | 51 - apps/files_encryption/l10n/nl.js | 53 - apps/files_encryption/l10n/nl.json | 51 - apps/files_encryption/l10n/nn_NO.js | 6 - apps/files_encryption/l10n/nn_NO.json | 4 - apps/files_encryption/l10n/pa.js | 6 - apps/files_encryption/l10n/pa.json | 4 - apps/files_encryption/l10n/pl.js | 53 - apps/files_encryption/l10n/pl.json | 51 - apps/files_encryption/l10n/pt_BR.js | 53 - apps/files_encryption/l10n/pt_BR.json | 51 - apps/files_encryption/l10n/pt_PT.js | 53 - apps/files_encryption/l10n/pt_PT.json | 51 - apps/files_encryption/l10n/ro.js | 18 - apps/files_encryption/l10n/ro.json | 16 - apps/files_encryption/l10n/ru.js | 53 - apps/files_encryption/l10n/ru.json | 51 - apps/files_encryption/l10n/si_LK.js | 6 - apps/files_encryption/l10n/si_LK.json | 4 - apps/files_encryption/l10n/sk_SK.js | 53 - apps/files_encryption/l10n/sk_SK.json | 51 - apps/files_encryption/l10n/sl.js | 53 - apps/files_encryption/l10n/sl.json | 51 - apps/files_encryption/l10n/sq.js | 7 - apps/files_encryption/l10n/sq.json | 5 - apps/files_encryption/l10n/sr.js | 53 - apps/files_encryption/l10n/sr.json | 51 - apps/files_encryption/l10n/sr@latin.js | 8 - apps/files_encryption/l10n/sr@latin.json | 6 - apps/files_encryption/l10n/sv.js | 52 - apps/files_encryption/l10n/sv.json | 50 - apps/files_encryption/l10n/ta_LK.js | 6 - apps/files_encryption/l10n/ta_LK.json | 4 - apps/files_encryption/l10n/th_TH.js | 6 - apps/files_encryption/l10n/th_TH.json | 4 - apps/files_encryption/l10n/tr.js | 53 - apps/files_encryption/l10n/tr.json | 51 - apps/files_encryption/l10n/ug.js | 6 - apps/files_encryption/l10n/ug.json | 4 - apps/files_encryption/l10n/uk.js | 53 - apps/files_encryption/l10n/uk.json | 51 - apps/files_encryption/l10n/ur_PK.js | 6 - apps/files_encryption/l10n/ur_PK.json | 4 - apps/files_encryption/l10n/vi.js | 24 - apps/files_encryption/l10n/vi.json | 22 - apps/files_encryption/l10n/zh_CN.js | 48 - apps/files_encryption/l10n/zh_CN.json | 46 - apps/files_encryption/l10n/zh_HK.js | 9 - apps/files_encryption/l10n/zh_HK.json | 7 - apps/files_encryption/l10n/zh_TW.js | 39 - apps/files_encryption/l10n/zh_TW.json | 37 - apps/files_encryption/lib/capabilities.php | 39 - apps/files_encryption/lib/crypt.php | 581 ------ apps/files_encryption/lib/helper.php | 532 ------ apps/files_encryption/lib/hooks.php | 625 ------ apps/files_encryption/lib/keymanager.php | 500 ----- apps/files_encryption/lib/migration.php | 302 --- apps/files_encryption/lib/proxy.php | 401 ---- apps/files_encryption/lib/session.php | 203 -- apps/files_encryption/lib/stream.php | 700 ------- apps/files_encryption/lib/util.php | 1700 ----------------- apps/files_encryption/settings-admin.php | 42 - apps/files_encryption/settings-personal.php | 60 - .../templates/invalid_private_key.php | 12 - .../templates/settings-admin.php | 71 - .../templates/settings-personal.php | 70 - apps/files_encryption/tests/binary | Bin 9734 -> 0 bytes apps/files_encryption/tests/crypt.php | 678 ------- apps/files_encryption/tests/encryption.key | Bin 24 -> 0 bytes .../tests/encryption_table.xml | 39 - apps/files_encryption/tests/helper.php | 339 ---- apps/files_encryption/tests/hooks.php | 447 ----- apps/files_encryption/tests/keymanager.php | 411 ---- .../tests/legacy-encrypted-text.txt | 1 - apps/files_encryption/tests/migration.php | 266 --- apps/files_encryption/tests/proxy.php | 154 -- apps/files_encryption/tests/share.php | 1392 -------------- apps/files_encryption/tests/stream.php | 232 --- apps/files_encryption/tests/testcase.php | 111 -- apps/files_encryption/tests/trashbin.php | 346 ---- apps/files_encryption/tests/util.php | 693 ------- apps/files_encryption/tests/zeros | Bin 10238 -> 0 bytes 195 files changed, 16586 deletions(-) delete mode 100644 apps/files_encryption/ajax/adminrecovery.php delete mode 100644 apps/files_encryption/ajax/changeRecoveryPassword.php delete mode 100644 apps/files_encryption/ajax/getMigrationStatus.php delete mode 100644 apps/files_encryption/ajax/updatePrivateKeyPassword.php delete mode 100644 apps/files_encryption/ajax/userrecovery.php delete mode 100644 apps/files_encryption/appinfo/app.php delete mode 100644 apps/files_encryption/appinfo/info.xml delete mode 100644 apps/files_encryption/appinfo/register_command.php delete mode 100644 apps/files_encryption/appinfo/routes.php delete mode 100644 apps/files_encryption/appinfo/spec.txt delete mode 100644 apps/files_encryption/appinfo/update.php delete mode 100644 apps/files_encryption/appinfo/version delete mode 100644 apps/files_encryption/command/migratekeys.php delete mode 100644 apps/files_encryption/css/settings-personal.css delete mode 100644 apps/files_encryption/exception/encryptionexception.php delete mode 100644 apps/files_encryption/exception/multikeydecryptexception.php delete mode 100644 apps/files_encryption/exception/multikeyencryptexception.php delete mode 100644 apps/files_encryption/files/error.php delete mode 100644 apps/files_encryption/img/app.svg delete mode 100644 apps/files_encryption/js/detect-migration.js delete mode 100644 apps/files_encryption/js/encryption.js delete mode 100644 apps/files_encryption/js/settings-admin.js delete mode 100644 apps/files_encryption/js/settings-personal.js delete mode 100644 apps/files_encryption/l10n/.gitkeep delete mode 100644 apps/files_encryption/l10n/ar.js delete mode 100644 apps/files_encryption/l10n/ar.json delete mode 100644 apps/files_encryption/l10n/ast.js delete mode 100644 apps/files_encryption/l10n/ast.json delete mode 100644 apps/files_encryption/l10n/az.js delete mode 100644 apps/files_encryption/l10n/az.json delete mode 100644 apps/files_encryption/l10n/bg_BG.js delete mode 100644 apps/files_encryption/l10n/bg_BG.json delete mode 100644 apps/files_encryption/l10n/bn_BD.js delete mode 100644 apps/files_encryption/l10n/bn_BD.json delete mode 100644 apps/files_encryption/l10n/bs.js delete mode 100644 apps/files_encryption/l10n/bs.json delete mode 100644 apps/files_encryption/l10n/ca.js delete mode 100644 apps/files_encryption/l10n/ca.json delete mode 100644 apps/files_encryption/l10n/cs_CZ.js delete mode 100644 apps/files_encryption/l10n/cs_CZ.json delete mode 100644 apps/files_encryption/l10n/cy_GB.js delete mode 100644 apps/files_encryption/l10n/cy_GB.json delete mode 100644 apps/files_encryption/l10n/da.js delete mode 100644 apps/files_encryption/l10n/da.json delete mode 100644 apps/files_encryption/l10n/de.js delete mode 100644 apps/files_encryption/l10n/de.json delete mode 100644 apps/files_encryption/l10n/de_CH.js delete mode 100644 apps/files_encryption/l10n/de_CH.json delete mode 100644 apps/files_encryption/l10n/de_DE.js delete mode 100644 apps/files_encryption/l10n/de_DE.json delete mode 100644 apps/files_encryption/l10n/el.js delete mode 100644 apps/files_encryption/l10n/el.json delete mode 100644 apps/files_encryption/l10n/en_GB.js delete mode 100644 apps/files_encryption/l10n/en_GB.json delete mode 100644 apps/files_encryption/l10n/eo.js delete mode 100644 apps/files_encryption/l10n/eo.json delete mode 100644 apps/files_encryption/l10n/es.js delete mode 100644 apps/files_encryption/l10n/es.json delete mode 100644 apps/files_encryption/l10n/es_AR.js delete mode 100644 apps/files_encryption/l10n/es_AR.json delete mode 100644 apps/files_encryption/l10n/es_CL.js delete mode 100644 apps/files_encryption/l10n/es_CL.json delete mode 100644 apps/files_encryption/l10n/es_MX.js delete mode 100644 apps/files_encryption/l10n/es_MX.json delete mode 100644 apps/files_encryption/l10n/et_EE.js delete mode 100644 apps/files_encryption/l10n/et_EE.json delete mode 100644 apps/files_encryption/l10n/eu.js delete mode 100644 apps/files_encryption/l10n/eu.json delete mode 100644 apps/files_encryption/l10n/fa.js delete mode 100644 apps/files_encryption/l10n/fa.json delete mode 100644 apps/files_encryption/l10n/fi_FI.js delete mode 100644 apps/files_encryption/l10n/fi_FI.json delete mode 100644 apps/files_encryption/l10n/fr.js delete mode 100644 apps/files_encryption/l10n/fr.json delete mode 100644 apps/files_encryption/l10n/gl.js delete mode 100644 apps/files_encryption/l10n/gl.json delete mode 100644 apps/files_encryption/l10n/he.js delete mode 100644 apps/files_encryption/l10n/he.json delete mode 100644 apps/files_encryption/l10n/hr.js delete mode 100644 apps/files_encryption/l10n/hr.json delete mode 100644 apps/files_encryption/l10n/hu_HU.js delete mode 100644 apps/files_encryption/l10n/hu_HU.json delete mode 100644 apps/files_encryption/l10n/ia.js delete mode 100644 apps/files_encryption/l10n/ia.json delete mode 100644 apps/files_encryption/l10n/id.js delete mode 100644 apps/files_encryption/l10n/id.json delete mode 100644 apps/files_encryption/l10n/is.js delete mode 100644 apps/files_encryption/l10n/is.json delete mode 100644 apps/files_encryption/l10n/it.js delete mode 100644 apps/files_encryption/l10n/it.json delete mode 100644 apps/files_encryption/l10n/ja.js delete mode 100644 apps/files_encryption/l10n/ja.json delete mode 100644 apps/files_encryption/l10n/ka_GE.js delete mode 100644 apps/files_encryption/l10n/ka_GE.json delete mode 100644 apps/files_encryption/l10n/km.js delete mode 100644 apps/files_encryption/l10n/km.json delete mode 100644 apps/files_encryption/l10n/kn.js delete mode 100644 apps/files_encryption/l10n/kn.json delete mode 100644 apps/files_encryption/l10n/ko.js delete mode 100644 apps/files_encryption/l10n/ko.json delete mode 100644 apps/files_encryption/l10n/ku_IQ.js delete mode 100644 apps/files_encryption/l10n/ku_IQ.json delete mode 100644 apps/files_encryption/l10n/lb.js delete mode 100644 apps/files_encryption/l10n/lb.json delete mode 100644 apps/files_encryption/l10n/lo.js delete mode 100644 apps/files_encryption/l10n/lo.json delete mode 100644 apps/files_encryption/l10n/lt_LT.js delete mode 100644 apps/files_encryption/l10n/lt_LT.json delete mode 100644 apps/files_encryption/l10n/lv.js delete mode 100644 apps/files_encryption/l10n/lv.json delete mode 100644 apps/files_encryption/l10n/mk.js delete mode 100644 apps/files_encryption/l10n/mk.json delete mode 100644 apps/files_encryption/l10n/nb_NO.js delete mode 100644 apps/files_encryption/l10n/nb_NO.json delete mode 100644 apps/files_encryption/l10n/nl.js delete mode 100644 apps/files_encryption/l10n/nl.json delete mode 100644 apps/files_encryption/l10n/nn_NO.js delete mode 100644 apps/files_encryption/l10n/nn_NO.json delete mode 100644 apps/files_encryption/l10n/pa.js delete mode 100644 apps/files_encryption/l10n/pa.json delete mode 100644 apps/files_encryption/l10n/pl.js delete mode 100644 apps/files_encryption/l10n/pl.json delete mode 100644 apps/files_encryption/l10n/pt_BR.js delete mode 100644 apps/files_encryption/l10n/pt_BR.json delete mode 100644 apps/files_encryption/l10n/pt_PT.js delete mode 100644 apps/files_encryption/l10n/pt_PT.json delete mode 100644 apps/files_encryption/l10n/ro.js delete mode 100644 apps/files_encryption/l10n/ro.json delete mode 100644 apps/files_encryption/l10n/ru.js delete mode 100644 apps/files_encryption/l10n/ru.json delete mode 100644 apps/files_encryption/l10n/si_LK.js delete mode 100644 apps/files_encryption/l10n/si_LK.json delete mode 100644 apps/files_encryption/l10n/sk_SK.js delete mode 100644 apps/files_encryption/l10n/sk_SK.json delete mode 100644 apps/files_encryption/l10n/sl.js delete mode 100644 apps/files_encryption/l10n/sl.json delete mode 100644 apps/files_encryption/l10n/sq.js delete mode 100644 apps/files_encryption/l10n/sq.json delete mode 100644 apps/files_encryption/l10n/sr.js delete mode 100644 apps/files_encryption/l10n/sr.json delete mode 100644 apps/files_encryption/l10n/sr@latin.js delete mode 100644 apps/files_encryption/l10n/sr@latin.json delete mode 100644 apps/files_encryption/l10n/sv.js delete mode 100644 apps/files_encryption/l10n/sv.json delete mode 100644 apps/files_encryption/l10n/ta_LK.js delete mode 100644 apps/files_encryption/l10n/ta_LK.json delete mode 100644 apps/files_encryption/l10n/th_TH.js delete mode 100644 apps/files_encryption/l10n/th_TH.json delete mode 100644 apps/files_encryption/l10n/tr.js delete mode 100644 apps/files_encryption/l10n/tr.json delete mode 100644 apps/files_encryption/l10n/ug.js delete mode 100644 apps/files_encryption/l10n/ug.json delete mode 100644 apps/files_encryption/l10n/uk.js delete mode 100644 apps/files_encryption/l10n/uk.json delete mode 100644 apps/files_encryption/l10n/ur_PK.js delete mode 100644 apps/files_encryption/l10n/ur_PK.json delete mode 100644 apps/files_encryption/l10n/vi.js delete mode 100644 apps/files_encryption/l10n/vi.json delete mode 100644 apps/files_encryption/l10n/zh_CN.js delete mode 100644 apps/files_encryption/l10n/zh_CN.json delete mode 100644 apps/files_encryption/l10n/zh_HK.js delete mode 100644 apps/files_encryption/l10n/zh_HK.json delete mode 100644 apps/files_encryption/l10n/zh_TW.js delete mode 100644 apps/files_encryption/l10n/zh_TW.json delete mode 100644 apps/files_encryption/lib/capabilities.php delete mode 100644 apps/files_encryption/lib/crypt.php delete mode 100644 apps/files_encryption/lib/helper.php delete mode 100644 apps/files_encryption/lib/hooks.php delete mode 100644 apps/files_encryption/lib/keymanager.php delete mode 100644 apps/files_encryption/lib/migration.php delete mode 100644 apps/files_encryption/lib/proxy.php delete mode 100644 apps/files_encryption/lib/session.php delete mode 100644 apps/files_encryption/lib/stream.php delete mode 100644 apps/files_encryption/lib/util.php delete mode 100644 apps/files_encryption/settings-admin.php delete mode 100644 apps/files_encryption/settings-personal.php delete mode 100644 apps/files_encryption/templates/invalid_private_key.php delete mode 100644 apps/files_encryption/templates/settings-admin.php delete mode 100644 apps/files_encryption/templates/settings-personal.php delete mode 100644 apps/files_encryption/tests/binary delete mode 100755 apps/files_encryption/tests/crypt.php delete mode 100644 apps/files_encryption/tests/encryption.key delete mode 100644 apps/files_encryption/tests/encryption_table.xml delete mode 100644 apps/files_encryption/tests/helper.php delete mode 100644 apps/files_encryption/tests/hooks.php delete mode 100644 apps/files_encryption/tests/keymanager.php delete mode 100644 apps/files_encryption/tests/legacy-encrypted-text.txt delete mode 100644 apps/files_encryption/tests/migration.php delete mode 100644 apps/files_encryption/tests/proxy.php delete mode 100755 apps/files_encryption/tests/share.php delete mode 100644 apps/files_encryption/tests/stream.php delete mode 100644 apps/files_encryption/tests/testcase.php delete mode 100755 apps/files_encryption/tests/trashbin.php delete mode 100755 apps/files_encryption/tests/util.php delete mode 100644 apps/files_encryption/tests/zeros diff --git a/apps/files_encryption/ajax/adminrecovery.php b/apps/files_encryption/ajax/adminrecovery.php deleted file mode 100644 index 1c13df8b88..0000000000 --- a/apps/files_encryption/ajax/adminrecovery.php +++ /dev/null @@ -1,91 +0,0 @@ - - * @author Florin Peter - * @author Joas Schilling - * @author Lukas Reschke - * @author Morris Jobke - * @author Robin Appelman - * @author Sam Tuke - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -use OCA\Files_Encryption\Helper; - -\OCP\JSON::checkAdminUser(); -\OCP\JSON::checkAppEnabled('files_encryption'); -\OCP\JSON::callCheck(); - -$l = \OC::$server->getL10N('files_encryption'); - -$return = false; -$errorMessage = $l->t("Unknown error"); - -//check if both passwords are the same -if (empty($_POST['recoveryPassword'])) { - $errorMessage = $l->t('Missing recovery key password'); - \OCP\JSON::error(array('data' => array('message' => $errorMessage))); - exit(); -} - -if (empty($_POST['confirmPassword'])) { - $errorMessage = $l->t('Please repeat the recovery key password'); - \OCP\JSON::error(array('data' => array('message' => $errorMessage))); - exit(); -} - -if ($_POST['recoveryPassword'] !== $_POST['confirmPassword']) { - $errorMessage = $l->t('Repeated recovery key password does not match the provided recovery key password'); - \OCP\JSON::error(array('data' => array('message' => $errorMessage))); - exit(); -} - -// Enable recoveryAdmin -$recoveryKeyId = \OC::$server->getAppConfig()->getValue('files_encryption', 'recoveryKeyId'); - -if (isset($_POST['adminEnableRecovery']) && $_POST['adminEnableRecovery'] === '1') { - - $return = Helper::adminEnableRecovery($recoveryKeyId, (string)$_POST['recoveryPassword']); - - // Return success or failure - if ($return) { - $successMessage = $l->t('Recovery key successfully enabled'); - } else { - $errorMessage = $l->t('Could not disable recovery key. Please check your recovery key password!'); - } - -// Disable recoveryAdmin -} elseif ( - isset($_POST['adminEnableRecovery']) - && '0' === $_POST['adminEnableRecovery'] -) { - $return = Helper::adminDisableRecovery((string)$_POST['recoveryPassword']); - - if ($return) { - $successMessage = $l->t('Recovery key successfully disabled'); - } else { - $errorMessage = $l->t('Could not disable recovery key. Please check your recovery key password!'); - } -} - -// Return success or failure -if ($return) { - \OCP\JSON::success(array('data' => array('message' => $successMessage))); -} else { - \OCP\JSON::error(array('data' => array('message' => $errorMessage))); -} diff --git a/apps/files_encryption/ajax/changeRecoveryPassword.php b/apps/files_encryption/ajax/changeRecoveryPassword.php deleted file mode 100644 index 146c0c5c5d..0000000000 --- a/apps/files_encryption/ajax/changeRecoveryPassword.php +++ /dev/null @@ -1,92 +0,0 @@ - - * @author Christopher Schäpers - * @author Florin Peter - * @author Joas Schilling - * @author Lukas Reschke - * @author Morris Jobke - * @author Robin Appelman - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -\OCP\JSON::checkAdminUser(); -\OCP\JSON::checkAppEnabled('files_encryption'); -\OCP\JSON::callCheck(); - -$l = \OC::$server->getL10N('core'); - -$return = false; - -$oldPassword = (string)$_POST['oldPassword']; -$newPassword = (string)$_POST['newPassword']; -$confirmPassword = (string)$_POST['confirmPassword']; - -//check if both passwords are the same -if (empty($_POST['oldPassword'])) { - $errorMessage = $l->t('Please provide the old recovery password'); - \OCP\JSON::error(array('data' => array('message' => $errorMessage))); - exit(); -} - -if (empty($_POST['newPassword'])) { - $errorMessage = $l->t('Please provide a new recovery password'); - \OCP\JSON::error(array('data' => array('message' => $errorMessage))); - exit(); -} - -if (empty($_POST['confirmPassword'])) { - $errorMessage = $l->t('Please repeat the new recovery password'); - \OCP\JSON::error(array('data' => array('message' => $errorMessage))); - exit(); -} - -if ($_POST['newPassword'] !== $_POST['confirmPassword']) { - $errorMessage = $l->t('Repeated recovery key password does not match the provided recovery key password'); - \OCP\JSON::error(array('data' => array('message' => $errorMessage))); - exit(); -} - -$view = new \OC\Files\View('/'); -$util = new \OCA\Files_Encryption\Util(new \OC\Files\View('/'), \OCP\User::getUser()); - -$proxyStatus = \OC_FileProxy::$enabled; -\OC_FileProxy::$enabled = false; - -$keyId = $util->getRecoveryKeyId(); - -$encryptedRecoveryKey = \OCA\Files_Encryption\Keymanager::getPrivateSystemKey($keyId); -$decryptedRecoveryKey = $encryptedRecoveryKey ? \OCA\Files_Encryption\Crypt::decryptPrivateKey($encryptedRecoveryKey, $oldPassword) : false; - -if ($decryptedRecoveryKey) { - $cipher = \OCA\Files_Encryption\Helper::getCipher(); - $encryptedKey = \OCA\Files_Encryption\Crypt::symmetricEncryptFileContent($decryptedRecoveryKey, $newPassword, $cipher); - if ($encryptedKey) { - \OCA\Files_Encryption\Keymanager::setPrivateSystemKey($encryptedKey, $keyId); - $return = true; - } -} - -\OC_FileProxy::$enabled = $proxyStatus; - -// success or failure -if ($return) { - \OCP\JSON::success(array('data' => array('message' => $l->t('Password successfully changed.')))); -} else { - \OCP\JSON::error(array('data' => array('message' => $l->t('Could not change the password. Maybe the old password was not correct.')))); -} diff --git a/apps/files_encryption/ajax/getMigrationStatus.php b/apps/files_encryption/ajax/getMigrationStatus.php deleted file mode 100644 index e140a296f3..0000000000 --- a/apps/files_encryption/ajax/getMigrationStatus.php +++ /dev/null @@ -1,44 +0,0 @@ - - * @author Björn Schießle - * @author Joas Schilling - * @author Lukas Reschke - * @author Morris Jobke - * @author Thomas Müller - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -use OCA\Files_Encryption\Util; - -\OCP\JSON::checkAppEnabled('files_encryption'); - -$loginname = isset($_POST['user']) ? (string)$_POST['user'] : ''; -$password = isset($_POST['password']) ? (string)$_POST['password'] : ''; - -$migrationStatus = Util::MIGRATION_COMPLETED; - -if ($loginname !== '' && $password !== '') { - $username = \OCP\User::checkPassword($loginname, $password); - if ($username) { - $util = new Util(new \OC\Files\View('/'), $username); - $migrationStatus = $util->getMigrationStatus(); - } -} - -\OCP\JSON::success(array('data' => array('migrationStatus' => $migrationStatus))); diff --git a/apps/files_encryption/ajax/updatePrivateKeyPassword.php b/apps/files_encryption/ajax/updatePrivateKeyPassword.php deleted file mode 100644 index e5f2d65434..0000000000 --- a/apps/files_encryption/ajax/updatePrivateKeyPassword.php +++ /dev/null @@ -1,81 +0,0 @@ - - * @author Christopher Schäpers - * @author Joas Schilling - * @author Lukas Reschke - * @author Morris Jobke - * @author Robin Appelman - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -\OCP\JSON::checkLoggedIn(); -\OCP\JSON::checkAppEnabled('files_encryption'); -\OCP\JSON::callCheck(); - -$l = \OC::$server->getL10N('core'); - -$return = false; -$errorMessage = $l->t('Could not update the private key password.'); - -$oldPassword = (string)$_POST['oldPassword']; -$newPassword = (string)$_POST['newPassword']; - -$view = new \OC\Files\View('/'); -$session = new \OCA\Files_Encryption\Session($view); -$user = \OCP\User::getUser(); -$loginName = \OC::$server->getUserSession()->getLoginName(); - -// check new password -$passwordCorrect = \OCP\User::checkPassword($loginName, $newPassword); - -if ($passwordCorrect !== false) { - -$proxyStatus = \OC_FileProxy::$enabled; -\OC_FileProxy::$enabled = false; - -$encryptedKey = \OCA\Files_Encryption\Keymanager::getPrivateKey($view, $user); -$decryptedKey = $encryptedKey ? \OCA\Files_Encryption\Crypt::decryptPrivateKey($encryptedKey, $oldPassword) : false; - -if ($decryptedKey) { - $cipher = \OCA\Files_Encryption\Helper::getCipher(); - $encryptedKey = \OCA\Files_Encryption\Crypt::symmetricEncryptFileContent($decryptedKey, $newPassword, $cipher); - if ($encryptedKey) { - \OCA\Files_Encryption\Keymanager::setPrivateKey($encryptedKey, $user); - $session->setPrivateKey($decryptedKey); - $return = true; - } -} else { - $result = false; - $errorMessage = $l->t('The old password was not correct, please try again.'); -} - -\OC_FileProxy::$enabled = $proxyStatus; - -} else { - $result = false; - $errorMessage = $l->t('The current log-in password was not correct, please try again.'); -} - -// success or failure -if ($return) { - $session->setInitialized(\OCA\Files_Encryption\Session::INIT_SUCCESSFUL); - \OCP\JSON::success(array('data' => array('message' => $l->t('Private key password successfully updated.')))); -} else { - \OCP\JSON::error(array('data' => array('message' => $errorMessage))); -} diff --git a/apps/files_encryption/ajax/userrecovery.php b/apps/files_encryption/ajax/userrecovery.php deleted file mode 100644 index a1145172f7..0000000000 --- a/apps/files_encryption/ajax/userrecovery.php +++ /dev/null @@ -1,63 +0,0 @@ - - * @author Florin Peter - * @author Joas Schilling - * @author Lukas Reschke - * @author Morris Jobke - * @author Sam Tuke - * @author Thomas Müller - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -\OCP\JSON::checkLoggedIn(); -\OCP\JSON::checkAppEnabled('files_encryption'); -\OCP\JSON::callCheck(); - -$l = \OC::$server->getL10N('files_encryption'); - -if ( - isset($_POST['userEnableRecovery']) - && (0 == $_POST['userEnableRecovery'] || '1' === $_POST['userEnableRecovery']) -) { - - $userId = \OCP\USER::getUser(); - $view = new \OC\Files\View('/'); - $util = new \OCA\Files_Encryption\Util($view, $userId); - - // Save recovery preference to DB - $return = $util->setRecoveryForUser((string)$_POST['userEnableRecovery']); - - if ($_POST['userEnableRecovery'] === '1') { - $util->addRecoveryKeys(); - } else { - $util->removeRecoveryKeys(); - } - -} else { - - $return = false; - -} - -// Return success or failure -if ($return) { - \OCP\JSON::success(array('data' => array('message' => $l->t('File recovery settings updated')))); -} else { - \OCP\JSON::error(array('data' => array('message' => $l->t('Could not update file recovery')))); -} diff --git a/apps/files_encryption/appinfo/app.php b/apps/files_encryption/appinfo/app.php deleted file mode 100644 index 5da8a3a7cb..0000000000 --- a/apps/files_encryption/appinfo/app.php +++ /dev/null @@ -1,57 +0,0 @@ - - * @author Florin Peter - * @author Joas Schilling - * @author Morris Jobke - * @author Robin Appelman - * @author Sam Tuke - * @author Thomas Müller - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ -\OCP\Util::addscript('files_encryption', 'encryption'); -\OCP\Util::addscript('files_encryption', 'detect-migration'); - -if (!OC_Config::getValue('maintenance', false)) { - OC_FileProxy::register(new OCA\Files_Encryption\Proxy()); - - // User related hooks - OCA\Files_Encryption\Helper::registerUserHooks(); - - // Sharing related hooks - OCA\Files_Encryption\Helper::registerShareHooks(); - - // Filesystem related hooks - OCA\Files_Encryption\Helper::registerFilesystemHooks(); - - // App manager related hooks - OCA\Files_Encryption\Helper::registerAppHooks(); - - if(!in_array('crypt', stream_get_wrappers())) { - stream_wrapper_register('crypt', 'OCA\Files_Encryption\Stream'); - } -} else { - // logout user if we are in maintenance to force re-login - OCP\User::logout(); -} - -\OC::$server->getCommandBus()->requireSync('\OC\Command\FileAccess'); - -// Register settings scripts -OCP\App::registerAdmin('files_encryption', 'settings-admin'); -OCP\App::registerPersonal('files_encryption', 'settings-personal'); diff --git a/apps/files_encryption/appinfo/info.xml b/apps/files_encryption/appinfo/info.xml deleted file mode 100644 index 7f7e09d627..0000000000 --- a/apps/files_encryption/appinfo/info.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - files_encryption - Server-side Encryption - - This application encrypts all files accessed by ownCloud at rest, wherever they are stored. As an example, with this application enabled, external cloud based Amazon S3 storage will be encrypted, protecting this data on storage outside of the control of the Admin. When this application is enabled for the first time, all files are encrypted as users log in and are prompted for their password. The recommended recovery key option enables recovery of files in case the key is lost. - Note that this app encrypts all files that are touched by ownCloud, so external storage providers and applications such as SharePoint will see new files encrypted when they are accessed. Encryption is based on AES 128 or 256 bit keys. More information is available in the Encryption documentation - - AGPL - Sam Tuke, Bjoern Schiessle, Florin Peter - 4 - true - - user-encryption - admin-encryption - - false - - - - 166047 - - openssl - - diff --git a/apps/files_encryption/appinfo/register_command.php b/apps/files_encryption/appinfo/register_command.php deleted file mode 100644 index 4864e80116..0000000000 --- a/apps/files_encryption/appinfo/register_command.php +++ /dev/null @@ -1,26 +0,0 @@ - - * @author Thomas Müller - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -use OCA\Files_Encryption\Command\MigrateKeys; - -$userManager = OC::$server->getUserManager(); -$application->add(new MigrateKeys($userManager)); diff --git a/apps/files_encryption/appinfo/routes.php b/apps/files_encryption/appinfo/routes.php deleted file mode 100644 index 8884ac3b6a..0000000000 --- a/apps/files_encryption/appinfo/routes.php +++ /dev/null @@ -1,39 +0,0 @@ - - * @author Lukas Reschke - * @author Morris Jobke - * @author Tom Needham - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -/** @var $this \OCP\Route\IRouter */ - -$this->create('files_encryption_ajax_adminrecovery', 'ajax/adminrecovery.php') - ->actionInclude('files_encryption/ajax/adminrecovery.php'); -$this->create('files_encryption_ajax_changeRecoveryPassword', 'ajax/changeRecoveryPassword.php') - ->actionInclude('files_encryption/ajax/changeRecoveryPassword.php'); -$this->create('files_encryption_ajax_getMigrationStatus', 'ajax/getMigrationStatus.php') - ->actionInclude('files_encryption/ajax/getMigrationStatus.php'); -$this->create('files_encryption_ajax_updatePrivateKeyPassword', 'ajax/updatePrivateKeyPassword.php') - ->actionInclude('files_encryption/ajax/updatePrivateKeyPassword.php'); -$this->create('files_encryption_ajax_userrecovery', 'ajax/userrecovery.php') - ->actionInclude('files_encryption/ajax/userrecovery.php'); - -// Register with the capabilities API -OC_API::register('get', '/cloud/capabilities', array('OCA\Files_Encryption\Capabilities', 'getCapabilities'), 'files_encryption', OC_API::USER_AUTH); diff --git a/apps/files_encryption/appinfo/spec.txt b/apps/files_encryption/appinfo/spec.txt deleted file mode 100644 index ddd3983a9e..0000000000 --- a/apps/files_encryption/appinfo/spec.txt +++ /dev/null @@ -1,77 +0,0 @@ -Encrypted files ---------------- - -- Each encrypted file has at least two components: the encrypted data file - ('catfile'), and it's corresponding key file ('keyfile'). Shared files have an - additional key file ('share key'). The catfile contains the encrypted data - concatenated with delimiter text, followed by the initialisation vector ('IV'), - and padding. e.g.: - - [encrypted data string][delimiter][IV][padding] - [anhAAjAmcGXqj1X9g==][00iv00][MSHU5N5gECP7aAg7][xx] (square braces added) - -- Directory structure: - - Encrypted user data (catfiles) are stored in the usual /data/user/files dir - - Keyfiles are stored in /data/user/files_encryption/keyfiles - - Sharekey are stored in /data/user/files_encryption/share-files - -- File extensions: - - Catfiles have to keep the file extension of the original file, pre-encryption - - Keyfiles use .keyfile - - Sharekeys have .shareKey - -Shared files ------------- - -Shared files have a centrally stored catfile and keyfile, and one sharekey for -each user that shares it. - -When sharing is used, a different encryption method is used to encrypt the -keyfile (openssl_seal). Although shared files have a keyfile, its contents -use a different format therefore. - -Each time a shared file is edited or deleted, all sharekeys for users sharing -that file must have their sharekeys changed also. The keyfile and catfile -however need only changing in the owners files, as there is only one copy of -these. - -Publicly shared files (public links) ------------------------------------- - -Files shared via public links use a separate system user account called 'ownCloud'. All public files are shared to that user's public key, and the private key is used to access the files when the public link is used in browser. - -This means that files shared via public links are accessible only to users who know the shared URL, or to admins who know the 'ownCloud' user password. - -Lost password recovery ----------------------- - -In order to enable users to read their encrypted files in the event of a password loss/reset scenario, administrators can choose to enable a 'recoveryAdmin' account. This is a user that all user files will automatically be shared to of the option is enabled. This allows the recoveryAdmin user to generate new keyfiles for the user. By default the UID of the recoveryAdmin is 'recoveryAdmin'. - -OC_FilesystemView ------------------ - -files_encryption deals extensively with paths and the filesystem. In order to minimise bugs, it makes calls to filesystem methods in a consistent way: OC_FilesystemView{} objects always use '/' as their root, and specify paths each time particular methods are called. e.g. do this: - -$view->file_exists( 'path/to/file' ); - -Not: - -$view->chroot( 'path/to' ); -$view->file_exists( 'file' ); - -Using this convention means that $view objects are more predictable and less likely to break. Problems with paths are the #1 cause of bugs in this app, and consistent $view handling is an important way to prevent them. - -Notes ------ - -- The user passphrase is required in order to set up or upgrade the app. New - keypair generation, and the re-encryption of legacy encrypted files requires - it. Therefore an appinfo/update.php script cannot be used, and upgrade logic - is handled in the login hook listener. Therefore each time the user logs in - their files are scanned to detect unencrypted and legacy encrypted files, and - they are (re)encrypted as necessary. This may present a performance issue; we - need to monitor this. -- When files are saved to ownCloud via WebDAV, a .part file extension is used so - that the file isn't cached before the upload has been completed. .part files - are not compatible with files_encrytion's key management system however, so - we have to always sanitise such paths manually before using them. \ No newline at end of file diff --git a/apps/files_encryption/appinfo/update.php b/apps/files_encryption/appinfo/update.php deleted file mode 100644 index e8ccee063e..0000000000 --- a/apps/files_encryption/appinfo/update.php +++ /dev/null @@ -1,31 +0,0 @@ - - * @author Morris Jobke - * @author Thomas Müller - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ -use OCA\Files_Encryption\Migration; - -$installedVersion=OCP\Config::getAppValue('files_encryption', 'installed_version'); - -// Migration OC7 -> OC8 -if (version_compare($installedVersion, '0.7', '<')) { - $m = new Migration(); - $m->reorganizeFolderStructure(); -} diff --git a/apps/files_encryption/appinfo/version b/apps/files_encryption/appinfo/version deleted file mode 100644 index 39e898a4f9..0000000000 --- a/apps/files_encryption/appinfo/version +++ /dev/null @@ -1 +0,0 @@ -0.7.1 diff --git a/apps/files_encryption/command/migratekeys.php b/apps/files_encryption/command/migratekeys.php deleted file mode 100644 index 4f3e558167..0000000000 --- a/apps/files_encryption/command/migratekeys.php +++ /dev/null @@ -1,95 +0,0 @@ - - * @author Morris Jobke - * @author Thomas Müller - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption\Command; - -use OCA\Files_Encryption\Migration; -use OCP\IUserBackend; -use Symfony\Component\Console\Command\Command; -use Symfony\Component\Console\Input\InputArgument; -use Symfony\Component\Console\Input\InputInterface; -use Symfony\Component\Console\Output\OutputInterface; - -class MigrateKeys extends Command { - - /** @var \OC\User\Manager */ - private $userManager; - - public function __construct(\OC\User\Manager $userManager) { - $this->userManager = $userManager; - parent::__construct(); - } - - protected function configure() { - $this - ->setName('encryption:migrate-keys') - ->setDescription('migrate encryption keys') - ->addArgument( - 'user_id', - InputArgument::OPTIONAL | InputArgument::IS_ARRAY, - 'will migrate keys of the given user(s)' - ); - } - - protected function execute(InputInterface $input, OutputInterface $output) { - - // perform system reorganization - $migration = new Migration(); - $output->writeln("Reorganize system folder structure"); - $migration->reorganizeSystemFolderStructure(); - - $users = $input->getArgument('user_id'); - if (!empty($users)) { - foreach ($users as $user) { - if ($this->userManager->userExists($user)) { - $output->writeln("Migrating keys $user"); - $migration->reorganizeFolderStructureForUser($user); - } else { - $output->writeln("Unknown user $user"); - } - } - } else { - foreach($this->userManager->getBackends() as $backend) { - $name = get_class($backend); - - if ($backend instanceof IUserBackend) { - $name = $backend->getBackendName(); - } - - $output->writeln("Migrating keys for users on backend $name"); - - $limit = 500; - $offset = 0; - do { - $users = $backend->getUsers('', $limit, $offset); - foreach ($users as $user) { - $output->writeln(" $user"); - $migration->reorganizeFolderStructureForUser($user); - } - $offset += $limit; - } while(count($users) >= $limit); - } - } - - } -} diff --git a/apps/files_encryption/css/settings-personal.css b/apps/files_encryption/css/settings-personal.css deleted file mode 100644 index 8eb5bedcb0..0000000000 --- a/apps/files_encryption/css/settings-personal.css +++ /dev/null @@ -1,10 +0,0 @@ -/* Copyright (c) 2013, Sam Tuke, - This file is licensed under the Affero General Public License version 3 or later. - See the COPYING-README file. */ - -#encryptAllError -, #encryptAllSuccess -, #recoveryEnabledError -, #recoveryEnabledSuccess { - display: none; -} diff --git a/apps/files_encryption/exception/encryptionexception.php b/apps/files_encryption/exception/encryptionexception.php deleted file mode 100644 index 637103f565..0000000000 --- a/apps/files_encryption/exception/encryptionexception.php +++ /dev/null @@ -1,50 +0,0 @@ - - * @author Joas Schilling - * @author Morris Jobke - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption\Exception; - -/** - * Base class for all encryption exception - * - * Possible Error Codes: - * 10 - generic error - * 20 - unexpected end of encryption header - * 30 - unexpected blog size - * 40 - encryption header to large - * 50 - unknown cipher - * 60 - encryption failed - * 70 - decryption failed - * 80 - empty data - * 90 - private key missing - */ -class EncryptionException extends \Exception { - const GENERIC = 10; - const UNEXPECTED_END_OF_ENCRYPTION_HEADER = 20; - const UNEXPECTED_BLOCK_SIZE = 30; - const ENCRYPTION_HEADER_TO_LARGE = 40; - const UNKNOWN_CIPHER = 50; - const ENCRYPTION_FAILED = 60; - const DECRYPTION_FAILED = 70; - const EMPTY_DATA = 80; - const PRIVATE_KEY_MISSING = 90; -} diff --git a/apps/files_encryption/exception/multikeydecryptexception.php b/apps/files_encryption/exception/multikeydecryptexception.php deleted file mode 100644 index a75bd663dc..0000000000 --- a/apps/files_encryption/exception/multikeydecryptexception.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @author Joas Schilling - * @author Morris Jobke - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption\Exception; - -/** - * Throw this encryption if multi key decryption failed - * - * Possible error codes: - * 110 - openssl_open failed - */ -class MultiKeyDecryptException extends EncryptionException { - const OPENSSL_OPEN_FAILED = 110; -} diff --git a/apps/files_encryption/exception/multikeyencryptexception.php b/apps/files_encryption/exception/multikeyencryptexception.php deleted file mode 100644 index 3b485a3398..0000000000 --- a/apps/files_encryption/exception/multikeyencryptexception.php +++ /dev/null @@ -1,34 +0,0 @@ - - * @author Joas Schilling - * @author Morris Jobke - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption\Exception; - -/** - * Throw this exception if multi key encrytion fails - * - * Possible error codes: - * 110 - openssl_seal failed - */ -class MultiKeyEncryptException extends EncryptionException { - const OPENSSL_SEAL_FAILED = 110; -} diff --git a/apps/files_encryption/files/error.php b/apps/files_encryption/files/error.php deleted file mode 100644 index 6976c9ff6c..0000000000 --- a/apps/files_encryption/files/error.php +++ /dev/null @@ -1,75 +0,0 @@ - - * @author Joas Schilling - * @author Lukas Reschke - * @author Morris Jobke - * @author Robin Appelman - * @author Thomas Müller - * @author Volkan Gezer - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ -if (!isset($_)) { //also provide standalone error page - require_once __DIR__ . '/../../../lib/base.php'; - require_once __DIR__ . '/../lib/crypt.php'; - - OC_JSON::checkAppEnabled('files_encryption'); - OC_App::loadApp('files_encryption'); - - $l = \OC::$server->getL10N('files_encryption'); - - if (isset($_GET['errorCode'])) { - $errorCode = $_GET['errorCode']; - switch ($errorCode) { - case \OCA\Files_Encryption\Crypt::ENCRYPTION_NOT_INITIALIZED_ERROR: - $errorMsg = $l->t('Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app.'); - break; - case \OCA\Files_Encryption\Crypt::ENCRYPTION_PRIVATE_KEY_NOT_VALID_ERROR: - $theme = new OC_Defaults(); - $errorMsg = $l->t('Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.', array($theme->getName())); - break; - case \OCA\Files_Encryption\Crypt::ENCRYPTION_NO_SHARE_KEY_FOUND: - $errorMsg = $l->t('Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you.'); - break; - default: - $errorMsg = $l->t("Unknown error. Please check your system settings or contact your administrator"); - break; - } - } else { - $errorCode = \OCA\Files_Encryption\Crypt::ENCRYPTION_UNKNOWN_ERROR; - $errorMsg = $l->t("Unknown error. Please check your system settings or contact your administrator"); - } - - if (isset($_GET['p']) && $_GET['p'] === '1') { - header('HTTP/1.0 403 ' . $errorMsg); - } - -// check if ajax request - if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') { - \OCP\JSON::error(array('data' => array('message' => $errorMsg))); - } else { - header('HTTP/1.0 403 ' . $errorMsg); - $tmpl = new OC_Template('files_encryption', 'invalid_private_key', 'guest'); - $tmpl->assign('message', $errorMsg); - $tmpl->assign('errorCode', $errorCode); - $tmpl->printPage(); - } - - exit; -} - diff --git a/apps/files_encryption/img/app.svg b/apps/files_encryption/img/app.svg deleted file mode 100644 index 1157c71c66..0000000000 --- a/apps/files_encryption/img/app.svg +++ /dev/null @@ -1,51 +0,0 @@ - -image/svg+xml \ No newline at end of file diff --git a/apps/files_encryption/js/detect-migration.js b/apps/files_encryption/js/detect-migration.js deleted file mode 100644 index f5627edf4e..0000000000 --- a/apps/files_encryption/js/detect-migration.js +++ /dev/null @@ -1,33 +0,0 @@ -/** - * Copyright (c) 2013 - * Bjoern Schiessle - * This file is licensed under the Affero General Public License version 3 or later. - * See the COPYING-README file. - */ - - -$(document).ready(function(){ - $('form[name="login"]').on('submit', function() { - var user = $('#user').val(); - var password = $('#password').val(); - $.ajax({ - type: 'POST', - url: OC.linkTo('files_encryption', 'ajax/getMigrationStatus.php'), - dataType: 'json', - data: {user: user, password: password}, - async: false, - success: function(response) { - if (response.data.migrationStatus === OC.Encryption.MIGRATION_OPEN) { - var message = t('files_encryption', 'Initial encryption started... This can take some time. Please wait.'); - $('#messageText').text(message); - $('#message').removeClass('hidden').addClass('update'); - } else if (response.data.migrationStatus === OC.Encryption.MIGRATION_IN_PROGRESS) { - var message = t('files_encryption', 'Initial encryption running... Please try again later.'); - $('#messageText').text(message); - $('#message').removeClass('hidden').addClass('update'); - } - } - }); - }); - -}); diff --git a/apps/files_encryption/js/encryption.js b/apps/files_encryption/js/encryption.js deleted file mode 100644 index d2d1c3a1fc..0000000000 --- a/apps/files_encryption/js/encryption.js +++ /dev/null @@ -1,16 +0,0 @@ -/** - * Copyright (c) 2014 - * Bjoern Schiessle - * This file is licensed under the Affero General Public License version 3 or later. - * See the COPYING-README file. - */ - -/** - * @namespace - * @memberOf OC - */ -OC.Encryption={ - MIGRATION_OPEN:0, - MIGRATION_COMPLETED:1, - MIGRATION_IN_PROGRESS:-1, -}; diff --git a/apps/files_encryption/js/settings-admin.js b/apps/files_encryption/js/settings-admin.js deleted file mode 100644 index 2242c1f712..0000000000 --- a/apps/files_encryption/js/settings-admin.js +++ /dev/null @@ -1,55 +0,0 @@ -/** - * Copyright (c) 2013 - * Sam Tuke - * Robin Appelman - * Bjoern Schiessle - * This file is licensed under the Affero General Public License version 3 or later. - * See the COPYING-README file. - */ - -$(document).ready(function(){ - - $( 'input:radio[name="adminEnableRecovery"]' ).change( - function() { - var recoveryStatus = $( this ).val(); - var oldStatus = (1+parseInt(recoveryStatus)) % 2; - var recoveryPassword = $( '#encryptionRecoveryPassword' ).val(); - var confirmPassword = $( '#repeatEncryptionRecoveryPassword' ).val(); - OC.msg.startSaving('#encryptionSetRecoveryKey .msg'); - $.post( - OC.filePath( 'files_encryption', 'ajax', 'adminrecovery.php' ) - , { adminEnableRecovery: recoveryStatus, recoveryPassword: recoveryPassword, confirmPassword: confirmPassword } - , function( result ) { - OC.msg.finishedSaving('#encryptionSetRecoveryKey .msg', result); - if (result.status === "error") { - $('input:radio[name="adminEnableRecovery"][value="'+oldStatus.toString()+'"]').attr("checked", "true"); - } else { - if (recoveryStatus === "0") { - $('p[name="changeRecoveryPasswordBlock"]').addClass("hidden"); - } else { - $('input:password[name="changeRecoveryPassword"]').val(""); - $('p[name="changeRecoveryPasswordBlock"]').removeClass("hidden"); - } - } - } - ); - } - ); - - // change recovery password - - $('button:button[name="submitChangeRecoveryKey"]').click(function() { - var oldRecoveryPassword = $('#oldEncryptionRecoveryPassword').val(); - var newRecoveryPassword = $('#newEncryptionRecoveryPassword').val(); - var confirmNewPassword = $('#repeatedNewEncryptionRecoveryPassword').val(); - OC.msg.startSaving('#encryptionChangeRecoveryKey .msg'); - $.post( - OC.filePath( 'files_encryption', 'ajax', 'changeRecoveryPassword.php' ) - , { oldPassword: oldRecoveryPassword, newPassword: newRecoveryPassword, confirmPassword: confirmNewPassword } - , function( data ) { - OC.msg.finishedSaving('#encryptionChangeRecoveryKey .msg', data); - } - ); - }); - -}); diff --git a/apps/files_encryption/js/settings-personal.js b/apps/files_encryption/js/settings-personal.js deleted file mode 100644 index b798ba7e4e..0000000000 --- a/apps/files_encryption/js/settings-personal.js +++ /dev/null @@ -1,89 +0,0 @@ -/** - * Copyright (c) 2013, Sam Tuke - * This file is licensed under the Affero General Public License version 3 or later. - * See the COPYING-README file. - */ - -function updatePrivateKeyPasswd() { - var oldPrivateKeyPassword = $('input:password[id="oldPrivateKeyPassword"]').val(); - var newPrivateKeyPassword = $('input:password[id="newPrivateKeyPassword"]').val(); - OC.msg.startSaving('#encryption .msg'); - $.post( - OC.filePath( 'files_encryption', 'ajax', 'updatePrivateKeyPassword.php' ) - , { oldPassword: oldPrivateKeyPassword, newPassword: newPrivateKeyPassword } - , function( data ) { - if (data.status === "error") { - OC.msg.finishedSaving('#encryption .msg', data); - } else { - OC.msg.finishedSaving('#encryption .msg', data); - } - } - ); -} - -$(document).ready(function(){ - - // Trigger ajax on recoveryAdmin status change - $( 'input:radio[name="userEnableRecovery"]' ).change( - function() { - var recoveryStatus = $( this ).val(); - OC.msg.startAction('#userEnableRecovery .msg', 'Updating recovery keys. This can take some time...'); - $.post( - OC.filePath( 'files_encryption', 'ajax', 'userrecovery.php' ) - , { userEnableRecovery: recoveryStatus } - , function( data ) { - OC.msg.finishedAction('#userEnableRecovery .msg', data); - } - ); - // Ensure page is not reloaded on form submit - return false; - } - ); - - $("#encryptAll").click( - function(){ - - // Hide feedback messages in case they're already visible - $('#encryptAllSuccess').hide(); - $('#encryptAllError').hide(); - - var userPassword = $( '#userPassword' ).val(); - var encryptAll = $( '#encryptAll' ).val(); - - $.post( - OC.filePath( 'files_encryption', 'ajax', 'encryptall.php' ) - , { encryptAll: encryptAll, userPassword: userPassword } - , function( data ) { - if ( data.status == "success" ) { - $('#encryptAllSuccess').show(); - } else { - $('#encryptAllError').show(); - } - } - ); - // Ensure page is not reloaded on form submit - return false; - } - - ); - - // update private key password - - $('input:password[name="changePrivateKeyPassword"]').keyup(function(event) { - var oldPrivateKeyPassword = $('input:password[id="oldPrivateKeyPassword"]').val(); - var newPrivateKeyPassword = $('input:password[id="newPrivateKeyPassword"]').val(); - if (newPrivateKeyPassword !== '' && oldPrivateKeyPassword !== '' ) { - $('button:button[name="submitChangePrivateKeyPassword"]').removeAttr("disabled"); - if(event.which === 13) { - updatePrivateKeyPasswd(); - } - } else { - $('button:button[name="submitChangePrivateKeyPassword"]').attr("disabled", "true"); - } - }); - - $('button:button[name="submitChangePrivateKeyPassword"]').click(function() { - updatePrivateKeyPasswd(); - }); - -}); diff --git a/apps/files_encryption/l10n/.gitkeep b/apps/files_encryption/l10n/.gitkeep deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/apps/files_encryption/l10n/ar.js b/apps/files_encryption/l10n/ar.js deleted file mode 100644 index 88b1750cc0..0000000000 --- a/apps/files_encryption/l10n/ar.js +++ /dev/null @@ -1,40 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "خطأ غير معروف. ", - "Recovery key successfully enabled" : "تم بنجاح تفعيل مفتاح الاستعادة", - "Could not disable recovery key. Please check your recovery key password!" : "لا يمكن تعطيل مفتاح الاستعادة, يرجى التحقق من كلمة مرور مفتاح الاستعادة!", - "Recovery key successfully disabled" : "تم تعطيل مفتاح الاستعادة بنجاح", - "Password successfully changed." : "تم تغيير كلمة المرور بنجاح.", - "Could not change the password. Maybe the old password was not correct." : "تعذر تغيير كلمة المرور. من الممكن ان كلمة المرور القديمة غير صحيحة.", - "Private key password successfully updated." : "تم تحديث كلمة المرور للمفتاح الخاص بنجاح.", - "File recovery settings updated" : "اعدادات ملف الاستعادة تم تحديثه", - "Could not update file recovery" : "تعذر تحديث ملف الاستعادة", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "برنامج التشفير لم يتم تهيئتة ! من الممكن ان برنامج التشفير تم اعادة تفعيلة خلال الجلسة. يرجى تسجيل الخروج ومن ثم تسجيل الدخول مجددا لتهيئة برنامج التشفير.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "مفتاحك الخاص غير صالح! ربما تم تغيير كلمة المرور خارج %s (مثل:مجلد شركتك). يمكنك تحديث كلمة المرور في الاعدادات الشخصية لإستعادة الوصول الى ملفاتك المشفرة.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "لا يمكن فك التشفير من هذا الملف, من الممكن ان يكون هذا الملف مُشارك. يرجى سؤال صاحب الملف لإعادة مشاركتة معك.", - "Unknown error. Please check your system settings or contact your administrator" : "خطأ غير معروف, الرجاء التحقق من إعدادات نظامك أو راسل المدير", - "Initial encryption started... This can take some time. Please wait." : "بدأ التشفير... من الممكن ان ياخذ بعض الوقت. يرجى الانتظار.", - "Initial encryption running... Please try again later." : "جاري تفعيل التشفير المبدئي ، الرجاء المحاولة لاحقا", - "Missing requirements." : "متطلبات ناقصة.", - "Following users are not set up for encryption:" : "المستخدمين التاليين لم يتم تعيين لهم التشفيير:", - "Go directly to your %spersonal settings%s." : " .%spersonal settings%s إنتقل مباشرة إلى ", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "تم تمكين تشفير البرامج لكن لم يتم تهيئة المفاتيح لذا يرجى تسجيل الخروج ثم تسجيل الدخول مرة آخرى.", - "Enable recovery key (allow to recover users files in case of password loss):" : "تفعيل استعادة المفتاح (سوف يمكنك من استعادة ملفات المستخدمين في حال فقدان كلمة المرور):", - "Recovery key password" : "استعادة كلمة مرور المفتاح", - "Repeat Recovery key password" : "كرر كلمة المرور لـ استعادة المفتاح", - "Enabled" : "مفعلة", - "Disabled" : "معطلة", - "Change recovery key password:" : "تعديل كلمة المرور استعادة المفتاح:", - "Old Recovery key password" : "كلمة المرور القديمة لـ استعامة المفتاح", - "New Recovery key password" : "تعيين كلمة مرور جديدة لـ استعادة المفتاح", - "Repeat New Recovery key password" : "كرر كلمة المرور لـ استعادة المفتاح من جديد", - "Change Password" : "عدل كلمة السر", - " If you don't remember your old password you can ask your administrator to recover your files." : "اذا كنت لاتتذكر كلمة السر تستطيع ان تطلب من المدير ان يستعيد ملفاتك.", - "Old log-in password" : "كلمة المرور القديمة الخاصة بالدخول", - "Current log-in password" : "كلمة المرور الحالية الخاصة بالدخول", - "Update Private Key Password" : "تحديث كلمة المرور لـ المفتاح الخاص", - "Enable password recovery:" : "تفعيل استعادة كلمة المرور:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "تفعيل هذا الخيار يمكنك من اعادة الوصول الى ملفاتك المشفرة عند فقدان كلمة المرور" -}, -"nplurals=6; plural=n==0 ? 0 : n==1 ? 1 : n==2 ? 2 : n%100>=3 && n%100<=10 ? 3 : n%100>=11 && n%100<=99 ? 4 : 5;"); diff --git a/apps/files_encryption/l10n/ar.json b/apps/files_encryption/l10n/ar.json deleted file mode 100644 index ef8d71a0b1..0000000000 --- a/apps/files_encryption/l10n/ar.json +++ /dev/null @@ -1,38 +0,0 @@ -{ "translations": { - "Unknown error" : "خطأ غير معروف. ", - "Recovery key successfully enabled" : "تم بنجاح تفعيل مفتاح الاستعادة", - "Could not disable recovery key. Please check your recovery key password!" : "لا يمكن تعطيل مفتاح الاستعادة, يرجى التحقق من كلمة مرور مفتاح الاستعادة!", - "Recovery key successfully disabled" : "تم تعطيل مفتاح الاستعادة بنجاح", - "Password successfully changed." : "تم تغيير كلمة المرور بنجاح.", - "Could not change the password. Maybe the old password was not correct." : "تعذر تغيير كلمة المرور. من الممكن ان كلمة المرور القديمة غير صحيحة.", - "Private key password successfully updated." : "تم تحديث كلمة المرور للمفتاح الخاص بنجاح.", - "File recovery settings updated" : "اعدادات ملف الاستعادة تم تحديثه", - "Could not update file recovery" : "تعذر تحديث ملف الاستعادة", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "برنامج التشفير لم يتم تهيئتة ! من الممكن ان برنامج التشفير تم اعادة تفعيلة خلال الجلسة. يرجى تسجيل الخروج ومن ثم تسجيل الدخول مجددا لتهيئة برنامج التشفير.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "مفتاحك الخاص غير صالح! ربما تم تغيير كلمة المرور خارج %s (مثل:مجلد شركتك). يمكنك تحديث كلمة المرور في الاعدادات الشخصية لإستعادة الوصول الى ملفاتك المشفرة.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "لا يمكن فك التشفير من هذا الملف, من الممكن ان يكون هذا الملف مُشارك. يرجى سؤال صاحب الملف لإعادة مشاركتة معك.", - "Unknown error. Please check your system settings or contact your administrator" : "خطأ غير معروف, الرجاء التحقق من إعدادات نظامك أو راسل المدير", - "Initial encryption started... This can take some time. Please wait." : "بدأ التشفير... من الممكن ان ياخذ بعض الوقت. يرجى الانتظار.", - "Initial encryption running... Please try again later." : "جاري تفعيل التشفير المبدئي ، الرجاء المحاولة لاحقا", - "Missing requirements." : "متطلبات ناقصة.", - "Following users are not set up for encryption:" : "المستخدمين التاليين لم يتم تعيين لهم التشفيير:", - "Go directly to your %spersonal settings%s." : " .%spersonal settings%s إنتقل مباشرة إلى ", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "تم تمكين تشفير البرامج لكن لم يتم تهيئة المفاتيح لذا يرجى تسجيل الخروج ثم تسجيل الدخول مرة آخرى.", - "Enable recovery key (allow to recover users files in case of password loss):" : "تفعيل استعادة المفتاح (سوف يمكنك من استعادة ملفات المستخدمين في حال فقدان كلمة المرور):", - "Recovery key password" : "استعادة كلمة مرور المفتاح", - "Repeat Recovery key password" : "كرر كلمة المرور لـ استعادة المفتاح", - "Enabled" : "مفعلة", - "Disabled" : "معطلة", - "Change recovery key password:" : "تعديل كلمة المرور استعادة المفتاح:", - "Old Recovery key password" : "كلمة المرور القديمة لـ استعامة المفتاح", - "New Recovery key password" : "تعيين كلمة مرور جديدة لـ استعادة المفتاح", - "Repeat New Recovery key password" : "كرر كلمة المرور لـ استعادة المفتاح من جديد", - "Change Password" : "عدل كلمة السر", - " If you don't remember your old password you can ask your administrator to recover your files." : "اذا كنت لاتتذكر كلمة السر تستطيع ان تطلب من المدير ان يستعيد ملفاتك.", - "Old log-in password" : "كلمة المرور القديمة الخاصة بالدخول", - "Current log-in password" : "كلمة المرور الحالية الخاصة بالدخول", - "Update Private Key Password" : "تحديث كلمة المرور لـ المفتاح الخاص", - "Enable password recovery:" : "تفعيل استعادة كلمة المرور:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "تفعيل هذا الخيار يمكنك من اعادة الوصول الى ملفاتك المشفرة عند فقدان كلمة المرور" -},"pluralForm" :"nplurals=6; plural=n==0 ? 0 : n==1 ? 1 : n==2 ? 2 : n%100>=3 && n%100<=10 ? 3 : n%100>=11 && n%100<=99 ? 4 : 5;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/ast.js b/apps/files_encryption/l10n/ast.js deleted file mode 100644 index 724f4fb0c1..0000000000 --- a/apps/files_encryption/l10n/ast.js +++ /dev/null @@ -1,41 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Fallu desconocíu", - "Recovery key successfully enabled" : "Habilitóse la recuperación de ficheros", - "Could not disable recovery key. Please check your recovery key password!" : "Nun pudo deshabilitase la clave de recuperación. Por favor comprueba la contraseña!", - "Recovery key successfully disabled" : "Clave de recuperación deshabilitada", - "Password successfully changed." : "Camudóse la contraseña", - "Could not change the password. Maybe the old password was not correct." : "Nun pudo camudase la contraseña. Comprueba que la contraseña actual seya correuta.", - "Private key password successfully updated." : "Contraseña de clave privada anovada correchamente.", - "File recovery settings updated" : "Opciones de recuperación de ficheros anovada", - "Could not update file recovery" : "Nun pudo anovase la recuperación de ficheros", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "¡L'aplicación de cifráu nun s'anició! Seique se restableciera mentanto la sesión. Por favor intenta zarrar la sesión y volver a aniciala p'aniciar l'aplicación de cifráu.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "¡La clave privada nun ye válida! Seique la contraseña se camudase dende fuera de %s (Ex:El to direutoriu corporativu). Pues anovar la contraseña de la clave privada nes tos opciones personales pa recuperar l'accesu a los ficheros.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Nun pudo descifrase esti ficheru, dablemente seya un ficheru compartíu. Solicita al propietariu del mesmu que vuelva a compartilu contigo.", - "Unknown error. Please check your system settings or contact your administrator" : "Fallu desconocíu. Por favor, comprueba los axustes del sistema o contauta col alministrador", - "Initial encryption started... This can take some time. Please wait." : "Cifráu aniciáu..... Esto pue llevar un tiempu. Por favor espera.", - "Initial encryption running... Please try again later." : "Cifráu inicial en cursu... Inténtalo dempués.", - "Missing requirements." : "Requisitos incompletos.", - "Following users are not set up for encryption:" : "Los siguientes usuarios nun se configuraron pal cifráu:", - "Go directly to your %spersonal settings%s." : "Dir direutamente a los tos %saxustes personales%s.", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "L'aplicación Encryption ta habilitada pero les tos claves nun s'aniciaron, por favor zarra sesión y aníciala de nueves", - "Enable recovery key (allow to recover users files in case of password loss):" : "Habilitar la clave de recuperación (permite recuperar los ficheros del usuariu en casu de perda de la contraseña);", - "Recovery key password" : "Contraseña de clave de recuperación", - "Repeat Recovery key password" : "Repeti la contraseña de clave de recuperación", - "Enabled" : "Habilitar", - "Disabled" : "Deshabilitáu", - "Change recovery key password:" : "Camudar la contraseña de la clave de recuperación", - "Old Recovery key password" : "Clave de recuperación vieya", - "New Recovery key password" : "Clave de recuperación nueva", - "Repeat New Recovery key password" : "Repetir la clave de recuperación nueva", - "Change Password" : "Camudar contraseña", - "Set your old private key password to your current log-in password:" : "Afita la contraseña de clave privada vieya pa la to contraseña d'aniciu de sesión actual:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Si nun recuerdes la contraseña vieya, pues pidir a alministrador que te recupere los ficheros.", - "Old log-in password" : "Contraseña d'accesu vieya", - "Current log-in password" : "Contraseña d'accesu actual", - "Update Private Key Password" : "Anovar Contraseña de Clave Privada", - "Enable password recovery:" : "Habilitar la recuperación de contraseña:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Habilitar esta opción va permitite volver a tener accesu a los ficheros cifraos en casu de perda de contraseña" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/ast.json b/apps/files_encryption/l10n/ast.json deleted file mode 100644 index 407c27dfe7..0000000000 --- a/apps/files_encryption/l10n/ast.json +++ /dev/null @@ -1,39 +0,0 @@ -{ "translations": { - "Unknown error" : "Fallu desconocíu", - "Recovery key successfully enabled" : "Habilitóse la recuperación de ficheros", - "Could not disable recovery key. Please check your recovery key password!" : "Nun pudo deshabilitase la clave de recuperación. Por favor comprueba la contraseña!", - "Recovery key successfully disabled" : "Clave de recuperación deshabilitada", - "Password successfully changed." : "Camudóse la contraseña", - "Could not change the password. Maybe the old password was not correct." : "Nun pudo camudase la contraseña. Comprueba que la contraseña actual seya correuta.", - "Private key password successfully updated." : "Contraseña de clave privada anovada correchamente.", - "File recovery settings updated" : "Opciones de recuperación de ficheros anovada", - "Could not update file recovery" : "Nun pudo anovase la recuperación de ficheros", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "¡L'aplicación de cifráu nun s'anició! Seique se restableciera mentanto la sesión. Por favor intenta zarrar la sesión y volver a aniciala p'aniciar l'aplicación de cifráu.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "¡La clave privada nun ye válida! Seique la contraseña se camudase dende fuera de %s (Ex:El to direutoriu corporativu). Pues anovar la contraseña de la clave privada nes tos opciones personales pa recuperar l'accesu a los ficheros.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Nun pudo descifrase esti ficheru, dablemente seya un ficheru compartíu. Solicita al propietariu del mesmu que vuelva a compartilu contigo.", - "Unknown error. Please check your system settings or contact your administrator" : "Fallu desconocíu. Por favor, comprueba los axustes del sistema o contauta col alministrador", - "Initial encryption started... This can take some time. Please wait." : "Cifráu aniciáu..... Esto pue llevar un tiempu. Por favor espera.", - "Initial encryption running... Please try again later." : "Cifráu inicial en cursu... Inténtalo dempués.", - "Missing requirements." : "Requisitos incompletos.", - "Following users are not set up for encryption:" : "Los siguientes usuarios nun se configuraron pal cifráu:", - "Go directly to your %spersonal settings%s." : "Dir direutamente a los tos %saxustes personales%s.", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "L'aplicación Encryption ta habilitada pero les tos claves nun s'aniciaron, por favor zarra sesión y aníciala de nueves", - "Enable recovery key (allow to recover users files in case of password loss):" : "Habilitar la clave de recuperación (permite recuperar los ficheros del usuariu en casu de perda de la contraseña);", - "Recovery key password" : "Contraseña de clave de recuperación", - "Repeat Recovery key password" : "Repeti la contraseña de clave de recuperación", - "Enabled" : "Habilitar", - "Disabled" : "Deshabilitáu", - "Change recovery key password:" : "Camudar la contraseña de la clave de recuperación", - "Old Recovery key password" : "Clave de recuperación vieya", - "New Recovery key password" : "Clave de recuperación nueva", - "Repeat New Recovery key password" : "Repetir la clave de recuperación nueva", - "Change Password" : "Camudar contraseña", - "Set your old private key password to your current log-in password:" : "Afita la contraseña de clave privada vieya pa la to contraseña d'aniciu de sesión actual:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Si nun recuerdes la contraseña vieya, pues pidir a alministrador que te recupere los ficheros.", - "Old log-in password" : "Contraseña d'accesu vieya", - "Current log-in password" : "Contraseña d'accesu actual", - "Update Private Key Password" : "Anovar Contraseña de Clave Privada", - "Enable password recovery:" : "Habilitar la recuperación de contraseña:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Habilitar esta opción va permitite volver a tener accesu a los ficheros cifraos en casu de perda de contraseña" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/az.js b/apps/files_encryption/l10n/az.js deleted file mode 100644 index d6d243d165..0000000000 --- a/apps/files_encryption/l10n/az.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Bəlli olmayan səhv baş verdi", - "Missing recovery key password" : "Bərpa açarının şifrəsi çatışmır", - "Please repeat the recovery key password" : "Xahiş olunur bərpa açarı şifrəsini təkrarlayasınız", - "Repeated recovery key password does not match the provided recovery key password" : "Təkrar daxil edilən bərpa açarı şifrəsi, öncə daxil edilən bərpa açarı ilə üst-üstə düşmür ", - "Recovery key successfully enabled" : "Bərpa açarı uğurla aktivləşdi", - "Could not disable recovery key. Please check your recovery key password!" : "Geriqaytarılma açarını sondürmək olmur. Xahiş edirik geriqaytarılma key açarınızı yoxlayın.", - "Recovery key successfully disabled" : "Bərpa açarı uğurla söndürüldü", - "Please provide the old recovery password" : "Xahiş olunur köhnə bərpa açarını daxil edəsiniz", - "Please provide a new recovery password" : "Xahiş olunur yeni bərpa açarı şifrəsini daxil esəsiniz", - "Please repeat the new recovery password" : "Xahiş olunur yeni bərpa açarını təkrarlayasınız", - "Password successfully changed." : "Şifrə uğurla dəyişdirildi.", - "Could not change the password. Maybe the old password was not correct." : "Şifrəni dəyişmək olmur, ola bilər ki, köhnə şifrə düzgün olmayıb.", - "Could not update the private key password." : "Gizli açarın şifrəsini yeniləmək mümkün olmadı.", - "The old password was not correct, please try again." : "Köhnə şifrə düzgün deyildi, xahiş olunur yenidən cəhd edəsiniz.", - "The current log-in password was not correct, please try again." : "Hal-hazırki istifadəçi şifrəsi düzgün deyildi, xahiş olunur yenidən cəhd edəsiniz.", - "Private key password successfully updated." : "Gizli aşar şifrəsi uğurla yeniləndi.", - "File recovery settings updated" : "Fayl bərpa quraşdırmaları yeniləndi", - "Could not update file recovery" : "Fayl bərpasını yeniləmək olmur", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Şifrələmə proqramı inisializasiya edilməyib! Ola bilər ki, şifrələnmə proqramı sizin sessiya müddətində yenidən işə salınıb. Xahiş olunur çıxıb yenidən girişə cəhd edəsiniz ki, şifrələnmə proqramı sizin istifadəçı adı üçün təkrar inisializasiya edilsin. ", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Sizin gizli açarınız doğru deyil! Təxmin edilir ki, sizin şifrə %s-dən kənarda dəyişdirilib(misal üçün sizin koorporativ qovluq). Siz öz şifrələnmiş fayllarınıza yetkinizi bərpa etmək üçün, öz şifrənizi şəxsi quraşdırmalarınızda yeniləyə bilərsiniz.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Bu faylı deşifrə etmək olmur və ola bilər ki, bu paylaşımda olan fayldır. Xahiş olunur faylın sahibinə həmin faylı sizinlə yenidən paylaşım etməsini bildirəsiniz. ", - "Unknown error. Please check your system settings or contact your administrator" : "Tanınmayan səhv. Xahiş olunur sistem quraşdırmalarınızı yoxlayın yada öz inzibatçınızla əlaqə yaradın", - "Initial encryption started... This can take some time. Please wait." : "İlkin şifələnmə başlandı... Bu müəyyən vaxt ala bilər. Xahiş olunur gözləyəsiniz.", - "Initial encryption running... Please try again later." : "İlkin şifrələnmə işləyir... Xahiş olunur birazdan yenidən müraciət edəsiniz.", - "Missing requirements." : "Taləbatlar çatışmır.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Xahiş olunur ki, PHP-in OpenSSL genişlənməsi yüklənib və düzgün konfiqurasiya edilib. İndiki hal üçün şifrələnmə proqramı dayandırılmışdır.", - "Following users are not set up for encryption:" : "Göstərilən istifadəçilər şifrələnmə üçün quraşdırılmayıb:", - "Go directly to your %spersonal settings%s." : "Birbaşa öz %sşəxsi quraşdırmalarınıza%s gedin.", - "Server-side Encryption" : "Server-tərəf şifrələnmə", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Proqram şifrələnməsi işə salınıb ancaq, sizin açarlar inisializasiya edilməyib. Xahiş edilir çıxıb yenidən daxil olasınız", - "Enable recovery key (allow to recover users files in case of password loss):" : "Bərpa açarını aktivləşdir(şifrə itirilməsi hadısələrində, istifadəçi fayllarının bərpasına izin verir)", - "Recovery key password" : "Açar şifrənin bərpa edilməsi", - "Repeat Recovery key password" : "Bərpa açarın şifrəsini təkrar edin", - "Enabled" : "İşə salınıb", - "Disabled" : "Dayandırılıb", - "Change recovery key password:" : "Bərpa açarın şifrəsini dəyişdir:", - "Old Recovery key password" : "Köhnə bərpa açarı şifrəsi", - "New Recovery key password" : "Yeni bərpa açarı şifrəsi", - "Repeat New Recovery key password" : "Yeni bərpa açarı şifrəsini təkrar edin", - "Change Password" : "Şifrəni dəyişdir", - "Your private key password no longer matches your log-in password." : "Sizin gizli açar şifrəsi, artıq giriş adınızla uyğun gəlmir.", - "Set your old private key password to your current log-in password:" : "Köhnə açar şifrənizi, sizin hal-hazırki giriş şifrənizə təyin edin: ", - " If you don't remember your old password you can ask your administrator to recover your files." : "Əgər siz köhnə şifrənizi xatırlamırsınızsa, öz inzibatçınızdan fayllarınızın bərpasını istəyə bilərsiniz.", - "Old log-in password" : "Köhnə giriş şifrəsi", - "Current log-in password" : "Hal-hazırki giriş şifrəsi", - "Update Private Key Password" : "Gizli açar şifrəsini yenilə", - "Enable password recovery:" : "Şifrə bərpasını işə sal:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Bu opsiyanın aktiv edilməsi sizə, şifrənin itdiyi hallarda bütün şifrələnmiş fayllarınıza yetkinin yenidən əldə edilməsinə şərait yaradacaq" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/az.json b/apps/files_encryption/l10n/az.json deleted file mode 100644 index 730e79a508..0000000000 --- a/apps/files_encryption/l10n/az.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Bəlli olmayan səhv baş verdi", - "Missing recovery key password" : "Bərpa açarının şifrəsi çatışmır", - "Please repeat the recovery key password" : "Xahiş olunur bərpa açarı şifrəsini təkrarlayasınız", - "Repeated recovery key password does not match the provided recovery key password" : "Təkrar daxil edilən bərpa açarı şifrəsi, öncə daxil edilən bərpa açarı ilə üst-üstə düşmür ", - "Recovery key successfully enabled" : "Bərpa açarı uğurla aktivləşdi", - "Could not disable recovery key. Please check your recovery key password!" : "Geriqaytarılma açarını sondürmək olmur. Xahiş edirik geriqaytarılma key açarınızı yoxlayın.", - "Recovery key successfully disabled" : "Bərpa açarı uğurla söndürüldü", - "Please provide the old recovery password" : "Xahiş olunur köhnə bərpa açarını daxil edəsiniz", - "Please provide a new recovery password" : "Xahiş olunur yeni bərpa açarı şifrəsini daxil esəsiniz", - "Please repeat the new recovery password" : "Xahiş olunur yeni bərpa açarını təkrarlayasınız", - "Password successfully changed." : "Şifrə uğurla dəyişdirildi.", - "Could not change the password. Maybe the old password was not correct." : "Şifrəni dəyişmək olmur, ola bilər ki, köhnə şifrə düzgün olmayıb.", - "Could not update the private key password." : "Gizli açarın şifrəsini yeniləmək mümkün olmadı.", - "The old password was not correct, please try again." : "Köhnə şifrə düzgün deyildi, xahiş olunur yenidən cəhd edəsiniz.", - "The current log-in password was not correct, please try again." : "Hal-hazırki istifadəçi şifrəsi düzgün deyildi, xahiş olunur yenidən cəhd edəsiniz.", - "Private key password successfully updated." : "Gizli aşar şifrəsi uğurla yeniləndi.", - "File recovery settings updated" : "Fayl bərpa quraşdırmaları yeniləndi", - "Could not update file recovery" : "Fayl bərpasını yeniləmək olmur", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Şifrələmə proqramı inisializasiya edilməyib! Ola bilər ki, şifrələnmə proqramı sizin sessiya müddətində yenidən işə salınıb. Xahiş olunur çıxıb yenidən girişə cəhd edəsiniz ki, şifrələnmə proqramı sizin istifadəçı adı üçün təkrar inisializasiya edilsin. ", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Sizin gizli açarınız doğru deyil! Təxmin edilir ki, sizin şifrə %s-dən kənarda dəyişdirilib(misal üçün sizin koorporativ qovluq). Siz öz şifrələnmiş fayllarınıza yetkinizi bərpa etmək üçün, öz şifrənizi şəxsi quraşdırmalarınızda yeniləyə bilərsiniz.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Bu faylı deşifrə etmək olmur və ola bilər ki, bu paylaşımda olan fayldır. Xahiş olunur faylın sahibinə həmin faylı sizinlə yenidən paylaşım etməsini bildirəsiniz. ", - "Unknown error. Please check your system settings or contact your administrator" : "Tanınmayan səhv. Xahiş olunur sistem quraşdırmalarınızı yoxlayın yada öz inzibatçınızla əlaqə yaradın", - "Initial encryption started... This can take some time. Please wait." : "İlkin şifələnmə başlandı... Bu müəyyən vaxt ala bilər. Xahiş olunur gözləyəsiniz.", - "Initial encryption running... Please try again later." : "İlkin şifrələnmə işləyir... Xahiş olunur birazdan yenidən müraciət edəsiniz.", - "Missing requirements." : "Taləbatlar çatışmır.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Xahiş olunur ki, PHP-in OpenSSL genişlənməsi yüklənib və düzgün konfiqurasiya edilib. İndiki hal üçün şifrələnmə proqramı dayandırılmışdır.", - "Following users are not set up for encryption:" : "Göstərilən istifadəçilər şifrələnmə üçün quraşdırılmayıb:", - "Go directly to your %spersonal settings%s." : "Birbaşa öz %sşəxsi quraşdırmalarınıza%s gedin.", - "Server-side Encryption" : "Server-tərəf şifrələnmə", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Proqram şifrələnməsi işə salınıb ancaq, sizin açarlar inisializasiya edilməyib. Xahiş edilir çıxıb yenidən daxil olasınız", - "Enable recovery key (allow to recover users files in case of password loss):" : "Bərpa açarını aktivləşdir(şifrə itirilməsi hadısələrində, istifadəçi fayllarının bərpasına izin verir)", - "Recovery key password" : "Açar şifrənin bərpa edilməsi", - "Repeat Recovery key password" : "Bərpa açarın şifrəsini təkrar edin", - "Enabled" : "İşə salınıb", - "Disabled" : "Dayandırılıb", - "Change recovery key password:" : "Bərpa açarın şifrəsini dəyişdir:", - "Old Recovery key password" : "Köhnə bərpa açarı şifrəsi", - "New Recovery key password" : "Yeni bərpa açarı şifrəsi", - "Repeat New Recovery key password" : "Yeni bərpa açarı şifrəsini təkrar edin", - "Change Password" : "Şifrəni dəyişdir", - "Your private key password no longer matches your log-in password." : "Sizin gizli açar şifrəsi, artıq giriş adınızla uyğun gəlmir.", - "Set your old private key password to your current log-in password:" : "Köhnə açar şifrənizi, sizin hal-hazırki giriş şifrənizə təyin edin: ", - " If you don't remember your old password you can ask your administrator to recover your files." : "Əgər siz köhnə şifrənizi xatırlamırsınızsa, öz inzibatçınızdan fayllarınızın bərpasını istəyə bilərsiniz.", - "Old log-in password" : "Köhnə giriş şifrəsi", - "Current log-in password" : "Hal-hazırki giriş şifrəsi", - "Update Private Key Password" : "Gizli açar şifrəsini yenilə", - "Enable password recovery:" : "Şifrə bərpasını işə sal:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Bu opsiyanın aktiv edilməsi sizə, şifrənin itdiyi hallarda bütün şifrələnmiş fayllarınıza yetkinin yenidən əldə edilməsinə şərait yaradacaq" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/bg_BG.js b/apps/files_encryption/l10n/bg_BG.js deleted file mode 100644 index 6f5876c065..0000000000 --- a/apps/files_encryption/l10n/bg_BG.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Непозната грешка.", - "Missing recovery key password" : "Липсва парола за възстановяване", - "Please repeat the recovery key password" : "Повтори новата парола за възстановяване", - "Repeated recovery key password does not match the provided recovery key password" : "Повторената парола за възстановяване не съвпада със зададената парола за възстановяване", - "Recovery key successfully enabled" : "Успешно включване на опцията ключ за възстановяване.", - "Could not disable recovery key. Please check your recovery key password!" : "Неуспешно изключване на ключа за възстановяване. Моля, провери паролата за ключа за възстановяване!", - "Recovery key successfully disabled" : "Успешно изключване на ключа за възстановяване.", - "Please provide the old recovery password" : "Моля, въведи старата парола за възстановяване", - "Please provide a new recovery password" : "Моля, задай нова парола за възстановяване", - "Please repeat the new recovery password" : "Моля, въведи повторна новата парола за възстановяване", - "Password successfully changed." : "Паролата е успешно променена.", - "Could not change the password. Maybe the old password was not correct." : "Грешка при промяна на паролата. Може би старата ти парола е сгрешена.", - "Could not update the private key password." : "Неуспешна промяна на паролата на личния ключ", - "The old password was not correct, please try again." : "Старата парола е грешна, опитай отново.", - "The current log-in password was not correct, please try again." : "Грешна парола за вписване, опитай отново.", - "Private key password successfully updated." : "Успешно променена тайната парола за ключа.", - "File recovery settings updated" : "Настройките за възстановяване на файлове са променени.", - "Could not update file recovery" : "Неуспешна промяна на настройките за възстановяване на файлове.", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Неуспешна инициализация на криптиращото приложение! Може би криптиращото приложение бе включено по време на твоята сесия. Отпиши се и се впиши обратно за да инциализираш криптиращото приложение.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Твоят таен ключ е невалиден! Вероятно твоята парола беше променена извън %s(пр. твоята корпоративна директория). Можеш да промениш своят таен ключ в Лични настройки, за да възстановиш достъпа до криптираните файлове.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Неуспешно разшифроване на този файл, вероятно това е споделен файл. Моля, поискай собственика на файла да го сподели повторно с теб.", - "Unknown error. Please check your system settings or contact your administrator" : "Непозната грешка. Моля, провери системните настройки или се свържи с администратора.", - "Initial encryption started... This can take some time. Please wait." : "Първоначалното криптиране започна... Това може да отнеме време. Моля изчакай.", - "Initial encryption running... Please try again later." : "Тече първоначално криптиране... Моля опитай по-късно.", - "Missing requirements." : "Липсва задължителна информация.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Моля уверете се че OpenSSL заедно с PHP разширене са включени и конфигурирани правилно. За сега, криптиращото приложение е изключено.", - "Following users are not set up for encryption:" : "Следните потребители не са настроени за криптиране:", - "Go directly to your %spersonal settings%s." : "Отиде направо към твоите %sлични настройки%s.", - "Server-side Encryption" : "Криптиране от страна на сървъра", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Програмата за криптиране е включена, но твоите ключове не са зададени, моля отпиши си и се впиши отново.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Включи опцията възстановяване на ключ (разрешава да възстанови файловете на потребителите в случай на загубена парола):", - "Recovery key password" : "Парола за възстановяане на ключа", - "Repeat Recovery key password" : "Повтори паролата за възстановяване на ключа", - "Enabled" : "Включено", - "Disabled" : "Изключено", - "Change recovery key password:" : "Промени паролата за въстановяване на ключа:", - "Old Recovery key password" : "Старата парола за въстановяване на ключа", - "New Recovery key password" : "Новата парола за възстановяване на ключа", - "Repeat New Recovery key password" : "Повтори новата паролза за възстановяване на ключа", - "Change Password" : "Промени Паролата", - "Your private key password no longer matches your log-in password." : "Личният ти ключ не съвпада с паролата за вписване.", - "Set your old private key password to your current log-in password:" : "Промени паролата за тайния ти включ на паролата за вписване:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Ако не помниш старата парола помоли администратора да възстанови файловете ти.", - "Old log-in password" : "Стара парола за вписване", - "Current log-in password" : "Текуща парола за вписване", - "Update Private Key Password" : "Промени Тайната Парола за Ключа", - "Enable password recovery:" : "Включи опцията възстановяване на паролата:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Избирането на тази опция ще ти позволи да възстановиш достъпа си до файловете в случай на изгубена парола." -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/bg_BG.json b/apps/files_encryption/l10n/bg_BG.json deleted file mode 100644 index 055c434d22..0000000000 --- a/apps/files_encryption/l10n/bg_BG.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Непозната грешка.", - "Missing recovery key password" : "Липсва парола за възстановяване", - "Please repeat the recovery key password" : "Повтори новата парола за възстановяване", - "Repeated recovery key password does not match the provided recovery key password" : "Повторената парола за възстановяване не съвпада със зададената парола за възстановяване", - "Recovery key successfully enabled" : "Успешно включване на опцията ключ за възстановяване.", - "Could not disable recovery key. Please check your recovery key password!" : "Неуспешно изключване на ключа за възстановяване. Моля, провери паролата за ключа за възстановяване!", - "Recovery key successfully disabled" : "Успешно изключване на ключа за възстановяване.", - "Please provide the old recovery password" : "Моля, въведи старата парола за възстановяване", - "Please provide a new recovery password" : "Моля, задай нова парола за възстановяване", - "Please repeat the new recovery password" : "Моля, въведи повторна новата парола за възстановяване", - "Password successfully changed." : "Паролата е успешно променена.", - "Could not change the password. Maybe the old password was not correct." : "Грешка при промяна на паролата. Може би старата ти парола е сгрешена.", - "Could not update the private key password." : "Неуспешна промяна на паролата на личния ключ", - "The old password was not correct, please try again." : "Старата парола е грешна, опитай отново.", - "The current log-in password was not correct, please try again." : "Грешна парола за вписване, опитай отново.", - "Private key password successfully updated." : "Успешно променена тайната парола за ключа.", - "File recovery settings updated" : "Настройките за възстановяване на файлове са променени.", - "Could not update file recovery" : "Неуспешна промяна на настройките за възстановяване на файлове.", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Неуспешна инициализация на криптиращото приложение! Може би криптиращото приложение бе включено по време на твоята сесия. Отпиши се и се впиши обратно за да инциализираш криптиращото приложение.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Твоят таен ключ е невалиден! Вероятно твоята парола беше променена извън %s(пр. твоята корпоративна директория). Можеш да промениш своят таен ключ в Лични настройки, за да възстановиш достъпа до криптираните файлове.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Неуспешно разшифроване на този файл, вероятно това е споделен файл. Моля, поискай собственика на файла да го сподели повторно с теб.", - "Unknown error. Please check your system settings or contact your administrator" : "Непозната грешка. Моля, провери системните настройки или се свържи с администратора.", - "Initial encryption started... This can take some time. Please wait." : "Първоначалното криптиране започна... Това може да отнеме време. Моля изчакай.", - "Initial encryption running... Please try again later." : "Тече първоначално криптиране... Моля опитай по-късно.", - "Missing requirements." : "Липсва задължителна информация.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Моля уверете се че OpenSSL заедно с PHP разширене са включени и конфигурирани правилно. За сега, криптиращото приложение е изключено.", - "Following users are not set up for encryption:" : "Следните потребители не са настроени за криптиране:", - "Go directly to your %spersonal settings%s." : "Отиде направо към твоите %sлични настройки%s.", - "Server-side Encryption" : "Криптиране от страна на сървъра", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Програмата за криптиране е включена, но твоите ключове не са зададени, моля отпиши си и се впиши отново.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Включи опцията възстановяване на ключ (разрешава да възстанови файловете на потребителите в случай на загубена парола):", - "Recovery key password" : "Парола за възстановяане на ключа", - "Repeat Recovery key password" : "Повтори паролата за възстановяване на ключа", - "Enabled" : "Включено", - "Disabled" : "Изключено", - "Change recovery key password:" : "Промени паролата за въстановяване на ключа:", - "Old Recovery key password" : "Старата парола за въстановяване на ключа", - "New Recovery key password" : "Новата парола за възстановяване на ключа", - "Repeat New Recovery key password" : "Повтори новата паролза за възстановяване на ключа", - "Change Password" : "Промени Паролата", - "Your private key password no longer matches your log-in password." : "Личният ти ключ не съвпада с паролата за вписване.", - "Set your old private key password to your current log-in password:" : "Промени паролата за тайния ти включ на паролата за вписване:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Ако не помниш старата парола помоли администратора да възстанови файловете ти.", - "Old log-in password" : "Стара парола за вписване", - "Current log-in password" : "Текуща парола за вписване", - "Update Private Key Password" : "Промени Тайната Парола за Ключа", - "Enable password recovery:" : "Включи опцията възстановяване на паролата:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Избирането на тази опция ще ти позволи да възстановиш достъпа си до файловете в случай на изгубена парола." -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/bn_BD.js b/apps/files_encryption/l10n/bn_BD.js deleted file mode 100644 index 2a1446e572..0000000000 --- a/apps/files_encryption/l10n/bn_BD.js +++ /dev/null @@ -1,22 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "অজানা জটিলতা", - "Recovery key successfully enabled" : "পূনরুদ্ধার চাবি সার্থকভাবে কার্যকর করা হয়েছে", - "Recovery key successfully disabled" : "পূনরুদ্ধার চাবি সার্থকভাবে অকার্যকর করা হয়েছে", - "Password successfully changed." : "আপনার কূটশব্দটি সার্থকভাবে পরিবর্তন করা হয়েছে ", - "Initial encryption started... This can take some time. Please wait." : "প্রাথমিক এনক্রিপসন শুরু হয়েছে.... এটি কিছুটা সময় নিতে পারে। অপেক্ষা করুন।", - "Initial encryption running... Please try again later." : "প্রাথমিক এনক্রিপসন চলছে.... দয়া করে পরে আবার চেষ্টা করুন।", - "Missing requirements." : "প্রয়োজনানুযায়ী ঘাটতি আছে।", - "Following users are not set up for encryption:" : "নিম্নবর্ণিত ব্যবহারকারীগণ এনক্রিপসনের জন্য অধিকারপ্রাপ্ত নন:", - "Go directly to your %spersonal settings%s." : "সরাসরি আপনার %spersonal settings%s এ যান।", - "Repeat Recovery key password" : "পূণরূদ্ধার কি এর কুটশব্দ পূণরায় দিন", - "Enabled" : "কার্যকর", - "Disabled" : "অকার্যকর", - "Change recovery key password:" : "পূণরূদ্ধার কি এর কুটশব্দ পরিবর্তন করুন:", - "Old Recovery key password" : "পূণরূদ্ধার কি এর পুরাতন কুটশব্দ", - "New Recovery key password" : "পূণরূদ্ধার কি এর নতুন কুটশব্দ", - "Repeat New Recovery key password" : "পূণরূদ্ধার কি এর নতুন কুটশব্দ পূণরায় দিন", - "Change Password" : "কূটশব্দ পরিবর্তন করুন" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/bn_BD.json b/apps/files_encryption/l10n/bn_BD.json deleted file mode 100644 index 9c2eca6591..0000000000 --- a/apps/files_encryption/l10n/bn_BD.json +++ /dev/null @@ -1,20 +0,0 @@ -{ "translations": { - "Unknown error" : "অজানা জটিলতা", - "Recovery key successfully enabled" : "পূনরুদ্ধার চাবি সার্থকভাবে কার্যকর করা হয়েছে", - "Recovery key successfully disabled" : "পূনরুদ্ধার চাবি সার্থকভাবে অকার্যকর করা হয়েছে", - "Password successfully changed." : "আপনার কূটশব্দটি সার্থকভাবে পরিবর্তন করা হয়েছে ", - "Initial encryption started... This can take some time. Please wait." : "প্রাথমিক এনক্রিপসন শুরু হয়েছে.... এটি কিছুটা সময় নিতে পারে। অপেক্ষা করুন।", - "Initial encryption running... Please try again later." : "প্রাথমিক এনক্রিপসন চলছে.... দয়া করে পরে আবার চেষ্টা করুন।", - "Missing requirements." : "প্রয়োজনানুযায়ী ঘাটতি আছে।", - "Following users are not set up for encryption:" : "নিম্নবর্ণিত ব্যবহারকারীগণ এনক্রিপসনের জন্য অধিকারপ্রাপ্ত নন:", - "Go directly to your %spersonal settings%s." : "সরাসরি আপনার %spersonal settings%s এ যান।", - "Repeat Recovery key password" : "পূণরূদ্ধার কি এর কুটশব্দ পূণরায় দিন", - "Enabled" : "কার্যকর", - "Disabled" : "অকার্যকর", - "Change recovery key password:" : "পূণরূদ্ধার কি এর কুটশব্দ পরিবর্তন করুন:", - "Old Recovery key password" : "পূণরূদ্ধার কি এর পুরাতন কুটশব্দ", - "New Recovery key password" : "পূণরূদ্ধার কি এর নতুন কুটশব্দ", - "Repeat New Recovery key password" : "পূণরূদ্ধার কি এর নতুন কুটশব্দ পূণরায় দিন", - "Change Password" : "কূটশব্দ পরিবর্তন করুন" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/bs.js b/apps/files_encryption/l10n/bs.js deleted file mode 100644 index 7bf649dcb6..0000000000 --- a/apps/files_encryption/l10n/bs.js +++ /dev/null @@ -1,9 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Nepoznata greška", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplikacija šifriranja je uključena, ali vaši ključevi nisu inicializirani, molim odjavite se i ponovno prijavite", - "Enabled" : "Aktivirano", - "Disabled" : "Onemogućeno" -}, -"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);"); diff --git a/apps/files_encryption/l10n/bs.json b/apps/files_encryption/l10n/bs.json deleted file mode 100644 index df05ce3e24..0000000000 --- a/apps/files_encryption/l10n/bs.json +++ /dev/null @@ -1,7 +0,0 @@ -{ "translations": { - "Unknown error" : "Nepoznata greška", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplikacija šifriranja je uključena, ali vaši ključevi nisu inicializirani, molim odjavite se i ponovno prijavite", - "Enabled" : "Aktivirano", - "Disabled" : "Onemogućeno" -},"pluralForm" :"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/ca.js b/apps/files_encryption/l10n/ca.js deleted file mode 100644 index 189fc65316..0000000000 --- a/apps/files_encryption/l10n/ca.js +++ /dev/null @@ -1,42 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Error desconegut", - "Recovery key successfully enabled" : "La clau de recuperació s'ha activat", - "Could not disable recovery key. Please check your recovery key password!" : "No s'ha pogut desactivar la calu de recuperació. Comproveu la contrasenya de la clau de recuperació!", - "Recovery key successfully disabled" : "La clau de recuperació s'ha descativat", - "Password successfully changed." : "La contrasenya s'ha canviat.", - "Could not change the password. Maybe the old password was not correct." : "No s'ha pogut canviar la contrasenya. Potser la contrasenya anterior no era correcta.", - "Private key password successfully updated." : "La contrasenya de la clau privada s'ha actualitzat.", - "File recovery settings updated" : "S'han actualitzat els arranjaments de recuperació de fitxers", - "Could not update file recovery" : "No s'ha pogut actualitzar la recuperació de fitxers", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "L'aplicació d'encriptació no està inicialitzada! Potser l'aplicació d'encriptació ha estat reiniciada durant la sessió. Intenteu sortir i acreditar-vos de nou per reinicialitzar l'aplicació d'encriptació.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "La clau privada no és vàlida! Probablement la contrasenya va ser canviada des de fora de %s (per exemple, en el directori de l'empresa). Vostè pot actualitzar la contrasenya de clau privada en la seva configuració personal per poder recuperar l'accés en els arxius xifrats.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "No es pot desencriptar aquest fitxer, probablement és un fitxer compartit. Demaneu al propietari del fitxer que el comparteixi de nou amb vós.", - "Unknown error. Please check your system settings or contact your administrator" : "Error desconegut. Comproveu l'arranjament del sistema o aviseu a l'administrador", - "Initial encryption started... This can take some time. Please wait." : "La encriptació inicial ha començat... Pot trigar una estona, espereu.", - "Initial encryption running... Please try again later." : "encriptació inicial en procés... Proveu-ho més tard.", - "Missing requirements." : "Manca de requisits.", - "Following users are not set up for encryption:" : "Els usuaris següents no estan configurats per a l'encriptació:", - "Go directly to your %spersonal settings%s." : "Vés directament a l'%sarranjament personal%s.", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "L'aplicació d'encriptació està activada però les claus no estan inicialitzades, sortiu i acrediteu-vos de nou.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Activa la clau de recuperació (permet recuperar fitxers d'usuaris en cas de pèrdua de contrasenya):", - "Recovery key password" : "Clau de recuperació de la contrasenya", - "Repeat Recovery key password" : "Repetiu la clau de recuperació de contrasenya", - "Enabled" : "Activat", - "Disabled" : "Desactivat", - "Change recovery key password:" : "Canvia la clau de recuperació de contrasenya:", - "Old Recovery key password" : "Antiga clau de recuperació de contrasenya", - "New Recovery key password" : "Nova clau de recuperació de contrasenya", - "Repeat New Recovery key password" : "Repetiu la nova clau de recuperació de contrasenya", - "Change Password" : "Canvia la contrasenya", - "Your private key password no longer matches your log-in password." : "La clau privada ja no es correspon amb la contrasenya d'accés:", - "Set your old private key password to your current log-in password:" : "Establiu la vostra antiga clau privada a l'actual contrasenya d'accés:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Si no recordeu la contrasenya anterior podeu demanar a l'administrador que recuperi els vostres fitxers.", - "Old log-in password" : "Contrasenya anterior d'accés", - "Current log-in password" : "Contrasenya d'accés actual", - "Update Private Key Password" : "Actualitza la contrasenya de clau privada", - "Enable password recovery:" : "Habilita la recuperació de contrasenya:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Activar aquesta opció us permetrà obtenir de nou accés als vostres fitxers encriptats en cas de perdre la contrasenya" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/ca.json b/apps/files_encryption/l10n/ca.json deleted file mode 100644 index e3de02e170..0000000000 --- a/apps/files_encryption/l10n/ca.json +++ /dev/null @@ -1,40 +0,0 @@ -{ "translations": { - "Unknown error" : "Error desconegut", - "Recovery key successfully enabled" : "La clau de recuperació s'ha activat", - "Could not disable recovery key. Please check your recovery key password!" : "No s'ha pogut desactivar la calu de recuperació. Comproveu la contrasenya de la clau de recuperació!", - "Recovery key successfully disabled" : "La clau de recuperació s'ha descativat", - "Password successfully changed." : "La contrasenya s'ha canviat.", - "Could not change the password. Maybe the old password was not correct." : "No s'ha pogut canviar la contrasenya. Potser la contrasenya anterior no era correcta.", - "Private key password successfully updated." : "La contrasenya de la clau privada s'ha actualitzat.", - "File recovery settings updated" : "S'han actualitzat els arranjaments de recuperació de fitxers", - "Could not update file recovery" : "No s'ha pogut actualitzar la recuperació de fitxers", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "L'aplicació d'encriptació no està inicialitzada! Potser l'aplicació d'encriptació ha estat reiniciada durant la sessió. Intenteu sortir i acreditar-vos de nou per reinicialitzar l'aplicació d'encriptació.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "La clau privada no és vàlida! Probablement la contrasenya va ser canviada des de fora de %s (per exemple, en el directori de l'empresa). Vostè pot actualitzar la contrasenya de clau privada en la seva configuració personal per poder recuperar l'accés en els arxius xifrats.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "No es pot desencriptar aquest fitxer, probablement és un fitxer compartit. Demaneu al propietari del fitxer que el comparteixi de nou amb vós.", - "Unknown error. Please check your system settings or contact your administrator" : "Error desconegut. Comproveu l'arranjament del sistema o aviseu a l'administrador", - "Initial encryption started... This can take some time. Please wait." : "La encriptació inicial ha començat... Pot trigar una estona, espereu.", - "Initial encryption running... Please try again later." : "encriptació inicial en procés... Proveu-ho més tard.", - "Missing requirements." : "Manca de requisits.", - "Following users are not set up for encryption:" : "Els usuaris següents no estan configurats per a l'encriptació:", - "Go directly to your %spersonal settings%s." : "Vés directament a l'%sarranjament personal%s.", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "L'aplicació d'encriptació està activada però les claus no estan inicialitzades, sortiu i acrediteu-vos de nou.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Activa la clau de recuperació (permet recuperar fitxers d'usuaris en cas de pèrdua de contrasenya):", - "Recovery key password" : "Clau de recuperació de la contrasenya", - "Repeat Recovery key password" : "Repetiu la clau de recuperació de contrasenya", - "Enabled" : "Activat", - "Disabled" : "Desactivat", - "Change recovery key password:" : "Canvia la clau de recuperació de contrasenya:", - "Old Recovery key password" : "Antiga clau de recuperació de contrasenya", - "New Recovery key password" : "Nova clau de recuperació de contrasenya", - "Repeat New Recovery key password" : "Repetiu la nova clau de recuperació de contrasenya", - "Change Password" : "Canvia la contrasenya", - "Your private key password no longer matches your log-in password." : "La clau privada ja no es correspon amb la contrasenya d'accés:", - "Set your old private key password to your current log-in password:" : "Establiu la vostra antiga clau privada a l'actual contrasenya d'accés:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Si no recordeu la contrasenya anterior podeu demanar a l'administrador que recuperi els vostres fitxers.", - "Old log-in password" : "Contrasenya anterior d'accés", - "Current log-in password" : "Contrasenya d'accés actual", - "Update Private Key Password" : "Actualitza la contrasenya de clau privada", - "Enable password recovery:" : "Habilita la recuperació de contrasenya:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Activar aquesta opció us permetrà obtenir de nou accés als vostres fitxers encriptats en cas de perdre la contrasenya" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/cs_CZ.js b/apps/files_encryption/l10n/cs_CZ.js deleted file mode 100644 index 42e14ca683..0000000000 --- a/apps/files_encryption/l10n/cs_CZ.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Neznámá chyba", - "Missing recovery key password" : "Chybí heslo klíče pro obnovu", - "Please repeat the recovery key password" : "Zopakujte prosím heslo klíče pro obnovu", - "Repeated recovery key password does not match the provided recovery key password" : "Opakované heslo pro obnovu nesouhlasí se zadaným heslem", - "Recovery key successfully enabled" : "Záchranný klíč byl úspěšně povolen", - "Could not disable recovery key. Please check your recovery key password!" : "Nelze zakázat záchranný klíč. Zkontrolujte prosím heslo svého záchranného klíče!", - "Recovery key successfully disabled" : "Záchranný klíč byl úspěšně zakázán", - "Please provide the old recovery password" : "Zadejte prosím staré heslo pro obnovu", - "Please provide a new recovery password" : "Zadejte prosím nové heslo pro obnovu", - "Please repeat the new recovery password" : "Zopakujte prosím nové heslo pro obnovu", - "Password successfully changed." : "Heslo bylo úspěšně změněno.", - "Could not change the password. Maybe the old password was not correct." : "Změna hesla se nezdařila. Pravděpodobně nebylo stávající heslo zadáno správně.", - "Could not update the private key password." : "Nelze aktualizovat heslo soukromého klíče.", - "The old password was not correct, please try again." : "Staré heslo nebylo zadáno správně, zkuste to prosím znovu.", - "The current log-in password was not correct, please try again." : "Současné přihlašovací heslo nebylo zadáno správně, zkuste to prosím znovu.", - "Private key password successfully updated." : "Heslo soukromého klíče úspěšně aktualizováno.", - "File recovery settings updated" : "Možnosti záchrany souborů aktualizovány", - "Could not update file recovery" : "Nelze nastavit záchranu souborů", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Aplikace pro šifrování není inicializována! Je možné, že aplikace byla znovu aktivována během vašeho přihlášení. Zkuste se prosím odhlásit a znovu přihlásit pro provedení inicializace šifrovací aplikace.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Váš soukromý klíč není platný! Pravděpodobně bylo vaše heslo změněno vně systému %s (např. ve vašem firemním adresáři). Heslo vašeho soukromého klíče můžete změnit ve svém osobním nastavení pro obnovení přístupu k vašim zašifrovaným souborům.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Tento soubor se nepodařilo dešifrovat, pravděpodobně je sdílený. Požádejte prosím majitele souboru, aby jej s vámi znovu sdílel.", - "Unknown error. Please check your system settings or contact your administrator" : "Neznámá chyba. Zkontrolujte nastavení systému nebo kontaktujte vašeho správce.", - "Initial encryption started... This can take some time. Please wait." : "Počáteční šifrování zahájeno... Toto může chvíli trvat. Počkejte prosím.", - "Initial encryption running... Please try again later." : "Probíhá počáteční šifrování... Zkuste to prosím znovu později.", - "Missing requirements." : "Nesplněné závislosti.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Ujistěte se prosím, že máte povolené a správně nakonfigurované OpenSSL včetně jeho rozšíření pro PHP. Aplikace pro šifrování byla prozatím vypnuta.", - "Following users are not set up for encryption:" : "Následující uživatelé nemají nastavené šifrování:", - "Go directly to your %spersonal settings%s." : "Přejít přímo do svého %sosobního nastavení%s.", - "Server-side Encryption" : "Šifrování na serveru", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplikace pro šifrování je zapnuta, ale vaše klíče nejsou inicializované. Prosím odhlaste se a znovu přihlaste", - "Enable recovery key (allow to recover users files in case of password loss):" : "Povolit klíč pro obnovu (umožňuje obnovu uživatelských souborů v případě ztráty hesla)", - "Recovery key password" : "Heslo klíče pro obnovu", - "Repeat Recovery key password" : "Zopakujte heslo klíče pro obnovu", - "Enabled" : "Povoleno", - "Disabled" : "Zakázáno", - "Change recovery key password:" : "Změna hesla klíče pro obnovu:", - "Old Recovery key password" : "Původní heslo klíče pro obnovu", - "New Recovery key password" : "Nové heslo klíče pro obnovu", - "Repeat New Recovery key password" : "Zopakujte nové heslo klíče pro obnovu", - "Change Password" : "Změnit heslo", - "Your private key password no longer matches your log-in password." : "Heslo vašeho soukromého klíče se již neshoduje s vaším přihlašovacím heslem.", - "Set your old private key password to your current log-in password:" : "Změňte své staré heslo soukromého klíče na stejné, jako je vaše současné přihlašovací heslo:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Pokud si nepamatujete své původní heslo, můžete požádat správce o obnovu vašich souborů.", - "Old log-in password" : "Původní přihlašovací heslo", - "Current log-in password" : "Aktuální přihlašovací heslo", - "Update Private Key Password" : "Změnit heslo soukromého klíče", - "Enable password recovery:" : "Povolit obnovu hesla:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Zapnutí této volby vám umožní znovu získat přístup k vašim zašifrovaným souborům pokud ztratíte heslo" -}, -"nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;"); diff --git a/apps/files_encryption/l10n/cs_CZ.json b/apps/files_encryption/l10n/cs_CZ.json deleted file mode 100644 index 6e724f8ea2..0000000000 --- a/apps/files_encryption/l10n/cs_CZ.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Neznámá chyba", - "Missing recovery key password" : "Chybí heslo klíče pro obnovu", - "Please repeat the recovery key password" : "Zopakujte prosím heslo klíče pro obnovu", - "Repeated recovery key password does not match the provided recovery key password" : "Opakované heslo pro obnovu nesouhlasí se zadaným heslem", - "Recovery key successfully enabled" : "Záchranný klíč byl úspěšně povolen", - "Could not disable recovery key. Please check your recovery key password!" : "Nelze zakázat záchranný klíč. Zkontrolujte prosím heslo svého záchranného klíče!", - "Recovery key successfully disabled" : "Záchranný klíč byl úspěšně zakázán", - "Please provide the old recovery password" : "Zadejte prosím staré heslo pro obnovu", - "Please provide a new recovery password" : "Zadejte prosím nové heslo pro obnovu", - "Please repeat the new recovery password" : "Zopakujte prosím nové heslo pro obnovu", - "Password successfully changed." : "Heslo bylo úspěšně změněno.", - "Could not change the password. Maybe the old password was not correct." : "Změna hesla se nezdařila. Pravděpodobně nebylo stávající heslo zadáno správně.", - "Could not update the private key password." : "Nelze aktualizovat heslo soukromého klíče.", - "The old password was not correct, please try again." : "Staré heslo nebylo zadáno správně, zkuste to prosím znovu.", - "The current log-in password was not correct, please try again." : "Současné přihlašovací heslo nebylo zadáno správně, zkuste to prosím znovu.", - "Private key password successfully updated." : "Heslo soukromého klíče úspěšně aktualizováno.", - "File recovery settings updated" : "Možnosti záchrany souborů aktualizovány", - "Could not update file recovery" : "Nelze nastavit záchranu souborů", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Aplikace pro šifrování není inicializována! Je možné, že aplikace byla znovu aktivována během vašeho přihlášení. Zkuste se prosím odhlásit a znovu přihlásit pro provedení inicializace šifrovací aplikace.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Váš soukromý klíč není platný! Pravděpodobně bylo vaše heslo změněno vně systému %s (např. ve vašem firemním adresáři). Heslo vašeho soukromého klíče můžete změnit ve svém osobním nastavení pro obnovení přístupu k vašim zašifrovaným souborům.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Tento soubor se nepodařilo dešifrovat, pravděpodobně je sdílený. Požádejte prosím majitele souboru, aby jej s vámi znovu sdílel.", - "Unknown error. Please check your system settings or contact your administrator" : "Neznámá chyba. Zkontrolujte nastavení systému nebo kontaktujte vašeho správce.", - "Initial encryption started... This can take some time. Please wait." : "Počáteční šifrování zahájeno... Toto může chvíli trvat. Počkejte prosím.", - "Initial encryption running... Please try again later." : "Probíhá počáteční šifrování... Zkuste to prosím znovu později.", - "Missing requirements." : "Nesplněné závislosti.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Ujistěte se prosím, že máte povolené a správně nakonfigurované OpenSSL včetně jeho rozšíření pro PHP. Aplikace pro šifrování byla prozatím vypnuta.", - "Following users are not set up for encryption:" : "Následující uživatelé nemají nastavené šifrování:", - "Go directly to your %spersonal settings%s." : "Přejít přímo do svého %sosobního nastavení%s.", - "Server-side Encryption" : "Šifrování na serveru", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplikace pro šifrování je zapnuta, ale vaše klíče nejsou inicializované. Prosím odhlaste se a znovu přihlaste", - "Enable recovery key (allow to recover users files in case of password loss):" : "Povolit klíč pro obnovu (umožňuje obnovu uživatelských souborů v případě ztráty hesla)", - "Recovery key password" : "Heslo klíče pro obnovu", - "Repeat Recovery key password" : "Zopakujte heslo klíče pro obnovu", - "Enabled" : "Povoleno", - "Disabled" : "Zakázáno", - "Change recovery key password:" : "Změna hesla klíče pro obnovu:", - "Old Recovery key password" : "Původní heslo klíče pro obnovu", - "New Recovery key password" : "Nové heslo klíče pro obnovu", - "Repeat New Recovery key password" : "Zopakujte nové heslo klíče pro obnovu", - "Change Password" : "Změnit heslo", - "Your private key password no longer matches your log-in password." : "Heslo vašeho soukromého klíče se již neshoduje s vaším přihlašovacím heslem.", - "Set your old private key password to your current log-in password:" : "Změňte své staré heslo soukromého klíče na stejné, jako je vaše současné přihlašovací heslo:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Pokud si nepamatujete své původní heslo, můžete požádat správce o obnovu vašich souborů.", - "Old log-in password" : "Původní přihlašovací heslo", - "Current log-in password" : "Aktuální přihlašovací heslo", - "Update Private Key Password" : "Změnit heslo soukromého klíče", - "Enable password recovery:" : "Povolit obnovu hesla:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Zapnutí této volby vám umožní znovu získat přístup k vašim zašifrovaným souborům pokud ztratíte heslo" -},"pluralForm" :"nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/cy_GB.js b/apps/files_encryption/l10n/cy_GB.js deleted file mode 100644 index 03b6d253b3..0000000000 --- a/apps/files_encryption/l10n/cy_GB.js +++ /dev/null @@ -1,6 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Encryption" : "Amgryptiad" -}, -"nplurals=4; plural=(n==1) ? 0 : (n==2) ? 1 : (n != 8 && n != 11) ? 2 : 3;"); diff --git a/apps/files_encryption/l10n/cy_GB.json b/apps/files_encryption/l10n/cy_GB.json deleted file mode 100644 index ed3f6b2fb9..0000000000 --- a/apps/files_encryption/l10n/cy_GB.json +++ /dev/null @@ -1,4 +0,0 @@ -{ "translations": { - "Encryption" : "Amgryptiad" -},"pluralForm" :"nplurals=4; plural=(n==1) ? 0 : (n==2) ? 1 : (n != 8 && n != 11) ? 2 : 3;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/da.js b/apps/files_encryption/l10n/da.js deleted file mode 100644 index 667b8e72c7..0000000000 --- a/apps/files_encryption/l10n/da.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Ukendt fejl", - "Missing recovery key password" : "Der mangler kodeord for gendannelsesnøgle", - "Please repeat the recovery key password" : "Gentag venligst kodeordet for gendannelsesnøglen", - "Repeated recovery key password does not match the provided recovery key password" : "Det gentagne kodeord for gendannelsesnøglen stemmer ikke med det angivne kodeord for gendannelsesnøglen", - "Recovery key successfully enabled" : "Gendannelsesnøgle aktiveret med succes", - "Could not disable recovery key. Please check your recovery key password!" : "Kunne ikke deaktivere gendannelsesnøgle. Kontroller din gendannelsesnøgle kodeord!", - "Recovery key successfully disabled" : "Gendannelsesnøgle deaktiveret succesfuldt", - "Please provide the old recovery password" : "Angiv venligst det gamle kodeord for gendannelsesnøglen", - "Please provide a new recovery password" : "Angiv venligst et nyt kodeord til gendannelse", - "Please repeat the new recovery password" : "Gentag venligst det nye kodeord til gendannelse", - "Password successfully changed." : "Kodeordet blev ændret succesfuldt", - "Could not change the password. Maybe the old password was not correct." : "Kunne ikke ændre kodeordet. Måske var det gamle kodeord ikke korrekt.", - "Could not update the private key password." : "Kunne ikke opdatere kodeordet til den private nøgle.", - "The old password was not correct, please try again." : "Det gamle kodeord var ikke korrekt, prøv venligst igen.", - "The current log-in password was not correct, please try again." : "Det nuværende kodeord til log-in var ikke korrekt, prøv venligst igen.", - "Private key password successfully updated." : "Privat nøgle kodeord succesfuldt opdateret.", - "File recovery settings updated" : "Filgendannelsesindstillinger opdateret", - "Could not update file recovery" : "Kunne ikke opdatere filgendannelse", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Krypteringsprogrammet er ikke igangsat. Det kan skyldes at krypteringsprogrammet er blevet genaktiveret under din session. Prøv at logge ud og ind igen for at aktivere krypteringsprogrammet. ", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Din private nøgle er ikke gyldig. Sandsynligvis er dit kodeord blevet ændret uden for %s (f.eks dit firmas adressebog). Du kan opdatere din private nøglekode i dine personlige indstillinger for at genskabe adgang til dine krypterede filer.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Kan ikke kryptere denne fil, sandsynligvis fordi filen er delt. Bed venligst filens ejer om at dele den med dig på ny.", - "Unknown error. Please check your system settings or contact your administrator" : "Ukendt fejl. Venligst tjek dine systemindstillinger eller kontakt din systemadministrator", - "Initial encryption started... This can take some time. Please wait." : "Førstegangskrypteringen er påbegyndt... Dette kan tage nogen tid. Vent venligst.", - "Initial encryption running... Please try again later." : "Kryptering foretages... Prøv venligst igen senere.", - "Missing requirements." : "Manglende betingelser.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Sørg for at OpenSSL, sammen med PHP-udvidelsen, er aktiveret og korrekt konfigureret. Indtil videre er krypteringsprogrammet deaktiveret.", - "Following users are not set up for encryption:" : "Følgende brugere er ikke sat op til kryptering:", - "Go directly to your %spersonal settings%s." : "Gå direkte til dine %spersonlige indstillinger%s.", - "Server-side Encryption" : "Kryptering på serverdelen", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Krypteringsprogrammet er aktiveret, men din nøgler er ikke igangsat. Log venligst ud og ind igen.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Aktiver gendannelsesnøgle (Tillad gendannelse af brugerfiler i tilfælde af tab af kodeord):", - "Recovery key password" : "Gendannelsesnøgle kodeord", - "Repeat Recovery key password" : "Gentag gendannelse af nøglekoden", - "Enabled" : "Aktiveret", - "Disabled" : "Deaktiveret", - "Change recovery key password:" : "Skift gendannelsesnøgle kodeord:", - "Old Recovery key password" : "Gammel Gendannelsesnøgle kodeord", - "New Recovery key password" : "Ny Gendannelsesnøgle kodeord", - "Repeat New Recovery key password" : "Gentag det nye gendannaleses nøglekodeord", - "Change Password" : "Skift Kodeord", - "Your private key password no longer matches your log-in password." : "Dit private nøglekodeord stemmer ikke længere overens med dit login-kodeord.", - "Set your old private key password to your current log-in password:" : "Sæt dit gamle, private nøglekodeord til at være dit nuværende login-kodeord. ", - " If you don't remember your old password you can ask your administrator to recover your files." : "Hvis du ikke kan huske dit gamle kodeord kan du bede din administrator om at gendanne dine filer.", - "Old log-in password" : "Gammelt login kodeord", - "Current log-in password" : "Nuvrende login kodeord", - "Update Private Key Password" : "Opdater Privat Nøgle Kodeord", - "Enable password recovery:" : "Aktiver kodeord gendannelse:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Aktivering af denne valgmulighed tillader dig at generhverve adgang til dine krypterede filer i tilfælde af tab af kodeord" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/da.json b/apps/files_encryption/l10n/da.json deleted file mode 100644 index 0561094f29..0000000000 --- a/apps/files_encryption/l10n/da.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Ukendt fejl", - "Missing recovery key password" : "Der mangler kodeord for gendannelsesnøgle", - "Please repeat the recovery key password" : "Gentag venligst kodeordet for gendannelsesnøglen", - "Repeated recovery key password does not match the provided recovery key password" : "Det gentagne kodeord for gendannelsesnøglen stemmer ikke med det angivne kodeord for gendannelsesnøglen", - "Recovery key successfully enabled" : "Gendannelsesnøgle aktiveret med succes", - "Could not disable recovery key. Please check your recovery key password!" : "Kunne ikke deaktivere gendannelsesnøgle. Kontroller din gendannelsesnøgle kodeord!", - "Recovery key successfully disabled" : "Gendannelsesnøgle deaktiveret succesfuldt", - "Please provide the old recovery password" : "Angiv venligst det gamle kodeord for gendannelsesnøglen", - "Please provide a new recovery password" : "Angiv venligst et nyt kodeord til gendannelse", - "Please repeat the new recovery password" : "Gentag venligst det nye kodeord til gendannelse", - "Password successfully changed." : "Kodeordet blev ændret succesfuldt", - "Could not change the password. Maybe the old password was not correct." : "Kunne ikke ændre kodeordet. Måske var det gamle kodeord ikke korrekt.", - "Could not update the private key password." : "Kunne ikke opdatere kodeordet til den private nøgle.", - "The old password was not correct, please try again." : "Det gamle kodeord var ikke korrekt, prøv venligst igen.", - "The current log-in password was not correct, please try again." : "Det nuværende kodeord til log-in var ikke korrekt, prøv venligst igen.", - "Private key password successfully updated." : "Privat nøgle kodeord succesfuldt opdateret.", - "File recovery settings updated" : "Filgendannelsesindstillinger opdateret", - "Could not update file recovery" : "Kunne ikke opdatere filgendannelse", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Krypteringsprogrammet er ikke igangsat. Det kan skyldes at krypteringsprogrammet er blevet genaktiveret under din session. Prøv at logge ud og ind igen for at aktivere krypteringsprogrammet. ", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Din private nøgle er ikke gyldig. Sandsynligvis er dit kodeord blevet ændret uden for %s (f.eks dit firmas adressebog). Du kan opdatere din private nøglekode i dine personlige indstillinger for at genskabe adgang til dine krypterede filer.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Kan ikke kryptere denne fil, sandsynligvis fordi filen er delt. Bed venligst filens ejer om at dele den med dig på ny.", - "Unknown error. Please check your system settings or contact your administrator" : "Ukendt fejl. Venligst tjek dine systemindstillinger eller kontakt din systemadministrator", - "Initial encryption started... This can take some time. Please wait." : "Førstegangskrypteringen er påbegyndt... Dette kan tage nogen tid. Vent venligst.", - "Initial encryption running... Please try again later." : "Kryptering foretages... Prøv venligst igen senere.", - "Missing requirements." : "Manglende betingelser.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Sørg for at OpenSSL, sammen med PHP-udvidelsen, er aktiveret og korrekt konfigureret. Indtil videre er krypteringsprogrammet deaktiveret.", - "Following users are not set up for encryption:" : "Følgende brugere er ikke sat op til kryptering:", - "Go directly to your %spersonal settings%s." : "Gå direkte til dine %spersonlige indstillinger%s.", - "Server-side Encryption" : "Kryptering på serverdelen", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Krypteringsprogrammet er aktiveret, men din nøgler er ikke igangsat. Log venligst ud og ind igen.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Aktiver gendannelsesnøgle (Tillad gendannelse af brugerfiler i tilfælde af tab af kodeord):", - "Recovery key password" : "Gendannelsesnøgle kodeord", - "Repeat Recovery key password" : "Gentag gendannelse af nøglekoden", - "Enabled" : "Aktiveret", - "Disabled" : "Deaktiveret", - "Change recovery key password:" : "Skift gendannelsesnøgle kodeord:", - "Old Recovery key password" : "Gammel Gendannelsesnøgle kodeord", - "New Recovery key password" : "Ny Gendannelsesnøgle kodeord", - "Repeat New Recovery key password" : "Gentag det nye gendannaleses nøglekodeord", - "Change Password" : "Skift Kodeord", - "Your private key password no longer matches your log-in password." : "Dit private nøglekodeord stemmer ikke længere overens med dit login-kodeord.", - "Set your old private key password to your current log-in password:" : "Sæt dit gamle, private nøglekodeord til at være dit nuværende login-kodeord. ", - " If you don't remember your old password you can ask your administrator to recover your files." : "Hvis du ikke kan huske dit gamle kodeord kan du bede din administrator om at gendanne dine filer.", - "Old log-in password" : "Gammelt login kodeord", - "Current log-in password" : "Nuvrende login kodeord", - "Update Private Key Password" : "Opdater Privat Nøgle Kodeord", - "Enable password recovery:" : "Aktiver kodeord gendannelse:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Aktivering af denne valgmulighed tillader dig at generhverve adgang til dine krypterede filer i tilfælde af tab af kodeord" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/de.js b/apps/files_encryption/l10n/de.js deleted file mode 100644 index 544d763083..0000000000 --- a/apps/files_encryption/l10n/de.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Unbekannter Fehler", - "Missing recovery key password" : "Schlüsselpasswort zur Wiederherstellung fehlt", - "Please repeat the recovery key password" : "Schlüsselpasswort zur Wiederherstellung bitte wiederholen", - "Repeated recovery key password does not match the provided recovery key password" : "Das wiederholte Schlüsselpasswort zur Wiederherstellung stimmt nicht mit dem geforderten Schlüsselpasswort zur Wiederherstellung überein", - "Recovery key successfully enabled" : "Wiederherstellungsschlüssel wurde erfolgreich aktiviert", - "Could not disable recovery key. Please check your recovery key password!" : "Der Wiederherstellungsschlüssel konnte nicht deaktiviert werden. Überprüfe Dein Wiederherstellungspasswort!", - "Recovery key successfully disabled" : "Wiederherstellungsschlüssel deaktiviert.", - "Please provide the old recovery password" : "Bitte das alte Passwort zur Wiederherstellung eingeben", - "Please provide a new recovery password" : "Bitte das alte Passwort zur Wiederherstellung eingeben", - "Please repeat the new recovery password" : "Bitte das neue Passwort zur Wiederherstellung wiederholen", - "Password successfully changed." : "Dein Passwort wurde geändert.", - "Could not change the password. Maybe the old password was not correct." : "Das Passwort konnte nicht geändert werden. Vielleicht war das alte Passwort falsch.", - "Could not update the private key password." : "Das Passwort des privaten Schlüssels konnte nicht aktualisiert werden.", - "The old password was not correct, please try again." : "Das alte Passwort war nicht korrekt, bitte versuche es noch einmal.", - "The current log-in password was not correct, please try again." : "Das aktuelle Anmeldepasswort war nicht korrekt, bitte versuche es noch einmal.", - "Private key password successfully updated." : "Passwort des privaten Schlüssels erfolgreich aktualisiert", - "File recovery settings updated" : "Einstellungen zur Wiederherstellung von Dateien wurden aktualisiert", - "Could not update file recovery" : "Dateiwiederherstellung konnte nicht aktualisiert werden", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Verschlüsselung-App ist nicht initialisiert! Vielleicht wurde die Verschlüsselung-App in der aktuellen Sitzung reaktiviert. Bitte versuche Dich ab- und wieder anzumelden, um die Verschlüsselung-App zu initialisieren.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Dein privater Schlüssel ist ungültig. Möglicher Weise wurde außerhalb von %s Dein Passwort geändert (z.B. in Deinem gemeinsamen Verzeichnis). Du kannst das Passwort Deines privaten Schlüssels in den persönlichen Einstellungen aktualisieren, um wieder an Deine Dateien zu gelangen.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Die Datei kann nicht entschlüsselt werden, da die Datei möglicherweise eine geteilte Datei ist. Bitte frage den Dateibesitzer, ob er die Datei nochmals mit Dir teilt.", - "Unknown error. Please check your system settings or contact your administrator" : "Unbekannter Fehler. Bitte prüfe Deine Systemeinstellungen oder kontaktiere Deinen Administrator", - "Initial encryption started... This can take some time. Please wait." : "Initialverschlüsselung gestartet… Dies kann einige Zeit dauern. Bitte warten.", - "Initial encryption running... Please try again later." : "Anfangsverschlüsselung läuft … Bitte versuche es später wieder.", - "Missing requirements." : "Fehlende Vorraussetzungen", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Bitte stelle sicher, dass OpenSSL zusammen mit der PHP-Erweiterung aktiviert und richtig konfiguriert ist. Die Verschlüsselungsanwendung ist vorerst deaktiviert.", - "Following users are not set up for encryption:" : "Für folgende Nutzer ist keine Verschlüsselung eingerichtet:", - "Go directly to your %spersonal settings%s." : "Direkt zu Deinen %spersonal settings%s wechseln.", - "Server-side Encryption" : "Serverseitige Verschlüsselung", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Die Verschlüsselung-App ist aktiviert, aber Deine Schlüssel sind nicht initialisiert. Bitte melde Dich nochmals ab und wieder an.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Wiederherstellungsschlüssel aktivieren (ermöglicht das Wiederherstellen von Dateien, falls das Passwort vergessen wurde):", - "Recovery key password" : "Wiederherstellungsschlüssel-Passwort", - "Repeat Recovery key password" : "Schlüssel-Passwort zur Wiederherstellung wiederholen", - "Enabled" : "Aktiviert", - "Disabled" : "Deaktiviert", - "Change recovery key password:" : "Wiederherstellungsschlüssel-Passwort ändern:", - "Old Recovery key password" : "Altes Wiederherstellungsschlüssel-Passwort", - "New Recovery key password" : "Neues Wiederherstellungsschlüssel-Passwort", - "Repeat New Recovery key password" : "Neues Schlüssel-Passwort zur Wiederherstellung wiederholen", - "Change Password" : "Passwort ändern", - "Your private key password no longer matches your log-in password." : "Dein Passwort für Deinen privaten Schlüssel stimmt nicht mehr mit Deinem Loginpasswort überein.", - "Set your old private key password to your current log-in password:" : "Dein altes Passwort für Deinen privaten Schlüssel auf Dein aktuelles Anmeldepasswort einstellen:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Wenn Du Dein altes Passwort vergessen hast, könntest Du Deinen Administrator bitten, Deine Daten wiederherzustellen.", - "Old log-in password" : "Altes Login Passwort", - "Current log-in password" : "Aktuelles Passwort", - "Update Private Key Password" : "Passwort für den privaten Schlüssel aktualisieren", - "Enable password recovery:" : "Passwortwiederherstellung aktivieren:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Wenn Du diese Option aktivierst, kannst Du Deine verschlüsselten Dateien wiederherstellen, falls Du Dein Passwort vergisst" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/de.json b/apps/files_encryption/l10n/de.json deleted file mode 100644 index 7ba97e39ac..0000000000 --- a/apps/files_encryption/l10n/de.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Unbekannter Fehler", - "Missing recovery key password" : "Schlüsselpasswort zur Wiederherstellung fehlt", - "Please repeat the recovery key password" : "Schlüsselpasswort zur Wiederherstellung bitte wiederholen", - "Repeated recovery key password does not match the provided recovery key password" : "Das wiederholte Schlüsselpasswort zur Wiederherstellung stimmt nicht mit dem geforderten Schlüsselpasswort zur Wiederherstellung überein", - "Recovery key successfully enabled" : "Wiederherstellungsschlüssel wurde erfolgreich aktiviert", - "Could not disable recovery key. Please check your recovery key password!" : "Der Wiederherstellungsschlüssel konnte nicht deaktiviert werden. Überprüfe Dein Wiederherstellungspasswort!", - "Recovery key successfully disabled" : "Wiederherstellungsschlüssel deaktiviert.", - "Please provide the old recovery password" : "Bitte das alte Passwort zur Wiederherstellung eingeben", - "Please provide a new recovery password" : "Bitte das alte Passwort zur Wiederherstellung eingeben", - "Please repeat the new recovery password" : "Bitte das neue Passwort zur Wiederherstellung wiederholen", - "Password successfully changed." : "Dein Passwort wurde geändert.", - "Could not change the password. Maybe the old password was not correct." : "Das Passwort konnte nicht geändert werden. Vielleicht war das alte Passwort falsch.", - "Could not update the private key password." : "Das Passwort des privaten Schlüssels konnte nicht aktualisiert werden.", - "The old password was not correct, please try again." : "Das alte Passwort war nicht korrekt, bitte versuche es noch einmal.", - "The current log-in password was not correct, please try again." : "Das aktuelle Anmeldepasswort war nicht korrekt, bitte versuche es noch einmal.", - "Private key password successfully updated." : "Passwort des privaten Schlüssels erfolgreich aktualisiert", - "File recovery settings updated" : "Einstellungen zur Wiederherstellung von Dateien wurden aktualisiert", - "Could not update file recovery" : "Dateiwiederherstellung konnte nicht aktualisiert werden", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Verschlüsselung-App ist nicht initialisiert! Vielleicht wurde die Verschlüsselung-App in der aktuellen Sitzung reaktiviert. Bitte versuche Dich ab- und wieder anzumelden, um die Verschlüsselung-App zu initialisieren.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Dein privater Schlüssel ist ungültig. Möglicher Weise wurde außerhalb von %s Dein Passwort geändert (z.B. in Deinem gemeinsamen Verzeichnis). Du kannst das Passwort Deines privaten Schlüssels in den persönlichen Einstellungen aktualisieren, um wieder an Deine Dateien zu gelangen.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Die Datei kann nicht entschlüsselt werden, da die Datei möglicherweise eine geteilte Datei ist. Bitte frage den Dateibesitzer, ob er die Datei nochmals mit Dir teilt.", - "Unknown error. Please check your system settings or contact your administrator" : "Unbekannter Fehler. Bitte prüfe Deine Systemeinstellungen oder kontaktiere Deinen Administrator", - "Initial encryption started... This can take some time. Please wait." : "Initialverschlüsselung gestartet… Dies kann einige Zeit dauern. Bitte warten.", - "Initial encryption running... Please try again later." : "Anfangsverschlüsselung läuft … Bitte versuche es später wieder.", - "Missing requirements." : "Fehlende Vorraussetzungen", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Bitte stelle sicher, dass OpenSSL zusammen mit der PHP-Erweiterung aktiviert und richtig konfiguriert ist. Die Verschlüsselungsanwendung ist vorerst deaktiviert.", - "Following users are not set up for encryption:" : "Für folgende Nutzer ist keine Verschlüsselung eingerichtet:", - "Go directly to your %spersonal settings%s." : "Direkt zu Deinen %spersonal settings%s wechseln.", - "Server-side Encryption" : "Serverseitige Verschlüsselung", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Die Verschlüsselung-App ist aktiviert, aber Deine Schlüssel sind nicht initialisiert. Bitte melde Dich nochmals ab und wieder an.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Wiederherstellungsschlüssel aktivieren (ermöglicht das Wiederherstellen von Dateien, falls das Passwort vergessen wurde):", - "Recovery key password" : "Wiederherstellungsschlüssel-Passwort", - "Repeat Recovery key password" : "Schlüssel-Passwort zur Wiederherstellung wiederholen", - "Enabled" : "Aktiviert", - "Disabled" : "Deaktiviert", - "Change recovery key password:" : "Wiederherstellungsschlüssel-Passwort ändern:", - "Old Recovery key password" : "Altes Wiederherstellungsschlüssel-Passwort", - "New Recovery key password" : "Neues Wiederherstellungsschlüssel-Passwort", - "Repeat New Recovery key password" : "Neues Schlüssel-Passwort zur Wiederherstellung wiederholen", - "Change Password" : "Passwort ändern", - "Your private key password no longer matches your log-in password." : "Dein Passwort für Deinen privaten Schlüssel stimmt nicht mehr mit Deinem Loginpasswort überein.", - "Set your old private key password to your current log-in password:" : "Dein altes Passwort für Deinen privaten Schlüssel auf Dein aktuelles Anmeldepasswort einstellen:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Wenn Du Dein altes Passwort vergessen hast, könntest Du Deinen Administrator bitten, Deine Daten wiederherzustellen.", - "Old log-in password" : "Altes Login Passwort", - "Current log-in password" : "Aktuelles Passwort", - "Update Private Key Password" : "Passwort für den privaten Schlüssel aktualisieren", - "Enable password recovery:" : "Passwortwiederherstellung aktivieren:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Wenn Du diese Option aktivierst, kannst Du Deine verschlüsselten Dateien wiederherstellen, falls Du Dein Passwort vergisst" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/de_CH.js b/apps/files_encryption/l10n/de_CH.js deleted file mode 100644 index 1f5a01e679..0000000000 --- a/apps/files_encryption/l10n/de_CH.js +++ /dev/null @@ -1,33 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Unbekannter Fehler", - "Recovery key successfully enabled" : "Der Wiederherstellungsschlüssel wurde erfolgreich aktiviert.", - "Could not disable recovery key. Please check your recovery key password!" : "Der Wiederherstellungsschlüssel konnte nicht deaktiviert werden. Bitte überprüfen Sie das Passwort für den Wiederherstellungsschlüssel!", - "Recovery key successfully disabled" : "Der Wiederherstellungsschlüssel wurde erfolgreich deaktiviert.", - "Password successfully changed." : "Das Passwort wurde erfolgreich geändert.", - "Could not change the password. Maybe the old password was not correct." : "Das Passwort konnte nicht geändert werden. Vielleicht war das alte Passwort nicht richtig.", - "Private key password successfully updated." : "Das Passwort des privaten Schlüssels wurde erfolgreich aktualisiert.", - "Could not update the private key password. Maybe the old password was not correct." : "Das Passwort des privaten Schlüssels konnte nicht aktualisiert werden. Vielleicht war das alte Passwort nicht richtig.", - "File recovery settings updated" : "Die Einstellungen für die Dateiwiederherstellung wurden aktualisiert.", - "Could not update file recovery" : "Die Dateiwiederherstellung konnte nicht aktualisiert werden.", - "Missing requirements." : "Fehlende Voraussetzungen", - "Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Bitte stellen Sie sicher, dass PHP 5.3.3 oder neuer installiert und das OpenSSL zusammen mit der PHP-Erweiterung aktiviert und richtig konfiguriert ist. Zur Zeit ist die Verschlüsselungs-App deaktiviert.", - "Following users are not set up for encryption:" : "Für folgende Nutzer ist keine Verschlüsselung eingerichtet:", - "Encryption" : "Verschlüsselung", - "Enable recovery key (allow to recover users files in case of password loss):" : "Aktivieren Sie den Wiederherstellungsschlüssel (erlaubt die Wiederherstellung des Zugangs zu den Benutzerdateien, wenn das Passwort verloren geht).", - "Recovery key password" : "Wiederherstellungschlüsselpasswort", - "Enabled" : "Aktiviert", - "Disabled" : "Deaktiviert", - "Change recovery key password:" : "Wiederherstellungsschlüsselpasswort ändern", - "Old Recovery key password" : "Altes Wiederherstellungsschlüsselpasswort", - "New Recovery key password" : "Neues Wiederherstellungsschlüsselpasswort ", - "Change Password" : "Passwort ändern", - " If you don't remember your old password you can ask your administrator to recover your files." : "Falls Sie sich nicht an Ihr altes Passwort erinnern können, fragen Sie bitte Ihren Administrator, um Ihre Dateien wiederherzustellen.", - "Old log-in password" : "Altes Login-Passwort", - "Current log-in password" : "Momentanes Login-Passwort", - "Update Private Key Password" : "Das Passwort des privaten Schlüssels aktualisieren", - "Enable password recovery:" : "Die Passwort-Wiederherstellung aktivieren:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Durch die Aktivierung dieser Option haben Sie die Möglichkeit, wieder auf Ihre verschlüsselten Dateien zugreifen zu können, wenn Sie Ihr Passwort verloren haben." -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/de_CH.json b/apps/files_encryption/l10n/de_CH.json deleted file mode 100644 index 244d0946bf..0000000000 --- a/apps/files_encryption/l10n/de_CH.json +++ /dev/null @@ -1,31 +0,0 @@ -{ "translations": { - "Unknown error" : "Unbekannter Fehler", - "Recovery key successfully enabled" : "Der Wiederherstellungsschlüssel wurde erfolgreich aktiviert.", - "Could not disable recovery key. Please check your recovery key password!" : "Der Wiederherstellungsschlüssel konnte nicht deaktiviert werden. Bitte überprüfen Sie das Passwort für den Wiederherstellungsschlüssel!", - "Recovery key successfully disabled" : "Der Wiederherstellungsschlüssel wurde erfolgreich deaktiviert.", - "Password successfully changed." : "Das Passwort wurde erfolgreich geändert.", - "Could not change the password. Maybe the old password was not correct." : "Das Passwort konnte nicht geändert werden. Vielleicht war das alte Passwort nicht richtig.", - "Private key password successfully updated." : "Das Passwort des privaten Schlüssels wurde erfolgreich aktualisiert.", - "Could not update the private key password. Maybe the old password was not correct." : "Das Passwort des privaten Schlüssels konnte nicht aktualisiert werden. Vielleicht war das alte Passwort nicht richtig.", - "File recovery settings updated" : "Die Einstellungen für die Dateiwiederherstellung wurden aktualisiert.", - "Could not update file recovery" : "Die Dateiwiederherstellung konnte nicht aktualisiert werden.", - "Missing requirements." : "Fehlende Voraussetzungen", - "Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Bitte stellen Sie sicher, dass PHP 5.3.3 oder neuer installiert und das OpenSSL zusammen mit der PHP-Erweiterung aktiviert und richtig konfiguriert ist. Zur Zeit ist die Verschlüsselungs-App deaktiviert.", - "Following users are not set up for encryption:" : "Für folgende Nutzer ist keine Verschlüsselung eingerichtet:", - "Encryption" : "Verschlüsselung", - "Enable recovery key (allow to recover users files in case of password loss):" : "Aktivieren Sie den Wiederherstellungsschlüssel (erlaubt die Wiederherstellung des Zugangs zu den Benutzerdateien, wenn das Passwort verloren geht).", - "Recovery key password" : "Wiederherstellungschlüsselpasswort", - "Enabled" : "Aktiviert", - "Disabled" : "Deaktiviert", - "Change recovery key password:" : "Wiederherstellungsschlüsselpasswort ändern", - "Old Recovery key password" : "Altes Wiederherstellungsschlüsselpasswort", - "New Recovery key password" : "Neues Wiederherstellungsschlüsselpasswort ", - "Change Password" : "Passwort ändern", - " If you don't remember your old password you can ask your administrator to recover your files." : "Falls Sie sich nicht an Ihr altes Passwort erinnern können, fragen Sie bitte Ihren Administrator, um Ihre Dateien wiederherzustellen.", - "Old log-in password" : "Altes Login-Passwort", - "Current log-in password" : "Momentanes Login-Passwort", - "Update Private Key Password" : "Das Passwort des privaten Schlüssels aktualisieren", - "Enable password recovery:" : "Die Passwort-Wiederherstellung aktivieren:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Durch die Aktivierung dieser Option haben Sie die Möglichkeit, wieder auf Ihre verschlüsselten Dateien zugreifen zu können, wenn Sie Ihr Passwort verloren haben." -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/de_DE.js b/apps/files_encryption/l10n/de_DE.js deleted file mode 100644 index 9ad50104ea..0000000000 --- a/apps/files_encryption/l10n/de_DE.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Unbekannter Fehler", - "Missing recovery key password" : "Schlüsselpasswort zur Wiederherstellung fehlt", - "Please repeat the recovery key password" : "Schlüsselpasswort zur Wiederherstellung bitte wiederholen", - "Repeated recovery key password does not match the provided recovery key password" : "Das wiederholte Schlüsselpasswort zur Wiederherstellung stimmt nicht mit dem geforderten Schlüsselpasswort zur Wiederherstellung überein", - "Recovery key successfully enabled" : "Der Wiederherstellungsschlüssel wurde erfolgreich aktiviert.", - "Could not disable recovery key. Please check your recovery key password!" : "Der Wiederherstellungsschlüssel konnte nicht deaktiviert werden. Bitte überprüfen Sie das Passwort für den Wiederherstellungsschlüssel!", - "Recovery key successfully disabled" : "Der Wiederherstellungsschlüssel wurde erfolgreich deaktiviert.", - "Please provide the old recovery password" : "Bitte das alte Passwort zur Wiederherstellung eingeben", - "Please provide a new recovery password" : "Bitte das neue Passwort zur Wiederherstellung eingeben", - "Please repeat the new recovery password" : "Bitte das neue Passwort zur Wiederherstellung wiederholen", - "Password successfully changed." : "Das Passwort wurde erfolgreich geändert.", - "Could not change the password. Maybe the old password was not correct." : "Das Passwort konnte nicht geändert werden. Vielleicht war das alte Passwort nicht richtig.", - "Could not update the private key password." : "Das Passwort des privaten Schlüssels konnte nicht aktualisiert werden.", - "The old password was not correct, please try again." : "Das alte Passwort war nicht korrekt, bitte versuchen Sie es noch einmal.", - "The current log-in password was not correct, please try again." : "Das aktuelle Anmeldepasswort war nicht korrekt, bitte versuchen Sie es noch einmal.", - "Private key password successfully updated." : "Das Passwort des privaten Schlüssels wurde erfolgreich aktualisiert.", - "File recovery settings updated" : "Die Einstellungen für die Dateiwiederherstellung wurden aktualisiert.", - "Could not update file recovery" : "Die Dateiwiederherstellung konnte nicht aktualisiert werden.", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Verschlüsselung-App ist nicht initialisiert! Vielleicht wurde die Verschlüsselung-App in der aktuellen Sitzung reaktiviert. Bitte versuchen Sie sich ab- und wieder anzumelden, um die Verschlüsselung-App zu initialisieren.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Ihr privater Schlüssel ist ungültig. Möglicher Weise wurde außerhalb von %s Ihr Passwort geändert (z.B. in Ihrem gemeinsamen Verzeichnis). Sie können das Passwort Ihres privaten Schlüssels in den persönlichen Einstellungen aktualisieren, um wieder an Ihre Dateien zu gelangen.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Die Datei kann nicht entschlüsselt werden, da die Datei möglicherweise eine geteilte Datei ist. Bitte fragen Sie den Dateibesitzer, dass er die Datei nochmals mit Ihnen teilt.", - "Unknown error. Please check your system settings or contact your administrator" : "Unbekannter Fehler. Bitte prüfen Sie die Systemeinstellungen oder kontaktieren Sie Ihren Administrator", - "Initial encryption started... This can take some time. Please wait." : "Anfangsverschlüsselung gestartet … Dieses kann einige Zeit dauern. Bitte warten.", - "Initial encryption running... Please try again later." : "Anfangsverschlüsselung läuft … Bitte versuchen Sie es später wieder.", - "Missing requirements." : "Fehlende Voraussetzungen", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Bitte stellen Sie sicher, dass OpenSSL zusammen mit der PHP-Erweiterung aktiviert und richtig konfiguriert ist. Die Verschlüsselungsanwendung ist vorerst deaktiviert.", - "Following users are not set up for encryption:" : "Für folgende Benutzer ist keine Verschlüsselung eingerichtet:", - "Go directly to your %spersonal settings%s." : "Wechseln Sie direkt zu Ihren %spersonal settings%s.", - "Server-side Encryption" : "Serverseitige Verschlüsselung", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Verschlüsselung-App ist aktiviert, aber Ihre Schlüssel sind nicht initialisiert. Bitte nochmals ab- und wieder anmelden.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Aktivieren Sie den Wiederherstellungsschlüssel (erlaubt die Wiederherstellung des Zugangs zu den Benutzerdateien, wenn das Passwort verloren geht):", - "Recovery key password" : "Wiederherstellungschlüsselpasswort", - "Repeat Recovery key password" : "Schlüsselpasswort zur Wiederherstellung wiederholen", - "Enabled" : "Aktiviert", - "Disabled" : "Deaktiviert", - "Change recovery key password:" : "Wiederherstellungsschlüsselpasswort ändern", - "Old Recovery key password" : "Altes Wiederherstellungsschlüsselpasswort", - "New Recovery key password" : "Neues Wiederherstellungsschlüsselpasswort ", - "Repeat New Recovery key password" : "Neues Schlüsselpasswort zur Wiederherstellung wiederholen", - "Change Password" : "Passwort ändern", - "Your private key password no longer matches your log-in password." : "Das Privatschlüsselpasswort stimmt nicht länger mit dem Anmeldepasswort überein.", - "Set your old private key password to your current log-in password:" : "Ihr altes Privatschlüsselpasswort auf Ihr aktuelles Anmeldepasswort stellen:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Falls Sie sich nicht an Ihr altes Passwort erinnern können, fragen Sie bitte Ihren Administrator, um Ihre Dateien wiederherzustellen.", - "Old log-in password" : "Altes Anmeldepasswort", - "Current log-in password" : "Aktuelles Anmeldepasswort", - "Update Private Key Password" : "Das Passwort des privaten Schlüssels aktualisieren", - "Enable password recovery:" : "Die Passwort-Wiederherstellung aktivieren:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Durch die Aktivierung dieser Option haben Sie die Möglichkeit, wieder auf Ihre verschlüsselten Dateien zugreifen zu können, wenn Sie Ihr Passwort verloren haben." -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/de_DE.json b/apps/files_encryption/l10n/de_DE.json deleted file mode 100644 index 135818e290..0000000000 --- a/apps/files_encryption/l10n/de_DE.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Unbekannter Fehler", - "Missing recovery key password" : "Schlüsselpasswort zur Wiederherstellung fehlt", - "Please repeat the recovery key password" : "Schlüsselpasswort zur Wiederherstellung bitte wiederholen", - "Repeated recovery key password does not match the provided recovery key password" : "Das wiederholte Schlüsselpasswort zur Wiederherstellung stimmt nicht mit dem geforderten Schlüsselpasswort zur Wiederherstellung überein", - "Recovery key successfully enabled" : "Der Wiederherstellungsschlüssel wurde erfolgreich aktiviert.", - "Could not disable recovery key. Please check your recovery key password!" : "Der Wiederherstellungsschlüssel konnte nicht deaktiviert werden. Bitte überprüfen Sie das Passwort für den Wiederherstellungsschlüssel!", - "Recovery key successfully disabled" : "Der Wiederherstellungsschlüssel wurde erfolgreich deaktiviert.", - "Please provide the old recovery password" : "Bitte das alte Passwort zur Wiederherstellung eingeben", - "Please provide a new recovery password" : "Bitte das neue Passwort zur Wiederherstellung eingeben", - "Please repeat the new recovery password" : "Bitte das neue Passwort zur Wiederherstellung wiederholen", - "Password successfully changed." : "Das Passwort wurde erfolgreich geändert.", - "Could not change the password. Maybe the old password was not correct." : "Das Passwort konnte nicht geändert werden. Vielleicht war das alte Passwort nicht richtig.", - "Could not update the private key password." : "Das Passwort des privaten Schlüssels konnte nicht aktualisiert werden.", - "The old password was not correct, please try again." : "Das alte Passwort war nicht korrekt, bitte versuchen Sie es noch einmal.", - "The current log-in password was not correct, please try again." : "Das aktuelle Anmeldepasswort war nicht korrekt, bitte versuchen Sie es noch einmal.", - "Private key password successfully updated." : "Das Passwort des privaten Schlüssels wurde erfolgreich aktualisiert.", - "File recovery settings updated" : "Die Einstellungen für die Dateiwiederherstellung wurden aktualisiert.", - "Could not update file recovery" : "Die Dateiwiederherstellung konnte nicht aktualisiert werden.", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Verschlüsselung-App ist nicht initialisiert! Vielleicht wurde die Verschlüsselung-App in der aktuellen Sitzung reaktiviert. Bitte versuchen Sie sich ab- und wieder anzumelden, um die Verschlüsselung-App zu initialisieren.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Ihr privater Schlüssel ist ungültig. Möglicher Weise wurde außerhalb von %s Ihr Passwort geändert (z.B. in Ihrem gemeinsamen Verzeichnis). Sie können das Passwort Ihres privaten Schlüssels in den persönlichen Einstellungen aktualisieren, um wieder an Ihre Dateien zu gelangen.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Die Datei kann nicht entschlüsselt werden, da die Datei möglicherweise eine geteilte Datei ist. Bitte fragen Sie den Dateibesitzer, dass er die Datei nochmals mit Ihnen teilt.", - "Unknown error. Please check your system settings or contact your administrator" : "Unbekannter Fehler. Bitte prüfen Sie die Systemeinstellungen oder kontaktieren Sie Ihren Administrator", - "Initial encryption started... This can take some time. Please wait." : "Anfangsverschlüsselung gestartet … Dieses kann einige Zeit dauern. Bitte warten.", - "Initial encryption running... Please try again later." : "Anfangsverschlüsselung läuft … Bitte versuchen Sie es später wieder.", - "Missing requirements." : "Fehlende Voraussetzungen", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Bitte stellen Sie sicher, dass OpenSSL zusammen mit der PHP-Erweiterung aktiviert und richtig konfiguriert ist. Die Verschlüsselungsanwendung ist vorerst deaktiviert.", - "Following users are not set up for encryption:" : "Für folgende Benutzer ist keine Verschlüsselung eingerichtet:", - "Go directly to your %spersonal settings%s." : "Wechseln Sie direkt zu Ihren %spersonal settings%s.", - "Server-side Encryption" : "Serverseitige Verschlüsselung", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Verschlüsselung-App ist aktiviert, aber Ihre Schlüssel sind nicht initialisiert. Bitte nochmals ab- und wieder anmelden.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Aktivieren Sie den Wiederherstellungsschlüssel (erlaubt die Wiederherstellung des Zugangs zu den Benutzerdateien, wenn das Passwort verloren geht):", - "Recovery key password" : "Wiederherstellungschlüsselpasswort", - "Repeat Recovery key password" : "Schlüsselpasswort zur Wiederherstellung wiederholen", - "Enabled" : "Aktiviert", - "Disabled" : "Deaktiviert", - "Change recovery key password:" : "Wiederherstellungsschlüsselpasswort ändern", - "Old Recovery key password" : "Altes Wiederherstellungsschlüsselpasswort", - "New Recovery key password" : "Neues Wiederherstellungsschlüsselpasswort ", - "Repeat New Recovery key password" : "Neues Schlüsselpasswort zur Wiederherstellung wiederholen", - "Change Password" : "Passwort ändern", - "Your private key password no longer matches your log-in password." : "Das Privatschlüsselpasswort stimmt nicht länger mit dem Anmeldepasswort überein.", - "Set your old private key password to your current log-in password:" : "Ihr altes Privatschlüsselpasswort auf Ihr aktuelles Anmeldepasswort stellen:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Falls Sie sich nicht an Ihr altes Passwort erinnern können, fragen Sie bitte Ihren Administrator, um Ihre Dateien wiederherzustellen.", - "Old log-in password" : "Altes Anmeldepasswort", - "Current log-in password" : "Aktuelles Anmeldepasswort", - "Update Private Key Password" : "Das Passwort des privaten Schlüssels aktualisieren", - "Enable password recovery:" : "Die Passwort-Wiederherstellung aktivieren:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Durch die Aktivierung dieser Option haben Sie die Möglichkeit, wieder auf Ihre verschlüsselten Dateien zugreifen zu können, wenn Sie Ihr Passwort verloren haben." -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/el.js b/apps/files_encryption/l10n/el.js deleted file mode 100644 index ad7621545b..0000000000 --- a/apps/files_encryption/l10n/el.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Άγνωστο σφάλμα", - "Missing recovery key password" : "Λείπει το κλειδί επαναφοράς κωδικού", - "Please repeat the recovery key password" : "Παρακαλώ επαναλάβετε το κλειδί επαναφοράς κωδικού", - "Repeated recovery key password does not match the provided recovery key password" : "Η επανάληψη του κλειδιού επαναφοράς κωδικού δεν ταιριάζει με το δοσμένο κλειδί επαναφοράς κωδικού", - "Recovery key successfully enabled" : "Επιτυχής ενεργοποίηση κλειδιού ανάκτησης", - "Could not disable recovery key. Please check your recovery key password!" : "Αποτυχία απενεργοποίησης κλειδιού ανάκτησης. Παρακαλώ ελέγξτε τον κωδικό του κλειδιού ανάκτησής σας!", - "Recovery key successfully disabled" : "Επιτυχής απενεργοποίηση κλειδιού ανάκτησης", - "Please provide the old recovery password" : "Παρακαλώ παρέχετε τον παλιό κωδικό επαναφοράς", - "Please provide a new recovery password" : "Παρακαλώ παρέχετε ένα νέο κωδικό επαναφοράς", - "Please repeat the new recovery password" : "Παρακαλώ επαναλάβετε το νέο κωδικό επαναφοράς", - "Password successfully changed." : "Ο κωδικός αλλάχτηκε επιτυχώς.", - "Could not change the password. Maybe the old password was not correct." : "Αποτυχία αλλαγής κωδικού ίσως ο παλιός κωδικός να μην ήταν σωστός.", - "Could not update the private key password." : "Αποτυχία ενημέρωσης του προσωπικού κλειδιού πρόσβασης", - "The old password was not correct, please try again." : "Το παλαιό συνθηματικό δεν είναι σωστό, παρακαλώ δοκιμάστε ξανά.", - "The current log-in password was not correct, please try again." : "Το τρέχον συνθηματικό δεν είναι σωστό, παρακαλώ δοκιμάστε ξανά.", - "Private key password successfully updated." : "Το Προσωπικό κλειδί πρόσβασης ενημερώθηκε επιτυχώς", - "File recovery settings updated" : "Οι ρυθμίσεις επαναφοράς αρχείων ανανεώθηκαν", - "Could not update file recovery" : "Αποτυχία ενημέρωσης ανάκτησης αρχείων", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Η εφαρμογή κρυπτογράφησης δεν έχει εκκινήσει! Ίσως η εφαρμογή κρυπτογράφησης επανενεργοποιήθηκε κατά τη διάρκεια της τρέχουσας σύνδεσής σας. Παρακαλώ προσπαθήστε να αποσυνδεθείτε και να ξανασυνδεθείτε για να εκκινήσετε την εφαρμογή κρυπτογράφησης.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Το προσωπικό σας κλειδί δεν είναι έγκυρο! Πιθανόν ο κωδικός σας να άλλαξε έξω από το %s (π.χ. τη λίστα διευθύνσεων της εταιρείας σας). Μπορείτε να ενημερώσετε το προσωπικό σας κλειδί επαναφοράς κωδικού στις προσωπικές σας ρυθμίσεις για να επανακτήσετε πρόσβαση στα κρυπτογραφημένα σας αρχεία.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Δεν ήταν δυνατό να αποκρυπτογραφηθεί αυτό το αρχείο, πιθανόν πρόκειται για κοινόχρηστο αρχείο. Παρακαλώ ζητήστε από τον ιδιοκτήτη του αρχείου να το ξαναμοιραστεί μαζί σας.", - "Unknown error. Please check your system settings or contact your administrator" : "Άγνωστο σφάλμα. Παρακαλώ ελέγξτε τις ρυθμίσεις του συστήματό σας ή επικοινωνήστε με τον διαχειριστή συστημάτων σας", - "Initial encryption started... This can take some time. Please wait." : "Η αρχική κρυπτογράφηση άρχισε... Αυτό μπορεί να πάρει κάποια ώρα. Παρακαλώ περιμένετε.", - "Initial encryption running... Please try again later." : "Εκτέλεση αρχικής κρυπτογράφησης... Παρακαλώ προσπαθήστε αργότερα.", - "Missing requirements." : "Προαπαιτούμενα που απουσιάζουν.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Παρακαλώ επιβεβαιώστε ότι η OpenSSL μαζί με την επέκταση PHP έχουν ενεργοποιηθεί και ρυθμιστεί σωστά. Προς το παρόν, η εφαρμογή κρυπτογράφησης είναι απενεργοποιημένη.", - "Following users are not set up for encryption:" : "Οι κάτωθι χρήστες δεν έχουν ρυθμιστεί για κρυπογράφηση:", - "Go directly to your %spersonal settings%s." : "Πηγαίνετε κατ'ευθείαν στις %sπροσωπικές ρυθμίσεις%s σας.", - "Server-side Encryption" : "Κρυπτογράφηση από τον Διακομιστή", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Η εφαρμογή κρυπτογράφησης είναι ενεργοποιημένη αλλά τα κλειδιά σας δεν έχουν καταγραφεί, παρακαλώ αποσυνδεθείτε και επανασυνδεθείτε.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Ενεργοποίηση κλειδιού ανάκτησης (επιτρέψτε την ανάκτηση αρχείων χρηστών σε περίπτωση απώλειας κωδικού):", - "Recovery key password" : "Επαναφορά κωδικού κλειδιού", - "Repeat Recovery key password" : "Επαναλάβετε το κλειδί επαναφοράς κωδικού", - "Enabled" : "Ενεργοποιημένο", - "Disabled" : "Απενεργοποιημένο", - "Change recovery key password:" : "Αλλαγή κλειδιού επαναφοράς κωδικού:", - "Old Recovery key password" : "Παλιό κλειδί επαναφοράς κωδικού", - "New Recovery key password" : "Νέο κλειδί επαναφοράς κωδικού", - "Repeat New Recovery key password" : "Επαναλάβετε νέο κλειδί επαναφοράς κωδικού", - "Change Password" : "Αλλαγή Κωδικού Πρόσβασης", - "Your private key password no longer matches your log-in password." : "Ο κωδικός του ιδιωτικού κλειδιού σας δεν ταιριάζει πλέον με τον κωδικό σύνδεσής σας.", - "Set your old private key password to your current log-in password:" : "Ορίστε τον παλιό σας κωδικό ιδιωτικού κλειδιού στον τρέχοντα κωδικό σύνδεσης.", - " If you don't remember your old password you can ask your administrator to recover your files." : "Εάν δεν θυμάστε τον παλιό σας κωδικό μπορείτε να ζητήσετε από τον διαχειριστή σας να επανακτήσει τα αρχεία σας.", - "Old log-in password" : "Παλαιό συνθηματικό εισόδου", - "Current log-in password" : "Τρέχον συνθηματικό πρόσβασης", - "Update Private Key Password" : "Ενημέρωση Προσωπικού Κλειδού Πρόσβασης", - "Enable password recovery:" : "Ενεργοποιήστε την ανάκτηση κωδικού πρόσβασης", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Η ενεργοποίηση αυτής της επιλογής θα σας επιτρέψει να επανακτήσετε πρόσβαση στα κρυπτογραφημένα σας αρχεία σε περίπτωση απώλειας του κωδικού σας" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/el.json b/apps/files_encryption/l10n/el.json deleted file mode 100644 index cbe1973189..0000000000 --- a/apps/files_encryption/l10n/el.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Άγνωστο σφάλμα", - "Missing recovery key password" : "Λείπει το κλειδί επαναφοράς κωδικού", - "Please repeat the recovery key password" : "Παρακαλώ επαναλάβετε το κλειδί επαναφοράς κωδικού", - "Repeated recovery key password does not match the provided recovery key password" : "Η επανάληψη του κλειδιού επαναφοράς κωδικού δεν ταιριάζει με το δοσμένο κλειδί επαναφοράς κωδικού", - "Recovery key successfully enabled" : "Επιτυχής ενεργοποίηση κλειδιού ανάκτησης", - "Could not disable recovery key. Please check your recovery key password!" : "Αποτυχία απενεργοποίησης κλειδιού ανάκτησης. Παρακαλώ ελέγξτε τον κωδικό του κλειδιού ανάκτησής σας!", - "Recovery key successfully disabled" : "Επιτυχής απενεργοποίηση κλειδιού ανάκτησης", - "Please provide the old recovery password" : "Παρακαλώ παρέχετε τον παλιό κωδικό επαναφοράς", - "Please provide a new recovery password" : "Παρακαλώ παρέχετε ένα νέο κωδικό επαναφοράς", - "Please repeat the new recovery password" : "Παρακαλώ επαναλάβετε το νέο κωδικό επαναφοράς", - "Password successfully changed." : "Ο κωδικός αλλάχτηκε επιτυχώς.", - "Could not change the password. Maybe the old password was not correct." : "Αποτυχία αλλαγής κωδικού ίσως ο παλιός κωδικός να μην ήταν σωστός.", - "Could not update the private key password." : "Αποτυχία ενημέρωσης του προσωπικού κλειδιού πρόσβασης", - "The old password was not correct, please try again." : "Το παλαιό συνθηματικό δεν είναι σωστό, παρακαλώ δοκιμάστε ξανά.", - "The current log-in password was not correct, please try again." : "Το τρέχον συνθηματικό δεν είναι σωστό, παρακαλώ δοκιμάστε ξανά.", - "Private key password successfully updated." : "Το Προσωπικό κλειδί πρόσβασης ενημερώθηκε επιτυχώς", - "File recovery settings updated" : "Οι ρυθμίσεις επαναφοράς αρχείων ανανεώθηκαν", - "Could not update file recovery" : "Αποτυχία ενημέρωσης ανάκτησης αρχείων", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Η εφαρμογή κρυπτογράφησης δεν έχει εκκινήσει! Ίσως η εφαρμογή κρυπτογράφησης επανενεργοποιήθηκε κατά τη διάρκεια της τρέχουσας σύνδεσής σας. Παρακαλώ προσπαθήστε να αποσυνδεθείτε και να ξανασυνδεθείτε για να εκκινήσετε την εφαρμογή κρυπτογράφησης.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Το προσωπικό σας κλειδί δεν είναι έγκυρο! Πιθανόν ο κωδικός σας να άλλαξε έξω από το %s (π.χ. τη λίστα διευθύνσεων της εταιρείας σας). Μπορείτε να ενημερώσετε το προσωπικό σας κλειδί επαναφοράς κωδικού στις προσωπικές σας ρυθμίσεις για να επανακτήσετε πρόσβαση στα κρυπτογραφημένα σας αρχεία.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Δεν ήταν δυνατό να αποκρυπτογραφηθεί αυτό το αρχείο, πιθανόν πρόκειται για κοινόχρηστο αρχείο. Παρακαλώ ζητήστε από τον ιδιοκτήτη του αρχείου να το ξαναμοιραστεί μαζί σας.", - "Unknown error. Please check your system settings or contact your administrator" : "Άγνωστο σφάλμα. Παρακαλώ ελέγξτε τις ρυθμίσεις του συστήματό σας ή επικοινωνήστε με τον διαχειριστή συστημάτων σας", - "Initial encryption started... This can take some time. Please wait." : "Η αρχική κρυπτογράφηση άρχισε... Αυτό μπορεί να πάρει κάποια ώρα. Παρακαλώ περιμένετε.", - "Initial encryption running... Please try again later." : "Εκτέλεση αρχικής κρυπτογράφησης... Παρακαλώ προσπαθήστε αργότερα.", - "Missing requirements." : "Προαπαιτούμενα που απουσιάζουν.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Παρακαλώ επιβεβαιώστε ότι η OpenSSL μαζί με την επέκταση PHP έχουν ενεργοποιηθεί και ρυθμιστεί σωστά. Προς το παρόν, η εφαρμογή κρυπτογράφησης είναι απενεργοποιημένη.", - "Following users are not set up for encryption:" : "Οι κάτωθι χρήστες δεν έχουν ρυθμιστεί για κρυπογράφηση:", - "Go directly to your %spersonal settings%s." : "Πηγαίνετε κατ'ευθείαν στις %sπροσωπικές ρυθμίσεις%s σας.", - "Server-side Encryption" : "Κρυπτογράφηση από τον Διακομιστή", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Η εφαρμογή κρυπτογράφησης είναι ενεργοποιημένη αλλά τα κλειδιά σας δεν έχουν καταγραφεί, παρακαλώ αποσυνδεθείτε και επανασυνδεθείτε.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Ενεργοποίηση κλειδιού ανάκτησης (επιτρέψτε την ανάκτηση αρχείων χρηστών σε περίπτωση απώλειας κωδικού):", - "Recovery key password" : "Επαναφορά κωδικού κλειδιού", - "Repeat Recovery key password" : "Επαναλάβετε το κλειδί επαναφοράς κωδικού", - "Enabled" : "Ενεργοποιημένο", - "Disabled" : "Απενεργοποιημένο", - "Change recovery key password:" : "Αλλαγή κλειδιού επαναφοράς κωδικού:", - "Old Recovery key password" : "Παλιό κλειδί επαναφοράς κωδικού", - "New Recovery key password" : "Νέο κλειδί επαναφοράς κωδικού", - "Repeat New Recovery key password" : "Επαναλάβετε νέο κλειδί επαναφοράς κωδικού", - "Change Password" : "Αλλαγή Κωδικού Πρόσβασης", - "Your private key password no longer matches your log-in password." : "Ο κωδικός του ιδιωτικού κλειδιού σας δεν ταιριάζει πλέον με τον κωδικό σύνδεσής σας.", - "Set your old private key password to your current log-in password:" : "Ορίστε τον παλιό σας κωδικό ιδιωτικού κλειδιού στον τρέχοντα κωδικό σύνδεσης.", - " If you don't remember your old password you can ask your administrator to recover your files." : "Εάν δεν θυμάστε τον παλιό σας κωδικό μπορείτε να ζητήσετε από τον διαχειριστή σας να επανακτήσει τα αρχεία σας.", - "Old log-in password" : "Παλαιό συνθηματικό εισόδου", - "Current log-in password" : "Τρέχον συνθηματικό πρόσβασης", - "Update Private Key Password" : "Ενημέρωση Προσωπικού Κλειδού Πρόσβασης", - "Enable password recovery:" : "Ενεργοποιήστε την ανάκτηση κωδικού πρόσβασης", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Η ενεργοποίηση αυτής της επιλογής θα σας επιτρέψει να επανακτήσετε πρόσβαση στα κρυπτογραφημένα σας αρχεία σε περίπτωση απώλειας του κωδικού σας" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/en_GB.js b/apps/files_encryption/l10n/en_GB.js deleted file mode 100644 index dc0dba85eb..0000000000 --- a/apps/files_encryption/l10n/en_GB.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Unknown error", - "Missing recovery key password" : "Missing recovery key password", - "Please repeat the recovery key password" : "Please repeat the recovery key password", - "Repeated recovery key password does not match the provided recovery key password" : "Repeated recovery key password does not match the provided recovery key password", - "Recovery key successfully enabled" : "Recovery key enabled successfully", - "Could not disable recovery key. Please check your recovery key password!" : "Could not disable recovery key. Please check your recovery key password!", - "Recovery key successfully disabled" : "Recovery key disabled successfully", - "Please provide the old recovery password" : "Please provide the old recovery password", - "Please provide a new recovery password" : "Please provide a new recovery password", - "Please repeat the new recovery password" : "Please repeat the new recovery password", - "Password successfully changed." : "Password changed successfully.", - "Could not change the password. Maybe the old password was not correct." : "Could not change the password. Maybe the old password was incorrect.", - "Could not update the private key password." : "Could not update the private key password.", - "The old password was not correct, please try again." : "The old password was not correct, please try again.", - "The current log-in password was not correct, please try again." : "The current log-in password was not correct, please try again.", - "Private key password successfully updated." : "Private key password updated successfully.", - "File recovery settings updated" : "File recovery settings updated", - "Could not update file recovery" : "Could not update file recovery", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Encryption app not initialised! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialise the encryption app.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Cannot decrypt this file, which is probably a shared file. Please ask the file owner to reshare the file with you.", - "Unknown error. Please check your system settings or contact your administrator" : "Unknown error. Please check your system settings or contact your administrator", - "Initial encryption started... This can take some time. Please wait." : "Initial encryption started... This can take some time. Please wait.", - "Initial encryption running... Please try again later." : "Initial encryption running... Please try again later.", - "Missing requirements." : "Missing requirements.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Please make sure that OpenSSL together with the PHP extension is enabled and properly configured. For now, the encryption app has been disabled.", - "Following users are not set up for encryption:" : "Following users are not set up for encryption:", - "Go directly to your %spersonal settings%s." : "Go directly to your %spersonal settings%s.", - "Server-side Encryption" : "Server-side Encryption", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Encryption App is enabled but your keys are not initialised, please log-out and log-in again", - "Enable recovery key (allow to recover users files in case of password loss):" : "Enable recovery key (allow to recover users files in case of password loss):", - "Recovery key password" : "Recovery key password", - "Repeat Recovery key password" : "Repeat recovery key password", - "Enabled" : "Enabled", - "Disabled" : "Disabled", - "Change recovery key password:" : "Change recovery key password:", - "Old Recovery key password" : "Old recovery key password", - "New Recovery key password" : "New recovery key password", - "Repeat New Recovery key password" : "Repeat new recovery key password", - "Change Password" : "Change Password", - "Your private key password no longer matches your log-in password." : "Your private key password no longer matches your log-in password.", - "Set your old private key password to your current log-in password:" : "Set your old private key password to your current log-in password:", - " If you don't remember your old password you can ask your administrator to recover your files." : " If you don't remember your old password you can ask your administrator to recover your files.", - "Old log-in password" : "Old login password", - "Current log-in password" : "Current login password", - "Update Private Key Password" : "Update Private Key Password", - "Enable password recovery:" : "Enable password recovery:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/en_GB.json b/apps/files_encryption/l10n/en_GB.json deleted file mode 100644 index 8afafc4e90..0000000000 --- a/apps/files_encryption/l10n/en_GB.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Unknown error", - "Missing recovery key password" : "Missing recovery key password", - "Please repeat the recovery key password" : "Please repeat the recovery key password", - "Repeated recovery key password does not match the provided recovery key password" : "Repeated recovery key password does not match the provided recovery key password", - "Recovery key successfully enabled" : "Recovery key enabled successfully", - "Could not disable recovery key. Please check your recovery key password!" : "Could not disable recovery key. Please check your recovery key password!", - "Recovery key successfully disabled" : "Recovery key disabled successfully", - "Please provide the old recovery password" : "Please provide the old recovery password", - "Please provide a new recovery password" : "Please provide a new recovery password", - "Please repeat the new recovery password" : "Please repeat the new recovery password", - "Password successfully changed." : "Password changed successfully.", - "Could not change the password. Maybe the old password was not correct." : "Could not change the password. Maybe the old password was incorrect.", - "Could not update the private key password." : "Could not update the private key password.", - "The old password was not correct, please try again." : "The old password was not correct, please try again.", - "The current log-in password was not correct, please try again." : "The current log-in password was not correct, please try again.", - "Private key password successfully updated." : "Private key password updated successfully.", - "File recovery settings updated" : "File recovery settings updated", - "Could not update file recovery" : "Could not update file recovery", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Encryption app not initialised! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialise the encryption app.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Cannot decrypt this file, which is probably a shared file. Please ask the file owner to reshare the file with you.", - "Unknown error. Please check your system settings or contact your administrator" : "Unknown error. Please check your system settings or contact your administrator", - "Initial encryption started... This can take some time. Please wait." : "Initial encryption started... This can take some time. Please wait.", - "Initial encryption running... Please try again later." : "Initial encryption running... Please try again later.", - "Missing requirements." : "Missing requirements.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Please make sure that OpenSSL together with the PHP extension is enabled and properly configured. For now, the encryption app has been disabled.", - "Following users are not set up for encryption:" : "Following users are not set up for encryption:", - "Go directly to your %spersonal settings%s." : "Go directly to your %spersonal settings%s.", - "Server-side Encryption" : "Server-side Encryption", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Encryption App is enabled but your keys are not initialised, please log-out and log-in again", - "Enable recovery key (allow to recover users files in case of password loss):" : "Enable recovery key (allow to recover users files in case of password loss):", - "Recovery key password" : "Recovery key password", - "Repeat Recovery key password" : "Repeat recovery key password", - "Enabled" : "Enabled", - "Disabled" : "Disabled", - "Change recovery key password:" : "Change recovery key password:", - "Old Recovery key password" : "Old recovery key password", - "New Recovery key password" : "New recovery key password", - "Repeat New Recovery key password" : "Repeat new recovery key password", - "Change Password" : "Change Password", - "Your private key password no longer matches your log-in password." : "Your private key password no longer matches your log-in password.", - "Set your old private key password to your current log-in password:" : "Set your old private key password to your current log-in password:", - " If you don't remember your old password you can ask your administrator to recover your files." : " If you don't remember your old password you can ask your administrator to recover your files.", - "Old log-in password" : "Old login password", - "Current log-in password" : "Current login password", - "Update Private Key Password" : "Update Private Key Password", - "Enable password recovery:" : "Enable password recovery:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/eo.js b/apps/files_encryption/l10n/eo.js deleted file mode 100644 index b99a3f8092..0000000000 --- a/apps/files_encryption/l10n/eo.js +++ /dev/null @@ -1,17 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Nekonata eraro", - "Password successfully changed." : "La pasvorto sukcese ŝanĝiĝis.", - "Could not change the password. Maybe the old password was not correct." : "Ne eblis ŝanĝi la pasvorton. Eble la malnova pasvorto malĝustis.", - "Private key password successfully updated." : "La pasvorto de la malpublika klavo sukcese ĝisdatiĝis.", - "Missing requirements." : "Mankas neproj.", - "Enabled" : "Kapabligita", - "Disabled" : "Malkapabligita", - "Change Password" : "Ŝarĝi pasvorton", - "Old log-in password" : "Malnova ensaluta pasvorto", - "Current log-in password" : "Nuna ensaluta pasvorto", - "Update Private Key Password" : "Ĝisdatigi la pasvorton de la malpublika klavo", - "Enable password recovery:" : "Kapabligi restaŭron de pasvorto:" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/eo.json b/apps/files_encryption/l10n/eo.json deleted file mode 100644 index 02ba7e2faa..0000000000 --- a/apps/files_encryption/l10n/eo.json +++ /dev/null @@ -1,15 +0,0 @@ -{ "translations": { - "Unknown error" : "Nekonata eraro", - "Password successfully changed." : "La pasvorto sukcese ŝanĝiĝis.", - "Could not change the password. Maybe the old password was not correct." : "Ne eblis ŝanĝi la pasvorton. Eble la malnova pasvorto malĝustis.", - "Private key password successfully updated." : "La pasvorto de la malpublika klavo sukcese ĝisdatiĝis.", - "Missing requirements." : "Mankas neproj.", - "Enabled" : "Kapabligita", - "Disabled" : "Malkapabligita", - "Change Password" : "Ŝarĝi pasvorton", - "Old log-in password" : "Malnova ensaluta pasvorto", - "Current log-in password" : "Nuna ensaluta pasvorto", - "Update Private Key Password" : "Ĝisdatigi la pasvorton de la malpublika klavo", - "Enable password recovery:" : "Kapabligi restaŭron de pasvorto:" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/es.js b/apps/files_encryption/l10n/es.js deleted file mode 100644 index 22c2b02a8e..0000000000 --- a/apps/files_encryption/l10n/es.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Error desconocido", - "Missing recovery key password" : "Falta contraseña de recuperación.", - "Please repeat the recovery key password" : "Por favor, repita la contraseña de recuperación", - "Repeated recovery key password does not match the provided recovery key password" : "La contraseña de recuperación reintroducida no coincide con la contraseña de recuperación proporcionada.", - "Recovery key successfully enabled" : "Se ha habilitado la recuperación de archivos", - "Could not disable recovery key. Please check your recovery key password!" : "No se pudo deshabilitar la clave de recuperación. Por favor, ¡compruebe su contraseña!", - "Recovery key successfully disabled" : "Clave de recuperación deshabilitada", - "Please provide the old recovery password" : "Por favor, ingrese su antigua contraseña de recuperación", - "Please provide a new recovery password" : "Por favor, ingrese una nueva contraseña de recuperación", - "Please repeat the new recovery password" : "Por favor, repita su nueva contraseña de recuperación", - "Password successfully changed." : "Su contraseña ha sido cambiada", - "Could not change the password. Maybe the old password was not correct." : "No se pudo cambiar la contraseña. Compruebe que la contraseña actual sea correcta.", - "Could not update the private key password." : "No se pudo actualizar la contraseña de la clave privada.", - "The old password was not correct, please try again." : "La antigua contraseña no es correcta, por favor intente de nuevo.", - "The current log-in password was not correct, please try again." : "La contraseña de inicio de sesión actual no es correcto, por favor intente de nuevo.", - "Private key password successfully updated." : "Contraseña de clave privada actualizada con éxito.", - "File recovery settings updated" : "Opciones de recuperación de archivos actualizada", - "Could not update file recovery" : "No se pudo actualizar la recuperación de archivos", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "¡La aplicación de cifrado no ha sido inicializada! Quizá se restableció durante su sesión. Por favor intente cerrar la sesión y volver a iniciarla para inicializar la aplicación de cifrado.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "¡Su clave privada no es válida! Tal vez su contraseña ha sido cambiada desde fuera de %s (Ej: su directorio corporativo). Puede actualizar la contraseña de su clave privada en sus opciones personales para recuperar el acceso a sus archivos.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "No fue posible descifrar este archivo, probablemente se trate de un archivo compartido. Solicite al propietario del mismo que vuelva a compartirlo con usted.", - "Unknown error. Please check your system settings or contact your administrator" : "Error desconocido. Revise la configuración de su sistema o contacte con su administrador", - "Initial encryption started... This can take some time. Please wait." : "Ha comenzado el cifrado inicial... Esto puede tardar un rato. Por favor, espere.", - "Initial encryption running... Please try again later." : "Cifrado inicial en curso... Inténtelo más tarde.", - "Missing requirements." : "Requisitos incompletos.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Asegúrese de que OpenSSL y la extensión de PHP estén habilitados y configurados correctamente. Por el momento, la aplicación de cifrado ha sido deshabilitada.", - "Following users are not set up for encryption:" : "Los siguientes usuarios no han sido configurados para el cifrado:", - "Go directly to your %spersonal settings%s." : "Ir directamente a %sOpciones%s.", - "Server-side Encryption" : "Cifrado en el servidor", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "La app de cifrado está habilitada pero sus claves no se han inicializado, por favor, cierre la sesión y vuelva a iniciarla de nuevo.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Habilitar la clave de recuperación (permite recuperar los ficheros del usuario en caso de pérdida de la contraseña);", - "Recovery key password" : "Contraseña de clave de recuperación", - "Repeat Recovery key password" : "Repite la contraseña de clave de recuperación", - "Enabled" : "Habilitar", - "Disabled" : "Deshabilitado", - "Change recovery key password:" : "Cambiar la contraseña de la clave de recuperación", - "Old Recovery key password" : "Antigua clave de recuperación", - "New Recovery key password" : "Nueva clave de recuperación", - "Repeat New Recovery key password" : "Repetir la nueva clave de recuperación", - "Change Password" : "Cambiar contraseña", - "Your private key password no longer matches your log-in password." : "Su contraseña de clave privada ya no coincide con su contraseña de acceso.", - "Set your old private key password to your current log-in password:" : "Establezca la contraseña de clave privada antigua para su contraseña de inicio de sesión actual:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Si no recuerda su antigua contraseña puede pedir a su administrador que le recupere sus ficheros.", - "Old log-in password" : "Contraseña de acceso antigua", - "Current log-in password" : "Contraseña de acceso actual", - "Update Private Key Password" : "Actualizar contraseña de clave privada", - "Enable password recovery:" : "Habilitar la recuperación de contraseña:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Habilitar esta opción le permitirá volver a tener acceso a sus ficheros cifrados en caso de pérdida de contraseña" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/es.json b/apps/files_encryption/l10n/es.json deleted file mode 100644 index f31c325a23..0000000000 --- a/apps/files_encryption/l10n/es.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Error desconocido", - "Missing recovery key password" : "Falta contraseña de recuperación.", - "Please repeat the recovery key password" : "Por favor, repita la contraseña de recuperación", - "Repeated recovery key password does not match the provided recovery key password" : "La contraseña de recuperación reintroducida no coincide con la contraseña de recuperación proporcionada.", - "Recovery key successfully enabled" : "Se ha habilitado la recuperación de archivos", - "Could not disable recovery key. Please check your recovery key password!" : "No se pudo deshabilitar la clave de recuperación. Por favor, ¡compruebe su contraseña!", - "Recovery key successfully disabled" : "Clave de recuperación deshabilitada", - "Please provide the old recovery password" : "Por favor, ingrese su antigua contraseña de recuperación", - "Please provide a new recovery password" : "Por favor, ingrese una nueva contraseña de recuperación", - "Please repeat the new recovery password" : "Por favor, repita su nueva contraseña de recuperación", - "Password successfully changed." : "Su contraseña ha sido cambiada", - "Could not change the password. Maybe the old password was not correct." : "No se pudo cambiar la contraseña. Compruebe que la contraseña actual sea correcta.", - "Could not update the private key password." : "No se pudo actualizar la contraseña de la clave privada.", - "The old password was not correct, please try again." : "La antigua contraseña no es correcta, por favor intente de nuevo.", - "The current log-in password was not correct, please try again." : "La contraseña de inicio de sesión actual no es correcto, por favor intente de nuevo.", - "Private key password successfully updated." : "Contraseña de clave privada actualizada con éxito.", - "File recovery settings updated" : "Opciones de recuperación de archivos actualizada", - "Could not update file recovery" : "No se pudo actualizar la recuperación de archivos", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "¡La aplicación de cifrado no ha sido inicializada! Quizá se restableció durante su sesión. Por favor intente cerrar la sesión y volver a iniciarla para inicializar la aplicación de cifrado.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "¡Su clave privada no es válida! Tal vez su contraseña ha sido cambiada desde fuera de %s (Ej: su directorio corporativo). Puede actualizar la contraseña de su clave privada en sus opciones personales para recuperar el acceso a sus archivos.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "No fue posible descifrar este archivo, probablemente se trate de un archivo compartido. Solicite al propietario del mismo que vuelva a compartirlo con usted.", - "Unknown error. Please check your system settings or contact your administrator" : "Error desconocido. Revise la configuración de su sistema o contacte con su administrador", - "Initial encryption started... This can take some time. Please wait." : "Ha comenzado el cifrado inicial... Esto puede tardar un rato. Por favor, espere.", - "Initial encryption running... Please try again later." : "Cifrado inicial en curso... Inténtelo más tarde.", - "Missing requirements." : "Requisitos incompletos.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Asegúrese de que OpenSSL y la extensión de PHP estén habilitados y configurados correctamente. Por el momento, la aplicación de cifrado ha sido deshabilitada.", - "Following users are not set up for encryption:" : "Los siguientes usuarios no han sido configurados para el cifrado:", - "Go directly to your %spersonal settings%s." : "Ir directamente a %sOpciones%s.", - "Server-side Encryption" : "Cifrado en el servidor", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "La app de cifrado está habilitada pero sus claves no se han inicializado, por favor, cierre la sesión y vuelva a iniciarla de nuevo.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Habilitar la clave de recuperación (permite recuperar los ficheros del usuario en caso de pérdida de la contraseña);", - "Recovery key password" : "Contraseña de clave de recuperación", - "Repeat Recovery key password" : "Repite la contraseña de clave de recuperación", - "Enabled" : "Habilitar", - "Disabled" : "Deshabilitado", - "Change recovery key password:" : "Cambiar la contraseña de la clave de recuperación", - "Old Recovery key password" : "Antigua clave de recuperación", - "New Recovery key password" : "Nueva clave de recuperación", - "Repeat New Recovery key password" : "Repetir la nueva clave de recuperación", - "Change Password" : "Cambiar contraseña", - "Your private key password no longer matches your log-in password." : "Su contraseña de clave privada ya no coincide con su contraseña de acceso.", - "Set your old private key password to your current log-in password:" : "Establezca la contraseña de clave privada antigua para su contraseña de inicio de sesión actual:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Si no recuerda su antigua contraseña puede pedir a su administrador que le recupere sus ficheros.", - "Old log-in password" : "Contraseña de acceso antigua", - "Current log-in password" : "Contraseña de acceso actual", - "Update Private Key Password" : "Actualizar contraseña de clave privada", - "Enable password recovery:" : "Habilitar la recuperación de contraseña:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Habilitar esta opción le permitirá volver a tener acceso a sus ficheros cifrados en caso de pérdida de contraseña" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/es_AR.js b/apps/files_encryption/l10n/es_AR.js deleted file mode 100644 index 88a7456dbc..0000000000 --- a/apps/files_encryption/l10n/es_AR.js +++ /dev/null @@ -1,38 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Error desconocido", - "Recovery key successfully enabled" : "Se habilitó la recuperación de archivos", - "Could not disable recovery key. Please check your recovery key password!" : "No fue posible deshabilitar la clave de recuperación. Por favor, comprobá tu contraseña.", - "Recovery key successfully disabled" : "Clave de recuperación deshabilitada", - "Password successfully changed." : "Tu contraseña fue cambiada", - "Could not change the password. Maybe the old password was not correct." : "No se pudo cambiar la contraseña. Comprobá que la contraseña actual sea correcta.", - "Private key password successfully updated." : "Contraseña de clave privada actualizada con éxito.", - "File recovery settings updated" : "Las opciones de recuperación de archivos fueron actualizadas", - "Could not update file recovery" : "No fue posible actualizar la recuperación de archivos", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "¡La aplicación de encriptación no está inicializada! Es probable que la aplicación fue re-habilitada durante tu sesión. Intenta salir y iniciar sesión para volverla a iniciar.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "¡Tu llave privada no es válida! Aparenta que tu clave fue cambiada fuera de %s (de tus directorios). Puedes actualizar la contraseña de tu clave privadaen las configuraciones personales para recobrar el acceso a tus archivos encriptados.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "No se puede descibrar este archivo, probablemente sea un archivo compartido. Por favor pídele al dueño que recomparta el archivo contigo.", - "Initial encryption started... This can take some time. Please wait." : "Encriptación inicial comenzada... Esto puede durar un tiempo. Por favor espere.", - "Initial encryption running... Please try again later." : "Encriptación inicial corriendo... Por favor intente mas tarde. ", - "Missing requirements." : "Requisitos incompletos.", - "Following users are not set up for encryption:" : "Los siguientes usuarios no fueron configurados para encriptar:", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "La aplicación de encriptación está habilitada pero las llaves no fueron inicializadas, por favor termine y vuelva a iniciar la sesión", - "Enable recovery key (allow to recover users files in case of password loss):" : "Habilitar clave de recuperación (te permite recuperar los archivos de usuario en el caso que pierdas la contraseña):", - "Recovery key password" : "Contraseña de recuperación de clave", - "Repeat Recovery key password" : "Repetir la contraseña de la clave de recuperación", - "Enabled" : "Habilitado", - "Disabled" : "Deshabilitado", - "Change recovery key password:" : "Cambiar contraseña para recuperar la clave:", - "Old Recovery key password" : "Contraseña antigua de recuperación de clave", - "New Recovery key password" : "Nueva contraseña de recuperación de clave", - "Repeat New Recovery key password" : "Repetir Nueva contraseña para la clave de recuperación", - "Change Password" : "Cambiar contraseña", - " If you don't remember your old password you can ask your administrator to recover your files." : "Si no te acordás de tu contraseña antigua, pedile al administrador que recupere tus archivos", - "Old log-in password" : "Contraseña anterior", - "Current log-in password" : "Contraseña actual", - "Update Private Key Password" : "Actualizar contraseña de la clave privada", - "Enable password recovery:" : "Habilitar recuperación de contraseña:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Habilitando esta opción, vas a tener acceso a tus archivos encriptados, incluso si perdés la contraseña" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/es_AR.json b/apps/files_encryption/l10n/es_AR.json deleted file mode 100644 index 03495731ec..0000000000 --- a/apps/files_encryption/l10n/es_AR.json +++ /dev/null @@ -1,36 +0,0 @@ -{ "translations": { - "Unknown error" : "Error desconocido", - "Recovery key successfully enabled" : "Se habilitó la recuperación de archivos", - "Could not disable recovery key. Please check your recovery key password!" : "No fue posible deshabilitar la clave de recuperación. Por favor, comprobá tu contraseña.", - "Recovery key successfully disabled" : "Clave de recuperación deshabilitada", - "Password successfully changed." : "Tu contraseña fue cambiada", - "Could not change the password. Maybe the old password was not correct." : "No se pudo cambiar la contraseña. Comprobá que la contraseña actual sea correcta.", - "Private key password successfully updated." : "Contraseña de clave privada actualizada con éxito.", - "File recovery settings updated" : "Las opciones de recuperación de archivos fueron actualizadas", - "Could not update file recovery" : "No fue posible actualizar la recuperación de archivos", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "¡La aplicación de encriptación no está inicializada! Es probable que la aplicación fue re-habilitada durante tu sesión. Intenta salir y iniciar sesión para volverla a iniciar.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "¡Tu llave privada no es válida! Aparenta que tu clave fue cambiada fuera de %s (de tus directorios). Puedes actualizar la contraseña de tu clave privadaen las configuraciones personales para recobrar el acceso a tus archivos encriptados.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "No se puede descibrar este archivo, probablemente sea un archivo compartido. Por favor pídele al dueño que recomparta el archivo contigo.", - "Initial encryption started... This can take some time. Please wait." : "Encriptación inicial comenzada... Esto puede durar un tiempo. Por favor espere.", - "Initial encryption running... Please try again later." : "Encriptación inicial corriendo... Por favor intente mas tarde. ", - "Missing requirements." : "Requisitos incompletos.", - "Following users are not set up for encryption:" : "Los siguientes usuarios no fueron configurados para encriptar:", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "La aplicación de encriptación está habilitada pero las llaves no fueron inicializadas, por favor termine y vuelva a iniciar la sesión", - "Enable recovery key (allow to recover users files in case of password loss):" : "Habilitar clave de recuperación (te permite recuperar los archivos de usuario en el caso que pierdas la contraseña):", - "Recovery key password" : "Contraseña de recuperación de clave", - "Repeat Recovery key password" : "Repetir la contraseña de la clave de recuperación", - "Enabled" : "Habilitado", - "Disabled" : "Deshabilitado", - "Change recovery key password:" : "Cambiar contraseña para recuperar la clave:", - "Old Recovery key password" : "Contraseña antigua de recuperación de clave", - "New Recovery key password" : "Nueva contraseña de recuperación de clave", - "Repeat New Recovery key password" : "Repetir Nueva contraseña para la clave de recuperación", - "Change Password" : "Cambiar contraseña", - " If you don't remember your old password you can ask your administrator to recover your files." : "Si no te acordás de tu contraseña antigua, pedile al administrador que recupere tus archivos", - "Old log-in password" : "Contraseña anterior", - "Current log-in password" : "Contraseña actual", - "Update Private Key Password" : "Actualizar contraseña de la clave privada", - "Enable password recovery:" : "Habilitar recuperación de contraseña:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Habilitando esta opción, vas a tener acceso a tus archivos encriptados, incluso si perdés la contraseña" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/es_CL.js b/apps/files_encryption/l10n/es_CL.js deleted file mode 100644 index 5863354a6f..0000000000 --- a/apps/files_encryption/l10n/es_CL.js +++ /dev/null @@ -1,6 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Error desconocido" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/es_CL.json b/apps/files_encryption/l10n/es_CL.json deleted file mode 100644 index 8573fba4ca..0000000000 --- a/apps/files_encryption/l10n/es_CL.json +++ /dev/null @@ -1,4 +0,0 @@ -{ "translations": { - "Unknown error" : "Error desconocido" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/es_MX.js b/apps/files_encryption/l10n/es_MX.js deleted file mode 100644 index 29721e7904..0000000000 --- a/apps/files_encryption/l10n/es_MX.js +++ /dev/null @@ -1,37 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Error desconocido", - "Recovery key successfully enabled" : "Se ha habilitado la recuperación de archivos", - "Could not disable recovery key. Please check your recovery key password!" : "No se pudo deshabilitar la clave de recuperación. Por favor compruebe su contraseña!", - "Recovery key successfully disabled" : "Clave de recuperación deshabilitada", - "Password successfully changed." : "Su contraseña ha sido cambiada", - "Could not change the password. Maybe the old password was not correct." : "No se pudo cambiar la contraseña. Compruebe que la contraseña actual sea correcta.", - "Private key password successfully updated." : "Contraseña de clave privada actualizada con éxito.", - "File recovery settings updated" : "Opciones de recuperación de archivos actualizada", - "Could not update file recovery" : "No se pudo actualizar la recuperación de archivos", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "¡La aplicación de cifrado no ha sido inicializada! Quizá fue restablecida durante tu sesión. Por favor intenta cerrar la sesión y volver a iniciarla para inicializar la aplicación de cifrado.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "¡Su clave privada no es válida! Tal vez su contraseña ha sido cambiada desde fuera. de %s (Ej:Su directorio corporativo). Puede actualizar la contraseña de su clave privada en sus opciones personales para recuperar el acceso a sus archivos.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "No fue posible descifrar este archivo, probablemente se trate de un archivo compartido. Solicite al propietario del mismo que vuelva a compartirlo con usted.", - "Initial encryption started... This can take some time. Please wait." : "Encriptación iniciada... Esto puede tomar un tiempo. Por favor espere.", - "Missing requirements." : "Requisitos incompletos.", - "Following users are not set up for encryption:" : "Los siguientes usuarios no han sido configurados para el cifrado:", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "La aplicación de crifrado está habilitada pero tus claves no han sido inicializadas, por favor, cierra la sesión y vuelva a iniciarla de nuevo.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Habilitar la clave de recuperación (permite recuperar los archivos del usuario en caso de pérdida de la contraseña);", - "Recovery key password" : "Contraseña de clave de recuperación", - "Repeat Recovery key password" : "Repite la contraseña de clave de recuperación", - "Enabled" : "Habilitar", - "Disabled" : "Deshabilitado", - "Change recovery key password:" : "Cambiar la contraseña de la clave de recuperación", - "Old Recovery key password" : "Antigua clave de recuperación", - "New Recovery key password" : "Nueva clave de recuperación", - "Repeat New Recovery key password" : "Repetir la nueva clave de recuperación", - "Change Password" : "Cambiar contraseña", - " If you don't remember your old password you can ask your administrator to recover your files." : "Si no recuerda su antigua contraseña puede pedir a su administrador que le recupere sus archivos.", - "Old log-in password" : "Contraseña de acceso antigua", - "Current log-in password" : "Contraseña de acceso actual", - "Update Private Key Password" : "Actualizar Contraseña de Clave Privada", - "Enable password recovery:" : "Habilitar la recuperación de contraseña:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Habilitar esta opción le permitirá volver a tener acceso a sus archivos cifrados en caso de pérdida de contraseña" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/es_MX.json b/apps/files_encryption/l10n/es_MX.json deleted file mode 100644 index e8c5d52d45..0000000000 --- a/apps/files_encryption/l10n/es_MX.json +++ /dev/null @@ -1,35 +0,0 @@ -{ "translations": { - "Unknown error" : "Error desconocido", - "Recovery key successfully enabled" : "Se ha habilitado la recuperación de archivos", - "Could not disable recovery key. Please check your recovery key password!" : "No se pudo deshabilitar la clave de recuperación. Por favor compruebe su contraseña!", - "Recovery key successfully disabled" : "Clave de recuperación deshabilitada", - "Password successfully changed." : "Su contraseña ha sido cambiada", - "Could not change the password. Maybe the old password was not correct." : "No se pudo cambiar la contraseña. Compruebe que la contraseña actual sea correcta.", - "Private key password successfully updated." : "Contraseña de clave privada actualizada con éxito.", - "File recovery settings updated" : "Opciones de recuperación de archivos actualizada", - "Could not update file recovery" : "No se pudo actualizar la recuperación de archivos", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "¡La aplicación de cifrado no ha sido inicializada! Quizá fue restablecida durante tu sesión. Por favor intenta cerrar la sesión y volver a iniciarla para inicializar la aplicación de cifrado.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "¡Su clave privada no es válida! Tal vez su contraseña ha sido cambiada desde fuera. de %s (Ej:Su directorio corporativo). Puede actualizar la contraseña de su clave privada en sus opciones personales para recuperar el acceso a sus archivos.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "No fue posible descifrar este archivo, probablemente se trate de un archivo compartido. Solicite al propietario del mismo que vuelva a compartirlo con usted.", - "Initial encryption started... This can take some time. Please wait." : "Encriptación iniciada... Esto puede tomar un tiempo. Por favor espere.", - "Missing requirements." : "Requisitos incompletos.", - "Following users are not set up for encryption:" : "Los siguientes usuarios no han sido configurados para el cifrado:", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "La aplicación de crifrado está habilitada pero tus claves no han sido inicializadas, por favor, cierra la sesión y vuelva a iniciarla de nuevo.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Habilitar la clave de recuperación (permite recuperar los archivos del usuario en caso de pérdida de la contraseña);", - "Recovery key password" : "Contraseña de clave de recuperación", - "Repeat Recovery key password" : "Repite la contraseña de clave de recuperación", - "Enabled" : "Habilitar", - "Disabled" : "Deshabilitado", - "Change recovery key password:" : "Cambiar la contraseña de la clave de recuperación", - "Old Recovery key password" : "Antigua clave de recuperación", - "New Recovery key password" : "Nueva clave de recuperación", - "Repeat New Recovery key password" : "Repetir la nueva clave de recuperación", - "Change Password" : "Cambiar contraseña", - " If you don't remember your old password you can ask your administrator to recover your files." : "Si no recuerda su antigua contraseña puede pedir a su administrador que le recupere sus archivos.", - "Old log-in password" : "Contraseña de acceso antigua", - "Current log-in password" : "Contraseña de acceso actual", - "Update Private Key Password" : "Actualizar Contraseña de Clave Privada", - "Enable password recovery:" : "Habilitar la recuperación de contraseña:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Habilitar esta opción le permitirá volver a tener acceso a sus archivos cifrados en caso de pérdida de contraseña" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/et_EE.js b/apps/files_encryption/l10n/et_EE.js deleted file mode 100644 index 0e293cc0ee..0000000000 --- a/apps/files_encryption/l10n/et_EE.js +++ /dev/null @@ -1,51 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Tundmatu viga", - "Missing recovery key password" : "Muuda taastevõtme parool", - "Please repeat the recovery key password" : "Palun korda uut taastevõtme parooli", - "Repeated recovery key password does not match the provided recovery key password" : "Lahtritesse sisestatud taastevõtme paroolid ei kattu", - "Recovery key successfully enabled" : "Taastevõtme lubamine õnnestus", - "Could not disable recovery key. Please check your recovery key password!" : "Ei suuda keelata taastevõtit. Palun kontrolli oma taastevõtme parooli!", - "Recovery key successfully disabled" : "Taastevõtme keelamine õnnestus", - "Please provide the old recovery password" : "Palun sisesta vana taastevõtme parool", - "Please provide a new recovery password" : "Palun sisesta uus taastevõtme parool", - "Please repeat the new recovery password" : "Palun korda uut taastevõtme parooli", - "Password successfully changed." : "Parool edukalt vahetatud.", - "Could not change the password. Maybe the old password was not correct." : "Ei suutnud vahetada parooli. Võib-olla on vana parool valesti sisestatud.", - "Could not update the private key password." : "Ei suutnud uuendada privaatse võtme parooli.", - "The old password was not correct, please try again." : "Vana parool polnud õige, palun proovi uuesti.", - "The current log-in password was not correct, please try again." : "Praeguse sisselogimise parool polnud õige, palun proovi uuesti.", - "Private key password successfully updated." : "Privaatse võtme parool edukalt uuendatud.", - "File recovery settings updated" : "Faili taaste seaded uuendatud", - "Could not update file recovery" : "Ei suuda uuendada taastefaili", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Krüpteerimise rakend pole käivitatud. Võib-olla krüpteerimise rakend taaskäivitati sinu sessiooni kestel. Palun proovi logida välja ning uuesti sisse käivitamaks krüpteerimise rakendit.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Sinu provaatne võti pole kehtiv! Tõenäoliselt mudueti parooli väljaspool kausta %s (nt. sinu ettevõtte kaust). Sa saad uuendada oma privaatse võtme parooli oma isiklikes seadetes, et taastada ligipääs sinu krüpteeritud failidele.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Sa ei saa seda faili dekrüpteerida, see on tõenäoliselt jagatud fail. Palun lase omanikul seda faili sinuga uuesti jagada.", - "Unknown error. Please check your system settings or contact your administrator" : "Tundmatu viga. Palun võta ühendust oma administraatoriga.", - "Initial encryption started... This can take some time. Please wait." : "Algne krüpteerimine käivitati... See võib võtta natuke aega. Palun oota.", - "Initial encryption running... Please try again later." : "Toimub esmane krüpteerimine... Palun proovi hiljem uuesti.", - "Missing requirements." : "Nõutavad on puudu.", - "Following users are not set up for encryption:" : "Järgmised kasutajad pole seadistatud krüpteeringuks:", - "Go directly to your %spersonal settings%s." : "Liigi otse oma %s isiklike seadete %s juurde.", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Krüpteerimisrakend on lubatud, kuid võtmeid pole lähtestatud. Palun logi välja ning uuesti sisse.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Luba taastevõti (võimalda kasutaja failide taastamine parooli kaotuse puhul):", - "Recovery key password" : "Taastevõtme parool", - "Repeat Recovery key password" : "Korda taastevõtme parooli", - "Enabled" : "Sisse lülitatud", - "Disabled" : "Väljalülitatud", - "Change recovery key password:" : "Muuda taastevõtme parooli:", - "Old Recovery key password" : "Vana taastevõtme parool", - "New Recovery key password" : "Uus taastevõtme parool", - "Repeat New Recovery key password" : "Korda uut taastevõtme parooli", - "Change Password" : "Muuda parooli", - "Your private key password no longer matches your log-in password." : "Sinu provaatvõtme parool ei kattu enam sinu sisselogimise parooliga.", - "Set your old private key password to your current log-in password:" : "Pane oma vana privaatvõtme parooliks oma praegune sisselogimise parool.", - " If you don't remember your old password you can ask your administrator to recover your files." : "Kui sa ei mäleta oma vana parooli, siis palu oma süsteemihalduril taastada ligipääs failidele.", - "Old log-in password" : "Vana sisselogimise parool", - "Current log-in password" : "Praegune sisselogimise parool", - "Update Private Key Password" : "Uuenda privaatse võtme parooli", - "Enable password recovery:" : "Luba parooli taaste:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Valiku lubamine võimaldab taastada ligipääsu krüpteeritud failidele kui parooli kaotuse puhul" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/et_EE.json b/apps/files_encryption/l10n/et_EE.json deleted file mode 100644 index c63c9e40e9..0000000000 --- a/apps/files_encryption/l10n/et_EE.json +++ /dev/null @@ -1,49 +0,0 @@ -{ "translations": { - "Unknown error" : "Tundmatu viga", - "Missing recovery key password" : "Muuda taastevõtme parool", - "Please repeat the recovery key password" : "Palun korda uut taastevõtme parooli", - "Repeated recovery key password does not match the provided recovery key password" : "Lahtritesse sisestatud taastevõtme paroolid ei kattu", - "Recovery key successfully enabled" : "Taastevõtme lubamine õnnestus", - "Could not disable recovery key. Please check your recovery key password!" : "Ei suuda keelata taastevõtit. Palun kontrolli oma taastevõtme parooli!", - "Recovery key successfully disabled" : "Taastevõtme keelamine õnnestus", - "Please provide the old recovery password" : "Palun sisesta vana taastevõtme parool", - "Please provide a new recovery password" : "Palun sisesta uus taastevõtme parool", - "Please repeat the new recovery password" : "Palun korda uut taastevõtme parooli", - "Password successfully changed." : "Parool edukalt vahetatud.", - "Could not change the password. Maybe the old password was not correct." : "Ei suutnud vahetada parooli. Võib-olla on vana parool valesti sisestatud.", - "Could not update the private key password." : "Ei suutnud uuendada privaatse võtme parooli.", - "The old password was not correct, please try again." : "Vana parool polnud õige, palun proovi uuesti.", - "The current log-in password was not correct, please try again." : "Praeguse sisselogimise parool polnud õige, palun proovi uuesti.", - "Private key password successfully updated." : "Privaatse võtme parool edukalt uuendatud.", - "File recovery settings updated" : "Faili taaste seaded uuendatud", - "Could not update file recovery" : "Ei suuda uuendada taastefaili", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Krüpteerimise rakend pole käivitatud. Võib-olla krüpteerimise rakend taaskäivitati sinu sessiooni kestel. Palun proovi logida välja ning uuesti sisse käivitamaks krüpteerimise rakendit.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Sinu provaatne võti pole kehtiv! Tõenäoliselt mudueti parooli väljaspool kausta %s (nt. sinu ettevõtte kaust). Sa saad uuendada oma privaatse võtme parooli oma isiklikes seadetes, et taastada ligipääs sinu krüpteeritud failidele.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Sa ei saa seda faili dekrüpteerida, see on tõenäoliselt jagatud fail. Palun lase omanikul seda faili sinuga uuesti jagada.", - "Unknown error. Please check your system settings or contact your administrator" : "Tundmatu viga. Palun võta ühendust oma administraatoriga.", - "Initial encryption started... This can take some time. Please wait." : "Algne krüpteerimine käivitati... See võib võtta natuke aega. Palun oota.", - "Initial encryption running... Please try again later." : "Toimub esmane krüpteerimine... Palun proovi hiljem uuesti.", - "Missing requirements." : "Nõutavad on puudu.", - "Following users are not set up for encryption:" : "Järgmised kasutajad pole seadistatud krüpteeringuks:", - "Go directly to your %spersonal settings%s." : "Liigi otse oma %s isiklike seadete %s juurde.", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Krüpteerimisrakend on lubatud, kuid võtmeid pole lähtestatud. Palun logi välja ning uuesti sisse.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Luba taastevõti (võimalda kasutaja failide taastamine parooli kaotuse puhul):", - "Recovery key password" : "Taastevõtme parool", - "Repeat Recovery key password" : "Korda taastevõtme parooli", - "Enabled" : "Sisse lülitatud", - "Disabled" : "Väljalülitatud", - "Change recovery key password:" : "Muuda taastevõtme parooli:", - "Old Recovery key password" : "Vana taastevõtme parool", - "New Recovery key password" : "Uus taastevõtme parool", - "Repeat New Recovery key password" : "Korda uut taastevõtme parooli", - "Change Password" : "Muuda parooli", - "Your private key password no longer matches your log-in password." : "Sinu provaatvõtme parool ei kattu enam sinu sisselogimise parooliga.", - "Set your old private key password to your current log-in password:" : "Pane oma vana privaatvõtme parooliks oma praegune sisselogimise parool.", - " If you don't remember your old password you can ask your administrator to recover your files." : "Kui sa ei mäleta oma vana parooli, siis palu oma süsteemihalduril taastada ligipääs failidele.", - "Old log-in password" : "Vana sisselogimise parool", - "Current log-in password" : "Praegune sisselogimise parool", - "Update Private Key Password" : "Uuenda privaatse võtme parooli", - "Enable password recovery:" : "Luba parooli taaste:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Valiku lubamine võimaldab taastada ligipääsu krüpteeritud failidele kui parooli kaotuse puhul" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/eu.js b/apps/files_encryption/l10n/eu.js deleted file mode 100644 index d1d1b55f73..0000000000 --- a/apps/files_encryption/l10n/eu.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Errore ezezaguna", - "Missing recovery key password" : "Berreskurapen gakoaren pasahitza falta da", - "Please repeat the recovery key password" : "Mesedez errepikatu berreskuratze gakoaren pasahitza", - "Repeated recovery key password does not match the provided recovery key password" : "Errepikatutako berreskuratze gakoaren pasahitza ez dator bat berreskuratze gakoaren pasahitzarekin", - "Recovery key successfully enabled" : "Berreskuratze gakoa behar bezala gaitua", - "Could not disable recovery key. Please check your recovery key password!" : "Ezin da berreskuratze gako desgaitu. Egiaztatu berreskuratze gako pasahitza!", - "Recovery key successfully disabled" : "Berreskuratze gakoa behar bezala desgaitu da", - "Please provide the old recovery password" : "Mesedez sartu berreskuratze pasahitz zaharra", - "Please provide a new recovery password" : "Mesedez sartu berreskuratze pasahitz berria", - "Please repeat the new recovery password" : "Mesedez errepikatu berreskuratze pasahitz berria", - "Password successfully changed." : "Pasahitza behar bezala aldatu da.", - "Could not change the password. Maybe the old password was not correct." : "Ezin izan da pasahitza aldatu. Agian pasahitz zaharra okerrekoa da.", - "Could not update the private key password." : "Ezin izan da gako pribatu pasahitza eguneratu. ", - "The old password was not correct, please try again." : "Pasahitz zaharra ez da egokia. Mesedez, saiatu berriro.", - "The current log-in password was not correct, please try again." : "Oraingo pasahitza ez da egokia. Mesedez, saiatu berriro.", - "Private key password successfully updated." : "Gako pasahitz pribatu behar bezala eguneratu da.", - "File recovery settings updated" : "Fitxategi berreskuratze ezarpenak eguneratuak", - "Could not update file recovery" : "Ezin da fitxategi berreskuratzea eguneratu", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Enkriptazio aplikazioa ez dago hasieratuta! Agian aplikazioa birgaitu egin da zure saioa bitartean. Mesdez atear eta sartu berriz enkriptazio aplikazioa hasierarazteko.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Zure gako pribatua ez da egokia! Seguruaski zure pasahitza %s-tik kanpo aldatu da (adb. zure direktorio korporatiboa). Zure gako pribatuaren pasahitza eguneratu dezakezu zure ezarpen pertsonaletan zure enkriptatutako fitxategiak berreskuratzeko.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Ezin izan da fitxategi hau deszifratu, ziurrenik elkarbanatutako fitxategi bat da. Mesdez, eskatu fitxategiaren jabeari fitxategia zurekin berriz elkarbana dezan.", - "Unknown error. Please check your system settings or contact your administrator" : "Errore ezezaguna. Mesedez, egiaztatu zure sistemaren ezarpenak edo jarri zure administrariarekin kontaktuan.", - "Initial encryption started... This can take some time. Please wait." : "Hasierako enkriptazioa hasi da... Honek denbora har dezake. Mesedez itxaron.", - "Initial encryption running... Please try again later." : "Hasierako enkriptaketa abian... mesedez, saiatu beranduago.", - "Missing requirements." : "Eskakizun batzuk ez dira betetzen.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Mesedez ziurtatu OpenSSL eta PHP hedapena instaltuta eta ongi konfiguratuta daudela. Oraingoz enkriptazio aplikazioa desgaitua izan da.", - "Following users are not set up for encryption:" : "Hurrengo erabiltzaileak ez daude enktriptatzeko konfiguratutak:", - "Go directly to your %spersonal settings%s." : "Joan zuzenean zure %sezarpen pertsonaletara%s.", - "Server-side Encryption" : "Zerbitzari aldeko enkriptazioa", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Enkriptazio aplikazioa gaituta dago baina zure gakoak ez daude konfiguratuta, mesedez saioa bukatu eta berriro hasi", - "Enable recovery key (allow to recover users files in case of password loss):" : "Gaitu berreskurapen gakoa (erabiltzaileen fitxategiak berreskuratzea ahalbidetzen du pasahitza galtzen badute ere):", - "Recovery key password" : "Berreskuratze gako pasahitza", - "Repeat Recovery key password" : "Errepikatu berreskuratze gakoaren pasahitza", - "Enabled" : "Gaitua", - "Disabled" : "Ez-gaitua", - "Change recovery key password:" : "Aldatu berreskuratze gako pasahitza:", - "Old Recovery key password" : "Berreskuratze gako pasahitz zaharra", - "New Recovery key password" : "Berreskuratze gako pasahitz berria", - "Repeat New Recovery key password" : "Errepikatu berreskuratze gako berriaren pasahitza", - "Change Password" : "Aldatu Pasahitza", - "Your private key password no longer matches your log-in password." : "Zure gako pasahitza pribatua ez da dagoeneko bat etortzen zure sartzeko pasahitzarekin.", - "Set your old private key password to your current log-in password:" : "Ezarri zure gako pasahitz zaharra orain duzun sartzeko pasahitzan:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Ez baduzu zure pasahitz zaharra gogoratzen eskatu zure administratzaileari zure fitxategiak berreskuratzeko.", - "Old log-in password" : "Sartzeko pasahitz zaharra", - "Current log-in password" : "Sartzeko oraingo pasahitza", - "Update Private Key Password" : "Eguneratu gako pasahitza pribatua", - "Enable password recovery:" : "Gaitu pasahitzaren berreskuratzea:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Aukera hau gaituz zure enkriptatutako fitxategiak berreskuratu ahal izango dituzu pasahitza galtzekotan" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/eu.json b/apps/files_encryption/l10n/eu.json deleted file mode 100644 index 3bd66a039f..0000000000 --- a/apps/files_encryption/l10n/eu.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Errore ezezaguna", - "Missing recovery key password" : "Berreskurapen gakoaren pasahitza falta da", - "Please repeat the recovery key password" : "Mesedez errepikatu berreskuratze gakoaren pasahitza", - "Repeated recovery key password does not match the provided recovery key password" : "Errepikatutako berreskuratze gakoaren pasahitza ez dator bat berreskuratze gakoaren pasahitzarekin", - "Recovery key successfully enabled" : "Berreskuratze gakoa behar bezala gaitua", - "Could not disable recovery key. Please check your recovery key password!" : "Ezin da berreskuratze gako desgaitu. Egiaztatu berreskuratze gako pasahitza!", - "Recovery key successfully disabled" : "Berreskuratze gakoa behar bezala desgaitu da", - "Please provide the old recovery password" : "Mesedez sartu berreskuratze pasahitz zaharra", - "Please provide a new recovery password" : "Mesedez sartu berreskuratze pasahitz berria", - "Please repeat the new recovery password" : "Mesedez errepikatu berreskuratze pasahitz berria", - "Password successfully changed." : "Pasahitza behar bezala aldatu da.", - "Could not change the password. Maybe the old password was not correct." : "Ezin izan da pasahitza aldatu. Agian pasahitz zaharra okerrekoa da.", - "Could not update the private key password." : "Ezin izan da gako pribatu pasahitza eguneratu. ", - "The old password was not correct, please try again." : "Pasahitz zaharra ez da egokia. Mesedez, saiatu berriro.", - "The current log-in password was not correct, please try again." : "Oraingo pasahitza ez da egokia. Mesedez, saiatu berriro.", - "Private key password successfully updated." : "Gako pasahitz pribatu behar bezala eguneratu da.", - "File recovery settings updated" : "Fitxategi berreskuratze ezarpenak eguneratuak", - "Could not update file recovery" : "Ezin da fitxategi berreskuratzea eguneratu", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Enkriptazio aplikazioa ez dago hasieratuta! Agian aplikazioa birgaitu egin da zure saioa bitartean. Mesdez atear eta sartu berriz enkriptazio aplikazioa hasierarazteko.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Zure gako pribatua ez da egokia! Seguruaski zure pasahitza %s-tik kanpo aldatu da (adb. zure direktorio korporatiboa). Zure gako pribatuaren pasahitza eguneratu dezakezu zure ezarpen pertsonaletan zure enkriptatutako fitxategiak berreskuratzeko.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Ezin izan da fitxategi hau deszifratu, ziurrenik elkarbanatutako fitxategi bat da. Mesdez, eskatu fitxategiaren jabeari fitxategia zurekin berriz elkarbana dezan.", - "Unknown error. Please check your system settings or contact your administrator" : "Errore ezezaguna. Mesedez, egiaztatu zure sistemaren ezarpenak edo jarri zure administrariarekin kontaktuan.", - "Initial encryption started... This can take some time. Please wait." : "Hasierako enkriptazioa hasi da... Honek denbora har dezake. Mesedez itxaron.", - "Initial encryption running... Please try again later." : "Hasierako enkriptaketa abian... mesedez, saiatu beranduago.", - "Missing requirements." : "Eskakizun batzuk ez dira betetzen.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Mesedez ziurtatu OpenSSL eta PHP hedapena instaltuta eta ongi konfiguratuta daudela. Oraingoz enkriptazio aplikazioa desgaitua izan da.", - "Following users are not set up for encryption:" : "Hurrengo erabiltzaileak ez daude enktriptatzeko konfiguratutak:", - "Go directly to your %spersonal settings%s." : "Joan zuzenean zure %sezarpen pertsonaletara%s.", - "Server-side Encryption" : "Zerbitzari aldeko enkriptazioa", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Enkriptazio aplikazioa gaituta dago baina zure gakoak ez daude konfiguratuta, mesedez saioa bukatu eta berriro hasi", - "Enable recovery key (allow to recover users files in case of password loss):" : "Gaitu berreskurapen gakoa (erabiltzaileen fitxategiak berreskuratzea ahalbidetzen du pasahitza galtzen badute ere):", - "Recovery key password" : "Berreskuratze gako pasahitza", - "Repeat Recovery key password" : "Errepikatu berreskuratze gakoaren pasahitza", - "Enabled" : "Gaitua", - "Disabled" : "Ez-gaitua", - "Change recovery key password:" : "Aldatu berreskuratze gako pasahitza:", - "Old Recovery key password" : "Berreskuratze gako pasahitz zaharra", - "New Recovery key password" : "Berreskuratze gako pasahitz berria", - "Repeat New Recovery key password" : "Errepikatu berreskuratze gako berriaren pasahitza", - "Change Password" : "Aldatu Pasahitza", - "Your private key password no longer matches your log-in password." : "Zure gako pasahitza pribatua ez da dagoeneko bat etortzen zure sartzeko pasahitzarekin.", - "Set your old private key password to your current log-in password:" : "Ezarri zure gako pasahitz zaharra orain duzun sartzeko pasahitzan:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Ez baduzu zure pasahitz zaharra gogoratzen eskatu zure administratzaileari zure fitxategiak berreskuratzeko.", - "Old log-in password" : "Sartzeko pasahitz zaharra", - "Current log-in password" : "Sartzeko oraingo pasahitza", - "Update Private Key Password" : "Eguneratu gako pasahitza pribatua", - "Enable password recovery:" : "Gaitu pasahitzaren berreskuratzea:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Aukera hau gaituz zure enkriptatutako fitxategiak berreskuratu ahal izango dituzu pasahitza galtzekotan" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/fa.js b/apps/files_encryption/l10n/fa.js deleted file mode 100644 index e05d6e4d3a..0000000000 --- a/apps/files_encryption/l10n/fa.js +++ /dev/null @@ -1,30 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "خطای نامشخص", - "Recovery key successfully enabled" : "کلید بازیابی با موفقیت فعال شده است.", - "Could not disable recovery key. Please check your recovery key password!" : "کلید بازیابی را نمی تواند غیرفعال نماید. لطفا رمزعبور کلید بازیابی خود را بررسی کنید!", - "Recovery key successfully disabled" : "کلید بازیابی با موفقیت غیر فعال شده است.", - "Password successfully changed." : "رمزعبور با موفقیت تغییر یافت.", - "Could not change the password. Maybe the old password was not correct." : "رمزعبور را نمیتواند تغییر دهد. شاید رمزعبورقدیمی صحیح نمی باشد.", - "Private key password successfully updated." : "رمزعبور کلید خصوصی با موفقیت به روز شد.", - "File recovery settings updated" : "تنظیمات بازیابی فایل به روز شده است.", - "Could not update file recovery" : "به روز رسانی بازیابی فایل را نمی تواند انجام دهد.", - "Missing requirements." : "نیازمندی های گمشده", - "Following users are not set up for encryption:" : "کاربران زیر برای رمزنگاری تنظیم نشده اند", - "Enable recovery key (allow to recover users files in case of password loss):" : "فعال کردن کلید بازیابی(اجازه بازیابی فایل های کاربران در صورت از دست دادن رمزعبور):", - "Recovery key password" : "رمزعبور کلید بازیابی", - "Enabled" : "فعال شده", - "Disabled" : "غیرفعال شده", - "Change recovery key password:" : "تغییر رمزعبور کلید بازیابی:", - "Old Recovery key password" : "رمزعبور قدیمی کلید بازیابی ", - "New Recovery key password" : "رمزعبور جدید کلید بازیابی", - "Change Password" : "تغییر رمزعبور", - " If you don't remember your old password you can ask your administrator to recover your files." : "اگر رمزعبور قدیمی را فراموش کرده اید میتوانید از مدیر خود برای بازیابی فایل هایتان درخواست نمایید.", - "Old log-in password" : "رمزعبور قدیمی", - "Current log-in password" : "رمزعبور فعلی", - "Update Private Key Password" : "به روز رسانی رمزعبور کلید خصوصی", - "Enable password recovery:" : "فعال سازی بازیابی رمزعبور:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "فعال کردن این گزینه به شما اجازه خواهد داد در صورت از دست دادن رمزعبور به فایل های رمزگذاری شده خود دسترسی داشته باشید." -}, -"nplurals=1; plural=0;"); diff --git a/apps/files_encryption/l10n/fa.json b/apps/files_encryption/l10n/fa.json deleted file mode 100644 index f048a93c1a..0000000000 --- a/apps/files_encryption/l10n/fa.json +++ /dev/null @@ -1,28 +0,0 @@ -{ "translations": { - "Unknown error" : "خطای نامشخص", - "Recovery key successfully enabled" : "کلید بازیابی با موفقیت فعال شده است.", - "Could not disable recovery key. Please check your recovery key password!" : "کلید بازیابی را نمی تواند غیرفعال نماید. لطفا رمزعبور کلید بازیابی خود را بررسی کنید!", - "Recovery key successfully disabled" : "کلید بازیابی با موفقیت غیر فعال شده است.", - "Password successfully changed." : "رمزعبور با موفقیت تغییر یافت.", - "Could not change the password. Maybe the old password was not correct." : "رمزعبور را نمیتواند تغییر دهد. شاید رمزعبورقدیمی صحیح نمی باشد.", - "Private key password successfully updated." : "رمزعبور کلید خصوصی با موفقیت به روز شد.", - "File recovery settings updated" : "تنظیمات بازیابی فایل به روز شده است.", - "Could not update file recovery" : "به روز رسانی بازیابی فایل را نمی تواند انجام دهد.", - "Missing requirements." : "نیازمندی های گمشده", - "Following users are not set up for encryption:" : "کاربران زیر برای رمزنگاری تنظیم نشده اند", - "Enable recovery key (allow to recover users files in case of password loss):" : "فعال کردن کلید بازیابی(اجازه بازیابی فایل های کاربران در صورت از دست دادن رمزعبور):", - "Recovery key password" : "رمزعبور کلید بازیابی", - "Enabled" : "فعال شده", - "Disabled" : "غیرفعال شده", - "Change recovery key password:" : "تغییر رمزعبور کلید بازیابی:", - "Old Recovery key password" : "رمزعبور قدیمی کلید بازیابی ", - "New Recovery key password" : "رمزعبور جدید کلید بازیابی", - "Change Password" : "تغییر رمزعبور", - " If you don't remember your old password you can ask your administrator to recover your files." : "اگر رمزعبور قدیمی را فراموش کرده اید میتوانید از مدیر خود برای بازیابی فایل هایتان درخواست نمایید.", - "Old log-in password" : "رمزعبور قدیمی", - "Current log-in password" : "رمزعبور فعلی", - "Update Private Key Password" : "به روز رسانی رمزعبور کلید خصوصی", - "Enable password recovery:" : "فعال سازی بازیابی رمزعبور:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "فعال کردن این گزینه به شما اجازه خواهد داد در صورت از دست دادن رمزعبور به فایل های رمزگذاری شده خود دسترسی داشته باشید." -},"pluralForm" :"nplurals=1; plural=0;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/fi_FI.js b/apps/files_encryption/l10n/fi_FI.js deleted file mode 100644 index d72e2da452..0000000000 --- a/apps/files_encryption/l10n/fi_FI.js +++ /dev/null @@ -1,51 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Tuntematon virhe", - "Missing recovery key password" : "Palautusavaimen salasana puuttuu", - "Please repeat the recovery key password" : "Toista palautusavaimen salasana", - "Repeated recovery key password does not match the provided recovery key password" : "Toistamiseen annettu palautusavaimen salasana ei täsmää annettua palautusavaimen salasanaa", - "Recovery key successfully enabled" : "Palautusavain kytketty päälle onnistuneesti", - "Could not disable recovery key. Please check your recovery key password!" : "Palautusavaimen poistaminen käytöstä ei onnistunut. Tarkista palautusavaimesi salasana!", - "Recovery key successfully disabled" : "Palautusavain poistettu onnistuneesti käytöstä", - "Please provide the old recovery password" : "Anna vanha palautussalasana", - "Please provide a new recovery password" : "Anna uusi palautussalasana", - "Please repeat the new recovery password" : "Toista uusi palautussalasana", - "Password successfully changed." : "Salasana vaihdettiin onnistuneesti.", - "Could not change the password. Maybe the old password was not correct." : "Salasanan vaihto epäonnistui. Kenties vanha salasana oli väärin.", - "Could not update the private key password." : "Yksityisen avaimen salasanaa ei voitu päivittää.", - "The old password was not correct, please try again." : "Vanha salasana oli väärin, yritä uudelleen.", - "The current log-in password was not correct, please try again." : "Nykyinen kirjautumissalasana ei ollut oikein, yritä uudelleen.", - "Private key password successfully updated." : "Yksityisen avaimen salasana päivitetty onnistuneesti.", - "File recovery settings updated" : "Tiedostopalautuksen asetukset päivitetty", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Salaussovellusta ei ole käynnissä! Kenties salaussovellus otettiin uudelleen käyttöön nykyisen istuntosi aikana. Kirjaudu ulos ja takaisin sisään saadaksesi salaussovelluksen käyttöön.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Tämän tiedoston salauksen purkaminen ei onnistu. Kyseessä on luultavasti jaettu tiedosto. Pyydä tiedoston omistajaa jakamaan tiedosto kanssasi uudelleen.", - "Unknown error. Please check your system settings or contact your administrator" : "Tuntematon virhe. Tarkista järjestelmän asetukset tai ole yhteydessä ylläpitäjään.", - "Initial encryption started... This can take some time. Please wait." : "Ensimmäinen salauskerta käynnistetty... Tämä saattaa kestää hetken.", - "Initial encryption running... Please try again later." : "Ensimmäinen salauskerta on meneillään... Yritä myöhemmin uudelleen.", - "Missing requirements." : "Puuttuvat vaatimukset.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Varmista, että OpenSSL ja PHP-laajennus ovat käytössä ja niiden asetukset ovat oikein. Salaussovellus on poistettu toistaiseksi käytöstä.", - "Following users are not set up for encryption:" : "Seuraavat käyttäjät eivät ole määrittäneet salausta:", - "Go directly to your %spersonal settings%s." : "Siirry suoraan %shenkilökohtaisiin asetuksiisi%s.", - "Server-side Encryption" : "Palvelinpuolen salaus", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Salaussovellus on käytössä, mutta salausavaimia ei ole alustettu. Ole hyvä ja kirjaudu sisään uudelleen.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Käytä palautusavainta (salli käyttäjien tiedostojen palauttaminen, jos heidän salasana unohtuu):", - "Recovery key password" : "Palautusavaimen salasana", - "Repeat Recovery key password" : "Toista palautusavaimen salasana", - "Enabled" : "Käytössä", - "Disabled" : "Ei käytössä", - "Change recovery key password:" : "Vaihda palautusavaimen salasana:", - "Old Recovery key password" : "Vanha palautusavaimen salasana", - "New Recovery key password" : "Uusi palautusavaimen salasana", - "Repeat New Recovery key password" : "Toista uusi palautusavaimen salasana", - "Change Password" : "Vaihda salasana", - "Your private key password no longer matches your log-in password." : "Salaisen avaimesi salasana ei enää vastaa kirjautumissalasanaasi.", - "Set your old private key password to your current log-in password:" : "Aseta yksityisen avaimen vanha salasana vastaamaan nykyistä kirjautumissalasanaasi:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Jos et muista vanhaa salasanaasi, voit pyytää ylläpitäjää palauttamaan tiedostosi.", - "Old log-in password" : "Vanha kirjautumissalasana", - "Current log-in password" : "Nykyinen kirjautumissalasana", - "Update Private Key Password" : "Päivitä yksityisen avaimen salasana", - "Enable password recovery:" : "Ota salasanan palautus käyttöön:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Tämän valinnan käyttäminen mahdollistaa pääsyn salattuihin tiedostoihisi, jos salasana unohtuu" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/fi_FI.json b/apps/files_encryption/l10n/fi_FI.json deleted file mode 100644 index 2b0d92dfd5..0000000000 --- a/apps/files_encryption/l10n/fi_FI.json +++ /dev/null @@ -1,49 +0,0 @@ -{ "translations": { - "Unknown error" : "Tuntematon virhe", - "Missing recovery key password" : "Palautusavaimen salasana puuttuu", - "Please repeat the recovery key password" : "Toista palautusavaimen salasana", - "Repeated recovery key password does not match the provided recovery key password" : "Toistamiseen annettu palautusavaimen salasana ei täsmää annettua palautusavaimen salasanaa", - "Recovery key successfully enabled" : "Palautusavain kytketty päälle onnistuneesti", - "Could not disable recovery key. Please check your recovery key password!" : "Palautusavaimen poistaminen käytöstä ei onnistunut. Tarkista palautusavaimesi salasana!", - "Recovery key successfully disabled" : "Palautusavain poistettu onnistuneesti käytöstä", - "Please provide the old recovery password" : "Anna vanha palautussalasana", - "Please provide a new recovery password" : "Anna uusi palautussalasana", - "Please repeat the new recovery password" : "Toista uusi palautussalasana", - "Password successfully changed." : "Salasana vaihdettiin onnistuneesti.", - "Could not change the password. Maybe the old password was not correct." : "Salasanan vaihto epäonnistui. Kenties vanha salasana oli väärin.", - "Could not update the private key password." : "Yksityisen avaimen salasanaa ei voitu päivittää.", - "The old password was not correct, please try again." : "Vanha salasana oli väärin, yritä uudelleen.", - "The current log-in password was not correct, please try again." : "Nykyinen kirjautumissalasana ei ollut oikein, yritä uudelleen.", - "Private key password successfully updated." : "Yksityisen avaimen salasana päivitetty onnistuneesti.", - "File recovery settings updated" : "Tiedostopalautuksen asetukset päivitetty", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Salaussovellusta ei ole käynnissä! Kenties salaussovellus otettiin uudelleen käyttöön nykyisen istuntosi aikana. Kirjaudu ulos ja takaisin sisään saadaksesi salaussovelluksen käyttöön.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Tämän tiedoston salauksen purkaminen ei onnistu. Kyseessä on luultavasti jaettu tiedosto. Pyydä tiedoston omistajaa jakamaan tiedosto kanssasi uudelleen.", - "Unknown error. Please check your system settings or contact your administrator" : "Tuntematon virhe. Tarkista järjestelmän asetukset tai ole yhteydessä ylläpitäjään.", - "Initial encryption started... This can take some time. Please wait." : "Ensimmäinen salauskerta käynnistetty... Tämä saattaa kestää hetken.", - "Initial encryption running... Please try again later." : "Ensimmäinen salauskerta on meneillään... Yritä myöhemmin uudelleen.", - "Missing requirements." : "Puuttuvat vaatimukset.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Varmista, että OpenSSL ja PHP-laajennus ovat käytössä ja niiden asetukset ovat oikein. Salaussovellus on poistettu toistaiseksi käytöstä.", - "Following users are not set up for encryption:" : "Seuraavat käyttäjät eivät ole määrittäneet salausta:", - "Go directly to your %spersonal settings%s." : "Siirry suoraan %shenkilökohtaisiin asetuksiisi%s.", - "Server-side Encryption" : "Palvelinpuolen salaus", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Salaussovellus on käytössä, mutta salausavaimia ei ole alustettu. Ole hyvä ja kirjaudu sisään uudelleen.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Käytä palautusavainta (salli käyttäjien tiedostojen palauttaminen, jos heidän salasana unohtuu):", - "Recovery key password" : "Palautusavaimen salasana", - "Repeat Recovery key password" : "Toista palautusavaimen salasana", - "Enabled" : "Käytössä", - "Disabled" : "Ei käytössä", - "Change recovery key password:" : "Vaihda palautusavaimen salasana:", - "Old Recovery key password" : "Vanha palautusavaimen salasana", - "New Recovery key password" : "Uusi palautusavaimen salasana", - "Repeat New Recovery key password" : "Toista uusi palautusavaimen salasana", - "Change Password" : "Vaihda salasana", - "Your private key password no longer matches your log-in password." : "Salaisen avaimesi salasana ei enää vastaa kirjautumissalasanaasi.", - "Set your old private key password to your current log-in password:" : "Aseta yksityisen avaimen vanha salasana vastaamaan nykyistä kirjautumissalasanaasi:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Jos et muista vanhaa salasanaasi, voit pyytää ylläpitäjää palauttamaan tiedostosi.", - "Old log-in password" : "Vanha kirjautumissalasana", - "Current log-in password" : "Nykyinen kirjautumissalasana", - "Update Private Key Password" : "Päivitä yksityisen avaimen salasana", - "Enable password recovery:" : "Ota salasanan palautus käyttöön:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Tämän valinnan käyttäminen mahdollistaa pääsyn salattuihin tiedostoihisi, jos salasana unohtuu" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/fr.js b/apps/files_encryption/l10n/fr.js deleted file mode 100644 index 09ddd64cb4..0000000000 --- a/apps/files_encryption/l10n/fr.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Erreur Inconnue ", - "Missing recovery key password" : "Mot de passe de la clef de récupération manquant", - "Please repeat the recovery key password" : "Répétez le mot de passe de la clef de récupération", - "Repeated recovery key password does not match the provided recovery key password" : "Le mot de passe de la clef de récupération et sa répétition ne sont pas identiques.", - "Recovery key successfully enabled" : "Clef de récupération activée avec succès", - "Could not disable recovery key. Please check your recovery key password!" : "Impossible de désactiver la clef de récupération. Veuillez vérifier le mot de passe de votre clef de récupération !", - "Recovery key successfully disabled" : "Clef de récupération désactivée avec succès", - "Please provide the old recovery password" : "Veuillez entrer l'ancien mot de passe de récupération", - "Please provide a new recovery password" : "Veuillez entrer un nouveau mot de passe de récupération", - "Please repeat the new recovery password" : "Veuillez répéter le nouveau mot de passe de récupération", - "Password successfully changed." : "Mot de passe changé avec succès.", - "Could not change the password. Maybe the old password was not correct." : "Erreur lors du changement de mot de passe. L'ancien mot de passe est peut-être incorrect.", - "Could not update the private key password." : "Impossible de mettre à jour le mot de passe de la clef privée.", - "The old password was not correct, please try again." : "L'ancien mot de passe est incorrect. Veuillez réessayer.", - "The current log-in password was not correct, please try again." : "Le mot de passe actuel n'est pas correct, veuillez réessayer.", - "Private key password successfully updated." : "Mot de passe de la clef privée mis à jour avec succès.", - "File recovery settings updated" : "Paramètres de récupération de fichiers mis à jour", - "Could not update file recovery" : "Impossible de mettre à jour les fichiers de récupération", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "L'application de chiffrement n'est pas initialisée ! Peut-être que cette application a été réactivée pendant votre session. Veuillez essayer de vous déconnecter et ensuite de vous reconnecter pour initialiser l'application de chiffrement.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Votre clef privée n'est pas valide ! Votre mot de passe a probablement été modifié hors de %s (ex. votre annuaire d'entreprise). Vous pouvez mettre à jour le mot de passe de votre clef privée dans les paramètres personnels pour pouvoir récupérer l'accès à vos fichiers chiffrés.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Impossible de déchiffrer ce fichier : il s'agit probablement d'un fichier partagé. Veuillez demander au propriétaire du fichier de le partager à nouveau avec vous.", - "Unknown error. Please check your system settings or contact your administrator" : "Erreur inconnue. Veuillez vérifier vos paramètres système ou contacter un administrateur.", - "Initial encryption started... This can take some time. Please wait." : "Chiffrement initial démarré... Cela peut prendre un certain temps. Veuillez patienter.", - "Initial encryption running... Please try again later." : "Chiffrement initial en cours... Veuillez ré-essayer ultérieurement.", - "Missing requirements." : "Dépendances manquantes.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Merci de vous assurer que OpenSSL et son extension PHP sont activés et configurés correctement. Pour l'instant, l'application de chiffrement a été désactivée.", - "Following users are not set up for encryption:" : "Les utilisateurs suivants ne sont pas configurés pour le chiffrement :", - "Go directly to your %spersonal settings%s." : "Aller à %svos paramètres personnels%s.", - "Server-side Encryption" : "Chiffrement côté serveur", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "L'application de chiffrement est activée mais vos clefs ne sont pas initialisées. Veuillez vous déconnecter et ensuite vous reconnecter.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Activer la clef de récupération (permet de récupérer les fichiers des utilisateurs en cas de perte de mot de passe).", - "Recovery key password" : "Mot de passe de la clef de récupération", - "Repeat Recovery key password" : "Répétez le mot de passe de la clef de récupération", - "Enabled" : "Activé", - "Disabled" : "Désactivé", - "Change recovery key password:" : "Modifier le mot de passe de la clef de récupération :", - "Old Recovery key password" : "Ancien mot de passe de la clef de récupération", - "New Recovery key password" : "Nouveau mot de passe de la clef de récupération", - "Repeat New Recovery key password" : "Répétez le nouveau mot de passe de la clef de récupération", - "Change Password" : "Changer de mot de passe", - "Your private key password no longer matches your log-in password." : "Le mot de passe de votre clef privée ne correspond plus à votre mot de passe de connexion.", - "Set your old private key password to your current log-in password:" : "Faites de votre mot de passe de connexion le mot de passe de votre clef privée :", - " If you don't remember your old password you can ask your administrator to recover your files." : "Si vous ne vous souvenez plus de votre ancien mot de passe, vous pouvez demander à votre administrateur de récupérer vos fichiers.", - "Old log-in password" : "Ancien mot de passe de connexion", - "Current log-in password" : "Actuel mot de passe de connexion", - "Update Private Key Password" : "Mettre à jour le mot de passe de votre clef privée", - "Enable password recovery:" : "Activer la récupération du mot de passe :", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Activer cette option vous permettra d'obtenir à nouveau l'accès à vos fichiers chiffrés en cas de perte de mot de passe" -}, -"nplurals=2; plural=(n > 1);"); diff --git a/apps/files_encryption/l10n/fr.json b/apps/files_encryption/l10n/fr.json deleted file mode 100644 index 3b43987225..0000000000 --- a/apps/files_encryption/l10n/fr.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Erreur Inconnue ", - "Missing recovery key password" : "Mot de passe de la clef de récupération manquant", - "Please repeat the recovery key password" : "Répétez le mot de passe de la clef de récupération", - "Repeated recovery key password does not match the provided recovery key password" : "Le mot de passe de la clef de récupération et sa répétition ne sont pas identiques.", - "Recovery key successfully enabled" : "Clef de récupération activée avec succès", - "Could not disable recovery key. Please check your recovery key password!" : "Impossible de désactiver la clef de récupération. Veuillez vérifier le mot de passe de votre clef de récupération !", - "Recovery key successfully disabled" : "Clef de récupération désactivée avec succès", - "Please provide the old recovery password" : "Veuillez entrer l'ancien mot de passe de récupération", - "Please provide a new recovery password" : "Veuillez entrer un nouveau mot de passe de récupération", - "Please repeat the new recovery password" : "Veuillez répéter le nouveau mot de passe de récupération", - "Password successfully changed." : "Mot de passe changé avec succès.", - "Could not change the password. Maybe the old password was not correct." : "Erreur lors du changement de mot de passe. L'ancien mot de passe est peut-être incorrect.", - "Could not update the private key password." : "Impossible de mettre à jour le mot de passe de la clef privée.", - "The old password was not correct, please try again." : "L'ancien mot de passe est incorrect. Veuillez réessayer.", - "The current log-in password was not correct, please try again." : "Le mot de passe actuel n'est pas correct, veuillez réessayer.", - "Private key password successfully updated." : "Mot de passe de la clef privée mis à jour avec succès.", - "File recovery settings updated" : "Paramètres de récupération de fichiers mis à jour", - "Could not update file recovery" : "Impossible de mettre à jour les fichiers de récupération", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "L'application de chiffrement n'est pas initialisée ! Peut-être que cette application a été réactivée pendant votre session. Veuillez essayer de vous déconnecter et ensuite de vous reconnecter pour initialiser l'application de chiffrement.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Votre clef privée n'est pas valide ! Votre mot de passe a probablement été modifié hors de %s (ex. votre annuaire d'entreprise). Vous pouvez mettre à jour le mot de passe de votre clef privée dans les paramètres personnels pour pouvoir récupérer l'accès à vos fichiers chiffrés.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Impossible de déchiffrer ce fichier : il s'agit probablement d'un fichier partagé. Veuillez demander au propriétaire du fichier de le partager à nouveau avec vous.", - "Unknown error. Please check your system settings or contact your administrator" : "Erreur inconnue. Veuillez vérifier vos paramètres système ou contacter un administrateur.", - "Initial encryption started... This can take some time. Please wait." : "Chiffrement initial démarré... Cela peut prendre un certain temps. Veuillez patienter.", - "Initial encryption running... Please try again later." : "Chiffrement initial en cours... Veuillez ré-essayer ultérieurement.", - "Missing requirements." : "Dépendances manquantes.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Merci de vous assurer que OpenSSL et son extension PHP sont activés et configurés correctement. Pour l'instant, l'application de chiffrement a été désactivée.", - "Following users are not set up for encryption:" : "Les utilisateurs suivants ne sont pas configurés pour le chiffrement :", - "Go directly to your %spersonal settings%s." : "Aller à %svos paramètres personnels%s.", - "Server-side Encryption" : "Chiffrement côté serveur", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "L'application de chiffrement est activée mais vos clefs ne sont pas initialisées. Veuillez vous déconnecter et ensuite vous reconnecter.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Activer la clef de récupération (permet de récupérer les fichiers des utilisateurs en cas de perte de mot de passe).", - "Recovery key password" : "Mot de passe de la clef de récupération", - "Repeat Recovery key password" : "Répétez le mot de passe de la clef de récupération", - "Enabled" : "Activé", - "Disabled" : "Désactivé", - "Change recovery key password:" : "Modifier le mot de passe de la clef de récupération :", - "Old Recovery key password" : "Ancien mot de passe de la clef de récupération", - "New Recovery key password" : "Nouveau mot de passe de la clef de récupération", - "Repeat New Recovery key password" : "Répétez le nouveau mot de passe de la clef de récupération", - "Change Password" : "Changer de mot de passe", - "Your private key password no longer matches your log-in password." : "Le mot de passe de votre clef privée ne correspond plus à votre mot de passe de connexion.", - "Set your old private key password to your current log-in password:" : "Faites de votre mot de passe de connexion le mot de passe de votre clef privée :", - " If you don't remember your old password you can ask your administrator to recover your files." : "Si vous ne vous souvenez plus de votre ancien mot de passe, vous pouvez demander à votre administrateur de récupérer vos fichiers.", - "Old log-in password" : "Ancien mot de passe de connexion", - "Current log-in password" : "Actuel mot de passe de connexion", - "Update Private Key Password" : "Mettre à jour le mot de passe de votre clef privée", - "Enable password recovery:" : "Activer la récupération du mot de passe :", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Activer cette option vous permettra d'obtenir à nouveau l'accès à vos fichiers chiffrés en cas de perte de mot de passe" -},"pluralForm" :"nplurals=2; plural=(n > 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/gl.js b/apps/files_encryption/l10n/gl.js deleted file mode 100644 index bd44dc65bc..0000000000 --- a/apps/files_encryption/l10n/gl.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Produciuse un erro descoñecido", - "Missing recovery key password" : "Falta a chave de recuperación", - "Please repeat the recovery key password" : "Repita a chave de recuperación", - "Repeated recovery key password does not match the provided recovery key password" : "A repetición da chave de recuperación non coincide coa chave de recuperación estabelecida", - "Recovery key successfully enabled" : "Activada satisfactoriamente a chave de recuperación", - "Could not disable recovery key. Please check your recovery key password!" : "Non foi posíbel desactivar a chave de recuperación. Comprobe o contrasinal da chave de recuperación!", - "Recovery key successfully disabled" : "Desactivada satisfactoriamente a chave de recuperación", - "Please provide the old recovery password" : "Introduza a chave de recuperación antiga", - "Please provide a new recovery password" : "Introduza a nova chave de recuperación", - "Please repeat the new recovery password" : "Repita a nova chave de recuperación", - "Password successfully changed." : "O contrasinal foi cambiado satisfactoriamente", - "Could not change the password. Maybe the old password was not correct." : "Non foi posíbel cambiar o contrasinal. Probabelmente o contrasinal antigo non é o correcto.", - "Could not update the private key password." : "Non foi posíbel actualizar o contrasinal da chave privada.", - "The old password was not correct, please try again." : "O contrasinal antigo non é correcto, ténteo de novo.", - "The current log-in password was not correct, please try again." : "O actual contrasinal de acceso non é correcto, ténteo de novo.", - "Private key password successfully updated." : "A chave privada foi actualizada correctamente.", - "File recovery settings updated" : "Actualizouse o ficheiro de axustes de recuperación", - "Could not update file recovery" : "Non foi posíbel actualizar o ficheiro de recuperación", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Non se iniciou a aplicación de cifrado! Quizais volva a activarse durante a sesión. Tente pechar a sesión e volver iniciala para que tamén se inicie a aplicación de cifrado.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "A chave privada non é correcta! É probábel que o seu contrasinal teña sido cambiado desde o exterior do %s (p.ex. o seu directorio corporativo). Vostede pode actualizar o contrasinal da súa chave privada nos seus axustes persoais para recuperar o acceso aos seus ficheiros", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Non foi posíbel descifrar o ficheiro, probabelmente tratase dun ficheiro compartido. Pídalle ao propietario do ficheiro que volva compartir o ficheiro con vostede.", - "Unknown error. Please check your system settings or contact your administrator" : "Produciuse un erro descoñecido. Comprobe os axustes do sistema ou contacte co administrador", - "Initial encryption started... This can take some time. Please wait." : "Comezou o cifrado inicial... Isto pode levar bastante tempo. Agarde.", - "Initial encryption running... Please try again later." : "O cifrado inicial está en execución... Tenteo máis tarde.", - "Missing requirements." : "Non se cumpren os requisitos.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Asegúrese de que está instalado o OpenSSL xunto coa extensión PHP e que estean activados e configurados correctamente. Polo de agora foi desactivada a aplicación de cifrado.", - "Following users are not set up for encryption:" : "Os seguintes usuarios non teñen configuración para o cifrado:", - "Go directly to your %spersonal settings%s." : "Vaia directamente aos seus %saxustes persoais%s.", - "Server-side Encryption" : "Cifrado na parte do servidor", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "A aplicación de cifrado está activada, mais as chaves non foron preparadas, saia da sesión e volva a acceder de novo", - "Enable recovery key (allow to recover users files in case of password loss):" : "Activar a chave de recuperación (permitirá recuperar os ficheiros dos usuarios no caso de perda do contrasinal):", - "Recovery key password" : "Contrasinal da chave de recuperación", - "Repeat Recovery key password" : "Repita o contrasinal da chave de recuperación", - "Enabled" : "Activado", - "Disabled" : "Desactivado", - "Change recovery key password:" : "Cambiar o contrasinal da chave de la recuperación:", - "Old Recovery key password" : "Antigo contrasinal da chave de recuperación", - "New Recovery key password" : "Novo contrasinal da chave de recuperación", - "Repeat New Recovery key password" : "Repita o novo contrasinal da chave de recuperación", - "Change Password" : "Cambiar o contrasinal", - "Your private key password no longer matches your log-in password." : "O seu contrasinal da chave privada non coincide co seu contrasinal de acceso.", - "Set your old private key password to your current log-in password:" : "Estabeleza o seu contrasinal antigo da chave de recuperación ao seu contrasinal de acceso actual:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Se non lembra o seu antigo contrasinal pode pedírllelo ao seu administrador para recuperar os seus ficheiros.", - "Old log-in password" : "Contrasinal antigo de acceso", - "Current log-in password" : "Contrasinal actual de acceso", - "Update Private Key Password" : "Actualizar o contrasinal da chave privada", - "Enable password recovery:" : "Activar o contrasinal de recuperación:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Ao activar esta opción permitiráselle volver a obter acceso aos ficheiros cifrados no caso de perda do contrasinal" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/gl.json b/apps/files_encryption/l10n/gl.json deleted file mode 100644 index a1a8e606f1..0000000000 --- a/apps/files_encryption/l10n/gl.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Produciuse un erro descoñecido", - "Missing recovery key password" : "Falta a chave de recuperación", - "Please repeat the recovery key password" : "Repita a chave de recuperación", - "Repeated recovery key password does not match the provided recovery key password" : "A repetición da chave de recuperación non coincide coa chave de recuperación estabelecida", - "Recovery key successfully enabled" : "Activada satisfactoriamente a chave de recuperación", - "Could not disable recovery key. Please check your recovery key password!" : "Non foi posíbel desactivar a chave de recuperación. Comprobe o contrasinal da chave de recuperación!", - "Recovery key successfully disabled" : "Desactivada satisfactoriamente a chave de recuperación", - "Please provide the old recovery password" : "Introduza a chave de recuperación antiga", - "Please provide a new recovery password" : "Introduza a nova chave de recuperación", - "Please repeat the new recovery password" : "Repita a nova chave de recuperación", - "Password successfully changed." : "O contrasinal foi cambiado satisfactoriamente", - "Could not change the password. Maybe the old password was not correct." : "Non foi posíbel cambiar o contrasinal. Probabelmente o contrasinal antigo non é o correcto.", - "Could not update the private key password." : "Non foi posíbel actualizar o contrasinal da chave privada.", - "The old password was not correct, please try again." : "O contrasinal antigo non é correcto, ténteo de novo.", - "The current log-in password was not correct, please try again." : "O actual contrasinal de acceso non é correcto, ténteo de novo.", - "Private key password successfully updated." : "A chave privada foi actualizada correctamente.", - "File recovery settings updated" : "Actualizouse o ficheiro de axustes de recuperación", - "Could not update file recovery" : "Non foi posíbel actualizar o ficheiro de recuperación", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Non se iniciou a aplicación de cifrado! Quizais volva a activarse durante a sesión. Tente pechar a sesión e volver iniciala para que tamén se inicie a aplicación de cifrado.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "A chave privada non é correcta! É probábel que o seu contrasinal teña sido cambiado desde o exterior do %s (p.ex. o seu directorio corporativo). Vostede pode actualizar o contrasinal da súa chave privada nos seus axustes persoais para recuperar o acceso aos seus ficheiros", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Non foi posíbel descifrar o ficheiro, probabelmente tratase dun ficheiro compartido. Pídalle ao propietario do ficheiro que volva compartir o ficheiro con vostede.", - "Unknown error. Please check your system settings or contact your administrator" : "Produciuse un erro descoñecido. Comprobe os axustes do sistema ou contacte co administrador", - "Initial encryption started... This can take some time. Please wait." : "Comezou o cifrado inicial... Isto pode levar bastante tempo. Agarde.", - "Initial encryption running... Please try again later." : "O cifrado inicial está en execución... Tenteo máis tarde.", - "Missing requirements." : "Non se cumpren os requisitos.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Asegúrese de que está instalado o OpenSSL xunto coa extensión PHP e que estean activados e configurados correctamente. Polo de agora foi desactivada a aplicación de cifrado.", - "Following users are not set up for encryption:" : "Os seguintes usuarios non teñen configuración para o cifrado:", - "Go directly to your %spersonal settings%s." : "Vaia directamente aos seus %saxustes persoais%s.", - "Server-side Encryption" : "Cifrado na parte do servidor", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "A aplicación de cifrado está activada, mais as chaves non foron preparadas, saia da sesión e volva a acceder de novo", - "Enable recovery key (allow to recover users files in case of password loss):" : "Activar a chave de recuperación (permitirá recuperar os ficheiros dos usuarios no caso de perda do contrasinal):", - "Recovery key password" : "Contrasinal da chave de recuperación", - "Repeat Recovery key password" : "Repita o contrasinal da chave de recuperación", - "Enabled" : "Activado", - "Disabled" : "Desactivado", - "Change recovery key password:" : "Cambiar o contrasinal da chave de la recuperación:", - "Old Recovery key password" : "Antigo contrasinal da chave de recuperación", - "New Recovery key password" : "Novo contrasinal da chave de recuperación", - "Repeat New Recovery key password" : "Repita o novo contrasinal da chave de recuperación", - "Change Password" : "Cambiar o contrasinal", - "Your private key password no longer matches your log-in password." : "O seu contrasinal da chave privada non coincide co seu contrasinal de acceso.", - "Set your old private key password to your current log-in password:" : "Estabeleza o seu contrasinal antigo da chave de recuperación ao seu contrasinal de acceso actual:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Se non lembra o seu antigo contrasinal pode pedírllelo ao seu administrador para recuperar os seus ficheiros.", - "Old log-in password" : "Contrasinal antigo de acceso", - "Current log-in password" : "Contrasinal actual de acceso", - "Update Private Key Password" : "Actualizar o contrasinal da chave privada", - "Enable password recovery:" : "Activar o contrasinal de recuperación:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Ao activar esta opción permitiráselle volver a obter acceso aos ficheiros cifrados no caso de perda do contrasinal" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/he.js b/apps/files_encryption/l10n/he.js deleted file mode 100644 index d6a018e358..0000000000 --- a/apps/files_encryption/l10n/he.js +++ /dev/null @@ -1,6 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "שגיאה בלתי ידועה" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/he.json b/apps/files_encryption/l10n/he.json deleted file mode 100644 index 8332496838..0000000000 --- a/apps/files_encryption/l10n/he.json +++ /dev/null @@ -1,4 +0,0 @@ -{ "translations": { - "Unknown error" : "שגיאה בלתי ידועה" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/hr.js b/apps/files_encryption/l10n/hr.js deleted file mode 100644 index ec62347f61..0000000000 --- a/apps/files_encryption/l10n/hr.js +++ /dev/null @@ -1,42 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Nepoznata pogreška", - "Recovery key successfully enabled" : "Ključ za oporavak uspješno aktiviran", - "Could not disable recovery key. Please check your recovery key password!" : "Ključ za oporavak nije moguće deaktivirati. Molimo provjerite svoju lozinku ključa za oporavak!", - "Recovery key successfully disabled" : "Ključ za ooravak uspješno deaktiviran", - "Password successfully changed." : "Lozinka uspješno promijenjena.", - "Could not change the password. Maybe the old password was not correct." : "Lozinku nije moguće promijeniti. Možda je stara lozinka bila neispravna.", - "Private key password successfully updated." : "Lozinka privatnog ključa uspješno ažurirana.", - "File recovery settings updated" : "Ažurirane postavke za oporavak datoteke", - "Could not update file recovery" : "Oporavak datoteke nije moguće ažurirati", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Aplikacija šifriranja nije inicijalizirana! Možda je aplikacija šifriranja bila reaktivirana tijekom vaše sesije.Da biste inicijalizirali aplikaciju šifriranja, molimo, pokušajte se odjaviti i ponovno prijaviti.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Vaš privatni ključ nije ispravan! Vjerojatno je vaša lozinka promijenjena izvan %s(npr. vašega korporativnog direktorija). Lozinku svoga privatnog ključa možete ažuriratiu svojim osobnim postavkama da biste obnovili pristup svojim šifriranim datotekama.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Ovu datoteku nije moguće dešifrirati, vjerojatno je riječ o zajedničkoj datoteci. Molimopitajte vlasnika datoteke da je ponovo podijeli s vama.", - "Unknown error. Please check your system settings or contact your administrator" : "Pogreška nepoznata. Molimo provjerite svoje sistemske postavke ili kontaktirajte svog administratora.", - "Initial encryption started... This can take some time. Please wait." : "Počelo inicijalno šifriranje... To može potrajati neko vrijeme. Molimo, pričekajte.", - "Initial encryption running... Please try again later." : "Inicijalno šifriranje u tijeku... Molimo, pokušajte ponovno kasnije.", - "Missing requirements." : "Nedostaju preduvjeti.", - "Following users are not set up for encryption:" : "Sljedeći korisnici nisu određeni za šifriranje:", - "Go directly to your %spersonal settings%s." : "Idite izravno na svoje %sosobne postavke%s.", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplikacija šifriranja je aktivirana ali vaši ključevi nisu inicijalizirani, molimo odjavite se iponovno prijavite.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Aktivirajte ključ za oporavak (u slučaju gubitka lozinke dozvolite oporavak korisničkih datoteka):", - "Recovery key password" : "Lozinka ključa za oporavak", - "Repeat Recovery key password" : "Ponovite lozinku ključa za oporavak", - "Enabled" : "Aktivirano", - "Disabled" : "Onemogućeno", - "Change recovery key password:" : "Promijenite lozinku ključa za oporavak", - "Old Recovery key password" : "Stara lozinka ključa za oporavak", - "New Recovery key password" : "Nova lozinka ključa za oporavak", - "Repeat New Recovery key password" : "Ponovite novu lozinku ključa za oporavak", - "Change Password" : "Promijenite lozinku", - "Your private key password no longer matches your log-in password." : "Lozinka vašeg privatnog ključa više se ne slaže s vašom lozinkom za prijavu.", - "Set your old private key password to your current log-in password:" : "Postavite svoju staru lozinku privatnog ključa u svoju postojeću lozinku za prijavu.", - " If you don't remember your old password you can ask your administrator to recover your files." : "Ako se ne sjećate svoje stare lozinke, možete zamoliti administratora da oporavi vaše datoteke.", - "Old log-in password" : "Stara lozinka za prijavu", - "Current log-in password" : "Aktualna lozinka za prijavu", - "Update Private Key Password" : "Ažurirajte lozinku privatnog ključa", - "Enable password recovery:" : "Omogućite oporavak lozinke:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "U slučaju gubitka lozinke, aktiviranje ove opcije ponovno će vam pribaviti pristup vašim šifriranim datotekama" -}, -"nplurals=3; plural=n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2;"); diff --git a/apps/files_encryption/l10n/hr.json b/apps/files_encryption/l10n/hr.json deleted file mode 100644 index ea1cfe5ed0..0000000000 --- a/apps/files_encryption/l10n/hr.json +++ /dev/null @@ -1,40 +0,0 @@ -{ "translations": { - "Unknown error" : "Nepoznata pogreška", - "Recovery key successfully enabled" : "Ključ za oporavak uspješno aktiviran", - "Could not disable recovery key. Please check your recovery key password!" : "Ključ za oporavak nije moguće deaktivirati. Molimo provjerite svoju lozinku ključa za oporavak!", - "Recovery key successfully disabled" : "Ključ za ooravak uspješno deaktiviran", - "Password successfully changed." : "Lozinka uspješno promijenjena.", - "Could not change the password. Maybe the old password was not correct." : "Lozinku nije moguće promijeniti. Možda je stara lozinka bila neispravna.", - "Private key password successfully updated." : "Lozinka privatnog ključa uspješno ažurirana.", - "File recovery settings updated" : "Ažurirane postavke za oporavak datoteke", - "Could not update file recovery" : "Oporavak datoteke nije moguće ažurirati", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Aplikacija šifriranja nije inicijalizirana! Možda je aplikacija šifriranja bila reaktivirana tijekom vaše sesije.Da biste inicijalizirali aplikaciju šifriranja, molimo, pokušajte se odjaviti i ponovno prijaviti.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Vaš privatni ključ nije ispravan! Vjerojatno je vaša lozinka promijenjena izvan %s(npr. vašega korporativnog direktorija). Lozinku svoga privatnog ključa možete ažuriratiu svojim osobnim postavkama da biste obnovili pristup svojim šifriranim datotekama.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Ovu datoteku nije moguće dešifrirati, vjerojatno je riječ o zajedničkoj datoteci. Molimopitajte vlasnika datoteke da je ponovo podijeli s vama.", - "Unknown error. Please check your system settings or contact your administrator" : "Pogreška nepoznata. Molimo provjerite svoje sistemske postavke ili kontaktirajte svog administratora.", - "Initial encryption started... This can take some time. Please wait." : "Počelo inicijalno šifriranje... To može potrajati neko vrijeme. Molimo, pričekajte.", - "Initial encryption running... Please try again later." : "Inicijalno šifriranje u tijeku... Molimo, pokušajte ponovno kasnije.", - "Missing requirements." : "Nedostaju preduvjeti.", - "Following users are not set up for encryption:" : "Sljedeći korisnici nisu određeni za šifriranje:", - "Go directly to your %spersonal settings%s." : "Idite izravno na svoje %sosobne postavke%s.", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplikacija šifriranja je aktivirana ali vaši ključevi nisu inicijalizirani, molimo odjavite se iponovno prijavite.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Aktivirajte ključ za oporavak (u slučaju gubitka lozinke dozvolite oporavak korisničkih datoteka):", - "Recovery key password" : "Lozinka ključa za oporavak", - "Repeat Recovery key password" : "Ponovite lozinku ključa za oporavak", - "Enabled" : "Aktivirano", - "Disabled" : "Onemogućeno", - "Change recovery key password:" : "Promijenite lozinku ključa za oporavak", - "Old Recovery key password" : "Stara lozinka ključa za oporavak", - "New Recovery key password" : "Nova lozinka ključa za oporavak", - "Repeat New Recovery key password" : "Ponovite novu lozinku ključa za oporavak", - "Change Password" : "Promijenite lozinku", - "Your private key password no longer matches your log-in password." : "Lozinka vašeg privatnog ključa više se ne slaže s vašom lozinkom za prijavu.", - "Set your old private key password to your current log-in password:" : "Postavite svoju staru lozinku privatnog ključa u svoju postojeću lozinku za prijavu.", - " If you don't remember your old password you can ask your administrator to recover your files." : "Ako se ne sjećate svoje stare lozinke, možete zamoliti administratora da oporavi vaše datoteke.", - "Old log-in password" : "Stara lozinka za prijavu", - "Current log-in password" : "Aktualna lozinka za prijavu", - "Update Private Key Password" : "Ažurirajte lozinku privatnog ključa", - "Enable password recovery:" : "Omogućite oporavak lozinke:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "U slučaju gubitka lozinke, aktiviranje ove opcije ponovno će vam pribaviti pristup vašim šifriranim datotekama" -},"pluralForm" :"nplurals=3; plural=n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/hu_HU.js b/apps/files_encryption/l10n/hu_HU.js deleted file mode 100644 index 6d52e85d66..0000000000 --- a/apps/files_encryption/l10n/hu_HU.js +++ /dev/null @@ -1,38 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Ismeretlen hiba", - "Recovery key successfully enabled" : "A helyreállítási kulcs sikeresen bekapcsolva", - "Could not disable recovery key. Please check your recovery key password!" : "A helyreállítási kulcsot nem lehetett kikapcsolni. Ellenőrizze a helyreállítási kulcsa jelszavát!", - "Recovery key successfully disabled" : "A helyreállítási kulcs sikeresen kikapcsolva", - "Password successfully changed." : "A jelszót sikeresen megváltoztattuk.", - "Could not change the password. Maybe the old password was not correct." : "A jelszót nem lehet megváltoztatni! Lehet, hogy hibás volt a régi jelszó.", - "Private key password successfully updated." : "A személyes kulcsának jelszava frissítésre került.", - "File recovery settings updated" : "A fájlhelyreállítási beállítások frissültek", - "Could not update file recovery" : "A fájlhelyreállítás nem frissíthető", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "A titkosítási modul nincs elindítva! Talán a munkafolyamat közben került engedélyezésre. Kérjük jelentkezzen ki majd ismét jelentkezzen be, hogy a titkosítási modul megfelelően elinduljon!", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Az állományok titkosításához használt titkos kulcsa érvénytelen. Valószínűleg a %s rendszeren kívül változtatta meg a jelszavát (pl. a munkahelyi címtárban). A személyes beállításoknál frissítheti a titkos kulcsát, hogy ismét elérhesse a titkosított állományait.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Az állományt nem sikerült dekódolni, valószínűleg ez egy megosztott fájl. Kérje meg az állomány tulajdonosát, hogy újra ossza meg Önnel ezt az állományt!", - "Initial encryption started... This can take some time. Please wait." : "A titkosítási folyamat megkezdődött... Ez hosszabb ideig is eltarthat. Kérem várjon.", - "Initial encryption running... Please try again later." : "Kezedeti titkosítás fut... Próbálja később.", - "Missing requirements." : "Hiányzó követelmények.", - "Following users are not set up for encryption:" : "A következő felhasználók nem állították be a titkosítást:", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Az állományok titkosítása engedélyezve van, de az Ön titkos kulcsai nincsenek beállítva. Ezért kérjük, hogy jelentkezzen ki, és lépjen be újra!", - "Enable recovery key (allow to recover users files in case of password loss):" : "A helyreállítási kulcs beállítása (lehetővé teszi a felhasználók állományainak visszaállítását, ha elfelejtik a jelszavukat):", - "Recovery key password" : "A helyreállítási kulcs jelszava", - "Repeat Recovery key password" : "Ismételje meg a helyreállítási kulcs jelszavát", - "Enabled" : "Bekapcsolva", - "Disabled" : "Kikapcsolva", - "Change recovery key password:" : "A helyreállítási kulcs jelszavának módosítása:", - "Old Recovery key password" : "Régi Helyreállítási Kulcs Jelszava", - "New Recovery key password" : "Új Helyreállítási kulcs jelszava", - "Repeat New Recovery key password" : "Ismételje meg az új helyreállítási kulcs jelszavát", - "Change Password" : "Jelszó megváltoztatása", - " If you don't remember your old password you can ask your administrator to recover your files." : "Ha nem emlékszik a régi jelszavára akkor megkérheti a rendszergazdát, hogy állítsa vissza az állományait.", - "Old log-in password" : "Régi bejelentkezési jelszó", - "Current log-in password" : "Jelenlegi bejelentkezési jelszó", - "Update Private Key Password" : "A személyest kulcs jelszó frissítése", - "Enable password recovery:" : "Jelszó-visszaállítás bekapcsolása", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Ez az opció lehetővé teszi, hogy a titkosított állományok tartalmát visszanyerjük abban az esetben, ha elfelejti a jelszavát" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/hu_HU.json b/apps/files_encryption/l10n/hu_HU.json deleted file mode 100644 index 0bb4c40f39..0000000000 --- a/apps/files_encryption/l10n/hu_HU.json +++ /dev/null @@ -1,36 +0,0 @@ -{ "translations": { - "Unknown error" : "Ismeretlen hiba", - "Recovery key successfully enabled" : "A helyreállítási kulcs sikeresen bekapcsolva", - "Could not disable recovery key. Please check your recovery key password!" : "A helyreállítási kulcsot nem lehetett kikapcsolni. Ellenőrizze a helyreállítási kulcsa jelszavát!", - "Recovery key successfully disabled" : "A helyreállítási kulcs sikeresen kikapcsolva", - "Password successfully changed." : "A jelszót sikeresen megváltoztattuk.", - "Could not change the password. Maybe the old password was not correct." : "A jelszót nem lehet megváltoztatni! Lehet, hogy hibás volt a régi jelszó.", - "Private key password successfully updated." : "A személyes kulcsának jelszava frissítésre került.", - "File recovery settings updated" : "A fájlhelyreállítási beállítások frissültek", - "Could not update file recovery" : "A fájlhelyreállítás nem frissíthető", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "A titkosítási modul nincs elindítva! Talán a munkafolyamat közben került engedélyezésre. Kérjük jelentkezzen ki majd ismét jelentkezzen be, hogy a titkosítási modul megfelelően elinduljon!", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Az állományok titkosításához használt titkos kulcsa érvénytelen. Valószínűleg a %s rendszeren kívül változtatta meg a jelszavát (pl. a munkahelyi címtárban). A személyes beállításoknál frissítheti a titkos kulcsát, hogy ismét elérhesse a titkosított állományait.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Az állományt nem sikerült dekódolni, valószínűleg ez egy megosztott fájl. Kérje meg az állomány tulajdonosát, hogy újra ossza meg Önnel ezt az állományt!", - "Initial encryption started... This can take some time. Please wait." : "A titkosítási folyamat megkezdődött... Ez hosszabb ideig is eltarthat. Kérem várjon.", - "Initial encryption running... Please try again later." : "Kezedeti titkosítás fut... Próbálja később.", - "Missing requirements." : "Hiányzó követelmények.", - "Following users are not set up for encryption:" : "A következő felhasználók nem állították be a titkosítást:", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Az állományok titkosítása engedélyezve van, de az Ön titkos kulcsai nincsenek beállítva. Ezért kérjük, hogy jelentkezzen ki, és lépjen be újra!", - "Enable recovery key (allow to recover users files in case of password loss):" : "A helyreállítási kulcs beállítása (lehetővé teszi a felhasználók állományainak visszaállítását, ha elfelejtik a jelszavukat):", - "Recovery key password" : "A helyreállítási kulcs jelszava", - "Repeat Recovery key password" : "Ismételje meg a helyreállítási kulcs jelszavát", - "Enabled" : "Bekapcsolva", - "Disabled" : "Kikapcsolva", - "Change recovery key password:" : "A helyreállítási kulcs jelszavának módosítása:", - "Old Recovery key password" : "Régi Helyreállítási Kulcs Jelszava", - "New Recovery key password" : "Új Helyreállítási kulcs jelszava", - "Repeat New Recovery key password" : "Ismételje meg az új helyreállítási kulcs jelszavát", - "Change Password" : "Jelszó megváltoztatása", - " If you don't remember your old password you can ask your administrator to recover your files." : "Ha nem emlékszik a régi jelszavára akkor megkérheti a rendszergazdát, hogy állítsa vissza az állományait.", - "Old log-in password" : "Régi bejelentkezési jelszó", - "Current log-in password" : "Jelenlegi bejelentkezési jelszó", - "Update Private Key Password" : "A személyest kulcs jelszó frissítése", - "Enable password recovery:" : "Jelszó-visszaállítás bekapcsolása", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Ez az opció lehetővé teszi, hogy a titkosított állományok tartalmát visszanyerjük abban az esetben, ha elfelejti a jelszavát" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/ia.js b/apps/files_encryption/l10n/ia.js deleted file mode 100644 index 5d480be507..0000000000 --- a/apps/files_encryption/l10n/ia.js +++ /dev/null @@ -1,6 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Error Incognite" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/ia.json b/apps/files_encryption/l10n/ia.json deleted file mode 100644 index de701b407d..0000000000 --- a/apps/files_encryption/l10n/ia.json +++ /dev/null @@ -1,4 +0,0 @@ -{ "translations": { - "Unknown error" : "Error Incognite" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/id.js b/apps/files_encryption/l10n/id.js deleted file mode 100644 index c9137a51a1..0000000000 --- a/apps/files_encryption/l10n/id.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Kesalahan tidak diketahui", - "Missing recovery key password" : "Sandi kunci pemuliahan hilang", - "Please repeat the recovery key password" : "Silakan ulangi sandi kunci pemulihan", - "Repeated recovery key password does not match the provided recovery key password" : "Sandi kunci pemulihan yang diulangi tidak cocok dengan sandi kunci pemulihan yang diberikan", - "Recovery key successfully enabled" : "Kunci pemulihan berhasil diaktifkan", - "Could not disable recovery key. Please check your recovery key password!" : "Tidak dapat menonaktifkan kunci pemulihan. Silakan periksa sandi kunci pemulihan Anda!", - "Recovery key successfully disabled" : "Kunci pemulihan berhasil dinonaktifkan", - "Please provide the old recovery password" : "Mohon berikan sandi pemulihan lama", - "Please provide a new recovery password" : "Mohon berikan sandi pemulihan baru", - "Please repeat the new recovery password" : "Silakan ulangi sandi pemulihan baru", - "Password successfully changed." : "Sandi berhasil diubah", - "Could not change the password. Maybe the old password was not correct." : "Tidak dapat mengubah sandi. Kemungkinan sandi lama yang dimasukkan salah.", - "Could not update the private key password." : "Tidak dapat memperbarui sandi kunci private.", - "The old password was not correct, please try again." : "Sandi lama salah, mohon coba lagi.", - "The current log-in password was not correct, please try again." : "Sandi masuk saat ini salah, mohon coba lagi.", - "Private key password successfully updated." : "Sandi kunci privat berhasil diperbarui.", - "File recovery settings updated" : "Pengaturan pemulihan berkas diperbarui", - "Could not update file recovery" : "Tidak dapat memperbarui pemulihan berkas", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Aplikasi enkripsi tidak dimulai! Kemungkinan aplikasi enkripsi telah diaktifkan ulang saat sesi Anda. Silakan coba untuk keluar dan kembali lagi untuk memulai aplikasi enkripsi.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Kunci private Anda tidak sah! Nampaknya sandi Anda telah diubah diluar %s (misal direktori perusahaan Anda). Anda dapat memperbarui sandi kunci private untuk memulihakan akses ke berkas terenkripsi Anda.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Tidak dapat mendekripsi berkas ini, mungkin ini adalah berkas bersama. Silakan meminta pemilik berkas ini untuk membagikan kembali dengan Anda.", - "Unknown error. Please check your system settings or contact your administrator" : "Kesalahan tidak diketahui. Silakan periksa pengaturan sistem Anda atau hubungi administrator", - "Initial encryption started... This can take some time. Please wait." : "Enskripsi awal dijalankan... Ini dapat memakan waktu. Silakan tunggu.", - "Initial encryption running... Please try again later." : "Enkripsi awal sedang berjalan... Sialakn coba lagi nanti.", - "Missing requirements." : "Persyaratan tidak terpenuhi.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Mohon pastikan bahwa OpenSSL bersama ekstensi PHP diaktifkan dan terkonfigurasi dengan benar. Untuk sekarang, aplikasi enkripsi akan dinonaktifkan.", - "Following users are not set up for encryption:" : "Pengguna berikut belum diatur untuk enkripsi:", - "Go directly to your %spersonal settings%s." : "Langsung ke %spengaturan pribadi%s Anda.", - "Server-side Encryption" : "Enkripsi Sisi-Server", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplikasi Enskripsi telah diaktifkan tetapi kunci tidak diinisialisasi, silakan log-out dan log-in lagi", - "Enable recovery key (allow to recover users files in case of password loss):" : "Aktifkan kunci pemulihan (memungkinkan pengguna untuk memulihkan berkas dalam kasus kehilangan sandi):", - "Recovery key password" : "Sandi kunci pemulihan", - "Repeat Recovery key password" : "Ulangi sandi kunci Pemulihan", - "Enabled" : "Diaktifkan", - "Disabled" : "Dinonaktifkan", - "Change recovery key password:" : "Ubah sandi kunci pemulihan:", - "Old Recovery key password" : "Sandi kunci Pemulihan Lama", - "New Recovery key password" : "Sandi kunci Pemulihan Baru", - "Repeat New Recovery key password" : "Ulangi sandi kunci Pemulihan baru", - "Change Password" : "Ubah Sandi", - "Your private key password no longer matches your log-in password." : "Sandi kunci private Anda tidak lagi cocok dengan sandi masuk Anda.", - "Set your old private key password to your current log-in password:" : "Setel sandi kunci private Anda untuk sandi masuk Anda saat ini:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Jika Anda tidak ingat sandi lama, Anda dapat meminta administrator Anda untuk memulihkan berkas.", - "Old log-in password" : "Sandi masuk yang lama", - "Current log-in password" : "Sandi masuk saat ini", - "Update Private Key Password" : "Perbarui Sandi Kunci Private", - "Enable password recovery:" : "Aktifkan sandi pemulihan:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Mengaktifkan opsi ini memungkinkan Anda untuk mendapatkan kembali akses ke berkas terenkripsi Anda dalam kasus kehilangan sandi" -}, -"nplurals=1; plural=0;"); diff --git a/apps/files_encryption/l10n/id.json b/apps/files_encryption/l10n/id.json deleted file mode 100644 index 5d77cef0b2..0000000000 --- a/apps/files_encryption/l10n/id.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Kesalahan tidak diketahui", - "Missing recovery key password" : "Sandi kunci pemuliahan hilang", - "Please repeat the recovery key password" : "Silakan ulangi sandi kunci pemulihan", - "Repeated recovery key password does not match the provided recovery key password" : "Sandi kunci pemulihan yang diulangi tidak cocok dengan sandi kunci pemulihan yang diberikan", - "Recovery key successfully enabled" : "Kunci pemulihan berhasil diaktifkan", - "Could not disable recovery key. Please check your recovery key password!" : "Tidak dapat menonaktifkan kunci pemulihan. Silakan periksa sandi kunci pemulihan Anda!", - "Recovery key successfully disabled" : "Kunci pemulihan berhasil dinonaktifkan", - "Please provide the old recovery password" : "Mohon berikan sandi pemulihan lama", - "Please provide a new recovery password" : "Mohon berikan sandi pemulihan baru", - "Please repeat the new recovery password" : "Silakan ulangi sandi pemulihan baru", - "Password successfully changed." : "Sandi berhasil diubah", - "Could not change the password. Maybe the old password was not correct." : "Tidak dapat mengubah sandi. Kemungkinan sandi lama yang dimasukkan salah.", - "Could not update the private key password." : "Tidak dapat memperbarui sandi kunci private.", - "The old password was not correct, please try again." : "Sandi lama salah, mohon coba lagi.", - "The current log-in password was not correct, please try again." : "Sandi masuk saat ini salah, mohon coba lagi.", - "Private key password successfully updated." : "Sandi kunci privat berhasil diperbarui.", - "File recovery settings updated" : "Pengaturan pemulihan berkas diperbarui", - "Could not update file recovery" : "Tidak dapat memperbarui pemulihan berkas", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Aplikasi enkripsi tidak dimulai! Kemungkinan aplikasi enkripsi telah diaktifkan ulang saat sesi Anda. Silakan coba untuk keluar dan kembali lagi untuk memulai aplikasi enkripsi.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Kunci private Anda tidak sah! Nampaknya sandi Anda telah diubah diluar %s (misal direktori perusahaan Anda). Anda dapat memperbarui sandi kunci private untuk memulihakan akses ke berkas terenkripsi Anda.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Tidak dapat mendekripsi berkas ini, mungkin ini adalah berkas bersama. Silakan meminta pemilik berkas ini untuk membagikan kembali dengan Anda.", - "Unknown error. Please check your system settings or contact your administrator" : "Kesalahan tidak diketahui. Silakan periksa pengaturan sistem Anda atau hubungi administrator", - "Initial encryption started... This can take some time. Please wait." : "Enskripsi awal dijalankan... Ini dapat memakan waktu. Silakan tunggu.", - "Initial encryption running... Please try again later." : "Enkripsi awal sedang berjalan... Sialakn coba lagi nanti.", - "Missing requirements." : "Persyaratan tidak terpenuhi.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Mohon pastikan bahwa OpenSSL bersama ekstensi PHP diaktifkan dan terkonfigurasi dengan benar. Untuk sekarang, aplikasi enkripsi akan dinonaktifkan.", - "Following users are not set up for encryption:" : "Pengguna berikut belum diatur untuk enkripsi:", - "Go directly to your %spersonal settings%s." : "Langsung ke %spengaturan pribadi%s Anda.", - "Server-side Encryption" : "Enkripsi Sisi-Server", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplikasi Enskripsi telah diaktifkan tetapi kunci tidak diinisialisasi, silakan log-out dan log-in lagi", - "Enable recovery key (allow to recover users files in case of password loss):" : "Aktifkan kunci pemulihan (memungkinkan pengguna untuk memulihkan berkas dalam kasus kehilangan sandi):", - "Recovery key password" : "Sandi kunci pemulihan", - "Repeat Recovery key password" : "Ulangi sandi kunci Pemulihan", - "Enabled" : "Diaktifkan", - "Disabled" : "Dinonaktifkan", - "Change recovery key password:" : "Ubah sandi kunci pemulihan:", - "Old Recovery key password" : "Sandi kunci Pemulihan Lama", - "New Recovery key password" : "Sandi kunci Pemulihan Baru", - "Repeat New Recovery key password" : "Ulangi sandi kunci Pemulihan baru", - "Change Password" : "Ubah Sandi", - "Your private key password no longer matches your log-in password." : "Sandi kunci private Anda tidak lagi cocok dengan sandi masuk Anda.", - "Set your old private key password to your current log-in password:" : "Setel sandi kunci private Anda untuk sandi masuk Anda saat ini:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Jika Anda tidak ingat sandi lama, Anda dapat meminta administrator Anda untuk memulihkan berkas.", - "Old log-in password" : "Sandi masuk yang lama", - "Current log-in password" : "Sandi masuk saat ini", - "Update Private Key Password" : "Perbarui Sandi Kunci Private", - "Enable password recovery:" : "Aktifkan sandi pemulihan:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Mengaktifkan opsi ini memungkinkan Anda untuk mendapatkan kembali akses ke berkas terenkripsi Anda dalam kasus kehilangan sandi" -},"pluralForm" :"nplurals=1; plural=0;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/is.js b/apps/files_encryption/l10n/is.js deleted file mode 100644 index 8dfc249683..0000000000 --- a/apps/files_encryption/l10n/is.js +++ /dev/null @@ -1,6 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Encryption" : "Dulkóðun" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/is.json b/apps/files_encryption/l10n/is.json deleted file mode 100644 index b4d4708f40..0000000000 --- a/apps/files_encryption/l10n/is.json +++ /dev/null @@ -1,4 +0,0 @@ -{ "translations": { - "Encryption" : "Dulkóðun" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/it.js b/apps/files_encryption/l10n/it.js deleted file mode 100644 index 32fe42ae27..0000000000 --- a/apps/files_encryption/l10n/it.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Errore sconosciuto", - "Missing recovery key password" : "Manca la password della chiave di recupero", - "Please repeat the recovery key password" : "Ripeti la password della chiave di recupero", - "Repeated recovery key password does not match the provided recovery key password" : "La password della chiave di recupero ripetuta non corrisponde alla password della chiave di recupero fornita", - "Recovery key successfully enabled" : "Chiave di recupero abilitata correttamente", - "Could not disable recovery key. Please check your recovery key password!" : "Impossibile disabilitare la chiave di recupero. Verifica la password della chiave di recupero.", - "Recovery key successfully disabled" : "Chiave di recupero disabilitata correttamente", - "Please provide the old recovery password" : "Fornisci la vecchia password di recupero", - "Please provide a new recovery password" : "Fornisci una nuova password di recupero", - "Please repeat the new recovery password" : "Ripeti la nuova password di recupero", - "Password successfully changed." : "Password modificata correttamente.", - "Could not change the password. Maybe the old password was not correct." : "Impossibile cambiare la password. Forse la vecchia password non era corretta.", - "Could not update the private key password." : "Impossibile aggiornare la password della chiave privata.", - "The old password was not correct, please try again." : "La vecchia password non era corretta, prova di nuovo.", - "The current log-in password was not correct, please try again." : "La password di accesso attuale non era corretta, prova ancora.", - "Private key password successfully updated." : "Password della chiave privata aggiornata correttamente.", - "File recovery settings updated" : "Impostazioni di ripristino dei file aggiornate", - "Could not update file recovery" : "Impossibile aggiornare il ripristino dei file", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Applicazione di cifratura non inizializzata. Forse l'applicazione è stata riabilitata durante la tua sessione. Prova a disconnetterti e ad effettuare nuovamente l'accesso per inizializzarla.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "La tua chiave privata non è valida! Forse la password è stata cambiata al di fuori di %s (ad es. la directory aziendale). Puoi aggiornare la password della chiave privata nelle impostazioni personali per ottenere nuovamente l'accesso ai file cifrati.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Impossibile decifrare questo file, probabilmente è un file condiviso. Chiedi al proprietario del file di condividere nuovamente il file con te.", - "Unknown error. Please check your system settings or contact your administrator" : "Errore sconosciuto. Controlla le impostazioni di sistema o contatta il tuo amministratore", - "Initial encryption started... This can take some time. Please wait." : "Cifratura iniziale avviata... Potrebbe richiedere del tempo. Attendi.", - "Initial encryption running... Please try again later." : "Cifratura iniziale in esecuzione... Riprova più tardi.", - "Missing requirements." : "Requisiti mancanti.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Assicurati che OpenSSL e l'estensione PHP sia abilitatati e configurati correttamente. Per ora, l'applicazione di cifratura è disabilitata.", - "Following users are not set up for encryption:" : "I seguenti utenti non sono configurati per la cifratura:", - "Go directly to your %spersonal settings%s." : "Vai direttamente alle tue %simpostazioni personali%s.", - "Server-side Encryption" : "Cifratura lato server", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "L'applicazione di cifratura è abilitata, ma le chiavi non sono state inizializzate, disconnettiti ed effettua nuovamente l'accesso", - "Enable recovery key (allow to recover users files in case of password loss):" : "Abilita la chiave di recupero (permette di recuperare i file utenti in caso di perdita della password):", - "Recovery key password" : "Password della chiave di recupero", - "Repeat Recovery key password" : "Ripeti la password della chiave di recupero", - "Enabled" : "Abilitata", - "Disabled" : "Disabilitata", - "Change recovery key password:" : "Cambia la password della chiave di recupero:", - "Old Recovery key password" : "Vecchia password della chiave di recupero", - "New Recovery key password" : "Nuova password della chiave di recupero", - "Repeat New Recovery key password" : "Ripeti la nuova password della chiave di recupero", - "Change Password" : "Modifica password", - "Your private key password no longer matches your log-in password." : "La password della chiave privata non corrisponde più alla password di accesso.", - "Set your old private key password to your current log-in password:" : "Imposta la vecchia password della chiave privata sull'attuale password di accesso:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Se non ricordi la vecchia password puoi chiedere al tuo amministratore di recuperare i file.", - "Old log-in password" : "Vecchia password di accesso", - "Current log-in password" : "Password di accesso attuale", - "Update Private Key Password" : "Aggiorna la password della chiave privata", - "Enable password recovery:" : "Abilita il ripristino della password:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "L'abilitazione di questa opzione ti consentirà di accedere nuovamente ai file cifrati in caso di perdita della password" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/it.json b/apps/files_encryption/l10n/it.json deleted file mode 100644 index e5fa00dca3..0000000000 --- a/apps/files_encryption/l10n/it.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Errore sconosciuto", - "Missing recovery key password" : "Manca la password della chiave di recupero", - "Please repeat the recovery key password" : "Ripeti la password della chiave di recupero", - "Repeated recovery key password does not match the provided recovery key password" : "La password della chiave di recupero ripetuta non corrisponde alla password della chiave di recupero fornita", - "Recovery key successfully enabled" : "Chiave di recupero abilitata correttamente", - "Could not disable recovery key. Please check your recovery key password!" : "Impossibile disabilitare la chiave di recupero. Verifica la password della chiave di recupero.", - "Recovery key successfully disabled" : "Chiave di recupero disabilitata correttamente", - "Please provide the old recovery password" : "Fornisci la vecchia password di recupero", - "Please provide a new recovery password" : "Fornisci una nuova password di recupero", - "Please repeat the new recovery password" : "Ripeti la nuova password di recupero", - "Password successfully changed." : "Password modificata correttamente.", - "Could not change the password. Maybe the old password was not correct." : "Impossibile cambiare la password. Forse la vecchia password non era corretta.", - "Could not update the private key password." : "Impossibile aggiornare la password della chiave privata.", - "The old password was not correct, please try again." : "La vecchia password non era corretta, prova di nuovo.", - "The current log-in password was not correct, please try again." : "La password di accesso attuale non era corretta, prova ancora.", - "Private key password successfully updated." : "Password della chiave privata aggiornata correttamente.", - "File recovery settings updated" : "Impostazioni di ripristino dei file aggiornate", - "Could not update file recovery" : "Impossibile aggiornare il ripristino dei file", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Applicazione di cifratura non inizializzata. Forse l'applicazione è stata riabilitata durante la tua sessione. Prova a disconnetterti e ad effettuare nuovamente l'accesso per inizializzarla.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "La tua chiave privata non è valida! Forse la password è stata cambiata al di fuori di %s (ad es. la directory aziendale). Puoi aggiornare la password della chiave privata nelle impostazioni personali per ottenere nuovamente l'accesso ai file cifrati.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Impossibile decifrare questo file, probabilmente è un file condiviso. Chiedi al proprietario del file di condividere nuovamente il file con te.", - "Unknown error. Please check your system settings or contact your administrator" : "Errore sconosciuto. Controlla le impostazioni di sistema o contatta il tuo amministratore", - "Initial encryption started... This can take some time. Please wait." : "Cifratura iniziale avviata... Potrebbe richiedere del tempo. Attendi.", - "Initial encryption running... Please try again later." : "Cifratura iniziale in esecuzione... Riprova più tardi.", - "Missing requirements." : "Requisiti mancanti.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Assicurati che OpenSSL e l'estensione PHP sia abilitatati e configurati correttamente. Per ora, l'applicazione di cifratura è disabilitata.", - "Following users are not set up for encryption:" : "I seguenti utenti non sono configurati per la cifratura:", - "Go directly to your %spersonal settings%s." : "Vai direttamente alle tue %simpostazioni personali%s.", - "Server-side Encryption" : "Cifratura lato server", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "L'applicazione di cifratura è abilitata, ma le chiavi non sono state inizializzate, disconnettiti ed effettua nuovamente l'accesso", - "Enable recovery key (allow to recover users files in case of password loss):" : "Abilita la chiave di recupero (permette di recuperare i file utenti in caso di perdita della password):", - "Recovery key password" : "Password della chiave di recupero", - "Repeat Recovery key password" : "Ripeti la password della chiave di recupero", - "Enabled" : "Abilitata", - "Disabled" : "Disabilitata", - "Change recovery key password:" : "Cambia la password della chiave di recupero:", - "Old Recovery key password" : "Vecchia password della chiave di recupero", - "New Recovery key password" : "Nuova password della chiave di recupero", - "Repeat New Recovery key password" : "Ripeti la nuova password della chiave di recupero", - "Change Password" : "Modifica password", - "Your private key password no longer matches your log-in password." : "La password della chiave privata non corrisponde più alla password di accesso.", - "Set your old private key password to your current log-in password:" : "Imposta la vecchia password della chiave privata sull'attuale password di accesso:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Se non ricordi la vecchia password puoi chiedere al tuo amministratore di recuperare i file.", - "Old log-in password" : "Vecchia password di accesso", - "Current log-in password" : "Password di accesso attuale", - "Update Private Key Password" : "Aggiorna la password della chiave privata", - "Enable password recovery:" : "Abilita il ripristino della password:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "L'abilitazione di questa opzione ti consentirà di accedere nuovamente ai file cifrati in caso di perdita della password" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/ja.js b/apps/files_encryption/l10n/ja.js deleted file mode 100644 index 8fb1364e04..0000000000 --- a/apps/files_encryption/l10n/ja.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "不明なエラー", - "Missing recovery key password" : "復旧キーのパスワードがありません", - "Please repeat the recovery key password" : "復旧キーのパスワードをもう一度入力", - "Repeated recovery key password does not match the provided recovery key password" : "入力された復旧キーのパスワードが一致しません。", - "Recovery key successfully enabled" : "リカバリ用のキーを正常に有効にしました", - "Could not disable recovery key. Please check your recovery key password!" : "リカバリ用のキーを無効化できませんでした。リカバリ用のキーのパスワードを確認してください!", - "Recovery key successfully disabled" : "リカバリ用のキーを正常に無効化しました", - "Please provide the old recovery password" : "古い復旧キーのパスワードを入力", - "Please provide a new recovery password" : "新しい復旧キーのパスワードを入力", - "Please repeat the new recovery password" : "新しい復旧キーのパスワードをもう一度入力", - "Password successfully changed." : "パスワードを変更できました。", - "Could not change the password. Maybe the old password was not correct." : "パスワードを変更できませんでした。古いパスワードが間違っているかもしれません。", - "Could not update the private key password." : "秘密鍵のパスワードを更新できませんでした。", - "The old password was not correct, please try again." : "古いパスワードが一致しませんでした。もう一度入力してください。", - "The current log-in password was not correct, please try again." : "ログインパスワードが一致しませんでした。もう一度入力してください。", - "Private key password successfully updated." : "秘密鍵のパスワードが正常に更新されました。", - "File recovery settings updated" : "ファイルリカバリ設定を更新しました", - "Could not update file recovery" : "ファイルリカバリを更新できませんでした", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "セッション中に暗号化アプリを再度有効にされたため、暗号化アプリが初期化されていません。暗号化アプリを初期化するため、ログアウトしてログインしなおしてください。", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "プライベートキーが有効ではありません!パスワードが%sの外部で変更された(例: 共同ディレクトリ)と思われます。個人設定でプライベートキーのパスワードを更新して、暗号化ファイルへのアクセスを回復することができます。", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "このファイルを復号化できません、共有ファイルの可能性があります。ファイルの所有者にお願いして、ファイルを共有しなおしてもらってください。", - "Unknown error. Please check your system settings or contact your administrator" : "不明なエラーです。システム設定を確認するか、管理者に問い合わせてください。", - "Initial encryption started... This can take some time. Please wait." : "暗号化の初期化作業を開始しました... この処理にはしばらく時間がかかります。お待ちください。", - "Initial encryption running... Please try again later." : "初期暗号化実行中... 後でもう一度お試しください。", - "Missing requirements." : "必要要件が満たされていません。", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "必ず、OpenSSL及びOpenSSLのPHPの拡張を有効にした上で、適切に設定してください。現時点では暗号化アプリは無効になっています。", - "Following users are not set up for encryption:" : "以下のユーザーは、暗号化設定がされていません:", - "Go directly to your %spersonal settings%s." : "直接 %s個人設定%s に進む。", - "Server-side Encryption" : "サーバー側暗号", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "暗号化アプリは有効ですが、あなたの暗号化キーは初期化されていません。ログアウトした後に、再度ログインしてください", - "Enable recovery key (allow to recover users files in case of password loss):" : "リカバリキーを有効にする (パスワードを忘れた場合にユーザーのファイルを回復できます):", - "Recovery key password" : "リカバリキーのパスワード", - "Repeat Recovery key password" : "リカバリキーのパスワードをもう一度入力", - "Enabled" : "有効", - "Disabled" : "無効", - "Change recovery key password:" : "リカバリキーのパスワードを変更:", - "Old Recovery key password" : "古いリカバリキーのパスワード", - "New Recovery key password" : "新しいリカバリキーのパスワード", - "Repeat New Recovery key password" : "新しいリカバリキーのパスワードをもう一度入力", - "Change Password" : "パスワードを変更", - "Your private key password no longer matches your log-in password." : "もはや秘密鍵はログインパスワードと一致しません。", - "Set your old private key password to your current log-in password:" : "古い秘密鍵のパスワードを現在のログインパスワードに設定:", - " If you don't remember your old password you can ask your administrator to recover your files." : "古いパスワードを覚えていない場合、管理者に尋ねてファイルを回復することができます。", - "Old log-in password" : "古いログインパスワード", - "Current log-in password" : "現在のログインパスワード", - "Update Private Key Password" : "秘密鍵のパスワードを更新", - "Enable password recovery:" : "パスワードリカバリを有効に:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "このオプションを有効にすると、パスワードを紛失した場合も、暗号化されたファイルに再度アクセスすることができるようになります。" -}, -"nplurals=1; plural=0;"); diff --git a/apps/files_encryption/l10n/ja.json b/apps/files_encryption/l10n/ja.json deleted file mode 100644 index d88a65fe49..0000000000 --- a/apps/files_encryption/l10n/ja.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "不明なエラー", - "Missing recovery key password" : "復旧キーのパスワードがありません", - "Please repeat the recovery key password" : "復旧キーのパスワードをもう一度入力", - "Repeated recovery key password does not match the provided recovery key password" : "入力された復旧キーのパスワードが一致しません。", - "Recovery key successfully enabled" : "リカバリ用のキーを正常に有効にしました", - "Could not disable recovery key. Please check your recovery key password!" : "リカバリ用のキーを無効化できませんでした。リカバリ用のキーのパスワードを確認してください!", - "Recovery key successfully disabled" : "リカバリ用のキーを正常に無効化しました", - "Please provide the old recovery password" : "古い復旧キーのパスワードを入力", - "Please provide a new recovery password" : "新しい復旧キーのパスワードを入力", - "Please repeat the new recovery password" : "新しい復旧キーのパスワードをもう一度入力", - "Password successfully changed." : "パスワードを変更できました。", - "Could not change the password. Maybe the old password was not correct." : "パスワードを変更できませんでした。古いパスワードが間違っているかもしれません。", - "Could not update the private key password." : "秘密鍵のパスワードを更新できませんでした。", - "The old password was not correct, please try again." : "古いパスワードが一致しませんでした。もう一度入力してください。", - "The current log-in password was not correct, please try again." : "ログインパスワードが一致しませんでした。もう一度入力してください。", - "Private key password successfully updated." : "秘密鍵のパスワードが正常に更新されました。", - "File recovery settings updated" : "ファイルリカバリ設定を更新しました", - "Could not update file recovery" : "ファイルリカバリを更新できませんでした", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "セッション中に暗号化アプリを再度有効にされたため、暗号化アプリが初期化されていません。暗号化アプリを初期化するため、ログアウトしてログインしなおしてください。", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "プライベートキーが有効ではありません!パスワードが%sの外部で変更された(例: 共同ディレクトリ)と思われます。個人設定でプライベートキーのパスワードを更新して、暗号化ファイルへのアクセスを回復することができます。", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "このファイルを復号化できません、共有ファイルの可能性があります。ファイルの所有者にお願いして、ファイルを共有しなおしてもらってください。", - "Unknown error. Please check your system settings or contact your administrator" : "不明なエラーです。システム設定を確認するか、管理者に問い合わせてください。", - "Initial encryption started... This can take some time. Please wait." : "暗号化の初期化作業を開始しました... この処理にはしばらく時間がかかります。お待ちください。", - "Initial encryption running... Please try again later." : "初期暗号化実行中... 後でもう一度お試しください。", - "Missing requirements." : "必要要件が満たされていません。", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "必ず、OpenSSL及びOpenSSLのPHPの拡張を有効にした上で、適切に設定してください。現時点では暗号化アプリは無効になっています。", - "Following users are not set up for encryption:" : "以下のユーザーは、暗号化設定がされていません:", - "Go directly to your %spersonal settings%s." : "直接 %s個人設定%s に進む。", - "Server-side Encryption" : "サーバー側暗号", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "暗号化アプリは有効ですが、あなたの暗号化キーは初期化されていません。ログアウトした後に、再度ログインしてください", - "Enable recovery key (allow to recover users files in case of password loss):" : "リカバリキーを有効にする (パスワードを忘れた場合にユーザーのファイルを回復できます):", - "Recovery key password" : "リカバリキーのパスワード", - "Repeat Recovery key password" : "リカバリキーのパスワードをもう一度入力", - "Enabled" : "有効", - "Disabled" : "無効", - "Change recovery key password:" : "リカバリキーのパスワードを変更:", - "Old Recovery key password" : "古いリカバリキーのパスワード", - "New Recovery key password" : "新しいリカバリキーのパスワード", - "Repeat New Recovery key password" : "新しいリカバリキーのパスワードをもう一度入力", - "Change Password" : "パスワードを変更", - "Your private key password no longer matches your log-in password." : "もはや秘密鍵はログインパスワードと一致しません。", - "Set your old private key password to your current log-in password:" : "古い秘密鍵のパスワードを現在のログインパスワードに設定:", - " If you don't remember your old password you can ask your administrator to recover your files." : "古いパスワードを覚えていない場合、管理者に尋ねてファイルを回復することができます。", - "Old log-in password" : "古いログインパスワード", - "Current log-in password" : "現在のログインパスワード", - "Update Private Key Password" : "秘密鍵のパスワードを更新", - "Enable password recovery:" : "パスワードリカバリを有効に:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "このオプションを有効にすると、パスワードを紛失した場合も、暗号化されたファイルに再度アクセスすることができるようになります。" -},"pluralForm" :"nplurals=1; plural=0;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/ka_GE.js b/apps/files_encryption/l10n/ka_GE.js deleted file mode 100644 index 7b95616ccd..0000000000 --- a/apps/files_encryption/l10n/ka_GE.js +++ /dev/null @@ -1,6 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "უცნობი შეცდომა" -}, -"nplurals=1; plural=0;"); diff --git a/apps/files_encryption/l10n/ka_GE.json b/apps/files_encryption/l10n/ka_GE.json deleted file mode 100644 index a22007f778..0000000000 --- a/apps/files_encryption/l10n/ka_GE.json +++ /dev/null @@ -1,4 +0,0 @@ -{ "translations": { - "Unknown error" : "უცნობი შეცდომა" -},"pluralForm" :"nplurals=1; plural=0;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/km.js b/apps/files_encryption/l10n/km.js deleted file mode 100644 index 336b96f96a..0000000000 --- a/apps/files_encryption/l10n/km.js +++ /dev/null @@ -1,11 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "មិន​ស្គាល់​កំហុស", - "Password successfully changed." : "បាន​ប្ដូរ​ពាក្យ​សម្ងាត់​ដោយ​ជោគជ័យ។", - "Could not change the password. Maybe the old password was not correct." : "មិន​អាច​ប្ដូរ​ពាក្យ​សម្ងាត់​បាន​ទេ។ ប្រហែល​ពាក្យ​សម្ងាត់​ចាស់​មិន​ត្រឹម​ត្រូវ។", - "Enabled" : "បាន​បើក", - "Disabled" : "បាន​បិទ", - "Change Password" : "ប្ដូរ​ពាក្យ​សម្ងាត់" -}, -"nplurals=1; plural=0;"); diff --git a/apps/files_encryption/l10n/km.json b/apps/files_encryption/l10n/km.json deleted file mode 100644 index 26b888c001..0000000000 --- a/apps/files_encryption/l10n/km.json +++ /dev/null @@ -1,9 +0,0 @@ -{ "translations": { - "Unknown error" : "មិន​ស្គាល់​កំហុស", - "Password successfully changed." : "បាន​ប្ដូរ​ពាក្យ​សម្ងាត់​ដោយ​ជោគជ័យ។", - "Could not change the password. Maybe the old password was not correct." : "មិន​អាច​ប្ដូរ​ពាក្យ​សម្ងាត់​បាន​ទេ។ ប្រហែល​ពាក្យ​សម្ងាត់​ចាស់​មិន​ត្រឹម​ត្រូវ។", - "Enabled" : "បាន​បើក", - "Disabled" : "បាន​បិទ", - "Change Password" : "ប្ដូរ​ពាក្យ​សម្ងាត់" -},"pluralForm" :"nplurals=1; plural=0;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/kn.js b/apps/files_encryption/l10n/kn.js deleted file mode 100644 index e8583cc5a9..0000000000 --- a/apps/files_encryption/l10n/kn.js +++ /dev/null @@ -1,8 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "ಗೊತ್ತಿಲ್ಲದ ದೋಷ", - "Enabled" : "ಸಕ್ರಿಯಗೊಳಿಸಿದೆ", - "Disabled" : "ನಿಷ್ಕ್ರಿಯಗೊಳಿಸಲಾಗಿದೆ" -}, -"nplurals=1; plural=0;"); diff --git a/apps/files_encryption/l10n/kn.json b/apps/files_encryption/l10n/kn.json deleted file mode 100644 index ccb4203c40..0000000000 --- a/apps/files_encryption/l10n/kn.json +++ /dev/null @@ -1,6 +0,0 @@ -{ "translations": { - "Unknown error" : "ಗೊತ್ತಿಲ್ಲದ ದೋಷ", - "Enabled" : "ಸಕ್ರಿಯಗೊಳಿಸಿದೆ", - "Disabled" : "ನಿಷ್ಕ್ರಿಯಗೊಳಿಸಲಾಗಿದೆ" -},"pluralForm" :"nplurals=1; plural=0;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/ko.js b/apps/files_encryption/l10n/ko.js deleted file mode 100644 index 3d09c0abff..0000000000 --- a/apps/files_encryption/l10n/ko.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "알 수 없는 오류", - "Missing recovery key password" : "잊어버린 복구 키 암호 복구", - "Please repeat the recovery key password" : "복구 키 암호를 다시 입력하십시오", - "Repeated recovery key password does not match the provided recovery key password" : "입력한 복구 키 암호가 서로 다릅니다", - "Recovery key successfully enabled" : "복구 키가 성공적으로 활성화되었습니다", - "Could not disable recovery key. Please check your recovery key password!" : "복구 키를 비활성화 할 수 없습니다. 복구 키의 암호를 확인해 주십시오!", - "Recovery key successfully disabled" : "복구 키가 성공적으로 비활성화 되었습니다", - "Please provide the old recovery password" : "이전 복구 암호를 입력하십시오", - "Please provide a new recovery password" : "새 복구 암호를 입력하십시오", - "Please repeat the new recovery password" : "새 복구 암호를 다시 입력하십시오", - "Password successfully changed." : "암호가 성공적으로 변경되었습니다", - "Could not change the password. Maybe the old password was not correct." : "암호를 변경할 수 없습니다. 예전 암호가 정확하지 않은 것 같습니다.", - "Could not update the private key password." : "개인 키 암호를 업데이트할 수 없습니다", - "The old password was not correct, please try again." : "이전 암호가 잘못되었습니다. 다시 시도하십시오.", - "The current log-in password was not correct, please try again." : "현재 로그인 암호가 잘못되었습니다. 다시 시도하십시오.", - "Private key password successfully updated." : "개인 키 암호가 성공적으로 업데이트 되었습니다.", - "File recovery settings updated" : "파일 복구 설정 업데이트됨", - "Could not update file recovery" : "파일 복구를 업데이트할 수 없습니다", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "암호화 앱이 초기화되지 않았습니다! 암호화 앱이 다시 활성화된 것 같습니다. 암호화 앱을 초기화하려면 로그아웃했다 다시 로그인하십시오.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "개인 키가 올바르지 않습니다! 암호가 %s 외부에서(예: 회사 디렉터리) 변경된 것 같습니다. 암호화된 파일에 다시 접근하려면 개인 설정에서 개인 키 암호를 수정하십시오.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "이 파일을 복호화할 수 없습니다. 공유된 파일일 수도 있습니다. 파일 소유자에게 공유를 다시 요청하십시오.", - "Unknown error. Please check your system settings or contact your administrator" : "알 수 없는 오류입니다. 시스템 설정을 확인하거나 관리자에게 문의하십시오", - "Initial encryption started... This can take some time. Please wait." : "초기 암호화가 시작되었습니다... 시간이 걸릴 수도 있으니 기다려 주십시오.", - "Initial encryption running... Please try again later." : "초기 암호화가 진행 중입니다... 나중에 다시 시도하십시오.", - "Missing requirements." : "요구 사항이 부족합니다.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "OpenSSL 및 PHP OpenSSL 확장이 활성화되어 있고 올바르게 설정되어 있는지 확인하십시오. 현재 암호화 앱이 비활성화되었습니다.", - "Following users are not set up for encryption:" : "다음 사용자는 암호화를 사용할 수 없습니다:", - "Go directly to your %spersonal settings%s." : "%s개인 설정%s으로 직접 이동하십시오.", - "Server-side Encryption" : "서버 측 암호화", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "암호화 앱이 활성화되어 있지만 키가 초기화되지 않았습니다. 로그아웃한 후 다시 로그인하십시오", - "Enable recovery key (allow to recover users files in case of password loss):" : "복구 키 사용 (암호를 잊었을 때 파일을 복구할 수 있도록 함):", - "Recovery key password" : "복구 키 암호", - "Repeat Recovery key password" : "복구 키 암호 재입력", - "Enabled" : "활성화", - "Disabled" : "비활성화", - "Change recovery key password:" : "복구 키 암호 변경:", - "Old Recovery key password" : "이전 복구 키 암호", - "New Recovery key password" : "새 복구 키 암호", - "Repeat New Recovery key password" : "새 복구 키 암호 재입력", - "Change Password" : "암호 변경", - "Your private key password no longer matches your log-in password." : "개인 키 암호와 로그인 암호가 일치하지 않습니다.", - "Set your old private key password to your current log-in password:" : "기존 개인 키 암호를 로그인 암호와 동일하게 설정하십시오:", - " If you don't remember your old password you can ask your administrator to recover your files." : " 이전 암호가 기억나지 않으면 시스템 관리자에게 파일 복구를 요청하십시오.", - "Old log-in password" : "이전 로그인 암호", - "Current log-in password" : "현재 로그인 암호", - "Update Private Key Password" : "개인 키 암호 업데이트", - "Enable password recovery:" : "암호 복구 사용:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "이 옵션을 사용하면 암호를 잊었을 때 암호화된 파일에 다시 접근할 수 있습니다" -}, -"nplurals=1; plural=0;"); diff --git a/apps/files_encryption/l10n/ko.json b/apps/files_encryption/l10n/ko.json deleted file mode 100644 index 6e6c6f162c..0000000000 --- a/apps/files_encryption/l10n/ko.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "알 수 없는 오류", - "Missing recovery key password" : "잊어버린 복구 키 암호 복구", - "Please repeat the recovery key password" : "복구 키 암호를 다시 입력하십시오", - "Repeated recovery key password does not match the provided recovery key password" : "입력한 복구 키 암호가 서로 다릅니다", - "Recovery key successfully enabled" : "복구 키가 성공적으로 활성화되었습니다", - "Could not disable recovery key. Please check your recovery key password!" : "복구 키를 비활성화 할 수 없습니다. 복구 키의 암호를 확인해 주십시오!", - "Recovery key successfully disabled" : "복구 키가 성공적으로 비활성화 되었습니다", - "Please provide the old recovery password" : "이전 복구 암호를 입력하십시오", - "Please provide a new recovery password" : "새 복구 암호를 입력하십시오", - "Please repeat the new recovery password" : "새 복구 암호를 다시 입력하십시오", - "Password successfully changed." : "암호가 성공적으로 변경되었습니다", - "Could not change the password. Maybe the old password was not correct." : "암호를 변경할 수 없습니다. 예전 암호가 정확하지 않은 것 같습니다.", - "Could not update the private key password." : "개인 키 암호를 업데이트할 수 없습니다", - "The old password was not correct, please try again." : "이전 암호가 잘못되었습니다. 다시 시도하십시오.", - "The current log-in password was not correct, please try again." : "현재 로그인 암호가 잘못되었습니다. 다시 시도하십시오.", - "Private key password successfully updated." : "개인 키 암호가 성공적으로 업데이트 되었습니다.", - "File recovery settings updated" : "파일 복구 설정 업데이트됨", - "Could not update file recovery" : "파일 복구를 업데이트할 수 없습니다", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "암호화 앱이 초기화되지 않았습니다! 암호화 앱이 다시 활성화된 것 같습니다. 암호화 앱을 초기화하려면 로그아웃했다 다시 로그인하십시오.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "개인 키가 올바르지 않습니다! 암호가 %s 외부에서(예: 회사 디렉터리) 변경된 것 같습니다. 암호화된 파일에 다시 접근하려면 개인 설정에서 개인 키 암호를 수정하십시오.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "이 파일을 복호화할 수 없습니다. 공유된 파일일 수도 있습니다. 파일 소유자에게 공유를 다시 요청하십시오.", - "Unknown error. Please check your system settings or contact your administrator" : "알 수 없는 오류입니다. 시스템 설정을 확인하거나 관리자에게 문의하십시오", - "Initial encryption started... This can take some time. Please wait." : "초기 암호화가 시작되었습니다... 시간이 걸릴 수도 있으니 기다려 주십시오.", - "Initial encryption running... Please try again later." : "초기 암호화가 진행 중입니다... 나중에 다시 시도하십시오.", - "Missing requirements." : "요구 사항이 부족합니다.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "OpenSSL 및 PHP OpenSSL 확장이 활성화되어 있고 올바르게 설정되어 있는지 확인하십시오. 현재 암호화 앱이 비활성화되었습니다.", - "Following users are not set up for encryption:" : "다음 사용자는 암호화를 사용할 수 없습니다:", - "Go directly to your %spersonal settings%s." : "%s개인 설정%s으로 직접 이동하십시오.", - "Server-side Encryption" : "서버 측 암호화", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "암호화 앱이 활성화되어 있지만 키가 초기화되지 않았습니다. 로그아웃한 후 다시 로그인하십시오", - "Enable recovery key (allow to recover users files in case of password loss):" : "복구 키 사용 (암호를 잊었을 때 파일을 복구할 수 있도록 함):", - "Recovery key password" : "복구 키 암호", - "Repeat Recovery key password" : "복구 키 암호 재입력", - "Enabled" : "활성화", - "Disabled" : "비활성화", - "Change recovery key password:" : "복구 키 암호 변경:", - "Old Recovery key password" : "이전 복구 키 암호", - "New Recovery key password" : "새 복구 키 암호", - "Repeat New Recovery key password" : "새 복구 키 암호 재입력", - "Change Password" : "암호 변경", - "Your private key password no longer matches your log-in password." : "개인 키 암호와 로그인 암호가 일치하지 않습니다.", - "Set your old private key password to your current log-in password:" : "기존 개인 키 암호를 로그인 암호와 동일하게 설정하십시오:", - " If you don't remember your old password you can ask your administrator to recover your files." : " 이전 암호가 기억나지 않으면 시스템 관리자에게 파일 복구를 요청하십시오.", - "Old log-in password" : "이전 로그인 암호", - "Current log-in password" : "현재 로그인 암호", - "Update Private Key Password" : "개인 키 암호 업데이트", - "Enable password recovery:" : "암호 복구 사용:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "이 옵션을 사용하면 암호를 잊었을 때 암호화된 파일에 다시 접근할 수 있습니다" -},"pluralForm" :"nplurals=1; plural=0;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/ku_IQ.js b/apps/files_encryption/l10n/ku_IQ.js deleted file mode 100644 index 5a036cc525..0000000000 --- a/apps/files_encryption/l10n/ku_IQ.js +++ /dev/null @@ -1,6 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Encryption" : "نهێنیکردن" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/ku_IQ.json b/apps/files_encryption/l10n/ku_IQ.json deleted file mode 100644 index ab30a5a485..0000000000 --- a/apps/files_encryption/l10n/ku_IQ.json +++ /dev/null @@ -1,4 +0,0 @@ -{ "translations": { - "Encryption" : "نهێنیکردن" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/lb.js b/apps/files_encryption/l10n/lb.js deleted file mode 100644 index d5e206fddb..0000000000 --- a/apps/files_encryption/l10n/lb.js +++ /dev/null @@ -1,6 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Et ass en onbekannte Fehler opgetrueden" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/lb.json b/apps/files_encryption/l10n/lb.json deleted file mode 100644 index 8cfee6638f..0000000000 --- a/apps/files_encryption/l10n/lb.json +++ /dev/null @@ -1,4 +0,0 @@ -{ "translations": { - "Unknown error" : "Et ass en onbekannte Fehler opgetrueden" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/lo.js b/apps/files_encryption/l10n/lo.js deleted file mode 100644 index b5b586d102..0000000000 --- a/apps/files_encryption/l10n/lo.js +++ /dev/null @@ -1,6 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "ຂໍ້ຜິດພາດທີ່ບໍ່ຮູ້ສາເຫດ" -}, -"nplurals=1; plural=0;"); diff --git a/apps/files_encryption/l10n/lo.json b/apps/files_encryption/l10n/lo.json deleted file mode 100644 index 1a02813027..0000000000 --- a/apps/files_encryption/l10n/lo.json +++ /dev/null @@ -1,4 +0,0 @@ -{ "translations": { - "Unknown error" : "ຂໍ້ຜິດພາດທີ່ບໍ່ຮູ້ສາເຫດ" -},"pluralForm" :"nplurals=1; plural=0;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/lt_LT.js b/apps/files_encryption/l10n/lt_LT.js deleted file mode 100644 index eb28b3933d..0000000000 --- a/apps/files_encryption/l10n/lt_LT.js +++ /dev/null @@ -1,37 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Neatpažinta klaida", - "Recovery key successfully enabled" : "Atkūrimo raktas sėkmingai įjungtas", - "Could not disable recovery key. Please check your recovery key password!" : "Neišėjo išjungti jūsų atkūrimo rakto. Prašome jį patikrinti!", - "Recovery key successfully disabled" : "Atkūrimo raktas sėkmingai išjungtas", - "Password successfully changed." : "Slaptažodis sėkmingai pakeistas", - "Could not change the password. Maybe the old password was not correct." : "Slaptažodis nebuvo pakeistas. Gali būti, kad buvo neteisingai suvestas senasis.", - "Private key password successfully updated." : "Privataus rakto slaptažodis buvo sėkmingai atnaujintas.", - "File recovery settings updated" : "Failų atkūrimo nustatymai pakeisti", - "Could not update file recovery" : "Neišėjo atnaujinti failų atkūrimo", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Šifravimo programa nepaleista! Galbūt šifravimo programa buvo įjungta dar kartą Jūsų sesijos metu. Prašome atsijungti ir vėl prisijungti, kad paleisti šifravimo programą.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Jūsų privatus raktas yra netinkamas! Panašu, kad Jūsų slaptažodis buvo pakeistas už %s (pvz. Jūsų organizacijos kataloge). Galite atnaujinti savo privataus rakto slaptažodį savo asmeniniuose nustatymuose, kad atkurti prieigą prie savo šifruotų failų.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Failo iššifruoti nepavyko, gali būti jog jis yra pasidalintas su jumis. Paprašykite failo savininko, kad jums iš naujo pateiktų šį failą.", - "Initial encryption started... This can take some time. Please wait." : "Pradėtas pirminis šifravimas... Tai gali užtrukti. Prašome palaukti.", - "Missing requirements." : "Trūkstami laukai.", - "Following users are not set up for encryption:" : "Sekantys naudotojai nenustatyti šifravimui:", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Šifravimo programa įjungta, bet Jūsų raktai nėra pritaikyti. Prašome atsijungti ir vėl prisijungti", - "Enable recovery key (allow to recover users files in case of password loss):" : "Įjunkite atkūrimo raktą, (leisti atkurti naudotojų failus praradus slaptažodį):", - "Recovery key password" : "Atkūrimo rakto slaptažodis", - "Repeat Recovery key password" : "Pakartokite atkūrimo rakto slaptažodį", - "Enabled" : "Įjungta", - "Disabled" : "Išjungta", - "Change recovery key password:" : "Pakeisti atkūrimo rakto slaptažodį:", - "Old Recovery key password" : "Senas atkūrimo rakto slaptažodis", - "New Recovery key password" : "Naujas atkūrimo rakto slaptažodis", - "Repeat New Recovery key password" : "Pakartokite naują atkūrimo rakto slaptažodį", - "Change Password" : "Pakeisti slaptažodį", - " If you don't remember your old password you can ask your administrator to recover your files." : "Jei nepamenate savo seno slaptažodžio, galite paprašyti administratoriaus atkurti Jūsų failus.", - "Old log-in password" : "Senas prisijungimo slaptažodis", - "Current log-in password" : "Dabartinis prisijungimo slaptažodis", - "Update Private Key Password" : "Atnaujinti privataus rakto slaptažodį", - "Enable password recovery:" : "Įjungti slaptažodžio atkūrimą:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Įjungus šią funkciją jums bus suteiktas pakartotinis priėjimas prie Jūsų šifruotų failų pamiršus slaptažodį." -}, -"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && (n%100<10 || n%100>=20) ? 1 : 2);"); diff --git a/apps/files_encryption/l10n/lt_LT.json b/apps/files_encryption/l10n/lt_LT.json deleted file mode 100644 index f77575b5df..0000000000 --- a/apps/files_encryption/l10n/lt_LT.json +++ /dev/null @@ -1,35 +0,0 @@ -{ "translations": { - "Unknown error" : "Neatpažinta klaida", - "Recovery key successfully enabled" : "Atkūrimo raktas sėkmingai įjungtas", - "Could not disable recovery key. Please check your recovery key password!" : "Neišėjo išjungti jūsų atkūrimo rakto. Prašome jį patikrinti!", - "Recovery key successfully disabled" : "Atkūrimo raktas sėkmingai išjungtas", - "Password successfully changed." : "Slaptažodis sėkmingai pakeistas", - "Could not change the password. Maybe the old password was not correct." : "Slaptažodis nebuvo pakeistas. Gali būti, kad buvo neteisingai suvestas senasis.", - "Private key password successfully updated." : "Privataus rakto slaptažodis buvo sėkmingai atnaujintas.", - "File recovery settings updated" : "Failų atkūrimo nustatymai pakeisti", - "Could not update file recovery" : "Neišėjo atnaujinti failų atkūrimo", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Šifravimo programa nepaleista! Galbūt šifravimo programa buvo įjungta dar kartą Jūsų sesijos metu. Prašome atsijungti ir vėl prisijungti, kad paleisti šifravimo programą.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Jūsų privatus raktas yra netinkamas! Panašu, kad Jūsų slaptažodis buvo pakeistas už %s (pvz. Jūsų organizacijos kataloge). Galite atnaujinti savo privataus rakto slaptažodį savo asmeniniuose nustatymuose, kad atkurti prieigą prie savo šifruotų failų.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Failo iššifruoti nepavyko, gali būti jog jis yra pasidalintas su jumis. Paprašykite failo savininko, kad jums iš naujo pateiktų šį failą.", - "Initial encryption started... This can take some time. Please wait." : "Pradėtas pirminis šifravimas... Tai gali užtrukti. Prašome palaukti.", - "Missing requirements." : "Trūkstami laukai.", - "Following users are not set up for encryption:" : "Sekantys naudotojai nenustatyti šifravimui:", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Šifravimo programa įjungta, bet Jūsų raktai nėra pritaikyti. Prašome atsijungti ir vėl prisijungti", - "Enable recovery key (allow to recover users files in case of password loss):" : "Įjunkite atkūrimo raktą, (leisti atkurti naudotojų failus praradus slaptažodį):", - "Recovery key password" : "Atkūrimo rakto slaptažodis", - "Repeat Recovery key password" : "Pakartokite atkūrimo rakto slaptažodį", - "Enabled" : "Įjungta", - "Disabled" : "Išjungta", - "Change recovery key password:" : "Pakeisti atkūrimo rakto slaptažodį:", - "Old Recovery key password" : "Senas atkūrimo rakto slaptažodis", - "New Recovery key password" : "Naujas atkūrimo rakto slaptažodis", - "Repeat New Recovery key password" : "Pakartokite naują atkūrimo rakto slaptažodį", - "Change Password" : "Pakeisti slaptažodį", - " If you don't remember your old password you can ask your administrator to recover your files." : "Jei nepamenate savo seno slaptažodžio, galite paprašyti administratoriaus atkurti Jūsų failus.", - "Old log-in password" : "Senas prisijungimo slaptažodis", - "Current log-in password" : "Dabartinis prisijungimo slaptažodis", - "Update Private Key Password" : "Atnaujinti privataus rakto slaptažodį", - "Enable password recovery:" : "Įjungti slaptažodžio atkūrimą:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Įjungus šią funkciją jums bus suteiktas pakartotinis priėjimas prie Jūsų šifruotų failų pamiršus slaptažodį." -},"pluralForm" :"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && (n%100<10 || n%100>=20) ? 1 : 2);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/lv.js b/apps/files_encryption/l10n/lv.js deleted file mode 100644 index 4c9fd2adad..0000000000 --- a/apps/files_encryption/l10n/lv.js +++ /dev/null @@ -1,8 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Nezināma kļūda", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Šifrēšanas lietotnes ir pieslēgta, bet šifrēšanas atslēgas nav uzstādītas. Lūdzu izejiet no sistēmas un ieejiet sistēmā atpakaļ.", - "Enabled" : "Pievienots" -}, -"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n != 0 ? 1 : 2);"); diff --git a/apps/files_encryption/l10n/lv.json b/apps/files_encryption/l10n/lv.json deleted file mode 100644 index bacaccd6b9..0000000000 --- a/apps/files_encryption/l10n/lv.json +++ /dev/null @@ -1,6 +0,0 @@ -{ "translations": { - "Unknown error" : "Nezināma kļūda", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Šifrēšanas lietotnes ir pieslēgta, bet šifrēšanas atslēgas nav uzstādītas. Lūdzu izejiet no sistēmas un ieejiet sistēmā atpakaļ.", - "Enabled" : "Pievienots" -},"pluralForm" :"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n != 0 ? 1 : 2);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/mk.js b/apps/files_encryption/l10n/mk.js deleted file mode 100644 index 7996856033..0000000000 --- a/apps/files_encryption/l10n/mk.js +++ /dev/null @@ -1,18 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Непозната грешка", - "Password successfully changed." : "Лозинката е успешно променета.", - "Could not change the password. Maybe the old password was not correct." : "Лозинката не можеше да се промени. Можеби старата лозинка не беше исправна.", - "Missing requirements." : "Барања кои недостасуваат.", - "Repeat Recovery key password" : "Повтори ја лозинката за клучот на обновување", - "Enabled" : "Овозможен", - "Disabled" : "Оневозможен", - "Old Recovery key password" : "Старата лозинка за клучот на обновување ", - "Repeat New Recovery key password" : "Повтори ја лозинката за клучот на обновувањето", - "Change Password" : "Смени лозинка", - "Old log-in password" : "Старата лозинка за најавување", - "Current log-in password" : "Тековната лозинка за најавување", - "Enable password recovery:" : "Овозможи го обновувањето на лозинката:" -}, -"nplurals=2; plural=(n % 10 == 1 && n % 100 != 11) ? 0 : 1;"); diff --git a/apps/files_encryption/l10n/mk.json b/apps/files_encryption/l10n/mk.json deleted file mode 100644 index e1929bcfa6..0000000000 --- a/apps/files_encryption/l10n/mk.json +++ /dev/null @@ -1,16 +0,0 @@ -{ "translations": { - "Unknown error" : "Непозната грешка", - "Password successfully changed." : "Лозинката е успешно променета.", - "Could not change the password. Maybe the old password was not correct." : "Лозинката не можеше да се промени. Можеби старата лозинка не беше исправна.", - "Missing requirements." : "Барања кои недостасуваат.", - "Repeat Recovery key password" : "Повтори ја лозинката за клучот на обновување", - "Enabled" : "Овозможен", - "Disabled" : "Оневозможен", - "Old Recovery key password" : "Старата лозинка за клучот на обновување ", - "Repeat New Recovery key password" : "Повтори ја лозинката за клучот на обновувањето", - "Change Password" : "Смени лозинка", - "Old log-in password" : "Старата лозинка за најавување", - "Current log-in password" : "Тековната лозинка за најавување", - "Enable password recovery:" : "Овозможи го обновувањето на лозинката:" -},"pluralForm" :"nplurals=2; plural=(n % 10 == 1 && n % 100 != 11) ? 0 : 1;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/nb_NO.js b/apps/files_encryption/l10n/nb_NO.js deleted file mode 100644 index ff52350f98..0000000000 --- a/apps/files_encryption/l10n/nb_NO.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Ukjent feil", - "Missing recovery key password" : "Passord for gjenopprettingsnøkkel mangler", - "Please repeat the recovery key password" : "Gjenta passord for gjenopprettingsnøkkel", - "Repeated recovery key password does not match the provided recovery key password" : "Gjentatt passord for gjenopprettingsnøkkel stemmer ikke med oppgitt passord for gjenopprettingsnøkkel", - "Recovery key successfully enabled" : "Gjenopprettingsnøkkel aktivert", - "Could not disable recovery key. Please check your recovery key password!" : "Klarte ikke å deaktivere gjenopprettingsnøkkel. Sjekk passordet for gjenopprettingsnøkkelen.", - "Recovery key successfully disabled" : "Gjenopprettingsnøkkel ble deaktivert", - "Please provide the old recovery password" : "Oppgi det gamle gjenopprettingspassordet", - "Please provide a new recovery password" : "Oppgi et nytt gjenopprettingspassord", - "Please repeat the new recovery password" : "Gjenta det nye gjenopprettingspassordet", - "Password successfully changed." : "Passordet ble endret.", - "Could not change the password. Maybe the old password was not correct." : "Klarte ikke å endre passordet. Kanskje gammelt passord ikke var korrekt.", - "Could not update the private key password." : "Klarte ikke å oppdatere privatnøkkelpassordet.", - "The old password was not correct, please try again." : "Det gamle passordet var feil. Prøv igjen.", - "The current log-in password was not correct, please try again." : "Det nåværende innloggingspassordet var feil. Prøv igjen.", - "Private key password successfully updated." : "Passord for privat nøkkel ble oppdatert.", - "File recovery settings updated" : "Innstillinger for gjenoppretting av filer ble oppdatert", - "Could not update file recovery" : "Klarte ikke å oppdatere gjenoppretting av filer", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Krypterings-app ikke initialisert! Kanskje krypterings-appen ble aktivert på nytt i løpet av økten din. Prøv å logge ut og logge inn igjen for å initialisere krypterings-appen.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Din private nøkkel er ikke gyldig! Sannsynligvis ble passordet ditt endret utenfor %s. (f.eks. din bedriftskatalog). Du kan oppdatere passordet for din private nøkkel i dine personlige innstillinger for å gjenvinne tilgang til de krypterte filene dine.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Kan ikke dekryptere denne filen. Dette er sannsynligvis en delt fil. Spør eieren av filen om å dele den med deg på nytt.", - "Unknown error. Please check your system settings or contact your administrator" : "Ukjent feil. Sjekk systeminnstillingene eller kontakt administratoren.", - "Initial encryption started... This can take some time. Please wait." : "Førstegangs kryptering startet... Dette kan ta litt tid. Vennligst vent.", - "Initial encryption running... Please try again later." : "Førstegangs kryptering kjører... Prøv igjen senere.", - "Missing requirements." : "Manglende krav.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Vennligst se til at OpenSSL sammen med PHP-utvidelsen er aktivert og riktig konfigurert. Krypterings-appen er foreløpig deaktivert.", - "Following users are not set up for encryption:" : "Følgende brukere er ikke satt opp for kryptering:", - "Go directly to your %spersonal settings%s." : "Gå direkte til dine %spersonlige innstillinger%s.", - "Server-side Encryption" : "Serverkryptering", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "App for kryptering er aktivert men nøklene dine er ikke satt opp. Logg ut og logg inn igjen.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Aktiver gjenopprettingsnøkkel (tillat å gjenopprette brukerfiler i tilfelle tap av passord):", - "Recovery key password" : "Passord for gjenopprettingsnøkkel", - "Repeat Recovery key password" : "Gjenta passord for gjenopprettingsnøkkel", - "Enabled" : "Aktiv", - "Disabled" : "Inaktiv", - "Change recovery key password:" : "Endre passord for gjenopprettingsnøkkel:", - "Old Recovery key password" : "Gammelt passord for gjenopprettingsnøkkel", - "New Recovery key password" : "Nytt passord for gjenopprettingsnøkkel", - "Repeat New Recovery key password" : "Gjenta nytt passord for gjenopprettingsnøkkel", - "Change Password" : "Endre passord", - "Your private key password no longer matches your log-in password." : "Passordet for din private nøkkel stemmer ikke lenger med påloggingspassordet ditt.", - "Set your old private key password to your current log-in password:" : "Sett ditt gamle passord for privat nøkkel til ditt nåværende påloggingspassord:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Hvis du ikke husker det gamle passordet ditt kan du spørre administratoren om å gjenopprette filene dine.", - "Old log-in password" : "Gammelt påloggingspassord", - "Current log-in password" : "Nåværende påloggingspassord", - "Update Private Key Password" : "Oppdater passord for privat nøkkel", - "Enable password recovery:" : "Aktiver gjenoppretting av passord:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Aktivering av dette valget tillater deg å gjenerobre tilgang til dine krypterte filer i tilfelle du mister passordet ditt." -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/nb_NO.json b/apps/files_encryption/l10n/nb_NO.json deleted file mode 100644 index 3aa4ec9e86..0000000000 --- a/apps/files_encryption/l10n/nb_NO.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Ukjent feil", - "Missing recovery key password" : "Passord for gjenopprettingsnøkkel mangler", - "Please repeat the recovery key password" : "Gjenta passord for gjenopprettingsnøkkel", - "Repeated recovery key password does not match the provided recovery key password" : "Gjentatt passord for gjenopprettingsnøkkel stemmer ikke med oppgitt passord for gjenopprettingsnøkkel", - "Recovery key successfully enabled" : "Gjenopprettingsnøkkel aktivert", - "Could not disable recovery key. Please check your recovery key password!" : "Klarte ikke å deaktivere gjenopprettingsnøkkel. Sjekk passordet for gjenopprettingsnøkkelen.", - "Recovery key successfully disabled" : "Gjenopprettingsnøkkel ble deaktivert", - "Please provide the old recovery password" : "Oppgi det gamle gjenopprettingspassordet", - "Please provide a new recovery password" : "Oppgi et nytt gjenopprettingspassord", - "Please repeat the new recovery password" : "Gjenta det nye gjenopprettingspassordet", - "Password successfully changed." : "Passordet ble endret.", - "Could not change the password. Maybe the old password was not correct." : "Klarte ikke å endre passordet. Kanskje gammelt passord ikke var korrekt.", - "Could not update the private key password." : "Klarte ikke å oppdatere privatnøkkelpassordet.", - "The old password was not correct, please try again." : "Det gamle passordet var feil. Prøv igjen.", - "The current log-in password was not correct, please try again." : "Det nåværende innloggingspassordet var feil. Prøv igjen.", - "Private key password successfully updated." : "Passord for privat nøkkel ble oppdatert.", - "File recovery settings updated" : "Innstillinger for gjenoppretting av filer ble oppdatert", - "Could not update file recovery" : "Klarte ikke å oppdatere gjenoppretting av filer", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Krypterings-app ikke initialisert! Kanskje krypterings-appen ble aktivert på nytt i løpet av økten din. Prøv å logge ut og logge inn igjen for å initialisere krypterings-appen.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Din private nøkkel er ikke gyldig! Sannsynligvis ble passordet ditt endret utenfor %s. (f.eks. din bedriftskatalog). Du kan oppdatere passordet for din private nøkkel i dine personlige innstillinger for å gjenvinne tilgang til de krypterte filene dine.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Kan ikke dekryptere denne filen. Dette er sannsynligvis en delt fil. Spør eieren av filen om å dele den med deg på nytt.", - "Unknown error. Please check your system settings or contact your administrator" : "Ukjent feil. Sjekk systeminnstillingene eller kontakt administratoren.", - "Initial encryption started... This can take some time. Please wait." : "Førstegangs kryptering startet... Dette kan ta litt tid. Vennligst vent.", - "Initial encryption running... Please try again later." : "Førstegangs kryptering kjører... Prøv igjen senere.", - "Missing requirements." : "Manglende krav.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Vennligst se til at OpenSSL sammen med PHP-utvidelsen er aktivert og riktig konfigurert. Krypterings-appen er foreløpig deaktivert.", - "Following users are not set up for encryption:" : "Følgende brukere er ikke satt opp for kryptering:", - "Go directly to your %spersonal settings%s." : "Gå direkte til dine %spersonlige innstillinger%s.", - "Server-side Encryption" : "Serverkryptering", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "App for kryptering er aktivert men nøklene dine er ikke satt opp. Logg ut og logg inn igjen.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Aktiver gjenopprettingsnøkkel (tillat å gjenopprette brukerfiler i tilfelle tap av passord):", - "Recovery key password" : "Passord for gjenopprettingsnøkkel", - "Repeat Recovery key password" : "Gjenta passord for gjenopprettingsnøkkel", - "Enabled" : "Aktiv", - "Disabled" : "Inaktiv", - "Change recovery key password:" : "Endre passord for gjenopprettingsnøkkel:", - "Old Recovery key password" : "Gammelt passord for gjenopprettingsnøkkel", - "New Recovery key password" : "Nytt passord for gjenopprettingsnøkkel", - "Repeat New Recovery key password" : "Gjenta nytt passord for gjenopprettingsnøkkel", - "Change Password" : "Endre passord", - "Your private key password no longer matches your log-in password." : "Passordet for din private nøkkel stemmer ikke lenger med påloggingspassordet ditt.", - "Set your old private key password to your current log-in password:" : "Sett ditt gamle passord for privat nøkkel til ditt nåværende påloggingspassord:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Hvis du ikke husker det gamle passordet ditt kan du spørre administratoren om å gjenopprette filene dine.", - "Old log-in password" : "Gammelt påloggingspassord", - "Current log-in password" : "Nåværende påloggingspassord", - "Update Private Key Password" : "Oppdater passord for privat nøkkel", - "Enable password recovery:" : "Aktiver gjenoppretting av passord:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Aktivering av dette valget tillater deg å gjenerobre tilgang til dine krypterte filer i tilfelle du mister passordet ditt." -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/nl.js b/apps/files_encryption/l10n/nl.js deleted file mode 100644 index 1100abd76f..0000000000 --- a/apps/files_encryption/l10n/nl.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Onbekende fout", - "Missing recovery key password" : "Ontbrekende wachtwoord herstelsleutel", - "Please repeat the recovery key password" : "Herhaal het herstelsleutel wachtwoord", - "Repeated recovery key password does not match the provided recovery key password" : "Het herhaalde herstelsleutel wachtwoord kwam niet overeen met het eerdere herstelsleutel wachtwoord ", - "Recovery key successfully enabled" : "Herstelsleutel succesvol geactiveerd", - "Could not disable recovery key. Please check your recovery key password!" : "Kon herstelsleutel niet deactiveren. Controleer het wachtwoord van uw herstelsleutel!", - "Recovery key successfully disabled" : "Herstelsleutel succesvol gedeactiveerd", - "Please provide the old recovery password" : "Geef het oude herstelwachtwoord op", - "Please provide a new recovery password" : "Geef een nieuw herstelwachtwoord op", - "Please repeat the new recovery password" : "Herhaal het nieuwe herstelwachtwoord", - "Password successfully changed." : "Wachtwoord succesvol gewijzigd.", - "Could not change the password. Maybe the old password was not correct." : "Kon wachtwoord niet wijzigen. Wellicht oude wachtwoord niet juist ingevoerd.", - "Could not update the private key password." : "Kon het wachtwoord van de privésleutel niet bijwerken.", - "The old password was not correct, please try again." : "Het oude wachtwoord was onjuist, probeer het opnieuw.", - "The current log-in password was not correct, please try again." : "Het huidige inlogwachtwoord was niet juist, probeer het opnieuw.", - "Private key password successfully updated." : "Privésleutel succesvol bijgewerkt.", - "File recovery settings updated" : "Bestandsherstel instellingen bijgewerkt", - "Could not update file recovery" : "Kon bestandsherstel niet bijwerken", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Crypto app niet geïnitialiseerd. Misschien werd de crypto app geheractiveerd tijdens de sessie. Log uit en log daarna opnieuw in om de crypto app te initialiseren.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Uw privésleutel is niet geldig! Waarschijnlijk is uw wachtwoord gewijzigd buiten %s (bijv. uw corporate directory). U kunt uw privésleutel wachtwoord in uw persoonlijke instellingen bijwerken om toegang te krijgen tot uw versleutelde bestanden.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Kan dit bestand niet ontcijferen, waarschijnlijk is het een gedeeld bestand, Vraag de eigenaar om het bestand opnieuw met u te delen.", - "Unknown error. Please check your system settings or contact your administrator" : "Onbekende fout. Controleer uw systeeminstellingen of neem contact op met de beheerder", - "Initial encryption started... This can take some time. Please wait." : "initiële versleuteling gestart... Dit kan even duren, geduld a.u.b.", - "Initial encryption running... Please try again later." : "Initiële versleuteling bezig... Probeer het later opnieuw.", - "Missing requirements." : "Missende benodigdheden.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Weed er zeker van dat OpenSSL met de PHP extensie is ingeschakeld en goed geconfigureerd. Op dit moment is de encryptie app uitgeschakeld.", - "Following users are not set up for encryption:" : "De volgende gebruikers hebben geen configuratie voor encryptie:", - "Go directly to your %spersonal settings%s." : "Ga direct naar uw %spersoonlijke instellingen%s.", - "Server-side Encryption" : "Server-side versleuteling", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Crypto app is geactiveerd, maar uw sleutels werden niet geïnitialiseerd. Log uit en log daarna opnieuw in.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Activeren herstelsleutel (maakt het mogelijk om gebruikersbestanden terug te halen in geval van verlies van het wachtwoord):", - "Recovery key password" : "Wachtwoord herstelsleulel", - "Repeat Recovery key password" : "Herhaal het herstelsleutel wachtwoord", - "Enabled" : "Geactiveerd", - "Disabled" : "Gedeactiveerd", - "Change recovery key password:" : "Wijzig wachtwoord herstelsleutel:", - "Old Recovery key password" : "Oude wachtwoord herstelsleutel", - "New Recovery key password" : "Nieuwe wachtwoord herstelsleutel", - "Repeat New Recovery key password" : "Herhaal het nieuwe herstelsleutel wachtwoord", - "Change Password" : "Wijzigen wachtwoord", - "Your private key password no longer matches your log-in password." : "Het wachtwoord van uw privésleutel komt niet meer overeen met uw inlogwachtwoord.", - "Set your old private key password to your current log-in password:" : "Stel het wachtwoord van uw oude privésleutel in op uw huidige inlogwachtwoord.", - " If you don't remember your old password you can ask your administrator to recover your files." : "Als u uw oude wachtwoord niet meer weet, kunt u uw beheerder vragen uw bestanden terug te halen.", - "Old log-in password" : "Oude wachtwoord", - "Current log-in password" : "Huidige wachtwoord", - "Update Private Key Password" : "Bijwerken wachtwoord Privésleutel", - "Enable password recovery:" : "Activeren wachtwoord herstel:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Het activeren van deze optie maakt het mogelijk om uw versleutelde bestanden te benaderen als uw wachtwoord kwijt is" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/nl.json b/apps/files_encryption/l10n/nl.json deleted file mode 100644 index dab88f4a2e..0000000000 --- a/apps/files_encryption/l10n/nl.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Onbekende fout", - "Missing recovery key password" : "Ontbrekende wachtwoord herstelsleutel", - "Please repeat the recovery key password" : "Herhaal het herstelsleutel wachtwoord", - "Repeated recovery key password does not match the provided recovery key password" : "Het herhaalde herstelsleutel wachtwoord kwam niet overeen met het eerdere herstelsleutel wachtwoord ", - "Recovery key successfully enabled" : "Herstelsleutel succesvol geactiveerd", - "Could not disable recovery key. Please check your recovery key password!" : "Kon herstelsleutel niet deactiveren. Controleer het wachtwoord van uw herstelsleutel!", - "Recovery key successfully disabled" : "Herstelsleutel succesvol gedeactiveerd", - "Please provide the old recovery password" : "Geef het oude herstelwachtwoord op", - "Please provide a new recovery password" : "Geef een nieuw herstelwachtwoord op", - "Please repeat the new recovery password" : "Herhaal het nieuwe herstelwachtwoord", - "Password successfully changed." : "Wachtwoord succesvol gewijzigd.", - "Could not change the password. Maybe the old password was not correct." : "Kon wachtwoord niet wijzigen. Wellicht oude wachtwoord niet juist ingevoerd.", - "Could not update the private key password." : "Kon het wachtwoord van de privésleutel niet bijwerken.", - "The old password was not correct, please try again." : "Het oude wachtwoord was onjuist, probeer het opnieuw.", - "The current log-in password was not correct, please try again." : "Het huidige inlogwachtwoord was niet juist, probeer het opnieuw.", - "Private key password successfully updated." : "Privésleutel succesvol bijgewerkt.", - "File recovery settings updated" : "Bestandsherstel instellingen bijgewerkt", - "Could not update file recovery" : "Kon bestandsherstel niet bijwerken", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Crypto app niet geïnitialiseerd. Misschien werd de crypto app geheractiveerd tijdens de sessie. Log uit en log daarna opnieuw in om de crypto app te initialiseren.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Uw privésleutel is niet geldig! Waarschijnlijk is uw wachtwoord gewijzigd buiten %s (bijv. uw corporate directory). U kunt uw privésleutel wachtwoord in uw persoonlijke instellingen bijwerken om toegang te krijgen tot uw versleutelde bestanden.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Kan dit bestand niet ontcijferen, waarschijnlijk is het een gedeeld bestand, Vraag de eigenaar om het bestand opnieuw met u te delen.", - "Unknown error. Please check your system settings or contact your administrator" : "Onbekende fout. Controleer uw systeeminstellingen of neem contact op met de beheerder", - "Initial encryption started... This can take some time. Please wait." : "initiële versleuteling gestart... Dit kan even duren, geduld a.u.b.", - "Initial encryption running... Please try again later." : "Initiële versleuteling bezig... Probeer het later opnieuw.", - "Missing requirements." : "Missende benodigdheden.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Weed er zeker van dat OpenSSL met de PHP extensie is ingeschakeld en goed geconfigureerd. Op dit moment is de encryptie app uitgeschakeld.", - "Following users are not set up for encryption:" : "De volgende gebruikers hebben geen configuratie voor encryptie:", - "Go directly to your %spersonal settings%s." : "Ga direct naar uw %spersoonlijke instellingen%s.", - "Server-side Encryption" : "Server-side versleuteling", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Crypto app is geactiveerd, maar uw sleutels werden niet geïnitialiseerd. Log uit en log daarna opnieuw in.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Activeren herstelsleutel (maakt het mogelijk om gebruikersbestanden terug te halen in geval van verlies van het wachtwoord):", - "Recovery key password" : "Wachtwoord herstelsleulel", - "Repeat Recovery key password" : "Herhaal het herstelsleutel wachtwoord", - "Enabled" : "Geactiveerd", - "Disabled" : "Gedeactiveerd", - "Change recovery key password:" : "Wijzig wachtwoord herstelsleutel:", - "Old Recovery key password" : "Oude wachtwoord herstelsleutel", - "New Recovery key password" : "Nieuwe wachtwoord herstelsleutel", - "Repeat New Recovery key password" : "Herhaal het nieuwe herstelsleutel wachtwoord", - "Change Password" : "Wijzigen wachtwoord", - "Your private key password no longer matches your log-in password." : "Het wachtwoord van uw privésleutel komt niet meer overeen met uw inlogwachtwoord.", - "Set your old private key password to your current log-in password:" : "Stel het wachtwoord van uw oude privésleutel in op uw huidige inlogwachtwoord.", - " If you don't remember your old password you can ask your administrator to recover your files." : "Als u uw oude wachtwoord niet meer weet, kunt u uw beheerder vragen uw bestanden terug te halen.", - "Old log-in password" : "Oude wachtwoord", - "Current log-in password" : "Huidige wachtwoord", - "Update Private Key Password" : "Bijwerken wachtwoord Privésleutel", - "Enable password recovery:" : "Activeren wachtwoord herstel:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Het activeren van deze optie maakt het mogelijk om uw versleutelde bestanden te benaderen als uw wachtwoord kwijt is" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/nn_NO.js b/apps/files_encryption/l10n/nn_NO.js deleted file mode 100644 index 9cfe232080..0000000000 --- a/apps/files_encryption/l10n/nn_NO.js +++ /dev/null @@ -1,6 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Ukjend feil" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/nn_NO.json b/apps/files_encryption/l10n/nn_NO.json deleted file mode 100644 index 347c208814..0000000000 --- a/apps/files_encryption/l10n/nn_NO.json +++ /dev/null @@ -1,4 +0,0 @@ -{ "translations": { - "Unknown error" : "Ukjend feil" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/pa.js b/apps/files_encryption/l10n/pa.js deleted file mode 100644 index f61063e945..0000000000 --- a/apps/files_encryption/l10n/pa.js +++ /dev/null @@ -1,6 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "ਅਣਜਾਣ ਗਲਤੀ" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/pa.json b/apps/files_encryption/l10n/pa.json deleted file mode 100644 index 41690f3aa3..0000000000 --- a/apps/files_encryption/l10n/pa.json +++ /dev/null @@ -1,4 +0,0 @@ -{ "translations": { - "Unknown error" : "ਅਣਜਾਣ ਗਲਤੀ" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/pl.js b/apps/files_encryption/l10n/pl.js deleted file mode 100644 index c53d1e12cc..0000000000 --- a/apps/files_encryption/l10n/pl.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Nieznany błąd", - "Missing recovery key password" : "Brakujące hasło klucza odzyskiwania", - "Please repeat the recovery key password" : "Proszę powtórz nowe hasło klucza odzyskiwania", - "Repeated recovery key password does not match the provided recovery key password" : "Hasła klucza odzyskiwania nie zgadzają się", - "Recovery key successfully enabled" : "Klucz odzyskiwania włączony", - "Could not disable recovery key. Please check your recovery key password!" : "Nie można wyłączyć klucza odzyskiwania. Proszę sprawdzić swoje hasło odzyskiwania!", - "Recovery key successfully disabled" : "Klucz odzyskiwania wyłączony", - "Please provide the old recovery password" : "Podaj stare hasło odzyskiwania", - "Please provide a new recovery password" : "Podaj nowe hasło odzyskiwania", - "Please repeat the new recovery password" : "Proszę powtórz nowe hasło odzyskiwania", - "Password successfully changed." : "Zmiana hasła udana.", - "Could not change the password. Maybe the old password was not correct." : "Nie można zmienić hasła. Może stare hasło nie było poprawne.", - "Could not update the private key password." : "Nie można zmienić hasła klucza prywatnego.", - "The old password was not correct, please try again." : "Stare hasło nie było poprawne. Spróbuj jeszcze raz.", - "The current log-in password was not correct, please try again." : "Obecne hasło logowania nie było poprawne. Spróbuj ponownie.", - "Private key password successfully updated." : "Pomyślnie zaktualizowano hasło klucza prywatnego.", - "File recovery settings updated" : "Ustawienia odzyskiwania plików zmienione", - "Could not update file recovery" : "Nie można zmienić pliku odzyskiwania", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Szyfrowanie aplikacja nie została zainicjowane! Może szyfrowanie aplikacji zostało ponownie włączone podczas tej sesji. Spróbuj się wylogować i zalogować ponownie aby zainicjować szyfrowanie aplikacji.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Klucz prywatny nie jest poprawny! Prawdopodobnie Twoje hasło zostało zmienione poza %s (np. w katalogu firmy). Aby odzyskać dostęp do zaszyfrowanych plików można zaktualizować hasło klucza prywatnego w ustawieniach osobistych.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Nie można odszyfrować tego pliku, prawdopodobnie jest to plik udostępniony. Poproś właściciela pliku o ponowne udostępnianie pliku Tobie.", - "Unknown error. Please check your system settings or contact your administrator" : "Nieznany błąd. Proszę sprawdzić ustawienia systemowe lub skontaktować się z administratorem", - "Initial encryption started... This can take some time. Please wait." : "Rozpoczęto szyfrowanie... To może chwilę potrwać. Proszę czekać.", - "Initial encryption running... Please try again later." : "Trwa szyfrowanie początkowe...Spróbuj ponownie.", - "Missing requirements." : "Brak wymagań.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Upewnij się, że OpenSSL jest włączony razem z rozszerzeniem PHP i poprawnie skonfigurowany, Obecnie aplikacja szyfrowania została wyłączona.", - "Following users are not set up for encryption:" : "Następujący użytkownicy nie mają skonfigurowanego szyfrowania:", - "Go directly to your %spersonal settings%s." : "Przejdź bezpośrednio do %spersonal settings%s.", - "Server-side Encryption" : "Szyfrowanie po stronie serwera", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplikacja szyfrująca jest aktywna, ale twoje klucze nie zostały zainicjowane, prosze wyloguj się i zaloguj ponownie.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Włączhasło klucza odzyskiwania (pozwala odzyskać pliki użytkowników w przypadku utraty hasła):", - "Recovery key password" : "Hasło klucza odzyskiwania", - "Repeat Recovery key password" : "Powtórz hasło klucza odzyskiwania", - "Enabled" : "Włączone", - "Disabled" : "Wyłączone", - "Change recovery key password:" : "Zmień hasło klucza odzyskiwania", - "Old Recovery key password" : "Stare hasło klucza odzyskiwania", - "New Recovery key password" : "Nowe hasło klucza odzyskiwania", - "Repeat New Recovery key password" : "Powtórz nowe hasło klucza odzyskiwania", - "Change Password" : "Zmień hasło", - "Your private key password no longer matches your log-in password." : "Hasło Twojego klucza prywatnego nie pasuje już do Twojego hasła logowania.", - "Set your old private key password to your current log-in password:" : "Ustaw stare hasło klucza prywatnego na aktualne hasło logowania:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Jeśli nie pamiętasz swojego starego hasła, poproś swojego administratora, aby odzyskać pliki.", - "Old log-in password" : "Stare hasło logowania", - "Current log-in password" : "Bieżące hasło logowania", - "Update Private Key Password" : "Aktualizacja hasła klucza prywatnego", - "Enable password recovery:" : "Włącz hasło odzyskiwania:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Włączenie tej opcji umożliwia otrzymać dostęp do zaszyfrowanych plików w przypadku utraty hasła" -}, -"nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);"); diff --git a/apps/files_encryption/l10n/pl.json b/apps/files_encryption/l10n/pl.json deleted file mode 100644 index d9d22b2c32..0000000000 --- a/apps/files_encryption/l10n/pl.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Nieznany błąd", - "Missing recovery key password" : "Brakujące hasło klucza odzyskiwania", - "Please repeat the recovery key password" : "Proszę powtórz nowe hasło klucza odzyskiwania", - "Repeated recovery key password does not match the provided recovery key password" : "Hasła klucza odzyskiwania nie zgadzają się", - "Recovery key successfully enabled" : "Klucz odzyskiwania włączony", - "Could not disable recovery key. Please check your recovery key password!" : "Nie można wyłączyć klucza odzyskiwania. Proszę sprawdzić swoje hasło odzyskiwania!", - "Recovery key successfully disabled" : "Klucz odzyskiwania wyłączony", - "Please provide the old recovery password" : "Podaj stare hasło odzyskiwania", - "Please provide a new recovery password" : "Podaj nowe hasło odzyskiwania", - "Please repeat the new recovery password" : "Proszę powtórz nowe hasło odzyskiwania", - "Password successfully changed." : "Zmiana hasła udana.", - "Could not change the password. Maybe the old password was not correct." : "Nie można zmienić hasła. Może stare hasło nie było poprawne.", - "Could not update the private key password." : "Nie można zmienić hasła klucza prywatnego.", - "The old password was not correct, please try again." : "Stare hasło nie było poprawne. Spróbuj jeszcze raz.", - "The current log-in password was not correct, please try again." : "Obecne hasło logowania nie było poprawne. Spróbuj ponownie.", - "Private key password successfully updated." : "Pomyślnie zaktualizowano hasło klucza prywatnego.", - "File recovery settings updated" : "Ustawienia odzyskiwania plików zmienione", - "Could not update file recovery" : "Nie można zmienić pliku odzyskiwania", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Szyfrowanie aplikacja nie została zainicjowane! Może szyfrowanie aplikacji zostało ponownie włączone podczas tej sesji. Spróbuj się wylogować i zalogować ponownie aby zainicjować szyfrowanie aplikacji.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Klucz prywatny nie jest poprawny! Prawdopodobnie Twoje hasło zostało zmienione poza %s (np. w katalogu firmy). Aby odzyskać dostęp do zaszyfrowanych plików można zaktualizować hasło klucza prywatnego w ustawieniach osobistych.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Nie można odszyfrować tego pliku, prawdopodobnie jest to plik udostępniony. Poproś właściciela pliku o ponowne udostępnianie pliku Tobie.", - "Unknown error. Please check your system settings or contact your administrator" : "Nieznany błąd. Proszę sprawdzić ustawienia systemowe lub skontaktować się z administratorem", - "Initial encryption started... This can take some time. Please wait." : "Rozpoczęto szyfrowanie... To może chwilę potrwać. Proszę czekać.", - "Initial encryption running... Please try again later." : "Trwa szyfrowanie początkowe...Spróbuj ponownie.", - "Missing requirements." : "Brak wymagań.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Upewnij się, że OpenSSL jest włączony razem z rozszerzeniem PHP i poprawnie skonfigurowany, Obecnie aplikacja szyfrowania została wyłączona.", - "Following users are not set up for encryption:" : "Następujący użytkownicy nie mają skonfigurowanego szyfrowania:", - "Go directly to your %spersonal settings%s." : "Przejdź bezpośrednio do %spersonal settings%s.", - "Server-side Encryption" : "Szyfrowanie po stronie serwera", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplikacja szyfrująca jest aktywna, ale twoje klucze nie zostały zainicjowane, prosze wyloguj się i zaloguj ponownie.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Włączhasło klucza odzyskiwania (pozwala odzyskać pliki użytkowników w przypadku utraty hasła):", - "Recovery key password" : "Hasło klucza odzyskiwania", - "Repeat Recovery key password" : "Powtórz hasło klucza odzyskiwania", - "Enabled" : "Włączone", - "Disabled" : "Wyłączone", - "Change recovery key password:" : "Zmień hasło klucza odzyskiwania", - "Old Recovery key password" : "Stare hasło klucza odzyskiwania", - "New Recovery key password" : "Nowe hasło klucza odzyskiwania", - "Repeat New Recovery key password" : "Powtórz nowe hasło klucza odzyskiwania", - "Change Password" : "Zmień hasło", - "Your private key password no longer matches your log-in password." : "Hasło Twojego klucza prywatnego nie pasuje już do Twojego hasła logowania.", - "Set your old private key password to your current log-in password:" : "Ustaw stare hasło klucza prywatnego na aktualne hasło logowania:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Jeśli nie pamiętasz swojego starego hasła, poproś swojego administratora, aby odzyskać pliki.", - "Old log-in password" : "Stare hasło logowania", - "Current log-in password" : "Bieżące hasło logowania", - "Update Private Key Password" : "Aktualizacja hasła klucza prywatnego", - "Enable password recovery:" : "Włącz hasło odzyskiwania:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Włączenie tej opcji umożliwia otrzymać dostęp do zaszyfrowanych plików w przypadku utraty hasła" -},"pluralForm" :"nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/pt_BR.js b/apps/files_encryption/l10n/pt_BR.js deleted file mode 100644 index 4dd588929e..0000000000 --- a/apps/files_encryption/l10n/pt_BR.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Erro desconhecido", - "Missing recovery key password" : "Senha da chave de recuperação em falta", - "Please repeat the recovery key password" : "Por favor, repita a senha da chave de recuperação", - "Repeated recovery key password does not match the provided recovery key password" : "A senha repetidas da chave de valorização não corresponde a senha da chave de recuperação prevista", - "Recovery key successfully enabled" : "Recuperação de chave habilitada com sucesso", - "Could not disable recovery key. Please check your recovery key password!" : "Impossível desabilitar recuperação de chave. Por favor verifique sua senha para recuperação de chave!", - "Recovery key successfully disabled" : "Recuperação de chave desabilitada com sucesso", - "Please provide the old recovery password" : "Por favor, forneça a antiga senha de recuperação", - "Please provide a new recovery password" : "Por favor, forneça a nova senha de recuperação", - "Please repeat the new recovery password" : "Por favor, repita a nova senha de recuperação", - "Password successfully changed." : "Senha alterada com sucesso.", - "Could not change the password. Maybe the old password was not correct." : "Não foi possível alterar a senha. Talvez a senha antiga não estava correta.", - "Could not update the private key password." : "Não foi possível atualizar a senha da chave privada.", - "The old password was not correct, please try again." : "A senha antiga não estava correta, por favor, tente novamente.", - "The current log-in password was not correct, please try again." : "A senha atual do log-in não estava correta, por favor, tente novamente.", - "Private key password successfully updated." : "Senha de chave privada atualizada com sucesso.", - "File recovery settings updated" : "Configurações de recuperação de arquivo atualizado", - "Could not update file recovery" : "Não foi possível atualizar a recuperação de arquivos", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Aplicativo de criptografia não foi inicializado! Talvez o aplicativo de criptografia tenha sido reativado durante essa sessão. Por favor, tente fazer logoff e login novamente para inicializar o aplicativo de criptografia.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Sua chave privada não é válida! Provavelmente sua senha foi alterada fora de %s (por exemplo, seu diretório corporativo). Você pode atualizar sua senha de chave privada em suas configurações pessoais para recuperar o acesso a seus arquivos criptografados.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Este arquivo não pode ser decriptado, provavelmente este é um arquivo compartilhado. Poe favoe peça ao dono do arquivo para compartilha-lo com você.", - "Unknown error. Please check your system settings or contact your administrator" : "Erro desconhecido. Por favor, verifique as configurações do sistema ou entre em contato com o administrador", - "Initial encryption started... This can take some time. Please wait." : "Criptografia inicial inicializada... Isto pode tomar algum tempo. Por favor espere.", - "Initial encryption running... Please try again later." : "Criptografia inicial em execução ... Por favor, tente novamente mais tarde.", - "Missing requirements." : "Requisitos não encontrados.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Por favor, certifique-se de que o OpenSSL em conjunto com a extensão PHP está habilitado e configurado corretamente. Por enquanto, o aplicativo de criptografia foi desativado.", - "Following users are not set up for encryption:" : "Seguintes usuários não estão configurados para criptografia:", - "Go directly to your %spersonal settings%s." : "Ir direto para suas %spersonal settings%s.", - "Server-side Encryption" : "Criptografia do lado do servidor", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "App de criptografia está ativado, mas as chaves não estão inicializadas, por favor log-out e faça login novamente", - "Enable recovery key (allow to recover users files in case of password loss):" : "Habilitar chave de recuperação (permite recuperar arquivos de usuários em caso de perda de senha):", - "Recovery key password" : "Senha da chave de recuperação", - "Repeat Recovery key password" : "Repita Recuperação de senha da chave", - "Enabled" : "Habilitado", - "Disabled" : "Desabilitado", - "Change recovery key password:" : "Mudar a senha da chave de recuperação:", - "Old Recovery key password" : "Senha antiga da chave de recuperação", - "New Recovery key password" : "Nova senha da chave de recuperação", - "Repeat New Recovery key password" : "Repita Nova senha da chave de recuperação", - "Change Password" : "Trocar Senha", - "Your private key password no longer matches your log-in password." : "A sua senha de chave privada não corresponde a sua senha de login.", - "Set your old private key password to your current log-in password:" : "Defina a sua antiga senha da chave privada para sua senha de login atual:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Se você não se lembra de sua antiga senha você pode pedir ao administrador que recupere seus arquivos.", - "Old log-in password" : "Senha antiga de login", - "Current log-in password" : "Senha de login atual", - "Update Private Key Password" : "Atualizar Senha de Chave Privada", - "Enable password recovery:" : "Habilitar recuperação de senha:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Habilitar essa opção vai permitir que você obtenha novamente acesso aos seus arquivos encriptados em caso de perda de senha" -}, -"nplurals=2; plural=(n > 1);"); diff --git a/apps/files_encryption/l10n/pt_BR.json b/apps/files_encryption/l10n/pt_BR.json deleted file mode 100644 index 59484331a5..0000000000 --- a/apps/files_encryption/l10n/pt_BR.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Erro desconhecido", - "Missing recovery key password" : "Senha da chave de recuperação em falta", - "Please repeat the recovery key password" : "Por favor, repita a senha da chave de recuperação", - "Repeated recovery key password does not match the provided recovery key password" : "A senha repetidas da chave de valorização não corresponde a senha da chave de recuperação prevista", - "Recovery key successfully enabled" : "Recuperação de chave habilitada com sucesso", - "Could not disable recovery key. Please check your recovery key password!" : "Impossível desabilitar recuperação de chave. Por favor verifique sua senha para recuperação de chave!", - "Recovery key successfully disabled" : "Recuperação de chave desabilitada com sucesso", - "Please provide the old recovery password" : "Por favor, forneça a antiga senha de recuperação", - "Please provide a new recovery password" : "Por favor, forneça a nova senha de recuperação", - "Please repeat the new recovery password" : "Por favor, repita a nova senha de recuperação", - "Password successfully changed." : "Senha alterada com sucesso.", - "Could not change the password. Maybe the old password was not correct." : "Não foi possível alterar a senha. Talvez a senha antiga não estava correta.", - "Could not update the private key password." : "Não foi possível atualizar a senha da chave privada.", - "The old password was not correct, please try again." : "A senha antiga não estava correta, por favor, tente novamente.", - "The current log-in password was not correct, please try again." : "A senha atual do log-in não estava correta, por favor, tente novamente.", - "Private key password successfully updated." : "Senha de chave privada atualizada com sucesso.", - "File recovery settings updated" : "Configurações de recuperação de arquivo atualizado", - "Could not update file recovery" : "Não foi possível atualizar a recuperação de arquivos", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Aplicativo de criptografia não foi inicializado! Talvez o aplicativo de criptografia tenha sido reativado durante essa sessão. Por favor, tente fazer logoff e login novamente para inicializar o aplicativo de criptografia.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Sua chave privada não é válida! Provavelmente sua senha foi alterada fora de %s (por exemplo, seu diretório corporativo). Você pode atualizar sua senha de chave privada em suas configurações pessoais para recuperar o acesso a seus arquivos criptografados.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Este arquivo não pode ser decriptado, provavelmente este é um arquivo compartilhado. Poe favoe peça ao dono do arquivo para compartilha-lo com você.", - "Unknown error. Please check your system settings or contact your administrator" : "Erro desconhecido. Por favor, verifique as configurações do sistema ou entre em contato com o administrador", - "Initial encryption started... This can take some time. Please wait." : "Criptografia inicial inicializada... Isto pode tomar algum tempo. Por favor espere.", - "Initial encryption running... Please try again later." : "Criptografia inicial em execução ... Por favor, tente novamente mais tarde.", - "Missing requirements." : "Requisitos não encontrados.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Por favor, certifique-se de que o OpenSSL em conjunto com a extensão PHP está habilitado e configurado corretamente. Por enquanto, o aplicativo de criptografia foi desativado.", - "Following users are not set up for encryption:" : "Seguintes usuários não estão configurados para criptografia:", - "Go directly to your %spersonal settings%s." : "Ir direto para suas %spersonal settings%s.", - "Server-side Encryption" : "Criptografia do lado do servidor", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "App de criptografia está ativado, mas as chaves não estão inicializadas, por favor log-out e faça login novamente", - "Enable recovery key (allow to recover users files in case of password loss):" : "Habilitar chave de recuperação (permite recuperar arquivos de usuários em caso de perda de senha):", - "Recovery key password" : "Senha da chave de recuperação", - "Repeat Recovery key password" : "Repita Recuperação de senha da chave", - "Enabled" : "Habilitado", - "Disabled" : "Desabilitado", - "Change recovery key password:" : "Mudar a senha da chave de recuperação:", - "Old Recovery key password" : "Senha antiga da chave de recuperação", - "New Recovery key password" : "Nova senha da chave de recuperação", - "Repeat New Recovery key password" : "Repita Nova senha da chave de recuperação", - "Change Password" : "Trocar Senha", - "Your private key password no longer matches your log-in password." : "A sua senha de chave privada não corresponde a sua senha de login.", - "Set your old private key password to your current log-in password:" : "Defina a sua antiga senha da chave privada para sua senha de login atual:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Se você não se lembra de sua antiga senha você pode pedir ao administrador que recupere seus arquivos.", - "Old log-in password" : "Senha antiga de login", - "Current log-in password" : "Senha de login atual", - "Update Private Key Password" : "Atualizar Senha de Chave Privada", - "Enable password recovery:" : "Habilitar recuperação de senha:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Habilitar essa opção vai permitir que você obtenha novamente acesso aos seus arquivos encriptados em caso de perda de senha" -},"pluralForm" :"nplurals=2; plural=(n > 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/pt_PT.js b/apps/files_encryption/l10n/pt_PT.js deleted file mode 100644 index 7d39292309..0000000000 --- a/apps/files_encryption/l10n/pt_PT.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Erro desconhecido", - "Missing recovery key password" : "Senha da chave de recuperação em falta", - "Please repeat the recovery key password" : "Por favor, insira a contrassenha da chave de recuperação", - "Repeated recovery key password does not match the provided recovery key password" : "A palavra-passe de recuperação repetida não corresponde à palavra-passe fornecida", - "Recovery key successfully enabled" : "A chave de recuperação foi ativada com sucesso", - "Could not disable recovery key. Please check your recovery key password!" : "Não foi possível desativar a chave de recuperação. Por favor, verifique a senha da chave de recuperação.", - "Recovery key successfully disabled" : "A chave de recuperação foi desativada com sucesso", - "Please provide the old recovery password" : "Escreva a palavra-passe de recuperação antiga", - "Please provide a new recovery password" : "Escreva a nova palavra-passe de recuperação", - "Please repeat the new recovery password" : "Escreva de novo a nova palavra-passe de recuperação", - "Password successfully changed." : "Palavra-passe alterada com sucesso.", - "Could not change the password. Maybe the old password was not correct." : "Não foi possível alterar a senha. Possivelmente a senha antiga não está correta.", - "Could not update the private key password." : "Não foi possível atualizar a senha da chave privada.", - "The old password was not correct, please try again." : "A senha antiga não estava correta, por favor, tente de novo.", - "The current log-in password was not correct, please try again." : "A senha de iniciar a sessão atual não estava correta, por favor, tente de novo.", - "Private key password successfully updated." : "A senha da chave privada foi atualizada com sucesso. ", - "File recovery settings updated" : "As definições da recuperação de ficheiro foram atualizadas", - "Could not update file recovery" : "Não foi possível atualizar a recuperação de ficheiro", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "A app de encriptação não foi inicializada! A app de encriptação poderá ter sido reativada durante a sua sessão. Por favor, tente terminar a sessão e iniciá-la de seguida para inicializar a app de encriptação.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "A sua chave privada não é válida! Provavelmente a senha foi alterada fora do %s (ex. a sua diretoria corporativa). Pode atualizar a sua senha da chave privada nas definições pessoais para recuperar o acesso aos seus ficheiros encriptados. ", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Não é possível desencriptar este ficheiro, provavelmente é um ficheiro partilhado. Por favor, peça ao proprietário do ficheiro para voltar a partilhar o ficheiro consigo.", - "Unknown error. Please check your system settings or contact your administrator" : "Erro desconhecido. Por favor, verifique as configurações do sistema ou entre em contacto com o seu administrador ", - "Initial encryption started... This can take some time. Please wait." : "A encriptação inicial foi iniciada ... Esta pode demorar algum tempo. Aguarde, por favor.", - "Initial encryption running... Please try again later." : "A encriptação inicial está em execução ... Por favor, tente de novo mais tarde.", - "Missing requirements." : "Requisitos em falta.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Por favor, certifique-se de que o OpenSSL, em conjunto com a extensão PHP, está ativado e configurado corretamente. Por agora, a aplicação de encriptação está desactivada.", - "Following users are not set up for encryption:" : "Os utilizadores seguintes não estão configurados para encriptação:", - "Go directly to your %spersonal settings%s." : "Ir diretamente para as %sdefinições pessoais%s.", - "Server-side Encryption" : "Encriptação do lado do Servidor", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "A Aplicação de Encriptação está ativada, mas as suas chaves não inicializaram. Por favor termine e inicie a sessão novamente", - "Enable recovery key (allow to recover users files in case of password loss):" : "Ativar a chave de recuperação (permite recuperar os ficheiros do utilizador, se perder a senha):", - "Recovery key password" : "Senha da chave de recuperação", - "Repeat Recovery key password" : "Contrassenha da chave de recuperação", - "Enabled" : "Ativada", - "Disabled" : "Desactivada", - "Change recovery key password:" : "Alterar a senha da chave de recuperação:", - "Old Recovery key password" : "Senha da chave de recuperação antiga", - "New Recovery key password" : "Nova senha da chave de recuperação", - "Repeat New Recovery key password" : "Contrassenha da nova chave de recuperação", - "Change Password" : "Alterar a Senha", - "Your private key password no longer matches your log-in password." : "A Password da sua chave privada não coincide mais com a password do seu login.", - "Set your old private key password to your current log-in password:" : "Altere a password antiga da chave privada para a nova password do login:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Se não se lembra da senha antiga pode pedir ao administrador para recuperar os seus ficheiros. ", - "Old log-in password" : "Senha de iniciar sessão antiga", - "Current log-in password" : "Senha de iniciar sessão atual", - "Update Private Key Password" : "Atualizar Senha da Chave Privada ", - "Enable password recovery:" : "Ativar a recuperação da senha:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Ao ativar esta opção, irá poder obter o acesso aos seus ficheiros encriptados, se perder a senha" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/pt_PT.json b/apps/files_encryption/l10n/pt_PT.json deleted file mode 100644 index 5f7d0a22f3..0000000000 --- a/apps/files_encryption/l10n/pt_PT.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Erro desconhecido", - "Missing recovery key password" : "Senha da chave de recuperação em falta", - "Please repeat the recovery key password" : "Por favor, insira a contrassenha da chave de recuperação", - "Repeated recovery key password does not match the provided recovery key password" : "A palavra-passe de recuperação repetida não corresponde à palavra-passe fornecida", - "Recovery key successfully enabled" : "A chave de recuperação foi ativada com sucesso", - "Could not disable recovery key. Please check your recovery key password!" : "Não foi possível desativar a chave de recuperação. Por favor, verifique a senha da chave de recuperação.", - "Recovery key successfully disabled" : "A chave de recuperação foi desativada com sucesso", - "Please provide the old recovery password" : "Escreva a palavra-passe de recuperação antiga", - "Please provide a new recovery password" : "Escreva a nova palavra-passe de recuperação", - "Please repeat the new recovery password" : "Escreva de novo a nova palavra-passe de recuperação", - "Password successfully changed." : "Palavra-passe alterada com sucesso.", - "Could not change the password. Maybe the old password was not correct." : "Não foi possível alterar a senha. Possivelmente a senha antiga não está correta.", - "Could not update the private key password." : "Não foi possível atualizar a senha da chave privada.", - "The old password was not correct, please try again." : "A senha antiga não estava correta, por favor, tente de novo.", - "The current log-in password was not correct, please try again." : "A senha de iniciar a sessão atual não estava correta, por favor, tente de novo.", - "Private key password successfully updated." : "A senha da chave privada foi atualizada com sucesso. ", - "File recovery settings updated" : "As definições da recuperação de ficheiro foram atualizadas", - "Could not update file recovery" : "Não foi possível atualizar a recuperação de ficheiro", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "A app de encriptação não foi inicializada! A app de encriptação poderá ter sido reativada durante a sua sessão. Por favor, tente terminar a sessão e iniciá-la de seguida para inicializar a app de encriptação.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "A sua chave privada não é válida! Provavelmente a senha foi alterada fora do %s (ex. a sua diretoria corporativa). Pode atualizar a sua senha da chave privada nas definições pessoais para recuperar o acesso aos seus ficheiros encriptados. ", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Não é possível desencriptar este ficheiro, provavelmente é um ficheiro partilhado. Por favor, peça ao proprietário do ficheiro para voltar a partilhar o ficheiro consigo.", - "Unknown error. Please check your system settings or contact your administrator" : "Erro desconhecido. Por favor, verifique as configurações do sistema ou entre em contacto com o seu administrador ", - "Initial encryption started... This can take some time. Please wait." : "A encriptação inicial foi iniciada ... Esta pode demorar algum tempo. Aguarde, por favor.", - "Initial encryption running... Please try again later." : "A encriptação inicial está em execução ... Por favor, tente de novo mais tarde.", - "Missing requirements." : "Requisitos em falta.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Por favor, certifique-se de que o OpenSSL, em conjunto com a extensão PHP, está ativado e configurado corretamente. Por agora, a aplicação de encriptação está desactivada.", - "Following users are not set up for encryption:" : "Os utilizadores seguintes não estão configurados para encriptação:", - "Go directly to your %spersonal settings%s." : "Ir diretamente para as %sdefinições pessoais%s.", - "Server-side Encryption" : "Encriptação do lado do Servidor", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "A Aplicação de Encriptação está ativada, mas as suas chaves não inicializaram. Por favor termine e inicie a sessão novamente", - "Enable recovery key (allow to recover users files in case of password loss):" : "Ativar a chave de recuperação (permite recuperar os ficheiros do utilizador, se perder a senha):", - "Recovery key password" : "Senha da chave de recuperação", - "Repeat Recovery key password" : "Contrassenha da chave de recuperação", - "Enabled" : "Ativada", - "Disabled" : "Desactivada", - "Change recovery key password:" : "Alterar a senha da chave de recuperação:", - "Old Recovery key password" : "Senha da chave de recuperação antiga", - "New Recovery key password" : "Nova senha da chave de recuperação", - "Repeat New Recovery key password" : "Contrassenha da nova chave de recuperação", - "Change Password" : "Alterar a Senha", - "Your private key password no longer matches your log-in password." : "A Password da sua chave privada não coincide mais com a password do seu login.", - "Set your old private key password to your current log-in password:" : "Altere a password antiga da chave privada para a nova password do login:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Se não se lembra da senha antiga pode pedir ao administrador para recuperar os seus ficheiros. ", - "Old log-in password" : "Senha de iniciar sessão antiga", - "Current log-in password" : "Senha de iniciar sessão atual", - "Update Private Key Password" : "Atualizar Senha da Chave Privada ", - "Enable password recovery:" : "Ativar a recuperação da senha:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Ao ativar esta opção, irá poder obter o acesso aos seus ficheiros encriptados, se perder a senha" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/ro.js b/apps/files_encryption/l10n/ro.js deleted file mode 100644 index 242d7c26ec..0000000000 --- a/apps/files_encryption/l10n/ro.js +++ /dev/null @@ -1,18 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Eroare necunoscută", - "Recovery key successfully enabled" : "Cheia de recupeare a fost activata cu succes", - "Could not disable recovery key. Please check your recovery key password!" : "Nu am putut dezactiva cheia de recuperare. Verifica parola de recuperare!", - "Recovery key successfully disabled" : "Cheia de recuperare dezactivata cu succes", - "Password successfully changed." : "Parola a fost modificată cu succes.", - "Could not change the password. Maybe the old password was not correct." : "Parola nu a putut fi schimbata. Poate ca parola veche este incorecta.", - "Private key password successfully updated." : "Cheia privata a fost actualizata cu succes", - "File recovery settings updated" : "Setarile pentru recuperarea fisierelor au fost actualizate", - "Could not update file recovery" : "Nu am putut actualiza recuperarea de fisiere", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplicatia de criptare este activata dar tastatura nu este initializata , va rugam deconectati-va si reconectati-va", - "Enabled" : "Activat", - "Disabled" : "Dezactivat", - "Change Password" : "Schimbă parola" -}, -"nplurals=3; plural=(n==1?0:(((n%100>19)||((n%100==0)&&(n!=0)))?2:1));"); diff --git a/apps/files_encryption/l10n/ro.json b/apps/files_encryption/l10n/ro.json deleted file mode 100644 index 950bf395d7..0000000000 --- a/apps/files_encryption/l10n/ro.json +++ /dev/null @@ -1,16 +0,0 @@ -{ "translations": { - "Unknown error" : "Eroare necunoscută", - "Recovery key successfully enabled" : "Cheia de recupeare a fost activata cu succes", - "Could not disable recovery key. Please check your recovery key password!" : "Nu am putut dezactiva cheia de recuperare. Verifica parola de recuperare!", - "Recovery key successfully disabled" : "Cheia de recuperare dezactivata cu succes", - "Password successfully changed." : "Parola a fost modificată cu succes.", - "Could not change the password. Maybe the old password was not correct." : "Parola nu a putut fi schimbata. Poate ca parola veche este incorecta.", - "Private key password successfully updated." : "Cheia privata a fost actualizata cu succes", - "File recovery settings updated" : "Setarile pentru recuperarea fisierelor au fost actualizate", - "Could not update file recovery" : "Nu am putut actualiza recuperarea de fisiere", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplicatia de criptare este activata dar tastatura nu este initializata , va rugam deconectati-va si reconectati-va", - "Enabled" : "Activat", - "Disabled" : "Dezactivat", - "Change Password" : "Schimbă parola" -},"pluralForm" :"nplurals=3; plural=(n==1?0:(((n%100>19)||((n%100==0)&&(n!=0)))?2:1));" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/ru.js b/apps/files_encryption/l10n/ru.js deleted file mode 100644 index bda0d26d80..0000000000 --- a/apps/files_encryption/l10n/ru.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Неизвестная ошибка", - "Missing recovery key password" : "Отсутствует пароль восстановления ключа", - "Please repeat the recovery key password" : "Повторите ввод пароля ключа восстановления", - "Repeated recovery key password does not match the provided recovery key password" : "Пароль ключа восстановления и повтор пароля не совпадают", - "Recovery key successfully enabled" : "Ключ восстановления успешно установлен", - "Could not disable recovery key. Please check your recovery key password!" : "Невозможно выключить ключ восстановления. Проверьте правильность пароля от ключа!", - "Recovery key successfully disabled" : "Ключ восстановления успешно отключен", - "Please provide the old recovery password" : "Введите старый пароль восстановления", - "Please provide a new recovery password" : "Введите новый пароль восстановления", - "Please repeat the new recovery password" : "Повторите новый пароль восстановления", - "Password successfully changed." : "Пароль успешно изменен.", - "Could not change the password. Maybe the old password was not correct." : "Невозможно изменить пароль. Возможно, указанный старый пароль не верен.", - "Could not update the private key password." : "Невозможно обновить пароль закрытого ключа.", - "The old password was not correct, please try again." : "Указан неверный старый пароль, повторите попытку.", - "The current log-in password was not correct, please try again." : "Текущий пароль для учётной записи введён неверно, пожалуйста повторите попытку.", - "Private key password successfully updated." : "Пароль закрытого ключа успешно обновлён.", - "File recovery settings updated" : "Настройки восстановления файлов обновлены", - "Could not update file recovery" : "Невозможно обновить настройки восстановления файлов", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Приложение шифрования не инициализировано! Возможно приложение шифрования было выключено и включено снова во время вашей сессии. Попробуйте выйти и войти снова чтобы инициализировать приложение шифрования.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Закрытый ключ недействителен! Вероятно, пароль был изменен вне %s (например, корпоративный каталог). Вы можете обновить закрытый ключ в личных настройках на странице восстановления доступа к зашифрованным файлам. ", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Не удалось расшифровать файл, возможно это опубликованный файл. Попросите владельца файла повторно открыть к нему доступ.", - "Unknown error. Please check your system settings or contact your administrator" : "Неизвестная ошибка. Проверьте системные настройки или свяжитесь с вашим администратором", - "Initial encryption started... This can take some time. Please wait." : "Запущено первоначальное шифрование... Это может занять некоторое время. Пожалуйста, подождите.", - "Initial encryption running... Please try again later." : "Работает первоначальное шифрование... Пожалуйста, повторите попытку позже.", - "Missing requirements." : "Отсутствуют зависимости.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Убедитесь, что OpenSSL и соответствующее расширение PHP включены и правильно настроены. На данный момент приложение шифрования выключено.", - "Following users are not set up for encryption:" : "Для следующих пользователей шифрование не настроено:", - "Go directly to your %spersonal settings%s." : "Перейти к вашим %sличным настройкам%s.", - "Server-side Encryption" : "Шифрование на стороне сервера", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Приложение шифрования активно, но ваши ключи не инициализированы, выйдите из системы и войдите заново", - "Enable recovery key (allow to recover users files in case of password loss):" : "Включить ключ восстановления (позволяет пользователям восстановить файлы при потере пароля):", - "Recovery key password" : "Пароль ключа восстановления", - "Repeat Recovery key password" : "Повторите пароль ключа восстановления", - "Enabled" : "Включено", - "Disabled" : "Отключено", - "Change recovery key password:" : "Смена пароля ключа восстановления:", - "Old Recovery key password" : "Старый пароль ключа восстановления", - "New Recovery key password" : "Новый пароль ключа восстановления", - "Repeat New Recovery key password" : "Повторите новый пароль ключа восстановления", - "Change Password" : "Изменить пароль", - "Your private key password no longer matches your log-in password." : "Пароль закрытого ключа больше не соответствует паролю вашей учетной записи.", - "Set your old private key password to your current log-in password:" : "Замените старый пароль закрытого ключа на текущий пароль учётной записи.", - " If you don't remember your old password you can ask your administrator to recover your files." : "Если вы не помните свой старый пароль, вы можете попросить своего администратора восстановить ваши файлы", - "Old log-in password" : "Старый пароль учётной записи", - "Current log-in password" : "Текущий пароль учётной записи", - "Update Private Key Password" : "Обновить пароль закрытого ключа", - "Enable password recovery:" : "Включить восстановление пароля:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Включение этой опции позволит вам получить доступ к своим зашифрованным файлам в случае утери пароля" -}, -"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);"); diff --git a/apps/files_encryption/l10n/ru.json b/apps/files_encryption/l10n/ru.json deleted file mode 100644 index 3fe5bea497..0000000000 --- a/apps/files_encryption/l10n/ru.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Неизвестная ошибка", - "Missing recovery key password" : "Отсутствует пароль восстановления ключа", - "Please repeat the recovery key password" : "Повторите ввод пароля ключа восстановления", - "Repeated recovery key password does not match the provided recovery key password" : "Пароль ключа восстановления и повтор пароля не совпадают", - "Recovery key successfully enabled" : "Ключ восстановления успешно установлен", - "Could not disable recovery key. Please check your recovery key password!" : "Невозможно выключить ключ восстановления. Проверьте правильность пароля от ключа!", - "Recovery key successfully disabled" : "Ключ восстановления успешно отключен", - "Please provide the old recovery password" : "Введите старый пароль восстановления", - "Please provide a new recovery password" : "Введите новый пароль восстановления", - "Please repeat the new recovery password" : "Повторите новый пароль восстановления", - "Password successfully changed." : "Пароль успешно изменен.", - "Could not change the password. Maybe the old password was not correct." : "Невозможно изменить пароль. Возможно, указанный старый пароль не верен.", - "Could not update the private key password." : "Невозможно обновить пароль закрытого ключа.", - "The old password was not correct, please try again." : "Указан неверный старый пароль, повторите попытку.", - "The current log-in password was not correct, please try again." : "Текущий пароль для учётной записи введён неверно, пожалуйста повторите попытку.", - "Private key password successfully updated." : "Пароль закрытого ключа успешно обновлён.", - "File recovery settings updated" : "Настройки восстановления файлов обновлены", - "Could not update file recovery" : "Невозможно обновить настройки восстановления файлов", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Приложение шифрования не инициализировано! Возможно приложение шифрования было выключено и включено снова во время вашей сессии. Попробуйте выйти и войти снова чтобы инициализировать приложение шифрования.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Закрытый ключ недействителен! Вероятно, пароль был изменен вне %s (например, корпоративный каталог). Вы можете обновить закрытый ключ в личных настройках на странице восстановления доступа к зашифрованным файлам. ", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Не удалось расшифровать файл, возможно это опубликованный файл. Попросите владельца файла повторно открыть к нему доступ.", - "Unknown error. Please check your system settings or contact your administrator" : "Неизвестная ошибка. Проверьте системные настройки или свяжитесь с вашим администратором", - "Initial encryption started... This can take some time. Please wait." : "Запущено первоначальное шифрование... Это может занять некоторое время. Пожалуйста, подождите.", - "Initial encryption running... Please try again later." : "Работает первоначальное шифрование... Пожалуйста, повторите попытку позже.", - "Missing requirements." : "Отсутствуют зависимости.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Убедитесь, что OpenSSL и соответствующее расширение PHP включены и правильно настроены. На данный момент приложение шифрования выключено.", - "Following users are not set up for encryption:" : "Для следующих пользователей шифрование не настроено:", - "Go directly to your %spersonal settings%s." : "Перейти к вашим %sличным настройкам%s.", - "Server-side Encryption" : "Шифрование на стороне сервера", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Приложение шифрования активно, но ваши ключи не инициализированы, выйдите из системы и войдите заново", - "Enable recovery key (allow to recover users files in case of password loss):" : "Включить ключ восстановления (позволяет пользователям восстановить файлы при потере пароля):", - "Recovery key password" : "Пароль ключа восстановления", - "Repeat Recovery key password" : "Повторите пароль ключа восстановления", - "Enabled" : "Включено", - "Disabled" : "Отключено", - "Change recovery key password:" : "Смена пароля ключа восстановления:", - "Old Recovery key password" : "Старый пароль ключа восстановления", - "New Recovery key password" : "Новый пароль ключа восстановления", - "Repeat New Recovery key password" : "Повторите новый пароль ключа восстановления", - "Change Password" : "Изменить пароль", - "Your private key password no longer matches your log-in password." : "Пароль закрытого ключа больше не соответствует паролю вашей учетной записи.", - "Set your old private key password to your current log-in password:" : "Замените старый пароль закрытого ключа на текущий пароль учётной записи.", - " If you don't remember your old password you can ask your administrator to recover your files." : "Если вы не помните свой старый пароль, вы можете попросить своего администратора восстановить ваши файлы", - "Old log-in password" : "Старый пароль учётной записи", - "Current log-in password" : "Текущий пароль учётной записи", - "Update Private Key Password" : "Обновить пароль закрытого ключа", - "Enable password recovery:" : "Включить восстановление пароля:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Включение этой опции позволит вам получить доступ к своим зашифрованным файлам в случае утери пароля" -},"pluralForm" :"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/si_LK.js b/apps/files_encryption/l10n/si_LK.js deleted file mode 100644 index befc19388e..0000000000 --- a/apps/files_encryption/l10n/si_LK.js +++ /dev/null @@ -1,6 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Encryption" : "ගුප්ත කේතනය" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/si_LK.json b/apps/files_encryption/l10n/si_LK.json deleted file mode 100644 index 3c619c7d8c..0000000000 --- a/apps/files_encryption/l10n/si_LK.json +++ /dev/null @@ -1,4 +0,0 @@ -{ "translations": { - "Encryption" : "ගුප්ත කේතනය" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/sk_SK.js b/apps/files_encryption/l10n/sk_SK.js deleted file mode 100644 index 799a2c1d21..0000000000 --- a/apps/files_encryption/l10n/sk_SK.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Neznáma chyba", - "Missing recovery key password" : "Chýba kľúč pre obnovu hesla", - "Please repeat the recovery key password" : "Prosím zopakujte heslo kľúča pre obnovu", - "Repeated recovery key password does not match the provided recovery key password" : "Zopakované heslo kľúča pre obnovenie nesúhlasí zo zadaným heslom", - "Recovery key successfully enabled" : "Záchranný kľúč bol úspešne povolený", - "Could not disable recovery key. Please check your recovery key password!" : "Nepodarilo sa zakázať záchranný kľúč. Skontrolujte prosím Vaše heslo záchranného kľúča!", - "Recovery key successfully disabled" : "Záchranný kľúč bol úspešne zakázaný", - "Please provide the old recovery password" : "Zadajte prosím staré heslo pre obnovenie", - "Please provide a new recovery password" : "Zadajte prosím nové heslo pre obnovenie", - "Please repeat the new recovery password" : "Zopakujte prosím nové heslo pre obnovenie", - "Password successfully changed." : "Heslo úspešne zmenené.", - "Could not change the password. Maybe the old password was not correct." : "Nemožno zmeniť heslo. Pravdepodobne nebolo staré heslo zadané správne.", - "Could not update the private key password." : "Nemožno aktualizovať heslo súkromného kľúča.", - "The old password was not correct, please try again." : "Staré heslo nebolo zadané správne, prosím skúste to ešte raz.", - "The current log-in password was not correct, please try again." : "Toto heslo nebolo správne, prosím skúste to ešte raz.", - "Private key password successfully updated." : "Heslo súkromného kľúča je úspešne aktualizované.", - "File recovery settings updated" : "Nastavenie obnovy súborov aktualizované", - "Could not update file recovery" : "Nemožno aktualizovať obnovenie súborov", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Šifrovacia aplikácia nie je inicializovaná. Je možné, že aplikácia bola znova aktivovaná počas vášho prihlasovania. Pokúste sa odhlásiť a znova prihlásiť pre inicializáciu šifrovania.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Váš súkromný kľúč nie je platný! Možno bolo vaše heslo zmenené mimo %s (napr. firemný priečinok). Môžete si aktualizovať heslo svojho ​​súkromného kľúča vo vašom osobnom nastavení, ak si chcete obnoviť prístup k šifrovaným súborom.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Tento súbor sa nepodarilo dešifrovať, pravdepodobne je zdieľaný. Požiadajte majiteľa súboru, aby ho s vami znovu vyzdieľal.", - "Unknown error. Please check your system settings or contact your administrator" : "Neznáma chyba. Skontrolujte si vaše systémové nastavenia alebo kontaktujte administrátora", - "Initial encryption started... This can take some time. Please wait." : "Počiatočné šifrovanie započalo ... To môže nejakú dobu trvať. Čakajte prosím.", - "Initial encryption running... Please try again later." : "Počiatočné šifrovanie beží... Skúste to neskôr znovu.", - "Missing requirements." : "Chýbajúce požiadavky.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Uistite sa, že OpenSSL spoločne s rozšírením pre PHP je povolené a správne nakonfigurované. V tejto chvíli je šifrovanie dočasne vypnuté.", - "Following users are not set up for encryption:" : "Nasledujúci používatelia nie sú nastavení pre šifrovanie:", - "Go directly to your %spersonal settings%s." : "Prejsť priamo do svojho %sosobného nastavenia%s.", - "Server-side Encryption" : "Šifrovanie na serveri", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplikácia na šifrovanie je zapnutá, ale vaše kľúče nie sú inicializované. Odhláste sa a znovu sa prihláste.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Povoliť obnovovací kľúč (umožňuje obnoviť používateľské súbory v prípade straty hesla):", - "Recovery key password" : "Heslo obnovovacieho kľúča", - "Repeat Recovery key password" : "Zopakujte heslo kľúča pre obnovu", - "Enabled" : "Povolené", - "Disabled" : "Zakázané", - "Change recovery key password:" : "Zmeniť heslo obnovovacieho kľúča:", - "Old Recovery key password" : "Staré heslo obnovovacieho kľúča", - "New Recovery key password" : "Nové heslo obnovovacieho kľúča", - "Repeat New Recovery key password" : "Zopakujte nové heslo kľúča pre obnovu", - "Change Password" : "Zmeniť heslo", - "Your private key password no longer matches your log-in password." : "Heslo vášho súkromného kľúča sa nezhoduje v vašim prihlasovacím heslom.", - "Set your old private key password to your current log-in password:" : "Zmeňte si vaše staré heslo súkromného kľúča na rovnaké, aké je vaše aktuálne prihlasovacie heslo:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Ak si nepamätáte svoje staré heslo, môžete požiadať administrátora o obnovenie svojich súborov.", - "Old log-in password" : "Staré prihlasovacie heslo", - "Current log-in password" : "Súčasné prihlasovacie heslo", - "Update Private Key Password" : "Aktualizovať heslo súkromného kľúča", - "Enable password recovery:" : "Povoliť obnovu hesla:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Povolenie Vám umožní znovu získať prístup k Vašim zašifrovaným súborom, ak stratíte heslo" -}, -"nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;"); diff --git a/apps/files_encryption/l10n/sk_SK.json b/apps/files_encryption/l10n/sk_SK.json deleted file mode 100644 index 08e9d42638..0000000000 --- a/apps/files_encryption/l10n/sk_SK.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Neznáma chyba", - "Missing recovery key password" : "Chýba kľúč pre obnovu hesla", - "Please repeat the recovery key password" : "Prosím zopakujte heslo kľúča pre obnovu", - "Repeated recovery key password does not match the provided recovery key password" : "Zopakované heslo kľúča pre obnovenie nesúhlasí zo zadaným heslom", - "Recovery key successfully enabled" : "Záchranný kľúč bol úspešne povolený", - "Could not disable recovery key. Please check your recovery key password!" : "Nepodarilo sa zakázať záchranný kľúč. Skontrolujte prosím Vaše heslo záchranného kľúča!", - "Recovery key successfully disabled" : "Záchranný kľúč bol úspešne zakázaný", - "Please provide the old recovery password" : "Zadajte prosím staré heslo pre obnovenie", - "Please provide a new recovery password" : "Zadajte prosím nové heslo pre obnovenie", - "Please repeat the new recovery password" : "Zopakujte prosím nové heslo pre obnovenie", - "Password successfully changed." : "Heslo úspešne zmenené.", - "Could not change the password. Maybe the old password was not correct." : "Nemožno zmeniť heslo. Pravdepodobne nebolo staré heslo zadané správne.", - "Could not update the private key password." : "Nemožno aktualizovať heslo súkromného kľúča.", - "The old password was not correct, please try again." : "Staré heslo nebolo zadané správne, prosím skúste to ešte raz.", - "The current log-in password was not correct, please try again." : "Toto heslo nebolo správne, prosím skúste to ešte raz.", - "Private key password successfully updated." : "Heslo súkromného kľúča je úspešne aktualizované.", - "File recovery settings updated" : "Nastavenie obnovy súborov aktualizované", - "Could not update file recovery" : "Nemožno aktualizovať obnovenie súborov", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Šifrovacia aplikácia nie je inicializovaná. Je možné, že aplikácia bola znova aktivovaná počas vášho prihlasovania. Pokúste sa odhlásiť a znova prihlásiť pre inicializáciu šifrovania.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Váš súkromný kľúč nie je platný! Možno bolo vaše heslo zmenené mimo %s (napr. firemný priečinok). Môžete si aktualizovať heslo svojho ​​súkromného kľúča vo vašom osobnom nastavení, ak si chcete obnoviť prístup k šifrovaným súborom.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Tento súbor sa nepodarilo dešifrovať, pravdepodobne je zdieľaný. Požiadajte majiteľa súboru, aby ho s vami znovu vyzdieľal.", - "Unknown error. Please check your system settings or contact your administrator" : "Neznáma chyba. Skontrolujte si vaše systémové nastavenia alebo kontaktujte administrátora", - "Initial encryption started... This can take some time. Please wait." : "Počiatočné šifrovanie započalo ... To môže nejakú dobu trvať. Čakajte prosím.", - "Initial encryption running... Please try again later." : "Počiatočné šifrovanie beží... Skúste to neskôr znovu.", - "Missing requirements." : "Chýbajúce požiadavky.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Uistite sa, že OpenSSL spoločne s rozšírením pre PHP je povolené a správne nakonfigurované. V tejto chvíli je šifrovanie dočasne vypnuté.", - "Following users are not set up for encryption:" : "Nasledujúci používatelia nie sú nastavení pre šifrovanie:", - "Go directly to your %spersonal settings%s." : "Prejsť priamo do svojho %sosobného nastavenia%s.", - "Server-side Encryption" : "Šifrovanie na serveri", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplikácia na šifrovanie je zapnutá, ale vaše kľúče nie sú inicializované. Odhláste sa a znovu sa prihláste.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Povoliť obnovovací kľúč (umožňuje obnoviť používateľské súbory v prípade straty hesla):", - "Recovery key password" : "Heslo obnovovacieho kľúča", - "Repeat Recovery key password" : "Zopakujte heslo kľúča pre obnovu", - "Enabled" : "Povolené", - "Disabled" : "Zakázané", - "Change recovery key password:" : "Zmeniť heslo obnovovacieho kľúča:", - "Old Recovery key password" : "Staré heslo obnovovacieho kľúča", - "New Recovery key password" : "Nové heslo obnovovacieho kľúča", - "Repeat New Recovery key password" : "Zopakujte nové heslo kľúča pre obnovu", - "Change Password" : "Zmeniť heslo", - "Your private key password no longer matches your log-in password." : "Heslo vášho súkromného kľúča sa nezhoduje v vašim prihlasovacím heslom.", - "Set your old private key password to your current log-in password:" : "Zmeňte si vaše staré heslo súkromného kľúča na rovnaké, aké je vaše aktuálne prihlasovacie heslo:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Ak si nepamätáte svoje staré heslo, môžete požiadať administrátora o obnovenie svojich súborov.", - "Old log-in password" : "Staré prihlasovacie heslo", - "Current log-in password" : "Súčasné prihlasovacie heslo", - "Update Private Key Password" : "Aktualizovať heslo súkromného kľúča", - "Enable password recovery:" : "Povoliť obnovu hesla:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Povolenie Vám umožní znovu získať prístup k Vašim zašifrovaným súborom, ak stratíte heslo" -},"pluralForm" :"nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/sl.js b/apps/files_encryption/l10n/sl.js deleted file mode 100644 index 529e565218..0000000000 --- a/apps/files_encryption/l10n/sl.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Neznana napaka", - "Missing recovery key password" : "Manjka ključ za obnovitev", - "Please repeat the recovery key password" : "Ponovite vpis ključa za obnovitev", - "Repeated recovery key password does not match the provided recovery key password" : "Ponovljen vpis ključa za obnovitev ni enak prvemu vpisu tega ključa", - "Recovery key successfully enabled" : "Ključ za obnovitev gesla je uspešno nastavljen", - "Could not disable recovery key. Please check your recovery key password!" : "Ključa za obnovitev gesla ni mogoče onemogočiti. Preverite ključ!", - "Recovery key successfully disabled" : "Ključ za obnovitev gesla je uspešno onemogočen", - "Please provide the old recovery password" : "Vpišite star ključ za obnovitev", - "Please provide a new recovery password" : "Vpišite nov ključ za obnovitev", - "Please repeat the new recovery password" : "Ponovno vpišite nov ključ za obnovitev", - "Password successfully changed." : "Geslo je uspešno spremenjeno.", - "Could not change the password. Maybe the old password was not correct." : "Gesla ni mogoče spremeniti. Morda vnos starega gesla ni pravilen.", - "Could not update the private key password." : "Ni mogoče posodobiti gesla zasebnega ključa.", - "The old password was not correct, please try again." : "Staro geslo ni vpisana pravilno. Poskusite znova.", - "The current log-in password was not correct, please try again." : "Trenutno geslo za prijavo ni vpisano pravilno. Poskusite znova.", - "Private key password successfully updated." : "Zasebni ključ za geslo je uspešno posodobljen.", - "File recovery settings updated" : "Nastavitve obnavljanja dokumentov so posodobljene", - "Could not update file recovery" : "Nastavitev za obnavljanje dokumentov ni mogoče posodobiti", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Program za šifriranje ni začet. Morda je bil program ponovno omogočen šele med zagonom trenutne seje. Odjavite se in se nato prijavite nazaj. S tem morda razrešite napako.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Zasebni ključ ni veljaven. Najverjetneje je bilo geslo spremenjeno izven %s (najverjetneje je to poslovna mapa). Geslo lahko posodobite med osebnimi nastavitvami in s tem obnovite dostop do šifriranih datotek.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Te datoteke ni mogoče šifrirati, ker je to najverjetneje datoteka v souporabi. Prosite lastnika datoteke, da jo da ponovno v souporabo.", - "Unknown error. Please check your system settings or contact your administrator" : "Neznana napaka. Preverite nastavitve sistema ali pa stopite v stik s skrbnikom sistema.", - "Initial encryption started... This can take some time. Please wait." : "Začetno šifriranje je začeto ... Opravilo je lahko dolgotrajno.", - "Initial encryption running... Please try again later." : "Začetno šifriranje je v teku ... Poskusite kasneje.", - "Missing requirements." : "Manjkajoče zahteve", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Preverite, ali je OpenSSL z ustrezno razširitvijo PHP omogočen in ustrezno nastavljen. Trenutno je šifriranje onemogočeno.", - "Following users are not set up for encryption:" : "Navedeni uporabniki še nimajo nastavljenega šifriranja:", - "Go directly to your %spersonal settings%s." : "Oglejte si %sosebne nastavitve%s.", - "Server-side Encryption" : "Strežniško šifriranje", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Program za šifriranje je omogočen, vendar ni začet. Odjavite se in nato ponovno prijavite.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Omogoči ključ za obnovitev datotek (v primeru izgube gesla):", - "Recovery key password" : "Ključ za obnovitev gesla", - "Repeat Recovery key password" : "Ponovi ključ za obnovitev gesla", - "Enabled" : "Omogočeno", - "Disabled" : "Onemogočeno", - "Change recovery key password:" : "Spremeni ključ za obnovitev gesla:", - "Old Recovery key password" : "Stari ključ za obnovitev gesla", - "New Recovery key password" : "Novi ključ za obnovitev gesla", - "Repeat New Recovery key password" : "Ponovi novi ključ za obnovitev gesla", - "Change Password" : "Spremeni geslo", - "Your private key password no longer matches your log-in password." : "Zasebno geslo ni več skladno s prijavnim geslom.", - "Set your old private key password to your current log-in password:" : "Nastavite star zasebni ključ na trenutno prijavno geslo:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Če ste pozabili svoje geslo, lahko vaše datoteke obnovi le skrbnik sistema.", - "Old log-in password" : "Staro geslo", - "Current log-in password" : "Trenutno geslo", - "Update Private Key Password" : "Posodobi zasebni ključ", - "Enable password recovery:" : "Omogoči obnovitev gesla:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Nastavitev te možnosti omogoča ponovno pridobitev dostopa do šifriranih datotek, v primeru, da boste geslo pozabili." -}, -"nplurals=4; plural=(n%100==1 ? 0 : n%100==2 ? 1 : n%100==3 || n%100==4 ? 2 : 3);"); diff --git a/apps/files_encryption/l10n/sl.json b/apps/files_encryption/l10n/sl.json deleted file mode 100644 index 6c3ffd97b8..0000000000 --- a/apps/files_encryption/l10n/sl.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Neznana napaka", - "Missing recovery key password" : "Manjka ključ za obnovitev", - "Please repeat the recovery key password" : "Ponovite vpis ključa za obnovitev", - "Repeated recovery key password does not match the provided recovery key password" : "Ponovljen vpis ključa za obnovitev ni enak prvemu vpisu tega ključa", - "Recovery key successfully enabled" : "Ključ za obnovitev gesla je uspešno nastavljen", - "Could not disable recovery key. Please check your recovery key password!" : "Ključa za obnovitev gesla ni mogoče onemogočiti. Preverite ključ!", - "Recovery key successfully disabled" : "Ključ za obnovitev gesla je uspešno onemogočen", - "Please provide the old recovery password" : "Vpišite star ključ za obnovitev", - "Please provide a new recovery password" : "Vpišite nov ključ za obnovitev", - "Please repeat the new recovery password" : "Ponovno vpišite nov ključ za obnovitev", - "Password successfully changed." : "Geslo je uspešno spremenjeno.", - "Could not change the password. Maybe the old password was not correct." : "Gesla ni mogoče spremeniti. Morda vnos starega gesla ni pravilen.", - "Could not update the private key password." : "Ni mogoče posodobiti gesla zasebnega ključa.", - "The old password was not correct, please try again." : "Staro geslo ni vpisana pravilno. Poskusite znova.", - "The current log-in password was not correct, please try again." : "Trenutno geslo za prijavo ni vpisano pravilno. Poskusite znova.", - "Private key password successfully updated." : "Zasebni ključ za geslo je uspešno posodobljen.", - "File recovery settings updated" : "Nastavitve obnavljanja dokumentov so posodobljene", - "Could not update file recovery" : "Nastavitev za obnavljanje dokumentov ni mogoče posodobiti", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Program za šifriranje ni začet. Morda je bil program ponovno omogočen šele med zagonom trenutne seje. Odjavite se in se nato prijavite nazaj. S tem morda razrešite napako.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Zasebni ključ ni veljaven. Najverjetneje je bilo geslo spremenjeno izven %s (najverjetneje je to poslovna mapa). Geslo lahko posodobite med osebnimi nastavitvami in s tem obnovite dostop do šifriranih datotek.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Te datoteke ni mogoče šifrirati, ker je to najverjetneje datoteka v souporabi. Prosite lastnika datoteke, da jo da ponovno v souporabo.", - "Unknown error. Please check your system settings or contact your administrator" : "Neznana napaka. Preverite nastavitve sistema ali pa stopite v stik s skrbnikom sistema.", - "Initial encryption started... This can take some time. Please wait." : "Začetno šifriranje je začeto ... Opravilo je lahko dolgotrajno.", - "Initial encryption running... Please try again later." : "Začetno šifriranje je v teku ... Poskusite kasneje.", - "Missing requirements." : "Manjkajoče zahteve", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Preverite, ali je OpenSSL z ustrezno razširitvijo PHP omogočen in ustrezno nastavljen. Trenutno je šifriranje onemogočeno.", - "Following users are not set up for encryption:" : "Navedeni uporabniki še nimajo nastavljenega šifriranja:", - "Go directly to your %spersonal settings%s." : "Oglejte si %sosebne nastavitve%s.", - "Server-side Encryption" : "Strežniško šifriranje", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Program za šifriranje je omogočen, vendar ni začet. Odjavite se in nato ponovno prijavite.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Omogoči ključ za obnovitev datotek (v primeru izgube gesla):", - "Recovery key password" : "Ključ za obnovitev gesla", - "Repeat Recovery key password" : "Ponovi ključ za obnovitev gesla", - "Enabled" : "Omogočeno", - "Disabled" : "Onemogočeno", - "Change recovery key password:" : "Spremeni ključ za obnovitev gesla:", - "Old Recovery key password" : "Stari ključ za obnovitev gesla", - "New Recovery key password" : "Novi ključ za obnovitev gesla", - "Repeat New Recovery key password" : "Ponovi novi ključ za obnovitev gesla", - "Change Password" : "Spremeni geslo", - "Your private key password no longer matches your log-in password." : "Zasebno geslo ni več skladno s prijavnim geslom.", - "Set your old private key password to your current log-in password:" : "Nastavite star zasebni ključ na trenutno prijavno geslo:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Če ste pozabili svoje geslo, lahko vaše datoteke obnovi le skrbnik sistema.", - "Old log-in password" : "Staro geslo", - "Current log-in password" : "Trenutno geslo", - "Update Private Key Password" : "Posodobi zasebni ključ", - "Enable password recovery:" : "Omogoči obnovitev gesla:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Nastavitev te možnosti omogoča ponovno pridobitev dostopa do šifriranih datotek, v primeru, da boste geslo pozabili." -},"pluralForm" :"nplurals=4; plural=(n%100==1 ? 0 : n%100==2 ? 1 : n%100==3 || n%100==4 ? 2 : 3);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/sq.js b/apps/files_encryption/l10n/sq.js deleted file mode 100644 index 61d02be4a1..0000000000 --- a/apps/files_encryption/l10n/sq.js +++ /dev/null @@ -1,7 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Gabim panjohur", - "Enabled" : "Aktivizuar" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/sq.json b/apps/files_encryption/l10n/sq.json deleted file mode 100644 index 2fd483d168..0000000000 --- a/apps/files_encryption/l10n/sq.json +++ /dev/null @@ -1,5 +0,0 @@ -{ "translations": { - "Unknown error" : "Gabim panjohur", - "Enabled" : "Aktivizuar" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/sr.js b/apps/files_encryption/l10n/sr.js deleted file mode 100644 index dec2970e35..0000000000 --- a/apps/files_encryption/l10n/sr.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Непозната грешка", - "Missing recovery key password" : "Недостаје лозинка кључа за опоравак", - "Please repeat the recovery key password" : "Поновите лозинку кључа за опоравак", - "Repeated recovery key password does not match the provided recovery key password" : "Поновљена лозинка кључа за опоравак се не поклапа", - "Recovery key successfully enabled" : "Кључ за опоравак успешно укључен", - "Could not disable recovery key. Please check your recovery key password!" : "Не могу да искључим кључ за опоравак. Проверите лозинку!", - "Recovery key successfully disabled" : "Кључ за опоравак успешно искључен", - "Please provide the old recovery password" : "Унесите стару лозинку опоравка", - "Please provide a new recovery password" : "Унесите нову лозинку опоравка", - "Please repeat the new recovery password" : "Поновите нову лозинку опоравка", - "Password successfully changed." : "Лозинка успешно промењена.", - "Could not change the password. Maybe the old password was not correct." : "Не могу да променим лозинку. Можда стара лозинка није исправна.", - "Could not update the private key password." : "Не могу да ажурирам лозинку личног кључа.", - "The old password was not correct, please try again." : "Стара лозинка није исправна. Покушајте поново.", - "The current log-in password was not correct, please try again." : "Лозинка за пријаву није исправна. Покушајте поново.", - "Private key password successfully updated." : "Лозинка личног кључа је успешно ажурирана.", - "File recovery settings updated" : "Поставке опоравка фајла су ажуриране", - "Could not update file recovery" : "Не могу да ажурирам опоравак фајла", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Апликација шифровања није иницијализована! Можда је поновно покренута током сесије. Покушајте да се одјавите па пријавите да се иницијализује поново.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Ваш лични кључ није исправан! Вероватно сте лозинку променили изван %s (нпр. ваш корпоративни директоријум). Лозинку личног кључа можете ажурирати у личним поставкама да бисте опоравили приступ вашим шифрованим фајловима.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Не могу да дешифрујем фајл. Вероватно је то дељен фајл. Затражите од власника фајла да га поново подели са вама.", - "Unknown error. Please check your system settings or contact your administrator" : "Непозната грешка. Проверите поставке вашег система или контактирајте администратора.", - "Initial encryption started... This can take some time. Please wait." : "Почетно шифровање је покренуто... Ово може потрајати. Молим, сачекајте.", - "Initial encryption running... Please try again later." : "Почетно шифровање ради... Покушајте касније.", - "Missing requirements." : "Захтеви нису испуњени.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Проверите да је ОпенССЛ заједно са ПХП проширењем, укључен и прописно подешен. За сада, шифровање је искључено.", - "Following users are not set up for encryption:" : "Следећи корисници нису подешени за шифровање:", - "Go directly to your %spersonal settings%s." : "Идите право на ваше %sличне поставке%s.", - "Server-side Encryption" : "Шифровање на страни сервера", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Апликација шифровања је укључена али ваши кључеви нису иницијализовани. Одјавите се и поново се пријавите.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Омогући кључ за опоравак (омогућава опоравак корисничких фајлова у случају губитка лозинке):", - "Recovery key password" : "Лозинка кључа за опоравак", - "Repeat Recovery key password" : "Поновите лозинку кључа за опоравак", - "Enabled" : "укључено", - "Disabled" : "искључено", - "Change recovery key password:" : "Измена лозинке кључа опоравка:", - "Old Recovery key password" : "Стара лозинка кључа опоравка", - "New Recovery key password" : "Нова лозинка кључа опоравка", - "Repeat New Recovery key password" : "Поновите лозинку кључа опоравка", - "Change Password" : "Измени лозинку", - "Your private key password no longer matches your log-in password." : "Лозинка вашег личног кључа више није иста као ваша лозинка за пријаву.", - "Set your old private key password to your current log-in password:" : "Промените ваш стари приватни кључ-лозинку у вашу тренутну улазну лозинку:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Ако се не сећате старе лозинке, можете затражити од администратора да опорави ваше фајлове.", - "Old log-in password" : "Стара лозинка за пријаву", - "Current log-in password" : "Тренутна лозинка за пријаву", - "Update Private Key Password" : "Ажурирај лозинку личног кључа", - "Enable password recovery:" : "Укључи опоравак лозинке:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Укључивање ове опције омогућиће поновно добијање приступа вашим шифрованим фајловима у случају губитка лозинке" -}, -"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);"); diff --git a/apps/files_encryption/l10n/sr.json b/apps/files_encryption/l10n/sr.json deleted file mode 100644 index 6c39d417e3..0000000000 --- a/apps/files_encryption/l10n/sr.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Непозната грешка", - "Missing recovery key password" : "Недостаје лозинка кључа за опоравак", - "Please repeat the recovery key password" : "Поновите лозинку кључа за опоравак", - "Repeated recovery key password does not match the provided recovery key password" : "Поновљена лозинка кључа за опоравак се не поклапа", - "Recovery key successfully enabled" : "Кључ за опоравак успешно укључен", - "Could not disable recovery key. Please check your recovery key password!" : "Не могу да искључим кључ за опоравак. Проверите лозинку!", - "Recovery key successfully disabled" : "Кључ за опоравак успешно искључен", - "Please provide the old recovery password" : "Унесите стару лозинку опоравка", - "Please provide a new recovery password" : "Унесите нову лозинку опоравка", - "Please repeat the new recovery password" : "Поновите нову лозинку опоравка", - "Password successfully changed." : "Лозинка успешно промењена.", - "Could not change the password. Maybe the old password was not correct." : "Не могу да променим лозинку. Можда стара лозинка није исправна.", - "Could not update the private key password." : "Не могу да ажурирам лозинку личног кључа.", - "The old password was not correct, please try again." : "Стара лозинка није исправна. Покушајте поново.", - "The current log-in password was not correct, please try again." : "Лозинка за пријаву није исправна. Покушајте поново.", - "Private key password successfully updated." : "Лозинка личног кључа је успешно ажурирана.", - "File recovery settings updated" : "Поставке опоравка фајла су ажуриране", - "Could not update file recovery" : "Не могу да ажурирам опоравак фајла", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Апликација шифровања није иницијализована! Можда је поновно покренута током сесије. Покушајте да се одјавите па пријавите да се иницијализује поново.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Ваш лични кључ није исправан! Вероватно сте лозинку променили изван %s (нпр. ваш корпоративни директоријум). Лозинку личног кључа можете ажурирати у личним поставкама да бисте опоравили приступ вашим шифрованим фајловима.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Не могу да дешифрујем фајл. Вероватно је то дељен фајл. Затражите од власника фајла да га поново подели са вама.", - "Unknown error. Please check your system settings or contact your administrator" : "Непозната грешка. Проверите поставке вашег система или контактирајте администратора.", - "Initial encryption started... This can take some time. Please wait." : "Почетно шифровање је покренуто... Ово може потрајати. Молим, сачекајте.", - "Initial encryption running... Please try again later." : "Почетно шифровање ради... Покушајте касније.", - "Missing requirements." : "Захтеви нису испуњени.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Проверите да је ОпенССЛ заједно са ПХП проширењем, укључен и прописно подешен. За сада, шифровање је искључено.", - "Following users are not set up for encryption:" : "Следећи корисници нису подешени за шифровање:", - "Go directly to your %spersonal settings%s." : "Идите право на ваше %sличне поставке%s.", - "Server-side Encryption" : "Шифровање на страни сервера", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Апликација шифровања је укључена али ваши кључеви нису иницијализовани. Одјавите се и поново се пријавите.", - "Enable recovery key (allow to recover users files in case of password loss):" : "Омогући кључ за опоравак (омогућава опоравак корисничких фајлова у случају губитка лозинке):", - "Recovery key password" : "Лозинка кључа за опоравак", - "Repeat Recovery key password" : "Поновите лозинку кључа за опоравак", - "Enabled" : "укључено", - "Disabled" : "искључено", - "Change recovery key password:" : "Измена лозинке кључа опоравка:", - "Old Recovery key password" : "Стара лозинка кључа опоравка", - "New Recovery key password" : "Нова лозинка кључа опоравка", - "Repeat New Recovery key password" : "Поновите лозинку кључа опоравка", - "Change Password" : "Измени лозинку", - "Your private key password no longer matches your log-in password." : "Лозинка вашег личног кључа више није иста као ваша лозинка за пријаву.", - "Set your old private key password to your current log-in password:" : "Промените ваш стари приватни кључ-лозинку у вашу тренутну улазну лозинку:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Ако се не сећате старе лозинке, можете затражити од администратора да опорави ваше фајлове.", - "Old log-in password" : "Стара лозинка за пријаву", - "Current log-in password" : "Тренутна лозинка за пријаву", - "Update Private Key Password" : "Ажурирај лозинку личног кључа", - "Enable password recovery:" : "Укључи опоравак лозинке:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Укључивање ове опције омогућиће поновно добијање приступа вашим шифрованим фајловима у случају губитка лозинке" -},"pluralForm" :"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/sr@latin.js b/apps/files_encryption/l10n/sr@latin.js deleted file mode 100644 index e89299ed05..0000000000 --- a/apps/files_encryption/l10n/sr@latin.js +++ /dev/null @@ -1,8 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Nepoznata greška", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplikacija za šifrovanje je omogućena ali Vaši ključevi nisu inicijalizovani, molimo Vas da se izlogujete i ulogujete ponovo.", - "Disabled" : "Onemogućeno" -}, -"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);"); diff --git a/apps/files_encryption/l10n/sr@latin.json b/apps/files_encryption/l10n/sr@latin.json deleted file mode 100644 index 34f0264e03..0000000000 --- a/apps/files_encryption/l10n/sr@latin.json +++ /dev/null @@ -1,6 +0,0 @@ -{ "translations": { - "Unknown error" : "Nepoznata greška", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplikacija za šifrovanje je omogućena ali Vaši ključevi nisu inicijalizovani, molimo Vas da se izlogujete i ulogujete ponovo.", - "Disabled" : "Onemogućeno" -},"pluralForm" :"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/sv.js b/apps/files_encryption/l10n/sv.js deleted file mode 100644 index 023fa92d36..0000000000 --- a/apps/files_encryption/l10n/sv.js +++ /dev/null @@ -1,52 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Okänt fel", - "Missing recovery key password" : "Saknar lösenord för återställningsnyckel", - "Please repeat the recovery key password" : "Vänligen upprepa lösenordet för återställningsnyckel", - "Repeated recovery key password does not match the provided recovery key password" : "Det upprepade lösenordet för återställningsnyckeln matchar inte tillhandahållna lösenordet för återställningsnyckeln", - "Recovery key successfully enabled" : "Återställningsnyckeln har framgångsrikt aktiverats", - "Could not disable recovery key. Please check your recovery key password!" : "Kunde inte inaktivera återställningsnyckeln. Vänligen kontrollera ditt lösenord för återställningsnyckeln!", - "Recovery key successfully disabled" : "Återställningsnyckeln har framgångsrikt inaktiverats", - "Please provide the old recovery password" : "Vänligen tillhandahåll det gamla återställningslösenordet ", - "Please provide a new recovery password" : "Vänligen tillhandahåll ett nytt återställningslösenord", - "Please repeat the new recovery password" : "Vänligen upprepa det nya återställningslösenordet", - "Password successfully changed." : "Ändringen av lösenordet lyckades.", - "Could not change the password. Maybe the old password was not correct." : "Kunde inte ändra lösenordet. Kanske det gamla lösenordet inte var rätt.", - "Could not update the private key password." : "Kunde inte uppdatera lösenord för den privata nyckeln", - "The old password was not correct, please try again." : "Det gamla lösenordet var inte korrekt. Vänligen försök igen.", - "The current log-in password was not correct, please try again." : "Det nuvarande inloggningslösenordet var inte korrekt. Vänligen försök igen.", - "Private key password successfully updated." : "Den privata nyckelns lösenord uppdaterades utan problem.", - "File recovery settings updated" : "Inställningarna för filåterställning har uppdaterats", - "Could not update file recovery" : "Kunde inte uppdatera filåterställning", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Krypteringsprogrammet kunde inte initieras! Möjligen blev krypteringsprogrammet återaktiverad under din session. Försök med att logga ut och in igen för att initiera krypteringsprogrammet.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Din privata lösenordsnyckel är inte giltig! Troligen har ditt lösenord ändrats utanför %s (t.ex. i företagets katalogtjänst). Du kan uppdatera den privata lösenordsnyckeln under dina personliga inställningar för att återfå tillgång till dina filer.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Kan ej dekryptera denna fil, förmodligen är det en delad fil. Be ägaren av filen att dela den med dig.", - "Unknown error. Please check your system settings or contact your administrator" : "Okänt fel. Kontrollera dina systeminställningar eller kontakta din administratör", - "Initial encryption started... This can take some time. Please wait." : "Initiala krypteringen har påbörjats... Detta kan ta lite tid. Var god vänta.", - "Initial encryption running... Please try again later." : "Initiala krypteringen körs... Var god försök igen senare.", - "Missing requirements." : "Krav som saknas", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Se till att OpenSSL tillsammans med PHP-tillägget är aktiverat och korrekt konfigurerat. För nu har krypteringsappen inaktiverats.", - "Following users are not set up for encryption:" : "Följande användare har inte aktiverat kryptering:", - "Go directly to your %spersonal settings%s." : "Gå direkt till dina %segna inställningar%s.", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Krypteringsprogrammet är aktiverat men dina nycklar är inte initierade. Vänligen logga ut och in igen", - "Enable recovery key (allow to recover users files in case of password loss):" : "Aktivera återställningsnyckel (för att kunna återfå användarens filer vid glömt eller förlorat lösenord):", - "Recovery key password" : "Lösenord för återställningsnyckel", - "Repeat Recovery key password" : "Upprepa återställningsnyckelns lösenord", - "Enabled" : "Aktiverad", - "Disabled" : "Inaktiverad", - "Change recovery key password:" : "Ändra lösenord för återställningsnyckel:", - "Old Recovery key password" : "Gammalt lösenord för återställningsnyckel", - "New Recovery key password" : "Nytt lösenord för återställningsnyckel", - "Repeat New Recovery key password" : "Upprepa lösenord för ny återställningsnyckel", - "Change Password" : "Byt lösenord", - "Your private key password no longer matches your log-in password." : "Ditt lösenord för din privata nyckel matchar inte längre ditt inloggningslösenord.", - "Set your old private key password to your current log-in password:" : "Sätt ditt gamla privatnyckellösenord till ditt aktuella inloggningslösenord:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Om du inte kommer ihåg ditt gamla lösenord kan du be din administratör att återställa dina filer.", - "Old log-in password" : "Gammalt inloggningslösenord", - "Current log-in password" : "Nuvarande inloggningslösenord", - "Update Private Key Password" : "Uppdatera lösenordet för din privata nyckel", - "Enable password recovery:" : "Aktivera lösenordsåterställning", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Genom att aktivera detta alternativ kommer du kunna återfå tillgång till dina krypterade filer om du skulle förlora/glömma ditt lösenord" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/sv.json b/apps/files_encryption/l10n/sv.json deleted file mode 100644 index 1d69d8255d..0000000000 --- a/apps/files_encryption/l10n/sv.json +++ /dev/null @@ -1,50 +0,0 @@ -{ "translations": { - "Unknown error" : "Okänt fel", - "Missing recovery key password" : "Saknar lösenord för återställningsnyckel", - "Please repeat the recovery key password" : "Vänligen upprepa lösenordet för återställningsnyckel", - "Repeated recovery key password does not match the provided recovery key password" : "Det upprepade lösenordet för återställningsnyckeln matchar inte tillhandahållna lösenordet för återställningsnyckeln", - "Recovery key successfully enabled" : "Återställningsnyckeln har framgångsrikt aktiverats", - "Could not disable recovery key. Please check your recovery key password!" : "Kunde inte inaktivera återställningsnyckeln. Vänligen kontrollera ditt lösenord för återställningsnyckeln!", - "Recovery key successfully disabled" : "Återställningsnyckeln har framgångsrikt inaktiverats", - "Please provide the old recovery password" : "Vänligen tillhandahåll det gamla återställningslösenordet ", - "Please provide a new recovery password" : "Vänligen tillhandahåll ett nytt återställningslösenord", - "Please repeat the new recovery password" : "Vänligen upprepa det nya återställningslösenordet", - "Password successfully changed." : "Ändringen av lösenordet lyckades.", - "Could not change the password. Maybe the old password was not correct." : "Kunde inte ändra lösenordet. Kanske det gamla lösenordet inte var rätt.", - "Could not update the private key password." : "Kunde inte uppdatera lösenord för den privata nyckeln", - "The old password was not correct, please try again." : "Det gamla lösenordet var inte korrekt. Vänligen försök igen.", - "The current log-in password was not correct, please try again." : "Det nuvarande inloggningslösenordet var inte korrekt. Vänligen försök igen.", - "Private key password successfully updated." : "Den privata nyckelns lösenord uppdaterades utan problem.", - "File recovery settings updated" : "Inställningarna för filåterställning har uppdaterats", - "Could not update file recovery" : "Kunde inte uppdatera filåterställning", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Krypteringsprogrammet kunde inte initieras! Möjligen blev krypteringsprogrammet återaktiverad under din session. Försök med att logga ut och in igen för att initiera krypteringsprogrammet.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Din privata lösenordsnyckel är inte giltig! Troligen har ditt lösenord ändrats utanför %s (t.ex. i företagets katalogtjänst). Du kan uppdatera den privata lösenordsnyckeln under dina personliga inställningar för att återfå tillgång till dina filer.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Kan ej dekryptera denna fil, förmodligen är det en delad fil. Be ägaren av filen att dela den med dig.", - "Unknown error. Please check your system settings or contact your administrator" : "Okänt fel. Kontrollera dina systeminställningar eller kontakta din administratör", - "Initial encryption started... This can take some time. Please wait." : "Initiala krypteringen har påbörjats... Detta kan ta lite tid. Var god vänta.", - "Initial encryption running... Please try again later." : "Initiala krypteringen körs... Var god försök igen senare.", - "Missing requirements." : "Krav som saknas", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Se till att OpenSSL tillsammans med PHP-tillägget är aktiverat och korrekt konfigurerat. För nu har krypteringsappen inaktiverats.", - "Following users are not set up for encryption:" : "Följande användare har inte aktiverat kryptering:", - "Go directly to your %spersonal settings%s." : "Gå direkt till dina %segna inställningar%s.", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Krypteringsprogrammet är aktiverat men dina nycklar är inte initierade. Vänligen logga ut och in igen", - "Enable recovery key (allow to recover users files in case of password loss):" : "Aktivera återställningsnyckel (för att kunna återfå användarens filer vid glömt eller förlorat lösenord):", - "Recovery key password" : "Lösenord för återställningsnyckel", - "Repeat Recovery key password" : "Upprepa återställningsnyckelns lösenord", - "Enabled" : "Aktiverad", - "Disabled" : "Inaktiverad", - "Change recovery key password:" : "Ändra lösenord för återställningsnyckel:", - "Old Recovery key password" : "Gammalt lösenord för återställningsnyckel", - "New Recovery key password" : "Nytt lösenord för återställningsnyckel", - "Repeat New Recovery key password" : "Upprepa lösenord för ny återställningsnyckel", - "Change Password" : "Byt lösenord", - "Your private key password no longer matches your log-in password." : "Ditt lösenord för din privata nyckel matchar inte längre ditt inloggningslösenord.", - "Set your old private key password to your current log-in password:" : "Sätt ditt gamla privatnyckellösenord till ditt aktuella inloggningslösenord:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Om du inte kommer ihåg ditt gamla lösenord kan du be din administratör att återställa dina filer.", - "Old log-in password" : "Gammalt inloggningslösenord", - "Current log-in password" : "Nuvarande inloggningslösenord", - "Update Private Key Password" : "Uppdatera lösenordet för din privata nyckel", - "Enable password recovery:" : "Aktivera lösenordsåterställning", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Genom att aktivera detta alternativ kommer du kunna återfå tillgång till dina krypterade filer om du skulle förlora/glömma ditt lösenord" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/ta_LK.js b/apps/files_encryption/l10n/ta_LK.js deleted file mode 100644 index e37ff4a78c..0000000000 --- a/apps/files_encryption/l10n/ta_LK.js +++ /dev/null @@ -1,6 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Encryption" : "மறைக்குறியீடு" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/ta_LK.json b/apps/files_encryption/l10n/ta_LK.json deleted file mode 100644 index a52ff1c321..0000000000 --- a/apps/files_encryption/l10n/ta_LK.json +++ /dev/null @@ -1,4 +0,0 @@ -{ "translations": { - "Encryption" : "மறைக்குறியீடு" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/th_TH.js b/apps/files_encryption/l10n/th_TH.js deleted file mode 100644 index ce8a64ef9c..0000000000 --- a/apps/files_encryption/l10n/th_TH.js +++ /dev/null @@ -1,6 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "ข้อผิดพลาดที่ไม่ทราบสาเหตุ" -}, -"nplurals=1; plural=0;"); diff --git a/apps/files_encryption/l10n/th_TH.json b/apps/files_encryption/l10n/th_TH.json deleted file mode 100644 index 2f6f34edf7..0000000000 --- a/apps/files_encryption/l10n/th_TH.json +++ /dev/null @@ -1,4 +0,0 @@ -{ "translations": { - "Unknown error" : "ข้อผิดพลาดที่ไม่ทราบสาเหตุ" -},"pluralForm" :"nplurals=1; plural=0;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/tr.js b/apps/files_encryption/l10n/tr.js deleted file mode 100644 index 0ff5a227b5..0000000000 --- a/apps/files_encryption/l10n/tr.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Bilinmeyen hata", - "Missing recovery key password" : "Eksik kurtarma anahtarı parolası", - "Please repeat the recovery key password" : "Lütfen kurtarma anahtarı parolasını yenileyin", - "Repeated recovery key password does not match the provided recovery key password" : "Yenilenen kurtarma anahtarı parolası, belirtilen kurtarma anahtarı parolası ile eşleşmiyor", - "Recovery key successfully enabled" : "Kurtarma anahtarı başarıyla etkinleştirildi", - "Could not disable recovery key. Please check your recovery key password!" : "Kurtarma anahtarı devre dışı bırakılamadı. Lütfen kurtarma anahtarı parolanızı kontrol edin!", - "Recovery key successfully disabled" : "Kurtarma anahtarı başarıyla devre dışı bırakıldı", - "Please provide the old recovery password" : "Lütfen eski kurtarma parolasını girin", - "Please provide a new recovery password" : "Lütfen yeni bir kurtarma parolası girin", - "Please repeat the new recovery password" : "Lütfen yeni kurtarma parolasını yenileyin", - "Password successfully changed." : "Parola başarıyla değiştirildi.", - "Could not change the password. Maybe the old password was not correct." : "Parola değiştirilemedi. Eski parolanız doğru olmayabilir.", - "Could not update the private key password." : "Özel anahtar parolası güncellenemedi", - "The old password was not correct, please try again." : "Eski parola doğru değil, lütfen yeniden deneyin.", - "The current log-in password was not correct, please try again." : "Geçerli oturum parolası doğru değil, lütfen yeniden deneyin.", - "Private key password successfully updated." : "Özel anahtar parolası başarıyla güncellendi.", - "File recovery settings updated" : "Dosya kurtarma ayarları güncellendi", - "Could not update file recovery" : "Dosya kurtarma güncellenemedi", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Şifreleme uygulaması başlatılamadı! Oturumunuz sırasında şifreleme uygulaması tekrar etkinleştirilmiş olabilir. Lütfen şifreleme uygulamasını başlatmak için oturumu kapatıp yeniden oturum açmayı deneyin.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Özel anahtarınız geçerli değil! Muhtemelen parolanız %s dışarısında değiştirildi (örn. şirket dizininde). Gizli anahtar parolanızı kişisel ayarlarınızda güncelleyerek şifreli dosyalarınıza erişimi kurtarabilirsiniz.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Bu dosya muhtemelen bir paylaşılan dosya olduğundan şifrelemesi kaldırılamıyor. Lütfen dosyayı sizinle bir daha paylaşması için dosya sahibi ile iletişime geçin.", - "Unknown error. Please check your system settings or contact your administrator" : "Bilinmeyen hata. Lütfen sistem ayarlarınızı denetleyin veya yöneticiniz ile iletişime geçin", - "Initial encryption started... This can take some time. Please wait." : "İlk şifreleme başladı... Bu biraz zaman alabilir. Lütfen bekleyin.", - "Initial encryption running... Please try again later." : "İlk şifreleme çalışıyor... Lütfen daha sonra tekrar deneyin.", - "Missing requirements." : "Gereklilikler eksik.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "OpenSSL'nin PHP uzantısıyla birlikte etkin ve düzgün yapılandırılmış olduğundan emin olun. Şimdilik şifreleme uygulaması devre dışı bırakıldı.", - "Following users are not set up for encryption:" : "Aşağıdaki kullanıcılar şifreleme için ayarlanmamış:", - "Go directly to your %spersonal settings%s." : "Doğrudan %skişisel ayarlarınıza%s gidin.", - "Server-side Encryption" : "Sunucu Taraflı Şifreleme", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Şifreleme Uygulaması etkin ancak anahtarlarınız başlatılmamış. Lütfen oturumu kapatıp yeniden açın", - "Enable recovery key (allow to recover users files in case of password loss):" : "Kurtarma anahtarını etkinleştir (parola kaybı durumunda kullanıcı dosyalarının kurtarılmasına izin verir):", - "Recovery key password" : "Kurtarma anahtarı parolası", - "Repeat Recovery key password" : "Kurtarma anahtarı parolasını yineleyin", - "Enabled" : "Etkin", - "Disabled" : "Devre Dışı", - "Change recovery key password:" : "Kurtarma anahtarı parolasını değiştir:", - "Old Recovery key password" : "Eski Kurtarma anahtarı parolası", - "New Recovery key password" : "Yeni Kurtarma anahtarı parolası", - "Repeat New Recovery key password" : "Yeni Kurtarma anahtarı parolasını yineleyin", - "Change Password" : "Parola Değiştir", - "Your private key password no longer matches your log-in password." : "Özel anahtar parolanız artık oturum açma parolanız ile eşleşmiyor.", - "Set your old private key password to your current log-in password:" : "Eski özel anahtar parolanızı, geçerli oturum açma parolanız olarak ayarlayın:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Eğer eski parolanızı hatırlamıyorsanız, yöneticinizden dosyalarınızı kurtarmasını talep edebilirsiniz.", - "Old log-in password" : "Eski oturum açma parolası", - "Current log-in password" : "Geçerli oturum açma parolası", - "Update Private Key Password" : "Özel Anahtar Parolasını Güncelle", - "Enable password recovery:" : "Parola kurtarmayı etkinleştir:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Bu seçeneği etkinleştirmek, parola kaybı durumunda şifrelenmiş dosyalarınıza erişimi yeniden kazanmanızı sağlayacaktır" -}, -"nplurals=2; plural=(n > 1);"); diff --git a/apps/files_encryption/l10n/tr.json b/apps/files_encryption/l10n/tr.json deleted file mode 100644 index c35db71b49..0000000000 --- a/apps/files_encryption/l10n/tr.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Bilinmeyen hata", - "Missing recovery key password" : "Eksik kurtarma anahtarı parolası", - "Please repeat the recovery key password" : "Lütfen kurtarma anahtarı parolasını yenileyin", - "Repeated recovery key password does not match the provided recovery key password" : "Yenilenen kurtarma anahtarı parolası, belirtilen kurtarma anahtarı parolası ile eşleşmiyor", - "Recovery key successfully enabled" : "Kurtarma anahtarı başarıyla etkinleştirildi", - "Could not disable recovery key. Please check your recovery key password!" : "Kurtarma anahtarı devre dışı bırakılamadı. Lütfen kurtarma anahtarı parolanızı kontrol edin!", - "Recovery key successfully disabled" : "Kurtarma anahtarı başarıyla devre dışı bırakıldı", - "Please provide the old recovery password" : "Lütfen eski kurtarma parolasını girin", - "Please provide a new recovery password" : "Lütfen yeni bir kurtarma parolası girin", - "Please repeat the new recovery password" : "Lütfen yeni kurtarma parolasını yenileyin", - "Password successfully changed." : "Parola başarıyla değiştirildi.", - "Could not change the password. Maybe the old password was not correct." : "Parola değiştirilemedi. Eski parolanız doğru olmayabilir.", - "Could not update the private key password." : "Özel anahtar parolası güncellenemedi", - "The old password was not correct, please try again." : "Eski parola doğru değil, lütfen yeniden deneyin.", - "The current log-in password was not correct, please try again." : "Geçerli oturum parolası doğru değil, lütfen yeniden deneyin.", - "Private key password successfully updated." : "Özel anahtar parolası başarıyla güncellendi.", - "File recovery settings updated" : "Dosya kurtarma ayarları güncellendi", - "Could not update file recovery" : "Dosya kurtarma güncellenemedi", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Şifreleme uygulaması başlatılamadı! Oturumunuz sırasında şifreleme uygulaması tekrar etkinleştirilmiş olabilir. Lütfen şifreleme uygulamasını başlatmak için oturumu kapatıp yeniden oturum açmayı deneyin.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Özel anahtarınız geçerli değil! Muhtemelen parolanız %s dışarısında değiştirildi (örn. şirket dizininde). Gizli anahtar parolanızı kişisel ayarlarınızda güncelleyerek şifreli dosyalarınıza erişimi kurtarabilirsiniz.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Bu dosya muhtemelen bir paylaşılan dosya olduğundan şifrelemesi kaldırılamıyor. Lütfen dosyayı sizinle bir daha paylaşması için dosya sahibi ile iletişime geçin.", - "Unknown error. Please check your system settings or contact your administrator" : "Bilinmeyen hata. Lütfen sistem ayarlarınızı denetleyin veya yöneticiniz ile iletişime geçin", - "Initial encryption started... This can take some time. Please wait." : "İlk şifreleme başladı... Bu biraz zaman alabilir. Lütfen bekleyin.", - "Initial encryption running... Please try again later." : "İlk şifreleme çalışıyor... Lütfen daha sonra tekrar deneyin.", - "Missing requirements." : "Gereklilikler eksik.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "OpenSSL'nin PHP uzantısıyla birlikte etkin ve düzgün yapılandırılmış olduğundan emin olun. Şimdilik şifreleme uygulaması devre dışı bırakıldı.", - "Following users are not set up for encryption:" : "Aşağıdaki kullanıcılar şifreleme için ayarlanmamış:", - "Go directly to your %spersonal settings%s." : "Doğrudan %skişisel ayarlarınıza%s gidin.", - "Server-side Encryption" : "Sunucu Taraflı Şifreleme", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Şifreleme Uygulaması etkin ancak anahtarlarınız başlatılmamış. Lütfen oturumu kapatıp yeniden açın", - "Enable recovery key (allow to recover users files in case of password loss):" : "Kurtarma anahtarını etkinleştir (parola kaybı durumunda kullanıcı dosyalarının kurtarılmasına izin verir):", - "Recovery key password" : "Kurtarma anahtarı parolası", - "Repeat Recovery key password" : "Kurtarma anahtarı parolasını yineleyin", - "Enabled" : "Etkin", - "Disabled" : "Devre Dışı", - "Change recovery key password:" : "Kurtarma anahtarı parolasını değiştir:", - "Old Recovery key password" : "Eski Kurtarma anahtarı parolası", - "New Recovery key password" : "Yeni Kurtarma anahtarı parolası", - "Repeat New Recovery key password" : "Yeni Kurtarma anahtarı parolasını yineleyin", - "Change Password" : "Parola Değiştir", - "Your private key password no longer matches your log-in password." : "Özel anahtar parolanız artık oturum açma parolanız ile eşleşmiyor.", - "Set your old private key password to your current log-in password:" : "Eski özel anahtar parolanızı, geçerli oturum açma parolanız olarak ayarlayın:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Eğer eski parolanızı hatırlamıyorsanız, yöneticinizden dosyalarınızı kurtarmasını talep edebilirsiniz.", - "Old log-in password" : "Eski oturum açma parolası", - "Current log-in password" : "Geçerli oturum açma parolası", - "Update Private Key Password" : "Özel Anahtar Parolasını Güncelle", - "Enable password recovery:" : "Parola kurtarmayı etkinleştir:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Bu seçeneği etkinleştirmek, parola kaybı durumunda şifrelenmiş dosyalarınıza erişimi yeniden kazanmanızı sağlayacaktır" -},"pluralForm" :"nplurals=2; plural=(n > 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/ug.js b/apps/files_encryption/l10n/ug.js deleted file mode 100644 index c712dd0320..0000000000 --- a/apps/files_encryption/l10n/ug.js +++ /dev/null @@ -1,6 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "يوچۇن خاتالىق" -}, -"nplurals=1; plural=0;"); diff --git a/apps/files_encryption/l10n/ug.json b/apps/files_encryption/l10n/ug.json deleted file mode 100644 index f42ffe1801..0000000000 --- a/apps/files_encryption/l10n/ug.json +++ /dev/null @@ -1,4 +0,0 @@ -{ "translations": { - "Unknown error" : "يوچۇن خاتالىق" -},"pluralForm" :"nplurals=1; plural=0;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/uk.js b/apps/files_encryption/l10n/uk.js deleted file mode 100644 index a5f70cf858..0000000000 --- a/apps/files_encryption/l10n/uk.js +++ /dev/null @@ -1,53 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Невідома помилка", - "Missing recovery key password" : "Відсутній пароль ключа відновлення", - "Please repeat the recovery key password" : "Введіть ще раз пароль для ключа відновлення", - "Repeated recovery key password does not match the provided recovery key password" : "Введені паролі ключа відновлення не співпадають", - "Recovery key successfully enabled" : "Ключ відновлення підключено", - "Could not disable recovery key. Please check your recovery key password!" : "Не вдалося відключити ключ відновлення. Будь ласка, перевірте пароль ключа відновлення!", - "Recovery key successfully disabled" : "Ключ відновлення відключено", - "Please provide the old recovery password" : "Будь ласка, введіть старий пароль відновлення", - "Please provide a new recovery password" : "Будь ласка, введіть новий пароль відновлення", - "Please repeat the new recovery password" : "Будь ласка, введіть новий пароль відновлення ще раз", - "Password successfully changed." : "Пароль змінено.", - "Could not change the password. Maybe the old password was not correct." : "Не вдалося змінити пароль. Можливо ви неправильно ввели старий пароль.", - "Could not update the private key password." : "Не вдалося оновити пароль секретного ключа.", - "The old password was not correct, please try again." : "Старий пароль введено не вірно, спробуйте ще раз.", - "The current log-in password was not correct, please try again." : "Невірний пароль входу, будь ласка, спробуйте ще раз.", - "Private key password successfully updated." : "Пароль секретного ключа оновлено.", - "File recovery settings updated" : "Налаштування файла відновлення оновлено", - "Could not update file recovery" : "Не вдалося оновити файл відновлення ", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Додаток шифрувння не ініціалізовано! Можливо цей додаток редагувався під час вашої сесії. Будь ласка, спробуйте вийти і зайти знову щоб проініціалізувати додаток шифрування.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Ваш секретний ключ не дійсний! Ймовірно ваш пароль був змінений ззовні %s (наприклад, корпоративний каталог). Ви можете оновити секретний ключ в особистих налаштуваннях на сторінці відновлення доступу до зашифрованих файлів.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Не можу розшифрувати цей файл, можливо він опублікований. Будь ласка, попросіть власника опублікувати його заново.", - "Unknown error. Please check your system settings or contact your administrator" : "Невідома помилка. Будь ласка, перевірте налаштування системи або зверніться до адміністратора.", - "Initial encryption started... This can take some time. Please wait." : "Початкове шифрування почалося... Це може зайняти деякий час. Будь ласка, почекайте.", - "Initial encryption running... Please try again later." : "Початкове шифрування працює... Це може зайняти деякий час. Будь ласка, почекайте.", - "Missing requirements." : "Відсутні вимоги.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Будь ласка, переконайтеся, що OpenSSL разом з розширенням PHP включена і налаштована належним чином. В даний час, шифрування додатку було відключено.", - "Following users are not set up for encryption:" : "Для наступних користувачів шифрування не налаштоване:", - "Go directly to your %spersonal settings%s." : "Перейти навпростець до ваших %spersonal settings%s.", - "Server-side Encryption" : "Серверне шіфрування", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Доданок шифрування ввімкнено, але ваші ключі не ініціалізовано, вийдіть та зайдіть знову", - "Enable recovery key (allow to recover users files in case of password loss):" : "Ввімкнути ключ відновлення (дозволяє користувачам відновлювати файли при втраті паролю):", - "Recovery key password" : "Пароль ключа відновлення", - "Repeat Recovery key password" : "Введіть ще раз пароль ключа відновлення", - "Enabled" : "Увімкнено", - "Disabled" : "Вимкнено", - "Change recovery key password:" : "Змінити пароль ключа відновлення:", - "Old Recovery key password" : "Старий пароль ключа відновлення", - "New Recovery key password" : "Новий пароль ключа відновлення", - "Repeat New Recovery key password" : "Введіть ще раз новий пароль ключа відновлення", - "Change Password" : "Змінити Пароль", - "Your private key password no longer matches your log-in password." : "Пароль вашого закритого ключа більше не відповідає паролю від вашого облікового запису.", - "Set your old private key password to your current log-in password:" : "Замініть старий пароль від закритого ключа на новий пароль входу:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Якщо ви не пам'ятаєте ваш старий пароль, ви можете звернутися до адміністратора щоб його відновити.", - "Old log-in password" : "Старий пароль входу", - "Current log-in password" : "Поточний пароль входу", - "Update Private Key Password" : "Оновити пароль для закритого ключа", - "Enable password recovery:" : "Ввімкнути відновлення паролю:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Включення цієї опції дозволить вам отримати доступ до своїх зашифрованих файлів у випадку втрати паролю" -}, -"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);"); diff --git a/apps/files_encryption/l10n/uk.json b/apps/files_encryption/l10n/uk.json deleted file mode 100644 index 69c44021ea..0000000000 --- a/apps/files_encryption/l10n/uk.json +++ /dev/null @@ -1,51 +0,0 @@ -{ "translations": { - "Unknown error" : "Невідома помилка", - "Missing recovery key password" : "Відсутній пароль ключа відновлення", - "Please repeat the recovery key password" : "Введіть ще раз пароль для ключа відновлення", - "Repeated recovery key password does not match the provided recovery key password" : "Введені паролі ключа відновлення не співпадають", - "Recovery key successfully enabled" : "Ключ відновлення підключено", - "Could not disable recovery key. Please check your recovery key password!" : "Не вдалося відключити ключ відновлення. Будь ласка, перевірте пароль ключа відновлення!", - "Recovery key successfully disabled" : "Ключ відновлення відключено", - "Please provide the old recovery password" : "Будь ласка, введіть старий пароль відновлення", - "Please provide a new recovery password" : "Будь ласка, введіть новий пароль відновлення", - "Please repeat the new recovery password" : "Будь ласка, введіть новий пароль відновлення ще раз", - "Password successfully changed." : "Пароль змінено.", - "Could not change the password. Maybe the old password was not correct." : "Не вдалося змінити пароль. Можливо ви неправильно ввели старий пароль.", - "Could not update the private key password." : "Не вдалося оновити пароль секретного ключа.", - "The old password was not correct, please try again." : "Старий пароль введено не вірно, спробуйте ще раз.", - "The current log-in password was not correct, please try again." : "Невірний пароль входу, будь ласка, спробуйте ще раз.", - "Private key password successfully updated." : "Пароль секретного ключа оновлено.", - "File recovery settings updated" : "Налаштування файла відновлення оновлено", - "Could not update file recovery" : "Не вдалося оновити файл відновлення ", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "Додаток шифрувння не ініціалізовано! Можливо цей додаток редагувався під час вашої сесії. Будь ласка, спробуйте вийти і зайти знову щоб проініціалізувати додаток шифрування.", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "Ваш секретний ключ не дійсний! Ймовірно ваш пароль був змінений ззовні %s (наприклад, корпоративний каталог). Ви можете оновити секретний ключ в особистих налаштуваннях на сторінці відновлення доступу до зашифрованих файлів.", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Не можу розшифрувати цей файл, можливо він опублікований. Будь ласка, попросіть власника опублікувати його заново.", - "Unknown error. Please check your system settings or contact your administrator" : "Невідома помилка. Будь ласка, перевірте налаштування системи або зверніться до адміністратора.", - "Initial encryption started... This can take some time. Please wait." : "Початкове шифрування почалося... Це може зайняти деякий час. Будь ласка, почекайте.", - "Initial encryption running... Please try again later." : "Початкове шифрування працює... Це може зайняти деякий час. Будь ласка, почекайте.", - "Missing requirements." : "Відсутні вимоги.", - "Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled." : "Будь ласка, переконайтеся, що OpenSSL разом з розширенням PHP включена і налаштована належним чином. В даний час, шифрування додатку було відключено.", - "Following users are not set up for encryption:" : "Для наступних користувачів шифрування не налаштоване:", - "Go directly to your %spersonal settings%s." : "Перейти навпростець до ваших %spersonal settings%s.", - "Server-side Encryption" : "Серверне шіфрування", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Доданок шифрування ввімкнено, але ваші ключі не ініціалізовано, вийдіть та зайдіть знову", - "Enable recovery key (allow to recover users files in case of password loss):" : "Ввімкнути ключ відновлення (дозволяє користувачам відновлювати файли при втраті паролю):", - "Recovery key password" : "Пароль ключа відновлення", - "Repeat Recovery key password" : "Введіть ще раз пароль ключа відновлення", - "Enabled" : "Увімкнено", - "Disabled" : "Вимкнено", - "Change recovery key password:" : "Змінити пароль ключа відновлення:", - "Old Recovery key password" : "Старий пароль ключа відновлення", - "New Recovery key password" : "Новий пароль ключа відновлення", - "Repeat New Recovery key password" : "Введіть ще раз новий пароль ключа відновлення", - "Change Password" : "Змінити Пароль", - "Your private key password no longer matches your log-in password." : "Пароль вашого закритого ключа більше не відповідає паролю від вашого облікового запису.", - "Set your old private key password to your current log-in password:" : "Замініть старий пароль від закритого ключа на новий пароль входу:", - " If you don't remember your old password you can ask your administrator to recover your files." : "Якщо ви не пам'ятаєте ваш старий пароль, ви можете звернутися до адміністратора щоб його відновити.", - "Old log-in password" : "Старий пароль входу", - "Current log-in password" : "Поточний пароль входу", - "Update Private Key Password" : "Оновити пароль для закритого ключа", - "Enable password recovery:" : "Ввімкнути відновлення паролю:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Включення цієї опції дозволить вам отримати доступ до своїх зашифрованих файлів у випадку втрати паролю" -},"pluralForm" :"nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/ur_PK.js b/apps/files_encryption/l10n/ur_PK.js deleted file mode 100644 index f2fd4d3419..0000000000 --- a/apps/files_encryption/l10n/ur_PK.js +++ /dev/null @@ -1,6 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "غیر معروف خرابی" -}, -"nplurals=2; plural=(n != 1);"); diff --git a/apps/files_encryption/l10n/ur_PK.json b/apps/files_encryption/l10n/ur_PK.json deleted file mode 100644 index 7d7738b381..0000000000 --- a/apps/files_encryption/l10n/ur_PK.json +++ /dev/null @@ -1,4 +0,0 @@ -{ "translations": { - "Unknown error" : "غیر معروف خرابی" -},"pluralForm" :"nplurals=2; plural=(n != 1);" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/vi.js b/apps/files_encryption/l10n/vi.js deleted file mode 100644 index 5b660cbf5b..0000000000 --- a/apps/files_encryption/l10n/vi.js +++ /dev/null @@ -1,24 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "Lỗi chưa biết", - "Recovery key successfully enabled" : "Khóa khôi phục kích hoạt thành công", - "Could not disable recovery key. Please check your recovery key password!" : "Không thể vô hiệu hóa khóa khôi phục. Vui lòng kiểm tra mật khẩu khóa khôi phục!", - "Recovery key successfully disabled" : "Vô hiệu hóa khóa khôi phục thành công", - "Password successfully changed." : "Đã đổi mật khẩu.", - "Could not change the password. Maybe the old password was not correct." : "Không thể đổi mật khẩu. Có lẽ do mật khẩu cũ không đúng.", - "Private key password successfully updated." : "Cập nhật thành công mật khẩu khóa cá nhân", - "File recovery settings updated" : "Đã cập nhật thiết lập khôi phục tập tin ", - "Could not update file recovery" : "Không thể cập nhật khôi phục tập tin", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Ứng dụng mã hóa đã được kích hoạt nhưng bạn chưa khởi tạo khóa. Vui lòng đăng xuất ra và đăng nhập lại", - "Enabled" : "Bật", - "Disabled" : "Tắt", - "Change Password" : "Đổi Mật khẩu", - " If you don't remember your old password you can ask your administrator to recover your files." : "Nếu bạn không nhớ mật khẩu cũ, bạn có thể yêu cầu quản trị viên khôi phục tập tin của bạn.", - "Old log-in password" : "Mật khẩu đăng nhập cũ", - "Current log-in password" : "Mật khẩu đăng nhập hiện tại", - "Update Private Key Password" : "Cập nhật mật khẩu khóa cá nhân", - "Enable password recovery:" : "Kích hoạt khôi phục mật khẩu:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Tùy chọn này sẽ cho phép bạn tái truy cập đến các tập tin mã hóa trong trường hợp mất mật khẩu" -}, -"nplurals=1; plural=0;"); diff --git a/apps/files_encryption/l10n/vi.json b/apps/files_encryption/l10n/vi.json deleted file mode 100644 index 85c2f36366..0000000000 --- a/apps/files_encryption/l10n/vi.json +++ /dev/null @@ -1,22 +0,0 @@ -{ "translations": { - "Unknown error" : "Lỗi chưa biết", - "Recovery key successfully enabled" : "Khóa khôi phục kích hoạt thành công", - "Could not disable recovery key. Please check your recovery key password!" : "Không thể vô hiệu hóa khóa khôi phục. Vui lòng kiểm tra mật khẩu khóa khôi phục!", - "Recovery key successfully disabled" : "Vô hiệu hóa khóa khôi phục thành công", - "Password successfully changed." : "Đã đổi mật khẩu.", - "Could not change the password. Maybe the old password was not correct." : "Không thể đổi mật khẩu. Có lẽ do mật khẩu cũ không đúng.", - "Private key password successfully updated." : "Cập nhật thành công mật khẩu khóa cá nhân", - "File recovery settings updated" : "Đã cập nhật thiết lập khôi phục tập tin ", - "Could not update file recovery" : "Không thể cập nhật khôi phục tập tin", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Ứng dụng mã hóa đã được kích hoạt nhưng bạn chưa khởi tạo khóa. Vui lòng đăng xuất ra và đăng nhập lại", - "Enabled" : "Bật", - "Disabled" : "Tắt", - "Change Password" : "Đổi Mật khẩu", - " If you don't remember your old password you can ask your administrator to recover your files." : "Nếu bạn không nhớ mật khẩu cũ, bạn có thể yêu cầu quản trị viên khôi phục tập tin của bạn.", - "Old log-in password" : "Mật khẩu đăng nhập cũ", - "Current log-in password" : "Mật khẩu đăng nhập hiện tại", - "Update Private Key Password" : "Cập nhật mật khẩu khóa cá nhân", - "Enable password recovery:" : "Kích hoạt khôi phục mật khẩu:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "Tùy chọn này sẽ cho phép bạn tái truy cập đến các tập tin mã hóa trong trường hợp mất mật khẩu" -},"pluralForm" :"nplurals=1; plural=0;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/zh_CN.js b/apps/files_encryption/l10n/zh_CN.js deleted file mode 100644 index f6038cc6fd..0000000000 --- a/apps/files_encryption/l10n/zh_CN.js +++ /dev/null @@ -1,48 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "未知错误", - "Missing recovery key password" : "丢失的回复密钥", - "Please repeat the recovery key password" : "请替换恢复密钥", - "Recovery key successfully enabled" : "恢复密钥成功启用", - "Could not disable recovery key. Please check your recovery key password!" : "不能禁用恢复密钥。请检查恢复密钥密码!", - "Recovery key successfully disabled" : "恢复密钥成功禁用", - "Please provide the old recovery password" : "请提供原来的恢复密码", - "Please provide a new recovery password" : "请提供一个新的恢复密码", - "Please repeat the new recovery password" : "请替换新的恢复密码", - "Password successfully changed." : "密码修改成功。", - "Could not change the password. Maybe the old password was not correct." : "不能修改密码。旧密码可能不正确。", - "Could not update the private key password." : "不能更新私有密钥。", - "The old password was not correct, please try again." : "原始密码错误,请重试。", - "Private key password successfully updated." : "私钥密码成功更新。", - "File recovery settings updated" : "文件恢复设置已更新", - "Could not update file recovery" : "不能更新文件恢复", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "加密应用还没有初始化!可能加密应用在你会话期间已被重新启用。请注销并重新登录,以初始化加密应用。", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "您的私有密钥无效!也许是您在 %s 外更改了密码 (比如,在您的公司目录)。您可以在个人设置里更新您的私钥密码来恢复访问你的加密文件。", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : " 无法解密这个文件(或许这是一个共享文件?),请询问文件所有者重新与您分享这个文件。", - "Unknown error. Please check your system settings or contact your administrator" : "未知错误。请检查系统设置或联系您的管理员", - "Initial encryption started... This can take some time. Please wait." : "初始加密启动中....这可能会花一些时间,请稍后再试。", - "Initial encryption running... Please try again later." : "初始加密运行中....请稍后再试。", - "Missing requirements." : "必填项未填写。", - "Following users are not set up for encryption:" : "以下用户还没有设置加密:", - "Go directly to your %spersonal settings%s." : "直接访问您的%s个人设置%s。", - "Server-side Encryption" : "服务器端加密", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "加密应用被启用了,但是你的加密密钥没有初始化,请重新登出登录系统一次。", - "Enable recovery key (allow to recover users files in case of password loss):" : "启用恢复密钥(允许你在密码丢失后恢复文件):", - "Recovery key password" : "恢复密钥密码", - "Repeat Recovery key password" : "重复恢复密钥密码", - "Enabled" : "开启", - "Disabled" : "禁用", - "Change recovery key password:" : "更改恢复密钥密码", - "Old Recovery key password" : "旧的恢复密钥密码", - "New Recovery key password" : "新的恢复密钥密码", - "Repeat New Recovery key password" : "重复新的密钥恢复密码", - "Change Password" : "修改密码", - " If you don't remember your old password you can ask your administrator to recover your files." : "如果您记不住旧的密码,您可以请求管理员恢复您的文件。", - "Old log-in password" : "旧登录密码", - "Current log-in password" : "当前登录密码", - "Update Private Key Password" : "更新私钥密码", - "Enable password recovery:" : "启用密码恢复:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "启用该项将允许你在密码丢失后取回您的加密文件" -}, -"nplurals=1; plural=0;"); diff --git a/apps/files_encryption/l10n/zh_CN.json b/apps/files_encryption/l10n/zh_CN.json deleted file mode 100644 index 0a98a5d858..0000000000 --- a/apps/files_encryption/l10n/zh_CN.json +++ /dev/null @@ -1,46 +0,0 @@ -{ "translations": { - "Unknown error" : "未知错误", - "Missing recovery key password" : "丢失的回复密钥", - "Please repeat the recovery key password" : "请替换恢复密钥", - "Recovery key successfully enabled" : "恢复密钥成功启用", - "Could not disable recovery key. Please check your recovery key password!" : "不能禁用恢复密钥。请检查恢复密钥密码!", - "Recovery key successfully disabled" : "恢复密钥成功禁用", - "Please provide the old recovery password" : "请提供原来的恢复密码", - "Please provide a new recovery password" : "请提供一个新的恢复密码", - "Please repeat the new recovery password" : "请替换新的恢复密码", - "Password successfully changed." : "密码修改成功。", - "Could not change the password. Maybe the old password was not correct." : "不能修改密码。旧密码可能不正确。", - "Could not update the private key password." : "不能更新私有密钥。", - "The old password was not correct, please try again." : "原始密码错误,请重试。", - "Private key password successfully updated." : "私钥密码成功更新。", - "File recovery settings updated" : "文件恢复设置已更新", - "Could not update file recovery" : "不能更新文件恢复", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "加密应用还没有初始化!可能加密应用在你会话期间已被重新启用。请注销并重新登录,以初始化加密应用。", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "您的私有密钥无效!也许是您在 %s 外更改了密码 (比如,在您的公司目录)。您可以在个人设置里更新您的私钥密码来恢复访问你的加密文件。", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : " 无法解密这个文件(或许这是一个共享文件?),请询问文件所有者重新与您分享这个文件。", - "Unknown error. Please check your system settings or contact your administrator" : "未知错误。请检查系统设置或联系您的管理员", - "Initial encryption started... This can take some time. Please wait." : "初始加密启动中....这可能会花一些时间,请稍后再试。", - "Initial encryption running... Please try again later." : "初始加密运行中....请稍后再试。", - "Missing requirements." : "必填项未填写。", - "Following users are not set up for encryption:" : "以下用户还没有设置加密:", - "Go directly to your %spersonal settings%s." : "直接访问您的%s个人设置%s。", - "Server-side Encryption" : "服务器端加密", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "加密应用被启用了,但是你的加密密钥没有初始化,请重新登出登录系统一次。", - "Enable recovery key (allow to recover users files in case of password loss):" : "启用恢复密钥(允许你在密码丢失后恢复文件):", - "Recovery key password" : "恢复密钥密码", - "Repeat Recovery key password" : "重复恢复密钥密码", - "Enabled" : "开启", - "Disabled" : "禁用", - "Change recovery key password:" : "更改恢复密钥密码", - "Old Recovery key password" : "旧的恢复密钥密码", - "New Recovery key password" : "新的恢复密钥密码", - "Repeat New Recovery key password" : "重复新的密钥恢复密码", - "Change Password" : "修改密码", - " If you don't remember your old password you can ask your administrator to recover your files." : "如果您记不住旧的密码,您可以请求管理员恢复您的文件。", - "Old log-in password" : "旧登录密码", - "Current log-in password" : "当前登录密码", - "Update Private Key Password" : "更新私钥密码", - "Enable password recovery:" : "启用密码恢复:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "启用该项将允许你在密码丢失后取回您的加密文件" -},"pluralForm" :"nplurals=1; plural=0;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/zh_HK.js b/apps/files_encryption/l10n/zh_HK.js deleted file mode 100644 index 071be6c554..0000000000 --- a/apps/files_encryption/l10n/zh_HK.js +++ /dev/null @@ -1,9 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "不明錯誤", - "Enabled" : "啟用", - "Disabled" : "停用", - "Change Password" : "更改密碼" -}, -"nplurals=1; plural=0;"); diff --git a/apps/files_encryption/l10n/zh_HK.json b/apps/files_encryption/l10n/zh_HK.json deleted file mode 100644 index eea4209784..0000000000 --- a/apps/files_encryption/l10n/zh_HK.json +++ /dev/null @@ -1,7 +0,0 @@ -{ "translations": { - "Unknown error" : "不明錯誤", - "Enabled" : "啟用", - "Disabled" : "停用", - "Change Password" : "更改密碼" -},"pluralForm" :"nplurals=1; plural=0;" -} \ No newline at end of file diff --git a/apps/files_encryption/l10n/zh_TW.js b/apps/files_encryption/l10n/zh_TW.js deleted file mode 100644 index fb80249b70..0000000000 --- a/apps/files_encryption/l10n/zh_TW.js +++ /dev/null @@ -1,39 +0,0 @@ -OC.L10N.register( - "files_encryption", - { - "Unknown error" : "未知的錯誤", - "Recovery key successfully enabled" : "還原金鑰已成功開啟", - "Could not disable recovery key. Please check your recovery key password!" : "無法停用還原金鑰。請檢查您的還原金鑰密碼!", - "Recovery key successfully disabled" : "還原金鑰已成功停用", - "Password successfully changed." : "成功變更密碼。", - "Could not change the password. Maybe the old password was not correct." : "無法變更密碼,或許是輸入的舊密碼不正確。", - "Private key password successfully updated." : "私人金鑰密碼已成功更新。", - "File recovery settings updated" : "檔案還原設定已更新", - "Could not update file recovery" : "無法更新檔案還原設定", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "加密功能未初始化!可能加密功能需要重新啟用在現在的連線上。請試著登出再登入來初始化加密功能。", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "您的私人金鑰不正確!可能您的密碼已經變更在外部的 %s (例如:您的企業目錄)。您可以在您的個人設定中更新私人金鑰密碼來還原存取您的加密檔案。", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "無法解密這個檔案,也許這是分享的檔案。請詢問檔案所有人重新分享檔案給您。", - "Unknown error. Please check your system settings or contact your administrator" : "未知錯誤請檢查您的系統設定或是聯絡您的管理員", - "Initial encryption started... This can take some time. Please wait." : "加密初始已啟用...這個需要一些時間。請稍等。", - "Initial encryption running... Please try again later." : "加密初始執行中...請晚點再試。", - "Missing requirements." : "遺失必要條件。", - "Following users are not set up for encryption:" : "以下的使用者無法設定加密:", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "檔案加密已啓用,但是您的金鑰尚未初始化,請重新登入一次", - "Enable recovery key (allow to recover users files in case of password loss):" : "啟用還原金鑰 (因忘記密碼仍允許還原使用者檔案):", - "Recovery key password" : "還原金鑰密碼", - "Repeat Recovery key password" : "再輸入還原金鑰密碼一次", - "Enabled" : "已啓用", - "Disabled" : "已停用", - "Change recovery key password:" : "變更還原金鑰密碼:", - "Old Recovery key password" : "舊的還原金鑰密碼", - "New Recovery key password" : "新的還原金鑰密碼", - "Repeat New Recovery key password" : "再輸入新的還原金鑰密碼一次", - "Change Password" : "變更密碼", - " If you don't remember your old password you can ask your administrator to recover your files." : "如果您忘記舊密碼,可以請求管理員協助取回檔案。", - "Old log-in password" : "舊登入密碼", - "Current log-in password" : "目前的登入密碼", - "Update Private Key Password" : "更新私人金鑰密碼", - "Enable password recovery:" : "啟用密碼還原:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "啟用這個選項將會允許您因忘記密碼但需要存取您的加密檔案" -}, -"nplurals=1; plural=0;"); diff --git a/apps/files_encryption/l10n/zh_TW.json b/apps/files_encryption/l10n/zh_TW.json deleted file mode 100644 index 06ff2ed3fe..0000000000 --- a/apps/files_encryption/l10n/zh_TW.json +++ /dev/null @@ -1,37 +0,0 @@ -{ "translations": { - "Unknown error" : "未知的錯誤", - "Recovery key successfully enabled" : "還原金鑰已成功開啟", - "Could not disable recovery key. Please check your recovery key password!" : "無法停用還原金鑰。請檢查您的還原金鑰密碼!", - "Recovery key successfully disabled" : "還原金鑰已成功停用", - "Password successfully changed." : "成功變更密碼。", - "Could not change the password. Maybe the old password was not correct." : "無法變更密碼,或許是輸入的舊密碼不正確。", - "Private key password successfully updated." : "私人金鑰密碼已成功更新。", - "File recovery settings updated" : "檔案還原設定已更新", - "Could not update file recovery" : "無法更新檔案還原設定", - "Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app." : "加密功能未初始化!可能加密功能需要重新啟用在現在的連線上。請試著登出再登入來初始化加密功能。", - "Your private key is not valid! Likely your password was changed outside of %s (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files." : "您的私人金鑰不正確!可能您的密碼已經變更在外部的 %s (例如:您的企業目錄)。您可以在您的個人設定中更新私人金鑰密碼來還原存取您的加密檔案。", - "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "無法解密這個檔案,也許這是分享的檔案。請詢問檔案所有人重新分享檔案給您。", - "Unknown error. Please check your system settings or contact your administrator" : "未知錯誤請檢查您的系統設定或是聯絡您的管理員", - "Initial encryption started... This can take some time. Please wait." : "加密初始已啟用...這個需要一些時間。請稍等。", - "Initial encryption running... Please try again later." : "加密初始執行中...請晚點再試。", - "Missing requirements." : "遺失必要條件。", - "Following users are not set up for encryption:" : "以下的使用者無法設定加密:", - "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "檔案加密已啓用,但是您的金鑰尚未初始化,請重新登入一次", - "Enable recovery key (allow to recover users files in case of password loss):" : "啟用還原金鑰 (因忘記密碼仍允許還原使用者檔案):", - "Recovery key password" : "還原金鑰密碼", - "Repeat Recovery key password" : "再輸入還原金鑰密碼一次", - "Enabled" : "已啓用", - "Disabled" : "已停用", - "Change recovery key password:" : "變更還原金鑰密碼:", - "Old Recovery key password" : "舊的還原金鑰密碼", - "New Recovery key password" : "新的還原金鑰密碼", - "Repeat New Recovery key password" : "再輸入新的還原金鑰密碼一次", - "Change Password" : "變更密碼", - " If you don't remember your old password you can ask your administrator to recover your files." : "如果您忘記舊密碼,可以請求管理員協助取回檔案。", - "Old log-in password" : "舊登入密碼", - "Current log-in password" : "目前的登入密碼", - "Update Private Key Password" : "更新私人金鑰密碼", - "Enable password recovery:" : "啟用密碼還原:", - "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" : "啟用這個選項將會允許您因忘記密碼但需要存取您的加密檔案" -},"pluralForm" :"nplurals=1; plural=0;" -} \ No newline at end of file diff --git a/apps/files_encryption/lib/capabilities.php b/apps/files_encryption/lib/capabilities.php deleted file mode 100644 index 0ed696fc7c..0000000000 --- a/apps/files_encryption/lib/capabilities.php +++ /dev/null @@ -1,39 +0,0 @@ - - * @author Joas Schilling - * @author Morris Jobke - * @author Tom Needham - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption; - -class Capabilities { - - public static function getCapabilities() { - return new \OC_OCS_Result(array( - 'capabilities' => array( - 'files' => array( - 'encryption' => true, - ), - ), - )); - } - -} diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php deleted file mode 100644 index 784121c7ed..0000000000 --- a/apps/files_encryption/lib/crypt.php +++ /dev/null @@ -1,581 +0,0 @@ - - * @author Florin Peter - * @author Joas Schilling - * @author Jörn Friedrich Dreyer - * @author Morris Jobke - * @author Owen Winkler - * @author Robin McCorkell - * @author Sam Tuke - * @author Scott Arciszewski - * @author Thomas Müller - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption; - -/** - * Class for common cryptography functionality - */ - -class Crypt { - - const ENCRYPTION_UNKNOWN_ERROR = -1; - const ENCRYPTION_NOT_INITIALIZED_ERROR = 1; - const ENCRYPTION_PRIVATE_KEY_NOT_VALID_ERROR = 2; - const ENCRYPTION_NO_SHARE_KEY_FOUND = 3; - - const BLOCKSIZE = 8192; // block size will always be 8192 for a PHP stream https://bugs.php.net/bug.php?id=21641 - const DEFAULT_CIPHER = 'AES-256-CFB'; - - const HEADERSTART = 'HBEGIN'; - const HEADEREND = 'HEND'; - - /** - * return encryption mode client or server side encryption - * @param string $user name (use system wide setting if name=null) - * @return string 'client' or 'server' - * @note at the moment we only support server side encryption - */ - public static function mode($user = null) { - - return 'server'; - - } - - /** - * Create a new encryption keypair - * @return array publicKey, privatekey - */ - public static function createKeypair() { - - $return = false; - - $res = Helper::getOpenSSLPkey(); - - if ($res === false) { - \OCP\Util::writeLog('Encryption library', 'couldn\'t generate users key-pair for ' . \OCP\User::getUser(), \OCP\Util::ERROR); - while ($msg = openssl_error_string()) { - \OCP\Util::writeLog('Encryption library', 'openssl_pkey_new() fails: ' . $msg, \OCP\Util::ERROR); - } - } elseif (openssl_pkey_export($res, $privateKey, null, Helper::getOpenSSLConfig())) { - // Get public key - $keyDetails = openssl_pkey_get_details($res); - $publicKey = $keyDetails['key']; - - $return = array( - 'publicKey' => $publicKey, - 'privateKey' => $privateKey - ); - } else { - \OCP\Util::writeLog('Encryption library', 'couldn\'t export users private key, please check your servers openSSL configuration.' . \OCP\User::getUser(), \OCP\Util::ERROR); - while($errMsg = openssl_error_string()) { - \OCP\Util::writeLog('Encryption library', $errMsg, \OCP\Util::ERROR); - } - } - - return $return; - } - - /** - * Add arbitrary padding to encrypted data - * @param string $data data to be padded - * @return string padded data - * @note In order to end up with data exactly 8192 bytes long we must - * add two letters. It is impossible to achieve exactly 8192 length - * blocks with encryption alone, hence padding is added to achieve the - * required length. - */ - private static function addPadding($data) { - - $padded = $data . 'xx'; - - return $padded; - - } - - /** - * Remove arbitrary padding to encrypted data - * @param string $padded padded data to remove padding from - * @return string unpadded data on success, false on error - */ - private static function removePadding($padded) { - - if (substr($padded, -2) === 'xx') { - - $data = substr($padded, 0, -2); - - return $data; - - } else { - - // TODO: log the fact that unpadded data was submitted for removal of padding - return false; - - } - - } - - /** - * Check if a file's contents contains an IV and is symmetrically encrypted - * @param string $content - * @return boolean - * @note see also \OCA\Files_Encryption\Util->isEncryptedPath() - */ - public static function isCatfileContent($content) { - - if (!$content) { - - return false; - - } - - $noPadding = self::removePadding($content); - - // Fetch encryption metadata from end of file - $meta = substr($noPadding, -22); - - // Fetch identifier from start of metadata - $identifier = substr($meta, 0, 6); - - if ($identifier === '00iv00') { - - return true; - - } else { - - return false; - - } - - } - - /** - * Check if a file is encrypted according to database file cache - * @param string $path - * @return bool - */ - public static function isEncryptedMeta($path) { - - // TODO: Use DI to get \OC\Files\Filesystem out of here - - // Fetch all file metadata from DB - $metadata = \OC\Files\Filesystem::getFileInfo($path); - - // Return encryption status - return isset($metadata['encrypted']) && ( bool )$metadata['encrypted']; - - } - - /** - * Symmetrically encrypt a string - * @param string $plainContent - * @param string $iv - * @param string $passphrase - * @param string $cypher used for encryption, currently we support AES-128-CFB and AES-256-CFB - * @return string encrypted file content - * @throws \OCA\Files_Encryption\Exception\EncryptionException - */ - private static function encrypt($plainContent, $iv, $passphrase = '', $cipher = Crypt::DEFAULT_CIPHER) { - - $encryptedContent = openssl_encrypt($plainContent, $cipher, $passphrase, false, $iv); - - if (!$encryptedContent) { - $error = "Encryption (symmetric) of content failed: " . openssl_error_string(); - \OCP\Util::writeLog('Encryption library', $error, \OCP\Util::ERROR); - throw new Exception\EncryptionException($error, Exception\EncryptionException::ENCRYPTION_FAILED); - } - - return $encryptedContent; - - } - - /** - * Symmetrically decrypt a string - * @param string $encryptedContent - * @param string $iv - * @param string $passphrase - * @param string $cipher cipher user for decryption, currently we support aes128 and aes256 - * @throws \Exception - * @return string decrypted file content - */ - private static function decrypt($encryptedContent, $iv, $passphrase, $cipher = Crypt::DEFAULT_CIPHER) { - - $plainContent = openssl_decrypt($encryptedContent, $cipher, $passphrase, false, $iv); - - if ($plainContent) { - return $plainContent; - } else { - throw new \Exception('Encryption library: Decryption (symmetric) of content failed'); - } - - } - - /** - * Concatenate encrypted data with its IV and padding - * @param string $content content to be concatenated - * @param string $iv IV to be concatenated - * @return string concatenated content - */ - private static function concatIv($content, $iv) { - - $combined = $content . '00iv00' . $iv; - - return $combined; - - } - - /** - * Split concatenated data and IV into respective parts - * @param string $catFile concatenated data to be split - * @return array keys: encrypted, iv - */ - private static function splitIv($catFile) { - - // Fetch encryption metadata from end of file - $meta = substr($catFile, -22); - - // Fetch IV from end of file - $iv = substr($meta, -16); - - // Remove IV and IV identifier text to expose encrypted content - $encrypted = substr($catFile, 0, -22); - - $split = array( - 'encrypted' => $encrypted, - 'iv' => $iv - ); - - return $split; - - } - - /** - * Symmetrically encrypts a string and returns keyfile content - * @param string $plainContent content to be encrypted in keyfile - * @param string $passphrase - * @param string $cypher used for encryption, currently we support AES-128-CFB and AES-256-CFB - * @return false|string encrypted content combined with IV - * @note IV need not be specified, as it will be stored in the returned keyfile - * and remain accessible therein. - */ - public static function symmetricEncryptFileContent($plainContent, $passphrase = '', $cipher = Crypt::DEFAULT_CIPHER) { - - if (!$plainContent) { - \OCP\Util::writeLog('Encryption library', 'symmetrically encryption failed, no content given.', \OCP\Util::ERROR); - return false; - } - - $iv = self::generateIv(); - - try { - $encryptedContent = self::encrypt($plainContent, $iv, $passphrase, $cipher); - // Combine content to encrypt with IV identifier and actual IV - $catfile = self::concatIv($encryptedContent, $iv); - $padded = self::addPadding($catfile); - - return $padded; - } catch (Exception\EncryptionException $e) { - $message = 'Could not encrypt file content (code: ' . $e->getCode() . '): '; - \OCP\Util::writeLog('files_encryption', $message . $e->getMessage(), \OCP\Util::ERROR); - return false; - } - - } - - - /** - * Symmetrically decrypts keyfile content - * @param string $keyfileContent - * @param string $passphrase - * @param string $cipher cipher used for decryption, currently aes128 and aes256 is supported. - * @throws \Exception - * @return string|false - * @internal param string $source - * @internal param string $target - * @internal param string $key the decryption key - * @return string decrypted content - * - * This function decrypts a file - */ - public static function symmetricDecryptFileContent($keyfileContent, $passphrase = '', $cipher = Crypt::DEFAULT_CIPHER) { - - if (!$keyfileContent) { - - throw new \Exception('Encryption library: no data provided for decryption'); - - } - - // Remove padding - $noPadding = self::removePadding($keyfileContent); - - // Split into enc data and catfile - $catfile = self::splitIv($noPadding); - - if ($plainContent = self::decrypt($catfile['encrypted'], $catfile['iv'], $passphrase, $cipher)) { - - return $plainContent; - - } else { - return false; - } - - } - - /** - * Decrypt private key and check if the result is a valid keyfile - * - * @param string $encryptedKey encrypted keyfile - * @param string $passphrase to decrypt keyfile - * @return string|false encrypted private key or false - * - * This function decrypts a file - */ - public static function decryptPrivateKey($encryptedKey, $passphrase) { - - $header = self::parseHeader($encryptedKey); - $cipher = self::getCipher($header); - - // if we found a header we need to remove it from the key we want to decrypt - if (!empty($header)) { - $encryptedKey = substr($encryptedKey, strpos($encryptedKey, self::HEADEREND) + strlen(self::HEADEREND)); - } - - $plainKey = self::symmetricDecryptFileContent($encryptedKey, $passphrase, $cipher); - - // check if this a valid private key - $res = openssl_pkey_get_private($plainKey); - if (is_resource($res)) { - $sslInfo = openssl_pkey_get_details($res); - if (!isset($sslInfo['key'])) { - $plainKey = false; - } - } else { - $plainKey = false; - } - - return $plainKey; - - } - - /** - * Create asymmetrically encrypted keyfile content using a generated key - * @param string $plainContent content to be encrypted - * @param array $publicKeys array keys must be the userId of corresponding user - * @return array keys: keys (array, key = userId), data - * @throws \OCA\Files_Encryption\Exception\MultiKeyEncryptException if encryption failed - * @note symmetricDecryptFileContent() can decrypt files created using this method - */ - public static function multiKeyEncrypt($plainContent, array $publicKeys) { - - // openssl_seal returns false without errors if $plainContent - // is empty, so trigger our own error - if (empty($plainContent)) { - throw new Exception\MultiKeyEncryptException('Cannot multiKeyEncrypt empty plain content', Exception\MultiKeyEncryptException::EMPTY_DATA); - } - - // Set empty vars to be set by openssl by reference - $sealed = ''; - $shareKeys = array(); - $mappedShareKeys = array(); - - if (openssl_seal($plainContent, $sealed, $shareKeys, $publicKeys)) { - - $i = 0; - - // Ensure each shareKey is labelled with its - // corresponding userId - foreach ($publicKeys as $userId => $publicKey) { - - $mappedShareKeys[$userId] = $shareKeys[$i]; - $i++; - - } - - return array( - 'keys' => $mappedShareKeys, - 'data' => $sealed - ); - - } else { - throw new Exception\MultiKeyEncryptException('multi key encryption failed: ' . openssl_error_string(), - Exception\MultiKeyEncryptException::OPENSSL_SEAL_FAILED); - } - - } - - /** - * Asymmetrically encrypt a file using multiple public keys - * @param string $encryptedContent - * @param string $shareKey - * @param mixed $privateKey - * @throws \OCA\Files_Encryption\Exception\MultiKeyDecryptException if decryption failed - * @internal param string $plainContent contains decrypted content - * @return string $plainContent decrypted string - * @note symmetricDecryptFileContent() can be used to decrypt files created using this method - * - * This function decrypts a file - */ - public static function multiKeyDecrypt($encryptedContent, $shareKey, $privateKey) { - - if (!$encryptedContent) { - throw new Exception\MultiKeyDecryptException('Cannot mutliKeyDecrypt empty plain content', - Exception\MultiKeyDecryptException::EMPTY_DATA); - } - - if (openssl_open($encryptedContent, $plainContent, $shareKey, $privateKey)) { - - return $plainContent; - - } else { - throw new Exception\MultiKeyDecryptException('multiKeyDecrypt with share-key' . $shareKey . 'failed: ' . openssl_error_string(), - Exception\MultiKeyDecryptException::OPENSSL_OPEN_FAILED); - } - - } - - /** - * Generates a pseudo random initialisation vector - * @return String $iv generated IV - */ - private static function generateIv() { - - if ($random = openssl_random_pseudo_bytes(12, $strong)) { - - if (!$strong) { - - // If OpenSSL indicates randomness is insecure, log error - \OCP\Util::writeLog('Encryption library', 'Insecure symmetric key was generated using openssl_random_pseudo_bytes()', \OCP\Util::WARN); - - } - - // We encode the iv purely for string manipulation - // purposes - it gets decoded before use - $iv = base64_encode($random); - - return $iv; - - } else { - - throw new \Exception('Generating IV failed'); - - } - - } - - /** - * Generate a pseudo random 256-bit ASCII key, used as file key - * @return string|false Generated key - */ - public static function generateKey() { - - // Generate key - if ($key = base64_encode(openssl_random_pseudo_bytes(32, $strong))) { - - if (!$strong) { - - // If OpenSSL indicates randomness is insecure, log error - throw new \Exception('Encryption library, Insecure symmetric key was generated using openssl_random_pseudo_bytes()'); - - } - - return $key; - - } else { - - return false; - - } - - } - - /** - * read header into array - * - * @param string $data - * @return array - */ - public static function parseHeader($data) { - - $result = array(); - - if (substr($data, 0, strlen(self::HEADERSTART)) === self::HEADERSTART) { - $endAt = strpos($data, self::HEADEREND); - $header = substr($data, 0, $endAt + strlen(self::HEADEREND)); - - // +1 to not start with an ':' which would result in empty element at the beginning - $exploded = explode(':', substr($header, strlen(self::HEADERSTART)+1)); - - $element = array_shift($exploded); - while ($element !== self::HEADEREND) { - - $result[$element] = array_shift($exploded); - - $element = array_shift($exploded); - - } - } - - return $result; - } - - /** - * check if data block is the header - * - * @param string $data - * @return boolean - */ - public static function isHeader($data) { - - if (substr($data, 0, strlen(self::HEADERSTART)) === self::HEADERSTART) { - return true; - } - - return false; - } - - /** - * get chiper from header - * - * @param array $header - * @throws \OCA\Files_Encryption\Exception\EncryptionException - */ - public static function getCipher($header) { - $cipher = isset($header['cipher']) ? $header['cipher'] : 'AES-128-CFB'; - - if ($cipher !== 'AES-256-CFB' && $cipher !== 'AES-128-CFB') { - - throw new Exception\EncryptionException('file header broken, no supported cipher defined', - Exception\EncryptionException::UNKNOWN_CIPHER); - } - - return $cipher; - } - - /** - * generate header for encrypted file - */ - public static function generateHeader() { - $cipher = Helper::getCipher(); - $header = self::HEADERSTART . ':cipher:' . $cipher . ':' . self::HEADEREND; - - return $header; - } - -} diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php deleted file mode 100644 index 1ae161ce99..0000000000 --- a/apps/files_encryption/lib/helper.php +++ /dev/null @@ -1,532 +0,0 @@ - - * @author Florin Peter - * @author Joas Schilling - * @author Jörn Friedrich Dreyer - * @author Lukas Reschke - * @author Morris Jobke - * @author Owen Winkler - * @author Robin Appelman - * @author Robin McCorkell - * @author Thomas Müller - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption; - -/** - * Class to manage registration of hooks an various helper methods - * @package OCA\Files_Encryption - */ -class Helper { - - private static $tmpFileMapping; // Map tmp files to files in data/user/files - - /** - * register share related hooks - * - */ - public static function registerShareHooks() { - - \OCP\Util::connectHook('OCP\Share', 'pre_shared', 'OCA\Files_Encryption\Hooks', 'preShared'); - \OCP\Util::connectHook('OCP\Share', 'post_shared', 'OCA\Files_Encryption\Hooks', 'postShared'); - \OCP\Util::connectHook('OCP\Share', 'post_unshare', 'OCA\Files_Encryption\Hooks', 'postUnshare'); - } - - /** - * register user related hooks - * - */ - public static function registerUserHooks() { - - \OCP\Util::connectHook('OC_User', 'post_login', 'OCA\Files_Encryption\Hooks', 'login'); - \OCP\Util::connectHook('OC_User', 'logout', 'OCA\Files_Encryption\Hooks', 'logout'); - \OCP\Util::connectHook('OC_User', 'post_setPassword', 'OCA\Files_Encryption\Hooks', 'setPassphrase'); - \OCP\Util::connectHook('OC_User', 'pre_setPassword', 'OCA\Files_Encryption\Hooks', 'preSetPassphrase'); - \OCP\Util::connectHook('OC_User', 'post_createUser', 'OCA\Files_Encryption\Hooks', 'postCreateUser'); - \OCP\Util::connectHook('OC_User', 'post_deleteUser', 'OCA\Files_Encryption\Hooks', 'postDeleteUser'); - } - - /** - * register filesystem related hooks - * - */ - public static function registerFilesystemHooks() { - - \OCP\Util::connectHook('OC_Filesystem', 'rename', 'OCA\Files_Encryption\Hooks', 'preRename'); - \OCP\Util::connectHook('OC_Filesystem', 'post_rename', 'OCA\Files_Encryption\Hooks', 'postRenameOrCopy'); - \OCP\Util::connectHook('OC_Filesystem', 'copy', 'OCA\Files_Encryption\Hooks', 'preCopy'); - \OCP\Util::connectHook('OC_Filesystem', 'post_copy', 'OCA\Files_Encryption\Hooks', 'postRenameOrCopy'); - \OCP\Util::connectHook('OC_Filesystem', 'post_delete', 'OCA\Files_Encryption\Hooks', 'postDelete'); - \OCP\Util::connectHook('OC_Filesystem', 'delete', 'OCA\Files_Encryption\Hooks', 'preDelete'); - \OCP\Util::connectHook('\OC\Core\LostPassword\Controller\LostController', 'post_passwordReset', 'OCA\Files_Encryption\Hooks', 'postPasswordReset'); - \OCP\Util::connectHook('OC_Filesystem', 'post_umount', 'OCA\Files_Encryption\Hooks', 'postUnmount'); - \OCP\Util::connectHook('OC_Filesystem', 'umount', 'OCA\Files_Encryption\Hooks', 'preUnmount'); - } - - /** - * register app management related hooks - * - */ - public static function registerAppHooks() { - - \OCP\Util::connectHook('OC_App', 'pre_disable', 'OCA\Files_Encryption\Hooks', 'preDisable'); - \OCP\Util::connectHook('OC_App', 'post_disable', 'OCA\Files_Encryption\Hooks', 'postEnable'); - } - - /** - * setup user for files_encryption - * - * @param Util $util - * @param string $password - * @return bool - */ - public static function setupUser(Util $util, $password) { - // Check files_encryption infrastructure is ready for action - if (!$util->ready()) { - - \OCP\Util::writeLog('Encryption library', 'User account "' . $util->getUserId() - . '" is not ready for encryption; configuration started', \OCP\Util::DEBUG); - - if (!$util->setupServerSide($password)) { - return false; - } - } - - return true; - } - - /** - * get recovery key id - * - * @return string|bool recovery key ID or false - */ - public static function getRecoveryKeyId() { - $appConfig = \OC::$server->getAppConfig(); - $key = $appConfig->getValue('files_encryption', 'recoveryKeyId'); - - return ($key === null) ? false : $key; - } - - public static function getPublicShareKeyId() { - $appConfig = \OC::$server->getAppConfig(); - $key = $appConfig->getValue('files_encryption', 'publicShareKeyId'); - - return ($key === null) ? false : $key; - } - - /** - * enable recovery - * - * @param string $recoveryKeyId - * @param string $recoveryPassword - * @return bool - */ - public static function adminEnableRecovery($recoveryKeyId, $recoveryPassword) { - - $view = new \OC\Files\View('/'); - $appConfig = \OC::$server->getAppConfig(); - - if ($recoveryKeyId === null) { - $recoveryKeyId = 'recovery_' . substr(md5(time()), 0, 8); - $appConfig->setValue('files_encryption', 'recoveryKeyId', $recoveryKeyId); - } - - if (!Keymanager::recoveryKeyExists($view)) { - - $keypair = Crypt::createKeypair(); - - // Save public key - Keymanager::setPublicKey($keypair['publicKey'], $recoveryKeyId); - - $cipher = Helper::getCipher(); - $encryptedKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], $recoveryPassword, $cipher); - if ($encryptedKey) { - Keymanager::setPrivateSystemKey($encryptedKey, $recoveryKeyId); - // Set recoveryAdmin as enabled - $appConfig->setValue('files_encryption', 'recoveryAdminEnabled', 1); - $return = true; - } - - } else { // get recovery key and check the password - $util = new Util(new \OC\Files\View('/'), \OCP\User::getUser()); - $return = $util->checkRecoveryPassword($recoveryPassword); - if ($return) { - $appConfig->setValue('files_encryption', 'recoveryAdminEnabled', 1); - } - } - - return $return; - } - - /** - * Check if a path is a .part file - * @param string $path Path that may identify a .part file - * @return bool - */ - public static function isPartialFilePath($path) { - - $extension = pathinfo($path, PATHINFO_EXTENSION); - if ( $extension === 'part') { - return true; - } else { - return false; - } - - } - - - /** - * Remove .path extension from a file path - * @param string $path Path that may identify a .part file - * @return string File path without .part extension - * @note this is needed for reusing keys - */ - public static function stripPartialFileExtension($path) { - $extension = pathinfo($path, PATHINFO_EXTENSION); - - if ( $extension === 'part') { - - $newLength = strlen($path) - 5; // 5 = strlen(".part") = strlen(".etmp") - $fPath = substr($path, 0, $newLength); - - // if path also contains a transaction id, we remove it too - $extension = pathinfo($fPath, PATHINFO_EXTENSION); - if(substr($extension, 0, 12) === 'ocTransferId') { // 12 = strlen("ocTransferId") - $newLength = strlen($fPath) - strlen($extension) -1; - $fPath = substr($fPath, 0, $newLength); - } - return $fPath; - - } else { - return $path; - } - } - - /** - * disable recovery - * - * @param string $recoveryPassword - * @return bool - */ - public static function adminDisableRecovery($recoveryPassword) { - $util = new Util(new \OC\Files\View('/'), \OCP\User::getUser()); - $return = $util->checkRecoveryPassword($recoveryPassword); - - if ($return) { - // Set recoveryAdmin as disabled - \OC::$server->getAppConfig()->setValue('files_encryption', 'recoveryAdminEnabled', 0); - } - - return $return; - } - - /** - * checks if access is public/anonymous user - * @return bool - */ - public static function isPublicAccess() { - if (\OCP\User::getUser() === false) { - return true; - } else { - return false; - } - } - - /** - * Format a path to be relative to the /user/files/ directory - * @param string $path the absolute path - * @return string e.g. turns '/admin/files/test.txt' into 'test.txt' - */ - public static function stripUserFilesPath($path) { - $split = self::splitPath($path); - - // it is not a file relative to data/user/files - if (count($split) < 4 || $split[2] !== 'files') { - return false; - } - - $sliced = array_slice($split, 3); - $relPath = implode('/', $sliced); - - return $relPath; - } - - /** - * try to get the user from the path if no user is logged in - * @param string $path - * @return string user - */ - public static function getUser($path) { - - $user = \OCP\User::getUser(); - - - // if we are logged in, then we return the userid - if ($user) { - return $user; - } - - // if no user is logged in we try to access a publicly shared files. - // In this case we need to try to get the user from the path - return self::getUserFromPath($path); - } - - /** - * extract user from path - * - * @param string $path - * @return string user id - * @throws Exception\EncryptionException - */ - public static function getUserFromPath($path) { - $split = self::splitPath($path); - - if (count($split) > 2 && ( - $split[2] === 'files' || $split[2] === 'files_versions' || $split[2] === 'cache' || $split[2] === 'files_trashbin')) { - - $user = $split[1]; - - if (\OCP\User::userExists($user)) { - return $user; - } - } - - throw new Exception\EncryptionException('Could not determine user', Exception\EncryptionException::GENERIC); - } - - /** - * get path to the corresponding file in data/user/files if path points - * to a file in cache - * - * @param string $path path to a file in cache - * @return string path to corresponding file relative to data/user/files - * @throws Exception\EncryptionException - */ - public static function getPathFromCachedFile($path) { - $split = self::splitPath($path); - - if (count($split) < 5) { - throw new Exception\EncryptionException('no valid cache file path', Exception\EncryptionException::GENERIC); - } - - // we skip /user/cache/transactionId - $sliced = array_slice($split, 4); - - return implode('/', $sliced); - } - - - /** - * get path to the corresponding file in data/user/files for a version - * - * @param string $path path to a version - * @return string path to corresponding file relative to data/user/files - * @throws Exception\EncryptionException - */ - public static function getPathFromVersion($path) { - $split = self::splitPath($path); - - if (count($split) < 4) { - throw new Exception\EncryptionException('no valid path to a version', Exception\EncryptionException::GENERIC); - } - - // we skip user/files_versions - $sliced = array_slice($split, 3); - $relPath = implode('/', $sliced); - //remove the last .v - $realPath = substr($relPath, 0, strrpos($relPath, '.v')); - - return $realPath; - } - - /** - * create directory recursively - * - * @param string $path - * @param \OC\Files\View $view - */ - public static function mkdirr($path, \OC\Files\View $view) { - $dirParts = self::splitPath(dirname($path)); - $dir = ""; - foreach ($dirParts as $part) { - $dir = $dir . '/' . $part; - if (!$view->file_exists($dir)) { - $view->mkdir($dir); - } - } - } - - /** - * redirect to a error page - * @param Session $session - * @param int|null $errorCode - * @throws \Exception - */ - public static function redirectToErrorPage(Session $session, $errorCode = null) { - - if ($errorCode === null) { - $init = $session->getInitialized(); - switch ($init) { - case Session::INIT_EXECUTED: - $errorCode = Crypt::ENCRYPTION_PRIVATE_KEY_NOT_VALID_ERROR; - break; - case Session::NOT_INITIALIZED: - $errorCode = Crypt::ENCRYPTION_NOT_INITIALIZED_ERROR; - break; - default: - $errorCode = Crypt::ENCRYPTION_UNKNOWN_ERROR; - } - } - - $location = \OCP\Util::linkToAbsolute('apps/files_encryption/files', 'error.php'); - $post = 0; - if(count($_POST) > 0) { - $post = 1; - } - - if(defined('PHPUNIT_RUN') and PHPUNIT_RUN) { - throw new \Exception("Encryption error: $errorCode"); - } - - header('Location: ' . $location . '?p=' . $post . '&errorCode=' . $errorCode); - exit(); - } - - /** - * check requirements for encryption app. - * @return bool true if requirements are met - */ - public static function checkRequirements() { - - //openssl extension needs to be loaded - return extension_loaded("openssl"); - - } - - /** - * check some common errors if the server isn't configured properly for encryption - * @return bool true if configuration seems to be OK - */ - public static function checkConfiguration() { - if(self::getOpenSSLPkey()) { - return true; - } else { - while ($msg = openssl_error_string()) { - \OCP\Util::writeLog('Encryption library', 'openssl_pkey_new() fails: ' . $msg, \OCP\Util::ERROR); - } - return false; - } - } - - /** - * Create an openssl pkey with config-supplied settings - * WARNING: This initializes a new private keypair, which is computationally expensive - * @return resource The pkey resource created - */ - public static function getOpenSSLPkey() { - return openssl_pkey_new(self::getOpenSSLConfig()); - } - - /** - * Return an array of OpenSSL config options, default + config - * Used for multiple OpenSSL functions - * @return array The combined defaults and config settings - */ - public static function getOpenSSLConfig() { - $config = array('private_key_bits' => 4096); - $config = array_merge(\OC::$server->getConfig()->getSystemValue('openssl', array()), $config); - return $config; - } - - /** - * remember from which file the tmp file (getLocalFile() call) was created - * @param string $tmpFile path of tmp file - * @param string $originalFile path of the original file relative to data/ - */ - public static function addTmpFileToMapper($tmpFile, $originalFile) { - self::$tmpFileMapping[$tmpFile] = $originalFile; - } - - /** - * get the path of the original file - * @param string $tmpFile path of the tmp file - * @return string|false path of the original file or false - */ - public static function getPathFromTmpFile($tmpFile) { - if (isset(self::$tmpFileMapping[$tmpFile])) { - return self::$tmpFileMapping[$tmpFile]; - } - - return false; - } - - /** - * detect file type, encryption can read/write regular files, versions - * and cached files - * - * @param string $path - * @return int - * @throws Exception\EncryptionException - */ - public static function detectFileType($path) { - $parts = self::splitPath($path); - - if (count($parts) > 2) { - switch ($parts[2]) { - case 'files': - return Util::FILE_TYPE_FILE; - case 'files_versions': - return Util::FILE_TYPE_VERSION; - case 'cache': - return Util::FILE_TYPE_CACHE; - } - } - - // thow exception if we couldn't detect a valid file type - throw new Exception\EncryptionException('Could not detect file type', Exception\EncryptionException::GENERIC); - } - - /** - * read the cipher used for encryption from the config.php - * - * @return string - */ - public static function getCipher() { - - $cipher = \OC::$server->getConfig()->getSystemValue('cipher', Crypt::DEFAULT_CIPHER); - - if ($cipher !== 'AES-256-CFB' && $cipher !== 'AES-128-CFB') { - \OCP\Util::writeLog('files_encryption', - 'wrong cipher defined in config.php, only AES-128-CFB and AES-256-CFB is supported. Fall back ' . Crypt::DEFAULT_CIPHER, - \OCP\Util::WARN); - - $cipher = Crypt::DEFAULT_CIPHER; - } - - return $cipher; - } - - public static function splitPath($path) { - $normalized = \OC\Files\Filesystem::normalizePath($path); - return explode('/', $normalized); - } - -} - diff --git a/apps/files_encryption/lib/hooks.php b/apps/files_encryption/lib/hooks.php deleted file mode 100644 index 4a29ffaaed..0000000000 --- a/apps/files_encryption/lib/hooks.php +++ /dev/null @@ -1,625 +0,0 @@ - - * @author Morris Jobke - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption; - -/** - * Class for hook specific logic - */ -class Hooks { - - // file for which we want to rename the keys after the rename operation was successful - private static $renamedFiles = array(); - // file for which we want to delete the keys after the delete operation was successful - private static $deleteFiles = array(); - // file for which we want to delete the keys after the delete operation was successful - private static $unmountedFiles = array(); - - /** - * Startup encryption backend upon user login - * @note This method should never be called for users using client side encryption - */ - public static function login($params) { - - if (\OCP\App::isEnabled('files_encryption') === false) { - return true; - } - - - $l = new \OC_L10N('files_encryption'); - - $view = new \OC\Files\View('/'); - - // ensure filesystem is loaded - if (!\OC\Files\Filesystem::$loaded) { - \OC_Util::setupFS($params['uid']); - } - - $privateKey = Keymanager::getPrivateKey($view, $params['uid']); - - // if no private key exists, check server configuration - if (!$privateKey) { - //check if all requirements are met - if (!Helper::checkRequirements() || !Helper::checkConfiguration()) { - $error_msg = $l->t("Missing requirements."); - $hint = $l->t('Please make sure that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled.'); - \OC_App::disable('files_encryption'); - \OCP\Util::writeLog('Encryption library', $error_msg . ' ' . $hint, \OCP\Util::ERROR); - \OCP\Template::printErrorPage($error_msg, $hint); - } - } - - $util = new Util($view, $params['uid']); - - // setup user, if user not ready force relogin - if (Helper::setupUser($util, $params['password']) === false) { - return false; - } - - $session = $util->initEncryption($params); - - // Check if first-run file migration has already been performed - $ready = false; - $migrationStatus = $util->getMigrationStatus(); - if ($migrationStatus === Util::MIGRATION_OPEN && $session !== false) { - $ready = $util->beginMigration(); - } elseif ($migrationStatus === Util::MIGRATION_IN_PROGRESS) { - // refuse login as long as the initial encryption is running - sleep(5); - \OCP\User::logout(); - return false; - } - - $result = true; - - // If migration not yet done - if ($ready) { - - // Encrypt existing user files - try { - $result = $util->encryptAll('/' . $params['uid'] . '/' . 'files'); - } catch (\Exception $ex) { - \OCP\Util::writeLog('Encryption library', 'Initial encryption failed! Error: ' . $ex->getMessage(), \OCP\Util::FATAL); - $result = false; - } - - if ($result) { - \OC_Log::write( - 'Encryption library', 'Encryption of existing files belonging to "' . $params['uid'] . '" completed' - , \OC_Log::INFO - ); - // Register successful migration in DB - $util->finishMigration(); - } else { - \OCP\Util::writeLog('Encryption library', 'Initial encryption failed!', \OCP\Util::FATAL); - $util->resetMigrationStatus(); - \OCP\User::logout(); - } - } - - return $result; - } - - /** - * remove keys from session during logout - */ - public static function logout() { - $session = new Session(new \OC\Files\View()); - $session->removeKeys(); - } - - /** - * setup encryption backend upon user created - * @note This method should never be called for users using client side encryption - */ - public static function postCreateUser($params) { - - if (\OCP\App::isEnabled('files_encryption')) { - $view = new \OC\Files\View('/'); - $util = new Util($view, $params['uid']); - Helper::setupUser($util, $params['password']); - } - } - - /** - * cleanup encryption backend upon user deleted - * @note This method should never be called for users using client side encryption - */ - public static function postDeleteUser($params) { - - if (\OCP\App::isEnabled('files_encryption')) { - Keymanager::deletePublicKey(new \OC\Files\View(), $params['uid']); - } - } - - /** - * If the password can't be changed within ownCloud, than update the key password in advance. - */ - public static function preSetPassphrase($params) { - if (\OCP\App::isEnabled('files_encryption')) { - if ( ! \OC_User::canUserChangePassword($params['uid']) ) { - self::setPassphrase($params); - } - } - } - - /** - * Change a user's encryption passphrase - * @param array $params keys: uid, password - */ - public static function setPassphrase($params) { - if (\OCP\App::isEnabled('files_encryption') === false) { - return true; - } - - // Only attempt to change passphrase if server-side encryption - // is in use (client-side encryption does not have access to - // the necessary keys) - if (Crypt::mode() === 'server') { - - $view = new \OC\Files\View('/'); - $session = new Session($view); - - // Get existing decrypted private key - $privateKey = $session->getPrivateKey(); - - if ($params['uid'] === \OCP\User::getUser() && $privateKey) { - - // Encrypt private key with new user pwd as passphrase - $encryptedPrivateKey = Crypt::symmetricEncryptFileContent($privateKey, $params['password'], Helper::getCipher()); - - // Save private key - if ($encryptedPrivateKey) { - Keymanager::setPrivateKey($encryptedPrivateKey, \OCP\User::getUser()); - } else { - \OCP\Util::writeLog('files_encryption', 'Could not update users encryption password', \OCP\Util::ERROR); - } - - // NOTE: Session does not need to be updated as the - // private key has not changed, only the passphrase - // used to decrypt it has changed - - - } else { // admin changed the password for a different user, create new keys and reencrypt file keys - - $user = $params['uid']; - $util = new Util($view, $user); - $recoveryPassword = isset($params['recoveryPassword']) ? $params['recoveryPassword'] : null; - - // we generate new keys if... - // ...we have a recovery password and the user enabled the recovery key - // ...encryption was activated for the first time (no keys exists) - // ...the user doesn't have any files - if (($util->recoveryEnabledForUser() && $recoveryPassword) - || !$util->userKeysExists() - || !$view->file_exists($user . '/files')) { - - // backup old keys - $util->backupAllKeys('recovery'); - - $newUserPassword = $params['password']; - - // make sure that the users home is mounted - \OC\Files\Filesystem::initMountPoints($user); - - $keypair = Crypt::createKeypair(); - - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // Save public key - Keymanager::setPublicKey($keypair['publicKey'], $user); - - // Encrypt private key with new password - $encryptedKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], $newUserPassword, Helper::getCipher()); - if ($encryptedKey) { - Keymanager::setPrivateKey($encryptedKey, $user); - - if ($recoveryPassword) { // if recovery key is set we can re-encrypt the key files - $util = new Util($view, $user); - $util->recoverUsersFiles($recoveryPassword); - } - } else { - \OCP\Util::writeLog('files_encryption', 'Could not update users encryption password', \OCP\Util::ERROR); - } - - \OC_FileProxy::$enabled = $proxyStatus; - } - } - } - } - - /** - * after password reset we create a new key pair for the user - * - * @param array $params - */ - public static function postPasswordReset($params) { - $uid = $params['uid']; - $password = $params['password']; - - $util = new Util(new \OC\Files\View(), $uid); - $util->replaceUserKeys($password); - } - - /* - * check if files can be encrypted to every user. - */ - /** - * @param array $params - */ - public static function preShared($params) { - - if (\OCP\App::isEnabled('files_encryption') === false) { - return true; - } - - $l = new \OC_L10N('files_encryption'); - $users = array(); - $view = new \OC\Files\View('/'); - - switch ($params['shareType']) { - case \OCP\Share::SHARE_TYPE_USER: - $users[] = $params['shareWith']; - break; - case \OCP\Share::SHARE_TYPE_GROUP: - $users = \OC_Group::usersInGroup($params['shareWith']); - break; - } - - $notConfigured = array(); - foreach ($users as $user) { - if (!Keymanager::publicKeyExists($view, $user)) { - $notConfigured[] = $user; - } - } - - if (count($notConfigured) > 0) { - $params['run'] = false; - $params['error'] = $l->t('Following users are not set up for encryption:') . ' ' . join(', ' , $notConfigured); - } - - } - - /** - * update share keys if a file was shared - */ - public static function postShared($params) { - - if (\OCP\App::isEnabled('files_encryption') === false) { - return true; - } - - if ($params['itemType'] === 'file' || $params['itemType'] === 'folder') { - - $path = \OC\Files\Filesystem::getPath($params['fileSource']); - - self::updateKeyfiles($path); - } - } - - /** - * update keyfiles and share keys recursively - * - * @param string $path to the file/folder - */ - private static function updateKeyfiles($path) { - $view = new \OC\Files\View('/'); - $userId = \OCP\User::getUser(); - $session = new Session($view); - $util = new Util($view, $userId); - $sharingEnabled = \OCP\Share::isEnabled(); - - $mountManager = \OC\Files\Filesystem::getMountManager(); - $mount = $mountManager->find('/' . $userId . '/files' . $path); - $mountPoint = $mount->getMountPoint(); - - // if a folder was shared, get a list of all (sub-)folders - if ($view->is_dir('/' . $userId . '/files' . $path)) { - $allFiles = $util->getAllFiles($path, $mountPoint); - } else { - $allFiles = array($path); - } - - foreach ($allFiles as $path) { - $usersSharing = $util->getSharingUsersArray($sharingEnabled, $path); - $util->setSharedFileKeyfiles($session, $usersSharing, $path); - } - } - - /** - * unshare file/folder from a user with whom you shared the file before - */ - public static function postUnshare($params) { - - if (\OCP\App::isEnabled('files_encryption') === false) { - return true; - } - - if ($params['itemType'] === 'file' || $params['itemType'] === 'folder') { - - $view = new \OC\Files\View('/'); - $userId = $params['uidOwner']; - $userView = new \OC\Files\View('/' . $userId . '/files'); - $util = new Util($view, $userId); - $path = $userView->getPath($params['fileSource']); - - // for group shares get a list of the group members - if ($params['shareType'] === \OCP\Share::SHARE_TYPE_GROUP) { - $userIds = \OC_Group::usersInGroup($params['shareWith']); - } else { - if ($params['shareType'] === \OCP\Share::SHARE_TYPE_LINK || $params['shareType'] === \OCP\Share::SHARE_TYPE_REMOTE) { - $userIds = array($util->getPublicShareKeyId()); - } else { - $userIds = array($params['shareWith']); - } - } - - $mountManager = \OC\Files\Filesystem::getMountManager(); - $mount = $mountManager->find('/' . $userId . '/files' . $path); - $mountPoint = $mount->getMountPoint(); - - // if we unshare a folder we need a list of all (sub-)files - if ($params['itemType'] === 'folder') { - $allFiles = $util->getAllFiles($path, $mountPoint); - } else { - $allFiles = array($path); - } - - foreach ($allFiles as $path) { - - // check if the user still has access to the file, otherwise delete share key - $sharingUsers = $util->getSharingUsersArray(true, $path); - - // Unshare every user who no longer has access to the file - $delUsers = array_diff($userIds, $sharingUsers); - $keyPath = Keymanager::getKeyPath($view, $util, $path); - - // delete share key - Keymanager::delShareKey($view, $delUsers, $keyPath, $userId, $path); - } - - } - } - - /** - * mark file as renamed so that we know the original source after the file was renamed - * @param array $params with the old path and the new path - */ - public static function preRename($params) { - self::preRenameOrCopy($params, 'rename'); - } - - /** - * mark file as copied so that we know the original source after the file was copied - * @param array $params with the old path and the new path - */ - public static function preCopy($params) { - self::preRenameOrCopy($params, 'copy'); - } - - private static function preRenameOrCopy($params, $operation) { - $user = \OCP\User::getUser(); - $view = new \OC\Files\View('/'); - $util = new Util($view, $user); - - // we only need to rename the keys if the rename happens on the same mountpoint - // otherwise we perform a stream copy, so we get a new set of keys - $oldPath = \OC\Files\Filesystem::normalizePath('/' . $user . '/files/' . $params['oldpath']); - $newPath = \OC\Files\Filesystem::normalizePath('/' . $user . '/files/' . $params['newpath']); - $mp1 = $view->getMountPoint($oldPath); - $mp2 = $view->getMountPoint($newPath); - - $oldKeysPath = Keymanager::getKeyPath($view, $util, $params['oldpath']); - - if ($mp1 === $mp2) { - self::$renamedFiles[$params['oldpath']] = array( - 'operation' => $operation, - 'oldKeysPath' => $oldKeysPath, - ); - } elseif ($mp1 !== $oldPath . '/') { - self::$renamedFiles[$params['oldpath']] = array( - 'operation' => 'cleanup', - 'oldKeysPath' => $oldKeysPath, - ); - } - } - - /** - * after a file is renamed/copied, rename/copy its keyfile and share-keys also fix the file size and fix also the sharing - * - * @param array $params array with oldpath and newpath - */ - public static function postRenameOrCopy($params) { - - if (\OCP\App::isEnabled('files_encryption') === false) { - return true; - } - - $view = new \OC\Files\View('/'); - $userId = \OCP\User::getUser(); - $util = new Util($view, $userId); - - if (isset(self::$renamedFiles[$params['oldpath']]['operation']) && - isset(self::$renamedFiles[$params['oldpath']]['oldKeysPath'])) { - $operation = self::$renamedFiles[$params['oldpath']]['operation']; - $oldKeysPath = self::$renamedFiles[$params['oldpath']]['oldKeysPath']; - unset(self::$renamedFiles[$params['oldpath']]); - if ($operation === 'cleanup') { - return $view->unlink($oldKeysPath); - } - } else { - \OCP\Util::writeLog('Encryption library', "can't get path and owner from the file before it was renamed", \OCP\Util::DEBUG); - return false; - } - - list($ownerNew, $pathNew) = $util->getUidAndFilename($params['newpath']); - - if ($util->isSystemWideMountPoint($pathNew)) { - $newKeysPath = 'files_encryption/keys/' . $pathNew; - } else { - $newKeysPath = $ownerNew . '/files_encryption/keys/' . $pathNew; - } - - // create key folders if it doesn't exists - if (!$view->file_exists(dirname($newKeysPath))) { - $view->mkdir(dirname($newKeysPath)); - } - - $view->$operation($oldKeysPath, $newKeysPath); - - // update sharing-keys - self::updateKeyfiles($params['newpath']); - } - - /** - * set migration status and the init status back to '0' so that all new files get encrypted - * if the app gets enabled again - * @param array $params contains the app ID - */ - public static function preDisable($params) { - if ($params['app'] === 'files_encryption') { - - \OC::$server->getConfig()->deleteAppFromAllUsers('files_encryption'); - - $session = new Session(new \OC\Files\View('/')); - $session->setInitialized(Session::NOT_INITIALIZED); - } - } - - /** - * set the init status to 'NOT_INITIALIZED' (0) if the app gets enabled - * @param array $params contains the app ID - */ - public static function postEnable($params) { - if ($params['app'] === 'files_encryption') { - $session = new Session(new \OC\Files\View('/')); - $session->setInitialized(Session::NOT_INITIALIZED); - } - } - - /** - * if the file was really deleted we remove the encryption keys - * @param array $params - * @return boolean|null - */ - public static function postDelete($params) { - - $path = $params[\OC\Files\Filesystem::signal_param_path]; - - if (!isset(self::$deleteFiles[$path])) { - return true; - } - - $deletedFile = self::$deleteFiles[$path]; - $keyPath = $deletedFile['keyPath']; - - // we don't need to remember the file any longer - unset(self::$deleteFiles[$path]); - - $view = new \OC\Files\View('/'); - - // return if the file still exists and wasn't deleted correctly - if ($view->file_exists('/' . \OCP\User::getUser() . '/files/' . $path)) { - return true; - } - - // Delete keyfile & shareKey so it isn't orphaned - $view->unlink($keyPath); - - } - - /** - * remember the file which should be deleted and it's owner - * @param array $params - * @return boolean|null - */ - public static function preDelete($params) { - $view = new \OC\Files\View('/'); - $path = $params[\OC\Files\Filesystem::signal_param_path]; - - // skip this method if the trash bin is enabled or if we delete a file - // outside of /data/user/files - if (\OCP\App::isEnabled('files_trashbin')) { - return true; - } - - $util = new Util($view, \OCP\USER::getUser()); - - $keysPath = Keymanager::getKeyPath($view, $util, $path); - - self::$deleteFiles[$path] = array( - 'keyPath' => $keysPath); - } - - /** - * unmount file from yourself - * remember files/folders which get unmounted - */ - public static function preUnmount($params) { - $view = new \OC\Files\View('/'); - $user = \OCP\User::getUser(); - $path = $params[\OC\Files\Filesystem::signal_param_path]; - - $util = new Util($view, $user); - list($owner, $ownerPath) = $util->getUidAndFilename($path); - - $keysPath = Keymanager::getKeyPath($view, $util, $path); - - self::$unmountedFiles[$path] = array( - 'keyPath' => $keysPath, - 'owner' => $owner, - 'ownerPath' => $ownerPath - ); - } - - /** - * unmount file from yourself - */ - public static function postUnmount($params) { - - $path = $params[\OC\Files\Filesystem::signal_param_path]; - $user = \OCP\User::getUser(); - - if (!isset(self::$unmountedFiles[$path])) { - return true; - } - - $umountedFile = self::$unmountedFiles[$path]; - $keyPath = $umountedFile['keyPath']; - $owner = $umountedFile['owner']; - $ownerPath = $umountedFile['ownerPath']; - - $view = new \OC\Files\View(); - - // we don't need to remember the file any longer - unset(self::$unmountedFiles[$path]); - - // check if the user still has access to the file, otherwise delete share key - $sharingUsers = \OCP\Share::getUsersSharingFile($path, $user); - if (!in_array($user, $sharingUsers['users'])) { - Keymanager::delShareKey($view, array($user), $keyPath, $owner, $ownerPath); - } - } - -} diff --git a/apps/files_encryption/lib/keymanager.php b/apps/files_encryption/lib/keymanager.php deleted file mode 100644 index 5e33372e9c..0000000000 --- a/apps/files_encryption/lib/keymanager.php +++ /dev/null @@ -1,500 +0,0 @@ - - * @author Christopher Schäpers - * @author Florin Peter - * @author Joas Schilling - * @author Jörn Friedrich Dreyer - * @author Morris Jobke - * @author Robin Appelman - * @author Robin McCorkell - * @author Sam Tuke - * @author Thomas Müller - * @author Vincent Petry - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption; - -/** - * Class to manage storage and retrieval of encryption keys - * @note Where a method requires a view object, it's root must be '/' - */ -class Keymanager { - - // base dir where all the file related keys are stored - private static $keys_base_dir = '/files_encryption/keys/'; - private static $encryption_base_dir = '/files_encryption'; - private static $public_key_dir = '/files_encryption/public_keys'; - - private static $key_cache = array(); // cache keys - - /** - * read key from hard disk - * - * @param string $path to key - * @param \OC\Files\View $view - * @return string|bool either the key or false - */ - private static function getKey($path, $view) { - - $key = false; - - if (isset(self::$key_cache[$path])) { - $key = self::$key_cache[$path]; - } else { - - /** @var \OCP\Files\Storage $storage */ - list($storage, $internalPath) = $view->resolvePath($path); - - if ($storage->file_exists($internalPath)) { - $key = $storage->file_get_contents($internalPath); - self::$key_cache[$path] = $key; - } - - } - - return $key; - } - - /** - * write key to disk - * - * - * @param string $path path to key directory - * @param string $name key name - * @param string $key key - * @param \OC\Files\View $view - * @return bool - */ - private static function setKey($path, $name, $key, $view) { - self::keySetPreparation($view, $path); - - /** @var \OCP\Files\Storage $storage */ - $pathToKey = \OC\Files\Filesystem::normalizePath($path . '/' . $name); - list($storage, $internalPath) = \OC\Files\Filesystem::resolvePath($pathToKey); - $result = $storage->file_put_contents($internalPath, $key); - - if (is_int($result) && $result > 0) { - self::$key_cache[$pathToKey] = $key; - return true; - } - - return false; - } - - /** - * retrieve the ENCRYPTED private key from a user - * - * @param \OC\Files\View $view - * @param string $user - * @return string private key or false (hopefully) - * @note the key returned by this method must be decrypted before use - */ - public static function getPrivateKey(\OC\Files\View $view, $user) { - $path = '/' . $user . '/' . 'files_encryption' . '/' . $user . '.privateKey'; - return self::getKey($path, $view); - } - - /** - * retrieve public key for a specified user - * @param \OC\Files\View $view - * @param string $userId - * @return string public key or false - */ - public static function getPublicKey(\OC\Files\View $view, $userId) { - $path = self::$public_key_dir . '/' . $userId . '.publicKey'; - return self::getKey($path, $view); - } - - public static function getPublicKeyPath() { - return self::$public_key_dir; - } - - /** - * Retrieve a user's public and private key - * @param \OC\Files\View $view - * @param string $userId - * @return array keys: privateKey, publicKey - */ - public static function getUserKeys(\OC\Files\View $view, $userId) { - - return array( - 'publicKey' => self::getPublicKey($view, $userId), - 'privateKey' => self::getPrivateKey($view, $userId) - ); - - } - - /** - * Retrieve public keys for given users - * @param \OC\Files\View $view - * @param array $userIds - * @return array of public keys for the specified users - */ - public static function getPublicKeys(\OC\Files\View $view, array $userIds) { - - $keys = array(); - foreach ($userIds as $userId) { - $keys[$userId] = self::getPublicKey($view, $userId); - } - - return $keys; - - } - - /** - * store file encryption key - * - * @param \OC\Files\View $view - * @param \OCA\Files_Encryption\Util $util - * @param string $path relative path of the file, including filename - * @param string $catfile keyfile content - * @return bool true/false - * @note The keyfile is not encrypted here. Client code must - * asymmetrically encrypt the keyfile before passing it to this method - */ - public static function setFileKey(\OC\Files\View $view, $util, $path, $catfile) { - $path = self::getKeyPath($view, $util, $path); - return self::setKey($path, 'fileKey', $catfile, $view); - - } - - /** - * get path to key folder for a given file - * - * @param \OC\Files\View $view relative to data directory - * @param \OCA\Files_Encryption\Util $util - * @param string $path path to the file, relative to the users file directory - * @return string - */ - public static function getKeyPath($view, $util, $path) { - - if ($view->is_dir('/' . \OCP\User::getUser() . '/' . $path)) { - throw new Exception\EncryptionException('file was expected but directoy was given', Exception\EncryptionException::GENERIC); - } - - list($owner, $filename) = $util->getUidAndFilename($path); - $filename = Helper::stripPartialFileExtension($filename); - $filePath_f = ltrim($filename, '/'); - - // in case of system wide mount points the keys are stored directly in the data directory - if ($util->isSystemWideMountPoint($filename)) { - $keyPath = self::$keys_base_dir . $filePath_f . '/'; - } else { - $keyPath = '/' . $owner . self::$keys_base_dir . $filePath_f . '/'; - } - - return $keyPath; - } - - /** - * get path to file key for a given file - * - * @param \OC\Files\View $view relative to data directory - * @param \OCA\Files_Encryption\Util $util - * @param string $path path to the file, relative to the users file directory - * @return string - */ - public static function getFileKeyPath($view, $util, $path) { - $keyDir = self::getKeyPath($view, $util, $path); - return $keyDir . 'fileKey'; - } - - /** - * get path to share key for a given user - * - * @param \OC\Files\View $view relateive to data directory - * @param \OCA\Files_Encryption\Util $util - * @param string $path path to file relative to the users files directoy - * @param string $uid user for whom we want the share-key path - * @retrun string - */ - public static function getShareKeyPath($view, $util, $path, $uid) { - $keyDir = self::getKeyPath($view, $util, $path); - return $keyDir . $uid . '.shareKey'; - } - - /** - * delete key - * - * @param \OC\Files\View $view - * @param string $path - * @return boolean - */ - private static function deleteKey($view, $path) { - $normalizedPath = \OC\Files\Filesystem::normalizePath($path); - $result = $view->unlink($normalizedPath); - - if ($result) { - unset(self::$key_cache[$normalizedPath]); - return true; - } - - return false; - } - - /** - * delete public key from a given user - * - * @param \OC\Files\View $view - * @param string $uid user - * @return bool - */ - public static function deletePublicKey($view, $uid) { - - $result = false; - - if (!\OCP\User::userExists($uid)) { - $publicKey = self::$public_key_dir . '/' . $uid . '.publicKey'; - self::deleteKey($view, $publicKey); - } - - return $result; - } - - /** - * check if public key for user exists - * - * @param \OC\Files\View $view - * @param string $uid - */ - public static function publicKeyExists($view, $uid) { - return $view->file_exists(self::$public_key_dir . '/'. $uid . '.publicKey'); - } - - - - /** - * retrieve keyfile for an encrypted file - * @param \OC\Files\View $view - * @param \OCA\Files_Encryption\Util $util - * @param string|false $filePath - * @return string file key or false - * @note The keyfile returned is asymmetrically encrypted. Decryption - * of the keyfile must be performed by client code - */ - public static function getFileKey($view, $util, $filePath) { - $path = self::getFileKeyPath($view, $util, $filePath); - return self::getKey($path, $view); - } - - /** - * store private key from the user - * @param string $key - * @return bool - * @note Encryption of the private key must be performed by client code - * as no encryption takes place here - */ - public static function setPrivateKey($key, $user = '') { - - $user = $user === '' ? \OCP\User::getUser() : $user; - $path = '/' . $user . '/files_encryption'; - $header = Crypt::generateHeader(); - - return self::setKey($path, $user . '.privateKey', $header . $key, new \OC\Files\View()); - - } - - /** - * check if recovery key exists - * - * @param \OC\Files\View $view - * @return bool - */ - public static function recoveryKeyExists($view) { - - $result = false; - - $recoveryKeyId = Helper::getRecoveryKeyId(); - if ($recoveryKeyId) { - $result = ($view->file_exists(self::$public_key_dir . '/' . $recoveryKeyId . ".publicKey") - && $view->file_exists(self::$encryption_base_dir . '/' . $recoveryKeyId . ".privateKey")); - } - - return $result; - } - - public static function publicShareKeyExists($view) { - $result = false; - - $publicShareKeyId = Helper::getPublicShareKeyId(); - if ($publicShareKeyId) { - $result = ($view->file_exists(self::$public_key_dir . '/' . $publicShareKeyId . ".publicKey") - && $view->file_exists(self::$encryption_base_dir . '/' . $publicShareKeyId . ".privateKey")); - - } - - return $result; - } - - /** - * store public key from the user - * @param string $key - * @param string $user - * - * @return bool - */ - public static function setPublicKey($key, $user = '') { - - $user = $user === '' ? \OCP\User::getUser() : $user; - - return self::setKey(self::$public_key_dir, $user . '.publicKey', $key, new \OC\Files\View('/')); - } - - /** - * write private system key (recovery and public share key) to disk - * - * @param string $key encrypted key - * @param string $keyName name of the key - * @return boolean - */ - public static function setPrivateSystemKey($key, $keyName) { - - $keyName = $keyName . '.privateKey'; - $header = Crypt::generateHeader(); - - return self::setKey(self::$encryption_base_dir, $keyName,$header . $key, new \OC\Files\View()); - } - - /** - * read private system key (recovery and public share key) from disk - * - * @param string $keyName name of the key - * @return string|boolean private system key or false - */ - public static function getPrivateSystemKey($keyName) { - $path = $keyName . '.privateKey'; - return self::getKey($path, new \OC\Files\View(self::$encryption_base_dir)); - } - - /** - * store multiple share keys for a single file - * @param \OC\Files\View $view - * @param \OCA\Files_Encryption\Util $util - * @param string $path - * @param array $shareKeys - * @return bool - */ - public static function setShareKeys($view, $util, $path, array $shareKeys) { - - // in case of system wide mount points the keys are stored directly in the data directory - $basePath = Keymanager::getKeyPath($view, $util, $path); - - self::keySetPreparation($view, $basePath); - - $result = true; - - foreach ($shareKeys as $userId => $shareKey) { - if (!self::setKey($basePath, $userId . '.shareKey', $shareKey, $view)) { - // If any of the keys are not set, flag false - $result = false; - } - } - - // Returns false if any of the keys weren't set - return $result; - } - - /** - * retrieve shareKey for an encrypted file - * @param \OC\Files\View $view - * @param string $userId - * @param \OCA\Files_Encryption\Util $util - * @param string $filePath - * @return string file key or false - * @note The sharekey returned is encrypted. Decryption - * of the keyfile must be performed by client code - */ - public static function getShareKey($view, $userId, $util, $filePath) { - $path = self::getShareKeyPath($view, $util, $filePath, $userId); - return self::getKey($path, $view); - } - - /** - * Delete a single user's shareKey for a single file - * - * @param \OC\Files\View $view relative to data/ - * @param array $userIds list of users we want to remove - * @param string $keyPath - * @param string $owner the owner of the file - * @param string $ownerPath the owners name of the file for which we want to remove the users relative to data/user/files - */ - public static function delShareKey($view, $userIds, $keysPath, $owner, $ownerPath) { - - $key = array_search($owner, $userIds, true); - if ($key !== false && $view->file_exists('/' . $owner . '/files/' . $ownerPath)) { - unset($userIds[$key]); - } - - self::recursiveDelShareKeys($keysPath, $userIds, $view); - - } - - /** - * recursively delete share keys from given users - * - * @param string $dir directory - * @param array $userIds user ids for which the share keys should be deleted - * @param \OC\Files\View $view view relative to data/ - */ - private static function recursiveDelShareKeys($dir, $userIds, $view) { - - $dirContent = $view->opendir($dir); - - if (is_resource($dirContent)) { - while (($file = readdir($dirContent)) !== false) { - if (!\OC\Files\Filesystem::isIgnoredDir($file)) { - if ($view->is_dir($dir . '/' . $file)) { - self::recursiveDelShareKeys($dir . '/' . $file, $userIds, $view); - } else { - foreach ($userIds as $userId) { - if ($userId . '.shareKey' === $file) { - \OCP\Util::writeLog('files_encryption', 'recursiveDelShareKey: delete share key: ' . $file, \OCP\Util::DEBUG); - self::deleteKey($view, $dir . '/' . $file); - } - } - } - } - } - closedir($dirContent); - } - } - - /** - * Make preparations to vars and filesystem for saving a keyfile - * - * @param \OC\Files\View $view - * @param string $path relatvie to the views root - * @param string $basePath - */ - protected static function keySetPreparation($view, $path) { - // If the file resides within a subdirectory, create it - if (!$view->file_exists($path)) { - $sub_dirs = explode('/', $path); - $dir = ''; - foreach ($sub_dirs as $sub_dir) { - $dir .= '/' . $sub_dir; - if (!$view->is_dir($dir)) { - $view->mkdir($dir); - } - } - } - } - -} diff --git a/apps/files_encryption/lib/migration.php b/apps/files_encryption/lib/migration.php deleted file mode 100644 index 3f8ca9f4e2..0000000000 --- a/apps/files_encryption/lib/migration.php +++ /dev/null @@ -1,302 +0,0 @@ - - * @author Björn Schießle - * @author Joas Schilling - * @author Morris Jobke - * @author Robin Appelman - * @author Thomas Müller - * @author Vincent Petry - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption; - - -class Migration { - - /** - * @var \OC\Files\View - */ - private $view; - private $public_share_key_id; - private $recovery_key_id; - - public function __construct() { - $this->view = new \OC\Files\View(); - $this->view->getUpdater()->disable(); - $this->public_share_key_id = Helper::getPublicShareKeyId(); - $this->recovery_key_id = Helper::getRecoveryKeyId(); - } - - public function reorganizeFolderStructure() { - $this->reorganizeSystemFolderStructure(); - - $limit = 500; - $offset = 0; - do { - $users = \OCP\User::getUsers('', $limit, $offset); - foreach ($users as $user) { - $this->reorganizeFolderStructureForUser($user); - } - $offset += $limit; - } while (count($users) >= $limit); - } - - public function reorganizeSystemFolderStructure() { - - $this->createPathForKeys('/files_encryption'); - - // backup system wide folders - $this->backupSystemWideKeys(); - - // rename public keys - $this->renamePublicKeys(); - - // rename system wide mount point - $this->renameFileKeys('', '/files_encryption/keyfiles'); - - // rename system private keys - $this->renameSystemPrivateKeys(); - - // delete old system wide folders - $this->view->deleteAll('/public-keys'); - $this->view->deleteAll('/owncloud_private_key'); - $this->view->deleteAll('/files_encryption/share-keys'); - $this->view->deleteAll('/files_encryption/keyfiles'); - $storage = $this->view->getMount('')->getStorage(); - $storage->getScanner()->scan('files_encryption'); - $storage->getCache()->remove('owncloud_private_key'); - $storage->getCache()->remove('public-keys'); - } - - - public function reorganizeFolderStructureForUser($user) { - // backup all keys - \OC_Util::tearDownFS(); - \OC_Util::setupFS($user); - if ($this->backupUserKeys($user)) { - // create new 'key' folder - $this->view->mkdir($user . '/files_encryption/keys'); - // rename users private key - $this->renameUsersPrivateKey($user); - // rename file keys - $path = $user . '/files_encryption/keyfiles'; - $this->renameFileKeys($user, $path); - $trashPath = $user . '/files_trashbin/keyfiles'; - if (\OC_App::isEnabled('files_trashbin') && $this->view->is_dir($trashPath)) { - $this->renameFileKeys($user, $trashPath, true); - $this->view->deleteAll($trashPath); - $this->view->deleteAll($user . '/files_trashbin/share-keys'); - } - // delete old folders - $this->deleteOldKeys($user); - $this->view->getMount('/' . $user)->getStorage()->getScanner()->scan('files_encryption'); - } - } - - private function backupSystemWideKeys() { - $backupDir = 'encryption_migration_backup_' . date("Y-m-d_H-i-s"); - $this->view->mkdir($backupDir); - $this->view->copy('owncloud_private_key', $backupDir . '/owncloud_private_key'); - $this->view->copy('public-keys', $backupDir . '/public-keys'); - $this->view->copy('files_encryption', $backupDir . '/files_encryption'); - } - - private function backupUserKeys($user) { - $encryptionDir = $user . '/files_encryption'; - if ($this->view->is_dir($encryptionDir)) { - $backupDir = $user . '/encryption_migration_backup_' . date("Y-m-d_H-i-s"); - $this->view->mkdir($backupDir); - $this->view->copy($encryptionDir, $backupDir); - return true; - } - return false; - } - - private function renamePublicKeys() { - $dh = $this->view->opendir('public-keys'); - - $this->createPathForKeys('files_encryption/public_keys'); - - if (is_resource($dh)) { - while (($oldPublicKey = readdir($dh)) !== false) { - if (!\OC\Files\Filesystem::isIgnoredDir($oldPublicKey)) { - $newPublicKey = substr($oldPublicKey, 0, strlen($oldPublicKey) - strlen('.public.key')) . '.publicKey'; - $this->view->rename('public-keys/' . $oldPublicKey, 'files_encryption/public_keys/' . $newPublicKey); - } - } - closedir($dh); - } - } - - private function renameSystemPrivateKeys() { - $dh = $this->view->opendir('owncloud_private_key'); - - if (is_resource($dh)) { - while (($oldPrivateKey = readdir($dh)) !== false) { - if (!\OC\Files\Filesystem::isIgnoredDir($oldPrivateKey)) { - $newPrivateKey = substr($oldPrivateKey, 0, strlen($oldPrivateKey) - strlen('.private.key')) . '.privateKey'; - $this->view->rename('owncloud_private_key/' . $oldPrivateKey, 'files_encryption/' . $newPrivateKey); - } - } - closedir($dh); - } - } - - private function renameUsersPrivateKey($user) { - $oldPrivateKey = $user . '/files_encryption/' . $user . '.private.key'; - $newPrivateKey = substr($oldPrivateKey, 0, strlen($oldPrivateKey) - strlen('.private.key')) . '.privateKey'; - - $this->view->rename($oldPrivateKey, $newPrivateKey); - } - - private function getFileName($file, $trash) { - - $extLength = strlen('.key'); - - if ($trash) { - $parts = explode('.', $file); - if ($parts[count($parts) - 1] !== 'key') { - $extLength = $extLength + strlen('.' . $parts[count($parts) - 1]); - } - } - - $filename = substr($file, 0, strlen($file) - $extLength); - - return $filename; - } - - private function getExtension($file, $trash) { - - $extension = ''; - - if ($trash) { - $parts = explode('.', $file); - if ($parts[count($parts) - 1] !== 'key') { - $extension = '.' . $parts[count($parts) - 1]; - } - } - - return $extension; - } - - private function getFilePath($path, $user, $trash) { - $offset = $trash ? strlen($user . '/files_trashbin/keyfiles') : strlen($user . '/files_encryption/keyfiles'); - return substr($path, $offset); - } - - private function getTargetDir($user, $filePath, $filename, $extension, $trash) { - if ($trash) { - $targetDir = $user . '/files_trashbin/keys/' . $filePath . '/' . $filename . $extension; - } else { - $targetDir = $user . '/files_encryption/keys/' . $filePath . '/' . $filename . $extension; - } - - return $targetDir; - } - - private function renameFileKeys($user, $path, $trash = false) { - - $dh = $this->view->opendir($path); - - if (is_resource($dh)) { - while (($file = readdir($dh)) !== false) { - if (!\OC\Files\Filesystem::isIgnoredDir($file)) { - if ($this->view->is_dir($path . '/' . $file)) { - $this->renameFileKeys($user, $path . '/' . $file, $trash); - } else { - $filename = $this->getFileName($file, $trash); - $filePath = $this->getFilePath($path, $user, $trash); - $extension = $this->getExtension($file, $trash); - $targetDir = $this->getTargetDir($user, $filePath, $filename, $extension, $trash); - $this->createPathForKeys($targetDir); - $this->view->rename($path . '/' . $file, $targetDir . '/fileKey'); - $this->renameShareKeys($user, $filePath, $filename, $targetDir, $trash); - } - } - } - closedir($dh); - } - } - - private function getOldShareKeyPath($user, $filePath, $trash) { - if ($trash) { - $oldShareKeyPath = $user . '/files_trashbin/share-keys/' . $filePath; - } else { - $oldShareKeyPath = $user . '/files_encryption/share-keys/' . $filePath; - } - - return $oldShareKeyPath; - } - - private function getUidFromShareKey($file, $filename, $trash) { - $extLength = strlen('.shareKey'); - if ($trash) { - $parts = explode('.', $file); - if ($parts[count($parts) - 1] !== 'shareKey') { - $extLength = $extLength + strlen('.' . $parts[count($parts) - 1]); - } - } - - $uid = substr($file, strlen($filename) + 1, $extLength * -1); - - return $uid; - } - - private function renameShareKeys($user, $filePath, $filename, $target, $trash) { - $oldShareKeyPath = $this->getOldShareKeyPath($user, $filePath, $trash); - $dh = $this->view->opendir($oldShareKeyPath); - - if (is_resource($dh)) { - while (($file = readdir($dh)) !== false) { - if (!\OC\Files\Filesystem::isIgnoredDir($file)) { - if ($this->view->is_dir($oldShareKeyPath . '/' . $file)) { - continue; - } else { - if (substr($file, 0, strlen($filename) + 1) === $filename . '.') { - - $uid = $this->getUidFromShareKey($file, $filename, $trash); - $this->view->rename($oldShareKeyPath . '/' . $file, $target . '/' . $uid . '.shareKey'); - } - } - - } - } - closedir($dh); - } - } - - private function deleteOldKeys($user) { - $this->view->deleteAll($user . '/files_encryption/keyfiles'); - $this->view->deleteAll($user . '/files_encryption/share-keys'); - } - - private function createPathForKeys($path) { - if (!$this->view->file_exists($path)) { - $sub_dirs = explode('/', $path); - $dir = ''; - foreach ($sub_dirs as $sub_dir) { - $dir .= '/' . $sub_dir; - if (!$this->view->is_dir($dir)) { - $this->view->mkdir($dir); - } - } - } - } -} diff --git a/apps/files_encryption/lib/proxy.php b/apps/files_encryption/lib/proxy.php deleted file mode 100644 index b452c0d4e2..0000000000 --- a/apps/files_encryption/lib/proxy.php +++ /dev/null @@ -1,401 +0,0 @@ - - * @author Florin Peter - * @author Joas Schilling - * @author Morris Jobke - * @author Robin Appelman - * @author Robin McCorkell - * @author Sam Tuke - * @author Thomas Müller - * @author Vincent Petry - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -/** - * Encryption proxy which handles filesystem operations before and after - * execution and encrypts, and handles keyfiles accordingly. Used for - * webui. - */ - -namespace OCA\Files_Encryption; - -/** - * Class Proxy - * @package OCA\Files_Encryption - */ -class Proxy extends \OC_FileProxy { - - private static $unencryptedSizes = array(); // remember unencrypted size - private static $fopenMode = array(); // remember the fopen mode - private static $enableEncryption = false; // Enable encryption for the given path - - - /** - * check if path is excluded from encryption - * - * @param string $path relative to data/ - * @return boolean - */ - protected function isExcludedPath($path) { - - $view = new \OC\Files\View(); - - $normalizedPath = \OC\Files\Filesystem::normalizePath($path); - - $parts = explode('/', $normalizedPath); - - // we only encrypt/decrypt files in the files and files_versions folder - if (sizeof($parts) < 3) { - /** - * Less then 3 parts means, we can't match: - * - /{$uid}/files/* nor - * - /{$uid}/files_versions/* - * So this is not a path we are looking for. - */ - return true; - } - if( - !($parts[2] === 'files' && \OCP\User::userExists($parts[1])) && - !($parts[2] === 'files_versions' && \OCP\User::userExists($parts[1]))) { - - return true; - } - - if (!$view->file_exists($normalizedPath)) { - $normalizedPath = dirname($normalizedPath); - } - - // we don't encrypt server-to-server shares - list($storage, ) = \OC\Files\Filesystem::resolvePath($normalizedPath); - /** - * @var \OCP\Files\Storage $storage - */ - if ($storage->instanceOfStorage('OCA\Files_Sharing\External\Storage')) { - return true; - } - - return false; - } - - /** - * Check if a file requires encryption - * @param string $path - * @param string $mode type of access - * @return bool - * - * Tests if server side encryption is enabled, and if we should call the - * crypt stream wrapper for the given file - */ - private function shouldEncrypt($path, $mode = 'w') { - - // don't call the crypt stream wrapper, if... - if ( - Crypt::mode() !== 'server' // we are not in server-side-encryption mode - || $this->isExcludedPath($path) // if path is excluded from encryption - || substr($path, 0, 8) === 'crypt://' // we are already in crypt mode - ) { - return false; - } - - $userId = Helper::getUser($path); - $view = new \OC\Files\View(''); - $util = new Util($view, $userId); - - // for write operation we always encrypt the files, for read operations - // we check if the existing file is encrypted or not decide if it needs to - // decrypt it. - if (($mode !== 'r' && $mode !== 'rb') || $util->isEncryptedPath($path)) { - return true; - } - - return false; - } - - /** - * @param string $path - * @param string $data - * @return bool - */ - public function preFile_put_contents($path, &$data) { - - if ($this->shouldEncrypt($path)) { - - if (!is_resource($data)) { - - // get root view - $view = new \OC\Files\View('/'); - - // get relative path - $relativePath = Helper::stripUserFilesPath($path); - - if (!isset($relativePath)) { - return true; - } - - // create random cache folder - $cacheFolder = rand(); - $path_slices = explode('/', \OC\Files\Filesystem::normalizePath($path)); - $path_slices[2] = "cache/".$cacheFolder; - $tmpPath = implode('/', $path_slices); - - $handle = fopen('crypt://' . $tmpPath, 'w'); - if (is_resource($handle)) { - - // write data to stream - fwrite($handle, $data); - - // close stream - fclose($handle); - - // disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // get encrypted content - $data = $view->file_get_contents($tmpPath); - - // store new unenecrypted size so that it can be updated - // in the post proxy - $tmpFileInfo = $view->getFileInfo($tmpPath); - if ( isset($tmpFileInfo['unencrypted_size']) ) { - self::$unencryptedSizes[\OC\Files\Filesystem::normalizePath($path)] = $tmpFileInfo['unencrypted_size']; - } - - // remove our temp file - $view->deleteAll('/' . \OCP\User::getUser() . '/cache/' . $cacheFolder); - - // re-enable proxy - our work is done - \OC_FileProxy::$enabled = $proxyStatus; - } else { - return false; - } - } - } - - return true; - - } - - /** - * update file cache with the new unencrypted size after file was written - * @param string $path - * @param mixed $result - * @return mixed - */ - public function postFile_put_contents($path, $result) { - $normalizedPath = \OC\Files\Filesystem::normalizePath($path); - if ( isset(self::$unencryptedSizes[$normalizedPath]) ) { - $view = new \OC\Files\View('/'); - $view->putFileInfo($normalizedPath, - array('encrypted' => true, 'unencrypted_size' => self::$unencryptedSizes[$normalizedPath])); - unset(self::$unencryptedSizes[$normalizedPath]); - } - - return $result; - } - - /** - * @param string $path Path of file from which has been read - * @param string $data Data that has been read from file - */ - public function postFile_get_contents($path, $data) { - - $plainData = null; - - // If data is a catfile - if ( - Crypt::mode() === 'server' - && $this->shouldEncrypt($path) - && Crypt::isCatfileContent($data) - ) { - - $handle = fopen('crypt://' . $path, 'r'); - - if (is_resource($handle)) { - while (($plainDataChunk = fgets($handle, 8192)) !== false) { - $plainData .= $plainDataChunk; - } - } - - } - - if (!isset($plainData)) { - - $plainData = $data; - - } - - return $plainData; - - } - - /** - * remember initial fopen mode because sometimes it gets changed during the request - * @param string $path path - * @param string $mode type of access - */ - public function preFopen($path, $mode) { - - self::$fopenMode[$path] = $mode; - self::$enableEncryption = $this->shouldEncrypt($path, $mode); - - } - - - /** - * @param string $path - * @param resource $result - * @return resource - */ - public function postFopen($path, $result) { - - $path = \OC\Files\Filesystem::normalizePath($path); - - if (!$result || self::$enableEncryption === false) { - - return $result; - - } - - // if we remember the mode from the pre proxy we re-use it - // otherwise we fall back to stream_get_meta_data() - if (isset(self::$fopenMode[$path])) { - $mode = self::$fopenMode[$path]; - unset(self::$fopenMode[$path]); - } else { - $meta = stream_get_meta_data($result); - $mode = $meta['mode']; - } - - // Close the original encrypted file - fclose($result); - - // Open the file using the crypto stream wrapper - // protocol and let it do the decryption work instead - $result = fopen('crypt://' . $path, $mode); - - return $result; - - } - - /** - * @param string $path - * @param array $data - * @return array - */ - public function postGetFileInfo($path, $data) { - - // if path is a folder do nothing - if (\OCP\App::isEnabled('files_encryption') && $data !== false && array_key_exists('size', $data)) { - - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // get file size - $data['size'] = self::postFileSize($path, $data['size'], $data); - - // Re-enable the proxy - \OC_FileProxy::$enabled = $proxyStatus; - } - - return $data; - } - - /** - * @param string $path - * @param int $size - * @return int|bool - */ - public function postFileSize($path, $size, $fileInfo = null) { - - $view = new \OC\Files\View('/'); - - $userId = Helper::getUser($path); - $util = new Util($view, $userId); - - // if encryption is no longer enabled or if the files aren't migrated yet - // we return the default file size - if(!\OCP\App::isEnabled('files_encryption') || - $util->getMigrationStatus() !== Util::MIGRATION_COMPLETED) { - return $size; - } - - // if path is a folder do nothing - if ($view->is_dir($path)) { - $proxyState = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - $fileInfo = $view->getFileInfo($path); - \OC_FileProxy::$enabled = $proxyState; - if (isset($fileInfo['unencrypted_size']) && $fileInfo['unencrypted_size'] > 0) { - return $fileInfo['unencrypted_size']; - } - return $size; - } - - // get relative path - $relativePath = Helper::stripUserFilesPath($path); - - // if path is empty we cannot resolve anything - if (empty($relativePath)) { - return $size; - } - - // get file info from database/cache - if (empty($fileInfo)) { - $proxyState = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - $fileInfo = $view->getFileInfo($path); - \OC_FileProxy::$enabled = $proxyState; - } - - // if file is encrypted return real file size - if (isset($fileInfo['encrypted']) && $fileInfo['encrypted'] === true) { - // try to fix unencrypted file size if it doesn't look plausible - if ((int)$fileInfo['size'] > 0 && (int)$fileInfo['unencrypted_size'] === 0 ) { - $fixSize = $util->getFileSize($path); - $fileInfo['unencrypted_size'] = $fixSize; - // put file info if not .part file - if (!Helper::isPartialFilePath($relativePath)) { - $view->putFileInfo($path, array('unencrypted_size' => $fixSize)); - } - } - $size = $fileInfo['unencrypted_size']; - } else { - - $fileInfoUpdates = array(); - - $fixSize = $util->getFileSize($path); - if ($fixSize > 0) { - $size = $fixSize; - - $fileInfoUpdates['encrypted'] = true; - $fileInfoUpdates['unencrypted_size'] = $size; - - // put file info if not .part file - if (!Helper::isPartialFilePath($relativePath)) { - $view->putFileInfo($path, $fileInfoUpdates); - } - } - - } - return $size; - } - -} diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php deleted file mode 100644 index 10e4c061b3..0000000000 --- a/apps/files_encryption/lib/session.php +++ /dev/null @@ -1,203 +0,0 @@ - - * @author Florin Peter - * @author Joas Schilling - * @author Jörn Friedrich Dreyer - * @author Morris Jobke - * @author Robin Appelman - * @author Robin McCorkell - * @author Sam Tuke - * @author Thomas Müller - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption; - -/** - * Class for handling encryption related session data - */ - -class Session { - - private $view; - private static $publicShareKey = false; - - const NOT_INITIALIZED = '0'; - const INIT_EXECUTED = '1'; - const INIT_SUCCESSFUL = '2'; - - - /** - * if session is started, check if ownCloud key pair is set up, if not create it - * @param \OC\Files\View $view - * - * @note The ownCloud key pair is used to allow public link sharing even if encryption is enabled - */ - public function __construct($view) { - - $this->view = $view; - - if (!$this->view->is_dir('files_encryption')) { - - $this->view->mkdir('files_encryption'); - - } - - $appConfig = \OC::$server->getAppConfig(); - - $publicShareKeyId = Helper::getPublicShareKeyId(); - - if ($publicShareKeyId === false) { - $publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8); - $appConfig->setValue('files_encryption', 'publicShareKeyId', $publicShareKeyId); - } - - if (!Keymanager::publicShareKeyExists($view)) { - - $keypair = Crypt::createKeypair(); - - - // Save public key - Keymanager::setPublicKey($keypair['publicKey'], $publicShareKeyId); - - // Encrypt private key empty passphrase - $cipher = Helper::getCipher(); - $encryptedKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], '', $cipher); - if ($encryptedKey) { - Keymanager::setPrivateSystemKey($encryptedKey, $publicShareKeyId); - } else { - \OCP\Util::writeLog('files_encryption', 'Could not create public share keys', \OCP\Util::ERROR); - } - - } - - if (Helper::isPublicAccess() && !self::getPublicSharePrivateKey()) { - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - $encryptedKey = Keymanager::getPrivateSystemKey($publicShareKeyId); - $privateKey = Crypt::decryptPrivateKey($encryptedKey, ''); - self::setPublicSharePrivateKey($privateKey); - - \OC_FileProxy::$enabled = $proxyStatus; - } - } - - /** - * Sets user private key to session - * @param string $privateKey - * @return bool - * - * @note this should only be set on login - */ - public function setPrivateKey($privateKey) { - - \OC::$server->getSession()->set('privateKey', $privateKey); - - return true; - - } - - /** - * remove keys from session - */ - public function removeKeys() { - \OC::$server->getSession()->remove('publicSharePrivateKey'); - \OC::$server->getSession()->remove('privateKey'); - } - - /** - * Sets status of encryption app - * @param string $init INIT_SUCCESSFUL, INIT_EXECUTED, NOT_INITIALIZED - * @return bool - * - * @note this doesn not indicate of the init was successful, we just remeber the try! - */ - public function setInitialized($init) { - - \OC::$server->getSession()->set('encryptionInitialized', $init); - - return true; - - } - - /** - * remove encryption keys and init status from session - */ - public function closeSession() { - \OC::$server->getSession()->remove('encryptionInitialized'); - \OC::$server->getSession()->remove('privateKey'); - } - - - /** - * Gets status if we already tried to initialize the encryption app - * @return string init status INIT_SUCCESSFUL, INIT_EXECUTED, NOT_INITIALIZED - * - * @note this doesn not indicate of the init was successful, we just remeber the try! - */ - public function getInitialized() { - if (!is_null(\OC::$server->getSession()->get('encryptionInitialized'))) { - return \OC::$server->getSession()->get('encryptionInitialized'); - } else if (Helper::isPublicAccess() && self::getPublicSharePrivateKey()) { - return self::INIT_SUCCESSFUL; - } else { - return self::NOT_INITIALIZED; - } - } - - /** - * Gets user or public share private key from session - * @return string $privateKey The user's plaintext private key - * - */ - public function getPrivateKey() { - // return the public share private key if this is a public access - if (Helper::isPublicAccess()) { - return self::getPublicSharePrivateKey(); - } else { - if (!is_null(\OC::$server->getSession()->get('privateKey'))) { - return \OC::$server->getSession()->get('privateKey'); - } else { - return false; - } - } - } - - /** - * Sets public user private key to session - * @param string $privateKey - * @return bool - */ - private static function setPublicSharePrivateKey($privateKey) { - self::$publicShareKey = $privateKey; - return true; - } - - /** - * Gets public share private key from session - * @return string $privateKey - * - */ - private static function getPublicSharePrivateKey() { - return self::$publicShareKey; - } - -} diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php deleted file mode 100644 index 4cbf9e4a4b..0000000000 --- a/apps/files_encryption/lib/stream.php +++ /dev/null @@ -1,700 +0,0 @@ - - * @author Florin Peter - * @author jknockaert - * @author Joas Schilling - * @author Morris Jobke - * @author Robin McCorkell - * @author Sam Tuke - * @author Vincent Petry - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -/** - * transparently encrypted filestream - * - * you can use it as wrapper around an existing stream by setting CryptStream::$sourceStreams['foo']=array('path'=>$path,'stream'=>$stream) - * and then fopen('crypt://streams/foo'); - */ - -namespace OCA\Files_Encryption; - -use OCA\Files_Encryption\Exception\EncryptionException; - -/** - * Provides 'crypt://' stream wrapper protocol. - * @note We use a stream wrapper because it is the most secure way to handle - * decrypted content transfers. There is no safe way to decrypt the entire file - * somewhere on the server, so we have to encrypt and decrypt blocks on the fly. - * @note Paths used with this protocol MUST BE RELATIVE. Use URLs like: - * crypt://filename, or crypt://subdirectory/filename, NOT - * crypt:///home/user/owncloud/data. Otherwise keyfiles will be put in - * [owncloud]/data/user/files_encryption/keyfiles/home/user/owncloud/data and - * will not be accessible to other methods. - * @note Data read and written must always be 8192 bytes long, as this is the - * buffer size used internally by PHP. The encryption process makes the input - * data longer, and input is chunked into smaller pieces in order to result in - * a 8192 encrypted block size. - * @note When files are deleted via webdav, or when they are updated and the - * previous version deleted, this is handled by OC\Files\View, and thus the - * encryption proxies are used and keyfiles deleted. - */ -class Stream { - - const PADDING_CHAR = '-'; - - private $plainKey; - private $encKeyfiles; - private $rawPath; // The raw path relative to the data dir - private $relPath; // rel path to users file dir - private $userId; - private $keyId; - private $handle; // Resource returned by fopen - private $meta = array(); // Header / meta for source stream - private $cache; // Current block unencrypted - private $position; // Current pointer position in the unencrypted stream - private $writeFlag; // Flag to write current block when leaving it - private $size; - private $headerSize = 0; // Size of header - private $unencryptedSize; - private $publicKey; - private $encKeyfile; - private $newFile; // helper var, we only need to write the keyfile for new files - private $isLocalTmpFile = false; // do we operate on a local tmp file - private $localTmpFile; // path of local tmp file - private $containHeader = false; // the file contain a header - private $cipher; // cipher used for encryption/decryption - /** @var \OCA\Files_Encryption\Util */ - private $util; - - /** - * @var \OC\Files\View - */ - private $rootView; // a fsview object set to '/' - - /** - * @var \OCA\Files_Encryption\Session - */ - private $session; - private $privateKey; - - /** - * @param string $path raw path relative to data/ - * @param string $mode - * @param int $options - * @param string $opened_path - * @return bool - * @throw \OCA\Files_Encryption\Exception\EncryptionException - */ - public function stream_open($path, $mode, $options, &$opened_path) { - - // read default cipher from config - $this->cipher = Helper::getCipher(); - - // assume that the file already exist before we decide it finally in getKey() - $this->newFile = false; - - $this->rootView = new \OC\Files\View('/'); - - $this->session = new Session($this->rootView); - - $this->privateKey = $this->session->getPrivateKey(); - if ($this->privateKey === false) { - throw new EncryptionException('Session does not contain a private key, maybe your login password changed?', - EncryptionException::PRIVATE_KEY_MISSING); - } - - $normalizedPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path)); - $originalFile = Helper::getPathFromTmpFile($normalizedPath); - if ($originalFile) { - $this->rawPath = $originalFile; - $this->isLocalTmpFile = true; - $this->localTmpFile = $normalizedPath; - } else { - $this->rawPath = $normalizedPath; - } - - $this->util = new Util($this->rootView, Helper::getUser($this->rawPath)); - - // get the key ID which we want to use, can be the users key or the - // public share key - $this->keyId = $this->util->getKeyId(); - - $fileType = Helper::detectFileType($this->rawPath); - - switch ($fileType) { - case Util::FILE_TYPE_FILE: - $this->relPath = Helper::stripUserFilesPath($this->rawPath); - $user = \OC::$server->getUserSession()->getUser(); - $this->userId = $user ? $user->getUID() : Helper::getUserFromPath($this->rawPath); - break; - case Util::FILE_TYPE_VERSION: - $this->relPath = Helper::getPathFromVersion($this->rawPath); - $this->userId = Helper::getUserFromPath($this->rawPath); - break; - case Util::FILE_TYPE_CACHE: - $this->relPath = Helper::getPathFromCachedFile($this->rawPath); - Helper::mkdirr($this->rawPath, new \OC\Files\View('/')); - $user = \OC::$server->getUserSession()->getUser(); - $this->userId = $user ? $user->getUID() : Helper::getUserFromPath($this->rawPath); - break; - default: - \OCP\Util::writeLog('Encryption library', 'failed to open file "' . $this->rawPath . '" expecting a path to "files", "files_versions" or "cache"', \OCP\Util::ERROR); - return false; - } - - // Disable fileproxies so we can get the file size and open the source file without recursive encryption - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - $this->position = 0; - $this->cache = ''; - $this->writeFlag = 0; - - // Setting handle so it can be used for reading the header - if ($this->isLocalTmpFile) { - $this->handle = fopen($this->localTmpFile, $mode); - } else { - $this->handle = $this->rootView->fopen($this->rawPath, $mode); - } - - if ( - $mode === 'w' - or $mode === 'w+' - or $mode === 'wb' - or $mode === 'wb+' - ) { - // We're writing a new file so start write counter with 0 bytes - $this->size = 0; - $this->unencryptedSize = 0; - } else { - $this->size = $this->rootView->filesize($this->rawPath); - \OC_FileProxy::$enabled = true; - $this->unencryptedSize = $this->rootView->filesize($this->rawPath); - \OC_FileProxy::$enabled = false; - $this->readHeader(); - } - - \OC_FileProxy::$enabled = $proxyStatus; - - if (!is_resource($this->handle)) { - - \OCP\Util::writeLog('Encryption library', 'failed to open file "' . $this->rawPath . '"', \OCP\Util::ERROR); - - } else { - - $this->meta = stream_get_meta_data($this->handle); - // sometimes fopen changes the mode, e.g. for a url "r" convert to "r+" - // but we need to remember the original access type - $this->meta['mode'] = $mode; - - } - - - return is_resource($this->handle); - - } - - private function readHeader() { - - if (is_resource($this->handle)) { - $data = fread($this->handle, Crypt::BLOCKSIZE); - - $header = Crypt::parseHeader($data); - $this->cipher = Crypt::getCipher($header); - - // remeber that we found a header - if (!empty($header)) { - $this->containHeader = true; - $this->headerSize = Crypt::BLOCKSIZE; - // if there's no header then decrypt the block and store it in the cache - } else { - if (!$this->getKey()) { - throw new \Exception('Encryption key not found for "' . $this->rawPath . '" during attempted read via stream'); - } else { - $this->cache = Crypt::symmetricDecryptFileContent($data, $this->plainKey, $this->cipher); - } - } - - } - } - - /** - * Returns the current position of the file pointer - * @return int position of the file pointer - */ - public function stream_tell() { - return $this->position; - } - - /** - * @param int $offset - * @param int $whence - * @return bool true if fseek was successful, otherwise false - */ - - // seeking the stream tries to move the pointer on the encrypted stream to the beginning of the target block - // if that works, it flushes the current block and changes the position in the unencrypted stream - public function stream_seek($offset, $whence = SEEK_SET) { - // this wrapper needs to return "true" for success. - // the fseek call itself returns 0 on succeess - - $return=false; - - switch($whence) { - case SEEK_SET: - if($offset < $this->unencryptedSize && $offset >= 0) { - $newPosition=$offset; - } - break; - case SEEK_CUR: - if($offset>=0) { - $newPosition=$offset+$this->position; - } - break; - case SEEK_END: - if($this->unencryptedSize + $offset >= 0) { - $newPosition=$this->unencryptedSize+$offset; - } - break; - default: - return $return; - } - $newFilePosition=floor($newPosition/6126)*Crypt::BLOCKSIZE+$this->headerSize; - if (fseek($this->handle, $newFilePosition)===0) { - $this->flush(); - $this->position=$newPosition; - $return=true; - } - return $return; - - } - - /** - * @param int $count - * @return bool|string - * @throws \OCA\Files_Encryption\Exception\EncryptionException - */ - public function stream_read($count) { - - $result = ''; - - // limit to the end of the unencrypted file; otherwise getFileSize will fail and it is good practise anyway - $count=min($count,$this->unencryptedSize - $this->position); - - // loop over the 6126 sized unencrypted blocks - while ($count > 0) { - - $remainingLength = $count; - - // update the cache of the current block - $this->readCache(); - - // determine the relative position in the current block - $blockPosition=($this->position % 6126); - - // if entire read inside current block then only position needs to be updated - if ($remainingLength<(6126 - $blockPosition)) { - $result .= substr($this->cache,$blockPosition,$remainingLength); - $this->position += $remainingLength; - $count=0; - // otherwise remainder of current block is fetched, the block is flushed and the position updated - } else { - $result .= substr($this->cache,$blockPosition); - $this->flush(); - $this->position += (6126 - $blockPosition); - $count -= (6126 - $blockPosition); - } - - } - - return $result; - - } - - /** - * Encrypt and pad data ready for writing to disk - * @param string $plainData data to be encrypted - * @param string $key key to use for encryption - * @return string encrypted data on success, false on failure - */ - public function preWriteEncrypt($plainData, $key) { - - // Encrypt data to 'catfile', which includes IV - if ($encrypted = Crypt::symmetricEncryptFileContent($plainData, $key, $this->cipher)) { - - return $encrypted; - - } else { - - return false; - - } - - } - - /** - * Fetch the plain encryption key for the file and set it as plainKey property - * @internal param bool $generate if true, a new key will be generated if none can be found - * @return bool true on key found and set, false on key not found and new key generated and set - */ - public function getKey() { - - // Check if key is already set - if (isset($this->plainKey) && isset($this->encKeyfile)) { - - return true; - - } - - // Fetch and decrypt keyfile - // Fetch existing keyfile - $this->encKeyfile = Keymanager::getFileKey($this->rootView, $this->util, $this->relPath); - - // If a keyfile already exists - if ($this->encKeyfile) { - - $shareKey = Keymanager::getShareKey($this->rootView, $this->keyId, $this->util, $this->relPath); - - // if there is no valid private key return false - if ($this->privateKey === false) { - // if private key is not valid redirect user to a error page - Helper::redirectToErrorPage($this->session); - return false; - } - - if ($shareKey === false) { - // if no share key is available redirect user to a error page - Helper::redirectToErrorPage($this->session, Crypt::ENCRYPTION_NO_SHARE_KEY_FOUND); - return false; - } - - $this->plainKey = Crypt::multiKeyDecrypt($this->encKeyfile, $shareKey, $this->privateKey); - - return true; - - } else { - - $this->newFile = true; - - return false; - - } - - } - - /** - * write header at beginning of encrypted file - * - * @throws \OCA\Files_Encryption\Exception\EncryptionException - */ - private function writeHeader() { - - $header = Crypt::generateHeader(); - - if (strlen($header) > Crypt::BLOCKSIZE) { - throw new EncryptionException('max header size exceeded', EncryptionException::ENCRYPTION_HEADER_TO_LARGE); - } - - $paddedHeader = str_pad($header, Crypt::BLOCKSIZE, self::PADDING_CHAR, STR_PAD_RIGHT); - - fwrite($this->handle, $paddedHeader); - $this->headerWritten = true; - $this->containHeader = true; - $this->headerSize = Crypt::BLOCKSIZE; - $this->size += $this->headerSize; - } - - /** - * Handle plain data from the stream, and write it in 8192 byte blocks - * @param string $data data to be written to disk - * @note the data will be written to the path stored in the stream handle, set in stream_open() - * @note $data is only ever be a maximum of 8192 bytes long. This is set by PHP internally. stream_write() is called multiple times in a loop on data larger than 8192 bytes - * @note Because the encryption process used increases the length of $data, a cache is used to carry over data which would not fit in the required block size - * @note Padding is added to each encrypted block to ensure that the resulting block is exactly 8192 bytes. This is removed during stream_read - * @note PHP automatically updates the file pointer after writing data to reflect it's length. There is generally no need to update the poitner manually using fseek - */ - public function stream_write($data) { - - // if there is no valid private key return false - if ($this->privateKey === false) { - $this->size = 0; - return strlen($data); - } - - if ($this->size === 0) { - $this->writeHeader(); - } - - // Get / generate the keyfile for the file we're handling - // If we're writing a new file (not overwriting an existing - // one), save the newly generated keyfile - if (!$this->getKey()) { - - $this->plainKey = Crypt::generateKey(); - - } - - $length=0; - - // loop over $data to fit it in 6126 sized unencrypted blocks - while (strlen($data) > 0) { - - $remainingLength = strlen($data); - - // set the cache to the current 6126 block - $this->readCache(); - - // only allow writes on seekable streams, or at the end of the encrypted stream - // for seekable streams the pointer is moved back to the beginning of the encrypted block - // flush will start writing there when the position moves to another block - if((fseek($this->handle, floor($this->position/6126)*Crypt::BLOCKSIZE + $this->headerSize) === 0) || (floor($this->position/6126)*Crypt::BLOCKSIZE + $this->headerSize === $this->size)) { - - // switch the writeFlag so flush() will write the block - $this->writeFlag=1; - - // determine the relative position in the current block - $blockPosition=($this->position % 6126); - - // check if $data fits in current block - // if so, overwrite existing data (if any) - // update position and liberate $data - if ($remainingLength<(6126 - $blockPosition)) { - $this->cache=substr($this->cache,0,$blockPosition).$data.substr($this->cache,$blockPosition+$remainingLength); - $this->position += $remainingLength; - $length += $remainingLength; - $data = ''; - // if $data doens't fit the current block, the fill the current block and reiterate - // after the block is filled, it is flushed and $data is updated - } else { - $this->cache=substr($this->cache,0,$blockPosition).substr($data,0,6126-$blockPosition); - $this->flush(); - $this->position += (6126 - $blockPosition); - $length += (6126 - $blockPosition); - $data = substr($data, 6126 - $blockPosition); - } - - } else { - $data=''; - } - } - - $this->unencryptedSize = max($this->unencryptedSize,$this->position); - - return $length; - - } - - - /** - * @param int $option - * @param int $arg1 - * @param int|null $arg2 - */ - public function stream_set_option($option, $arg1, $arg2) { - $return = false; - switch ($option) { - case STREAM_OPTION_BLOCKING: - $return = stream_set_blocking($this->handle, $arg1); - break; - case STREAM_OPTION_READ_TIMEOUT: - $return = stream_set_timeout($this->handle, $arg1, $arg2); - break; - case STREAM_OPTION_WRITE_BUFFER: - $return = stream_set_write_buffer($this->handle, $arg1); - } - - return $return; - } - - /** - * @return array - */ - public function stream_stat() { - return fstat($this->handle); - } - - /** - * @param int $mode - */ - public function stream_lock($mode) { - return flock($this->handle, $mode); - } - - /** - * @return bool - */ - public function stream_flush() { - - $this->flush(); - return fflush($this->handle); - // Not a typo: http://php.net/manual/en/function.fflush.php - - } - - /** - * @return bool - */ - public function stream_eof() { - return ($this->position>=$this->unencryptedSize); - } - - private function flush() { - - // write to disk only when writeFlag was set to 1 - if ($this->writeFlag === 1) { - // Disable the file proxies so that encryption is not - // automatically attempted when the file is written to disk - - // we are handling that separately here and we don't want to - // get into an infinite loop - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - // Set keyfile property for file in question - $this->getKey(); - $encrypted = $this->preWriteEncrypt($this->cache, $this->plainKey); - fwrite($this->handle, $encrypted); - $this->writeFlag = 0; - $this->size = max($this->size,ftell($this->handle)); - \OC_FileProxy::$enabled = $proxyStatus; - } - // always empty the cache (otherwise readCache() will not fill it with the new block) - $this->cache = ''; - } - - private function readCache() { - // cache should always be empty string when this function is called - // don't try to fill the cache when trying to write at the end of the unencrypted file when it coincides with new block - if ($this->cache === '' && !($this->position===$this->unencryptedSize && ($this->position % 6126)===0)) { - // Get the data from the file handle - $data = fread($this->handle, Crypt::BLOCKSIZE); - $result = ''; - if (strlen($data)) { - if (!$this->getKey()) { - // Error! We don't have a key to decrypt the file with - throw new \Exception('Encryption key not found for "'. $this->rawPath . '" during attempted read via stream'); - } else { - // Decrypt data - $result = Crypt::symmetricDecryptFileContent($data, $this->plainKey, $this->cipher); - } - } - $this->cache = $result; - } - } - - /** - * @return bool - */ - public function stream_close() { - - $this->flush(); - - // if there is no valid private key return false - if ($this->privateKey === false) { - - // cleanup - if ($this->meta['mode'] !== 'r' && $this->meta['mode'] !== 'rb' && !$this->isLocalTmpFile) { - - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - if ($this->rootView->file_exists($this->rawPath) && $this->size === $this->headerSize) { - fclose($this->handle); - $this->rootView->unlink($this->rawPath); - } - - // Re-enable proxy - our work is done - \OC_FileProxy::$enabled = $proxyStatus; - } - - // if private key is not valid redirect user to a error page - Helper::redirectToErrorPage($this->session); - } - - if ( - $this->meta['mode'] !== 'r' && - $this->meta['mode'] !== 'rb' && - $this->isLocalTmpFile === false && - $this->size > $this->headerSize && - $this->unencryptedSize > 0 - ) { - - // only write keyfiles if it was a new file - if ($this->newFile === true) { - - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // Fetch user's public key - $this->publicKey = Keymanager::getPublicKey($this->rootView, $this->keyId); - - // Check if OC sharing api is enabled - $sharingEnabled = \OCP\Share::isEnabled(); - - // Get all users sharing the file includes current user - $uniqueUserIds = $this->util->getSharingUsersArray($sharingEnabled, $this->relPath); - $checkedUserIds = $this->util->filterShareReadyUsers($uniqueUserIds); - - // Fetch public keys for all sharing users - $publicKeys = Keymanager::getPublicKeys($this->rootView, $checkedUserIds['ready']); - - // Encrypt enc key for all sharing users - $this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys); - - // Save the new encrypted file key - Keymanager::setFileKey($this->rootView, $this->util, $this->relPath, $this->encKeyfiles['data']); - - // Save the sharekeys - Keymanager::setShareKeys($this->rootView, $this->util, $this->relPath, $this->encKeyfiles['keys']); - - // Re-enable proxy - our work is done - \OC_FileProxy::$enabled = $proxyStatus; - } - - // we need to update the file info for the real file, not for the - // part file. - $path = Helper::stripPartialFileExtension($this->rawPath); - - $fileInfo = array( - 'mimetype' => $this->rootView->getMimeType($this->rawPath), - 'encrypted' => true, - 'unencrypted_size' => $this->unencryptedSize, - ); - - // if we write a part file we also store the unencrypted size for - // the part file so that it can be re-used later - $this->rootView->putFileInfo($this->rawPath, $fileInfo); - if ($path !== $this->rawPath) { - $this->rootView->putFileInfo($path, $fileInfo); - } - - } - - $result = fclose($this->handle); - - if ($result === false) { - \OCP\Util::writeLog('Encryption library', 'Could not close stream, file could be corrupted', \OCP\Util::FATAL); - } - - return $result; - - } - -} diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php deleted file mode 100644 index d8dd96d653..0000000000 --- a/apps/files_encryption/lib/util.php +++ /dev/null @@ -1,1700 +0,0 @@ - - * @author Björn Schießle - * @author Florin Peter - * @author jknockaert - * @author Joas Schilling - * @author Jörn Friedrich Dreyer - * @author Markus Goetz - * @author Morris Jobke - * @author Robin Appelman - * @author Robin McCorkell - * @author Sam Tuke - * @author Thomas Müller - * @author Vincent Petry - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption; - -/** - * Class for utilities relating to encrypted file storage system - * @param \OC\Files\View $view expected to have OC '/' as root path - * @param string $userId ID of the logged in user - * @param int $client indicating status of client side encryption. Currently - * unused, likely to become obsolete shortly - */ - -class Util { - - const MIGRATION_COMPLETED = 1; // migration to new encryption completed - const MIGRATION_IN_PROGRESS = -1; // migration is running - const MIGRATION_OPEN = 0; // user still needs to be migrated - - const FILE_TYPE_FILE = 0; - const FILE_TYPE_VERSION = 1; - const FILE_TYPE_CACHE = 2; - - /** - * @var \OC\Files\View - */ - private $view; // OC\Files\View object for filesystem operations - - /** - * @var string - */ - private $userId; // ID of the user we use to encrypt/decrypt files - - /** - * @var string - */ - private $keyId; // ID of the key we want to manipulate - - /** - * @var bool - */ - private $client; // Client side encryption mode flag - - /** - * @var string - */ - private $publicKeyDir; // Dir containing all public user keys - - /** - * @var string - */ - private $encryptionDir; // Dir containing user's files_encryption - - /** - * @var string - */ - private $keysPath; // Dir containing all file related encryption keys - - /** - * @var string - */ - private $publicKeyPath; // Path to user's public key - - /** - * @var string - */ - private $privateKeyPath; // Path to user's private key - - /** - * @var string - */ - private $userFilesDir; - - /** - * @var string - */ - private $publicShareKeyId; - - /** - * @var string - */ - private $recoveryKeyId; - - /** - * @var bool - */ - private $isPublic; - - /** - * @param \OC\Files\View $view - * @param string $userId - * @param bool $client - */ - public function __construct($view, $userId, $client = false) { - - $this->view = $view; - $this->client = $client; - $this->userId = $userId; - - $appConfig = \OC::$server->getAppConfig(); - - $this->publicShareKeyId = $appConfig->getValue('files_encryption', 'publicShareKeyId'); - $this->recoveryKeyId = $appConfig->getValue('files_encryption', 'recoveryKeyId'); - - $this->userDir = '/' . $this->userId; - $this->fileFolderName = 'files'; - $this->userFilesDir = - '/' . $userId . '/' . $this->fileFolderName; // TODO: Does this need to be user configurable? - $this->publicKeyDir = Keymanager::getPublicKeyPath(); - $this->encryptionDir = '/' . $this->userId . '/' . 'files_encryption'; - $this->keysPath = $this->encryptionDir . '/' . 'keys'; - $this->publicKeyPath = - $this->publicKeyDir . '/' . $this->userId . '.publicKey'; // e.g. data/public-keys/admin.publicKey - $this->privateKeyPath = - $this->encryptionDir . '/' . $this->userId . '.privateKey'; // e.g. data/admin/admin.privateKey - // make sure that the owners home is mounted - \OC\Files\Filesystem::initMountPoints($userId); - - if (Helper::isPublicAccess()) { - $this->keyId = $this->publicShareKeyId; - $this->isPublic = true; - } else { - $this->keyId = $this->userId; - $this->isPublic = false; - } - } - - /** - * @return bool - */ - public function ready() { - - if ( - !$this->view->file_exists($this->encryptionDir) - or !$this->view->file_exists($this->keysPath) - or !$this->view->file_exists($this->publicKeyPath) - or !$this->view->file_exists($this->privateKeyPath) - ) { - return false; - } else { - return true; - } - } - - /** - * check if the users private & public key exists - * @return boolean - */ - public function userKeysExists() { - if ( - $this->view->file_exists($this->privateKeyPath) && - $this->view->file_exists($this->publicKeyPath)) { - return true; - } else { - return false; - } - } - - /** - * create a new public/private key pair for the user - * - * @param string $password password for the private key - */ - public function replaceUserKeys($password) { - $this->backupAllKeys('password_reset'); - $this->view->unlink($this->publicKeyPath); - $this->view->unlink($this->privateKeyPath); - $this->setupServerSide($password); - } - - /** - * Sets up user folders and keys for serverside encryption - * - * @param string $passphrase to encrypt server-stored private key with - * @return bool - */ - public function setupServerSide($passphrase = null) { - - // Set directories to check / create - $setUpDirs = array( - $this->userDir, - $this->publicKeyDir, - $this->encryptionDir, - $this->keysPath - ); - - // Check / create all necessary dirs - foreach ($setUpDirs as $dirPath) { - - if (!$this->view->file_exists($dirPath)) { - - $this->view->mkdir($dirPath); - - } - - } - - // Create user keypair - // we should never override a keyfile - if ( - !$this->view->file_exists($this->publicKeyPath) - && !$this->view->file_exists($this->privateKeyPath) - ) { - - // Generate keypair - $keypair = Crypt::createKeypair(); - - if ($keypair) { - - \OC_FileProxy::$enabled = false; - - // Encrypt private key with user pwd as passphrase - $encryptedPrivateKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], $passphrase, Helper::getCipher()); - - // Save key-pair - if ($encryptedPrivateKey) { - $header = crypt::generateHeader(); - $this->view->file_put_contents($this->privateKeyPath, $header . $encryptedPrivateKey); - $this->view->file_put_contents($this->publicKeyPath, $keypair['publicKey']); - } - - \OC_FileProxy::$enabled = true; - } - - } else { - // check if public-key exists but private-key is missing - if ($this->view->file_exists($this->publicKeyPath) && !$this->view->file_exists($this->privateKeyPath)) { - \OCP\Util::writeLog('Encryption library', - 'public key exists but private key is missing for "' . $this->keyId . '"', \OCP\Util::FATAL); - return false; - } else { - if (!$this->view->file_exists($this->publicKeyPath) && $this->view->file_exists($this->privateKeyPath) - ) { - \OCP\Util::writeLog('Encryption library', - 'private key exists but public key is missing for "' . $this->keyId . '"', \OCP\Util::FATAL); - return false; - } - } - } - - return true; - - } - - /** - * @return string - */ - public function getPublicShareKeyId() { - return $this->publicShareKeyId; - } - - /** - * Check whether pwd recovery is enabled for a given user - * @return bool 1 = yes, 0 = no, false = no record - * - * @note If records are not being returned, check for a hidden space - * at the start of the uid in db - */ - public function recoveryEnabledForUser() { - - $recoveryMode = \OC::$server->getConfig()->getUserValue($this->userId, 'files_encryption', 'recovery_enabled', '0'); - - return ($recoveryMode === '1') ? true : false; - - } - - /** - * Enable / disable pwd recovery for a given user - * @param bool $enabled Whether to enable or disable recovery - * @return bool - */ - public function setRecoveryForUser($enabled) { - - $value = $enabled ? '1' : '0'; - try { - \OC::$server->getConfig()->setUserValue($this->userId, 'files_encryption', 'recovery_enabled', $value); - return true; - } catch(\OCP\PreConditionNotMetException $e) { - return false; - } - - } - - /** - * Find all files and their encryption status within a directory - * @param string $directory The path of the parent directory to search - * @param bool $found the founded files if called again - * @return array keys: plain, encrypted, broken - * @note $directory needs to be a path relative to OC data dir. e.g. - * /admin/files NOT /backup OR /home/www/oc/data/admin/files - */ - public function findEncFiles($directory, &$found = false) { - - // Disable proxy - we don't want files to be decrypted before - // we handle them - \OC_FileProxy::$enabled = false; - - if ($found === false) { - $found = array( - 'plain' => array(), - 'encrypted' => array(), - 'broken' => array(), - ); - } - - if ($this->view->is_dir($directory) && $handle = $this->view->opendir($directory)){ - if (is_resource($handle)) { - while (false !== ($file = readdir($handle))) { - - if ($file !== "." && $file !== "..") { - // skip stray part files - if (Helper::isPartialFilePath($file)) { - continue; - } - - $filePath = $directory . '/' . $this->view->getRelativePath('/' . $file); - $relPath = Helper::stripUserFilesPath($filePath); - - // If the path is a directory, search - // its contents - if ($this->view->is_dir($filePath)) { - - $this->findEncFiles($filePath, $found); - - // If the path is a file, determine - // its encryption status - } elseif ($this->view->is_file($filePath)) { - - // Disable proxies again, some- - // where they got re-enabled :/ - \OC_FileProxy::$enabled = false; - - $isEncryptedPath = $this->isEncryptedPath($filePath); - // If the file is encrypted - // NOTE: If the userId is - // empty or not set, file will - // detected as plain - // NOTE: This is inefficient; - // scanning every file like this - // will eat server resources :( - if ($isEncryptedPath) { - - $fileKey = Keymanager::getFileKey($this->view, $this, $relPath); - $shareKey = Keymanager::getShareKey($this->view, $this->userId, $this, $relPath); - // if file is encrypted but now file key is available, throw exception - if ($fileKey === false || $shareKey === false) { - \OCP\Util::writeLog('encryption library', 'No keys available to decrypt the file: ' . $filePath, \OCP\Util::ERROR); - $found['broken'][] = array( - 'name' => $file, - 'path' => $filePath, - ); - } else { - $found['encrypted'][] = array( - 'name' => $file, - 'path' => $filePath, - ); - } - - // If the file is not encrypted - } else { - - $found['plain'][] = array( - 'name' => $file, - 'path' => $relPath - ); - } - } - } - } - } - } - - \OC_FileProxy::$enabled = true; - - return $found; - } - - /** - * Check if a given path identifies an encrypted file - * @param string $path - * @return boolean - */ - public function isEncryptedPath($path) { - - // Disable encryption proxy so data retrieved is in its - // original form - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - $data = ''; - - // we only need 24 byte from the last chunk - if ($this->view->file_exists($path)) { - $handle = $this->view->fopen($path, 'r'); - if (is_resource($handle)) { - // suppress fseek warining, we handle the case that fseek doesn't - // work in the else branch - if (@fseek($handle, -24, SEEK_END) === 0) { - $data = fgets($handle); - } else { - // if fseek failed on the storage we create a local copy from the file - // and read this one - fclose($handle); - $localFile = $this->view->getLocalFile($path); - $handle = fopen($localFile, 'r'); - if (is_resource($handle) && fseek($handle, -24, SEEK_END) === 0) { - $data = fgets($handle); - } - } - fclose($handle); - } - } - - // re-enable proxy - \OC_FileProxy::$enabled = $proxyStatus; - - return Crypt::isCatfileContent($data); - } - - /** - * get the file size of the unencrypted file - * @param string $path absolute path - * @return bool - */ - public function getFileSize($path) { - - $result = 0; - - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // split the path parts - $pathParts = explode('/', $path); - - if (isset($pathParts[2]) && $pathParts[2] === 'files' && $this->view->file_exists($path) - && $this->isEncryptedPath($path) - ) { - - $cipher = 'AES-128-CFB'; - $realSize = 0; - - // get the size from filesystem - $size = $this->view->filesize($path); - - // open stream - $stream = $this->view->fopen($path, "r"); - - if (is_resource($stream)) { - - // if the file contains a encryption header we - // we set the cipher - // and we update the size - if ($this->containHeader($path)) { - $data = fread($stream,Crypt::BLOCKSIZE); - $header = Crypt::parseHeader($data); - $cipher = Crypt::getCipher($header); - $size -= Crypt::BLOCKSIZE; - } - - // fast path, else the calculation for $lastChunkNr is bogus - if ($size === 0) { - \OC_FileProxy::$enabled = $proxyStatus; - return 0; - } - - // calculate last chunk nr - // next highest is end of chunks, one subtracted is last one - // we have to read the last chunk, we can't just calculate it (because of padding etc) - $lastChunkNr = ceil($size/Crypt::BLOCKSIZE)-1; - - // calculate last chunk position - $lastChunkPos = ($lastChunkNr * Crypt::BLOCKSIZE); - - // get the content of the last chunk - if (@fseek($stream, $lastChunkPos, SEEK_CUR) === 0) { - $realSize+=$lastChunkNr*6126; - } - $lastChunkContentEncrypted=''; - $count=Crypt::BLOCKSIZE; - while ($count>0) { - $data=fread($stream,Crypt::BLOCKSIZE); - $count=strlen($data); - $lastChunkContentEncrypted.=$data; - if(strlen($lastChunkContentEncrypted)>Crypt::BLOCKSIZE) { - $realSize+=6126; - $lastChunkContentEncrypted=substr($lastChunkContentEncrypted,Crypt::BLOCKSIZE); - } - } - fclose($stream); - $relPath = Helper::stripUserFilesPath($path); - $shareKey = Keymanager::getShareKey($this->view, $this->keyId, $this, $relPath); - if($shareKey===false) { - \OC_FileProxy::$enabled = $proxyStatus; - return $result; - } - $session = new Session($this->view); - $privateKey = $session->getPrivateKey(); - $plainKeyfile = $this->decryptKeyfile($relPath, $privateKey); - $plainKey = Crypt::multiKeyDecrypt($plainKeyfile, $shareKey, $privateKey); - $lastChunkContent=Crypt::symmetricDecryptFileContent($lastChunkContentEncrypted, $plainKey, $cipher); - - // calc the real file size with the size of the last chunk - $realSize += strlen($lastChunkContent); - - // store file size - $result = $realSize; - } - } - - \OC_FileProxy::$enabled = $proxyStatus; - - return $result; - } - - /** - * check if encrypted file contain a encryption header - * - * @param string $path - * @return boolean - */ - private function containHeader($path) { - // Disable encryption proxy to read the raw data - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - $isHeader = false; - $handle = $this->view->fopen($path, 'r'); - - if (is_resource($handle)) { - $firstBlock = fread($handle, Crypt::BLOCKSIZE); - $isHeader = Crypt::isHeader($firstBlock); - } - - \OC_FileProxy::$enabled = $proxyStatus; - - return $isHeader; - } - - /** - * fix the file size of the encrypted file - * @param string $path absolute path - * @return boolean true / false if file is encrypted - */ - public function fixFileSize($path) { - - $result = false; - - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - $realSize = $this->getFileSize($path); - - if ($realSize > 0) { - - $cached = $this->view->getFileInfo($path); - $cached['encrypted'] = true; - - // set the size - $cached['unencrypted_size'] = $realSize; - - // put file info - $this->view->putFileInfo($path, $cached); - - $result = true; - - } - - \OC_FileProxy::$enabled = $proxyStatus; - - return $result; - } - - /** - * encrypt versions from given file - * @param array $filelist list of encrypted files, relative to data/user/files - * @return boolean - */ - private function encryptVersions($filelist) { - - $successful = true; - - if (\OCP\App::isEnabled('files_versions')) { - - foreach ($filelist as $filename) { - - $versions = \OCA\Files_Versions\Storage::getVersions($this->userId, $filename); - foreach ($versions as $version) { - - $path = '/' . $this->userId . '/files_versions/' . $version['path'] . '.v' . $version['version']; - - $encHandle = fopen('crypt://' . $path . '.part', 'wb'); - - if ($encHandle === false) { - \OCP\Util::writeLog('Encryption library', 'couldn\'t open "' . $path . '", decryption failed!', \OCP\Util::FATAL); - $successful = false; - continue; - } - - $plainHandle = $this->view->fopen($path, 'rb'); - if ($plainHandle === false) { - \OCP\Util::writeLog('Encryption library', 'couldn\'t open "' . $path . '.part", decryption failed!', \OCP\Util::FATAL); - $successful = false; - continue; - } - - stream_copy_to_stream($plainHandle, $encHandle); - - fclose($encHandle); - fclose($plainHandle); - - $this->view->rename($path . '.part', $path); - } - } - } - - return $successful; - } - - /** - * decrypt versions from given file - * @param string $filelist list of decrypted files, relative to data/user/files - * @return boolean - */ - private function decryptVersions($filelist) { - - $successful = true; - - if (\OCP\App::isEnabled('files_versions')) { - - foreach ($filelist as $filename) { - - $versions = \OCA\Files_Versions\Storage::getVersions($this->userId, $filename); - foreach ($versions as $version) { - - $path = '/' . $this->userId . '/files_versions/' . $version['path'] . '.v' . $version['version']; - - $encHandle = fopen('crypt://' . $path, 'rb'); - - if ($encHandle === false) { - \OCP\Util::writeLog('Encryption library', 'couldn\'t open "' . $path . '", decryption failed!', \OCP\Util::FATAL); - $successful = false; - continue; - } - - $plainHandle = $this->view->fopen($path . '.part', 'wb'); - if ($plainHandle === false) { - \OCP\Util::writeLog('Encryption library', 'couldn\'t open "' . $path . '.part", decryption failed!', \OCP\Util::FATAL); - $successful = false; - continue; - } - - stream_copy_to_stream($encHandle, $plainHandle); - - fclose($encHandle); - fclose($plainHandle); - - $this->view->rename($path . '.part', $path); - } - } - } - - return $successful; - } - - /** - * Decrypt all files - * @return bool - */ - public function decryptAll() { - - $found = $this->findEncFiles($this->userId . '/files'); - - $successful = true; - - if ($found) { - - $versionStatus = \OCP\App::isEnabled('files_versions'); - \OC_App::disable('files_versions'); - - $decryptedFiles = array(); - - // Encrypt unencrypted files - foreach ($found['encrypted'] as $encryptedFile) { - - //relative to data//file - $relPath = Helper::stripUserFilesPath($encryptedFile['path']); - - //get file info - $fileInfo = \OC\Files\Filesystem::getFileInfo($relPath); - - //relative to /data - $rawPath = $encryptedFile['path']; - - //get timestamp - $timestamp = $fileInfo['mtime']; - - //enable proxy to use OC\Files\View to access the original file - \OC_FileProxy::$enabled = true; - - // Open enc file handle for binary reading - $encHandle = $this->view->fopen($rawPath, 'rb'); - - // Disable proxy to prevent file being encrypted again - \OC_FileProxy::$enabled = false; - - if ($encHandle === false) { - \OCP\Util::writeLog('Encryption library', 'couldn\'t open "' . $rawPath . '", decryption failed!', \OCP\Util::FATAL); - $successful = false; - continue; - } - - // Open plain file handle for binary writing, with same filename as original plain file - $plainHandle = $this->view->fopen($rawPath . '.part', 'wb'); - if ($plainHandle === false) { - \OCP\Util::writeLog('Encryption library', 'couldn\'t open "' . $rawPath . '.part", decryption failed!', \OCP\Util::FATAL); - $successful = false; - continue; - } - - // Move plain file to a temporary location - $size = stream_copy_to_stream($encHandle, $plainHandle); - if ($size === 0) { - \OCP\Util::writeLog('Encryption library', 'Zero bytes copied of "' . $rawPath . '", decryption failed!', \OCP\Util::FATAL); - $successful = false; - continue; - } - - fclose($encHandle); - fclose($plainHandle); - - $fakeRoot = $this->view->getRoot(); - $this->view->chroot('/' . $this->userId . '/files'); - - $this->view->rename($relPath . '.part', $relPath); - - //set timestamp - $this->view->touch($relPath, $timestamp); - - $this->view->chroot($fakeRoot); - - // Add the file to the cache - \OC\Files\Filesystem::putFileInfo($relPath, array( - 'encrypted' => false, - 'size' => $size, - 'unencrypted_size' => 0, - 'etag' => $fileInfo['etag'] - )); - - $decryptedFiles[] = $relPath; - - } - - if ($versionStatus) { - \OC_App::enable('files_versions'); - } - - if (!$this->decryptVersions($decryptedFiles)) { - $successful = false; - } - - // if there are broken encrypted files than the complete decryption - // was not successful - if (!empty($found['broken'])) { - $successful = false; - } - - if ($successful) { - $this->backupAllKeys('decryptAll', false, false); - $this->view->deleteAll($this->keysPath); - } - - \OC_FileProxy::$enabled = true; - } - - return $successful; - } - - /** - * Encrypt all files in a directory - * @param string $dirPath the directory whose files will be encrypted - * @return bool - * @note Encryption is recursive - */ - public function encryptAll($dirPath) { - - $result = true; - - $found = $this->findEncFiles($dirPath); - - // Disable proxy to prevent file being encrypted twice - \OC_FileProxy::$enabled = false; - - $versionStatus = \OCP\App::isEnabled('files_versions'); - \OC_App::disable('files_versions'); - - $encryptedFiles = array(); - - // Encrypt unencrypted files - foreach ($found['plain'] as $plainFile) { - - //get file info - $fileInfo = \OC\Files\Filesystem::getFileInfo($plainFile['path']); - - //relative to data//file - $relPath = $plainFile['path']; - - //relative to /data - $rawPath = '/' . $this->userId . '/files/' . $plainFile['path']; - - // keep timestamp - $timestamp = $fileInfo['mtime']; - - // Open plain file handle for binary reading - $plainHandle = $this->view->fopen($rawPath, 'rb'); - - // Open enc file handle for binary writing, with same filename as original plain file - $encHandle = fopen('crypt://' . $rawPath . '.part', 'wb'); - - if (is_resource($encHandle) && is_resource($plainHandle)) { - // Move plain file to a temporary location - $size = stream_copy_to_stream($plainHandle, $encHandle); - - fclose($encHandle); - fclose($plainHandle); - - $fakeRoot = $this->view->getRoot(); - $this->view->chroot('/' . $this->userId . '/files'); - - $this->view->rename($relPath . '.part', $relPath); - - // set timestamp - $this->view->touch($relPath, $timestamp); - - $encSize = $this->view->filesize($relPath); - - $this->view->chroot($fakeRoot); - - // Add the file to the cache - \OC\Files\Filesystem::putFileInfo($relPath, array( - 'encrypted' => true, - 'size' => $encSize, - 'unencrypted_size' => $size, - 'etag' => $fileInfo['etag'] - )); - - $encryptedFiles[] = $relPath; - } else { - \OCP\Util::writeLog('files_encryption', 'initial encryption: could not encrypt ' . $rawPath, \OCP\Util::FATAL); - $result = false; - } - } - - \OC_FileProxy::$enabled = true; - - if ($versionStatus) { - \OC_App::enable('files_versions'); - } - - $result = $result && $this->encryptVersions($encryptedFiles); - - return $result; - - } - - /** - * Return important encryption related paths - * @param string $pathName Name of the directory to return the path of - * @return string path - */ - public function getPath($pathName) { - - switch ($pathName) { - - case 'publicKeyDir': - - return $this->publicKeyDir; - - break; - - case 'encryptionDir': - - return $this->encryptionDir; - - break; - - case 'keysPath': - - return $this->keysPath; - - break; - - case 'publicKeyPath': - - return $this->publicKeyPath; - - break; - - case 'privateKeyPath': - - return $this->privateKeyPath; - - break; - } - - return false; - - } - - /** - * Returns whether the given user is ready for encryption. - * Also returns true if the given user is the public user - * or the recovery key user. - * - * @param string $user user to check - * - * @return boolean true if the user is ready, false otherwise - */ - private function isUserReady($user) { - if ($user === $this->publicShareKeyId - || $user === $this->recoveryKeyId - ) { - return true; - } - $util = new Util($this->view, $user); - return $util->ready(); - } - - /** - * Filter an array of UIDs to return only ones ready for sharing - * @param array $unfilteredUsers users to be checked for sharing readiness - * @return array as multi-dimensional array. keys: ready, unready - */ - public function filterShareReadyUsers($unfilteredUsers) { - - // This array will collect the filtered IDs - $readyIds = $unreadyIds = array(); - - // Loop through users and create array of UIDs that need new keyfiles - foreach ($unfilteredUsers as $user) { - // Check that the user is encryption capable, or is the - // public system user (for public shares) - if ($this->isUserReady($user)) { - - // Construct array of ready UIDs for Keymanager{} - $readyIds[] = $user; - - } else { - - // Construct array of unready UIDs for Keymanager{} - $unreadyIds[] = $user; - - // Log warning; we can't do necessary setup here - // because we don't have the user passphrase - \OCP\Util::writeLog('Encryption library', - '"' . $user . '" is not setup for encryption', \OCP\Util::WARN); - - } - - } - - return array( - 'ready' => $readyIds, - 'unready' => $unreadyIds - ); - - } - - /** - * Decrypt a keyfile - * @param string $filePath - * @param string $privateKey - * @return false|string - */ - private function decryptKeyfile($filePath, $privateKey) { - - // Get the encrypted keyfile - $encKeyfile = Keymanager::getFileKey($this->view, $this, $filePath); - - // The file has a shareKey and must use it for decryption - $shareKey = Keymanager::getShareKey($this->view, $this->keyId, $this, $filePath); - - $plainKeyfile = Crypt::multiKeyDecrypt($encKeyfile, $shareKey, $privateKey); - - return $plainKeyfile; - } - - /** - * Encrypt keyfile to multiple users - * @param Session $session - * @param array $users list of users which should be able to access the file - * @param string $filePath path of the file to be shared - * @return bool - */ - public function setSharedFileKeyfiles(Session $session, array $users, $filePath) { - - // Make sure users are capable of sharing - $filteredUids = $this->filterShareReadyUsers($users); - - // If we're attempting to share to unready users - if (!empty($filteredUids['unready'])) { - - \OCP\Util::writeLog('Encryption library', - 'Sharing to these user(s) failed as they are unready for encryption:"' - . print_r($filteredUids['unready'], 1), \OCP\Util::WARN); - - return false; - - } - - // Get public keys for each user, ready for generating sharekeys - $userPubKeys = Keymanager::getPublicKeys($this->view, $filteredUids['ready']); - - // Note proxy status then disable it - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // Get the current users's private key for decrypting existing keyfile - $privateKey = $session->getPrivateKey(); - - try { - // Decrypt keyfile - $plainKeyfile = $this->decryptKeyfile($filePath, $privateKey); - // Re-enc keyfile to (additional) sharekeys - $multiEncKey = Crypt::multiKeyEncrypt($plainKeyfile, $userPubKeys); - } catch (Exception\EncryptionException $e) { - $msg = 'set shareFileKeyFailed (code: ' . $e->getCode() . '): ' . $e->getMessage(); - \OCP\Util::writeLog('files_encryption', $msg, \OCP\Util::FATAL); - return false; - } catch (\Exception $e) { - $msg = 'set shareFileKeyFailed (unknown error): ' . $e->getMessage(); - \OCP\Util::writeLog('files_encryption', $msg, \OCP\Util::FATAL); - return false; - } - - // Save the recrypted key to it's owner's keyfiles directory - // Save new sharekeys to all necessary user directory - if ( - !Keymanager::setFileKey($this->view, $this, $filePath, $multiEncKey['data']) - || !Keymanager::setShareKeys($this->view, $this, $filePath, $multiEncKey['keys']) - ) { - - \OCP\Util::writeLog('Encryption library', - 'Keyfiles could not be saved for users sharing ' . $filePath, \OCP\Util::ERROR); - - return false; - - } - - // Return proxy to original status - \OC_FileProxy::$enabled = $proxyStatus; - - return true; - } - - /** - * Find, sanitise and format users sharing a file - * @note This wraps other methods into a portable bundle - * @param boolean $sharingEnabled - * @param string $filePath path relativ to current users files folder - */ - public function getSharingUsersArray($sharingEnabled, $filePath) { - - $appConfig = \OC::$server->getAppConfig(); - - // Check if key recovery is enabled - if ( - $appConfig->getValue('files_encryption', 'recoveryAdminEnabled') - && $this->recoveryEnabledForUser() - ) { - $recoveryEnabled = true; - } else { - $recoveryEnabled = false; - } - - // Make sure that a share key is generated for the owner too - list($owner, $ownerPath) = $this->getUidAndFilename($filePath); - - $ownerPath = Helper::stripPartialFileExtension($ownerPath); - - // always add owner to the list of users with access to the file - $userIds = array($owner); - - if ($sharingEnabled) { - - // Find out who, if anyone, is sharing the file - $result = \OCP\Share::getUsersSharingFile($ownerPath, $owner); - $userIds = \array_merge($userIds, $result['users']); - if ($result['public'] || $result['remote']) { - $userIds[] = $this->publicShareKeyId; - } - - } - - // If recovery is enabled, add the - // Admin UID to list of users to share to - if ($recoveryEnabled) { - // Find recoveryAdmin user ID - $recoveryKeyId = $appConfig->getValue('files_encryption', 'recoveryKeyId'); - // Add recoveryAdmin to list of users sharing - $userIds[] = $recoveryKeyId; - } - - // check if it is a group mount - if (\OCP\App::isEnabled("files_external")) { - $mounts = \OC_Mount_Config::getSystemMountPoints(); - foreach ($mounts as $mount) { - if ($mount['mountpoint'] == substr($ownerPath, 1, strlen($mount['mountpoint']))) { - $userIds = array_merge($userIds, $this->getUserWithAccessToMountPoint($mount['applicable']['users'], $mount['applicable']['groups'])); - } - } - } - - // Remove duplicate UIDs - $uniqueUserIds = array_unique($userIds); - - return $uniqueUserIds; - - } - - private function getUserWithAccessToMountPoint($users, $groups) { - $result = array(); - if (in_array('all', $users)) { - $result = \OCP\User::getUsers(); - } else { - $result = array_merge($result, $users); - foreach ($groups as $group) { - $result = array_merge($result, \OC_Group::usersInGroup($group)); - } - } - - return $result; - } - - /** - * set migration status - * @param int $status - * @param int $preCondition only update migration status if the previous value equals $preCondition - * @return boolean - */ - private function setMigrationStatus($status, $preCondition = null) { - - // convert to string if preCondition is set - $preCondition = ($preCondition === null) ? null : (string)$preCondition; - - try { - \OC::$server->getConfig()->setUserValue($this->userId, 'files_encryption', 'migration_status', (string)$status, $preCondition); - return true; - } catch(\OCP\PreConditionNotMetException $e) { - return false; - } - - } - - /** - * start migration mode to initially encrypt users data - * @return boolean - */ - public function beginMigration() { - - $result = $this->setMigrationStatus(self::MIGRATION_IN_PROGRESS, self::MIGRATION_OPEN); - - if ($result) { - \OCP\Util::writeLog('Encryption library', "Start migration to encryption mode for " . $this->userId, \OCP\Util::INFO); - } else { - \OCP\Util::writeLog('Encryption library', "Could not activate migration mode for " . $this->userId . ". Probably another process already started the initial encryption", \OCP\Util::WARN); - } - - return $result; - } - - public function resetMigrationStatus() { - return $this->setMigrationStatus(self::MIGRATION_OPEN); - - } - - /** - * close migration mode after users data has been encrypted successfully - * @return boolean - */ - public function finishMigration() { - $result = $this->setMigrationStatus(self::MIGRATION_COMPLETED); - - if ($result) { - \OCP\Util::writeLog('Encryption library', "Finish migration successfully for " . $this->userId, \OCP\Util::INFO); - } else { - \OCP\Util::writeLog('Encryption library', "Could not deactivate migration mode for " . $this->userId, \OCP\Util::WARN); - } - - return $result; - } - - /** - * check if files are already migrated to the encryption system - * @return int|false migration status, false = in case of no record - * @note If records are not being returned, check for a hidden space - * at the start of the uid in db - */ - public function getMigrationStatus() { - - $migrationStatus = false; - if (\OCP\User::userExists($this->userId)) { - $migrationStatus = \OC::$server->getConfig()->getUserValue($this->userId, 'files_encryption', 'migration_status', null); - if ($migrationStatus === null) { - \OC::$server->getConfig()->setUserValue($this->userId, 'files_encryption', 'migration_status', (string)self::MIGRATION_OPEN); - $migrationStatus = self::MIGRATION_OPEN; - } - } - - return (int)$migrationStatus; - - } - - /** - * get uid of the owners of the file and the path to the file - * @param string $path Path of the file to check - * @throws \Exception - * @note $shareFilePath must be relative to data/UID/files. Files - * relative to /Shared are also acceptable - * @return array - */ - public function getUidAndFilename($path) { - - $pathinfo = pathinfo($path); - $partfile = false; - $parentFolder = false; - if (array_key_exists('extension', $pathinfo) && $pathinfo['extension'] === 'part') { - // if the real file exists we check this file - $filePath = $this->userFilesDir . '/' .$pathinfo['dirname'] . '/' . $pathinfo['filename']; - if ($this->view->file_exists($filePath)) { - $pathToCheck = $pathinfo['dirname'] . '/' . $pathinfo['filename']; - } else { // otherwise we look for the parent - $pathToCheck = $pathinfo['dirname']; - $parentFolder = true; - } - $partfile = true; - } else { - $pathToCheck = $path; - } - - $view = new \OC\Files\View($this->userFilesDir); - $fileOwnerUid = $view->getOwner($pathToCheck); - - // handle public access - if ($this->isPublic) { - return array($this->userId, $path); - } else { - - // Check that UID is valid - if (!\OCP\User::userExists($fileOwnerUid)) { - throw new \Exception( - 'Could not find owner (UID = "' . var_export($fileOwnerUid, 1) . '") of file "' . $path . '"'); - } - - // NOTE: Bah, this dependency should be elsewhere - \OC\Files\Filesystem::initMountPoints($fileOwnerUid); - - // If the file owner is the currently logged in user - if ($fileOwnerUid === $this->userId) { - - // Assume the path supplied is correct - $filename = $path; - - } else { - $info = $view->getFileInfo($pathToCheck); - $ownerView = new \OC\Files\View('/' . $fileOwnerUid . '/files'); - - // Fetch real file path from DB - $filename = $ownerView->getPath($info['fileid']); - if ($parentFolder) { - $filename = $filename . '/'. $pathinfo['filename']; - } - - if ($partfile) { - $filename = $filename . '.' . $pathinfo['extension']; - } - - } - - return array( - $fileOwnerUid, - \OC\Files\Filesystem::normalizePath($filename) - ); - } - } - - /** - * go recursively through a dir and collect all files and sub files. - * @param string $dir relative to the users files folder - * @return array with list of files relative to the users files folder - */ - public function getAllFiles($dir, $mountPoint = '') { - $result = array(); - $dirList = array($dir); - - while ($dirList) { - $dir = array_pop($dirList); - $content = $this->view->getDirectoryContent(\OC\Files\Filesystem::normalizePath( - $this->userFilesDir . '/' . $dir)); - - foreach ($content as $c) { - // getDirectoryContent() returns the paths relative to the mount points, so we need - // to re-construct the complete path - $path = ($mountPoint !== '') ? $mountPoint . '/' . $c['path'] : $c['path']; - $path = \OC\Files\Filesystem::normalizePath($path); - if ($c['type'] === 'dir') { - $dirList[] = substr($path, strlen('/' . \OCP\User::getUser() . "/files")); - } else { - $result[] = substr($path, strlen('/' . \OCP\User::getUser() . "/files")); - } - } - - } - - return $result; - } - - /** - * get owner of the shared files. - * @param int $id ID of a share - * @return string owner - */ - public function getOwnerFromSharedFile($id) { - - $query = \OCP\DB::prepare('SELECT `parent`, `uid_owner` FROM `*PREFIX*share` WHERE `id` = ?', 1); - - $result = $query->execute(array($id)); - - $source = null; - if (\OCP\DB::isError($result)) { - \OCP\Util::writeLog('Encryption library', \OC_DB::getErrorMessage($result), \OCP\Util::ERROR); - } else { - $source = $result->fetchRow(); - } - - $fileOwner = false; - - if ($source && isset($source['parent'])) { - - $parent = $source['parent']; - - while (isset($parent)) { - - $query = \OCP\DB::prepare('SELECT `parent`, `uid_owner` FROM `*PREFIX*share` WHERE `id` = ?', 1); - - $result = $query->execute(array($parent)); - - $item = null; - if (\OCP\DB::isError($result)) { - \OCP\Util::writeLog('Encryption library', \OC_DB::getErrorMessage($result), \OCP\Util::ERROR); - } else { - $item = $result->fetchRow(); - } - - if ($item && isset($item['parent'])) { - - $parent = $item['parent']; - - } else { - - $fileOwner = $item['uid_owner']; - - break; - - } - } - - } else { - - $fileOwner = $source['uid_owner']; - - } - - return $fileOwner; - - } - - /** - * @return string - */ - public function getUserId() { - return $this->userId; - } - - /** - * @return string - */ - public function getKeyId() { - return $this->keyId; - } - - /** - * @return string - */ - public function getUserFilesDir() { - return $this->userFilesDir; - } - - /** - * @param string $password - * @return bool - */ - public function checkRecoveryPassword($password) { - - $result = false; - - $recoveryKey = Keymanager::getPrivateSystemKey($this->recoveryKeyId); - $decryptedRecoveryKey = Crypt::decryptPrivateKey($recoveryKey, $password); - - if ($decryptedRecoveryKey) { - $result = true; - } - - return $result; - } - - /** - * @return string - */ - public function getRecoveryKeyId() { - return $this->recoveryKeyId; - } - - /** - * add recovery key to all encrypted files - */ - public function addRecoveryKeys($path = '/') { - $dirContent = $this->view->getDirectoryContent($this->keysPath . '/' . $path); - foreach ($dirContent as $item) { - // get relative path from files_encryption/keyfiles/ - $filePath = substr($item['path'], strlen('files_encryption/keys')); - if ($this->view->is_dir($this->userFilesDir . '/' . $filePath)) { - $this->addRecoveryKeys($filePath . '/'); - } else { - $session = new Session(new \OC\Files\View('/')); - $sharingEnabled = \OCP\Share::isEnabled(); - $usersSharing = $this->getSharingUsersArray($sharingEnabled, $filePath); - $this->setSharedFileKeyfiles($session, $usersSharing, $filePath); - } - } - } - - /** - * remove recovery key to all encrypted files - */ - public function removeRecoveryKeys($path = '/') { - $dirContent = $this->view->getDirectoryContent($this->keysPath . '/' . $path); - foreach ($dirContent as $item) { - // get relative path from files_encryption/keyfiles - $filePath = substr($item['path'], strlen('files_encryption/keys')); - if ($this->view->is_dir($this->userFilesDir . '/' . $filePath)) { - $this->removeRecoveryKeys($filePath . '/'); - } else { - $this->view->unlink($this->keysPath . '/' . $filePath . '/' . $this->recoveryKeyId . '.shareKey'); - } - } - } - - /** - * decrypt given file with recovery key and encrypt it again to the owner and his new key - * @param string $file - * @param string $privateKey recovery key to decrypt the file - */ - private function recoverFile($file, $privateKey) { - - $sharingEnabled = \OCP\Share::isEnabled(); - - // Find out who, if anyone, is sharing the file - if ($sharingEnabled) { - $result = \OCP\Share::getUsersSharingFile($file, $this->userId, true); - $userIds = $result['users']; - $userIds[] = $this->recoveryKeyId; - if ($result['public']) { - $userIds[] = $this->publicShareKeyId; - } - } else { - $userIds = array( - $this->userId, - $this->recoveryKeyId - ); - } - $filteredUids = $this->filterShareReadyUsers($userIds); - - //decrypt file key - $encKeyfile = Keymanager::getFileKey($this->view, $this, $file); - $shareKey = Keymanager::getShareKey($this->view, $this->recoveryKeyId, $this, $file); - $plainKeyfile = Crypt::multiKeyDecrypt($encKeyfile, $shareKey, $privateKey); - // encrypt file key again to all users, this time with the new public key for the recovered use - $userPubKeys = Keymanager::getPublicKeys($this->view, $filteredUids['ready']); - $multiEncKey = Crypt::multiKeyEncrypt($plainKeyfile, $userPubKeys); - - Keymanager::setFileKey($this->view, $this, $file, $multiEncKey['data']); - Keymanager::setShareKeys($this->view, $this, $file, $multiEncKey['keys']); - - } - - /** - * collect all files and recover them one by one - * @param string $path to look for files keys - * @param string $privateKey private recovery key which is used to decrypt the files - */ - private function recoverAllFiles($path, $privateKey) { - $dirContent = $this->view->getDirectoryContent($this->keysPath . '/' . $path); - foreach ($dirContent as $item) { - // get relative path from files_encryption/keyfiles - $filePath = substr($item['path'], strlen('files_encryption/keys')); - if ($this->view->is_dir($this->userFilesDir . '/' . $filePath)) { - $this->recoverAllFiles($filePath . '/', $privateKey); - } else { - $this->recoverFile($filePath, $privateKey); - } - } - } - - /** - * recover users files in case of password lost - * @param string $recoveryPassword - */ - public function recoverUsersFiles($recoveryPassword) { - - $encryptedKey = Keymanager::getPrivateSystemKey( $this->recoveryKeyId); - $privateKey = Crypt::decryptPrivateKey($encryptedKey, $recoveryPassword); - - $this->recoverAllFiles('/', $privateKey); - } - - /** - * create a backup of all keys from the user - * - * @param string $purpose define the purpose of the backup, will be part of the backup folder name - * @param boolean $timestamp (optional) should a timestamp be added, default true - * @param boolean $includeUserKeys (optional) include users private-/public-key, default true - */ - public function backupAllKeys($purpose, $timestamp = true, $includeUserKeys = true) { - $this->userId; - $backupDir = $this->encryptionDir . '/backup.' . $purpose; - $backupDir .= ($timestamp) ? '.' . date("Y-m-d_H-i-s") . '/' : '/'; - $this->view->mkdir($backupDir); - $this->view->copy($this->keysPath, $backupDir . 'keys/'); - if ($includeUserKeys) { - $this->view->copy($this->privateKeyPath, $backupDir . $this->userId . '.privateKey'); - $this->view->copy($this->publicKeyPath, $backupDir . $this->userId . '.publicKey'); - } - } - - /** - * restore backup - * - * @param string $backup complete name of the backup - * @return boolean - */ - public function restoreBackup($backup) { - $backupDir = $this->encryptionDir . '/backup.' . $backup . '/'; - - $fileKeysRestored = $this->view->rename($backupDir . 'keys', $this->encryptionDir . '/keys'); - - $pubKeyRestored = $privKeyRestored = true; - if ( - $this->view->file_exists($backupDir . $this->userId . '.privateKey') && - $this->view->file_exists($backupDir . $this->userId . '.privateKey') - ) { - - $pubKeyRestored = $this->view->rename($backupDir . $this->userId . '.publicKey', $this->publicKeyPath); - $privKeyRestored = $this->view->rename($backupDir . $this->userId . '.privateKey', $this->privateKeyPath); - } - - if ($fileKeysRestored && $pubKeyRestored && $privKeyRestored) { - $this->view->deleteAll($backupDir); - - return true; - } - - return false; - } - - /** - * delete backup - * - * @param string $backup complete name of the backup - * @return boolean - */ - public function deleteBackup($backup) { - $backupDir = $this->encryptionDir . '/backup.' . $backup . '/'; - return $this->view->deleteAll($backupDir); - } - - /** - * check if the file is stored on a system wide mount point - * @param string $path relative to /data/user with leading '/' - * @return boolean - */ - public function isSystemWideMountPoint($path) { - $normalizedPath = ltrim($path, '/'); - if (\OCP\App::isEnabled("files_external")) { - $mounts = \OC_Mount_Config::getSystemMountPoints(); - foreach ($mounts as $mount) { - if ($mount['mountpoint'] == substr($normalizedPath, 0, strlen($mount['mountpoint']))) { - if ($this->isMountPointApplicableToUser($mount)) { - return true; - } - } - } - } - return false; - } - - /** - * check if mount point is applicable to user - * - * @param array $mount contains $mount['applicable']['users'], $mount['applicable']['groups'] - * @return boolean - */ - protected function isMountPointApplicableToUser($mount) { - $uid = \OCP\User::getUser(); - $acceptedUids = array('all', $uid); - // check if mount point is applicable for the user - $intersection = array_intersect($acceptedUids, $mount['applicable']['users']); - if (!empty($intersection)) { - return true; - } - // check if mount point is applicable for group where the user is a member - foreach ($mount['applicable']['groups'] as $gid) { - if (\OC_Group::inGroup($uid, $gid)) { - return true; - } - } - return false; - } - - /** - * decrypt private key and add it to the current session - * @param array $params with 'uid' and 'password' - * @return mixed session or false - */ - public function initEncryption($params) { - - $session = new Session($this->view); - - // we tried to initialize the encryption app for this session - $session->setInitialized(Session::INIT_EXECUTED); - - $encryptedKey = Keymanager::getPrivateKey($this->view, $params['uid']); - - $privateKey = false; - if ($encryptedKey) { - $privateKey = Crypt::decryptPrivateKey($encryptedKey, $params['password']); - } - - if ($privateKey === false) { - \OCP\Util::writeLog('Encryption library', 'Private key for user "' . $params['uid'] - . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access', \OCP\Util::ERROR); - return false; - } - - $session->setPrivateKey($privateKey); - $session->setInitialized(Session::INIT_SUCCESSFUL); - - return $session; - } - - /* - * remove encryption related keys from the session - */ - public function closeEncryptionSession() { - $session = new Session($this->view); - $session->closeSession(); - } - -} diff --git a/apps/files_encryption/settings-admin.php b/apps/files_encryption/settings-admin.php deleted file mode 100644 index 44dcc2309a..0000000000 --- a/apps/files_encryption/settings-admin.php +++ /dev/null @@ -1,42 +0,0 @@ - - * @author Florin Peter - * @author Joas Schilling - * @author Morris Jobke - * @author Robin Appelman - * @author Sam Tuke - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -\OC_Util::checkAdminUser(); - -$tmpl = new OCP\Template('files_encryption', 'settings-admin'); - -// Check if an adminRecovery account is enabled for recovering files after lost pwd -$recoveryAdminEnabled = \OC::$server->getAppConfig()->getValue('files_encryption', 'recoveryAdminEnabled', '0'); -$session = new \OCA\Files_Encryption\Session(new \OC\Files\View('/')); -$initStatus = $session->getInitialized(); - -$tmpl->assign('recoveryEnabled', $recoveryAdminEnabled); -$tmpl->assign('initStatus', $initStatus); - -\OCP\Util::addscript('files_encryption', 'settings-admin'); -\OCP\Util::addscript('core', 'multiselect'); - -return $tmpl->fetchPage(); diff --git a/apps/files_encryption/settings-personal.php b/apps/files_encryption/settings-personal.php deleted file mode 100644 index a9e512f89d..0000000000 --- a/apps/files_encryption/settings-personal.php +++ /dev/null @@ -1,60 +0,0 @@ - - * @author Florin Peter - * @author Joas Schilling - * @author Morris Jobke - * @author Robin Appelman - * @author Sam Tuke - * @author Thomas Müller - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -// Add CSS stylesheet -\OCP\Util::addStyle('files_encryption', 'settings-personal'); - -$tmpl = new OCP\Template('files_encryption', 'settings-personal'); - -$user = \OCP\USER::getUser(); -$view = new \OC\Files\View('/'); -$util = new \OCA\Files_Encryption\Util($view, $user); -$session = new \OCA\Files_Encryption\Session($view); - -$privateKeySet = $session->getPrivateKey() !== false; -// did we tried to initialize the keys for this session? -$initialized = $session->getInitialized(); - -$recoveryAdminEnabled = \OC::$server->getAppConfig()->getValue('files_encryption', 'recoveryAdminEnabled'); -$recoveryEnabledForUser = $util->recoveryEnabledForUser(); - -$result = false; - -if ($recoveryAdminEnabled || !$privateKeySet) { - - \OCP\Util::addscript('files_encryption', 'settings-personal'); - - $tmpl->assign('recoveryEnabled', $recoveryAdminEnabled); - $tmpl->assign('recoveryEnabledForUser', $recoveryEnabledForUser); - $tmpl->assign('privateKeySet', $privateKeySet); - $tmpl->assign('initialized', $initialized); - - $result = $tmpl->fetchPage(); -} - -return $result; - diff --git a/apps/files_encryption/templates/invalid_private_key.php b/apps/files_encryption/templates/invalid_private_key.php deleted file mode 100644 index 700b37b58a..0000000000 --- a/apps/files_encryption/templates/invalid_private_key.php +++ /dev/null @@ -1,12 +0,0 @@ -
diff --git a/apps/files_encryption/templates/settings-admin.php b/apps/files_encryption/templates/settings-admin.php deleted file mode 100644 index b686912bf4..0000000000 --- a/apps/files_encryption/templates/settings-admin.php +++ /dev/null @@ -1,71 +0,0 @@ - - -

t('Server-side Encryption')); ?>

- - - t("Encryption App is enabled but your keys are not initialized, please log-out and log-in again")); ?> - -

- t("Enable recovery key (allow to recover users files in case of password loss):")); ?> - -
-
- - -
- - -
- /> - -
- - /> - -

-

- -

> - t("Change recovery key password:")); ?> - -

- - -
-
- - -
- - -
- -

- -
diff --git a/apps/files_encryption/templates/settings-personal.php b/apps/files_encryption/templates/settings-personal.php deleted file mode 100644 index 3c8034c968..0000000000 --- a/apps/files_encryption/templates/settings-personal.php +++ /dev/null @@ -1,70 +0,0 @@ - -
-

t('Server-side Encryption')); ?>

- - - - t("Encryption App is enabled but your keys are not initialized, please log-out and log-in again")); ?> - - -

- - -
- t( "Set your old private key password to your current log-in password:" ) ); ?> - t( " If you don't remember your old password you can ask your administrator to recover your files." ) ); - endif; ?> -
- - -
- - -
- - -

- - -
-

- - -
- t( "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" ) ); ?> -
- /> - -
- - /> - -

- - diff --git a/apps/files_encryption/tests/binary b/apps/files_encryption/tests/binary deleted file mode 100644 index 79bc99479daeb0c85fe2ad89fb9346efb517cf02..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 9734 zcmeIu1wR}P0{~#%ZJ3_!?wZ`xOq=6y(=|Qa-E6u}$6+QXP7Gu69ELf0nC8@9$NN3r zpXVby`D)gid8Rinqj>64KWJwPdY3WCBQsQs%J{!W{Bda5oJ{((v#@lSYm-)`HuynT z2=a)8VyrDhz4oQV&3Ae0|M(+q)64a*NU#>lGO0k*b9>{p<`m%*f1!+$K`|S6o~NwG zawW%Yd|QTz$ah@Ai!M}G`=)pDyS9z}00~;ZJro5byMXHPDHE`_!#? zCMMb{b-0R7;ITiw=)#PHxZisT_a%2k`9qiN>M0G7>9)GYB^^&1(bg{~DBrJsyzHt) zE_1RhoY3{9GtsW3QUZ3j*r~$m4@tb%1ag7B8r;0KOuXrf8)_c~99;8%s=zGMT8+#| zOLnGwMDI0^Ka%lELL+exO;V|s!bb8d9{Rx^z zwe^I6-M717{!%wf74%RqfcO$ka7U1v@)2X97wykn355e8iPs66S3-)sf`&M;52S13 zEl1y)NxA_wESI0{yH0MPaRpZTAJFfJUyo5@jzlA`|d>*_Pk* z1feyQ0jS9pMw6VvplJWB5ixV}`FezK2U?usz@Xca10$rDP&9d=&#Rm`k60$9o?vOW zWEKC9(^SU{JDnj-um5CU6)!^lnY`jU25zQ%a9aXG^l1sR6ONnIqU6oVB{KLE1Il8* zd7cuQzxty!rhgYR{}gc9-qI~7g0#+F97b;u|5;hEzqE>3nDOskLNZ4z#>;}KRdBYqmT&MJ z0slx}|Lgbe5&B5|#lhavjTDmyJ*_?$t6Fha222n}YDIG}1o(g=Mfn|5#zn`|)O)!o z*`}z)5Ep=1>doueN`IFc+I6jdnV|H;ch7MKt`$w9Y;YpCpstCwUqb`lZR;%Zy=rp6 z)m-pb!BXzi4`>{o&FVWH;=nPDxI|Xqd(J5M+~P5mpV~+}>fx&PUfWIOBKHVG#s@X7 zYO?kyOO68)pGep8=f^NcGhPCdp&z3hxSb=kH^>KHI5tbve`^gOeMd{spa`ob1Eu3V znpgy~7Lt5U6_J)BcXUpraFpFKX|SQtJebvTv3MV_^`x@1)6BUX`_7(e$(C7jHqsE?l5=t!)4{`3yzUJl&XhyU}RQLq~qpM zl|E>Qd)385M?jOL`);f}5wb_SHQ>S%^LV(+>H$+bxf}ovS6K|>fRWQGkz_2L^ykHz zCoMPcn*#$}mSI8fe7J``zq~8A&{x3i2brvPe8}DKF|%JpijPrAr3+M>6G`TiD`~p2 zW&K8W?nt6dxm~!$m~9(O8f_#~1$XD1Ce-l!G}_lqSh4k=n#ogA(4i!{?#*z{`|I~7 z592E2$z3#Be@8e#kN*a8Z?%T`-dpysT<{n5wJGfP?C2)0cz~VNYgYl%=q8}{G8I~% zRCW)KRyDymfM5mPHG1c;A|*&ky)dl-asq(L40oB^OBJtgW~v zWvA<^0~WEO9@9?kDl4^6Bj|RR6+ScwAB;CH3Xy82c|}6dQa|##Edwq0*Fq_0_@fwi zvuV?exKh$`a1-CVp;0$}j5;Q4J5|8lXVJAeZ6ktyEO8;_?J8ANZ}#on4Zu#C0Ua_T z*@!w9Q&ffzA5ILdBA%}>_T zEw3*!$fpn-rPJJAo_VI@5G_2B1%=j{3PFFc3W2TF%WtZRi9e8~sWODsjAuYS;`h|W zFUqiFE!Bd+E$L|ral=@A<*H}aQWgAd;k=UZ5T^91F)bMpe4>)M-tOkK(E;%Al+Mw@rA~-bFDvasFQb(!>Z6xi&#D zF;L|C-YT<`34J8U3^7twIXy5GKTKocp?7%67eN z!jJ4|en>tr09M$D&gH#UzBRV1c-L^p+{M}zOQyGfW zgMlPD+@t;-RuOK2(y4vcFiy`@5sojlNS;k&~gHnqz6OON%fy)(R+)C(1fA zp}|~+Q+mkqL0qDt5&0(^v#7*y&_3vWL6qCAI%xQh4j`<$pD7&1n)9a35`|q(Eyb-{>KlaBKK;^0W)~Tjs%fb$PH4J%^G~s5 z9m$rnKH0O9PX;$*Yj%4jNwH||s^FKZ zmFL1K&xRQ-FRvsr)u*}3M8)oQK@0zoJ!FVmuL(?hJFSgTmi(352^1W;V;5U7&AIY!1aj z8QfxF$(`q$Evk-7{|))F6QXj8Z);Xwp1~OviCPolcbyPQxE<}oi}qPLJk}jm#zk%Z zP;8!ywYo zMR0MUbTgY~7DJiFl9Vr(M>2M~?l6JJ@^``{1NvEuNDoOyYXe-TR40!)p5k}cA+{CO z$~5{Dk?Wq*s)XUxtj8K99v;P*>R216Y{;M%HJ(F}g!K_y$9)5O(a)WIP;gJ`E6~-S zgTBg7)&q0&eB&FHQ_COtW}ePg5a?oppOm-kX;$iW z?TfPRz<3Yrd&6l$U+}0v09UU#Q&`EaqeaYUvul#LW~0+d(icqoD19wy>naaiMM|N#Yuhwhh+B>pSAx$wnJ{Xy(%}+B{n-U0=91nLGdT zjbZ@Npf$(u$eAM116a8Z8?9OzU$9{=ZWE_CO@8*E)ZsDVM)|_93t<|EJ0Lv~+t0e3h}fWJ7DDSyKSjQC zD>|Fbk2Re42Fj0CN=e;J#Nnh1lpz-t$am7HN$+jcU|VcDB!Q*4Hjx}Sbt}f}S59-y zE6_qz7cOkQiA5%^pZvoe9bM-RE1g&UV_Xf;Ak?&hBnAJY9okNL^}+bQyIMjoi1d>o zqmjOFA1F9p+rA+`d$kU3dFqltXp4|@>*ASqkeM;1(Fz-y$t(Sltfg{7y7K5EX50f< z_|YxzWaioNA1oQxmOl=udJ>GcU+ndo!A7bA?r$W%`Q5~jO>z%bQO=7cdQ@fUCk(_q zx?SOXkF+qGY;+ORkFIm58^))*WHs&Ep-X_inT>gf<&_+MLal(uUfCF4H~{=bn|+?F zt%%U>+iSp~Fw7wJWJj!yOYTZj59fQ91^LPxA~epaNQ)-p^hHaojdpFJaR`ZfFV4T5 z3VkJ!b?z$XpYG0ph+?K1uruwXV7buPWCls!l|Pf+kInw}QT3w%}qEl_Z1FyBp|oKLEOJD*z6oe zf=M$0lzc{@+)zy-;{?HPK^-he&Q9pjEqkfiJ#{fvDv`QZxPCSaPk|xH^IcgYnFx-l z84CdyD6%?BPO&enNS|N8hAx*_!ZfJ1RMV#Rdju*|8iOnNKk-d>Nzt?Zk%U0%=_nNF zMWwkr&6nnmt45jWcL7Ys^kevfY@zSPx^KPL1i}{Vc?K6BXy_dEtK5~5V;Dsr-U~gkt z>;$g(&Juc*VQ8N4a&OKv5&i3K1e<*1&ThKqeFnIL6k#6XR59UPnj?Fy1UdanNy5h0 zz`4J7pp-5=?I`F?znSr#3m#NFn%0totjutPW!|x6YOikjuJ2=P7P;Hdw;P9*?&U+r|!JH6}R_Bg!mchZmzW z69Q}ceBg`Y2X+;P&SwB&iEjP5AbD zrM@`Nn1&ip)T-$gK5Qh9EK3Y#yH`pxZ0FI@9bs;0%C!e|A-cV)O}_QrV23$8NcD-9w@UxG`w9e3aB~*G)QgW$`>)2eZ5*nVE28xW16}?Jkuh@T z)?az{!rxY#0o`Tw{0F=W94Li!>w1n*DKQQZoOcG;eSV8>UF{+;b=bN6&;#pInD$h% z+@_f-v3T6H`n9gt5GJ6l>&_$}5C+fQHJ{8FdqYXaQ)?9Powq^%?OsoB-MZJG-ZGjy zgUvJqK!ja{DNttd7sn0PtB*&@PJ80h5SKg2llnTcMs86rUNtTFX5}kI*%{6ZW*N8p ztXpizZt(PrLl)s05Cz>S-Q2fJWku(-NSXWNIun8oqIW73vc4FkLIH^aaF(CSal}_r zEg=4M{ysuk(?mgbWsG$H@JeMN*Z43BHQ`uRfW&Tlo39^85;_dJrLYQodxK<-Qk-3m z2vW;UsBozbIqS3;&UE0kRmW#%SX?5WJ58p8XBjG`z~glX)pnKS8`r+(`B1Ch!&9J5 zL?&g|qawl@b-GGFB-7B5t`aqYDb!bN6)doJUnmpO~l62S=VrAbuDE`J%hnm3q`1Qd= zmZ|4}Bm7t=^wcZgD=9CuV$5kHkXinY<4@ZY>7GPVSgzx=RH>6&lirl;gg^a+%HF35 zRs+>5PosObPXAopV=r8wI*zbGTB!TknW`}&j2n0`f`z%@jla_3SY&5Bj#Y~WYYdOF z_!lHX)GB6RU$z~WCa1=O*T~#AI#1>2_+7cH%HnYyf0Q!g+Rhiygz!Yhh@Uo9V2VbV zq3Jj$S$i==XOEXpj3`J$VCZLpAJO^Io;?pd4?GV%4?GV%4?GV%4?GV%4?GV%4?GV% T4?GV%5By&bh=_`bOA!1IE57#c diff --git a/apps/files_encryption/tests/crypt.php b/apps/files_encryption/tests/crypt.php deleted file mode 100755 index 4ce8f9a926..0000000000 --- a/apps/files_encryption/tests/crypt.php +++ /dev/null @@ -1,678 +0,0 @@ - - * @author Björn Schießle - * @author Florin Peter - * @author Joas Schilling - * @author Jörn Friedrich Dreyer - * @author Morris Jobke - * @author Robin Appelman - * @author Sam Tuke - * @author Thomas Müller - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption\Tests; - -/** - * Class Crypt - */ -class Crypt extends TestCase { - - const TEST_ENCRYPTION_CRYPT_USER1 = "test-crypt-user1"; - - public $userId; - public $pass; - public $stateFilesTrashbin; - public $dataLong; - public $dataUrl; - public $dataShort; - /** - * @var \OC\Files\View - */ - public $view; - public $legacyEncryptedData; - public $genPrivateKey; - public $genPublicKey; - - /** @var \OCP\IConfig */ - private $config; - - public static function setUpBeforeClass() { - parent::setUpBeforeClass(); - - // create test user - self::loginHelper(self::TEST_ENCRYPTION_CRYPT_USER1, true); - } - - protected function setUp() { - parent::setUp(); - - // set user id - self::loginHelper(self::TEST_ENCRYPTION_CRYPT_USER1); - $this->userId = self::TEST_ENCRYPTION_CRYPT_USER1; - $this->pass = self::TEST_ENCRYPTION_CRYPT_USER1; - - // set content for encrypting / decrypting in tests - $this->dataLong = file_get_contents(__DIR__ . '/../lib/crypt.php'); - $this->dataShort = 'hats'; - $this->dataUrl = __DIR__ . '/../lib/crypt.php'; - $this->legacyData = __DIR__ . '/legacy-text.txt'; - $this->legacyEncryptedData = __DIR__ . '/legacy-encrypted-text.txt'; - $this->legacyEncryptedDataKey = __DIR__ . '/encryption.key'; - $this->randomKey = \OCA\Files_Encryption\Crypt::generateKey(); - - $keypair = \OCA\Files_Encryption\Crypt::createKeypair(); - $this->genPublicKey = $keypair['publicKey']; - $this->genPrivateKey = $keypair['privateKey']; - - $this->view = new \OC\Files\View('/'); - - // remember files_trashbin state - $this->stateFilesTrashbin = \OC_App::isEnabled('files_trashbin'); - - // we don't want to tests with app files_trashbin enabled - \OC_App::disable('files_trashbin'); - - $this->config = \OC::$server->getConfig(); - } - - protected function tearDown() { - // reset app files_trashbin - if ($this->stateFilesTrashbin) { - \OC_App::enable('files_trashbin'); - } else { - \OC_App::disable('files_trashbin'); - } - - $this->assertTrue(\OC_FileProxy::$enabled); - $this->config->deleteSystemValue('cipher'); - - parent::tearDown(); - } - - public static function tearDownAfterClass() { - // cleanup test user - \OC_User::deleteUser(self::TEST_ENCRYPTION_CRYPT_USER1); - - parent::tearDownAfterClass(); - } - - /** - * @medium - */ - public function testGenerateKey() { - - # TODO: use more accurate (larger) string length for test confirmation - - $key = \OCA\Files_Encryption\Crypt::generateKey(); - - $this->assertTrue(strlen($key) > 16); - - } - - public function testDecryptPrivateKey() { - - // test successful decrypt - $crypted = \OCA\Files_Encryption\Crypt::symmetricEncryptFileContent($this->genPrivateKey, 'hat'); - - $header = \OCA\Files_Encryption\Crypt::generateHeader(); - - $decrypted = \OCA\Files_Encryption\Crypt::decryptPrivateKey($header . $crypted, 'hat'); - - $this->assertEquals($this->genPrivateKey, $decrypted); - - //test private key decrypt with wrong password - $wrongPasswd = \OCA\Files_Encryption\Crypt::decryptPrivateKey($crypted, 'hat2'); - - $this->assertEquals(false, $wrongPasswd); - - } - - - /** - * @medium - */ - public function testSymmetricEncryptFileContent() { - - # TODO: search in keyfile for actual content as IV will ensure this test always passes - - $crypted = \OCA\Files_Encryption\Crypt::symmetricEncryptFileContent($this->dataShort, 'hat'); - - $this->assertNotEquals($this->dataShort, $crypted); - - - $decrypt = \OCA\Files_Encryption\Crypt::symmetricDecryptFileContent($crypted, 'hat'); - - $this->assertEquals($this->dataShort, $decrypt); - - } - - /** - * @medium - */ - public function testSymmetricEncryptFileContentAes128() { - - # TODO: search in keyfile for actual content as IV will ensure this test always passes - - $crypted = \OCA\Files_Encryption\Crypt::symmetricEncryptFileContent($this->dataShort, 'hat', 'AES-128-CFB'); - - $this->assertNotEquals($this->dataShort, $crypted); - - - $decrypt = \OCA\Files_Encryption\Crypt::symmetricDecryptFileContent($crypted, 'hat', 'AES-128-CFB'); - - $this->assertEquals($this->dataShort, $decrypt); - - } - - /** - * @medium - */ - public function testSymmetricStreamEncryptShortFileContent() { - - $filename = 'tmp-' . $this->getUniqueID() . '.test'; - - $cryptedFile = file_put_contents('crypt:///' . $this->userId . '/files/'. $filename, $this->dataShort); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // Get file contents without using any wrapper to get it's actual contents on disk - $retreivedCryptedFile = $this->view->file_get_contents($this->userId . '/files/' . $filename); - - // Re-enable proxy - our work is done - \OC_FileProxy::$enabled = $proxyStatus; - - // Check that the file was encrypted before being written to disk - $this->assertNotEquals($this->dataShort, $retreivedCryptedFile); - - // Get file contents with the encryption wrapper - $decrypted = file_get_contents('crypt:///' . $this->userId . '/files/'. $filename); - - // Check that decrypted data matches - $this->assertEquals($this->dataShort, $decrypted); - - // Teardown - $this->view->unlink($this->userId . '/files/' . $filename); - } - - /** - * @medium - */ - public function testSymmetricStreamEncryptShortFileContentAes128() { - - $filename = 'tmp-' . $this->getUniqueID() . '.test'; - - $this->config->setSystemValue('cipher', 'AES-128-CFB'); - - $cryptedFile = file_put_contents('crypt:///' . $this->userId . '/files/'. $filename, $this->dataShort); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - $this->config->deleteSystemValue('cipher'); - - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // Get file contents without using any wrapper to get it's actual contents on disk - $retreivedCryptedFile = $this->view->file_get_contents($this->userId . '/files/' . $filename); - - // Re-enable proxy - our work is done - \OC_FileProxy::$enabled = $proxyStatus; - - // Check that the file was encrypted before being written to disk - $this->assertNotEquals($this->dataShort, $retreivedCryptedFile); - - // Get file contents with the encryption wrapper - $decrypted = file_get_contents('crypt:///' . $this->userId . '/files/'. $filename); - - // Check that decrypted data matches - $this->assertEquals($this->dataShort, $decrypted); - - // Teardown - $this->view->unlink($this->userId . '/files/' . $filename); - } - - /** - * @medium - * Test that data that is written by the crypto stream wrapper - * @note Encrypted data is manually prepared and decrypted here to avoid dependency on success of stream_read - * @note If this test fails with truncate content, check that enough array slices are being rejoined to form $e, as the crypt.php file may have gotten longer and broken the manual - * reassembly of its data - */ - public function testSymmetricStreamEncryptLongFileContent() { - - // Generate a a random filename - $filename = 'tmp-' . $this->getUniqueID() . '.test'; - - // Save long data as encrypted file using stream wrapper - $cryptedFile = file_put_contents('crypt:///' . $this->userId . '/files/' . $filename, $this->dataLong . $this->dataLong); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // Get file contents without using any wrapper to get it's actual contents on disk - $retreivedCryptedFile = $this->view->file_get_contents($this->userId . '/files/' . $filename); - - // Re-enable proxy - our work is done - \OC_FileProxy::$enabled = $proxyStatus; - - - // Check that the file was encrypted before being written to disk - $this->assertNotEquals($this->dataLong . $this->dataLong, $retreivedCryptedFile); - - $decrypted = file_get_contents('crypt:///' . $this->userId . '/files/'. $filename); - - $this->assertEquals($this->dataLong . $this->dataLong, $decrypted); - - // Teardown - $this->view->unlink($this->userId . '/files/' . $filename); - } - - /** - * @medium - * Test that data that is written by the crypto stream wrapper with AES 128 - * @note Encrypted data is manually prepared and decrypted here to avoid dependency on success of stream_read - * @note If this test fails with truncate content, check that enough array slices are being rejoined to form $e, as the crypt.php file may have gotten longer and broken the manual - * reassembly of its data - */ - public function testSymmetricStreamEncryptLongFileContentAes128() { - - // Generate a a random filename - $filename = 'tmp-' . $this->getUniqueID() . '.test'; - - $this->config->setSystemValue('cipher', 'AES-128-CFB'); - - // Save long data as encrypted file using stream wrapper - $cryptedFile = file_put_contents('crypt:///' . $this->userId . '/files/' . $filename, $this->dataLong . $this->dataLong); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - $this->config->deleteSystemValue('cipher'); - - // Get file contents without using any wrapper to get it's actual contents on disk - $retreivedCryptedFile = $this->view->file_get_contents($this->userId . '/files/' . $filename); - - // Re-enable proxy - our work is done - \OC_FileProxy::$enabled = $proxyStatus; - - - // Check that the file was encrypted before being written to disk - $this->assertNotEquals($this->dataLong . $this->dataLong, $retreivedCryptedFile); - - $decrypted = file_get_contents('crypt:///' . $this->userId . '/files/'. $filename); - - $this->assertEquals($this->dataLong . $this->dataLong, $decrypted); - - // Teardown - $this->view->unlink($this->userId . '/files/' . $filename); - } - - /** - * @medium - * Test that data that is written by the crypto stream wrapper with AES 128 - * @note Encrypted data is manually prepared and decrypted here to avoid dependency on success of stream_read - * @note If this test fails with truncate content, check that enough array slices are being rejoined to form $e, as the crypt.php file may have gotten longer and broken the manual - * reassembly of its data - */ - public function testStreamDecryptLongFileContentWithoutHeader() { - - // Generate a a random filename - $filename = 'tmp-' . $this->getUniqueID() . '.test'; - - $this->config->setSystemValue('cipher', 'AES-128-CFB'); - - // Save long data as encrypted file using stream wrapper - $cryptedFile = file_put_contents('crypt:///' . $this->userId . '/files/' . $filename, $this->dataLong . $this->dataLong); - - $this->config->deleteSystemValue('cipher'); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // Get file contents without using any wrapper to get it's actual contents on disk - $retreivedCryptedFile = $this->view->file_get_contents($this->userId . '/files/' . $filename); - - // Check that the file was encrypted before being written to disk - $this->assertNotEquals($this->dataLong . $this->dataLong, $retreivedCryptedFile); - - // remove the header to check if we can also decrypt old files without a header, - // this files should fall back to AES-128 - $cryptedWithoutHeader = substr($retreivedCryptedFile, \OCA\Files_Encryption\Crypt::BLOCKSIZE); - $this->view->file_put_contents($this->userId . '/files/' . $filename, $cryptedWithoutHeader); - - // Re-enable proxy - our work is done - \OC_FileProxy::$enabled = $proxyStatus; - - $decrypted = file_get_contents('crypt:///' . $this->userId . '/files/'. $filename); - - $this->assertEquals($this->dataLong . $this->dataLong, $decrypted); - - // Teardown - $this->view->unlink($this->userId . '/files/' . $filename); - } - - /** - * @medium - */ - public function testIsEncryptedContent() { - - $this->assertFalse(\OCA\Files_Encryption\Crypt::isCatfileContent($this->dataUrl)); - - $this->assertFalse(\OCA\Files_Encryption\Crypt::isCatfileContent($this->legacyEncryptedData)); - - $keyfileContent = \OCA\Files_Encryption\Crypt::symmetricEncryptFileContent($this->dataUrl, 'hat', 'AES-128-CFB'); - - $this->assertTrue(\OCA\Files_Encryption\Crypt::isCatfileContent($keyfileContent)); - - } - - /** - * @large - */ - public function testMultiKeyEncrypt() { - - # TODO: search in keyfile for actual content as IV will ensure this test always passes - - $pair1 = \OCA\Files_Encryption\Crypt::createKeypair(); - - $this->assertEquals(2, count($pair1)); - - $this->assertTrue(strlen($pair1['publicKey']) > 1); - - $this->assertTrue(strlen($pair1['privateKey']) > 1); - - - $crypted = \OCA\Files_Encryption\Crypt::multiKeyEncrypt($this->dataShort, array($pair1['publicKey'])); - - $this->assertNotEquals($this->dataShort, $crypted['data']); - - - $decrypt = \OCA\Files_Encryption\Crypt::multiKeyDecrypt($crypted['data'], $crypted['keys'][0], $pair1['privateKey']); - - $this->assertEquals($this->dataShort, $decrypt); - - } - - /** - * @medium - */ - public function testRenameFile() { - - $filename = 'tmp-' . $this->getUniqueID(); - - // Save long data as encrypted file using stream wrapper - $cryptedFile = file_put_contents('crypt:///' . $this->userId . '/files/' . $filename, $this->dataLong); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - // Get file decrypted contents - $decrypt = file_get_contents('crypt:///' . $this->userId . '/files/' . $filename); - - $this->assertEquals($this->dataLong, $decrypt); - - $newFilename = 'tmp-new-' . $this->getUniqueID(); - $view = new \OC\Files\View('/' . $this->userId . '/files'); - $view->rename($filename, $newFilename); - - // Get file decrypted contents - $newDecrypt = file_get_contents('crypt:///'. $this->userId . '/files/' . $newFilename); - - $this->assertEquals($this->dataLong, $newDecrypt); - - // tear down - $view->unlink($newFilename); - } - - /** - * @medium - */ - public function testMoveFileIntoFolder() { - - $filename = 'tmp-' . $this->getUniqueID(); - - // Save long data as encrypted file using stream wrapper - $cryptedFile = file_put_contents('crypt:///' . $this->userId . '/files/' . $filename, $this->dataLong); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - // Get file decrypted contents - $decrypt = file_get_contents('crypt:///' . $this->userId . '/files/' . $filename); - - $this->assertEquals($this->dataLong, $decrypt); - - $newFolder = '/newfolder' . $this->getUniqueID(); - $newFilename = 'tmp-new-' . $this->getUniqueID(); - $view = new \OC\Files\View('/' . $this->userId . '/files'); - $view->mkdir($newFolder); - $view->rename($filename, $newFolder . '/' . $newFilename); - - // Get file decrypted contents - $newDecrypt = file_get_contents('crypt:///' . $this->userId . '/files/' . $newFolder . '/' . $newFilename); - - $this->assertEquals($this->dataLong, $newDecrypt); - - // tear down - $view->unlink($newFolder); - } - - /** - * @medium - */ - public function testMoveFolder() { - - $view = new \OC\Files\View('/' . $this->userId . '/files'); - - $filename = '/tmp-' . $this->getUniqueID(); - $folder = '/folder' . $this->getUniqueID(); - - $view->mkdir($folder); - - // Save long data as encrypted file using stream wrapper - $cryptedFile = file_put_contents('crypt:///' . $this->userId . '/files/' . $folder . $filename, $this->dataLong); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - // Get file decrypted contents - $decrypt = file_get_contents('crypt:///' . $this->userId . '/files/' . $folder . $filename); - - $this->assertEquals($this->dataLong, $decrypt); - - $newFolder = '/newfolder/subfolder' . $this->getUniqueID(); - $view->mkdir('/newfolder'); - - $view->rename($folder, $newFolder); - - // Get file decrypted contents - $newDecrypt = file_get_contents('crypt:///' . $this->userId . '/files/' . $newFolder . $filename); - - $this->assertEquals($this->dataLong, $newDecrypt); - - // tear down - $view->unlink($newFolder); - $view->unlink('/newfolder'); - } - - /** - * @medium - */ - public function testChangePassphrase() { - $filename = 'tmp-' . $this->getUniqueID(); - - // Save long data as encrypted file using stream wrapper - $cryptedFile = file_put_contents('crypt:///' . $this->userId . '/files/' . $filename, $this->dataLong); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - // Get file decrypted contents - $decrypt = file_get_contents('crypt:///' . $this->userId . '/files/' . $filename); - - $this->assertEquals($this->dataLong, $decrypt); - - // change password - \OC_User::setPassword($this->userId, 'test', null); - - // relogin - $params['uid'] = $this->userId; - $params['password'] = 'test'; - \OCA\Files_Encryption\Hooks::login($params); - - // Get file decrypted contents - $newDecrypt = file_get_contents('crypt:///' . $this->userId . '/files/' . $filename); - - $this->assertEquals($this->dataLong, $newDecrypt); - - // tear down - // change password back - \OC_User::setPassword($this->userId, $this->pass); - $view = new \OC\Files\View('/' . $this->userId . '/files'); - $view->unlink($filename); - } - - /** - * @medium - */ - public function testViewFilePutAndGetContents() { - - $filename = '/tmp-' . $this->getUniqueID(); - $view = new \OC\Files\View('/' . $this->userId . '/files'); - - // Save short data as encrypted file using stream wrapper - $cryptedFile = $view->file_put_contents($filename, $this->dataShort); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - // Get file decrypted contents - $decrypt = $view->file_get_contents($filename); - - $this->assertEquals($this->dataShort, $decrypt); - - // Save long data as encrypted file using stream wrapper - $cryptedFileLong = $view->file_put_contents($filename, $this->dataLong); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFileLong)); - - // Get file decrypted contents - $decryptLong = $view->file_get_contents($filename); - - $this->assertEquals($this->dataLong, $decryptLong); - - // tear down - $view->unlink($filename); - } - - /** - * @large - */ - public function testTouchExistingFile() { - $filename = '/tmp-' . $this->getUniqueID(); - $view = new \OC\Files\View('/' . $this->userId . '/files'); - - // Save short data as encrypted file using stream wrapper - $cryptedFile = $view->file_put_contents($filename, $this->dataShort); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - $view->touch($filename); - - // Get file decrypted contents - $decrypt = $view->file_get_contents($filename); - - $this->assertEquals($this->dataShort, $decrypt); - - // tear down - $view->unlink($filename); - } - - /** - * @medium - */ - public function testTouchFile() { - $filename = '/tmp-' . $this->getUniqueID(); - $view = new \OC\Files\View('/' . $this->userId . '/files'); - - $view->touch($filename); - - // Save short data as encrypted file using stream wrapper - $cryptedFile = $view->file_put_contents($filename, $this->dataShort); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - // Get file decrypted contents - $decrypt = $view->file_get_contents($filename); - - $this->assertEquals($this->dataShort, $decrypt); - - // tear down - $view->unlink($filename); - } - - /** - * @medium - */ - public function testFopenFile() { - $filename = '/tmp-' . $this->getUniqueID(); - $view = new \OC\Files\View('/' . $this->userId . '/files'); - - // Save short data as encrypted file using stream wrapper - $cryptedFile = $view->file_put_contents($filename, $this->dataShort); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - $handle = $view->fopen($filename, 'r'); - - // Get file decrypted contents - $decrypt = fgets($handle); - - $this->assertEquals($this->dataShort, $decrypt); - - // tear down - fclose($handle); - $view->unlink($filename); - } - -} diff --git a/apps/files_encryption/tests/encryption.key b/apps/files_encryption/tests/encryption.key deleted file mode 100644 index 4ee962145c247ee03538aa70a2ff0da216c5c51c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 24 gcmcCzpD}gyt - - *dbname* - true - false - utf8 - - *dbprefix*encryption_test - - - uid - text - true - 64 - - - mode - text - true - 64 - What client-side / server-side configuration is used - - - recovery_enabled - integer - true - 0 - Whether encryption key recovery is enabled - - - migration_status - integer - true - 0 - Whether encryption migration has been performed - - -
-
diff --git a/apps/files_encryption/tests/helper.php b/apps/files_encryption/tests/helper.php deleted file mode 100644 index 8fbd4f419a..0000000000 --- a/apps/files_encryption/tests/helper.php +++ /dev/null @@ -1,339 +0,0 @@ - - * @author Joas Schilling - * @author Jörn Friedrich Dreyer - * @author Morris Jobke - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption\Tests; - -use OCA\Files_Encryption; -use OCA\Files_Encryption\Helper; - -/** - * Class Helper - */ -class TestHelper extends TestCase { - - const TEST_ENCRYPTION_HELPER_USER1 = "test-helper-user1"; - const TEST_ENCRYPTION_HELPER_USER2 = "test-helper-user2"; - - protected function setUpUsers() { - // create test user - self::loginHelper(self::TEST_ENCRYPTION_HELPER_USER2, true); - self::loginHelper(self::TEST_ENCRYPTION_HELPER_USER1, true); - } - - protected function cleanUpUsers() { - // cleanup test user - \OC_User::deleteUser(self::TEST_ENCRYPTION_HELPER_USER1); - \OC_User::deleteUser(self::TEST_ENCRYPTION_HELPER_USER2); - } - - public static function setupHooks() { - // Filesystem related hooks - Helper::registerFilesystemHooks(); - - // clear and register hooks - \OC_FileProxy::clearProxies(); - \OC_FileProxy::register(new Files_Encryption\Proxy()); - } - - public static function tearDownAfterClass() { - parent::tearDownAfterClass(); - } - - /** - * @medium - */ - function testStripPartialFileExtension() { - - $partFilename = 'testfile.txt.part'; - $filename = 'testfile.txt'; - - $this->assertTrue(Helper::isPartialFilePath($partFilename)); - - $this->assertEquals('testfile.txt', Helper::stripPartialFileExtension($partFilename)); - - $this->assertFalse(Helper::isPartialFilePath($filename)); - - $this->assertEquals('testfile.txt', Helper::stripPartialFileExtension($filename)); - } - - - /** - * @medium - */ - function testStripPartialFileExtensionWithTransferIdPath() { - - $partFilename = 'testfile.txt.ocTransferId643653835.part'; - $filename = 'testfile.txt'; - - $this->assertTrue(Helper::isPartialFilePath($partFilename)); - - $this->assertEquals('testfile.txt', Helper::stripPartialFileExtension($partFilename)); - - $this->assertFalse(Helper::isPartialFilePath($filename)); - - $this->assertEquals('testfile.txt', Helper::stripPartialFileExtension($filename)); - } - - /** - * @dataProvider dataVersionsPathPositive - */ - function testGetPathFromVersionPositive($path, $expected) { - $result = Helper::getPathFromVersion($path); - $this->assertSame($expected, $result); - } - - function dataVersionsPathPositive() { - return array( - array('/user/files_versions/foo/bar/test.txt.v456756835', 'foo/bar/test.txt'), - array('user/files_versions/foo/bar/test.txt.v456756835', 'foo/bar/test.txt'), - array('user/files_versions//foo/bar/test.txt.v456756835', 'foo/bar/test.txt'), - array('user/files_versions/test.txt.v456756835', 'test.txt'), - ); - } - - /** - * @dataProvider dataVersionsPathNegative - * @expectedException \OCA\Files_Encryption\Exception\EncryptionException - */ - function testGetPathFromVersionNegative($path) { - Helper::getPathFromVersion($path); - } - - function dataVersionsPathNegative() { - return array( - array('/user/files_versions/'), - array('/user/files_versions'), - ); - } - - /** - * @dataProvider dataPathsCachedFilePositive - */ - function testGetPathFromCachedFilePositive($path, $expected) { - $result = Helper::getPathFromCachedFile($path); - $this->assertEquals($expected, $result); - } - - function dataPathsCachedFilePositive() { - return array( - array('/user/cache/transferid636483/foo/bar/test.txt', 'foo/bar/test.txt'), - array('/user/cache/transferid636483//test.txt', 'test.txt'), - array('user/cache/transferid636483//test.txt', 'test.txt'), - ); - } - - - /** - * @dataProvider dataPathsCachedFileNegative - * @expectedException \OCA\Files_Encryption\Exception\EncryptionException - */ - function testGetPathFromCachedFileNegative($path) { - Helper::getPathFromCachedFile($path); - } - - function dataPathsCachedFileNegative() { - return array( - array('/user/cache/transferid636483/'), - array('/user/cache/transferid636483'), - array('/user/cache/transferid636483//'), - array('/user/cache'), - ); - } - - function testGetUser() { - self::setUpUsers(); - - $path1 = "/" . self::TEST_ENCRYPTION_HELPER_USER1 . "/files/foo/bar.txt"; - $path2 = "/" . self::TEST_ENCRYPTION_HELPER_USER1 . "/cache/foo/bar.txt"; - $path3 = "/" . self::TEST_ENCRYPTION_HELPER_USER2 . "/thumbnails/foo"; - $path4 ="/" . "/" . self::TEST_ENCRYPTION_HELPER_USER1; - - self::loginHelper(self::TEST_ENCRYPTION_HELPER_USER1); - - // if we are logged-in every path should return the currently logged-in user - $this->assertEquals(self::TEST_ENCRYPTION_HELPER_USER1, Helper::getUser($path1)); - $this->assertEquals(self::TEST_ENCRYPTION_HELPER_USER1, Helper::getUser($path2)); - $this->assertEquals(self::TEST_ENCRYPTION_HELPER_USER1, Helper::getUser($path3)); - $this->assertEquals(self::TEST_ENCRYPTION_HELPER_USER1, Helper::getUser($path4)); - - // now log out - self::logoutHelper(); - - // now we should only get the user from /user/files and user/cache paths - $this->assertEquals(self::TEST_ENCRYPTION_HELPER_USER1, Helper::getUser($path1)); - $this->assertEquals(self::TEST_ENCRYPTION_HELPER_USER1, Helper::getUser($path2)); - - try { - $this->assertFalse(Helper::getUser($path3)); - $this->assertFalse(true, '"OCA\Files_Encryption\Exception\EncryptionException: Could not determine user expected"'); - } catch (Files_Encryption\Exception\EncryptionException $e) { - $this->assertSame('Could not determine user', $e->getMessage()); - } - try { - $this->assertFalse(Helper::getUser($path4)); - $this->assertFalse(true, '"OCA\Files_Encryption\Exception\EncryptionException: Could not determine user expected"'); - } catch (Files_Encryption\Exception\EncryptionException $e) { - $this->assertSame('Could not determine user', $e->getMessage()); - } - - // Log-in again - self::loginHelper(self::TEST_ENCRYPTION_HELPER_USER1); - self::cleanUpUsers(); - } - - /** - * @dataProvider dataStripUserFilesPath - */ - function testStripUserFilesPath($path, $expected) { - $result = Helper::stripUserFilesPath($path); - $this->assertSame($expected, $result); - } - - function dataStripUserFilesPath() { - return array( - array('/user/files/foo.txt', 'foo.txt'), - array('//user/files/foo.txt', 'foo.txt'), - array('user//files/foo/bar.txt', 'foo/bar.txt'), - array('user//files/', false), - array('/user', false), - array('', false), - ); - } - - /** - * @dataProvider dataStripUserFilesPathPositive - */ - function testGetUserFromPathPositive($path, $expected) { - self::setUpUsers(); - $result = Helper::getUserFromPath($path); - $this->assertSame($expected, $result); - self::cleanUpUsers(); - } - - function dataStripUserFilesPathPositive() { - return array( - array('/' . self::TEST_ENCRYPTION_HELPER_USER1 . '/files/foo.txt', self::TEST_ENCRYPTION_HELPER_USER1), - array('//' . self::TEST_ENCRYPTION_HELPER_USER2 . '/files_versions/foo.txt', self::TEST_ENCRYPTION_HELPER_USER2), - array('/' . self::TEST_ENCRYPTION_HELPER_USER1 . '/files_trashbin/', self::TEST_ENCRYPTION_HELPER_USER1), - array(self::TEST_ENCRYPTION_HELPER_USER1 . '//cache/foo/bar.txt', self::TEST_ENCRYPTION_HELPER_USER1), - ); - } - - /** - * @dataProvider dataStripUserFilesPathNegative - * @expectedException \OCA\Files_Encryption\Exception\EncryptionException - */ - function testGetUserFromPathNegative($path) { - Helper::getUserFromPath($path); - } - - function dataStripUserFilesPathNegative() { - return array( - array('/unknown_user/files/foo.txt'), - array('/' . self::TEST_ENCRYPTION_HELPER_USER2 . '/unknown_folder/foo.txt'), - array('/' . self::TEST_ENCRYPTION_HELPER_USER1), - array(''), - ); - } - - /** - * @dataProvider dataPaths - */ - function testMkdirr($path, $expected) { - self::setUpUsers(); - Helper::mkdirr($path, new \OC\Files\View('/' . self::TEST_ENCRYPTION_HELPER_USER1 . '/files')); - // ignore the filename because we only check for the directories - $dirParts = array_slice($expected, 0, -1); - $expectedPath = implode('/', $dirParts); - $this->assertTrue(\OC\Files\Filesystem::is_dir($expectedPath)); - - // cleanup - \OC\Files\Filesystem::unlink('/' . $expected[0]); - self::cleanUpUsers(); - } - - /** - * @dataProvider dataDetectFileTypePositive - */ - function testDetectFileTypePositive($path, $expected) { - $result = Helper::detectFileType($path); - $this->assertSame($expected, $result); - } - - function dataDetectFileTypePositive() { - return array( - array(self::TEST_ENCRYPTION_HELPER_USER1 . '/files', Files_Encryption\Util::FILE_TYPE_FILE), - array(self::TEST_ENCRYPTION_HELPER_USER1 . '/files/foo/bar', Files_Encryption\Util::FILE_TYPE_FILE), - array('/' . self::TEST_ENCRYPTION_HELPER_USER1 . '/files/foo/bar', Files_Encryption\Util::FILE_TYPE_FILE), - array(self::TEST_ENCRYPTION_HELPER_USER1 . '/files_versions', Files_Encryption\Util::FILE_TYPE_VERSION), - array('/' . self::TEST_ENCRYPTION_HELPER_USER1 . '//files_versions/foo/bar', Files_Encryption\Util::FILE_TYPE_VERSION), - array('/' . self::TEST_ENCRYPTION_HELPER_USER1 . '//cache/foo/bar', Files_Encryption\Util::FILE_TYPE_CACHE), - ); - } - - /** - * @dataProvider dataDetectFileTypeNegative - * @expectedException \OCA\Files_Encryption\Exception\EncryptionException - */ - function testDetectFileTypeNegative($path) { - Helper::detectFileType($path); - } - - function dataDetectFileTypeNegative() { - return array( - array('/files'), - array('/' . self::TEST_ENCRYPTION_HELPER_USER1 . '/unsuported_dir/foo/bar'), - ); - } - - /** - * @dataProvider dataPaths - */ - function testSplitPath($path, $expected) { - $result = Helper::splitPath($path); - $this->compareArray($result, $expected); - } - - function dataPaths() { - return array( - array('foo/bar/test.txt', array('', 'foo', 'bar', 'test.txt')), - array('/foo/bar/test.txt', array('', 'foo', 'bar', 'test.txt')), - array('/foo/bar//test.txt', array('', 'foo', 'bar', 'test.txt')), - array('//foo/bar/test.txt', array('', 'foo', 'bar', 'test.txt')), - array('foo', array('', 'foo')), - array('/foo', array('', 'foo')), - array('//foo', array('', 'foo')), - ); - } - - function compareArray($result, $expected) { - $this->assertSame(count($expected), count($result)); - - foreach ($expected as $key => $value) { - $this->assertArrayHasKey($key, $result); - $this->assertSame($value, $result[$key]); - } - } - -} diff --git a/apps/files_encryption/tests/hooks.php b/apps/files_encryption/tests/hooks.php deleted file mode 100644 index b63e043118..0000000000 --- a/apps/files_encryption/tests/hooks.php +++ /dev/null @@ -1,447 +0,0 @@ - - * @author Joas Schilling - * @author Jörn Friedrich Dreyer - * @author Morris Jobke - * @author Thomas Müller - * @author Vincent Petry - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption\Tests; - -/** - * Class Hooks - * this class provide basic hook app tests - */ -class Hooks extends TestCase { - - const TEST_ENCRYPTION_HOOKS_USER1 = "test-encryption-hooks-user1.dot"; - const TEST_ENCRYPTION_HOOKS_USER2 = "test-encryption-hooks-user2.dot"; - - /** @var \OC\Files\View */ - public $user1View; // view on /data/user1/files - /** @var \OC\Files\View */ - public $user2View; // view on /data/user2/files - /** @var \OC\Files\View */ - public $rootView; // view on /data/user - public $data; - public $filename; - public $folder; - - private static $testFiles; - - public static function setUpBeforeClass() { - parent::setUpBeforeClass(); - - // note: not using a data provider because these - // files all need to coexist to make sure the - // share keys are found properly (pattern matching) - self::$testFiles = array( - 't est.txt', - 't est_.txt', - 't est.doc.txt', - 't est(.*).txt', // make sure the regexp is escaped - 'multiple.dots.can.happen.too.txt', - 't est.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.txt', - 't est_.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey.txt', - 'who would upload their.shareKey', - 'user ones file.txt', - 'user ones file.txt.backup', - '.t est.txt' - ); - - // create test user - self::loginHelper(self::TEST_ENCRYPTION_HOOKS_USER1, true); - self::loginHelper(self::TEST_ENCRYPTION_HOOKS_USER2, true); - } - - protected function setUp() { - parent::setUp(); - - // set user id - self::loginHelper(self::TEST_ENCRYPTION_HOOKS_USER1); - \OC_User::setUserId(self::TEST_ENCRYPTION_HOOKS_USER1); - - // init filesystem view - $this->user1View = new \OC\Files\View('/'. self::TEST_ENCRYPTION_HOOKS_USER1 . '/files'); - $this->user2View = new \OC\Files\View('/'. self::TEST_ENCRYPTION_HOOKS_USER2 . '/files'); - $this->rootView = new \OC\Files\View('/'); - - // init short data - $this->data = 'hats'; - $this->filename = 'enc_hooks_tests-' . $this->getUniqueID() . '.txt'; - $this->folder = 'enc_hooks_tests_folder-' . $this->getUniqueID(); - - } - - public static function tearDownAfterClass() { - // cleanup test user - \OC_User::deleteUser(self::TEST_ENCRYPTION_HOOKS_USER1); - \OC_User::deleteUser(self::TEST_ENCRYPTION_HOOKS_USER2); - - parent::tearDownAfterClass(); - } - - function testDisableHook() { - // encryption is enabled and running so we should have some user specific - // settings in oc_preferences - $query = \OC_DB::prepare('SELECT * FROM `*PREFIX*preferences` WHERE `appid` = ?'); - $result = $query->execute(array('files_encryption')); - $row = $result->fetchRow(); - $this->assertTrue(is_array($row)); - - // disabling the app should delete all user specific settings - \OCA\Files_Encryption\Hooks::preDisable(array('app' => 'files_encryption')); - - // check if user specific settings for the encryption app are really gone - $query = \OC_DB::prepare('SELECT * FROM `*PREFIX*preferences` WHERE `appid` = ?'); - $result = $query->execute(array('files_encryption')); - $row = $result->fetchRow(); - $this->assertFalse($row); - - // relogin user to initialize the encryption again - $user = \OCP\User::getUser(); - self::loginHelper($user); - - } - - function testDeleteHooks() { - - // remember files_trashbin state - $stateFilesTrashbin = \OC_App::isEnabled('files_trashbin'); - - // we want to tests with app files_trashbin disabled - \OC_App::disable('files_trashbin'); - - // make sure that the trash bin is disabled - $this->assertFalse(\OC_APP::isEnabled('files_trashbin')); - - $this->user1View->file_put_contents($this->filename, $this->data); - - // check if all keys are generated - $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); - $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->filename . '/fileKey')); - - - self::logoutHelper(); - self::loginHelper(self::TEST_ENCRYPTION_HOOKS_USER2); - \OC_User::setUserId(self::TEST_ENCRYPTION_HOOKS_USER2); - - - $this->user2View->file_put_contents($this->filename, $this->data); - - // check if all keys are generated - $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); - $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' . $this->filename . '/fileKey')); - - - // create a dummy file that we can delete something outside of data/user/files - // in this case no share or file keys should be deleted - $this->rootView->file_put_contents(self::TEST_ENCRYPTION_HOOKS_USER2 . "/" . $this->filename, $this->data); - - // delete dummy file outside of data/user/files - $this->rootView->unlink(self::TEST_ENCRYPTION_HOOKS_USER2 . "/" . $this->filename); - - // all keys should still exist - $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); - $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' . $this->filename . '/fileKey')); - - - // delete the file in data/user/files - // now the correspondig share and file keys from user2 should be deleted - $this->user2View->unlink($this->filename); - - // check if keys from user2 are really deleted - $this->assertFalse($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); - $this->assertFalse($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' . $this->filename . '/fileKey')); - - // but user1 keys should still exist - $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); - $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->filename . '/fileKey')); - - if ($stateFilesTrashbin) { - \OC_App::enable('files_trashbin'); - } - else { - \OC_App::disable('files_trashbin'); - } - } - - function testDeleteHooksForSharedFiles() { - - self::logoutHelper(); - self::loginHelper(self::TEST_ENCRYPTION_HOOKS_USER1); - \OC_User::setUserId(self::TEST_ENCRYPTION_HOOKS_USER1); - - // remember files_trashbin state - $stateFilesTrashbin = \OC_App::isEnabled('files_trashbin'); - - // we want to tests with app files_trashbin disabled - \OC_App::disable('files_trashbin'); - - // make sure that the trash bin is disabled - $this->assertFalse(\OC_APP::isEnabled('files_trashbin')); - - $this->user1View->file_put_contents($this->filename, $this->data); - - // check if all keys are generated - $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); - $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->filename . '/fileKey')); - - // get the file info from previous created file - $fileInfo = $this->user1View->getFileInfo($this->filename); - - // check if we have a valid file info - $this->assertTrue($fileInfo instanceof \OC\Files\FileInfo); - - // share the file with user2 - \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_HOOKS_USER2, \OCP\Constants::PERMISSION_ALL); - - // check if new share key exists - $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); - - self::logoutHelper(); - self::loginHelper(self::TEST_ENCRYPTION_HOOKS_USER2); - \OC_User::setUserId(self::TEST_ENCRYPTION_HOOKS_USER2); - - // user2 update the shared file - $this->user2View->file_put_contents($this->filename, $this->data); - - // keys should be stored at user1s dir, not in user2s - $this->assertFalse($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); - $this->assertFalse($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' . $this->filename . '/fileKey')); - - // delete the Shared file from user1 in data/user2/files/Shared - $result = $this->user2View->unlink($this->filename); - - $this->assertTrue($result); - - // share key for user2 from user1s home should be gone, all other keys should still exists - $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); - $this->assertFalse($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); - $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->filename . '/fileKey')); - - // cleanup - - self::logoutHelper(); - self::loginHelper(self::TEST_ENCRYPTION_HOOKS_USER1); - \OC_User::setUserId(self::TEST_ENCRYPTION_HOOKS_USER1); - - if ($stateFilesTrashbin) { - \OC_App::enable('files_trashbin'); - } - else { - \OC_App::disable('files_trashbin'); - } - } - - function testRenameHook() { - // create all files to make sure all keys can coexist properly - foreach (self::$testFiles as $file) { - // save file with content - $cryptedFile = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $file, $this->data); - - // test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - } - - foreach (self::$testFiles as $file) { - $this->doTestRenameHook($file); - } - } - - /** - * test rename operation - */ - function doTestRenameHook($filename) { - // check if keys exists - $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' - . $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); - - $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' - . $filename . '/fileKey')); - - // make subfolder and sub-subfolder - $this->rootView->mkdir('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder); - $this->rootView->mkdir('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder . '/' . $this->folder); - - $this->assertTrue($this->rootView->is_dir('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder . '/' . $this->folder)); - - // move the file to the sub-subfolder - $root = $this->rootView->getRoot(); - $this->rootView->chroot('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/'); - $this->rootView->rename($filename, '/' . $this->folder . '/' . $this->folder . '/' . $filename); - $this->rootView->chroot($root); - - $this->assertFalse($this->rootView->file_exists('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $filename)); - $this->assertTrue($this->rootView->file_exists('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder . '/' . $this->folder . '/' . $filename)); - - // keys should be renamed too - $this->assertFalse($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' - . $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); - $this->assertFalse($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' - . $filename . '/fileKey')); - - $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->folder . '/' . $this->folder . '/' - . $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); - $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->folder . '/' . $this->folder . '/' - . $filename . '/fileKey')); - - // cleanup - $this->rootView->unlink('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder); - } - - function testCopyHook() { - // create all files to make sure all keys can coexist properly - foreach (self::$testFiles as $file) { - // save file with content - $cryptedFile = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $file, $this->data); - - // test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - } - - foreach (self::$testFiles as $file) { - $this->doTestCopyHook($file); - } - } - - /** - * test rename operation - */ - function doTestCopyHook($filename) { - // check if keys exists - $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' - . $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); - - $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' - . $filename . '/fileKey')); - - // make subfolder and sub-subfolder - $this->rootView->mkdir('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder); - $this->rootView->mkdir('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder . '/' . $this->folder); - - $this->assertTrue($this->rootView->is_dir('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder . '/' . $this->folder)); - - // copy the file to the sub-subfolder - \OC\Files\Filesystem::copy($filename, '/' . $this->folder . '/' . $this->folder . '/' . $filename); - - $this->assertTrue($this->rootView->file_exists('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $filename)); - $this->assertTrue($this->rootView->file_exists('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder . '/' . $this->folder . '/' . $filename)); - - // keys should be copied too - $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' - . $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); - $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' - . $filename . '/fileKey')); - - $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->folder . '/' . $this->folder . '/' - . $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); - $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->folder . '/' . $this->folder . '/' - . $filename . '/fileKey')); - - // cleanup - $this->rootView->unlink('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder); - $this->rootView->unlink('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $filename); - } - - /** - * @brief replacing encryption keys during password change should be allowed - * until the user logged in for the first time - */ - public function testSetPassphrase() { - - $view = new \OC\Files\View(); - - // set user password for the first time - \OCA\Files_Encryption\Hooks::postCreateUser(array('uid' => 'newUser', 'password' => 'newUserPassword')); - - $this->assertTrue($view->file_exists(\OCA\Files_Encryption\Keymanager::getPublicKeyPath() . '/newUser.publicKey')); - $this->assertTrue($view->file_exists('newUser/files_encryption/newUser.privateKey')); - - // check if we are able to decrypt the private key - $encryptedKey = \OCA\Files_Encryption\Keymanager::getPrivateKey($view, 'newUser'); - $privateKey = \OCA\Files_Encryption\Crypt::decryptPrivateKey($encryptedKey, 'newUserPassword'); - $this->assertTrue(is_string($privateKey)); - - // change the password before the user logged-in for the first time, - // we can replace the encryption keys - \OCA\Files_Encryption\Hooks::setPassphrase(array('uid' => 'newUser', 'password' => 'passwordChanged')); - - $encryptedKey = \OCA\Files_Encryption\Keymanager::getPrivateKey($view, 'newUser'); - $privateKey = \OCA\Files_Encryption\Crypt::decryptPrivateKey($encryptedKey, 'passwordChanged'); - $this->assertTrue(is_string($privateKey)); - - // now create a files folder to simulate a already used account - $view->mkdir('/newUser/files'); - - // change the password after the user logged in, now the password should not change - \OCA\Files_Encryption\Hooks::setPassphrase(array('uid' => 'newUser', 'password' => 'passwordChanged2')); - - $encryptedKey = \OCA\Files_Encryption\Keymanager::getPrivateKey($view, 'newUser'); - $privateKey = \OCA\Files_Encryption\Crypt::decryptPrivateKey($encryptedKey, 'passwordChanged2'); - $this->assertFalse($privateKey); - - $privateKey = \OCA\Files_Encryption\Crypt::decryptPrivateKey($encryptedKey, 'passwordChanged'); - $this->assertTrue(is_string($privateKey)); - - } - -} diff --git a/apps/files_encryption/tests/keymanager.php b/apps/files_encryption/tests/keymanager.php deleted file mode 100644 index d1a3f1e140..0000000000 --- a/apps/files_encryption/tests/keymanager.php +++ /dev/null @@ -1,411 +0,0 @@ - - * @author Björn Schießle - * @author Florin Peter - * @author Joas Schilling - * @author Jörn Friedrich Dreyer - * @author Morris Jobke - * @author Sam Tuke - * @author Thomas Müller - * @author Vincent Petry - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption\Tests; - -/** - * Class Keymanager - */ -class Keymanager extends TestCase { - - const TEST_USER = "test-keymanager-user.dot"; - - public $userId; - public $pass; - public static $stateFilesTrashbin; - /** - * @var \OC\Files\View - */ - public $view; - public $randomKey; - public $dataShort; - - public static function setUpBeforeClass() { - parent::setUpBeforeClass(); - - // disable file proxy by default - \OC_FileProxy::$enabled = false; - - // remember files_trashbin state - self::$stateFilesTrashbin = \OC_App::isEnabled('files_trashbin'); - - // we don't want to tests with app files_trashbin enabled - \OC_App::disable('files_trashbin'); - - // create test user - \OC_User::deleteUser(self::TEST_USER); - parent::loginHelper(self::TEST_USER, true); - } - - protected function setUp() { - parent::setUp(); - // set content for encrypting / decrypting in tests - $this->dataLong = file_get_contents(__DIR__ . '/../lib/crypt.php'); - $this->dataShort = 'hats'; - $this->dataUrl = __DIR__ . '/../lib/crypt.php'; - $this->legacyData = __DIR__ . '/legacy-text.txt'; - $this->legacyEncryptedData = __DIR__ . '/legacy-encrypted-text.txt'; - $this->randomKey = \OCA\Files_Encryption\Crypt::generateKey(); - - $keypair = \OCA\Files_Encryption\Crypt::createKeypair(); - $this->genPublicKey = $keypair['publicKey']; - $this->genPrivateKey = $keypair['privateKey']; - - $this->view = new \OC\Files\View('/'); - - self::loginHelper(self::TEST_USER); - $this->userId = self::TEST_USER; - $this->pass = self::TEST_USER; - - $userHome = \OC_User::getHome($this->userId); - $this->dataDir = str_replace('/' . $this->userId, '', $userHome); - } - - function tearDown() { - $this->view->deleteAll('/' . self::TEST_USER . '/files_encryption/keys'); - parent::tearDown(); - } - - public static function tearDownAfterClass() { - \OC_FileProxy::$enabled = true; - - // cleanup test user - \OC_User::deleteUser(self::TEST_USER); - // reset app files_trashbin - if (self::$stateFilesTrashbin) { - \OC_App::enable('files_trashbin'); - } - - parent::tearDownAfterClass(); - } - - function testKeyCacheUpdate() { - $testUser = 'testKeyCacheUpdate'; - \OCA\Files_Encryption\Keymanager::setPublicKey('oldKey', $testUser); - - $this->assertSame('oldKey', - \OCA\Files_Encryption\Keymanager::getPublicKey($this->view, $testUser)); - - // update key - \OCA\Files_Encryption\Keymanager::setPublicKey('newKey', $testUser); - - $this->assertSame('newKey', - \OCA\Files_Encryption\Keymanager::getPublicKey($this->view, $testUser)); - - // cleanup - \OCA\Files_Encryption\Keymanager::deletePublicKey($this->view, $testUser); - - } - - /** - * @medium - */ - function testGetPrivateKey() { - - $key = \OCA\Files_Encryption\Keymanager::getPrivateKey($this->view, $this->userId); - - $privateKey = \OCA\Files_Encryption\Crypt::decryptPrivateKey($key, $this->pass); - - $res = openssl_pkey_get_private($privateKey); - - $this->assertTrue(is_resource($res)); - - $sslInfo = openssl_pkey_get_details($res); - - $this->assertArrayHasKey('key', $sslInfo); - - } - - /** - * @medium - */ - function testGetPublicKey() { - - $publiceKey = \OCA\Files_Encryption\Keymanager::getPublicKey($this->view, $this->userId); - - $res = openssl_pkey_get_public($publiceKey); - - $this->assertTrue(is_resource($res)); - - $sslInfo = openssl_pkey_get_details($res); - - $this->assertArrayHasKey('key', $sslInfo); - } - - /** - * @medium - */ - function testSetFileKey() { - - $key = $this->randomKey; - - $file = 'unittest-' . $this->getUniqueID() . '.txt'; - - $util = new \OCA\Files_Encryption\Util($this->view, $this->userId); - - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - $this->view->file_put_contents($this->userId . '/files/' . $file, $this->dataShort); - - \OCA\Files_Encryption\Keymanager::setFileKey($this->view, $util, $file, $key); - - $this->assertTrue($this->view->file_exists('/' . $this->userId . '/files_encryption/keys/' . $file . '/fileKey')); - - // cleanup - $this->view->unlink('/' . $this->userId . '/files/' . $file); - - // change encryption proxy to previous state - \OC_FileProxy::$enabled = $proxyStatus; - } - - /** - * @medium - */ - function testSetPrivateKey() { - - $key = "dummy key"; - - \OCA\Files_Encryption\Keymanager::setPrivateKey($key, 'dummyUser'); - - $this->assertTrue($this->view->file_exists('/dummyUser/files_encryption/dummyUser.privateKey')); - - //clean up - $this->view->deleteAll('/dummyUser'); - } - - /** - * @medium - */ - function testSetPrivateSystemKey() { - - $key = "dummy key"; - $keyName = "myDummyKey"; - $encHeader = \OCA\Files_Encryption\Crypt::generateHeader(); - - \OCA\Files_Encryption\Keymanager::setPrivateSystemKey($key, $keyName); - - $this->assertTrue($this->view->file_exists('/files_encryption/' . $keyName . '.privateKey')); - - $result = \OCA\Files_Encryption\Keymanager::getPrivateSystemKey($keyName); - - $this->assertSame($encHeader . $key, $result); - - // clean up - $this->view->unlink('/files_encryption/' . $keyName.'.privateKey'); - } - - - /** - * @medium - */ - function testGetUserKeys() { - - $keys = \OCA\Files_Encryption\Keymanager::getUserKeys($this->view, $this->userId); - - $resPublic = openssl_pkey_get_public($keys['publicKey']); - - $this->assertTrue(is_resource($resPublic)); - - $sslInfoPublic = openssl_pkey_get_details($resPublic); - - $this->assertArrayHasKey('key', $sslInfoPublic); - - $privateKey = \OCA\Files_Encryption\Crypt::decryptPrivateKey($keys['privateKey'], $this->pass); - - $resPrivate = openssl_pkey_get_private($privateKey); - - $this->assertTrue(is_resource($resPrivate)); - - $sslInfoPrivate = openssl_pkey_get_details($resPrivate); - - $this->assertArrayHasKey('key', $sslInfoPrivate); - } - - /** - * @medium - */ - function testRecursiveDelShareKeysFolder() { - - $this->view->mkdir('/' . self::TEST_USER . '/files/folder1'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files/folder1/existingFile.txt', 'data'); - - // create folder structure for some dummy share key files - $this->view->mkdir('/' . self::TEST_USER . '/files_encryption/keys/folder1'); - $this->view->mkdir('/' . self::TEST_USER . '/files_encryption/keys/folder1/existingFile.txt'); - $this->view->mkdir('/' . self::TEST_USER . '/files_encryption/keys/folder1/file1'); - $this->view->mkdir('/' . self::TEST_USER . '/files_encryption/keys/folder1/file2'); - $this->view->mkdir('/' . self::TEST_USER . '/files_encryption/keys/folder1/subfolder'); - $this->view->mkdir('/' . self::TEST_USER . '/files_encryption/keys/folder1/subfolder/file2'); - $this->view->mkdir('/' . self::TEST_USER . '/files_encryption/keys/folder1/subfolder/subsubfolder'); - $this->view->mkdir('/' . self::TEST_USER . '/files_encryption/keys/folder1/subfolder/subsubfolder/file1'); - $this->view->mkdir('/' . self::TEST_USER . '/files_encryption/keys/folder1/subfolder/subsubfolder/file2'); - - // create some dummy share keys - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/existingFile.txt/user1.shareKey', 'data'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/existingFile.txt/' . self::TEST_USER . '.shareKey', 'data'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/file1/user1.shareKey', 'data'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/file1/user1.test.shareKey', 'data'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/file1/test-keymanager-userxdot.shareKey', 'data'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/file1/userx.' . self::TEST_USER . '.shareKey', 'data'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/file1/' . self::TEST_USER . '.userx.shareKey', 'data'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/file1/user1.' . self::TEST_USER . '.shareKey', 'data'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/file1/' . self::TEST_USER . '.user1.shareKey', 'data'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/file2/user2.shareKey', 'data'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/file2/user3.shareKey', 'data'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/subfolder/file2/user3.shareKey', 'data'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/subfolder/subsubfolder/file1/user1.shareKey', 'data'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/subfolder/subsubfolder/file2/user2.shareKey', 'data'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/subfolder/subsubfolder/file2/user3.shareKey', 'data'); - - // recursive delete share keys from user1 and user2 - \OCA\Files_Encryption\Keymanager::delShareKey($this->view, - array('user1', 'user2', self::TEST_USER), - \OCA\Files_Encryption\Keymanager::getKeyPath($this->view, new \OCA\Files_Encryption\Util($this->view, self::TEST_USER), '/folder1'), - self::TEST_USER, - '/folder1'); - - // check if share keys from user1 and user2 are deleted - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/keys/folder1/existingFile.txt/user1.shareKey')); - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/share-keys/folder1/file1/user1.shareKey')); - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/share-keys/folder1/file2/user2.shareKey')); - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/share-keys/folder1/subfolder/subsubfolder/file1/user1.shareKey')); - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/share-keys/folder1/subfolder/subsubfolder/file2/user2.shareKey')); - - // check if share keys from user3 still exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/keys/folder1/file2/user3.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/keys/folder1/subfolder/subsubfolder/file2/user3.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/keys/folder1/subfolder/file2/user3.shareKey')); - - // check if share keys for user or file with similar name - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/keys/folder1/file1/user1.test.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/keys/folder1/file1/test-keymanager-userxdot.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/keys/folder1/file1/' . self::TEST_USER . '.userx.shareKey')); - // FIXME: this case currently cannot be distinguished, needs further fixing - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/keys/folder1/file1/userx.' . self::TEST_USER . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/keys/folder1/file1/user1.' . self::TEST_USER . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/keys/folder1/file1/' . self::TEST_USER . '.user1.shareKey')); - - // owner key from existing file should still exists because the file is still there - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/keys/folder1/existingFile.txt/' . self::TEST_USER . '.shareKey')); - - // cleanup - $this->view->deleteAll('/' . self::TEST_USER . '/files/folder1'); - - } - - /** - * @medium - */ - function testRecursiveDelShareKeysFile() { - - $this->view->mkdir('/' . self::TEST_USER . '/files/folder1'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files/folder1/existingFile.txt', 'data'); - - // create folder structure for some dummy share key files - $this->view->mkdir('/' . self::TEST_USER . '/files_encryption/keys/folder1'); - $this->view->mkdir('/' . self::TEST_USER . '/files_encryption/keys/folder1/existingFile.txt'); - - // create some dummy share keys - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/existingFile.txt/user1.shareKey', 'data'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/existingFile.txt/user2.shareKey', 'data'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/existingFile.txt/user3.shareKey', 'data'); - $this->view->file_put_contents('/' . self::TEST_USER . '/files_encryption/keys/folder1/existingFile.txt/' . self::TEST_USER . '.shareKey', 'data'); - - // recursive delete share keys from user1 and user2 - \OCA\Files_Encryption\Keymanager::delShareKey($this->view, - array('user1', 'user2', self::TEST_USER), - \OCA\Files_Encryption\Keymanager::getKeyPath($this->view, new \OCA\Files_Encryption\Util($this->view, self::TEST_USER), '/folder1/existingFile.txt'), - self::TEST_USER, - '/folder1/existingFile.txt'); - - - // check if share keys from user1 and user2 are deleted - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/keys/folder1/existingFile/user1.shareKey')); - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/keys/folder1/existingFile/user2.shareKey')); - - // check if share keys for user3 and owner - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/keys/folder1/existingFile.txt/' . self::TEST_USER . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_USER . '/files_encryption/keys/folder1/existingFile.txt/user3.shareKey')); - // cleanup - $this->view->deleteAll('/' . self::TEST_USER . '/files/folder1'); - - } - - function testKeySetPreperation() { - $basePath = '/' . self::TEST_USER . '/files'; - $path = '/folder1/subfolder/subsubfolder/file.txt'; - - $this->assertFalse($this->view->is_dir($basePath . '/testKeySetPreperation')); - - TestProtectedKeymanagerMethods::testKeySetPreperation($this->view, $basePath . $path); - - // check if directory structure was created - $this->assertTrue($this->view->is_dir($basePath . $path)); - - // cleanup - $this->view->deleteAll($basePath . '/folder1'); - - } -} - -/** - * dummy class to access protected methods of \OCA\Files_Encryption\Keymanager for testing - */ -class TestProtectedKeymanagerMethods extends \OCA\Files_Encryption\Keymanager { - - /** - * @param \OC\Files\View $view relative to data/ - * @param string $path - * @param string $basePath - */ - public static function testKeySetPreperation($view, $path) { - self::keySetPreparation($view, $path); - } -} diff --git a/apps/files_encryption/tests/legacy-encrypted-text.txt b/apps/files_encryption/tests/legacy-encrypted-text.txt deleted file mode 100644 index 1f5087178c..0000000000 --- a/apps/files_encryption/tests/legacy-encrypted-text.txt +++ /dev/null @@ -1 +0,0 @@ -5ǡiZgESlF= \ No newline at end of file diff --git a/apps/files_encryption/tests/migration.php b/apps/files_encryption/tests/migration.php deleted file mode 100644 index 031c327d37..0000000000 --- a/apps/files_encryption/tests/migration.php +++ /dev/null @@ -1,266 +0,0 @@ - - * @author Joas Schilling - * @author Morris Jobke - * @author Thomas Müller - * @author Vincent Petry - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption\Tests; - -class Migration extends TestCase { - - const TEST_ENCRYPTION_MIGRATION_USER1='test_encryption_user1'; - const TEST_ENCRYPTION_MIGRATION_USER2='test_encryption_user2'; - const TEST_ENCRYPTION_MIGRATION_USER3='test_encryption_user3'; - - /** @var \OC\Files\View */ - private $view; - private $public_share_key_id; - private $recovery_key_id; - - public static function setUpBeforeClass() { - parent::setUpBeforeClass(); - self::loginHelper(self::TEST_ENCRYPTION_MIGRATION_USER1, true); - self::loginHelper(self::TEST_ENCRYPTION_MIGRATION_USER2, true); - self::loginHelper(self::TEST_ENCRYPTION_MIGRATION_USER3, true); - } - - public static function tearDownAfterClass() { - \OC_User::deleteUser(self::TEST_ENCRYPTION_MIGRATION_USER1); - \OC_User::deleteUser(self::TEST_ENCRYPTION_MIGRATION_USER2); - \OC_User::deleteUser(self::TEST_ENCRYPTION_MIGRATION_USER3); - parent::tearDownAfterClass(); - } - - protected function tearDown() { - if (\OC_DB::tableExists('encryption_test')) { - \OC_DB::dropTable('encryption_test'); - } - $this->assertTableNotExist('encryption_test'); - - parent::tearDown(); - } - - public function setUp() { - $this->loginHelper(self::TEST_ENCRYPTION_MIGRATION_USER1); - $this->view = new \OC\Files\View(); - $this->public_share_key_id = \OCA\Files_Encryption\Helper::getPublicShareKeyId(); - $this->recovery_key_id = \OCA\Files_Encryption\Helper::getRecoveryKeyId(); - if (\OC_DB::tableExists('encryption_test')) { - \OC_DB::dropTable('encryption_test'); - } - $this->assertTableNotExist('encryption_test'); - } - - public function checkLastIndexId() { - $query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` (' - .' `item_type`, `item_source`, `item_target`, `share_type`,' - .' `share_with`, `uid_owner`, `permissions`, `stime`, `file_source`,' - .' `file_target`, `token`, `parent`, `expiration`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?)'); - $query->bindValue(1, 'file'); - $query->bindValue(2, 949); - $query->bindValue(3, '/949'); - $query->bindValue(4, 0); - $query->bindValue(5, 'migrate-test-user'); - $query->bindValue(6, 'migrate-test-owner'); - $query->bindValue(7, 23); - $query->bindValue(8, 1402493312); - $query->bindValue(9, 0); - $query->bindValue(10, '/migration.txt'); - $query->bindValue(11, null); - $query->bindValue(12, null); - $query->bindValue(13, null); - $this->assertEquals(1, $query->execute()); - - $this->assertNotEquals('0', \OC_DB::insertid('*PREFIX*share')); - - // cleanup - $query = \OC_DB::prepare('DELETE FROM `*PREFIX*share` WHERE `file_target` = ?'); - $query->bindValue(1, '/migration.txt'); - $this->assertEquals(1, $query->execute()); - - } - - public function testBrokenLastIndexId() { - - // create test table - $this->checkLastIndexId(); - \OC_DB::createDbFromStructure(__DIR__ . '/encryption_table.xml'); - $this->checkLastIndexId(); - } - - /** - * @param string $table - */ - public function assertTableNotExist($table) { - $type = \OC_Config::getValue( "dbtype", "sqlite" ); - if( $type == 'sqlite' || $type == 'sqlite3' ) { - // sqlite removes the tables after closing the DB - $this->assertTrue(true); - } else { - $this->assertFalse(\OC_DB::tableExists($table), 'Table ' . $table . ' exists.'); - } - } - - protected function createDummyShareKeys($uid) { - $this->view->mkdir($uid . '/files_encryption/share-keys/folder1/folder2/folder3'); - $this->view->mkdir($uid . '/files_encryption/share-keys/folder2/'); - $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/folder3/file3.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data'); - $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/folder3/file3.' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey' , 'data'); - $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/folder3/file3.' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey' , 'data'); - $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/file2.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data'); - $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/file2.' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey' , 'data'); - $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/file2.' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey' , 'data'); - $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/file.1.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data'); - $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/file.1.' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey' , 'data'); - $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/file.1.' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey' , 'data'); - $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder2/file.2.1.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data'); - $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder2/file.2.1.' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey' , 'data'); - $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder2/file.2.1.' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey' , 'data'); - if ($this->public_share_key_id) { - $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder2/file.2.1.' . $this->public_share_key_id . '.shareKey' , 'data'); - } - if ($this->recovery_key_id) { - $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder2/file.2.1.' . $this->recovery_key_id . '.shareKey' , 'data'); - } - } - - protected function createDummyFileKeys($uid) { - $this->view->mkdir($uid . '/files_encryption/keyfiles/folder1/folder2/folder3'); - $this->view->mkdir($uid . '/files_encryption/keyfiles/folder2/'); - $this->view->file_put_contents($uid . '/files_encryption/keyfiles/folder1/folder2/folder3/file3.key' , 'data'); - $this->view->file_put_contents($uid . '/files_encryption/keyfiles/folder1/folder2/file2.key' , 'data'); - $this->view->file_put_contents($uid . '/files_encryption/keyfiles/folder1/file.1.key' , 'data'); - $this->view->file_put_contents($uid . '/files_encryption/keyfiles/folder2/file.2.1.key' , 'data'); - } - - protected function createDummyFilesInTrash($uid) { - $this->view->mkdir($uid . '/files_trashbin/share-keys'); - $this->view->mkdir($uid . '/files_trashbin/share-keys/folder1.d7437648723'); - $this->view->file_put_contents($uid . '/files_trashbin/share-keys/file1.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey.d5457864' , 'data'); - $this->view->file_put_contents($uid . '/files_trashbin/share-keys/file1.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey.d5457864' , 'data'); - $this->view->file_put_contents($uid . '/files_trashbin/share-keys/folder1.d7437648723/file2.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data'); - - $this->view->mkdir($uid . '/files_trashbin/keyfiles'); - $this->view->mkdir($uid . '/files_trashbin/keyfiles/folder1.d7437648723'); - $this->view->file_put_contents($uid . '/files_trashbin/keyfiles/file1.key.d5457864' , 'data'); - $this->view->file_put_contents($uid . '/files_trashbin/keyfiles/folder1.d7437648723/file2.key' , 'data'); - } - - protected function createDummySystemWideKeys() { - $this->view->mkdir('owncloud_private_key'); - $this->view->file_put_contents('owncloud_private_key/systemwide_1.private.key', 'data'); - $this->view->file_put_contents('owncloud_private_key/systemwide_2.private.key', 'data'); - } - - public function testMigrateToNewFolderStructure() { - - // go back to the state before migration - $this->view->rename('/files_encryption/public_keys', '/public-keys'); - $this->view->rename('/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.publicKey', '/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.public.key'); - $this->view->rename('/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.publicKey', '/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.public.key'); - $this->view->rename('/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.publicKey', '/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.public.key'); - $this->view->deleteAll(self::TEST_ENCRYPTION_MIGRATION_USER1 . '/files_encryption/keys'); - $this->view->deleteAll(self::TEST_ENCRYPTION_MIGRATION_USER2 . '/files_encryption/keys'); - $this->view->deleteAll(self::TEST_ENCRYPTION_MIGRATION_USER3 . '/files_encryption/keys'); - $this->view->rename(self::TEST_ENCRYPTION_MIGRATION_USER1 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.privateKey', - self::TEST_ENCRYPTION_MIGRATION_USER1 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.private.key'); - $this->view->rename(self::TEST_ENCRYPTION_MIGRATION_USER2 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.privateKey', - self::TEST_ENCRYPTION_MIGRATION_USER2 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.private.key'); - $this->view->rename(self::TEST_ENCRYPTION_MIGRATION_USER3 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.privateKey', - self::TEST_ENCRYPTION_MIGRATION_USER3 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.private.key'); - - $this->createDummyShareKeys(self::TEST_ENCRYPTION_MIGRATION_USER1); - $this->createDummyShareKeys(self::TEST_ENCRYPTION_MIGRATION_USER2); - $this->createDummyShareKeys(self::TEST_ENCRYPTION_MIGRATION_USER3); - - $this->createDummyFileKeys(self::TEST_ENCRYPTION_MIGRATION_USER1); - $this->createDummyFileKeys(self::TEST_ENCRYPTION_MIGRATION_USER2); - $this->createDummyFileKeys(self::TEST_ENCRYPTION_MIGRATION_USER3); - - $this->createDummyFilesInTrash(self::TEST_ENCRYPTION_MIGRATION_USER2); - - // no user for system wide mount points - $this->createDummyFileKeys(''); - $this->createDummyShareKeys(''); - - $this->createDummySystemWideKeys(); - - $m = new \OCA\Files_Encryption\Migration(); - $m->reorganizeFolderStructure(); - - // TODO Verify that all files at the right place - $this->assertTrue($this->view->file_exists('/files_encryption/public_keys/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.publicKey')); - $this->assertTrue($this->view->file_exists('/files_encryption/public_keys/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.publicKey')); - $this->assertTrue($this->view->file_exists('/files_encryption/public_keys/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.publicKey')); - $this->verifyNewKeyPath(self::TEST_ENCRYPTION_MIGRATION_USER1); - $this->verifyNewKeyPath(self::TEST_ENCRYPTION_MIGRATION_USER2); - $this->verifyNewKeyPath(self::TEST_ENCRYPTION_MIGRATION_USER3); - // system wide keys - $this->verifyNewKeyPath(''); - // trash - $this->verifyFilesInTrash(self::TEST_ENCRYPTION_MIGRATION_USER2); - - } - - protected function verifyFilesInTrash($uid) { - // share keys - $this->view->file_exists($uid . '/files_trashbin/keys/file1.d5457864/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey.d5457864' , 'data'); - $this->view->file_exists($uid . '/files_trashbin/keys/file1.d5457864/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey.d5457864' , 'data'); - $this->view->file_exists($uid . '/files_trashbin/keys/folder1.d7437648723/file2/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data'); - - // file keys - $this->view->file_exists($uid . '/files_trashbin/keys/file1.d5457864/fileKey.d5457864' , 'data'); - $this->view->file_exists($uid . '/files_trashbin/keyfiles/file1.d5457864/fileKey.d5457864' , 'data'); - $this->view->file_exists($uid . '/files_trashbin/keyfiles/folder1.d7437648723/file2/fileKey' , 'data'); - } - - protected function verifyNewKeyPath($uid) { - // private key - if ($uid !== '') { - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/' . $uid . '.privateKey')); - } - // file keys - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/folder3/file3/fileKey')); - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/file2/fileKey')); - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/file.1/fileKey')); - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/fileKey')); - // share keys - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/folder3/file3/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey')); - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/folder3/file3/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey')); - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/folder3/file3/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey')); - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/file2/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey')); - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/file2/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey')); - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/file2/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey')); - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/file.1/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey')); - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/file.1/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey')); - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/file.1/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey')); - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey')); - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey')); - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey')); - if ($this->public_share_key_id) { - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/' . $this->public_share_key_id . '.shareKey')); - } - if ($this->recovery_key_id) { - $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/' . $this->recovery_key_id . '.shareKey')); - } - } -} diff --git a/apps/files_encryption/tests/proxy.php b/apps/files_encryption/tests/proxy.php deleted file mode 100644 index 59fcb896a2..0000000000 --- a/apps/files_encryption/tests/proxy.php +++ /dev/null @@ -1,154 +0,0 @@ - - * @author Joas Schilling - * @author Jörn Friedrich Dreyer - * @author Morris Jobke - * @author Sam Tuke - * @author Thomas Müller - * @author Vincent Petry - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption\Tests; - -/** - * Class Proxy - * this class provide basic proxy app tests - */ -class Proxy extends TestCase { - - const TEST_ENCRYPTION_PROXY_USER1 = "test-proxy-user1"; - - public $userId; - public $pass; - /** - * @var \OC\Files\View - */ - public $view; // view in /data/user/files - public $rootView; // view on /data/user - public $data; - public $dataLong; - public $filename; - - public static function setUpBeforeClass() { - parent::setUpBeforeClass(); - - // create test user - self::loginHelper(self::TEST_ENCRYPTION_PROXY_USER1, true); - } - - protected function setUp() { - parent::setUp(); - - // set user id - \OC_User::setUserId(self::TEST_ENCRYPTION_PROXY_USER1); - $this->userId = self::TEST_ENCRYPTION_PROXY_USER1; - $this->pass = self::TEST_ENCRYPTION_PROXY_USER1; - - // init filesystem view - $this->view = new \OC\Files\View('/'. self::TEST_ENCRYPTION_PROXY_USER1 . '/files'); - $this->rootView = new \OC\Files\View('/'. self::TEST_ENCRYPTION_PROXY_USER1 ); - - // init short data - $this->data = 'hats'; - $this->dataLong = file_get_contents(__DIR__ . '/../lib/crypt.php'); - $this->filename = 'enc_proxy_tests-' . $this->getUniqueID() . '.txt'; - - } - - public static function tearDownAfterClass() { - // cleanup test user - \OC_User::deleteUser(self::TEST_ENCRYPTION_PROXY_USER1); - - parent::tearDownAfterClass(); - } - - /** - * @medium - * test if postFileSize returns the unencrypted file size - */ - function testPostFileSize() { - - $this->view->file_put_contents($this->filename, $this->dataLong); - $size = strlen($this->dataLong); - - \OC_FileProxy::$enabled = false; - - $encryptedSize = $this->view->filesize($this->filename); - - \OC_FileProxy::$enabled = true; - - $unencryptedSize = $this->view->filesize($this->filename); - - $this->assertTrue($encryptedSize > $unencryptedSize); - $this->assertSame($size, $unencryptedSize); - - // cleanup - $this->view->unlink($this->filename); - - } - - function testPostFileSizeWithDirectory() { - - $this->view->file_put_contents($this->filename, $this->data); - - \OC_FileProxy::$enabled = false; - - // get root size, must match the file's unencrypted size - $unencryptedSize = $this->view->filesize(''); - - \OC_FileProxy::$enabled = true; - - $encryptedSize = $this->view->filesize(''); - - $this->assertTrue($encryptedSize !== $unencryptedSize); - - // cleanup - $this->view->unlink($this->filename); - - } - - /** - * @dataProvider isExcludedPathProvider - */ - function testIsExcludedPath($path, $expected) { - $this->view->mkdir(dirname($path)); - $this->view->file_put_contents($path, "test"); - - $result = \Test_Helper::invokePrivate(new \OCA\Files_Encryption\Proxy(), 'isExcludedPath', array($path)); - $this->assertSame($expected, $result); - - $this->view->deleteAll(dirname($path)); - - } - - public function isExcludedPathProvider() { - return array( - array ('/' . self::TEST_ENCRYPTION_PROXY_USER1 . '/files/test.txt', false), - array (self::TEST_ENCRYPTION_PROXY_USER1 . '/files/test.txt', false), - array ('/files/test.txt', true), - array ('/' . self::TEST_ENCRYPTION_PROXY_USER1 . '/files/versions/test.txt', false), - array ('/' . self::TEST_ENCRYPTION_PROXY_USER1 . '/files_versions/test.txt', false), - array ('/' . self::TEST_ENCRYPTION_PROXY_USER1 . '/files_trashbin/test.txt', true), - array ('/' . self::TEST_ENCRYPTION_PROXY_USER1 . '/file/test.txt', true), - ); - } - -} - diff --git a/apps/files_encryption/tests/share.php b/apps/files_encryption/tests/share.php deleted file mode 100755 index 2a9f0359c9..0000000000 --- a/apps/files_encryption/tests/share.php +++ /dev/null @@ -1,1392 +0,0 @@ - - * @author Björn Schießle - * @author Florin Peter - * @author Joas Schilling - * @author Jörn Friedrich Dreyer - * @author Lukas Reschke - * @author Morris Jobke - * @author Robin Appelman - * @author Thomas Müller - * @author Vincent Petry - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption\Tests; - -/** - * Class Share - */ -class Share extends TestCase { - - const TEST_ENCRYPTION_SHARE_USER1 = "test-share-user1"; - const TEST_ENCRYPTION_SHARE_USER2 = "test-share-user2"; - const TEST_ENCRYPTION_SHARE_USER3 = "test-share-user3"; - const TEST_ENCRYPTION_SHARE_USER4 = "test-share-user4"; - const TEST_ENCRYPTION_SHARE_GROUP1 = "test-share-group1"; - - public $stateFilesTrashbin; - public $filename; - public $dataShort; - /** - * @var \OC\Files\View - */ - public $view; - public $folder1; - public $subfolder; - public $subsubfolder; - - public static function setUpBeforeClass() { - parent::setUpBeforeClass(); - - // enable resharing - \OC::$server->getAppConfig()->setValue('core', 'shareapi_allow_resharing', 'yes'); - - // register share hooks - \OC::registerShareHooks(); - \OCA\Files_Sharing\Helper::registerHooks(); - - // create users - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1, true); - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER2, true); - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER3, true); - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER4, true); - - // create group and assign users - \OC_Group::createGroup(self::TEST_ENCRYPTION_SHARE_GROUP1); - \OC_Group::addToGroup(self::TEST_ENCRYPTION_SHARE_USER3, self::TEST_ENCRYPTION_SHARE_GROUP1); - \OC_Group::addToGroup(self::TEST_ENCRYPTION_SHARE_USER4, self::TEST_ENCRYPTION_SHARE_GROUP1); - } - - protected function setUp() { - parent::setUp(); - - $this->dataShort = 'hats'; - $this->view = new \OC\Files\View('/'); - - $this->folder1 = '/folder1'; - $this->subfolder = '/subfolder1'; - $this->subsubfolder = '/subsubfolder1'; - - $this->filename = 'share-tmp.test'; - - // remember files_trashbin state - $this->stateFilesTrashbin = \OC_App::isEnabled('files_trashbin'); - - // we don't want to tests with app files_trashbin enabled - \OC_App::disable('files_trashbin'); - - // login as first user - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - $this->createMocks(); - } - - protected function tearDown() { - // reset app files_trashbin - if ($this->stateFilesTrashbin) { - \OC_App::enable('files_trashbin'); - } else { - \OC_App::disable('files_trashbin'); - } - - $this->restoreHttpHelper(); - - parent::tearDown(); - } - - public static function tearDownAfterClass() { - // clean group - \OC_Group::deleteGroup(self::TEST_ENCRYPTION_SHARE_GROUP1); - - // cleanup users - \OC_User::deleteUser(self::TEST_ENCRYPTION_SHARE_USER1); - \OC_User::deleteUser(self::TEST_ENCRYPTION_SHARE_USER2); - \OC_User::deleteUser(self::TEST_ENCRYPTION_SHARE_USER3); - \OC_User::deleteUser(self::TEST_ENCRYPTION_SHARE_USER4); - - parent::tearDownAfterClass(); - } - - private function createMocks() { - $config = $this->getMockBuilder('\OCP\IConfig') - ->disableOriginalConstructor()->getMock(); - $clientService = $this->getMock('\OCP\Http\Client\IClientService'); - $httpHelperMock = $this->getMockBuilder('\OC\HTTPHelper') - ->setConstructorArgs([$config, $clientService]) - ->getMock(); - $httpHelperMock->expects($this->any())->method('post')->with($this->anything())->will($this->returnValue(array('success' => true, 'result' => "{'ocs' : { 'meta' : { 'statuscode' : 100 }}}"))); - - $this->registerHttpHelper($httpHelperMock); - } - - /** - * Register an http helper mock for testing purposes. - * @param $httpHelper http helper mock - */ - private function registerHttpHelper($httpHelper) { - $this->oldHttpHelper = \OC::$server->query('HTTPHelper'); - \OC::$server->registerService('HTTPHelper', function ($c) use ($httpHelper) { - return $httpHelper; - }); - } - - /** - * Restore the original http helper - */ - private function restoreHttpHelper() { - $oldHttpHelper = $this->oldHttpHelper; - \OC::$server->registerService('HTTPHelper', function ($c) use ($oldHttpHelper) { - return $oldHttpHelper; - }); - } - - /** - * @medium - */ - function testDeclineServer2ServerShare() { - - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // save file with content - $cryptedFile = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename, $this->dataShort); - - // test that data was successfully written - $this->assertInternalType('int', $cryptedFile); - - // get the file info from previous created file - $fileInfo = $this->view->getFileInfo( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename); - - - // share the file - $token = \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_LINK, '', \OCP\Constants::PERMISSION_ALL); - $this->assertTrue(is_string($token)); - - $publicShareKeyId = \OC::$server->getConfig()->getAppValue('files_encryption', 'publicShareKeyId'); - - // check if share key for public exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . $publicShareKeyId . '.shareKey')); - - // manipulate share - $query = \OC::$server->getDatabaseConnection()->prepare('UPDATE `*PREFIX*share` SET `share_type` = ?, `share_with` = ? WHERE `token`=?'); - $this->assertTrue($query->execute(array(\OCP\Share::SHARE_TYPE_REMOTE, 'foo@bar', $token))); - - // check if share key not exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . $publicShareKeyId . '.shareKey')); - - - $query = \OC::$server->getDatabaseConnection()->prepare('SELECT * FROM `*PREFIX*share` WHERE `token`=?'); - $query->execute(array($token)); - - $share = $query->fetch(); - - $_POST['token'] = $token; - $s2s = new \OCA\Files_Sharing\API\Server2Server(); - $s2s->declineShare(array('id' => $share['id'])); - - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . $publicShareKeyId . '.shareKey')); - - } - - /** - * @medium - * @param bool $withTeardown - */ - function testShareFile($withTeardown = true) { - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // save file with content - $cryptedFile = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename, $this->dataShort); - - // test that data was successfully written - $this->assertInternalType('int', $cryptedFile); - - // disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // get the file info from previous created file - $fileInfo = $this->view->getFileInfo( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename); - - // check if we have a valid file info - $this->assertInstanceOf('\OC\Files\FileInfo', $fileInfo); - - // check if the unencrypted file size is stored - $this->assertGreaterThan(0, $fileInfo['unencrypted_size']); - - // re-enable the file proxy - \OC_FileProxy::$enabled = $proxyStatus; - - // share the file - \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER2, \OCP\Constants::PERMISSION_ALL); - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // check if share key for user1 exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); - - // login as user1 - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER2); - - // get file contents - $retrievedCryptedFile = $this->view->file_get_contents( - '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->filename); - - // check if data is the same as we previously written - $this->assertEquals($this->dataShort, $retrievedCryptedFile); - - // cleanup - if ($withTeardown) { - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // unshare the file - \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER2); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); - - // cleanup - $this->view->chroot('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/'); - $this->view->unlink($this->filename); - $this->view->chroot('/'); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - } - } - - function testDownloadVersions() { - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - $rootView = new \OC\Files\View(); - - // save file twice to create a new version - \OC\Files\Filesystem::file_put_contents($this->filename, "revision1"); - \OCA\Files_Versions\Storage::store($this->filename); - \OC\Files\Filesystem::file_put_contents($this->filename, "revision2"); - - // check if the owner can retrieve the correct version - $versions = \OCA\Files_Versions\Storage::getVersions(self::TEST_ENCRYPTION_SHARE_USER1, $this->filename); - $this->assertSame(1, count($versions)); - $version = reset($versions); - $versionUser1 = $rootView->file_get_contents('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_versions/' . $this->filename . '.v' . $version['version']); - $this->assertSame('revision1', $versionUser1); - - // share the file - $fileInfo = \OC\Files\Filesystem::getFileInfo($this->filename); - $this->assertInstanceOf('\OC\Files\FileInfo', $fileInfo); - $this->assertTrue(\OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER2, \OCP\Constants::PERMISSION_ALL)); - - // try to download the version as user2 - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER2); - $versionUser2 = $rootView->file_get_contents('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_versions/' . $this->filename . '.v' . $version['version']); - $this->assertSame('revision1', $versionUser2); - - //cleanup - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER2); - \OC\Files\Filesystem::unlink($this->filename); - } - - /** - * @medium - * @param bool $withTeardown - */ - function testReShareFile($withTeardown = true) { - $this->testShareFile(false); - - // login as user2 - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER2); - - // get the file info - $fileInfo = $this->view->getFileInfo( - '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->filename); - - // share the file with user3 - \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER3, \OCP\Constants::PERMISSION_ALL); - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // check if share key for user2 exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); - - // login as user2 - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER3); - - // get file contents - $retrievedCryptedFile = $this->view->file_get_contents( - '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '/files/' . $this->filename); - - // check if data is the same as previously written - $this->assertEquals($this->dataShort, $retrievedCryptedFile); - - // cleanup - if ($withTeardown) { - - // login as user1 - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER2); - - // unshare the file with user2 - \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER3); - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); - - // unshare the file with user1 - \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER2); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); - - // cleanup - $this->view->chroot('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/'); - $this->view->unlink($this->filename); - $this->view->chroot('/'); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - } - } - - /** - * @medium - * @param bool $withTeardown - * @return array - */ - function testShareFolder($withTeardown = true) { - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // create folder structure - $this->view->mkdir('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files' . $this->folder1); - $this->view->mkdir( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files' . $this->folder1 . $this->subfolder); - $this->view->mkdir( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files' . $this->folder1 . $this->subfolder - . $this->subsubfolder); - - // save file with content - $cryptedFile = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename, $this->dataShort); - - // test that data was successfully written - $this->assertInternalType('int', $cryptedFile); - - // disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // get the file info from previous created folder - $fileInfo = $this->view->getFileInfo( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files' . $this->folder1); - - // check if we have a valid file info - $this->assertInstanceOf('\OC\Files\FileInfo', $fileInfo); - - // re-enable the file proxy - \OC_FileProxy::$enabled = $proxyStatus; - - // share the folder with user1 - \OCP\Share::shareItem('folder', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER2, \OCP\Constants::PERMISSION_ALL); - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // check if share key for user1 exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' . $this->folder1 - . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); - - // login as user1 - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER2); - - // get file contents - $retrievedCryptedFile = $this->view->file_get_contents( - '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->folder1 - . $this->subfolder . $this->subsubfolder . '/' . $this->filename); - - // check if data is the same - $this->assertEquals($this->dataShort, $retrievedCryptedFile); - - // cleanup - if ($withTeardown) { - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // unshare the folder with user1 - \OCP\Share::unshare('folder', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER2); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' - . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); - - // cleanup - $this->view->chroot('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files'); - $this->view->unlink($this->folder1); - $this->view->chroot('/'); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' - . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - } - - return $fileInfo; - } - - /** - * @medium - * @param bool $withTeardown - */ - function testReShareFolder($withTeardown = true) { - $fileInfoFolder1 = $this->testShareFolder(false); - - // login as user2 - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER2); - - // disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // get the file info from previous created folder - $fileInfoSubFolder = $this->view->getFileInfo( - '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->folder1 - . $this->subfolder); - - // check if we have a valid file info - $this->assertInstanceOf('\OC\Files\FileInfo', $fileInfoSubFolder); - - // re-enable the file proxy - \OC_FileProxy::$enabled = $proxyStatus; - - // share the file with user3 - \OCP\Share::shareItem('folder', $fileInfoSubFolder['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER3, \OCP\Constants::PERMISSION_ALL); - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // check if share key for user3 exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' . $this->folder1 - . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); - - // login as user3 - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER3); - - // get file contents - $retrievedCryptedFile = $this->view->file_get_contents( - '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '/files/' . $this->subfolder - . $this->subsubfolder . '/' . $this->filename); - - // check if data is the same - $this->assertEquals($this->dataShort, $retrievedCryptedFile); - - // get the file info - $fileInfo = $this->view->getFileInfo( - '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '/files/' . $this->subfolder - . $this->subsubfolder . '/' . $this->filename); - - // check if we have fileInfos - $this->assertInstanceOf('\OC\Files\FileInfo', $fileInfo); - - // share the file with user3 - \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER4, \OCP\Constants::PERMISSION_ALL); - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // check if share key for user3 exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' . $this->folder1 - . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey')); - - // login as user3 - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER4); - - // get file contents - $retrievedCryptedFile = $this->view->file_get_contents( - '/' . self::TEST_ENCRYPTION_SHARE_USER4 . '/files/' . $this->filename); - - // check if data is the same - $this->assertEquals($this->dataShort, $retrievedCryptedFile); - - // cleanup - if ($withTeardown) { - - // login as user2 - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER3); - - // unshare the file with user3 - \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER4); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' - . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey')); - - // login as user1 - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER2); - - // unshare the folder with user2 - \OCP\Share::unshare('folder', $fileInfoSubFolder['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER3); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' - . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // unshare the folder1 with user1 - \OCP\Share::unshare('folder', $fileInfoFolder1['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER2); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' - . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); - - // cleanup - $this->view->chroot('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files'); - $this->view->unlink($this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename); - $this->view->chroot('/'); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' - . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - } - } - - - function testRemoteShareFile() { - // login as admin - //self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // save file with content - $cryptedFile = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename, $this->dataShort); - - // test that data was successfully written - $this->assertInternalType('int', $cryptedFile); - - // disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // get the file info from previous created file - $fileInfo = $this->view->getFileInfo( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename); - - // check if we have a valid file info - $this->assertInstanceOf('\OC\Files\FileInfo', $fileInfo); - - // check if the unencrypted file size is stored - $this->assertGreaterThan(0, $fileInfo['unencrypted_size']); - - // re-enable the file proxy - \OC_FileProxy::$enabled = $proxyStatus; - - // share the file - \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_REMOTE, 'user1@server1', \OCP\Constants::PERMISSION_ALL); - - $publicShareKeyId = \OC::$server->getAppConfig()->getValue('files_encryption', 'publicShareKeyId'); - - // check if share key for public exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . $publicShareKeyId . '.shareKey')); - - // unshare the file - \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_REMOTE, 'user1@server1'); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . $publicShareKeyId . '.shareKey')); - - // cleanup - $this->view->chroot('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/'); - $this->view->unlink($this->filename); - $this->view->chroot('/'); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - } - - function testPublicShareFile() { - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // save file with content - $cryptedFile = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename, $this->dataShort); - - // test that data was successfully written - $this->assertInternalType('int', $cryptedFile); - - // disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // get the file info from previous created file - $fileInfo = $this->view->getFileInfo( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename); - - // check if we have a valid file info - $this->assertInstanceOf('\OC\Files\FileInfo', $fileInfo); - - // check if the unencrypted file size is stored - $this->assertGreaterThan(0, $fileInfo['unencrypted_size']); - - // re-enable the file proxy - \OC_FileProxy::$enabled = $proxyStatus; - - // share the file - \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_LINK, false, \OCP\Constants::PERMISSION_ALL); - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - $publicShareKeyId = \OC::$server->getAppConfig()->getValue('files_encryption', 'publicShareKeyId'); - - // check if share key for public exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . $publicShareKeyId . '.shareKey')); - - // some hacking to simulate public link - //$GLOBALS['app'] = 'files_sharing'; - //$GLOBALS['fileOwner'] = self::TEST_ENCRYPTION_SHARE_USER1; - self::logoutHelper(); - - // get file contents - $retrievedCryptedFile = file_get_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename); - - // check if data is the same as we previously written - $this->assertEquals($this->dataShort, $retrievedCryptedFile); - - // tear down - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // unshare the file - \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_LINK, null); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . $publicShareKeyId . '.shareKey')); - - // cleanup - $this->view->chroot('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/'); - $this->view->unlink($this->filename); - $this->view->chroot('/'); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - } - - /** - * @medium - */ - function testShareFileWithGroup() { - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // save file with content - $cryptedFile = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename, $this->dataShort); - - // test that data was successfully written - $this->assertInternalType('int', $cryptedFile); - - // disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // get the file info from previous created file - $fileInfo = $this->view->getFileInfo( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename); - - // check if we have a valid file info - $this->assertInstanceOf('\OC\Files\FileInfo', $fileInfo); - - // check if the unencrypted file size is stored - $this->assertGreaterThan(0, $fileInfo['unencrypted_size']); - - // re-enable the file proxy - \OC_FileProxy::$enabled = $proxyStatus; - - // share the file - \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, self::TEST_ENCRYPTION_SHARE_GROUP1, \OCP\Constants::PERMISSION_ALL); - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // check if share key for user2 and user3 exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey')); - - // login as user1 - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER3); - - // get file contents - $retrievedCryptedFile = $this->view->file_get_contents( - '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '/files/' . $this->filename); - - // check if data is the same as we previously written - $this->assertEquals($this->dataShort, $retrievedCryptedFile); - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // unshare the file - \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, self::TEST_ENCRYPTION_SHARE_GROUP1); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey')); - - // cleanup - $this->view->chroot('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/'); - $this->view->unlink($this->filename); - $this->view->chroot('/'); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - - } - - /** - * @large - */ - function testRecoveryFile() { - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - \OCA\Files_Encryption\Helper::adminEnableRecovery(null, 'test123'); - $recoveryKeyId = \OC::$server->getAppConfig()->getValue('files_encryption', 'recoveryKeyId'); - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - $util = new \OCA\Files_Encryption\Util(new \OC\Files\View('/'), self::TEST_ENCRYPTION_SHARE_USER1); - - // check if recovery password match - $this->assertTrue($util->checkRecoveryPassword('test123')); - - // enable recovery for admin - $this->assertTrue($util->setRecoveryForUser(1)); - $util->addRecoveryKeys(); - - // create folder structure - $this->view->mkdir('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files' . $this->folder1); - $this->view->mkdir( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files' . $this->folder1 . $this->subfolder); - $this->view->mkdir( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files' . $this->folder1 . $this->subfolder - . $this->subsubfolder); - - // save file with content - $cryptedFile1 = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename, $this->dataShort); - $cryptedFile2 = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename, $this->dataShort); - - // test that data was successfully written - $this->assertInternalType('int', $cryptedFile1); - $this->assertInternalType('int', $cryptedFile2); - - // check if share key for admin and recovery exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . $recoveryKeyId . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->folder1 - . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->folder1 - . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . $recoveryKeyId . '.shareKey')); - - // disable recovery for admin - $this->assertTrue($util->setRecoveryForUser(0)); - - // remove all recovery keys - $util->removeRecoveryKeys('/'); - - // check if share key for recovery not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . $recoveryKeyId . '.shareKey')); - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->folder1 - . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . $recoveryKeyId . '.shareKey')); - - // enable recovery for admin - $this->assertTrue($util->setRecoveryForUser(1)); - - // add recovery keys again - $util->addRecoveryKeys('/'); - - // check if share key for admin and recovery exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . $recoveryKeyId . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->folder1 - . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . $recoveryKeyId . '.shareKey')); - - // cleanup - $this->view->chroot('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/'); - $this->view->unlink($this->filename); - $this->view->unlink($this->folder1); - $this->view->chroot('/'); - - // check if share key for recovery not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . $recoveryKeyId . '.shareKey')); - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->folder1 - . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . $recoveryKeyId . '.shareKey')); - - $this->assertTrue(\OCA\Files_Encryption\Helper::adminEnableRecovery(null, 'test123')); - $this->assertTrue(\OCA\Files_Encryption\Helper::adminDisableRecovery('test123')); - $this->assertEquals(0, \OC::$server->getAppConfig()->getValue('files_encryption', 'recoveryAdminEnabled')); - } - - /** - * @large - */ - function testRecoveryForUser() { - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - $result = \OCA\Files_Encryption\Helper::adminEnableRecovery(null, 'test123'); - $this->assertTrue($result); - - $recoveryKeyId = \OC::$server->getAppConfig()->getValue('files_encryption', 'recoveryKeyId'); - - // login as user2 - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER2); - - $util = new \OCA\Files_Encryption\Util(new \OC\Files\View('/'), self::TEST_ENCRYPTION_SHARE_USER2); - - // enable recovery for admin - $this->assertTrue($util->setRecoveryForUser(1)); - - // add recovery keys for existing files (e.g. the auto-generated welcome.txt) - $util->addRecoveryKeys(); - - // create folder structure - $this->view->mkdir('/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files' . $this->folder1); - $this->view->mkdir( - '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files' . $this->folder1 . $this->subfolder); - $this->view->mkdir( - '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files' . $this->folder1 . $this->subfolder - . $this->subsubfolder); - - // save file with content - $cryptedFile1 = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER2. '/files/' . $this->filename, $this->dataShort); - $cryptedFile2 = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename, $this->dataShort); - - // test that data was successfully written - $this->assertInternalType('int', $cryptedFile1); - $this->assertInternalType('int', $cryptedFile2); - - // check if share key for user and recovery exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' - . $this->filename . '/' . $recoveryKeyId . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' . $this->folder1 - . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' . $this->folder1 - . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . $recoveryKeyId . '.shareKey')); - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // change password - \OC_User::setPassword(self::TEST_ENCRYPTION_SHARE_USER2, 'test', 'test123'); - $params = array('uid' => self::TEST_ENCRYPTION_SHARE_USER2, - 'password' => 'test', - 'recoveryPassword' => 'test123'); - \OCA\Files_Encryption\Hooks::setPassphrase($params); - - // login as user2 - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER2, false, 'test'); - - // get file contents - $retrievedCryptedFile1 = file_get_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->filename); - $retrievedCryptedFile2 = file_get_contents( - 'crypt:///' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename); - - // check if data is the same as we previously written - $this->assertEquals($this->dataShort, $retrievedCryptedFile1); - $this->assertEquals($this->dataShort, $retrievedCryptedFile2); - - // cleanup - $this->view->chroot('/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files/'); - $this->view->unlink($this->folder1); - $this->view->unlink($this->filename); - $this->view->chroot('/'); - - // check if share key for user and recovery exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' - . $this->filename . '/' . $recoveryKeyId . '.shareKey')); - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' . $this->folder1 - . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' . $this->folder1 - . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '/' . $recoveryKeyId . '.shareKey')); - - // enable recovery for admin - $this->assertTrue($util->setRecoveryForUser(0)); - - \OCA\Files_Encryption\Helper::adminDisableRecovery('test123'); - $this->assertEquals(0, \OC::$server->getAppConfig()->getValue('files_encryption', 'recoveryAdminEnabled')); - - //clean up, reset passwords - \OC_User::setPassword(self::TEST_ENCRYPTION_SHARE_USER2, self::TEST_ENCRYPTION_SHARE_USER2, 'test123'); - $params = array('uid' => self::TEST_ENCRYPTION_SHARE_USER2, - 'password' => self::TEST_ENCRYPTION_SHARE_USER2, - 'recoveryPassword' => 'test123'); - \OCA\Files_Encryption\Hooks::setPassphrase($params); - } - - /** - * @medium - */ - function testFailShareFile() { - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // save file with content - $cryptedFile = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename, $this->dataShort); - - // test that data was successfully written - $this->assertInternalType('int', $cryptedFile); - - // disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // get the file info from previous created file - $fileInfo = $this->view->getFileInfo( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename); - - // check if we have a valid file info - $this->assertInstanceOf('\OC\Files\FileInfo', $fileInfo); - - // check if the unencrypted file size is stored - $this->assertGreaterThan(0, $fileInfo['unencrypted_size']); - - // break users public key - $this->view->rename(\OCA\Files_Encryption\Keymanager::getPublicKeyPath() . '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '.publicKey', - \OCA\Files_Encryption\Keymanager::getPublicKeyPath() . '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '.publicKey_backup'); - - // re-enable the file proxy - \OC_FileProxy::$enabled = $proxyStatus; - - // share the file - try { - \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, self::TEST_ENCRYPTION_SHARE_GROUP1, \OCP\Constants::PERMISSION_ALL); - } catch (\Exception $e) { - $this->assertEquals(0, strpos($e->getMessage(), "Following users are not set up for encryption")); - } - - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // check if share key for user1 not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); - - // disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - // break user1 public key - $this->view->rename( - \OCA\Files_Encryption\Keymanager::getPublicKeyPath() . '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '.publicKey_backup', - \OCA\Files_Encryption\Keymanager::getPublicKeyPath() . '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '.publicKey'); - - // remove share file - $this->view->unlink('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER3 - . '.shareKey'); - - // re-enable the file proxy - \OC_FileProxy::$enabled = $proxyStatus; - - // unshare the file with user1 - \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, self::TEST_ENCRYPTION_SHARE_GROUP1); - - // check if share key not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); - - // cleanup - $this->view->chroot('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/'); - $this->view->unlink($this->filename); - $this->view->chroot('/'); - } - - - /** - * test rename a shared file mount point - */ - function testRename() { - - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // save file with content - $cryptedFile = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename, $this->dataShort); - - // test that data was successfully written - $this->assertInternalType('int', $cryptedFile); - - // get the file info from previous created file - $fileInfo = $this->view->getFileInfo( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename); - - // check if we have a valid file info - $this->assertInstanceOf('\OC\Files\FileInfo', $fileInfo); - - // share the file - \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER2, \OCP\Constants::PERMISSION_ALL); - - // check if share key for user1 and user2 exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); - - - // login as user2 - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER2); - - $this->assertTrue($this->view->file_exists('/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->filename)); - - // get file contents - $retrievedCryptedFile = $this->view->file_get_contents( - '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->filename); - - // check if data is the same as we previously written - $this->assertEquals($this->dataShort, $retrievedCryptedFile); - - \OC\Files\Filesystem::mkdir($this->folder1); - - // move the file to a subfolder - \OC\Files\Filesystem::rename($this->filename, $this->folder1 . $this->filename); - - // check if we can read the moved file - $retrievedRenamedFile = $this->view->file_get_contents( - '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->folder1 . $this->filename); - - // check if data is the same as we previously written - $this->assertEquals($this->dataShort, $retrievedRenamedFile); - - // check if share key for user2 and user1 still exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); - - // cleanup - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - $this->view->unlink('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename); - } - - function testRenameGroupShare() { - // login as admin - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // save file with content - $cryptedFile = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename, $this->dataShort); - - // test that data was successfully written - $this->assertInternalType('int', $cryptedFile); - - // get the file info from previous created file - $fileInfo = $this->view->getFileInfo( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename); - - // check if we have a valid file info - $this->assertInstanceOf('\OC\Files\FileInfo', $fileInfo); - - // share the file - \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, self::TEST_ENCRYPTION_SHARE_GROUP1, \OCP\Constants::PERMISSION_ALL); - - // check if share key for user1, user3 and user4 exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey')); - - - // login as user2 - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER3); - - $this->assertTrue(\OC\Files\Filesystem::file_exists($this->filename)); - - // get file contents - $retrievedCryptedFile = \OC\Files\Filesystem::file_get_contents($this->filename); - - // check if data is the same as we previously written - $this->assertEquals($this->dataShort, $retrievedCryptedFile); - - \OC\Files\Filesystem::mkdir($this->folder1); - - // move the file to a subfolder - \OC\Files\Filesystem::rename($this->filename, $this->folder1 . $this->filename); - - // check if we can read the moved file - $retrievedRenamedFile = \OC\Files\Filesystem::file_get_contents($this->folder1 . $this->filename); - - // check if data is the same as we previously written - $this->assertEquals($this->dataShort, $retrievedRenamedFile); - - // check if share key for user1, user3 and user4 still exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' - . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey')); - - // cleanup - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - \OC\Files\Filesystem::unlink($this->filename); - } - - /** - * test if additional share keys are added if we move a folder to a shared parent - * @medium - */ - function testMoveFolder() { - - $view = new \OC\Files\View('/' . self::TEST_ENCRYPTION_SHARE_USER1); - - $filename = '/tmp-' . $this->getUniqueID(); - $folder = '/folder' . $this->getUniqueID(); - - \OC\Files\Filesystem::mkdir($folder); - - // Save long data as encrypted file using stream wrapper - $cryptedFile = \OC\Files\Filesystem::file_put_contents($folder . $filename, $this->dataShort); - - // Test that data was successfully written - $this->assertInternalType('int', $cryptedFile); - - // Get file decrypted contents - $decrypt = \OC\Files\Filesystem::file_get_contents($folder . $filename); - - $this->assertEquals($this->dataShort, $decrypt); - - $newFolder = '/newfolder/subfolder' . $this->getUniqueID(); - \OC\Files\Filesystem::mkdir('/newfolder'); - - // get the file info from previous created file - $fileInfo = \OC\Files\Filesystem::getFileInfo('/newfolder'); - $this->assertInstanceOf('\OC\Files\FileInfo', $fileInfo); - - // share the folder - \OCP\Share::shareItem('folder', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER2, \OCP\Constants::PERMISSION_ALL); - - \OC\Files\Filesystem::rename($folder, $newFolder); - - // Get file decrypted contents - $newDecrypt = \OC\Files\Filesystem::file_get_contents($newFolder . $filename); - $this->assertEquals($this->dataShort, $newDecrypt); - - // check if additional share key for user2 exists - $this->assertTrue($view->file_exists('files_encryption/keys' . $newFolder . '/' . $filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); - - // check that old keys were removed/moved properly - $this->assertFalse($view->file_exists('files_encryption/keys' . $folder . '/' . $filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); - - // tear down - \OC\Files\Filesystem::unlink($newFolder); - \OC\Files\Filesystem::unlink('/newfolder'); - } - - function usersProvider() { - return array( - // test as owner - array(self::TEST_ENCRYPTION_SHARE_USER1), - // test as share receiver - array(self::TEST_ENCRYPTION_SHARE_USER2), - ); - } - - /** - * @dataProvider usersProvider - */ - function testMoveFileToFolder($userId) { - $view = new \OC\Files\View('/' . self::TEST_ENCRYPTION_SHARE_USER1); - - $filename = '/tmp-' . $this->getUniqueID(); - $folder = '/folder' . $this->getUniqueID(); - - \OC\Files\Filesystem::mkdir($folder); - - // Save long data as encrypted file using stream wrapper - $cryptedFile = \OC\Files\Filesystem::file_put_contents($folder . $filename, $this->dataShort); - - // Test that data was successfully written - $this->assertInternalType('int', $cryptedFile); - - // Get file decrypted contents - $decrypt = \OC\Files\Filesystem::file_get_contents($folder . $filename); - - $this->assertEquals($this->dataShort, $decrypt); - - $subFolder = $folder . '/subfolder' . $this->getUniqueID(); - \OC\Files\Filesystem::mkdir($subFolder); - - // get the file info from previous created file - $fileInfo = \OC\Files\Filesystem::getFileInfo($folder); - $this->assertInstanceOf('\OC\Files\FileInfo', $fileInfo); - - // share the folder - \OCP\Share::shareItem('folder', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER2, \OCP\Constants::PERMISSION_ALL); - - // check that the share keys exist - $this->assertTrue($view->file_exists('files_encryption/keys' . $folder . '/' . $filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - $this->assertTrue($view->file_exists('files_encryption/keys' . $folder . '/' . $filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); - - // move the file into the subfolder as the test user - self::loginHelper($userId); - \OC\Files\Filesystem::rename($folder . $filename, $subFolder . $filename); - self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); - - // Get file decrypted contents - $newDecrypt = \OC\Files\Filesystem::file_get_contents($subFolder . $filename); - $this->assertEquals($this->dataShort, $newDecrypt); - - // check if additional share key for user2 exists - $this->assertTrue($view->file_exists('files_encryption/keys' . $subFolder . '/' . $filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - $this->assertTrue($view->file_exists('files_encryption/keys' . $subFolder . '/' . $filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); - - // check that old keys were removed/moved properly - $this->assertFalse($view->file_exists('files_encryption/keys' . $folder . '/' . $filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - $this->assertFalse($view->file_exists('files_encryption/keys' . $folder . '/' . $filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); - - // tear down - \OC\Files\Filesystem::unlink($subFolder); - \OC\Files\Filesystem::unlink($folder); - } - -} diff --git a/apps/files_encryption/tests/stream.php b/apps/files_encryption/tests/stream.php deleted file mode 100644 index 34e4ee6a32..0000000000 --- a/apps/files_encryption/tests/stream.php +++ /dev/null @@ -1,232 +0,0 @@ - - * @author Christopher Schäpers - * @author Florin Peter - * @author Joas Schilling - * @author Jörn Friedrich Dreyer - * @author Morris Jobke - * @author Thomas Müller - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption\Tests; - -/** - * Class Stream - * this class provide basic stream tests - */ -class Stream extends TestCase { - - const TEST_ENCRYPTION_STREAM_USER1 = "test-stream-user1"; - - public $userId; - public $pass; - /** - * @var \OC\Files\View - */ - public $view; - public $dataShort; - public $stateFilesTrashbin; - - public static function setUpBeforeClass() { - parent::setUpBeforeClass(); - - // create test user - self::loginHelper(self::TEST_ENCRYPTION_STREAM_USER1, true); - } - - protected function setUp() { - parent::setUp(); - - // set user id - \OC_User::setUserId(self::TEST_ENCRYPTION_STREAM_USER1); - $this->userId = self::TEST_ENCRYPTION_STREAM_USER1; - $this->pass = self::TEST_ENCRYPTION_STREAM_USER1; - - // init filesystem view - $this->view = new \OC\Files\View('/'); - - // init short data - $this->dataShort = 'hats'; - - // remember files_trashbin state - $this->stateFilesTrashbin = \OC_App::isEnabled('files_trashbin'); - - // we don't want to tests with app files_trashbin enabled - \OC_App::disable('files_trashbin'); - } - - protected function tearDown() { - // reset app files_trashbin - if ($this->stateFilesTrashbin) { - \OC_App::enable('files_trashbin'); - } - else { - \OC_App::disable('files_trashbin'); - } - - parent::tearDown(); - } - - public static function tearDownAfterClass() { - // cleanup test user - \OC_User::deleteUser(self::TEST_ENCRYPTION_STREAM_USER1); - - parent::tearDownAfterClass(); - } - - function testStreamOptions() { - $filename = '/tmp-' . $this->getUniqueID(); - $view = new \OC\Files\View('/' . $this->userId . '/files'); - - // Save short data as encrypted file using stream wrapper - $cryptedFile = $view->file_put_contents($filename, $this->dataShort); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - $handle = $view->fopen($filename, 'r'); - - // check if stream is at position zero - $this->assertEquals(0, ftell($handle)); - - // set stream options - $this->assertTrue(flock($handle, LOCK_SH)); - $this->assertTrue(flock($handle, LOCK_UN)); - - fclose($handle); - - // tear down - $view->unlink($filename); - } - - function testStreamSetBlocking() { - $filename = '/tmp-' . $this->getUniqueID(); - $view = new \OC\Files\View('/' . $this->userId . '/files'); - - // Save short data as encrypted file using stream wrapper - $cryptedFile = $view->file_put_contents($filename, $this->dataShort); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - $handle = $view->fopen($filename, 'r'); - - - if (\OC_Util::runningOnWindows()) { - fclose($handle); - $view->unlink($filename); - $this->markTestSkipped('[Windows] stream_set_blocking() does not work as expected on Windows.'); - } - - // set stream options - $this->assertTrue(stream_set_blocking($handle, 1)); - - fclose($handle); - - // tear down - $view->unlink($filename); - } - - /** - * @medium - */ - function testStreamSetTimeout() { - $filename = '/tmp-' . $this->getUniqueID(); - $view = new \OC\Files\View('/' . $this->userId . '/files'); - - // Save short data as encrypted file using stream wrapper - $cryptedFile = $view->file_put_contents($filename, $this->dataShort); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - $handle = $view->fopen($filename, 'r'); - - // set stream options - $this->assertFalse(stream_set_timeout($handle, 1)); - - fclose($handle); - - // tear down - $view->unlink($filename); - } - - function testStreamSetWriteBuffer() { - $filename = '/tmp-' . $this->getUniqueID(); - $view = new \OC\Files\View('/' . $this->userId . '/files'); - - // Save short data as encrypted file using stream wrapper - $cryptedFile = $view->file_put_contents($filename, $this->dataShort); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - $handle = $view->fopen($filename, 'r'); - - // set stream options - $this->assertEquals(0, stream_set_write_buffer($handle, 1024)); - - fclose($handle); - - // tear down - $view->unlink($filename); - } - - /** - * @medium - * test if stream wrapper can read files outside from the data folder - */ - function testStreamFromLocalFile() { - - $filename = '/' . $this->userId . '/files/' . 'tmp-' . $this->getUniqueID().'.txt'; - - $tmpFilename = "/tmp/" . $this->getUniqueID() . ".txt"; - - // write an encrypted file - $cryptedFile = $this->view->file_put_contents($filename, $this->dataShort); - - // Test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - // create a copy outside of the data folder in /tmp - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - $encryptedContent = $this->view->file_get_contents($filename); - \OC_FileProxy::$enabled = $proxyStatus; - - file_put_contents($tmpFilename, $encryptedContent); - - \OCA\Files_Encryption\Helper::addTmpFileToMapper($tmpFilename, $filename); - - // try to read the file from /tmp - $handle = fopen("crypt://".$tmpFilename, "r"); - $contentFromTmpFile = stream_get_contents($handle); - - // check if it was successful - $this->assertEquals($this->dataShort, $contentFromTmpFile); - - fclose($handle); - - // clean up - unlink($tmpFilename); - $this->view->unlink($filename); - - } -} diff --git a/apps/files_encryption/tests/testcase.php b/apps/files_encryption/tests/testcase.php deleted file mode 100644 index c03147fabc..0000000000 --- a/apps/files_encryption/tests/testcase.php +++ /dev/null @@ -1,111 +0,0 @@ - - * @author Joas Schilling - * @author Morris Jobke - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption\Tests; - -/** - * Class TestCase - */ -abstract class TestCase extends \Test\TestCase { - - /** - * @param string $user - * @param bool $create - * @param bool $password - */ - public static function loginHelper($user, $create = false, $password = false, $loadEncryption = true) { - if ($create) { - try { - \OC_User::createUser($user, $user); - } catch (\Exception $e) { - // catch username is already being used from previous aborted runs - } - } - - if ($password === false) { - $password = $user; - } - - \OC_Util::tearDownFS(); - \OC_User::setUserId(''); - \OC\Files\Filesystem::tearDown(); - \OC::$server->getUserSession()->setUser(new \OC\User\User($user, new \OC_User_Database())); - \OC_Util::setupFS($user); - - if ($loadEncryption) { - $params['uid'] = $user; - $params['password'] = $password; - \OCA\Files_Encryption\Hooks::login($params); - } - } - - public static function logoutHelper() { - \OC_Util::tearDownFS(); - \OC_User::setUserId(false); - \OC\Files\Filesystem::tearDown(); - } - - public static function setUpBeforeClass() { - parent::setUpBeforeClass(); - - // reset backend - \OC_User::clearBackends(); - \OC_User::useBackend('database'); - - \OCA\Files_Encryption\Helper::registerFilesystemHooks(); - \OCA\Files_Encryption\Helper::registerUserHooks(); - \OCA\Files_Encryption\Helper::registerShareHooks(); - - \OC::registerShareHooks(); - \OCP\Util::connectHook('OC_Filesystem', 'setup', '\OC\Files\Storage\Shared', 'setup'); - - // clear and register hooks - \OC_FileProxy::clearProxies(); - \OC_FileProxy::register(new \OCA\Files_Encryption\Proxy()); - } - - public static function tearDownAfterClass() { - \OC_Hook::clear(); - \OC_FileProxy::clearProxies(); - - // Delete keys in /data/ - $view = new \OC\Files\View('/'); - $view->deleteAll('files_encryption'); - - parent::tearDownAfterClass(); - } - - protected function tearDown() { - parent::tearDown(); - $this->resetKeyCache(); - } - - protected function resetKeyCache() { - // reset key cache for every testrun - $keyCache = new \ReflectionProperty('\OCA\Files_Encryption\Keymanager', 'key_cache'); - $keyCache->setAccessible(true); - $keyCache->setValue(array()); - $keyCache->setAccessible(false); - } - -} diff --git a/apps/files_encryption/tests/trashbin.php b/apps/files_encryption/tests/trashbin.php deleted file mode 100755 index 84785738bf..0000000000 --- a/apps/files_encryption/tests/trashbin.php +++ /dev/null @@ -1,346 +0,0 @@ - - * @author Christopher Schäpers - * @author Florin Peter - * @author Joas Schilling - * @author Jörn Friedrich Dreyer - * @author Morris Jobke - * @author Thomas Müller - * @author Vincent Petry - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption\Tests; - -/** - * Class Trashbin - * this class provide basic trashbin app tests - */ -class Trashbin extends TestCase { - - const TEST_ENCRYPTION_TRASHBIN_USER1 = "test-trashbin-user1"; - - public $userId; - public $pass; - /** - * @var \OC\Files\View - */ - public $view; - public $dataShort; - public $stateFilesTrashbin; - public $folder1; - public $subfolder; - public $subsubfolder; - - public static function setUpBeforeClass() { - parent::setUpBeforeClass(); - - // trashbin hooks - \OCA\Files_Trashbin\Trashbin::registerHooks(); - - // create test user - self::loginHelper(self::TEST_ENCRYPTION_TRASHBIN_USER1, true); - } - - protected function setUp() { - parent::setUp(); - - // set user id - \OC_User::setUserId(self::TEST_ENCRYPTION_TRASHBIN_USER1); - $this->userId = self::TEST_ENCRYPTION_TRASHBIN_USER1; - $this->pass = self::TEST_ENCRYPTION_TRASHBIN_USER1; - - // init filesystem view - $this->view = new \OC\Files\View('/'); - - // init short data - $this->dataShort = 'hats'; - - $this->folder1 = '/folder1'; - $this->subfolder = '/subfolder1'; - $this->subsubfolder = '/subsubfolder1'; - - // remember files_trashbin state - $this->stateFilesTrashbin = \OC_App::isEnabled('files_trashbin'); - - // we want to tests with app files_trashbin enabled - \OC_App::enable('files_trashbin'); - } - - protected function tearDown() { - // reset app files_trashbin - if ($this->stateFilesTrashbin) { - \OC_App::enable('files_trashbin'); - } - else { - \OC_App::disable('files_trashbin'); - } - - parent::tearDown(); - } - - public static function tearDownAfterClass() { - // cleanup test user - \OC_User::deleteUser(self::TEST_ENCRYPTION_TRASHBIN_USER1); - - \OC\Files\Filesystem::getLoader()->removeStorageWrapper('oc_trashbin'); - - parent::tearDownAfterClass(); - } - - /** - * @medium - * test delete file - */ - function testDeleteFile() { - - // generate filename - $filename = 'tmp-' . $this->getUniqueID() . '.txt'; - $filename2 = $filename . '.backup'; // a second file with similar name - - // save file with content - $cryptedFile = file_put_contents('crypt:///' .self::TEST_ENCRYPTION_TRASHBIN_USER1. '/files/'. $filename, $this->dataShort); - $cryptedFile2 = file_put_contents('crypt:///' .self::TEST_ENCRYPTION_TRASHBIN_USER1. '/files/'. $filename2, $this->dataShort); - - // test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - $this->assertTrue(is_int($cryptedFile2)); - - // check if key for admin exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/fileKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename2 . '/fileKey')); - - // check if share key for admin exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' - . $filename . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' - . $filename2 . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); - - // delete first file - \OC\Files\Filesystem::unlink($filename); - - // check if file not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files/' . $filename)); - - // check if key for admin not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/fileKey')); - - // check if share key for admin not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' - . $filename . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); - - // check that second file still exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files/' . $filename2)); - - // check that key for second file still exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename2 . '/fileKey')); - - // check that share key for second file still exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' - . $filename2 . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); - - // get files - $trashFiles = \OCA\Files_Trashbin\Helper::getTrashFiles('/', self::TEST_ENCRYPTION_TRASHBIN_USER1); - - // find created file with timestamp - $timestamp = null; - foreach ($trashFiles as $file) { - if ($file['name'] === $filename) { - $timestamp = $file['mtime']; - break; - } - } - - // check if we found the file we created - $this->assertNotNull($timestamp); - - $this->assertTrue($this->view->is_dir('/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename . '.d' . $timestamp)); - - // check if key for admin not exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename . '.d' . $timestamp . '/fileKey')); - - // check if share key for admin not exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename - . '.d' . $timestamp . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); - } - - /** - * @medium - * test restore file - */ - function testRestoreFile() { - // generate filename - $filename = 'tmp-' . $this->getUniqueID() . '.txt'; - $filename2 = $filename . '.backup'; // a second file with similar name - - // save file with content - file_put_contents('crypt:///' . self::TEST_ENCRYPTION_TRASHBIN_USER1. '/files/'. $filename, $this->dataShort); - file_put_contents('crypt:///' . self::TEST_ENCRYPTION_TRASHBIN_USER1. '/files/'. $filename2, $this->dataShort); - - // delete both files - \OC\Files\Filesystem::unlink($filename); - \OC\Files\Filesystem::unlink($filename2); - - $trashFiles = \OCA\Files_Trashbin\Helper::getTrashFiles('/', self::TEST_ENCRYPTION_TRASHBIN_USER1); - - // find created file with timestamp - $timestamp = null; - foreach ($trashFiles as $file) { - if ($file['name'] === $filename) { - $timestamp = $file['mtime']; - break; - } - } - - // make sure that we have a timestamp - $this->assertNotNull($timestamp); - - // before calling the restore operation the keys shouldn't be there - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/fileKey')); - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' - . $filename . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); - - // restore first file - $this->assertTrue(\OCA\Files_Trashbin\Trashbin::restore($filename . '.d' . $timestamp, $filename, $timestamp)); - - // check if file exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files/' . $filename)); - - // check if key for admin exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/fileKey')); - - // check if share key for admin exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' - . $filename . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); - - // check that second file was NOT restored - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files/' . $filename2)); - - // check if key for admin exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename2 . '/fileKey')); - - // check if share key for admin exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' - . $filename2 . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); - } - - /** - * @medium - * test delete file forever - */ - function testPermanentDeleteFile() { - - // generate filename - $filename = 'tmp-' . $this->getUniqueID() . '.txt'; - - // save file with content - $cryptedFile = file_put_contents('crypt:///' .$this->userId. '/files/' . $filename, $this->dataShort); - - // test that data was successfully written - $this->assertTrue(is_int($cryptedFile)); - - // check if key for admin exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/fileKey')); - - // check if share key for admin exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' - . $filename . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); - - // delete file - \OC\Files\Filesystem::unlink($filename); - - // check if file not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files/' . $filename)); - - // check if key for admin not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/' - . $filename . '.key')); - - // check if share key for admin not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' - . $filename . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); - - // find created file with timestamp - $query = \OC_DB::prepare('SELECT `timestamp`,`type` FROM `*PREFIX*files_trash`' - . ' WHERE `id`=?'); - $result = $query->execute(array($filename))->fetchRow(); - - $this->assertTrue(is_array($result)); - - // build suffix - $trashFileSuffix = 'd' . $result['timestamp']; - - // check if key for admin exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename - . '.' . $trashFileSuffix . '/fileKey')); - - // check if share key for admin exists - $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' - . $filename . '.' . $trashFileSuffix . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); - - // get timestamp from file - $timestamp = str_replace('d', '', $trashFileSuffix); - - // delete file forever - $this->assertGreaterThan(0, \OCA\Files_Trashbin\Trashbin::delete($filename, $this->userId, $timestamp)); - - // check if key for admin not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/files/' . $filename . '.' - . $trashFileSuffix)); - - // check if key for admin not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename - . '.' . $trashFileSuffix . '/fileKey')); - - // check if share key for admin not exists - $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename - . '.' . $trashFileSuffix . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); - } - -} diff --git a/apps/files_encryption/tests/util.php b/apps/files_encryption/tests/util.php deleted file mode 100755 index 4174a0da0d..0000000000 --- a/apps/files_encryption/tests/util.php +++ /dev/null @@ -1,693 +0,0 @@ - - * @author Björn Schießle - * @author Florin Peter - * @author Joas Schilling - * @author Jörn Friedrich Dreyer - * @author Markus Goetz - * @author Morris Jobke - * @author Robin Appelman - * @author Robin McCorkell - * @author Sam Tuke - * @author Thomas Müller - * @author Vincent Petry - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\Files_Encryption\Tests; - -/** - * Class Util - */ -class Util extends TestCase { - - const TEST_ENCRYPTION_UTIL_USER1 = "test-util-user1"; - const TEST_ENCRYPTION_UTIL_USER2 = "test-util-user2"; - const TEST_ENCRYPTION_UTIL_GROUP1 = "test-util-group1"; - const TEST_ENCRYPTION_UTIL_GROUP2 = "test-util-group2"; - const TEST_ENCRYPTION_UTIL_LEGACY_USER = "test-legacy-user"; - - public $userId; - public $encryptionDir; - public $publicKeyDir; - public $pass; - /** - * @var \OC\Files\View - */ - public $view; - public $keysPath; - public $publicKeyPath; - public $privateKeyPath; - /** - * @var \OCA\Files_Encryption\Util - */ - public $util; - public $dataShort; - public $legacyEncryptedData; - public $legacyEncryptedDataKey; - public $legacyKey; - public $stateFilesTrashbin; - - public static function setUpBeforeClass() { - parent::setUpBeforeClass(); - - // create test user - self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1, true); - self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER2, true); - self::loginHelper(self::TEST_ENCRYPTION_UTIL_LEGACY_USER, true); - - // create groups - \OC_Group::createGroup(self::TEST_ENCRYPTION_UTIL_GROUP1); - \OC_Group::createGroup(self::TEST_ENCRYPTION_UTIL_GROUP2); - - // add user 1 to group1 - \OC_Group::addToGroup(self::TEST_ENCRYPTION_UTIL_USER1, self::TEST_ENCRYPTION_UTIL_GROUP1); - } - - protected function setUp() { - parent::setUp(); - - // login user - self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1); - \OC_User::setUserId(self::TEST_ENCRYPTION_UTIL_USER1); - $this->userId = self::TEST_ENCRYPTION_UTIL_USER1; - $this->pass = self::TEST_ENCRYPTION_UTIL_USER1; - - // set content for encrypting / decrypting in tests - $this->dataUrl = __DIR__ . '/../lib/crypt.php'; - $this->dataShort = 'hats'; - $this->dataLong = file_get_contents(__DIR__ . '/../lib/crypt.php'); - $this->legacyData = __DIR__ . '/legacy-text.txt'; - $this->legacyEncryptedData = __DIR__ . '/legacy-encrypted-text.txt'; - $this->legacyEncryptedDataKey = __DIR__ . '/encryption.key'; - $this->legacyKey = "30943623843030686906\0\0\0\0"; - - $keypair = \OCA\Files_Encryption\Crypt::createKeypair(); - - $this->genPublicKey = $keypair['publicKey']; - $this->genPrivateKey = $keypair['privateKey']; - - $this->publicKeyDir = \OCA\Files_Encryption\Keymanager::getPublicKeyPath(); - $this->encryptionDir = '/' . $this->userId . '/' . 'files_encryption'; - $this->keysPath = $this->encryptionDir . '/' . 'keys'; - $this->publicKeyPath = - $this->publicKeyDir . '/' . $this->userId . '.publicKey'; // e.g. data/public-keys/admin.publicKey - $this->privateKeyPath = - $this->encryptionDir . '/' . $this->userId . '.privateKey'; // e.g. data/admin/admin.privateKey - - $this->view = new \OC\Files\View('/'); - - $this->util = new \OCA\Files_Encryption\Util($this->view, $this->userId); - - // remember files_trashbin state - $this->stateFilesTrashbin = \OC_App::isEnabled('files_trashbin'); - - // we don't want to tests with app files_trashbin enabled - \OC_App::disable('files_trashbin'); - } - - protected function tearDown() { - // reset app files_trashbin - if ($this->stateFilesTrashbin) { - \OC_App::enable('files_trashbin'); - } - else { - \OC_App::disable('files_trashbin'); - } - - parent::tearDown(); - } - - public static function tearDownAfterClass() { - // cleanup test user - \OC_User::deleteUser(self::TEST_ENCRYPTION_UTIL_USER1); - \OC_User::deleteUser(self::TEST_ENCRYPTION_UTIL_USER2); - \OC_User::deleteUser(self::TEST_ENCRYPTION_UTIL_LEGACY_USER); - - //cleanup groups - \OC_Group::deleteGroup(self::TEST_ENCRYPTION_UTIL_GROUP1); - \OC_Group::deleteGroup(self::TEST_ENCRYPTION_UTIL_GROUP2); - - parent::tearDownAfterClass(); - } - - /** - * @medium - * test that paths set during User construction are correct - */ - function testKeyPaths() { - $util = new \OCA\Files_Encryption\Util($this->view, $this->userId); - - $this->assertEquals($this->publicKeyDir, $util->getPath('publicKeyDir')); - $this->assertEquals($this->encryptionDir, $util->getPath('encryptionDir')); - $this->assertEquals($this->keysPath, $util->getPath('keysPath')); - $this->assertEquals($this->publicKeyPath, $util->getPath('publicKeyPath')); - $this->assertEquals($this->privateKeyPath, $util->getPath('privateKeyPath')); - - } - - /** - * @medium - * test detection of encrypted files - */ - function testIsEncryptedPath() { - - $util = new \OCA\Files_Encryption\Util($this->view, $this->userId); - - self::loginHelper($this->userId); - - $unencryptedFile = '/tmpUnencrypted-' . $this->getUniqueID() . '.txt'; - $encryptedFile = '/tmpEncrypted-' . $this->getUniqueID() . '.txt'; - - // Disable encryption proxy to write a unencrypted file - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - $this->view->file_put_contents($this->userId . '/files/' . $unencryptedFile, $this->dataShort); - - // Re-enable proxy - our work is done - \OC_FileProxy::$enabled = $proxyStatus; - - // write a encrypted file - $this->view->file_put_contents($this->userId . '/files/' . $encryptedFile, $this->dataShort); - - // test if both files are detected correctly - $this->assertFalse($util->isEncryptedPath($this->userId . '/files/' . $unencryptedFile)); - $this->assertTrue($util->isEncryptedPath($this->userId . '/files/' . $encryptedFile)); - - // cleanup - $this->view->unlink($this->userId . '/files/' . $unencryptedFile); - $this->view->unlink($this->userId . '/files/' . $encryptedFile); - - } - - /** - * @medium - * test setup of encryption directories - */ - function testSetupServerSide() { - $this->assertEquals(true, $this->util->setupServerSide($this->pass)); - } - - /** - * @medium - * test checking whether account is ready for encryption, - */ - function testUserIsReady() { - $this->assertEquals(true, $this->util->ready()); - } - - /** - * test checking whether account is not ready for encryption, - */ -// function testUserIsNotReady() { -// $this->view->unlink($this->publicKeyDir); -// -// $params['uid'] = $this->userId; -// $params['password'] = $this->pass; -// $this->assertFalse(OCA\Files_Encryption\Hooks::login($params)); -// -// $this->view->unlink($this->privateKeyPath); -// } - - /** - * @medium - */ - function testRecoveryEnabledForUser() { - - $util = new \OCA\Files_Encryption\Util($this->view, $this->userId); - - // Record the value so we can return it to it's original state later - $enabled = $util->recoveryEnabledForUser(); - - $this->assertTrue($util->setRecoveryForUser(!$enabled)); - - $this->assertEquals(!$enabled, $util->recoveryEnabledForUser()); - - $this->assertTrue($util->setRecoveryForUser($enabled)); - - $this->assertEquals($enabled, $util->recoveryEnabledForUser()); - - - } - - /** - * @medium - */ - function testGetUidAndFilename() { - - \OC_User::setUserId(self::TEST_ENCRYPTION_UTIL_USER1); - - $filename = '/tmp-' . $this->getUniqueID() . '.test'; - - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - $this->view->file_put_contents($this->userId . '/files/' . $filename, $this->dataShort); - - // Re-enable proxy - our work is done - \OC_FileProxy::$enabled = $proxyStatus; - - $util = new \OCA\Files_Encryption\Util($this->view, $this->userId); - - list($fileOwnerUid, $file) = $util->getUidAndFilename($filename); - - $this->assertEquals(self::TEST_ENCRYPTION_UTIL_USER1, $fileOwnerUid); - - $this->assertEquals($file, $filename); - - $this->view->unlink($this->userId . '/files/' . $filename); - } - - /** - * Test that data that is read by the crypto stream wrapper - */ - function testGetFileSize() { - self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1); - - $filename = 'tmp-' . $this->getUniqueID(); - $externalFilename = '/' . $this->userId . '/files/' . $filename; - - // Test for 0 byte files - $problematicFileSizeData = ""; - $cryptedFile = $this->view->file_put_contents($externalFilename, $problematicFileSizeData); - $this->assertTrue(is_int($cryptedFile)); - $this->assertEquals($this->util->getFileSize($externalFilename), 0); - $decrypt = $this->view->file_get_contents($externalFilename); - $this->assertEquals($problematicFileSizeData, $decrypt); - $this->view->unlink($this->userId . '/files/' . $filename); - - // Test a file with 18377 bytes as in https://github.com/owncloud/mirall/issues/1009 - $problematicFileSizeData = str_pad("", 18377, "abc"); - $cryptedFile = $this->view->file_put_contents($externalFilename, $problematicFileSizeData); - $this->assertTrue(is_int($cryptedFile)); - $this->assertEquals($this->util->getFileSize($externalFilename), 18377); - $decrypt = $this->view->file_get_contents($externalFilename); - $this->assertEquals($problematicFileSizeData, $decrypt); - $this->view->unlink($this->userId . '/files/' . $filename); - } - - function testEncryptAll() { - - $filename = "/encryptAll" . $this->getUniqueID() . ".txt"; - $util = new \OCA\Files_Encryption\Util($this->view, $this->userId); - - // disable encryption to upload a unencrypted file - \OC_App::disable('files_encryption'); - - $this->view->file_put_contents($this->userId . '/files/' . $filename, $this->dataShort); - - $fileInfoUnencrypted = $this->view->getFileInfo($this->userId . '/files/' . $filename); - - $this->assertTrue($fileInfoUnencrypted instanceof \OC\Files\FileInfo); - - // enable file encryption again - \OC_App::enable('files_encryption'); - - // encrypt all unencrypted files - $util->encryptAll('/' . $this->userId . '/' . 'files'); - - $fileInfoEncrypted = $this->view->getFileInfo($this->userId . '/files/' . $filename); - - $this->assertTrue($fileInfoEncrypted instanceof \OC\Files\FileInfo); - - // check if mtime and etags unchanged - $this->assertEquals($fileInfoEncrypted['mtime'], $fileInfoUnencrypted['mtime']); - $this->assertSame($fileInfoEncrypted['etag'], $fileInfoUnencrypted['etag']); - - $this->view->unlink($this->userId . '/files/' . $filename); - } - - function testDecryptAll() { - - $filename = "/decryptAll" . $this->getUniqueID() . ".txt"; - $datadir = \OC_Config::getValue('datadirectory', \OC::$SERVERROOT . '/data/'); - $userdir = $datadir . '/' . $this->userId . '/files/'; - - $this->view->file_put_contents($this->userId . '/files/' . $filename, $this->dataShort); - - $fileInfoEncrypted = $this->view->getFileInfo($this->userId . '/files/' . $filename); - - $this->assertTrue($fileInfoEncrypted instanceof \OC\Files\FileInfo); - $this->assertEquals($fileInfoEncrypted['encrypted'], 1); - - $encContent = file_get_contents($userdir . $filename); - - \OC_App::disable('files_encryption'); - - $user = \OCP\User::getUser(); - $this->logoutHelper(); - $this->loginHelper($user, false, false, false); - - $content = file_get_contents($userdir . $filename); - - //content should be encrypted - $this->assertSame($encContent, $content); - - // now we load the encryption app again - \OC_App::loadApp('files_encryption'); - - // init encryption app - $params = array('uid' => \OCP\User::getUser(), - 'password' => \OCP\User::getUser()); - - $view = new \OC\Files\View('/'); - $util = new \OCA\Files_Encryption\Util($view, \OCP\User::getUser()); - - $result = $util->initEncryption($params); - - $this->assertTrue($result instanceof \OCA\Files_Encryption\Session); - - $successful = $util->decryptAll(); - - $this->assertTrue($successful); - - $this->logoutHelper(); - $this->loginHelper($user, false, false, false); - - // file should be unencrypted and fileInfo should contain the correct values - $content = file_get_contents($userdir . $filename); - - // now we should get the plain data - $this->assertSame($this->dataShort, $content); - - $fileInfoUnencrypted = $this->view->getFileInfo($this->userId . '/files/' . $filename); - $this->assertTrue($fileInfoUnencrypted instanceof \OC\Files\FileInfo); - - // check if mtime and etags unchanged - $this->assertEquals($fileInfoEncrypted['mtime'], $fileInfoUnencrypted['mtime']); - $this->assertSame($fileInfoEncrypted['etag'], $fileInfoUnencrypted['etag']); - // file should no longer be encrypted - $this->assertEquals(0, $fileInfoUnencrypted['encrypted']); - - $backupPath = $this->getBackupPath('decryptAll'); - - // check if the keys where moved to the backup location - $this->assertTrue($this->view->is_dir($backupPath . '/keys')); - $this->assertTrue($this->view->file_exists($backupPath . '/keys/' . $filename . '/fileKey')); - $this->assertTrue($this->view->file_exists($backupPath . '/keys/' . $filename . '/' . $user . '.shareKey')); - - // cleanup - $this->view->unlink($this->userId . '/files/' . $filename); - $this->view->deleteAll($backupPath); - \OC_App::enable('files_encryption'); - - } - - private function createDummyKeysForBackupTest() { - // create some dummy key files - $encPath = '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '/files_encryption'; - $this->view->mkdir($encPath . '/keys/foo'); - $this->view->file_put_contents($encPath . '/keys/foo/fileKey', 'key'); - $this->view->file_put_contents($encPath . '/keys/foo/user1.shareKey', 'share key'); - } - - /** - * test if all keys get moved to the backup folder correctly - * - * @dataProvider dataBackupAllKeys - */ - function testBackupAllKeys($addTimestamp, $includeUserKeys) { - self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1); - - $this->createDummyKeysForBackupTest(); - - $util = new \OCA\Files_Encryption\Util($this->view, self::TEST_ENCRYPTION_UTIL_USER1); - - $util->backupAllKeys('testBackupAllKeys', $addTimestamp, $includeUserKeys); - - $backupPath = $this->getBackupPath('testBackupAllKeys'); - - // check backupDir Content - $this->assertTrue($this->view->is_dir($backupPath . '/keys')); - $this->assertTrue($this->view->is_dir($backupPath . '/keys/foo')); - $this->assertTrue($this->view->file_exists($backupPath . '/keys/foo/fileKey')); - $this->assertTrue($this->view->file_exists($backupPath . '/keys/foo/user1.shareKey')); - - if ($includeUserKeys) { - $this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.privateKey')); - $this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.publicKey')); - } else { - $this->assertFalse($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.privateKey')); - $this->assertFalse($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.publicKey')); - } - - //cleanup - $this->view->deleteAll($backupPath); - $this->view->unlink($this->encryptionDir . '/keys/foo/fileKey'); - $this->view->unlink($this->encryptionDir . '/keys/foo/user1.shareKey'); - } - - function dataBackupAllKeys() { - return array( - array(true, true), - array(false, true), - array(true, false), - array(false, false), - ); - } - - - /** - * @dataProvider dataBackupAllKeys - */ - function testRestoreBackup($addTimestamp, $includeUserKeys) { - - $util = new \OCA\Files_Encryption\Util($this->view, self::TEST_ENCRYPTION_UTIL_USER1); - $this->createDummyKeysForBackupTest(); - - $util->backupAllKeys('restoreKeysBackupTest', $addTimestamp, $includeUserKeys); - $this->view->deleteAll($this->keysPath); - if ($includeUserKeys) { - $this->view->unlink($this->privateKeyPath); - $this->view->unlink($this->publicKeyPath); - } - - // key should be removed after backup was created - $this->assertFalse($this->view->is_dir($this->keysPath)); - if ($includeUserKeys) { - $this->assertFalse($this->view->file_exists($this->privateKeyPath)); - $this->assertFalse($this->view->file_exists($this->publicKeyPath)); - } - - $backupPath = $this->getBackupPath('restoreKeysBackupTest'); - $backupName = substr(basename($backupPath), strlen('backup.')); - - $this->assertTrue($util->restoreBackup($backupName)); - - // check if all keys are restored - $this->assertFalse($this->view->is_dir($backupPath)); - $this->assertTrue($this->view->is_dir($this->keysPath)); - $this->assertTrue($this->view->is_dir($this->keysPath . '/foo')); - $this->assertTrue($this->view->file_exists($this->keysPath . '/foo/fileKey')); - $this->assertTrue($this->view->file_exists($this->keysPath . '/foo/user1.shareKey')); - $this->assertTrue($this->view->file_exists($this->privateKeyPath)); - $this->assertTrue($this->view->file_exists($this->publicKeyPath)); - } - - function testDeleteBackup() { - $util = new \OCA\Files_Encryption\Util($this->view, self::TEST_ENCRYPTION_UTIL_USER1); - $this->createDummyKeysForBackupTest(); - - $util->backupAllKeys('testDeleteBackup', false, false); - - $this->assertTrue($this->view->is_dir($this->encryptionDir . '/backup.testDeleteBackup')); - - $util->deleteBackup('testDeleteBackup'); - - $this->assertFalse($this->view->is_dir($this->encryptionDir . '/backup.testDeleteBackup')); - } - - function testDescryptAllWithBrokenFiles() { - - $file1 = "/decryptAll1" . $this->getUniqueID() . ".txt"; - $file2 = "/decryptAll2" . $this->getUniqueID() . ".txt"; - - $util = new \OCA\Files_Encryption\Util($this->view, $this->userId); - - $this->view->file_put_contents($this->userId . '/files/' . $file1, $this->dataShort); - $this->view->file_put_contents($this->userId . '/files/' . $file2, $this->dataShort); - - $fileInfoEncrypted1 = $this->view->getFileInfo($this->userId . '/files/' . $file1); - $fileInfoEncrypted2 = $this->view->getFileInfo($this->userId . '/files/' . $file2); - - $this->assertTrue($fileInfoEncrypted1 instanceof \OC\Files\FileInfo); - $this->assertTrue($fileInfoEncrypted2 instanceof \OC\Files\FileInfo); - $this->assertEquals($fileInfoEncrypted1['encrypted'], 1); - $this->assertEquals($fileInfoEncrypted2['encrypted'], 1); - - // rename keyfile for file1 so that the decryption for file1 fails - // Expected behaviour: decryptAll() returns false, file2 gets decrypted anyway - $this->view->rename($this->userId . '/files_encryption/keys/' . $file1 . '/fileKey', - $this->userId . '/files_encryption/keys/' . $file1 . '/fileKey.moved'); - - // need to reset key cache that we don't use the cached key - $this->resetKeyCache(); - - // decrypt all encrypted files - $result = $util->decryptAll(); - - $this->assertFalse($result); - - $fileInfoUnencrypted1 = $this->view->getFileInfo($this->userId . '/files/' . $file1); - $fileInfoUnencrypted2 = $this->view->getFileInfo($this->userId . '/files/' . $file2); - - $this->assertTrue($fileInfoUnencrypted1 instanceof \OC\Files\FileInfo); - $this->assertTrue($fileInfoUnencrypted2 instanceof \OC\Files\FileInfo); - - // file1 should be still encrypted; file2 should be decrypted - $this->assertEquals(1, $fileInfoUnencrypted1['encrypted']); - $this->assertEquals(0, $fileInfoUnencrypted2['encrypted']); - - // keyfiles and share keys should still exist - $this->assertTrue($this->view->is_dir($this->userId . '/files_encryption/keys/')); - $this->assertTrue($this->view->file_exists($this->userId . '/files_encryption/keys/' . $file1 . '/fileKey.moved')); - $this->assertTrue($this->view->file_exists($this->userId . '/files_encryption/keys/' . $file1 . '/' . $this->userId . '.shareKey')); - - // rename the keyfile for file1 back - $this->view->rename($this->userId . '/files_encryption/keys/' . $file1 . '/fileKey.moved', - $this->userId . '/files_encryption/keys/' . $file1 . '/fileKey'); - - // try again to decrypt all encrypted files - $result = $util->decryptAll(); - - $this->assertTrue($result); - - $fileInfoUnencrypted1 = $this->view->getFileInfo($this->userId . '/files/' . $file1); - $fileInfoUnencrypted2 = $this->view->getFileInfo($this->userId . '/files/' . $file2); - - $this->assertTrue($fileInfoUnencrypted1 instanceof \OC\Files\FileInfo); - $this->assertTrue($fileInfoUnencrypted2 instanceof \OC\Files\FileInfo); - - // now both files should be decrypted - $this->assertEquals(0, $fileInfoUnencrypted1['encrypted']); - $this->assertEquals(0, $fileInfoUnencrypted2['encrypted']); - - // keyfiles and share keys should be deleted - $this->assertFalse($this->view->is_dir($this->userId . '/files_encryption/keys/')); - - //cleanup - $backupPath = $this->getBackupPath('decryptAll'); - $this->view->unlink($this->userId . '/files/' . $file1); - $this->view->unlink($this->userId . '/files/' . $file2); - $this->view->deleteAll($backupPath); - - } - - function getBackupPath($extension) { - $encPath = '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '/files_encryption'; - $encFolderContent = $this->view->getDirectoryContent($encPath); - - $backupPath = ''; - foreach ($encFolderContent as $c) { - $name = $c['name']; - if (substr($name, 0, strlen('backup.' . $extension)) === 'backup.' . $extension) { - $backupPath = $encPath . '/'. $c['name']; - break; - } - } - - return $backupPath; - } - - /** - * @dataProvider dataProviderFortestIsMountPointApplicableToUser - */ - function testIsMountPointApplicableToUser($mount, $expectedResult) { - self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1); - $dummyClass = new DummyUtilClass($this->view, self::TEST_ENCRYPTION_UTIL_USER1); - $result = $dummyClass->testIsMountPointApplicableToUser($mount); - - $this->assertSame($expectedResult, $result); - } - - function dataProviderFortestIsMountPointApplicableToUser() { - return array( - array(array('applicable' => array('groups' => array(), 'users' => array(self::TEST_ENCRYPTION_UTIL_USER1))), true), - array(array('applicable' => array('groups' => array(), 'users' => array(self::TEST_ENCRYPTION_UTIL_USER2))), false), - array(array('applicable' => array('groups' => array(self::TEST_ENCRYPTION_UTIL_GROUP1), 'users' => array())), true), - array(array('applicable' => array('groups' => array(self::TEST_ENCRYPTION_UTIL_GROUP1), 'users' => array(self::TEST_ENCRYPTION_UTIL_USER2))), true), - array(array('applicable' => array('groups' => array(self::TEST_ENCRYPTION_UTIL_GROUP2), 'users' => array(self::TEST_ENCRYPTION_UTIL_USER2))), false), - array(array('applicable' => array('groups' => array(self::TEST_ENCRYPTION_UTIL_GROUP2), 'users' => array(self::TEST_ENCRYPTION_UTIL_USER2, 'all'))), true), - array(array('applicable' => array('groups' => array(self::TEST_ENCRYPTION_UTIL_GROUP2), 'users' => array('all'))), true), - ); - } - - /** - * Tests that filterShareReadyUsers() returns the correct list of - * users that are ready or not ready for encryption - */ - public function testFilterShareReadyUsers() { - $appConfig = \OC::$server->getAppConfig(); - - $publicShareKeyId = $appConfig->getValue('files_encryption', 'publicShareKeyId'); - $recoveryKeyId = $appConfig->getValue('files_encryption', 'recoveryKeyId'); - - $usersToTest = array( - 'readyUser', - 'notReadyUser', - 'nonExistingUser', - $publicShareKeyId, - $recoveryKeyId, - ); - self::loginHelper('readyUser', true); - self::loginHelper('notReadyUser', true); - // delete encryption dir to make it not ready - $this->view->unlink('notReadyUser/files_encryption/'); - - // login as user1 - self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1); - - $result = $this->util->filterShareReadyUsers($usersToTest); - $this->assertEquals( - array('readyUser', $publicShareKeyId, $recoveryKeyId), - $result['ready'] - ); - $this->assertEquals( - array('notReadyUser', 'nonExistingUser'), - $result['unready'] - ); - \OC_User::deleteUser('readyUser'); - } - - /** - * helper function to set migration status to the right value - * to be able to test the migration path - * - * @param integer $status needed migration status for test - * @param string $user for which user the status should be set - * @return boolean - */ - private function setMigrationStatus($status, $user) { - \OC::$server->getConfig()->setUserValue($user, 'files_encryption', 'migration_status', (string)$status); - // the update will definitely be executed -> return value is always true - return true; - } - -} - -/** - * dummy class extends \OCA\Files_Encryption\Util to access protected methods for testing - */ -class DummyUtilClass extends \OCA\Files_Encryption\Util { - public function testIsMountPointApplicableToUser($mount) { - return $this->isMountPointApplicableToUser($mount); - } -} diff --git a/apps/files_encryption/tests/zeros b/apps/files_encryption/tests/zeros deleted file mode 100644 index ff982acf423cad62041f225497e099ba5520961c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 10238 zcmeIu0Sy2E0K%a6Pi+o2h(KY$fB^#r3>YwAz<>b*1`HT5V8DO@0|pEjFkrxd0RsjM P7%*VKfB^#r415g?C;k8d From 99255ff3a92b2d242f3c723979341951a303f83d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 30 Mar 2015 21:44:28 +0200 Subject: [PATCH 037/119] Fix - public sharing: in case on user is available - get it from the path --- lib/private/files/storage/wrapper/encryption.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php index 8892194f32..cea7a38d41 100644 --- a/lib/private/files/storage/wrapper/encryption.php +++ b/lib/private/files/storage/wrapper/encryption.php @@ -244,8 +244,13 @@ class Encryption extends Wrapper { if($shouldEncrypt === true && !$this->util->isExcluded($fullPath) && $encryptionModule !== null) { $source = $this->storage->fopen($path, $mode); + $uid = $this->uid; + if (is_null($uid)) { + list($owner, ) = $this->util->getUidAndFilename($fullPath); + $uid = $owner; + } $handle = \OC\Files\Stream\Encryption::wrap($source, $path, $fullPath, $header, - $this->uid, $encryptionModule, $this->storage, $this, $this->util, $mode, + $uid, $encryptionModule, $this->storage, $this, $this->util, $mode, $size, $unencryptedSize); return $handle; } else { From 00338f9dca97fd7b48d96201fd607cf460c385ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 30 Mar 2015 22:10:04 +0200 Subject: [PATCH 038/119] Removing files_encryption left overs --- apps/encryption/settings/settings-personal.php | 1 - apps/encryption/templates/settings-admin.php | 2 +- apps/encryption/templates/settings-personal.php | 2 +- apps/files/index.php | 4 ---- apps/files_sharing/tests/testcase.php | 16 ---------------- apps/files_trashbin/tests/trashbin.php | 6 ------ core/application.php | 4 ++-- lib/private/connector/sabre/file.php | 2 +- lib/private/files.php | 2 +- tests/lib/cache/file.php | 6 ------ tests/lib/cache/usercache.php | 6 ------ tests/lib/files/cache/updaterlegacy.php | 11 ----------- 12 files changed, 6 insertions(+), 56 deletions(-) diff --git a/apps/encryption/settings/settings-personal.php b/apps/encryption/settings/settings-personal.php index d1da649e37..3266351a07 100644 --- a/apps/encryption/settings/settings-personal.php +++ b/apps/encryption/settings/settings-personal.php @@ -35,7 +35,6 @@ $util = new \OCA\Encryption\Util( \OC::$server->getUserSession(), \OC::$server->getConfig()); -$session = new \OCA\Files_Encryption\Session($view); $session = \OC::$server->getSession(); $privateKeySet = $session->get('privateKey') !== false; diff --git a/apps/encryption/templates/settings-admin.php b/apps/encryption/templates/settings-admin.php index 616c593f6f..b64e75512e 100644 --- a/apps/encryption/templates/settings-admin.php +++ b/apps/encryption/templates/settings-admin.php @@ -7,7 +7,7 @@ script('core', 'multiselect');

t('ownCloud basic encryption module')); ?>

- + t("Encryption App is enabled but your keys are not initialized, please log-out and log-in again")); ?>

diff --git a/apps/encryption/templates/settings-personal.php b/apps/encryption/templates/settings-personal.php index a28df9ac0e..b7aa0239ee 100644 --- a/apps/encryption/templates/settings-personal.php +++ b/apps/encryption/templates/settings-personal.php @@ -5,7 +5,7 @@

t('ownCloud basic encryption module')); ?>

- + t("Encryption App is enabled but your keys are not initialized, please log-out and log-in again")); ?> diff --git a/apps/files/index.php b/apps/files/index.php index cfc5b931e1..3f93285902 100644 --- a/apps/files/index.php +++ b/apps/files/index.php @@ -86,10 +86,6 @@ $dirInfo = \OC\Files\Filesystem::getFileInfo('/', false); $storageInfo=OC_Helper::getStorageInfo('/', $dirInfo); // if the encryption app is disabled, than everything is fine (INIT_SUCCESSFUL status code) $encryptionInitStatus = 2; -if (OC_App::isEnabled('files_encryption')) { - $session = new \OCA\Files_Encryption\Session(new \OC\Files\View('/')); - $encryptionInitStatus = $session->getInitialized(); -} $nav = new OCP\Template('files', 'appnavigation', ''); diff --git a/apps/files_sharing/tests/testcase.php b/apps/files_sharing/tests/testcase.php index 6a831bf5f6..bef727edac 100644 --- a/apps/files_sharing/tests/testcase.php +++ b/apps/files_sharing/tests/testcase.php @@ -45,7 +45,6 @@ abstract class TestCase extends \Test\TestCase { const TEST_FILES_SHARING_API_GROUP1 = "test-share-group1"; - public static $stateFilesEncryption; public $filename; public $data; /** @@ -58,12 +57,6 @@ abstract class TestCase extends \Test\TestCase { public static function setUpBeforeClass() { parent::setUpBeforeClass(); - // remember files_encryption state - self::$stateFilesEncryption = \OC_App::isEnabled('files_encryption'); - - //we don't want to tests with app files_encryption enabled - \OC_App::disable('files_encryption'); - // reset backend \OC_User::clearBackends(); \OC_Group::clearBackends(); @@ -100,8 +93,6 @@ abstract class TestCase extends \Test\TestCase { $this->data = 'foobar'; $this->view = new \OC\Files\View('/' . self::TEST_FILES_SHARING_API_USER1 . '/files'); - - $this->assertFalse(\OC_App::isEnabled('files_encryption')); } protected function tearDown() { @@ -120,13 +111,6 @@ abstract class TestCase extends \Test\TestCase { // delete group \OC_Group::deleteGroup(self::TEST_FILES_SHARING_API_GROUP1); - // reset app files_encryption - if (self::$stateFilesEncryption) { - \OC_App::enable('files_encryption'); - } else { - \OC_App::disable('files_encryption'); - } - \OC_Util::tearDownFS(); \OC_User::setUserId(''); Filesystem::tearDown(); diff --git a/apps/files_trashbin/tests/trashbin.php b/apps/files_trashbin/tests/trashbin.php index b3176ebbe9..c98de79cbd 100644 --- a/apps/files_trashbin/tests/trashbin.php +++ b/apps/files_trashbin/tests/trashbin.php @@ -36,7 +36,6 @@ class Test_Trashbin extends \Test\TestCase { private $trashRoot1; private $trashRoot2; - private static $encryptionStatus; private static $rememberRetentionObligation; private static $rememberAutoExpire; @@ -58,7 +57,6 @@ class Test_Trashbin extends \Test\TestCase { \OCP\Util::connectHook('OC_Filesystem', 'setup', '\OC\Files\Storage\Shared', 'setup'); //disable encryption - self::$encryptionStatus = \OC_App::isEnabled('files_encryption'); \OC_App::disable('files_encryption'); //configure trashbin @@ -82,10 +80,6 @@ class Test_Trashbin extends \Test\TestCase { // cleanup test user \OC_User::deleteUser(self::TEST_TRASHBIN_USER1); - if (self::$encryptionStatus === true) { - \OC_App::enable('files_encryption'); - } - \OC_Config::setValue('trashbin_retention_obligation', self::$rememberRetentionObligation); \OC_Config::setValue('trashbin_auto_expire', self::$rememberAutoExpire); diff --git a/core/application.php b/core/application.php index 5d12ea0280..cca2c60011 100644 --- a/core/application.php +++ b/core/application.php @@ -88,8 +88,8 @@ class Application extends App { /** * Core class wrappers */ - $container->registerService('IsEncryptionEnabled', function() { - return \OC_App::isEnabled('files_encryption'); + $container->registerService('IsEncryptionEnabled', function(SimpleContainer $c) { + return $c->query('ServerContainer')->getEncryptionManager()->isEnabled(); }); $container->registerService('URLGenerator', function(SimpleContainer $c) { return $c->query('ServerContainer')->getURLGenerator(); diff --git a/lib/private/connector/sabre/file.php b/lib/private/connector/sabre/file.php index 4fbcb73268..5b8cb17a81 100644 --- a/lib/private/connector/sabre/file.php +++ b/lib/private/connector/sabre/file.php @@ -190,7 +190,7 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { } else { try { return $this->fileView->fopen(ltrim($this->path, '/'), 'rb'); - } catch (\OCA\Files_Encryption\Exception\EncryptionException $e) { + } catch (\OCP\Encryption\Exception\EncryptionException $e) { throw new \Sabre\DAV\Exception\Forbidden($e->getMessage()); } catch (\OCP\Files\StorageNotAvailableException $e) { throw new \Sabre\DAV\Exception\ServiceUnavailable("Failed to open file: ".$e->getMessage()); diff --git a/lib/private/files.php b/lib/private/files.php index d0c1baa0c1..97f9d8163b 100644 --- a/lib/private/files.php +++ b/lib/private/files.php @@ -122,7 +122,7 @@ class OC_Files { if ($get_type === self::FILE) { $zip = false; - if ($xsendfile && OC_App::isEnabled('files_encryption')) { + if ($xsendfile && \OC::$server->getEncryptionManager()->isEnabled()) { $xsendfile = false; } } else { diff --git a/tests/lib/cache/file.php b/tests/lib/cache/file.php index d51322036c..1bf7491081 100644 --- a/tests/lib/cache/file.php +++ b/tests/lib/cache/file.php @@ -41,12 +41,6 @@ class FileCache extends \Test_Cache { \OC_FileProxy::clearProxies(); \OC_Hook::clear('OC_Filesystem'); - //disabled atm - //enable only the encryption hook if needed - //if(OC_App::isEnabled('files_encryption')) { - // OC_FileProxy::register(new OC_FileProxy_Encryption()); - //} - //set up temporary storage $this->storage = \OC\Files\Filesystem::getStorage('/'); \OC\Files\Filesystem::clearMounts(); diff --git a/tests/lib/cache/usercache.php b/tests/lib/cache/usercache.php index 3822a714d5..63667a3d34 100644 --- a/tests/lib/cache/usercache.php +++ b/tests/lib/cache/usercache.php @@ -37,12 +37,6 @@ class UserCache extends \Test_Cache { \OC_FileProxy::clearProxies(); \OC_Hook::clear('OC_Filesystem'); - //disabled atm - //enable only the encryption hook if needed - //if(OC_App::isEnabled('files_encryption')) { - // OC_FileProxy::register(new OC_FileProxy_Encryption()); - //} - //set up temporary storage $this->storage = \OC\Files\Filesystem::getStorage('/'); \OC\Files\Filesystem::clearMounts(); diff --git a/tests/lib/files/cache/updaterlegacy.php b/tests/lib/files/cache/updaterlegacy.php index 99cacca8e9..6bdacbe34f 100644 --- a/tests/lib/files/cache/updaterlegacy.php +++ b/tests/lib/files/cache/updaterlegacy.php @@ -22,8 +22,6 @@ class UpdaterLegacy extends \Test\TestCase { */ private $scanner; - private $stateFilesEncryption; - /** * @var \OC\Files\Cache\Cache $cache */ @@ -37,11 +35,6 @@ class UpdaterLegacy extends \Test\TestCase { protected function setUp() { parent::setUp(); - // remember files_encryption state - $this->stateFilesEncryption = \OC_App::isEnabled('files_encryption'); - // we want to tests with the encryption app disabled - \OC_App::disable('files_encryption'); - $this->storage = new \OC\Files\Storage\Temporary(array()); $textData = "dummy file data\n"; $imgData = file_get_contents(\OC::$SERVERROOT . '/core/img/logo.png'); @@ -80,10 +73,6 @@ class UpdaterLegacy extends \Test\TestCase { $this->assertTrue($result); Filesystem::tearDown(); Filesystem::mount($this->originalStorage, array(), '/'); - // reset app files_encryption - if ($this->stateFilesEncryption) { - \OC_App::enable('files_encryption'); - } parent::tearDown(); } From dbdd754c3fc37dc3100a9741f956d913e6d64576 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 30 Mar 2015 22:36:48 +0200 Subject: [PATCH 039/119] Further cleanup of files_encryption --- apps/encryption/lib/crypto/crypt.php | 10 +--------- build/license.php | 2 +- lib/base.php | 3 --- lib/private/app.php | 2 +- lib/private/connector/sabre/file.php | 4 +++- lib/private/encryption/keys/storage.php | 6 +++--- tests/enable_all.php | 1 - 7 files changed, 9 insertions(+), 19 deletions(-) diff --git a/apps/encryption/lib/crypto/crypt.php b/apps/encryption/lib/crypto/crypt.php index c9f02bfa1c..ea7f9e1cdf 100644 --- a/apps/encryption/lib/crypto/crypt.php +++ b/apps/encryption/lib/crypto/crypt.php @@ -25,9 +25,6 @@ namespace OCA\Encryption\Crypto; use OC\Encryption\Exceptions\DecryptionFailedException; use OC\Encryption\Exceptions\EncryptionFailedException; use OC\Encryption\Exceptions\GenericEncryptionException; -use OCA\Encryption\KeyManager; -use OCA\Files_Encryption\Exception\MultiKeyDecryptException; -use OCA\Files_Encryption\Exception\MultiKeyEncryptException; use OCP\IConfig; use OCP\ILogger; use OCP\IUser; @@ -35,11 +32,6 @@ use OCP\IUserSession; class Crypt { - const ENCRYPTION_UKNOWN_ERROR = -1; - const ENCRYPTION_NOT_INIALIZED_ERROR = 1; - const ENCRYPTIION_PRIVATE_KEY_NOT_VALID_ERROR = 2; - const ENCRYPTION_NO_SHARE_KEY_FOUND = 3; - const BLOCKSIZE = 8192; const DEFAULT_CIPHER = 'AES-256-CFB'; @@ -97,7 +89,7 @@ class Crypt { 'privateKey' => $privateKey ]; } - $log->error('Encryption library couldn\'t export users private key, please check your servers openSSL configuration.' . $user->getUID(), + $log->error('Encryption library couldn\'t export users private key, please check your servers openSSL configuration.' . $this->user->getUID(), ['app' => 'encryption']); if (openssl_error_string()) { $log->error('Encryption Library:' . openssl_error_string(), diff --git a/build/license.php b/build/license.php index a8d82b084e..6e3806e146 100644 --- a/build/license.php +++ b/build/license.php @@ -166,7 +166,7 @@ if (isset($argv[1])) { } else { $licenses->exec([ '../apps/files', - '../apps/files_encryption', + '../apps/encryption', '../apps/files_external', '../apps/files_sharing', '../apps/files_trashbin', diff --git a/lib/base.php b/lib/base.php index 5d1e16296c..44395be627 100644 --- a/lib/base.php +++ b/lib/base.php @@ -743,9 +743,6 @@ class OC { ); \OCP\Util::connectHook('OCP\Share', 'post_shared', $updater, 'postShared'); \OCP\Util::connectHook('OCP\Share', 'post_unshare', $updater, 'postUnshared'); - - //\OCP\Util::connectHook('OC_Filesystem', 'post_umount', 'OCA\Files_Encryption\Hooks', 'postUnmount'); - //\OCP\Util::connectHook('OC_Filesystem', 'umount', 'OCA\Files_Encryption\Hooks', 'preUnmount'); } } diff --git a/lib/private/app.php b/lib/private/app.php index 84bc23608f..4b3d4b82b8 100644 --- a/lib/private/app.php +++ b/lib/private/app.php @@ -207,7 +207,7 @@ class OC_App { self::$shippedApps = json_decode(file_get_contents($shippedJson), true); self::$shippedApps = self::$shippedApps['shippedApps']; } else { - self::$shippedApps = ['files', 'files_encryption', 'files_external', + self::$shippedApps = ['files', 'encryption', 'files_external', 'files_sharing', 'files_trashbin', 'files_versions', 'provisioning_api', 'user_ldap', 'user_webdavauth']; } diff --git a/lib/private/connector/sabre/file.php b/lib/private/connector/sabre/file.php index 5b8cb17a81..58579f42df 100644 --- a/lib/private/connector/sabre/file.php +++ b/lib/private/connector/sabre/file.php @@ -35,6 +35,8 @@ namespace OC\Connector\Sabre; +use OC\Encryption\Exceptions\GenericEncryptionException; + class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { /** @@ -125,7 +127,7 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { } catch (\OCP\Files\LockNotAcquiredException $e) { // the file is currently being written to by another process throw new \OC\Connector\Sabre\Exception\FileLocked($e->getMessage(), $e->getCode(), $e); - } catch (\OCA\Files_Encryption\Exception\EncryptionException $e) { + } catch (GenericEncryptionException $e) { throw new \Sabre\DAV\Exception\Forbidden($e->getMessage()); } catch (\OCP\Files\StorageNotAvailableException $e) { throw new \Sabre\DAV\Exception\ServiceUnavailable("Failed to write file contents: ".$e->getMessage()); diff --git a/lib/private/encryption/keys/storage.php b/lib/private/encryption/keys/storage.php index 041db2a2cb..82753df1dc 100644 --- a/lib/private/encryption/keys/storage.php +++ b/lib/private/encryption/keys/storage.php @@ -23,9 +23,9 @@ namespace OC\Encryption\Keys; +use OC\Encryption\Exceptions\GenericEncryptionException; use OC\Encryption\Util; use OC\Files\View; -use OCA\Files_Encryption\Exception\EncryptionException; class Storage implements \OCP\Encryption\Keys\IStorage { @@ -253,13 +253,13 @@ class Storage implements \OCP\Encryption\Keys\IStorage { * * @param string $path path to the file, relative to data/ * @return string - * @throws EncryptionException + * @throws GenericEncryptionException * @internal param string $keyId */ private function getFileKeyDir($path) { if ($this->view->is_dir($path)) { - throw new EncryptionException('file was expected but directory was given', EncryptionException::GENERIC); + throw new GenericEncryptionException('file was expected but directory was given'); } list($owner, $filename) = $this->util->getUidAndFilename($path); diff --git a/tests/enable_all.php b/tests/enable_all.php index 61c94e6eff..464155b1f3 100644 --- a/tests/enable_all.php +++ b/tests/enable_all.php @@ -18,7 +18,6 @@ function enableApp($app) { enableApp('files_sharing'); enableApp('files_trashbin'); -enableApp('files_encryption'); enableApp('encryption'); enableApp('user_ldap'); enableApp('files_versions'); From 1b42b492dce562596b8b57a11546728f697c4f38 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 30 Mar 2015 22:45:58 +0200 Subject: [PATCH 040/119] kill OC_FileProxy :boom: --- apps/encryption/lib/keymanager.php | 6 -- apps/files_trashbin/lib/trashbin.php | 27 ------ apps/files_versions/lib/storage.php | 14 --- lib/private/cache/file.php | 9 -- lib/private/filechunking.php | 4 +- lib/private/fileproxy.php | 138 --------------------------- lib/private/files/view.php | 22 +---- lib/private/server.php | 12 --- tests/bootstrap.php | 1 - tests/lib/cache/file.php | 1 - tests/lib/cache/usercache.php | 1 - tests/lib/testcase.php | 11 --- 12 files changed, 6 insertions(+), 240 deletions(-) delete mode 100644 lib/private/fileproxy.php diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index 68fb722c5e..d9b670c3f5 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -375,10 +375,6 @@ class KeyManager { $keyPair = $this->crypt->createKeyPair(); - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - // Save public key $this->setPublicKey($user, $keyPair['publicKey']); @@ -395,8 +391,6 @@ class KeyManager { } else { $this->log->error('Encryption Could not update users encryption password'); } - - \OC_FileProxy::$enabled = $proxyStatus; } } } diff --git a/apps/files_trashbin/lib/trashbin.php b/apps/files_trashbin/lib/trashbin.php index 6bdbac49aa..8d352e3631 100644 --- a/apps/files_trashbin/lib/trashbin.php +++ b/apps/files_trashbin/lib/trashbin.php @@ -183,8 +183,6 @@ class Trashbin { $userTrashSize = self::getTrashbinSize($user); // disable proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; $trashPath = '/files_trashbin/files/' . $filename . '.d' . $timestamp; try { $sizeOfAddedFiles = $view->filesize('/files/' . $file_path); @@ -199,7 +197,6 @@ class Trashbin { } \OC_Log::write('files_trashbin', 'Couldn\'t move ' . $file_path . ' to the trash bin', \OC_log::ERROR); } - \OC_FileProxy::$enabled = $proxyStatus; if ($view->file_exists('/files/' . $file_path)) { // failed to delete the original file, abort $view->unlink($trashPath); @@ -251,10 +248,6 @@ class Trashbin { $size = 0; if (\OCP\App::isEnabled('files_versions')) { - // disable proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - $user = \OCP\User::getUser(); $rootView = new \OC\Files\View('/'); @@ -279,9 +272,6 @@ class Trashbin { $rootView->rename($owner . '/files_versions' . $v['path'] . '.v' . $v['version'], $user . '/files_trashbin/versions/' . $filename . '.v' . $v['version'] . '.d' . $timestamp); } } - - // enable proxy - \OC_FileProxy::$enabled = $proxyStatus; } return $size; @@ -369,10 +359,6 @@ class Trashbin { $target = \OC\Files\Filesystem::normalizePath('files/' . $location . '/' . $uniqueFilename); $mtime = $view->filemtime($source); - // disable proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - // restore file $restoreResult = $view->rename($source, $target); @@ -393,15 +379,9 @@ class Trashbin { $query->execute(array($user, $filename, $timestamp)); } - // enable proxy - \OC_FileProxy::$enabled = $proxyStatus; - return true; } - // enable proxy - \OC_FileProxy::$enabled = $proxyStatus; - return false; } @@ -419,9 +399,6 @@ class Trashbin { private static function restoreVersions(\OC\Files\View $view, $file, $filename, $uniqueFilename, $location, $timestamp) { if (\OCP\App::isEnabled('files_versions')) { - // disable proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; $user = \OCP\User::getUser(); $rootView = new \OC\Files\View('/'); @@ -432,7 +409,6 @@ class Trashbin { // file has been deleted in between if (empty($ownerPath)) { - \OC_FileProxy::$enabled = $proxyStatus; return false; } @@ -453,9 +429,6 @@ class Trashbin { } } } - - // enable proxy - \OC_FileProxy::$enabled = $proxyStatus; } } diff --git a/apps/files_versions/lib/storage.php b/apps/files_versions/lib/storage.php index 01a7935c0c..125fb5d983 100644 --- a/apps/files_versions/lib/storage.php +++ b/apps/files_versions/lib/storage.php @@ -160,18 +160,11 @@ class Storage { self::scheduleExpire($filename, $versionsSize, $neededSpace); - // disable proxy to prevent multiple fopen calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - // store a new version of a file $mtime = $users_view->filemtime('files/' . $filename); $users_view->copy('files/' . $filename, 'files_versions/' . $filename . '.v' . $mtime); // call getFileInfo to enforce a file cache entry for the new version $users_view->getFileInfo('files_versions/' . $filename . '.v' . $mtime); - - // reset proxy state - \OC_FileProxy::$enabled = $proxyStatus; } } @@ -283,15 +276,8 @@ class Storage { $version = 'files_versions'.$filename.'.v'.$users_view->filemtime('files'.$filename); if ( !$users_view->file_exists($version)) { - // disable proxy to prevent multiple fopen calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - $users_view->copy('files'.$filename, 'files_versions'.$filename.'.v'.$users_view->filemtime('files'.$filename)); - // reset proxy state - \OC_FileProxy::$enabled = $proxyStatus; - $versionCreated = true; } diff --git a/lib/private/cache/file.php b/lib/private/cache/file.php index 8874acbb1e..c70698eb7f 100644 --- a/lib/private/cache/file.php +++ b/lib/private/cache/file.php @@ -67,13 +67,10 @@ class File { */ public function get($key) { $result = null; - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; if ($this->hasKey($key)) { $storage = $this->getStorage(); $result = $storage->file_get_contents($key); } - \OC_FileProxy::$enabled = $proxyStatus; return $result; } @@ -85,13 +82,10 @@ class File { */ public function size($key) { $result = 0; - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; if ($this->hasKey($key)) { $storage = $this->getStorage(); $result = $storage->filesize($key); } - \OC_FileProxy::$enabled = $proxyStatus; return $result; } @@ -101,7 +95,6 @@ class File { public function set($key, $value, $ttl = 0) { $storage = $this->getStorage(); $result = false; - $proxyStatus = \OC_FileProxy::$enabled; // unique id to avoid chunk collision, just in case $uniqueId = \OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate( 16, @@ -111,7 +104,6 @@ class File { // use part file to prevent hasKey() to find the key // while it is being written $keyPart = $key . '.' . $uniqueId . '.part'; - \OC_FileProxy::$enabled = false; if ($storage and $storage->file_put_contents($keyPart, $value)) { if ($ttl === 0) { $ttl = 86400; // 60*60*24 @@ -119,7 +111,6 @@ class File { $result = $storage->touch($keyPart, time() + $ttl); $result &= $storage->rename($keyPart, $key); } - \OC_FileProxy::$enabled = $proxyStatus; return $result; } diff --git a/lib/private/filechunking.php b/lib/private/filechunking.php index e8a58b2538..82bf61fa7b 100644 --- a/lib/private/filechunking.php +++ b/lib/private/filechunking.php @@ -189,8 +189,7 @@ class OC_FileChunking { $absolutePath = \OC\Files\Filesystem::normalizePath(\OC\Files\Filesystem::getView()->getAbsolutePath($path)); $data = ''; // use file_put_contents as method because that best matches what this function does - if (OC_FileProxy::runPreProxies('file_put_contents', $absolutePath, $data) - && \OC\Files\Filesystem::isValidPath($path)) { + if (\OC\Files\Filesystem::isValidPath($path)) { $path = \OC\Files\Filesystem::getView()->getRelativePath($absolutePath); $exists = \OC\Files\Filesystem::file_exists($path); $run = true; @@ -231,7 +230,6 @@ class OC_FileChunking { \OC\Files\Filesystem::signal_post_write, array( \OC\Files\Filesystem::signal_param_path => $path) ); - OC_FileProxy::runPostProxies('file_put_contents', $absolutePath, $count); return $count > 0; }else{ return false; diff --git a/lib/private/fileproxy.php b/lib/private/fileproxy.php deleted file mode 100644 index 8b28e866ac..0000000000 --- a/lib/private/fileproxy.php +++ /dev/null @@ -1,138 +0,0 @@ - - * @author Felix Moeller - * @author Jörn Friedrich Dreyer - * @author Morris Jobke - * @author Robin Appelman - * @author Robin McCorkell - * @author Scrutinizer Auto-Fixer - * @author Thomas Müller - * @author Vincent Petry - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -/** - * Class for manipulating filesystem requests - * - * Manipulation happens by using 2 kind of proxy operations, pre and post proxies - * that manipulate the filesystem call and the result of the call respectively - * - * A pre-proxy recieves the filepath as arugments (or 2 filespaths in case of - * operations like copy or move) and return a boolean - * If a pre-proxy returns false the file operation will be canceled - * All filesystem operations have a pre-proxy - * - * A post-proxy recieves 2 arguments, the filepath and the result of the operation. - * The return value of the post-proxy will be used as the new result of the operation - * The operations that have a post-proxy are: - * file_get_contents, is_file, is_dir, file_exists, stat, is_readable, - * is_writable, filemtime, filectime, file_get_contents, - * getMimeType, hash, fopen, free_space and search - */ - -class OC_FileProxy{ - private static $proxies=array(); - public static $enabled=true; - - /** - * fallback function when a proxy operation is not implemented - * @param string $function the name of the proxy operation - * @param mixed $arguments - * - * this implements a dummy proxy for all operations - */ - public function __call($function, $arguments) { - if(substr($function, 0, 3)=='pre') { - return true; - }else{ - return $arguments[1]; - } - } - - /** - * register a proxy to be used - * @param OC_FileProxy $proxy - */ - public static function register($proxy) { - self::$proxies[]=$proxy; - } - - /** - * @param string $operation - */ - public static function getProxies($operation = null) { - if ($operation === null) { - // return all - return self::$proxies; - } - $proxies=array(); - foreach(self::$proxies as $proxy) { - if(method_exists($proxy, $operation)) { - $proxies[]=$proxy; - } - } - return $proxies; - } - - /** - * @param string $operation - * @param string|boolean $filepath - */ - public static function runPreProxies($operation,&$filepath,&$filepath2=null) { - if(!self::$enabled) { - return true; - } - $operation='pre'.$operation; - $proxies=self::getProxies($operation); - foreach($proxies as $proxy) { - if(!is_null($filepath2)) { - if($proxy->$operation($filepath, $filepath2)===false) { - return false; - } - }else{ - if($proxy->$operation($filepath)===false) { - return false; - } - } - } - return true; - } - - /** - * @param string $operation - * @param string|boolean $path - * - * @return string - */ - public static function runPostProxies($operation, $path, $result) { - if(!self::$enabled) { - return $result; - } - $operation='post'.$operation; - $proxies=self::getProxies($operation); - foreach($proxies as $proxy) { - $result=$proxy->$operation($path, $result); - } - return $result; - } - - public static function clearProxies() { - self::$proxies=array(); - } -} diff --git a/lib/private/files/view.php b/lib/private/files/view.php index f8ec4a0eb4..0f371bbc5e 100644 --- a/lib/private/files/view.php +++ b/lib/private/files/view.php @@ -515,8 +515,7 @@ class View { public function file_put_contents($path, $data) { if (is_resource($data)) { //not having to deal with streams in file_put_contents makes life easier $absolutePath = Filesystem::normalizePath($this->getAbsolutePath($path)); - if (\OC_FileProxy::runPreProxies('file_put_contents', $absolutePath, $data) - and Filesystem::isValidPath($path) + if (Filesystem::isValidPath($path) and !Filesystem::isFileBlacklisted($path) ) { $path = $this->getRelativePath($absolutePath); @@ -537,7 +536,6 @@ class View { if ($this->shouldEmitHooks($path) && $result !== false) { $this->emit_file_hooks_post($exists, $path); } - \OC_FileProxy::runPostProxies('file_put_contents', $absolutePath, $count); return $result; } else { return false; @@ -591,8 +589,7 @@ class View { $absolutePath1 = Filesystem::normalizePath($this->getAbsolutePath($path1)); $absolutePath2 = Filesystem::normalizePath($this->getAbsolutePath($path2)); if ( - \OC_FileProxy::runPreProxies('rename', $absolutePath1, $absolutePath2) - and Filesystem::isValidPath($path2) + Filesystem::isValidPath($path2) and Filesystem::isValidPath($path1) and !Filesystem::isFileBlacklisted($path2) ) { @@ -635,14 +632,12 @@ class View { $sourceMountPoint = $mount->getMountPoint(); $result = $mount->moveMount($absolutePath2); $manager->moveMount($sourceMountPoint, $mount->getMountPoint()); - \OC_FileProxy::runPostProxies('rename', $absolutePath1, $absolutePath2); } else { $result = false; } } elseif ($mp1 == $mp2) { if ($storage1) { $result = $storage1->rename($internalPath1, $internalPath2); - \OC_FileProxy::runPostProxies('rename', $absolutePath1, $absolutePath2); } else { $result = false; } @@ -718,8 +713,7 @@ class View { $absolutePath1 = Filesystem::normalizePath($this->getAbsolutePath($path1)); $absolutePath2 = Filesystem::normalizePath($this->getAbsolutePath($path2)); if ( - \OC_FileProxy::runPreProxies('copy', $absolutePath1, $absolutePath2) - and Filesystem::isValidPath($path2) + Filesystem::isValidPath($path2) and Filesystem::isValidPath($path1) and !Filesystem::isFileBlacklisted($path2) ) { @@ -927,7 +921,7 @@ class View { public function hash($type, $path, $raw = false) { $postFix = (substr($path, -1, 1) === '/') ? '/' : ''; $absolutePath = Filesystem::normalizePath($this->getAbsolutePath($path)); - if (\OC_FileProxy::runPreProxies('hash', $absolutePath) && Filesystem::isValidPath($path)) { + if (Filesystem::isValidPath($path)) { $path = $this->getRelativePath($absolutePath); if ($path == null) { return false; @@ -942,7 +936,6 @@ class View { list($storage, $internalPath) = Filesystem::resolvePath($absolutePath . $postFix); if ($storage) { $result = $storage->hash($type, $internalPath, $raw); - $result = \OC_FileProxy::runPostProxies('hash', $absolutePath, $result); return $result; } } @@ -975,8 +968,7 @@ class View { private function basicOperation($operation, $path, $hooks = array(), $extraParam = null) { $postFix = (substr($path, -1, 1) === '/') ? '/' : ''; $absolutePath = Filesystem::normalizePath($this->getAbsolutePath($path)); - if (\OC_FileProxy::runPreProxies($operation, $absolutePath, $extraParam) - and Filesystem::isValidPath($path) + if (Filesystem::isValidPath($path) and !Filesystem::isFileBlacklisted($path) ) { $path = $this->getRelativePath($absolutePath); @@ -993,8 +985,6 @@ class View { $result = $storage->$operation($internalPath); } - $result = \OC_FileProxy::runPostProxies($operation, $this->getAbsolutePath($path), $result); - if (in_array('delete', $hooks) and $result) { $this->updater->remove($path); } @@ -1168,8 +1158,6 @@ class View { $data['permissions'] |= \OCP\Constants::PERMISSION_DELETE; } - $data = \OC_FileProxy::runPostProxies('getFileInfo', $path, $data); - return new FileInfo($path, $storage, $internalPath, $data, $mount); } diff --git a/lib/private/server.php b/lib/private/server.php index d9c580c0f0..d135150c1f 100644 --- a/lib/private/server.php +++ b/lib/private/server.php @@ -496,19 +496,7 @@ class Server extends SimpleContainer implements IServerContainer { $dir = '/files'; if (!$folder->nodeExists($dir)) { $folder = $folder->newFolder($dir); - - if (\OCP\App::isEnabled('files_encryption')) { - // disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - } - \OC_Util::copySkeleton($user, $folder); - - if (\OCP\App::isEnabled('files_encryption')) { - // re-enable proxy - our work is done - \OC_FileProxy::$enabled = $proxyStatus; - } } else { $folder = $folder->get($dir); } diff --git a/tests/bootstrap.php b/tests/bootstrap.php index cebd899e78..5945dbdc11 100644 --- a/tests/bootstrap.php +++ b/tests/bootstrap.php @@ -25,4 +25,3 @@ if (!class_exists('PHPUnit_Framework_TestCase')) { OC_Hook::clear(); OC_Log::$enabled = false; -OC_FileProxy::clearProxies(); diff --git a/tests/lib/cache/file.php b/tests/lib/cache/file.php index 1bf7491081..153cb198f1 100644 --- a/tests/lib/cache/file.php +++ b/tests/lib/cache/file.php @@ -38,7 +38,6 @@ class FileCache extends \Test_Cache { parent::setUp(); //clear all proxies and hooks so we can do clean testing - \OC_FileProxy::clearProxies(); \OC_Hook::clear('OC_Filesystem'); //set up temporary storage diff --git a/tests/lib/cache/usercache.php b/tests/lib/cache/usercache.php index 63667a3d34..26a9158ab3 100644 --- a/tests/lib/cache/usercache.php +++ b/tests/lib/cache/usercache.php @@ -34,7 +34,6 @@ class UserCache extends \Test_Cache { parent::setUp(); //clear all proxies and hooks so we can do clean testing - \OC_FileProxy::clearProxies(); \OC_Hook::clear('OC_Filesystem'); //set up temporary storage diff --git a/tests/lib/testcase.php b/tests/lib/testcase.php index d532a3b01c..a83be71319 100644 --- a/tests/lib/testcase.php +++ b/tests/lib/testcase.php @@ -71,7 +71,6 @@ abstract class TestCase extends \PHPUnit_Framework_TestCase { self::tearDownAfterClassCleanFileCache(); self::tearDownAfterClassCleanStrayDataFiles($dataDir); self::tearDownAfterClassCleanStrayHooks(); - self::tearDownAfterClassCleanProxies(); parent::tearDownAfterClass(); } @@ -164,16 +163,6 @@ abstract class TestCase extends \PHPUnit_Framework_TestCase { \OC_Hook::clear(); } - /** - * Clean up the list of file proxies - * - * Also reenables file proxies, in case a test disabled them - */ - static protected function tearDownAfterClassCleanProxies() { - \OC_FileProxy::$enabled = true; - \OC_FileProxy::clearProxies(); - } - /** * Login and setup FS as a given user, * sets the given user as the current user. From e6dc6944c2cd92617818a2fd029ecdb1de5ab663 Mon Sep 17 00:00:00 2001 From: Clark Tomlinson Date: Mon, 30 Mar 2015 17:01:50 -0400 Subject: [PATCH 041/119] moving methods to their final places and updating test some. --- apps/encryption/appinfo/application.php | 11 +-- apps/encryption/lib/keymanager.php | 24 +++-- apps/encryption/lib/recovery.php | 85 +++++++++++++++- apps/encryption/lib/util.php | 97 ++----------------- .../encryption/settings/settings-personal.php | 10 +- apps/encryption/tests/lib/KeyManagerTest.php | 88 +++++++++++++++-- 6 files changed, 188 insertions(+), 127 deletions(-) diff --git a/apps/encryption/appinfo/application.php b/apps/encryption/appinfo/application.php index 606c0cc5c4..f9b7a1c60d 100644 --- a/apps/encryption/appinfo/application.php +++ b/apps/encryption/appinfo/application.php @@ -127,7 +127,8 @@ class Application extends \OCP\AppFramework\App { $server->getConfig(), $server->getUserSession(), $server->getSession(), - $server->getLogger() + $server->getLogger(), + $c->query('Recovery') ); }); @@ -168,13 +169,7 @@ class Application extends \OCP\AppFramework\App { function (IAppContainer $c) { $server = $c->getServer(); - return new Util(new View(), - new Filesystem(), - $c->query('Crypt'), - $c->query('KeyManager'), - $server->getLogger(), - $server->getUserSession(), - $server->getConfig() + return new Util(new View(), $c->query('Crypt'), $c->query('KeyManager'), $server->getLogger(), $server->getUserSession(), $server->getConfig() ); }); diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index d9b670c3f5..cd983be17f 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -27,8 +27,6 @@ use OC\Encryption\Exceptions\PrivateKeyMissingException; use OC\Encryption\Exceptions\PublicKeyMissingException; use OCA\Encryption\Crypto\Crypt; use OCP\Encryption\Keys\IStorage; -use OCP\ICache; -use OCP\ICacheFactory; use OCP\IConfig; use OCP\ILogger; use OCP\IUserSession; @@ -86,6 +84,10 @@ class KeyManager { * @var ILogger */ private $log; + /** + * @var Recovery + */ + private $recovery; /** * @param IStorage $keyStorage @@ -94,6 +96,7 @@ class KeyManager { * @param IUserSession $userSession * @param \OCP\ISession $session * @param ILogger $log + * @param Recovery $recovery */ public function __construct( IStorage $keyStorage, @@ -101,7 +104,9 @@ class KeyManager { IConfig $config, IUserSession $userSession, ISession $session, - ILogger $log) { + ILogger $log, + Recovery $recovery + ) { self::$session = $session; $this->keyStorage = $keyStorage; @@ -115,7 +120,9 @@ class KeyManager { if (empty($this->publicShareKeyId)) { $this->publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8); - $this->config->setAppValue('encryption', 'publicShareKeyId', $this->publicShareKeyId); + $this->config->setAppValue('encryption', + 'publicShareKeyId', + $this->publicShareKeyId); $keyPair = $this->crypt->createKeyPair(); @@ -125,9 +132,11 @@ class KeyManager { $keyPair['publicKey']); // Encrypt private key empty passphrase - $encryptedKey = $this->crypt->symmetricEncryptFileContent($keyPair['privateKey'], ''); + $encryptedKey = $this->crypt->symmetricEncryptFileContent($keyPair['privateKey'], + ''); if ($encryptedKey) { - $this->keyStorage->setSystemUserKey($this->publicShareKeyId . '.privateKey', $encryptedKey); + $this->keyStorage->setSystemUserKey($this->publicShareKeyId . '.privateKey', + $encryptedKey); } else { $this->log->error('Could not create public share keys'); } @@ -136,6 +145,7 @@ class KeyManager { $this->keyId = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false; $this->log = $log; + $this->recovery = $recovery; } /** @@ -386,7 +396,7 @@ class KeyManager { $this->setPrivateKey($user, $encryptedKey); if ($recoveryPassword) { // if recovery key is set we can re-encrypt the key files - $util->recoverUsersFiles($recoveryPassword); + $this->recovery->recoverUsersFiles($recoveryPassword); } } else { $this->log->error('Encryption Could not update users encryption password'); diff --git a/apps/encryption/lib/recovery.php b/apps/encryption/lib/recovery.php index 457184b4b9..376d3ef83b 100644 --- a/apps/encryption/lib/recovery.php +++ b/apps/encryption/lib/recovery.php @@ -29,6 +29,7 @@ use OCP\IUser; use OCP\IUserSession; use OCP\PreConditionNotMetException; use OCP\Security\ISecureRandom; +use OCP\Share; class Recovery { @@ -54,10 +55,12 @@ class Recovery { */ private $config; /** - * @var IEncryptionKeyStorage + * @var IStorage */ private $keyStorage; + private $recoveryKeyId; + /** * @param IUserSession $user * @param Crypt $crypt @@ -90,7 +93,9 @@ class Recovery { if ($recoveryKeyId === null) { $recoveryKeyId = $this->random->getLowStrengthGenerator(); - $appConfig->setAppValue('encryption', 'recoveryKeyId', $recoveryKeyId); + $appConfig->setAppValue('encryption', + 'recoveryKeyId', + $recoveryKeyId); } $keyManager = $this->keyManager; @@ -98,7 +103,9 @@ class Recovery { if (!$keyManager->recoveryKeyExists()) { $keyPair = $this->crypt->createKeyPair(); - return $this->keyManager->storeKeyPair($this->user->getUID(), $password, $keyPair); + return $this->keyManager->storeKeyPair($this->user->getUID(), + $password, + $keyPair); } if ($keyManager->checkRecoveryPassword($password)) { @@ -143,6 +150,7 @@ class Recovery { return ($recoveryMode === '1'); } + /** * @param $enabled * @return bool @@ -165,12 +173,79 @@ class Recovery { * @param $recoveryPassword */ public function recoverUsersFiles($recoveryPassword) { - // todo: get system private key here -// $this->keyManager->get + $encryptedKey = $this->keyManager->getSystemPrivateKey(); + $privateKey = $this->crypt->decryptPrivateKey($encryptedKey, $recoveryPassword); $this->recoverAllFiles('/', $privateKey); } + /** + * @param $path + * @param $privateKey + */ + private function recoverAllFiles($path, $privateKey) { + $dirContent = $this->files->getDirectoryContent($path); + + foreach ($dirContent as $item) { + // Get relative path from encryption/keyfiles + $filePath = substr($item['path'], strlen('encryption/keys')); + if ($this->files->is_dir($this->user->getUID() . '/files' . '/' . $filePath)) { + $this->recoverAllFiles($filePath . '/', $privateKey); + } else { + $this->recoverFile($filePath, $privateKey); + } + } + + } + + /** + * @param $filePath + * @param $privateKey + */ + private function recoverFile($filePath, $privateKey) { + $sharingEnabled = Share::isEnabled(); + $uid = $this->user->getUID(); + + // Find out who, if anyone, is sharing the file + if ($sharingEnabled) { + $result = Share::getUsersSharingFile($filePath, + $uid, + true); + $userIds = $result['users']; + $userIds[] = 'public'; + } else { + $userIds = [ + $uid, + $this->recoveryKeyId + ]; + } + $filteredUids = $this->filterShareReadyUsers($userIds); + + // Decrypt file key + $encKeyFile = $this->keyManager->getFileKey($filePath, + $uid); + + $shareKey = $this->keyManager->getShareKey($filePath, + $uid); + + $plainKeyFile = $this->crypt->multiKeyDecrypt($encKeyFile, + $shareKey, + $privateKey); + + // Encrypt the file key again to all users, this time with the new publick keyt for the recovered user + $userPublicKeys = $this->keyManager->getPublicKeys($filteredUids['ready']); + $multiEncryptionKey = $this->crypt->multiKeyEncrypt($plainKeyFile, + $userPublicKeys); + + $this->keyManager->setFileKey($multiEncryptionKey['data'], + $uid); + + $this->keyManager->setShareKey($filePath, + $uid, + $multiEncryptionKey['keys']); + } + + } diff --git a/apps/encryption/lib/util.php b/apps/encryption/lib/util.php index 5fc08c6cc7..45891be5da 100644 --- a/apps/encryption/lib/util.php +++ b/apps/encryption/lib/util.php @@ -26,7 +26,6 @@ namespace OCA\Encryption; use OC\Files\Filesystem; use OC\Files\View; use OCA\Encryption\Crypto\Crypt; -use OCA\Files_Versions\Storage; use OCP\App; use OCP\IConfig; use OCP\ILogger; @@ -40,10 +39,6 @@ class Util { * @var View */ private $files; - /** - * @var Filesystem - */ - private $filesystem; /** * @var Crypt */ @@ -69,24 +64,20 @@ class Util { * Util constructor. * * @param View $files - * @param Filesystem $filesystem * @param Crypt $crypt * @param KeyManager $keyManager * @param ILogger $logger * @param IUserSession $userSession * @param IConfig $config */ - public function __construct( - View $files, - Filesystem $filesystem, - Crypt $crypt, - KeyManager $keyManager, - ILogger $logger, - IUserSession $userSession, - IConfig $config + public function __construct(View $files, + Crypt $crypt, + KeyManager $keyManager, + ILogger $logger, + IUserSession $userSession, + IConfig $config ) { $this->files = $files; - $this->filesystem = $filesystem; $this->crypt = $crypt; $this->keyManager = $keyManager; $this->logger = $logger; @@ -94,16 +85,6 @@ class Util { $this->config = $config; } - /** - * @param $filePath - * @return array - */ - private function splitPath($filePath) { - $normalized = $this->filesystem->normalizePath($filePath); - - return explode('/', $normalized); - } - /** * @return bool */ @@ -154,71 +135,5 @@ class Util { return $this->files->file_exists($uid . '/files'); } - /** - * @param $path - * @param $privateKey - */ - private function recoverAllFiles($path, $privateKey) { - // Todo relocate to storage - $dirContent = $this->files->getDirectoryContent($path); - - foreach ($dirContent as $item) { - // Get relative path from encryption/keyfiles - $filePath = substr($item['path'], strlen('encryption/keys')); - if ($this->files->is_dir($this->user->getUID() . '/files' . '/' . $filePath)) { - $this->recoverAllFiles($filePath . '/', $privateKey); - } else { - $this->recoverFile($filePath, $privateKey); - } - } - - } - - /** - * @param $filePath - * @param $privateKey - */ - private function recoverFile($filePath, $privateKey) { - $sharingEnabled = Share::isEnabled(); - $uid = $this->user->getUID(); - - // Find out who, if anyone, is sharing the file - if ($sharingEnabled) { - $result = Share::getUsersSharingFile($filePath, - $uid, - true); - $userIds = $result['users']; - $userIds[] = 'public'; - } else { - $userIds = [ - $uid, - $this->recoveryKeyId - ]; - } - $filteredUids = $this->filterShareReadyUsers($userIds); - - // Decrypt file key - $encKeyFile = $this->keyManager->getFileKey($filePath, - $uid); - - $shareKey = $this->keyManager->getShareKey($filePath, - $uid); - - $plainKeyFile = $this->crypt->multiKeyDecrypt($encKeyFile, - $shareKey, - $privateKey); - - // Encrypt the file key again to all users, this time with the new publick keyt for the recovered user - $userPublicKeys = $this->keyManager->getPublicKeys($filteredUids['ready']); - $multiEncryptionKey = $this->crypt->multiKeyEncrypt($plainKeyFile, - $userPublicKeys); - - $this->keyManager->setFileKey($multiEncryptionKey['data'], - $uid); - - $this->keyManager->setShareKey($filePath, - $uid, - $multiEncryptionKey['keys']); - } } diff --git a/apps/encryption/settings/settings-personal.php b/apps/encryption/settings/settings-personal.php index 3266351a07..540897b829 100644 --- a/apps/encryption/settings/settings-personal.php +++ b/apps/encryption/settings/settings-personal.php @@ -20,20 +20,14 @@ $keymanager = new \OCA\Encryption\KeyManager( \OC::$server->getConfig(), \OC::$server->getUserSession(), \OC::$server->getSession(), - \OC::$server->getLogger()); + \OC::$server->getLogger(),); $user = \OCP\User::getUser(); $view = new \OC\Files\View('/'); $util = new \OCA\Encryption\Util( - new \OC\Files\View(), - new \OC\Files\Filesystem(), - $crypt, - $keymanager, - \OC::$server->getLogger(), - \OC::$server->getUserSession(), - \OC::$server->getConfig()); + new \OC\Files\View(), $crypt, $keymanager, \OC::$server->getLogger(), \OC::$server->getUserSession(), \OC::$server->getConfig()); $session = \OC::$server->getSession(); diff --git a/apps/encryption/tests/lib/KeyManagerTest.php b/apps/encryption/tests/lib/KeyManagerTest.php index ed6048d764..510ab17988 100644 --- a/apps/encryption/tests/lib/KeyManagerTest.php +++ b/apps/encryption/tests/lib/KeyManagerTest.php @@ -10,26 +10,64 @@ namespace OCA\Encryption\Tests; +use OC\Files\View; use OCA\Encryption\KeyManager; use Test\TestCase; class KeyManagerTest extends TestCase { + /** + * @var bool + */ + private static $trashbinState; /** * @var KeyManager */ private $instance; /** - * @var + * @var string */ - private $userId; + private static $testUser = 'test-keyManager-user.dot'; /** * @var */ private $dummyKeys; + /** + * @var string + */ + private $userId; + /** + * @var string + */ + private $userPassword; + /** + * @var \OC\Files\View + */ + private $view; + /** + * @var string + */ + private $dataDir; /** * */ + public static function setUpBeforeClass() { + parent::setUpBeforeClass(); + + // Remember files_trashbin state + self::$trashbinState = \OC_App::isEnabled('files_trashbin'); + + // We dont want tests with app files_trashbin enabled + \OC_App::disable('files_trashbin'); + + $userManager = \OC::$server->getUserManager(); + $userManager->createUser(self::$testUser, + self::$testUser); + + // Create test user + parent::loginAsUser(self::$testUser); + } + public function setUp() { parent::setUp(); $keyStorageMock = $this->getMock('OCP\Encryption\Keys\IStorage'); @@ -47,18 +85,52 @@ class KeyManagerTest extends TestCase { ->will($this->returnValue('admin')); $sessionMock = $this->getMock('OCP\ISession'); $logMock = $this->getMock('OCP\ILogger'); - $this->userId = 'admin'; + $recoveryMock = $this->getMockBuilder('OCA\Encryption\Recovery') + ->disableOriginalConstructor() + ->getMock(); + $this->instance = new KeyManager($keyStorageMock, $cryptMock, $configMock, $userMock, $sessionMock, - $logMock); + $logMock, + $recoveryMock); - $this->dummyKeys = ['public' => 'randomweakpublickeyhere', - 'private' => 'randomweakprivatekeyhere']; + self::loginAsUser(self::$testUser); + $this->userId = self::$testUser; + $this->userPassword = self::$testUser; + $this->view = new View('/'); + + $this->dummyKeys = [ + 'privateKey' => 'superinsecureprivatekey', + 'publicKey' => 'superinsecurepublickey' + ]; + + + $userManager = \OC::$server->getUserManager(); + + $userHome = $userManager->get($this->userId)->getHome(); + + $this->dataDir = str_replace('/' . $this->userId, '', $userHome); } + protected function tearDown() { + parent::tearDown(); + $this->view->deleteAll('/' . self::$testUser . '/files_encryption/keys'); + } + + public static function tearDownAfterClass() { + parent::tearDownAfterClass(); + // Cleanup Test user + \OC::$server->getUserManager()->get(self::$testUser)->delete(); + // Reset app files_trashbin + if (self::$trashbinState) { + \OC_App::enable('files_trashbin'); + } + } + + /** * @expectedException \OC\Encryption\Exceptions\PrivateKeyMissingException */ @@ -93,7 +165,7 @@ class KeyManagerTest extends TestCase { public function testSetPublicKey() { $this->assertTrue($this->instance->setPublicKey($this->userId, - $this->dummyKeys['public'])); + $this->dummyKeys['publicKey'])); } /** @@ -101,7 +173,7 @@ class KeyManagerTest extends TestCase { */ public function testSetPrivateKey() { $this->assertTrue($this->instance->setPrivateKey($this->userId, - $this->dummyKeys['private'])); + $this->dummyKeys['privateKey'])); } /** From e0ab2c34eab970d82ddc6c9f5b3b752243fc716a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Mon, 30 Mar 2015 23:19:35 +0200 Subject: [PATCH 042/119] update unit tests after ctor signature change of \OC\Encryption\Util --- tests/lib/files/storage/wrapper/encryption.php | 5 ++++- tests/lib/files/stream/encryption.php | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/tests/lib/files/storage/wrapper/encryption.php b/tests/lib/files/storage/wrapper/encryption.php index b8d4e962c5..eea6a53e04 100644 --- a/tests/lib/files/storage/wrapper/encryption.php +++ b/tests/lib/files/storage/wrapper/encryption.php @@ -20,11 +20,14 @@ class Encryption extends \Test\Files\Storage\Storage { ->disableOriginalConstructor() ->setMethods(['getDefaultEncryptionModule', 'getEncryptionModule']) ->getMock(); + $config = $this->getMockBuilder('\OCP\IConfig') + ->disableOriginalConstructor() + ->getMock(); $encryptionManager->expects($this->any()) ->method('getDefaultEncryptionModule') ->willReturn(new DummyModule()); - $util = new \OC\Encryption\Util(new View(), new \OC\User\Manager()); + $util = new \OC\Encryption\Util(new View(), new \OC\User\Manager(), $config); $logger = $this->getMock('\OC\Log'); diff --git a/tests/lib/files/stream/encryption.php b/tests/lib/files/stream/encryption.php index 51ccc3de39..1c5e5cf7a4 100644 --- a/tests/lib/files/stream/encryption.php +++ b/tests/lib/files/stream/encryption.php @@ -23,7 +23,10 @@ class Encryption extends \Test\TestCase { ->disableOriginalConstructor()->getMock(); $encStorage = $this->getMockBuilder('\OC\Files\Storage\Wrapper\Encryption') ->disableOriginalConstructor()->getMock(); - $util = new \OC\Encryption\Util(new View(), new \OC\User\Manager());; + $config = $this->getMockBuilder('\OCP\IConfig') + ->disableOriginalConstructor() + ->getMock(); + $util = new \OC\Encryption\Util(new View(), new \OC\User\Manager(), $config); $size = 12; $unencryptedSize = 8000; From 0f28d538a0af769220bcba120f0a7340dd0aba5f Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Tue, 31 Mar 2015 11:15:47 +0200 Subject: [PATCH 043/119] add session class to handle all session operations --- apps/encryption/appinfo/application.php | 5 +- apps/encryption/hooks/userhooks.php | 11 +- .../exceptions/privatekeymissingexception.php | 2 +- apps/encryption/lib/keymanager.php | 28 ++--- apps/encryption/lib/session.php | 103 ++++++++++++++++++ .../encryption/settings/settings-personal.php | 12 +- 6 files changed, 126 insertions(+), 35 deletions(-) rename {lib/private/encryption => apps/encryption/lib}/exceptions/privatekeymissingexception.php (95%) create mode 100644 apps/encryption/lib/session.php diff --git a/apps/encryption/appinfo/application.php b/apps/encryption/appinfo/application.php index f9b7a1c60d..21d7f3e737 100644 --- a/apps/encryption/appinfo/application.php +++ b/apps/encryption/appinfo/application.php @@ -76,9 +76,8 @@ class Application extends \OCP\AppFramework\App { $server->getLogger(), $container->query('UserSetup'), $server->getUserSession(), - new \OCP\Util(), $container->query('Util'), - $server->getSession()), + new \OCA\Encryption\Session($server->getSession())), ]); $hookManager->fireHooks(); @@ -126,7 +125,7 @@ class Application extends \OCP\AppFramework\App { $c->query('Crypt'), $server->getConfig(), $server->getUserSession(), - $server->getSession(), + new \OCA\Encryption\Session($server->getSession()), $server->getLogger(), $c->query('Recovery') ); diff --git a/apps/encryption/hooks/userhooks.php b/apps/encryption/hooks/userhooks.php index 1629aca0f5..27780cccfb 100644 --- a/apps/encryption/hooks/userhooks.php +++ b/apps/encryption/hooks/userhooks.php @@ -22,7 +22,6 @@ namespace OCA\Encryption\Hooks; -use OCP\ISession; use OCP\Util as OCUtil; use OCA\Encryption\Hooks\Contracts\IHook; use OCA\Encryption\KeyManager; @@ -31,7 +30,7 @@ use OCP\App; use OCP\ILogger; use OCP\IUserSession; use OCA\Encryption\Util; -use Test\User; +use OCA\Encryption\Session; class UserHooks implements IHook { /** @@ -55,7 +54,7 @@ class UserHooks implements IHook { */ private $util; /** - * @var ISession + * @var Session */ private $session; @@ -66,17 +65,15 @@ class UserHooks implements IHook { * @param ILogger $logger * @param Setup $userSetup * @param IUserSession $user - * @param OCUtil $ocUtil * @param Util $util - * @param ISession $session + * @param Session $session */ public function __construct(KeyManager $keyManager, ILogger $logger, Setup $userSetup, IUserSession $user, - OCUtil $ocUtil, Util $util, - ISession $session) { + Session $session) { $this->keyManager = $keyManager; $this->logger = $logger; diff --git a/lib/private/encryption/exceptions/privatekeymissingexception.php b/apps/encryption/lib/exceptions/privatekeymissingexception.php similarity index 95% rename from lib/private/encryption/exceptions/privatekeymissingexception.php rename to apps/encryption/lib/exceptions/privatekeymissingexception.php index 878b83d240..e06940f7ac 100644 --- a/lib/private/encryption/exceptions/privatekeymissingexception.php +++ b/apps/encryption/lib/exceptions/privatekeymissingexception.php @@ -20,7 +20,7 @@ */ -namespace OC\Encryption\Exceptions; +namespace OCA\Encryption\Exceptions; class PrivateKeyMissingException extends GenericEncryptionException{ diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index cd983be17f..6c5f234802 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -30,14 +30,14 @@ use OCP\Encryption\Keys\IStorage; use OCP\IConfig; use OCP\ILogger; use OCP\IUserSession; -use \OCP\ISession; +use \OCA\Encryption\Session; class KeyManager { /** - * @var ISession + * @var Session */ - public static $session; + protected $session; /** * @var IStorage */ @@ -84,17 +84,13 @@ class KeyManager { * @var ILogger */ private $log; - /** - * @var Recovery - */ - private $recovery; /** * @param IStorage $keyStorage * @param Crypt $crypt * @param IConfig $config * @param IUserSession $userSession - * @param \OCP\ISession $session + * @param Session $session * @param ILogger $log * @param Recovery $recovery */ @@ -103,12 +99,12 @@ class KeyManager { Crypt $crypt, IConfig $config, IUserSession $userSession, - ISession $session, + Session $session, ILogger $log, Recovery $recovery ) { - self::$session = $session; + $this->session = $session; $this->keyStorage = $keyStorage; $this->crypt = $crypt; $this->config = $config; @@ -271,7 +267,6 @@ class KeyManager { * * @param string $uid userid * @param string $passPhrase users password - * @return ISession */ public function init($uid, $passPhrase) { try { @@ -284,11 +279,8 @@ class KeyManager { return false; } - - self::$session->set('privateKey', $privateKey); - self::$session->set('initStatus', true); - - return self::$session; + $this->session->setPrivateKey($privateKey); + $this->session->setStatus(Session::INIT_SUCCESSFUL); } /** @@ -316,7 +308,7 @@ class KeyManager { $encryptedFileKey = $this->keyStorage->getFileKey($path, $this->fileKeyId); $shareKey = $this->getShareKey($path, $uid); - $privateKey = self::$session->get('privateKey'); + $privateKey = $this->session->getPrivateKey(); if ($encryptedFileKey && $shareKey && $privateKey) { $key = $this->crypt->multiKeyDecrypt($encryptedFileKey, @@ -348,7 +340,7 @@ class KeyManager { public function setPassphrase($params, IUserSession $user, Util $util) { // Get existing decrypted private key - $privateKey = self::$session->get('privateKey'); + $privateKey = $this->session->getPrivateKey(); if ($params['uid'] === $user->getUser()->getUID() && $privateKey) { diff --git a/apps/encryption/lib/session.php b/apps/encryption/lib/session.php new file mode 100644 index 0000000000..e049a8fe40 --- /dev/null +++ b/apps/encryption/lib/session.php @@ -0,0 +1,103 @@ + + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE + * License as published by the Free Software Foundation; either + * version 3 of the License, or any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU AFFERO GENERAL PUBLIC LICENSE for more details. + * + * You should have received a copy of the GNU Affero General Public + * License along with this library. If not, see . + */ + +namespace OCA\Encryption; + +use \OCP\ISession; + +class Session { + + /** @var ISession */ + protected $session; + + const NOT_INITIALIZED = '0'; + const INIT_EXECUTED = '1'; + const INIT_SUCCESSFUL = '2'; + + public function __construct(ISession $session) { + $this->session = $session; + } + + /** + * Sets status of encryption app + * + * @param string $status INIT_SUCCESSFUL, INIT_EXECUTED, NOT_INITIALIZED + */ + public function setStatus($status) { + $this->session->set('encryptionInitialized', $status); + } + + /** + * Gets status if we already tried to initialize the encryption app + * + * @return string init status INIT_SUCCESSFUL, INIT_EXECUTED, NOT_INITIALIZED + */ + public function getStatus() { + $status = $this->session->get('encryptionInitialized'); + if (is_null($status)) { + $status = self::NOT_INITIALIZED; + } + + return $status; + } + + /** + * Gets user or public share private key from session + * + * @return string $privateKey The user's plaintext private key + * @throws Exceptions\PrivateKeyMissingException + */ + public function getPrivateKey() { + $key = $this->session->get('privateKey'); + if (is_null($key)) { + throw new Exceptions\PrivateKeyMissingException('no private key stored in session'); + } + return $key; + } + + /** + * check if private key is set + * + * @return boolean + */ + public function isPrivateKeySet() { + $key = $this->session->get('privateKey'); + if (is_null($key)) { + return false; + } + + return true; + } + + /** + * Sets user private key to session + * + * @param string $key users private key + * + * @note this should only be set on login + */ + public function setPrivateKey($key) { + $this->session->set('privateKey', $key); + } + +} \ No newline at end of file diff --git a/apps/encryption/settings/settings-personal.php b/apps/encryption/settings/settings-personal.php index 540897b829..83594b8467 100644 --- a/apps/encryption/settings/settings-personal.php +++ b/apps/encryption/settings/settings-personal.php @@ -9,6 +9,8 @@ // Add CSS stylesheet \OC_Util::addStyle('encryption', 'settings-personal'); +$session = new \OCA\Encryption\Session(\OC::$server->getSession()); + $tmpl = new OCP\Template('encryption', 'settings-personal'); $crypt = new \OCA\Encryption\Crypto\Crypt( \OC::$server->getLogger(), @@ -19,8 +21,8 @@ $keymanager = new \OCA\Encryption\KeyManager( $crypt, \OC::$server->getConfig(), \OC::$server->getUserSession(), - \OC::$server->getSession(), - \OC::$server->getLogger(),); + $session, + \OC::$server->getLogger()); $user = \OCP\User::getUser(); @@ -29,11 +31,9 @@ $view = new \OC\Files\View('/'); $util = new \OCA\Encryption\Util( new \OC\Files\View(), $crypt, $keymanager, \OC::$server->getLogger(), \OC::$server->getUserSession(), \OC::$server->getConfig()); -$session = \OC::$server->getSession(); - -$privateKeySet = $session->get('privateKey') !== false; +$privateKeySet = $session->isPrivateKeySet(); // did we tried to initialize the keys for this session? -$initialized = $session->getInitialized(); +$initialized = $session->getStatus(); $recoveryAdminEnabled = \OC::$server->getConfig()->getAppValue('encryption', 'recoveryAdminEnabled'); $recoveryEnabledForUser = $util->recoveryEnabledForUser(); From 4843e5ce301c4ac1e4cccf21b7d33e5e2a2b3042 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Tue, 31 Mar 2015 12:01:51 +0200 Subject: [PATCH 044/119] use password change logic to userhooks to avoid recursions --- apps/encryption/appinfo/application.php | 6 +- apps/encryption/hooks/userhooks.php | 88 ++++++++++++++++++++++--- apps/encryption/lib/keymanager.php | 75 +-------------------- apps/encryption/lib/session.php | 11 ++++ 4 files changed, 96 insertions(+), 84 deletions(-) diff --git a/apps/encryption/appinfo/application.php b/apps/encryption/appinfo/application.php index 21d7f3e737..be432b1a5a 100644 --- a/apps/encryption/appinfo/application.php +++ b/apps/encryption/appinfo/application.php @@ -77,7 +77,8 @@ class Application extends \OCP\AppFramework\App { $container->query('UserSetup'), $server->getUserSession(), $container->query('Util'), - new \OCA\Encryption\Session($server->getSession())), + new \OCA\Encryption\Session($server->getSession()), + $container->query('Recovery')) ]); $hookManager->fireHooks(); @@ -126,8 +127,7 @@ class Application extends \OCP\AppFramework\App { $server->getConfig(), $server->getUserSession(), new \OCA\Encryption\Session($server->getSession()), - $server->getLogger(), - $c->query('Recovery') + $server->getLogger() ); }); diff --git a/apps/encryption/hooks/userhooks.php b/apps/encryption/hooks/userhooks.php index 27780cccfb..330d8a873b 100644 --- a/apps/encryption/hooks/userhooks.php +++ b/apps/encryption/hooks/userhooks.php @@ -31,6 +31,7 @@ use OCP\ILogger; use OCP\IUserSession; use OCA\Encryption\Util; use OCA\Encryption\Session; +use OCA\Encryption\Recovery; class UserHooks implements IHook { /** @@ -57,6 +58,10 @@ class UserHooks implements IHook { * @var Session */ private $session; + /** + * @var Recovery + */ + private $recovery; /** * UserHooks constructor. @@ -67,13 +72,15 @@ class UserHooks implements IHook { * @param IUserSession $user * @param Util $util * @param Session $session + * @param Recovery $recovery */ public function __construct(KeyManager $keyManager, ILogger $logger, Setup $userSetup, IUserSession $user, Util $util, - Session $session) { + Session $session, + Recovery $recovery) { $this->keyManager = $keyManager; $this->logger = $logger; @@ -81,6 +88,7 @@ class UserHooks implements IHook { $this->user = $user; $this->util = $util; $this->session = $session; + $this->recovery = $recovery; } /** @@ -141,7 +149,7 @@ class UserHooks implements IHook { * remove keys from session during logout */ public function logout() { - KeyManager::$session->clear(); + $this->session->clear(); } /** @@ -180,16 +188,80 @@ class UserHooks implements IHook { if (App::isEnabled('encryption')) { if (!$this->user->getUser()->canChangePassword()) { - if (App::isEnabled('encryption') === false) { - return true; - } - $this->keyManager->setPassphrase($params, - $this->user, - $this->util); + $this->setPassphrase($params); } } } + /** + * Change a user's encryption passphrase + * + * @param array $params keys: uid, password + * @param IUserSession $user + * @param Util $util + * @return bool + */ + public function setPassphrase($params) { + + // Get existing decrypted private key + $privateKey = $this->session->getPrivateKey(); + + if ($params['uid'] === $this->user->getUser()->getUID() && $privateKey) { + + // Encrypt private key with new user pwd as passphrase + $encryptedPrivateKey = $this->crypt->symmetricEncryptFileContent($privateKey, + $params['password']); + + // Save private key + if ($encryptedPrivateKey) { + $this->setPrivateKey($this->user->getUser()->getUID(), + $encryptedPrivateKey); + } else { + $this->log->error('Encryption could not update users encryption password'); + } + + // NOTE: Session does not need to be updated as the + // private key has not changed, only the passphrase + // used to decrypt it has changed + } else { // admin changed the password for a different user, create new keys and reencrypt file keys + $user = $params['uid']; + $recoveryPassword = isset($params['recoveryPassword']) ? $params['recoveryPassword'] : null; + + // we generate new keys if... + // ...we have a recovery password and the user enabled the recovery key + // ...encryption was activated for the first time (no keys exists) + // ...the user doesn't have any files + if (($util->recoveryEnabledForUser() && $recoveryPassword) || !$this->userHasKeys($user) || !$util->userHasFiles($user) + ) { + + // backup old keys + $this->backupAllKeys('recovery'); + + $newUserPassword = $params['password']; + + $keyPair = $this->crypt->createKeyPair(); + + // Save public key + $this->setPublicKey($user, $keyPair['publicKey']); + + // Encrypt private key with new password + $encryptedKey = $this->crypt->symmetricEncryptFileContent($keyPair['privateKey'], + $newUserPassword); + + if ($encryptedKey) { + $this->setPrivateKey($user, $encryptedKey); + + if ($recoveryPassword) { // if recovery key is set we can re-encrypt the key files + $this->recovery->recoverUsersFiles($recoveryPassword); + } + } else { + $this->log->error('Encryption Could not update users encryption password'); + } + } + } + } + + /** * after password reset we create a new key pair for the user diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index 6c5f234802..87b19fe35e 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -23,7 +23,7 @@ namespace OCA\Encryption; use OC\Encryption\Exceptions\DecryptionFailedException; -use OC\Encryption\Exceptions\PrivateKeyMissingException; +use OCA\Encryption\Exceptions\PrivateKeyMissingException; use OC\Encryption\Exceptions\PublicKeyMissingException; use OCA\Encryption\Crypto\Crypt; use OCP\Encryption\Keys\IStorage; @@ -92,7 +92,6 @@ class KeyManager { * @param IUserSession $userSession * @param Session $session * @param ILogger $log - * @param Recovery $recovery */ public function __construct( IStorage $keyStorage, @@ -100,8 +99,7 @@ class KeyManager { IConfig $config, IUserSession $userSession, Session $session, - ILogger $log, - Recovery $recovery + ILogger $log ) { $this->session = $session; @@ -141,7 +139,6 @@ class KeyManager { $this->keyId = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false; $this->log = $log; - $this->recovery = $recovery; } /** @@ -329,74 +326,6 @@ class KeyManager { return $this->keyStorage->getFileKey($path, $keyId); } - /** - * Change a user's encryption passphrase - * - * @param array $params keys: uid, password - * @param IUserSession $user - * @param Util $util - * @return bool - */ - public function setPassphrase($params, IUserSession $user, Util $util) { - - // Get existing decrypted private key - $privateKey = $this->session->getPrivateKey(); - - if ($params['uid'] === $user->getUser()->getUID() && $privateKey) { - - // Encrypt private key with new user pwd as passphrase - $encryptedPrivateKey = $this->crypt->symmetricEncryptFileContent($privateKey, - $params['password']); - - // Save private key - if ($encryptedPrivateKey) { - $this->setPrivateKey($user->getUser()->getUID(), - $encryptedPrivateKey); - } else { - $this->log->error('Encryption could not update users encryption password'); - } - - // NOTE: Session does not need to be updated as the - // private key has not changed, only the passphrase - // used to decrypt it has changed - } else { // admin changed the password for a different user, create new keys and reencrypt file keys - $user = $params['uid']; - $recoveryPassword = isset($params['recoveryPassword']) ? $params['recoveryPassword'] : null; - - // we generate new keys if... - // ...we have a recovery password and the user enabled the recovery key - // ...encryption was activated for the first time (no keys exists) - // ...the user doesn't have any files - if (($util->recoveryEnabledForUser() && $recoveryPassword) || !$this->userHasKeys($user) || !$util->userHasFiles($user) - ) { - - // backup old keys - $this->backupAllKeys('recovery'); - - $newUserPassword = $params['password']; - - $keyPair = $this->crypt->createKeyPair(); - - // Save public key - $this->setPublicKey($user, $keyPair['publicKey']); - - // Encrypt private key with new password - $encryptedKey = $this->crypt->symmetricEncryptFileContent($keyPair['privateKey'], - $newUserPassword); - - if ($encryptedKey) { - $this->setPrivateKey($user, $encryptedKey); - - if ($recoveryPassword) { // if recovery key is set we can re-encrypt the key files - $this->recovery->recoverUsersFiles($recoveryPassword); - } - } else { - $this->log->error('Encryption Could not update users encryption password'); - } - } - } - } - /** * @param $userId * @return bool diff --git a/apps/encryption/lib/session.php b/apps/encryption/lib/session.php index e049a8fe40..8da11e522c 100644 --- a/apps/encryption/lib/session.php +++ b/apps/encryption/lib/session.php @@ -100,4 +100,15 @@ class Session { $this->session->set('privateKey', $key); } + + /** + * remove keys from session + */ + public function clear() { + $this->session->remove('publicSharePrivateKey'); + $this->session->remove('privateKey'); + $this->session->remove('encryptionInitialized'); + + } + } \ No newline at end of file From 6ccd3ffa23882b7d5018d707d2563a12c418fc09 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Tue, 31 Mar 2015 11:13:46 +0200 Subject: [PATCH 045/119] adding function getSecureRandom(); to IServerContainer --- lib/private/server.php | 2 +- lib/public/iservercontainer.php | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/lib/private/server.php b/lib/private/server.php index d135150c1f..a38096cf74 100644 --- a/lib/private/server.php +++ b/lib/private/server.php @@ -690,7 +690,7 @@ class Server extends SimpleContainer implements IServerContainer { * * @return \OCP\Security\ISecureRandom */ -function getSecureRandom() { + function getSecureRandom() { return $this->query('SecureRandom'); } diff --git a/lib/public/iservercontainer.php b/lib/public/iservercontainer.php index 2db1fc3249..9e36bc31be 100644 --- a/lib/public/iservercontainer.php +++ b/lib/public/iservercontainer.php @@ -149,6 +149,13 @@ interface IServerContainer { */ function getHasher(); + /** + * Returns a SecureRandom instance + * + * @return \OCP\Security\ISecureRandom + */ + function getSecureRandom(); + /** * Returns an instance of the db facade * @deprecated use getDatabaseConnection, will be removed in ownCloud 10 @@ -156,7 +163,6 @@ interface IServerContainer { */ function getDb(); - /** * Returns the app config manager * From bf809ac85aa6739010463235fe8f7878993c39ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Tue, 31 Mar 2015 11:50:53 +0200 Subject: [PATCH 046/119] Removing left overs from old encryption app --- apps/files/index.php | 1 - apps/files/js/files.js | 6 --- apps/files/templates/index.php | 1 - lib/private/connector/sabre/file.php | 22 +++----- lib/private/util.php | 45 ----------------- lib/public/util.php | 4 +- settings/ajax/decryptall.php | 62 ----------------------- settings/ajax/deletekeys.php | 35 ------------- settings/ajax/restorekeys.php | 35 ------------- settings/js/personal.js | 75 ---------------------------- settings/personal.php | 11 ---- settings/routes.php | 6 --- settings/templates/personal.php | 52 ------------------- 13 files changed, 9 insertions(+), 346 deletions(-) delete mode 100644 settings/ajax/decryptall.php delete mode 100644 settings/ajax/deletekeys.php delete mode 100644 settings/ajax/restorekeys.php diff --git a/apps/files/index.php b/apps/files/index.php index 3f93285902..23830da695 100644 --- a/apps/files/index.php +++ b/apps/files/index.php @@ -142,7 +142,6 @@ OCP\Util::addscript('files', 'keyboardshortcuts'); $tmpl = new OCP\Template('files', 'index', 'user'); $tmpl->assign('usedSpacePercent', (int)$storageInfo['relative']); $tmpl->assign('isPublic', false); -$tmpl->assign("encryptedFiles", \OCP\Util::encryptedFiles()); $tmpl->assign("mailNotificationEnabled", $config->getAppValue('core', 'shareapi_allow_mail_notification', 'no')); $tmpl->assign("mailPublicNotificationEnabled", $config->getAppValue('core', 'shareapi_allow_public_notification', 'no')); $tmpl->assign("allowShareWithLink", $config->getAppValue('core', 'shareapi_allow_links', 'yes')); diff --git a/apps/files/js/files.js b/apps/files/js/files.js index e63c3cad52..9d2d563984 100644 --- a/apps/files/js/files.js +++ b/apps/files/js/files.js @@ -126,7 +126,6 @@ return; } - var encryptedFiles = $('#encryptedFiles').val(); var initStatus = $('#encryptionInitStatus').val(); if (initStatus === '0') { // enc not initialized, but should be OC.Notification.show(t('files', 'Encryption App is enabled but your keys are not initialized, please log-out and log-in again')); @@ -134,11 +133,6 @@ } if (initStatus === '1') { // encryption tried to init but failed OC.Notification.show(t('files', 'Invalid private key for Encryption App. Please update your private key password in your personal settings to recover access to your encrypted files.')); - return; - } - if (encryptedFiles === '1') { - OC.Notification.show(t('files', 'Encryption was disabled but your files are still encrypted. Please go to your personal settings to decrypt your files.')); - return; } }, diff --git a/apps/files/templates/index.php b/apps/files/templates/index.php index 222a996aae..84f3033ba9 100644 --- a/apps/files/templates/index.php +++ b/apps/files/templates/index.php @@ -12,7 +12,6 @@ - diff --git a/lib/private/connector/sabre/file.php b/lib/private/connector/sabre/file.php index 58579f42df..a436973ba9 100644 --- a/lib/private/connector/sabre/file.php +++ b/lib/private/connector/sabre/file.php @@ -76,11 +76,6 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { throw new \Sabre\DAV\Exception\ServiceUnavailable("File is not updatable: ".$e->getMessage()); } - // throw an exception if encryption was disabled but the files are still encrypted - if (\OC_Util::encryptedFiles()) { - throw new \Sabre\DAV\Exception\ServiceUnavailable("Encryption is disabled"); - } - // verify path of the target $this->verifyPath(); @@ -187,18 +182,13 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { public function get() { //throw exception if encryption is disabled but files are still encrypted - if (\OC_Util::encryptedFiles()) { - throw new \Sabre\DAV\Exception\ServiceUnavailable("Encryption is disabled"); - } else { - try { - return $this->fileView->fopen(ltrim($this->path, '/'), 'rb'); - } catch (\OCP\Encryption\Exception\EncryptionException $e) { - throw new \Sabre\DAV\Exception\Forbidden($e->getMessage()); - } catch (\OCP\Files\StorageNotAvailableException $e) { - throw new \Sabre\DAV\Exception\ServiceUnavailable("Failed to open file: ".$e->getMessage()); - } + try { + return $this->fileView->fopen(ltrim($this->path, '/'), 'rb'); + } catch (\OCP\Encryption\Exception\EncryptionException $e) { + throw new \Sabre\DAV\Exception\Forbidden($e->getMessage()); + } catch (\OCP\Files\StorageNotAvailableException $e) { + throw new \Sabre\DAV\Exception\ServiceUnavailable("Failed to open file: ".$e->getMessage()); } - } /** diff --git a/lib/private/util.php b/lib/private/util.php index e6dd307fae..3fd0f84468 100644 --- a/lib/private/util.php +++ b/lib/private/util.php @@ -812,51 +812,6 @@ class OC_Util { return $errors; } - - /** - * check if there are still some encrypted files stored - * - * @return boolean - */ - public static function encryptedFiles() { - //check if encryption was enabled in the past - $encryptedFiles = false; - if (OC_App::isEnabled('files_encryption') === false) { - $view = new OC\Files\View('/' . OCP\User::getUser()); - $keysPath = '/files_encryption/keys'; - if ($view->is_dir($keysPath)) { - $dircontent = $view->getDirectoryContent($keysPath); - if (!empty($dircontent)) { - $encryptedFiles = true; - } - } - } - - return $encryptedFiles; - } - - /** - * check if a backup from the encryption keys exists - * - * @return boolean - */ - public static function backupKeysExists() { - //check if encryption was enabled in the past - $backupExists = false; - if (OC_App::isEnabled('files_encryption') === false) { - $view = new OC\Files\View('/' . OCP\User::getUser()); - $backupPath = '/files_encryption/backup.decryptAll'; - if ($view->is_dir($backupPath)) { - $dircontent = $view->getDirectoryContent($backupPath); - if (!empty($dircontent)) { - $backupExists = true; - } - } - } - - return $backupExists; - } - /** * Check for correct file permissions of data directory * diff --git a/lib/public/util.php b/lib/public/util.php index b50ce54839..37cb1b5448 100644 --- a/lib/public/util.php +++ b/lib/public/util.php @@ -219,9 +219,11 @@ class Util { /** * check if some encrypted files are stored * @return bool + * + * @deprecated No longer required */ public static function encryptedFiles() { - return \OC_Util::encryptedFiles(); + return false; } /** diff --git a/settings/ajax/decryptall.php b/settings/ajax/decryptall.php deleted file mode 100644 index 5925cee9df..0000000000 --- a/settings/ajax/decryptall.php +++ /dev/null @@ -1,62 +0,0 @@ - - * @author Joas Schilling - * @author Lukas Reschke - * @author Morris Jobke - * @author Robin Appelman - * @author Thomas Müller - * @author Volkan Gezer - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ -OCP\JSON::checkLoggedIn(); -OCP\JSON::callCheck(); - -//encryption app needs to be loaded -OC_App::loadApp('files_encryption'); - -// init encryption app -$params = array('uid' => \OCP\User::getUser(), - 'password' => (string)$_POST['password']); - -$view = new OC\Files\View('/'); -$util = new \OCA\Files_Encryption\Util($view, \OCP\User::getUser()); -$l = \OC::$server->getL10N('settings'); - -$result = $util->initEncryption($params); - -if ($result !== false) { - - try { - $successful = $util->decryptAll(); - } catch (\Exception $ex) { - \OCP\Util::writeLog('encryption library', "Decryption finished unexpected: " . $ex->getMessage(), \OCP\Util::ERROR); - $successful = false; - } - - $util->closeEncryptionSession(); - - if ($successful === true) { - \OCP\JSON::success(array('data' => array('message' => $l->t('Files decrypted successfully')))); - } else { - \OCP\JSON::error(array('data' => array('message' => $l->t('Couldn\'t decrypt your files, please check your owncloud.log or ask your administrator')))); - } -} else { - \OCP\JSON::error(array('data' => array('message' => $l->t('Couldn\'t decrypt your files, check your password and try again')))); -} - diff --git a/settings/ajax/deletekeys.php b/settings/ajax/deletekeys.php deleted file mode 100644 index 2192eb8c72..0000000000 --- a/settings/ajax/deletekeys.php +++ /dev/null @@ -1,35 +0,0 @@ - - * @author Morris Jobke - * @author Robin Appelman - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ -OCP\JSON::checkLoggedIn(); -OCP\JSON::callCheck(); - -$l = \OC::$server->getL10N('settings'); - -$util = new \OCA\Files_Encryption\Util(new \OC\Files\View(), \OC_User::getUser()); -$result = $util->deleteBackup('decryptAll'); - -if ($result) { - \OCP\JSON::success(array('data' => array('message' => $l->t('Encryption keys deleted permanently')))); -} else { - \OCP\JSON::error(array('data' => array('message' => $l->t('Couldn\'t permanently delete your encryption keys, please check your owncloud.log or ask your administrator')))); -} diff --git a/settings/ajax/restorekeys.php b/settings/ajax/restorekeys.php deleted file mode 100644 index 52c02b3aba..0000000000 --- a/settings/ajax/restorekeys.php +++ /dev/null @@ -1,35 +0,0 @@ - - * @author Morris Jobke - * @author Robin Appelman - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ -OCP\JSON::checkLoggedIn(); -OCP\JSON::callCheck(); - -$l = \OC::$server->getL10N('settings'); - -$util = new \OCA\Files_Encryption\Util(new \OC\Files\View(), \OC_User::getUser()); -$result = $util->restoreBackup('decryptAll'); - -if ($result) { - \OCP\JSON::success(array('data' => array('message' => $l->t('Backups restored successfully')))); -} else { - \OCP\JSON::error(array('data' => array('message' => $l->t('Couldn\'t restore your encryption keys, please check your owncloud.log or ask your administrator')))); -} diff --git a/settings/js/personal.js b/settings/js/personal.js index 30d7f5e938..a847a1ee3a 100644 --- a/settings/js/personal.js +++ b/settings/js/personal.js @@ -230,40 +230,6 @@ $(document).ready(function () { return false; }); - $('button:button[name="submitDecryptAll"]').click(function () { - var privateKeyPassword = $('#decryptAll input:password[id="privateKeyPassword"]').val(); - $('#decryptAll button:button[name="submitDecryptAll"]').prop("disabled", true); - $('#decryptAll input:password[name="privateKeyPassword"]').prop("disabled", true); - OC.Encryption.decryptAll(privateKeyPassword); - }); - - - $('button:button[name="submitRestoreKeys"]').click(function () { - $('#restoreBackupKeys button:button[name="submitDeleteKeys"]').prop("disabled", true); - $('#restoreBackupKeys button:button[name="submitRestoreKeys"]').prop("disabled", true); - OC.Encryption.restoreKeys(); - }); - - $('button:button[name="submitDeleteKeys"]').click(function () { - $('#restoreBackupKeys button:button[name="submitDeleteKeys"]').prop("disabled", true); - $('#restoreBackupKeys button:button[name="submitRestoreKeys"]').prop("disabled", true); - OC.Encryption.deleteKeys(); - }); - - $('#decryptAll input:password[name="privateKeyPassword"]').keyup(function (event) { - var privateKeyPassword = $('#decryptAll input:password[id="privateKeyPassword"]').val(); - if (privateKeyPassword !== '') { - $('#decryptAll button:button[name="submitDecryptAll"]').prop("disabled", false); - if (event.which === 13) { - $('#decryptAll button:button[name="submitDecryptAll"]').prop("disabled", true); - $('#decryptAll input:password[name="privateKeyPassword"]').prop("disabled", true); - OC.Encryption.decryptAll(privateKeyPassword); - } - } else { - $('#decryptAll button:button[name="submitDecryptAll"]').prop("disabled", true); - } - }); - var uploadparms = { done: function (e, data) { avatarResponseHandler(data.result); @@ -380,47 +346,6 @@ $(document).ready(function () { }); OC.Encryption = { - decryptAll: function (password) { - var message = t('settings', 'Decrypting files... Please wait, this can take some time.'); - OC.Encryption.msg.start('#decryptAll .msg', message); - $.post('ajax/decryptall.php', {password: password}, function (data) { - if (data.status === "error") { - OC.Encryption.msg.finished('#decryptAll .msg', data); - $('#decryptAll input:password[name="privateKeyPassword"]').prop("disabled", false); - } else { - OC.Encryption.msg.finished('#decryptAll .msg', data); - } - $('#restoreBackupKeys').removeClass('hidden'); - }); - }, - - deleteKeys: function () { - var message = t('settings', 'Delete encryption keys permanently.'); - OC.Encryption.msg.start('#restoreBackupKeys .msg', message); - $.post('ajax/deletekeys.php', null, function (data) { - if (data.status === "error") { - OC.Encryption.msg.finished('#restoreBackupKeys .msg', data); - $('#restoreBackupKeys button:button[name="submitDeleteKeys"]').prop("disabled", false); - $('#restoreBackupKeys button:button[name="submitRestoreKeys"]').prop("disabled", false); - } else { - OC.Encryption.msg.finished('#restoreBackupKeys .msg', data); - } - }); - }, - - restoreKeys: function () { - var message = t('settings', 'Restore encryption keys.'); - OC.Encryption.msg.start('#restoreBackupKeys .msg', message); - $.post('ajax/restorekeys.php', {}, function (data) { - if (data.status === "error") { - OC.Encryption.msg.finished('#restoreBackupKeys .msg', data); - $('#restoreBackupKeys button:button[name="submitDeleteKeys"]').prop("disabled", false); - $('#restoreBackupKeys button:button[name="submitRestoreKeys"]').prop("disabled", false); - } else { - OC.Encryption.msg.finished('#restoreBackupKeys .msg', data); - } - }); - } }; OC.Encryption.msg = { diff --git a/settings/personal.php b/settings/personal.php index e4d278d4f2..12b320ac00 100644 --- a/settings/personal.php +++ b/settings/personal.php @@ -59,11 +59,6 @@ $email=$config->getUserValue(OC_User::getUser(), 'settings', 'email', ''); $userLang=$config->getUserValue( OC_User::getUser(), 'core', 'lang', OC_L10N::findLanguage() ); $languageCodes=OC_L10N::findAvailableLanguages(); -//check if encryption was enabled in the past -$filesStillEncrypted = OC_Util::encryptedFiles(); -$backupKeysExists = OC_Util::backupKeysExists(); -$enableDecryptAll = $filesStillEncrypted || $backupKeysExists; - // array of common languages $commonlangcodes = array( 'en', 'es', 'fr', 'de', 'de_DE', 'ja', 'ar', 'ru', 'nl', 'it', 'pt_BR', 'pt_PT', 'da', 'fi_FI', 'nb_NO', 'sv', 'tr', 'zh_CN', 'ko' @@ -120,9 +115,6 @@ $tmpl->assign('activelanguage', $userLang); $tmpl->assign('passwordChangeSupported', OC_User::canUserChangePassword(OC_User::getUser())); $tmpl->assign('displayNameChangeSupported', OC_User::canUserChangeDisplayName(OC_User::getUser())); $tmpl->assign('displayName', OC_User::getDisplayName()); -$tmpl->assign('enableDecryptAll' , $enableDecryptAll); -$tmpl->assign('backupKeysExists' , $backupKeysExists); -$tmpl->assign('filesStillEncrypted' , $filesStillEncrypted); $tmpl->assign('enableAvatars', $config->getSystemValue('enable_avatars', true)); $tmpl->assign('avatarChangeSupported', OC_User::canUserChangeAvatar(OC_User::getUser())); $tmpl->assign('certs', $certificateManager->listCertificates()); @@ -163,9 +155,6 @@ $formsAndMore = array_merge($formsAndMore, $formsMap); // add bottom hardcoded forms from the template $formsAndMore[]= array( 'anchor' => 'ssl-root-certificates', 'section-name' => $l->t('SSL root certificates') ); -if($enableDecryptAll) { - $formsAndMore[]= array( 'anchor' => 'encryption', 'section-name' => $l->t('Encryption') ); -} $tmpl->assign('forms', $formsAndMore); $tmpl->printPage(); diff --git a/settings/routes.php b/settings/routes.php index 5a069e5a1c..af9ac1d8ee 100644 --- a/settings/routes.php +++ b/settings/routes.php @@ -89,12 +89,6 @@ $this->create('settings_personal_changepassword', '/settings/personal/changepass ->action('OC\Settings\ChangePassword\Controller', 'changePersonalPassword'); $this->create('settings_ajax_setlanguage', '/settings/ajax/setlanguage.php') ->actionInclude('settings/ajax/setlanguage.php'); -$this->create('settings_ajax_decryptall', '/settings/ajax/decryptall.php') - ->actionInclude('settings/ajax/decryptall.php'); -$this->create('settings_ajax_restorekeys', '/settings/ajax/restorekeys.php') - ->actionInclude('settings/ajax/restorekeys.php'); -$this->create('settings_ajax_deletekeys', '/settings/ajax/deletekeys.php') - ->actionInclude('settings/ajax/deletekeys.php'); $this->create('settings_cert_post', '/settings/ajax/addRootCertificate') ->actionInclude('settings/ajax/addRootCertificate.php'); $this->create('settings_cert_remove', '/settings/ajax/removeRootCertificate') diff --git a/settings/templates/personal.php b/settings/templates/personal.php index 2a0b4bb0dc..dfdc619180 100644 --- a/settings/templates/personal.php +++ b/settings/templates/personal.php @@ -242,58 +242,6 @@ if($_['passwordChangeSupported']) { - -
- -

- t( 'Encryption' ) ); ?> -

- - - -
- t( "The encryption app is no longer enabled, please decrypt all your files" )); ?> -

- - -
- - -

-
-
- - -
> - - t( "Your encryption keys are moved to a backup location. If something went wrong you can restore the keys. Only delete them permanently if you are sure that all files are decrypted correctly." )); ?> -

- - - - -

-
- -
- - -
- -

t('Version'));?>

getTitle()); ?>
From f5638d9163d7f46752351eb90ba2f3b381d68dc0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Tue, 31 Mar 2015 12:06:36 +0200 Subject: [PATCH 047/119] Fix settings --- apps/encryption/settings/settings-admin.php | 6 +++--- apps/encryption/settings/settings-personal.php | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/apps/encryption/settings/settings-admin.php b/apps/encryption/settings/settings-admin.php index a34d30d1de..36e9c532bb 100644 --- a/apps/encryption/settings/settings-admin.php +++ b/apps/encryption/settings/settings-admin.php @@ -6,16 +6,16 @@ * See the COPYING-README file. */ -use OCA\Encryption\KeyManager; - \OC_Util::checkAdminUser(); $tmpl = new OCP\Template('encryption', 'settings-admin'); // Check if an adminRecovery account is enabled for recovering files after lost pwd $recoveryAdminEnabled = \OC::$server->getConfig()->getAppValue('encryption', 'recoveryAdminEnabled', '0'); +$session = new \OCA\Encryption\Session(\OC::$server->getSession()); + $tmpl->assign('recoveryEnabled', $recoveryAdminEnabled); -$tmpl->assign('initStatus', KeyManager::$session->get('initStatus')); +$tmpl->assign('initStatus', $session->getStatus()); return $tmpl->fetchPage(); diff --git a/apps/encryption/settings/settings-personal.php b/apps/encryption/settings/settings-personal.php index 83594b8467..a4173dbd40 100644 --- a/apps/encryption/settings/settings-personal.php +++ b/apps/encryption/settings/settings-personal.php @@ -22,7 +22,7 @@ $keymanager = new \OCA\Encryption\KeyManager( \OC::$server->getConfig(), \OC::$server->getUserSession(), $session, - \OC::$server->getLogger()); + \OC::$server->getLogger(), null); $user = \OCP\User::getUser(); From 3458b5ab4ce7d88e95afcdb3ed0e3ff79ad924c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Tue, 31 Mar 2015 12:11:46 +0200 Subject: [PATCH 048/119] Remove old encryption left overs from trashbin --- apps/files_trashbin/lib/trashbin.php | 102 --------------------------- 1 file changed, 102 deletions(-) diff --git a/apps/files_trashbin/lib/trashbin.php b/apps/files_trashbin/lib/trashbin.php index 8d352e3631..1c880735b5 100644 --- a/apps/files_trashbin/lib/trashbin.php +++ b/apps/files_trashbin/lib/trashbin.php @@ -214,7 +214,6 @@ class Trashbin { 'trashPath' => \OC\Files\Filesystem::normalizePath($filename . '.d' . $timestamp))); $size += self::retainVersions($file_path, $filename, $timestamp); - $size += self::retainEncryptionKeys($file_path, $filename, $timestamp); // if owner !== user we need to also add a copy to the owners trash if ($user !== $owner) { @@ -277,51 +276,6 @@ class Trashbin { return $size; } - /** - * Move encryption keys to trash so that they can be restored later - * - * @param string $file_path path to original file - * @param string $filename of deleted file - * @param integer $timestamp when the file was deleted - * - * @return int size of encryption keys - */ - private static function retainEncryptionKeys($file_path, $filename, $timestamp) { - $size = 0; - - if (\OCP\App::isEnabled('files_encryption')) { - - $user = \OCP\User::getUser(); - $rootView = new \OC\Files\View('/'); - - list($owner, $ownerPath) = self::getUidAndFilename($file_path); - - // file has been deleted in between - if (empty($ownerPath)) { - return 0; - } - - $util = new \OCA\Files_Encryption\Util($rootView, $user); - - $baseDir = '/files_encryption/'; - if (!$util->isSystemWideMountPoint($ownerPath)) { - $baseDir = $owner . $baseDir; - } - - $keyfiles = \OC\Files\Filesystem::normalizePath($baseDir . '/keys/' . $ownerPath); - - if ($rootView->is_dir($keyfiles)) { - $size += self::calculateSize(new \OC\Files\View($keyfiles)); - if ($owner !== $user) { - self::copy_recursive($keyfiles, $owner . '/files_trashbin/keys/' . basename($ownerPath) . '.d' . $timestamp, $rootView); - } - $rootView->rename($keyfiles, $user . '/files_trashbin/keys/' . $filename . '.d' . $timestamp); - } - - } - return $size; - } - /** * restore files from trash bin * @@ -372,7 +326,6 @@ class Trashbin { 'trashPath' => \OC\Files\Filesystem::normalizePath($file))); self::restoreVersions($view, $file, $filename, $uniqueFilename, $location, $timestamp); - self::restoreEncryptionKeys($view, $file, $filename, $uniqueFilename, $location, $timestamp); if ($timestamp) { $query = \OC_DB::prepare('DELETE FROM `*PREFIX*files_trash` WHERE `user`=? AND `id`=? AND `timestamp`=?'); @@ -432,60 +385,6 @@ class Trashbin { } } - /** - * restore encryption keys from trash bin - * - * @param \OC\Files\View $view - * @param string $file complete path to file - * @param string $filename name of file - * @param string $uniqueFilename new file name to restore the file without overwriting existing files - * @param string $location location of file - * @param int $timestamp deletion time - * @return bool - */ - private static function restoreEncryptionKeys(\OC\Files\View $view, $file, $filename, $uniqueFilename, $location, $timestamp) { - - if (\OCP\App::isEnabled('files_encryption')) { - $user = \OCP\User::getUser(); - $rootView = new \OC\Files\View('/'); - - $target = \OC\Files\Filesystem::normalizePath('/' . $location . '/' . $uniqueFilename); - - list($owner, $ownerPath) = self::getUidAndFilename($target); - - // file has been deleted in between - if (empty($ownerPath)) { - return false; - } - - $util = new \OCA\Files_Encryption\Util($rootView, $user); - - $baseDir = '/files_encryption/'; - if (!$util->isSystemWideMountPoint($ownerPath)) { - $baseDir = $owner . $baseDir; - } - - $source_location = dirname($file); - - if ($view->is_dir('/files_trashbin/keys/' . $file)) { - if ($source_location != '.') { - $keyfile = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/keys/' . $source_location . '/' . $filename); - } else { - $keyfile = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/keys/' . $filename); - } - } - - if ($timestamp) { - $keyfile .= '.d' . $timestamp; - } - - if ($rootView->is_dir($keyfile)) { - $rootView->rename($keyfile, $baseDir . '/keys/' . $ownerPath); - } - - } - } - /** * delete all files from the trash */ @@ -501,7 +400,6 @@ class Trashbin { return true; } - /** * delete file from trash bin permanently * From 4db75e34074fa34d5558754e751b726338180e28 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Tue, 31 Mar 2015 13:25:11 +0200 Subject: [PATCH 049/119] Setting up the encryption wrapper in a setup hook - temporarily fixes the wrapping order --- lib/base.php | 18 +----------------- lib/private/encryption/manager.php | 20 +++++++++++++++++++- 2 files changed, 20 insertions(+), 18 deletions(-) diff --git a/lib/base.php b/lib/base.php index 44395be627..a5ca08123a 100644 --- a/lib/base.php +++ b/lib/base.php @@ -703,24 +703,8 @@ class OC { private static function registerEncryptionWrapper() { $enabled = self::$server->getEncryptionManager()->isEnabled(); if ($enabled) { - \OC\Files\Filesystem::addStorageWrapper('oc_encryption', function ($mountPoint, $storage, \OCP\Files\Mount\IMountPoint $mount) { - - $parameters = [ - 'storage' => $storage, - 'mountPoint' => $mountPoint, - 'mount' => $mount]; - $manager = \OC::$server->getEncryptionManager(); - $util = new \OC\Encryption\Util( - new \OC\Files\View(), - \OC::$server->getUserManager(), - \OC::$server->getConfig()); - $user = \OC::$server->getUserSession()->getUser(); - $logger = \OC::$server->getLogger(); - $uid = $user ? $user->getUID() : null; - return new \OC\Files\Storage\Wrapper\Encryption($parameters, $manager, $util, $logger, $uid); - }); + \OCP\Util::connectHook('OC_Filesystem', 'setup', 'OC\Encryption\Manager', 'setupStorage'); } - } private static function registerEncryptionHooks() { diff --git a/lib/private/encryption/manager.php b/lib/private/encryption/manager.php index 7cd49d1c0e..bf411ea95e 100644 --- a/lib/private/encryption/manager.php +++ b/lib/private/encryption/manager.php @@ -23,7 +23,9 @@ namespace OC\Encryption; +use OC\Files\Storage\Wrapper\Encryption; use OCP\Encryption\IEncryptionModule; +use OCP\Files\Mount\IMountPoint; class Manager implements \OCP\Encryption\IManager { @@ -181,5 +183,21 @@ class Manager implements \OCP\Encryption\IManager { } } - + public static function setupStorage() { + \OC\Files\Filesystem::addStorageWrapper('oc_encryption', function ($mountPoint, $storage, IMountPoint $mount) { + $parameters = [ + 'storage' => $storage, + 'mountPoint' => $mountPoint, + 'mount' => $mount]; + $manager = \OC::$server->getEncryptionManager(); + $util = new \OC\Encryption\Util( + new \OC\Files\View(), + \OC::$server->getUserManager(), + \OC::$server->getConfig()); + $user = \OC::$server->getUserSession()->getUser(); + $logger = \OC::$server->getLogger(); + $uid = $user ? $user->getUID() : null; + return new Encryption($parameters, $manager, $util, $logger, $uid); + }); + } } From 35b97ed67292efe1ba94996bd4ffb8b2c9694de9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Tue, 31 Mar 2015 13:25:35 +0200 Subject: [PATCH 050/119] Adding renameKeys to IStorage --- lib/public/encryption/keys/istorage.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/lib/public/encryption/keys/istorage.php b/lib/public/encryption/keys/istorage.php index 426057b80d..0a3ed44d37 100644 --- a/lib/public/encryption/keys/istorage.php +++ b/lib/public/encryption/keys/istorage.php @@ -113,7 +113,6 @@ interface IStorage { public function deleteAllFileKeys($path); /** - * delete system-wide encryption keys not related to a specific user, * e.g something like a key for public link shares * @@ -123,4 +122,14 @@ interface IStorage { */ public function deleteSystemUserKey($keyId); + /** + * move keys if a file was renamed + * + * @param string $source + * @param string $target + * @param string $owner + * @param bool $systemWide + */ + public function renameKeys($source, $target, $owner, $systemWide); + } From a98b7dbf6fc3a190d995326ea97f88296ed89080 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Tue, 31 Mar 2015 13:48:27 +0200 Subject: [PATCH 051/119] Fix double registration of encryption module --- apps/encryption/appinfo/app.php | 7 ++----- apps/encryption/appinfo/application.php | 2 +- lib/private/encryption/manager.php | 5 +---- 3 files changed, 4 insertions(+), 10 deletions(-) diff --git a/apps/encryption/appinfo/app.php b/apps/encryption/appinfo/app.php index 38f9ff2f04..8573f8d605 100644 --- a/apps/encryption/appinfo/app.php +++ b/apps/encryption/appinfo/app.php @@ -21,8 +21,5 @@ namespace OCA\Encryption\AppInfo; -if (!\OC::$CLI) { - $di = \OC::$server; - $app = new Application(); -} - +$app = new Application(); +$app->registerEncryptionModule(); diff --git a/apps/encryption/appinfo/application.php b/apps/encryption/appinfo/application.php index be432b1a5a..30962e83ad 100644 --- a/apps/encryption/appinfo/application.php +++ b/apps/encryption/appinfo/application.php @@ -55,7 +55,7 @@ class Application extends \OCP\AppFramework\App { $this->encryptionManager = \OC::$server->getEncryptionManager(); $this->config = \OC::$server->getConfig(); $this->registerServices(); - $this->registerEncryptionModule(); +// $this->registerEncryptionModule(); $this->registerHooks(); $this->registerSettings(); } diff --git a/lib/private/encryption/manager.php b/lib/private/encryption/manager.php index bf411ea95e..cf11c3cf33 100644 --- a/lib/private/encryption/manager.php +++ b/lib/private/encryption/manager.php @@ -69,14 +69,11 @@ class Manager implements \OCP\Encryption\IManager { $id = $module->getId(); $name = $module->getDisplayName(); - // FIXME why do we load the same encryption module multiple times - /* if (isset($this->encryptionModules[$id])) { $message = 'Id "' . $id . '" already used by encryption module "' . $name . '"'; throw new Exceptions\ModuleAlreadyExistsException($message); - } -*/ + $defaultEncryptionModuleId = $this->getDefaultEncryptionModuleId(); if (empty($defaultEncryptionModuleId)) { From 4b4aeaa5b2e13ae4272bf8f4b44564e5b8cb046a Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Tue, 31 Mar 2015 13:48:03 +0200 Subject: [PATCH 052/119] fix set recovery key and implement change password --- apps/encryption/appinfo/routes.php | 5 ++ .../controller/recoverycontroller.php | 54 ++++++++++++++----- apps/encryption/js/settings-admin.js | 2 +- .../exceptions/privatekeymissingexception.php | 2 +- apps/encryption/lib/keymanager.php | 44 +++++++++++++-- apps/encryption/lib/recovery.php | 31 ++++++----- 6 files changed, 108 insertions(+), 30 deletions(-) diff --git a/apps/encryption/appinfo/routes.php b/apps/encryption/appinfo/routes.php index b2c00c8334..030e761781 100644 --- a/apps/encryption/appinfo/routes.php +++ b/apps/encryption/appinfo/routes.php @@ -33,6 +33,11 @@ namespace OCA\Encryption\AppInfo; 'name' => 'Recovery#userRecovery', 'url' => '/ajax/userRecovery', 'verb' => 'POST' + ], + [ + 'name' => 'Recovery#changeRecoveryPassword', + 'url' => '/ajax/changeRecoveryPassword', + 'verb' => 'POST' ] diff --git a/apps/encryption/controller/recoverycontroller.php b/apps/encryption/controller/recoverycontroller.php index abea899333..e7bfd37490 100644 --- a/apps/encryption/controller/recoverycontroller.php +++ b/apps/encryption/controller/recoverycontroller.php @@ -28,7 +28,7 @@ use OCP\IConfig; use OCP\IL10N; use OCP\IRequest; use OCP\JSON; -use Symfony\Component\HttpFoundation\JsonResponse; +use OCP\AppFramework\Http\DataResponse; class RecoveryController extends Controller { /** @@ -62,32 +62,60 @@ class RecoveryController extends Controller { // Check if both passwords are the same if (empty($recoveryPassword)) { $errorMessage = $this->l->t('Missing recovery key password'); - return new JsonResponse(['data' => ['message' => $errorMessage]], 500); + return new DataResponse(['data' => ['message' => $errorMessage]], 500); } if (empty($confirmPassword)) { $errorMessage = $this->l->t('Please repeat the recovery key password'); - return new JsonResponse(['data' => ['message' => $errorMessage]], 500); + return new DataResponse(['data' => ['message' => $errorMessage]], 500); } if ($recoveryPassword !== $confirmPassword) { $errorMessage = $this->l->t('Repeated recovery key password does not match the provided recovery key password'); - return new JsonResponse(['data' => ['message' => $errorMessage]], 500); + return new DataResponse(['data' => ['message' => $errorMessage]], 500); } - // Enable recoveryAdmin - $recoveryKeyId = $this->config->getAppValue('encryption', 'recoveryKeyId'); - if (isset($adminEnableRecovery) && $adminEnableRecovery === '1') { - if ($this->recovery->enableAdminRecovery($recoveryKeyId, $recoveryPassword)) { - return new JsonResponse(['data' => array('message' => $this->l->t('Recovery key successfully enabled'))]); + if ($this->recovery->enableAdminRecovery($recoveryPassword)) { + return new DataResponse(['status' =>'success', 'data' => array('message' => $this->l->t('Recovery key successfully enabled'))]); } - return new JsonResponse(['data' => array('message' => $this->l->t('Could not enable recovery key. Please check your recovery key password!'))]); + return new DataResponse(['data' => array('message' => $this->l->t('Could not enable recovery key. Please check your recovery key password!'))]); } elseif (isset($adminEnableRecovery) && $adminEnableRecovery === '0') { - if ($this->recovery->disableAdminRecovery($recoveryKeyId, $recoveryPassword)) { - return new JsonResponse(['data' => array('message' => $this->l->t('Recovery key successfully disabled'))]); + if ($this->recovery->disableAdminRecovery($recoveryPassword)) { + return new DataResponse(['data' => array('message' => $this->l->t('Recovery key successfully disabled'))]); } - return new JsonResponse(['data' => array('message' => $this->l->t('Could not disable recovery key. Please check your recovery key password!'))]); + return new DataResponse(['data' => array('message' => $this->l->t('Could not disable recovery key. Please check your recovery key password!'))]); + } + } + + public function changeRecoveryPassword($newPassword, $oldPassword, $confirmPassword) { + //check if both passwords are the same + if (empty($oldPassword)) { + $errorMessage = $this->l->t('Please provide the old recovery password'); + return new DataResponse(array('data' => array('message' => $errorMessage))); + } + + if (empty($newPassword)) { + $errorMessage = $this->l->t('Please provide a new recovery password'); + return new DataResponse (array('data' => array('message' => $errorMessage))); + } + + if (empty($confirmPassword)) { + $errorMessage = $this->l->t('Please repeat the new recovery password'); + return new DataResponse(array('data' => array('message' => $errorMessage))); + } + + if ($newPassword !== $confirmPassword) { + $errorMessage = $this->l->t('Repeated recovery key password does not match the provided recovery key password'); + return new DataResponse(array('data' => array('message' => $errorMessage))); + } + + $result = $this->recovery->changeRecoveryKeyPassword($newPassword, $oldPassword); + + if ($result) { + return new DataResponse(array('status' => 'success' ,'data' => array('message' => $this->l->t('Password successfully changed.')))); + } else { + return new DataResponse(array('data' => array('message' => $this->l->t('Could not change the password. Maybe the old password was not correct.')))); } } diff --git a/apps/encryption/js/settings-admin.js b/apps/encryption/js/settings-admin.js index e5d3bebb20..36765adf3e 100644 --- a/apps/encryption/js/settings-admin.js +++ b/apps/encryption/js/settings-admin.js @@ -44,7 +44,7 @@ $(document).ready(function(){ var confirmNewPassword = $('#repeatedNewEncryptionRecoveryPassword').val(); OC.msg.startSaving('#encryptionChangeRecoveryKey .msg'); $.post( - OC.filePath( 'encryption', 'ajax', 'changeRecoveryPassword.php' ) + OC.generateUrl('/apps/encryption/ajax/changeRecoveryPassword') , { oldPassword: oldRecoveryPassword, newPassword: newRecoveryPassword, confirmPassword: confirmNewPassword } , function( data ) { OC.msg.finishedSaving('#encryptionChangeRecoveryKey .msg', data); diff --git a/apps/encryption/lib/exceptions/privatekeymissingexception.php b/apps/encryption/lib/exceptions/privatekeymissingexception.php index e06940f7ac..ddc3d11cdb 100644 --- a/apps/encryption/lib/exceptions/privatekeymissingexception.php +++ b/apps/encryption/lib/exceptions/privatekeymissingexception.php @@ -23,6 +23,6 @@ namespace OCA\Encryption\Exceptions; -class PrivateKeyMissingException extends GenericEncryptionException{ +class PrivateKeyMissingException extends \Exception{ } diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index 87b19fe35e..67a32d7590 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -108,6 +108,14 @@ class KeyManager { $this->config = $config; $this->recoveryKeyId = $this->config->getAppValue('encryption', 'recoveryKeyId'); + if (empty($this->recoveryKeyId)) { + $this->recoveryKeyId = 'recoveryKey_' . substr(md5(time()), 0, 8); + $this->config->setAppValue('encryption', + 'recoveryKeyId', + $this->recoveryKeyId); + } + + $this->publicShareKeyId = $this->config->getAppValue('encryption', 'publicShareKeyId'); $this->log = $log; @@ -171,7 +179,7 @@ class KeyManager { * @return bool */ public function checkRecoveryPassword($password) { - $recoveryKey = $this->keyStorage->getSystemUserKey($this->recoveryKeyId); + $recoveryKey = $this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.privateKey'); $decryptedRecoveryKey = $this->crypt->decryptPrivateKey($recoveryKey, $password); @@ -202,6 +210,26 @@ class KeyManager { return false; } + /** + * @param string $uid + * @param string $password + * @param array $keyPair + * @return bool + */ + public function setRecoveryKey($password, $keyPair) { + // Save Public Key + $this->keyStorage->setSystemUserKey($this->getRecoveryKeyId(). '.publicKey', $keyPair['publicKey']); + + $encryptedKey = $this->crypt->symmetricEncryptFileContent($keyPair['privateKey'], + $password); + + if ($encryptedKey) { + $this->setSystemPrivateKey($this->getRecoveryKeyId(), $encryptedKey); + return true; + } + return false; + } + /** * @param $userId * @param $key @@ -428,9 +456,19 @@ class KeyManager { } /** + * @param string $keyId * @return string returns openssl key */ - public function getSystemPrivateKey() { - return $this->keyStorage->getSystemUserKey($this->privateKeyId); + public function getSystemPrivateKey($keyId) { + return $this->keyStorage->getSystemUserKey($keyId . '.' . $this->privateKeyId); + } + + /** + * @param string $keyId + * @param string $key + * @return string returns openssl key + */ + public function setSystemPrivateKey($keyId, $key) { + return $this->keyStorage->setSystemUserKey($keyId . '.' . $this->privateKeyId, $key); } } diff --git a/apps/encryption/lib/recovery.php b/apps/encryption/lib/recovery.php index 376d3ef83b..0426c3746e 100644 --- a/apps/encryption/lib/recovery.php +++ b/apps/encryption/lib/recovery.php @@ -88,24 +88,14 @@ class Recovery { * @param $password * @return bool */ - public function enableAdminRecovery($recoveryKeyId, $password) { + public function enableAdminRecovery($password) { $appConfig = $this->config; - - if ($recoveryKeyId === null) { - $recoveryKeyId = $this->random->getLowStrengthGenerator(); - $appConfig->setAppValue('encryption', - 'recoveryKeyId', - $recoveryKeyId); - } - $keyManager = $this->keyManager; if (!$keyManager->recoveryKeyExists()) { $keyPair = $this->crypt->createKeyPair(); - return $this->keyManager->storeKeyPair($this->user->getUID(), - $password, - $keyPair); + $this->keyManager->setRecoveryKey($password, $keyPair); } if ($keyManager->checkRecoveryPassword($password)) { @@ -116,6 +106,23 @@ class Recovery { return false; } + /** + * change recovery key id + * + * @param string $newPassword + * @param string $oldPassword + */ + public function changeRecoveryKeyPassword($newPassword, $oldPassword) { + $recoveryKey = $this->keyManager->getSystemPrivateKey($this->keyManager->getRecoveryKeyId()); + $decryptedRecoveryKey = $this->crypt->decryptPrivateKey($recoveryKey, $oldPassword); + $encryptedRecoveryKey = $this->crypt->symmetricEncryptFileContent($decryptedRecoveryKey, $newPassword); + if ($encryptedRecoveryKey) { + $this->keyManager->setSystemPrivateKey($this->keyManager->getRecoveryKeyId(), $encryptedRecoveryKey); + return true; + } + return false; + } + /** * @param $recoveryPassword * @return bool From 6bd83c04227173ec97c08b3ca8e92812c8342f7e Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Tue, 31 Mar 2015 14:26:38 +0200 Subject: [PATCH 053/119] register settings and hooks only once --- apps/encryption/appinfo/app.php | 2 ++ apps/encryption/appinfo/application.php | 8 -------- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/apps/encryption/appinfo/app.php b/apps/encryption/appinfo/app.php index 8573f8d605..240a172671 100644 --- a/apps/encryption/appinfo/app.php +++ b/apps/encryption/appinfo/app.php @@ -23,3 +23,5 @@ namespace OCA\Encryption\AppInfo; $app = new Application(); $app->registerEncryptionModule(); +$app->registerHooks(); +$app->registerSettings(); diff --git a/apps/encryption/appinfo/application.php b/apps/encryption/appinfo/application.php index 30962e83ad..e8f10798bb 100644 --- a/apps/encryption/appinfo/application.php +++ b/apps/encryption/appinfo/application.php @@ -55,9 +55,6 @@ class Application extends \OCP\AppFramework\App { $this->encryptionManager = \OC::$server->getEncryptionManager(); $this->config = \OC::$server->getConfig(); $this->registerServices(); -// $this->registerEncryptionModule(); - $this->registerHooks(); - $this->registerSettings(); } /** @@ -178,11 +175,6 @@ class Application extends \OCP\AppFramework\App { * */ public function registerSettings() { - -// script('encryption', 'encryption'); -// script('encryption', 'detect-migration'); - - // Register settings scripts App::registerAdmin('encryption', 'settings/settings-admin'); App::registerPersonal('encryption', 'settings/settings-personal'); From bd933b1c85dff950e83591a6245ba2e15db33caf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Tue, 31 Mar 2015 14:50:31 +0200 Subject: [PATCH 054/119] Adding app icon and fixing admin setting --- apps/encryption/img/app.svg | 51 ++++++++++++++ .../templates/settings-personal.php | 6 +- apps/encryption_dummy/img/app.svg | 51 ++++++++++++++ settings/admin.php | 12 ++-- settings/templates/admin.php | 67 ------------------- 5 files changed, 112 insertions(+), 75 deletions(-) create mode 100644 apps/encryption/img/app.svg create mode 100644 apps/encryption_dummy/img/app.svg diff --git a/apps/encryption/img/app.svg b/apps/encryption/img/app.svg new file mode 100644 index 0000000000..1157c71c66 --- /dev/null +++ b/apps/encryption/img/app.svg @@ -0,0 +1,51 @@ + +image/svg+xml \ No newline at end of file diff --git a/apps/encryption/templates/settings-personal.php b/apps/encryption/templates/settings-personal.php index b7aa0239ee..cefd6f4ad5 100644 --- a/apps/encryption/templates/settings-personal.php +++ b/apps/encryption/templates/settings-personal.php @@ -5,11 +5,11 @@

t('ownCloud basic encryption module')); ?>

- + t("Encryption App is enabled but your keys are not initialized, please log-out and log-in again")); ?> - +

- +

diff --git a/apps/encryption_dummy/img/app.svg b/apps/encryption_dummy/img/app.svg new file mode 100644 index 0000000000..1157c71c66 --- /dev/null +++ b/apps/encryption_dummy/img/app.svg @@ -0,0 +1,51 @@ + +image/svg+xml \ No newline at end of file diff --git a/settings/admin.php b/settings/admin.php index 95afaf1ac0..976d0a5c3f 100644 --- a/settings/admin.php +++ b/settings/admin.php @@ -159,6 +159,7 @@ foreach ($forms as $index => $form) { if ($filesExternal) { $formsAndMore[] = array('anchor' => 'files_external', 'section-name' => $l->t('External Storage')); } + $template->assign('fileSharingSettings', $fileSharingSettings); $template->assign('filesExternal', $filesExternal); $template->assign('updaterAppPanel', $updaterAppPanel); @@ -184,12 +185,13 @@ $formsMap = array_map(function ($form) { $formsAndMore = array_merge($formsAndMore, $formsMap); // add bottom hardcoded forms from the template -$formsAndMore[] = array('anchor' => 'backgroundjobs', 'section-name' => $l->t('Cron')); -$formsAndMore[] = array('anchor' => 'mail_general_settings', 'section-name' => $l->t('Email Server')); -$formsAndMore[] = array('anchor' => 'log-section', 'section-name' => $l->t('Log')); -$formsAndMore[] = array('anchor' => 'admin-tips', 'section-name' => $l->t('Tips & tricks')); +$formsAndMore[] = ['anchor' => 'encryptionAPI', 'section-name' => $l->t('Server Side Encryption')]; +$formsAndMore[] = ['anchor' => 'backgroundjobs', 'section-name' => $l->t('Cron')]; +$formsAndMore[] = ['anchor' => 'mail_general_settings', 'section-name' => $l->t('Email Server')]; +$formsAndMore[] = ['anchor' => 'log-section', 'section-name' => $l->t('Log')]; +$formsAndMore[] = ['anchor' => 'admin-tips', 'section-name' => $l->t('Tips & tricks')]; if ($updaterAppPanel) { - $formsAndMore[] = array('anchor' => 'updater', 'section-name' => $l->t('Updates')); + $formsAndMore[] = ['anchor' => 'updater', 'section-name' => $l->t('Updates')]; } $template->assign('forms', $formsAndMore); diff --git a/settings/templates/admin.php b/settings/templates/admin.php index 1b0ed66563..1b8ab0e381 100644 --- a/settings/templates/admin.php +++ b/settings/templates/admin.php @@ -295,73 +295,6 @@ if ($_['cronErrors']) {

-
-

t('Sharing'));?>

-

- /> -
-

-

- /> -
-

- -

- /> -
- - /> -
- - /> -
- - /> -
- -

-

- t( 'Expire after ' )); ?> - ' /> - t( 'days' )); ?> - /> -
-

-

- /> -
-

-

- /> -
-

-

- /> -
-

-

- /> -
-

-

- -
- t('These groups will still be able to receive shares, but not to initiate them.')); ?> -

-
-

t('Server Side Encryption'));?>

From e4895bda01f9c94fc33e094ae9466e1cf5502916 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Tue, 31 Mar 2015 16:23:31 +0200 Subject: [PATCH 055/119] add helper class accessible for encryption modules to ask for a list of users with access to a file, needed to apply the recovery key to all files --- apps/encryption/appinfo/application.php | 4 +- apps/encryption/appinfo/routes.php | 5 ++ .../controller/recoverycontroller.php | 61 ++++++++++--- apps/encryption/js/settings-personal.js | 29 +------ apps/encryption/lib/recovery.php | 87 ++++++++++++++++--- .../encryption/settings/settings-personal.php | 6 +- .../templates/settings-personal.php | 2 + lib/base.php | 1 + lib/private/encryption/file.php | 81 +++++++++++++++++ lib/private/encryption/update.php | 8 +- lib/private/encryption/util.php | 47 +--------- lib/private/files/stream/encryption.php | 9 +- lib/private/server.php | 12 +++ lib/public/encryption/ifile.php | 36 ++++++++ lib/public/encryption/imanager.php | 4 +- lib/public/iservercontainer.php | 5 ++ 16 files changed, 290 insertions(+), 107 deletions(-) create mode 100644 lib/private/encryption/file.php create mode 100644 lib/public/encryption/ifile.php diff --git a/apps/encryption/appinfo/application.php b/apps/encryption/appinfo/application.php index e8f10798bb..372d49e5ef 100644 --- a/apps/encryption/appinfo/application.php +++ b/apps/encryption/appinfo/application.php @@ -139,7 +139,9 @@ class Application extends \OCP\AppFramework\App { $server->getSecureRandom(), $c->query('KeyManager'), $server->getConfig(), - $server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID)); + $server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID), + $server->getEncryptionFilesHelper(), + new \OC\Files\View()); }); $container->registerService('RecoveryController', function (IAppContainer $c) { diff --git a/apps/encryption/appinfo/routes.php b/apps/encryption/appinfo/routes.php index 030e761781..1a6cf18fbe 100644 --- a/apps/encryption/appinfo/routes.php +++ b/apps/encryption/appinfo/routes.php @@ -38,6 +38,11 @@ namespace OCA\Encryption\AppInfo; 'name' => 'Recovery#changeRecoveryPassword', 'url' => '/ajax/changeRecoveryPassword', 'verb' => 'POST' + ], + [ + 'name' => 'Recovery#userSetRecovery', + 'url' => '/ajax/userSetRecovery', + 'verb' => 'POST' ] diff --git a/apps/encryption/controller/recoverycontroller.php b/apps/encryption/controller/recoverycontroller.php index e7bfd37490..d115feb8e3 100644 --- a/apps/encryption/controller/recoverycontroller.php +++ b/apps/encryption/controller/recoverycontroller.php @@ -61,61 +61,72 @@ class RecoveryController extends Controller { public function adminRecovery($recoveryPassword, $confirmPassword, $adminEnableRecovery) { // Check if both passwords are the same if (empty($recoveryPassword)) { - $errorMessage = $this->l->t('Missing recovery key password'); + $errorMessage = (string) $this->l->t('Missing recovery key password'); return new DataResponse(['data' => ['message' => $errorMessage]], 500); } if (empty($confirmPassword)) { - $errorMessage = $this->l->t('Please repeat the recovery key password'); + $errorMessage = (string) $this->l->t('Please repeat the recovery key password'); return new DataResponse(['data' => ['message' => $errorMessage]], 500); } if ($recoveryPassword !== $confirmPassword) { - $errorMessage = $this->l->t('Repeated recovery key password does not match the provided recovery key password'); + $errorMessage = (string) $this->l->t('Repeated recovery key password does not match the provided recovery key password'); return new DataResponse(['data' => ['message' => $errorMessage]], 500); } if (isset($adminEnableRecovery) && $adminEnableRecovery === '1') { if ($this->recovery->enableAdminRecovery($recoveryPassword)) { - return new DataResponse(['status' =>'success', 'data' => array('message' => $this->l->t('Recovery key successfully enabled'))]); + return new DataResponse(['status' =>'success', 'data' => array('message' => (string) $this->l->t('Recovery key successfully enabled'))]); } - return new DataResponse(['data' => array('message' => $this->l->t('Could not enable recovery key. Please check your recovery key password!'))]); + return new DataResponse(['data' => array('message' => (string) $this->l->t('Could not enable recovery key. Please check your recovery key password!'))]); } elseif (isset($adminEnableRecovery) && $adminEnableRecovery === '0') { if ($this->recovery->disableAdminRecovery($recoveryPassword)) { - return new DataResponse(['data' => array('message' => $this->l->t('Recovery key successfully disabled'))]); + return new DataResponse(['data' => array('message' => (string) $this->l->t('Recovery key successfully disabled'))]); } - return new DataResponse(['data' => array('message' => $this->l->t('Could not disable recovery key. Please check your recovery key password!'))]); + return new DataResponse(['data' => array('message' => (string) $this->l->t('Could not disable recovery key. Please check your recovery key password!'))]); } } public function changeRecoveryPassword($newPassword, $oldPassword, $confirmPassword) { //check if both passwords are the same if (empty($oldPassword)) { - $errorMessage = $this->l->t('Please provide the old recovery password'); + $errorMessage = (string) $this->l->t('Please provide the old recovery password'); return new DataResponse(array('data' => array('message' => $errorMessage))); } if (empty($newPassword)) { - $errorMessage = $this->l->t('Please provide a new recovery password'); + $errorMessage = (string) $this->l->t('Please provide a new recovery password'); return new DataResponse (array('data' => array('message' => $errorMessage))); } if (empty($confirmPassword)) { - $errorMessage = $this->l->t('Please repeat the new recovery password'); + $errorMessage = (string) $this->l->t('Please repeat the new recovery password'); return new DataResponse(array('data' => array('message' => $errorMessage))); } if ($newPassword !== $confirmPassword) { - $errorMessage = $this->l->t('Repeated recovery key password does not match the provided recovery key password'); + $errorMessage = (string) $this->l->t('Repeated recovery key password does not match the provided recovery key password'); return new DataResponse(array('data' => array('message' => $errorMessage))); } $result = $this->recovery->changeRecoveryKeyPassword($newPassword, $oldPassword); if ($result) { - return new DataResponse(array('status' => 'success' ,'data' => array('message' => $this->l->t('Password successfully changed.')))); + return new DataResponse( + array( + 'status' => 'success' , + 'data' => array( + 'message' => (string) $this->l->t('Password successfully changed.')) + ) + ); } else { - return new DataResponse(array('data' => array('message' => $this->l->t('Could not change the password. Maybe the old password was not correct.')))); + return new DataResponse( + array( + 'data' => array + ('message' => (string) $this->l->t('Could not change the password. Maybe the old password was not correct.')) + ) + ); } } @@ -131,4 +142,28 @@ class RecoveryController extends Controller { } } + public function userSetRecovery($userEnableRecovery) { + if ($userEnableRecovery === '0' || $userEnableRecovery === '1') { + + $result = $this->recovery->setRecoveryForUser($userEnableRecovery); + + if ($result) { + return new DataResponse( + array( + 'status' => 'success', + 'data' => array( + 'message' => (string) $this->l->t('Recovery Key enabled')) + ) + ); + } else { + return new DataResponse( + array( + 'data' => array + ('message' => (string) $this->l->t('Could not enable the recovery key, please try again or contact your administrator')) + ) + ); + } + } + } + } diff --git a/apps/encryption/js/settings-personal.js b/apps/encryption/js/settings-personal.js index b798ba7e4e..7f0f4c6c26 100644 --- a/apps/encryption/js/settings-personal.js +++ b/apps/encryption/js/settings-personal.js @@ -29,7 +29,7 @@ $(document).ready(function(){ var recoveryStatus = $( this ).val(); OC.msg.startAction('#userEnableRecovery .msg', 'Updating recovery keys. This can take some time...'); $.post( - OC.filePath( 'files_encryption', 'ajax', 'userrecovery.php' ) + OC.generateUrl('/apps/encryption/ajax/userSetRecovery') , { userEnableRecovery: recoveryStatus } , function( data ) { OC.msg.finishedAction('#userEnableRecovery .msg', data); @@ -40,33 +40,6 @@ $(document).ready(function(){ } ); - $("#encryptAll").click( - function(){ - - // Hide feedback messages in case they're already visible - $('#encryptAllSuccess').hide(); - $('#encryptAllError').hide(); - - var userPassword = $( '#userPassword' ).val(); - var encryptAll = $( '#encryptAll' ).val(); - - $.post( - OC.filePath( 'files_encryption', 'ajax', 'encryptall.php' ) - , { encryptAll: encryptAll, userPassword: userPassword } - , function( data ) { - if ( data.status == "success" ) { - $('#encryptAllSuccess').show(); - } else { - $('#encryptAllError').show(); - } - } - ); - // Ensure page is not reloaded on form submit - return false; - } - - ); - // update private key password $('input:password[name="changePrivateKeyPassword"]').keyup(function(event) { diff --git a/apps/encryption/lib/recovery.php b/apps/encryption/lib/recovery.php index 0426c3746e..701c0934c9 100644 --- a/apps/encryption/lib/recovery.php +++ b/apps/encryption/lib/recovery.php @@ -29,7 +29,8 @@ use OCP\IUser; use OCP\IUserSession; use OCP\PreConditionNotMetException; use OCP\Security\ISecureRandom; -use OCP\Share; +use OC\Files\View; +use OCP\Encryption\IFile; class Recovery { @@ -58,7 +59,17 @@ class Recovery { * @var IStorage */ private $keyStorage; - + /** + * @var View + */ + private $view; + /** + * @var IFile + */ + private $file; + /** + * @var string + */ private $recoveryKeyId; /** @@ -68,19 +79,25 @@ class Recovery { * @param KeyManager $keyManager * @param IConfig $config * @param IStorage $keyStorage + * @param IFile $file + * @param View $view */ public function __construct(IUserSession $user, Crypt $crypt, ISecureRandom $random, KeyManager $keyManager, IConfig $config, - IStorage $keyStorage) { + IStorage $keyStorage, + IFile $file, + View $view) { $this->user = $user && $user->isLoggedIn() ? $user->getUser() : false; $this->crypt = $crypt; $this->random = $random; $this->keyManager = $keyManager; $this->config = $config; $this->keyStorage = $keyStorage; + $this->view = $view; + $this->file = $file; } /** @@ -138,14 +155,6 @@ class Recovery { return false; } - public function addRecoveryKeys($keyId) { - // No idea new way to do this.... - } - - public function removeRecoveryKeys() { - // No idea new way to do this.... - } - /** * @return bool */ @@ -159,23 +168,73 @@ class Recovery { } /** - * @param $enabled + * @param string $value * @return bool */ - public function setRecoveryForUser($enabled) { - $value = $enabled ? '1' : '0'; + public function setRecoveryForUser($value) { try { $this->config->setUserValue($this->user->getUID(), 'encryption', 'recoveryEnabled', $value); + + if ($value === '1') { + $this->addRecoveryKeys('/' . $this->user . '/files/'); + } else { + $this->removeRecoveryKeys(); + } + return true; } catch (PreConditionNotMetException $e) { return false; } } + /** + * add recovery key to all encrypted files + */ + private function addRecoveryKeys($path = '/') { + $dirContent = $this->view->getDirectoryContent($path); + foreach ($dirContent as $item) { + // get relative path from files_encryption/keyfiles/ + $filePath = $item['path']; + if ($item['type'] === 'dir') { + $this->addRecoveryKeys($filePath . '/'); + } else { + $fileKey = $this->keyManager->getFileKey($filePath, $this->user); + if (!empty($fileKey)) { + $accessList = $this->file->getAccessList($path); + $publicKeys = array(); + foreach ($accessList['users'] as $uid) { + $publicKeys[$uid] = $this->keymanager->getPublicKey($uid); + } + + $encryptedKeyfiles = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys); + $this->keymanager->setAllFileKeys($path, $encryptedKeyfiles); + } + } + } + } + + /** + * remove recovery key to all encrypted files + */ + private function removeRecoveryKeys($path = '/') { + $dirContent = $this->view->getDirectoryContent($this->keyfilesPath . $path); + foreach ($dirContent as $item) { + // get relative path from files_encryption/keyfiles + $filePath = substr($item['path'], strlen('files_encryption/keyfiles')); + if ($item['type'] === 'dir') { + $this->removeRecoveryKeys($filePath . '/'); + } else { + // remove '.key' extension from path e.g. 'file.txt.key' to 'file.txt' + $file = substr($filePath, 0, -4); + $this->view->unlink($this->shareKeysPath . '/' . $file . '.' . $this->recoveryKeyId . '.shareKey'); + } + } + } + /** * @param $recoveryPassword */ diff --git a/apps/encryption/settings/settings-personal.php b/apps/encryption/settings/settings-personal.php index a4173dbd40..8caacbd19c 100644 --- a/apps/encryption/settings/settings-personal.php +++ b/apps/encryption/settings/settings-personal.php @@ -29,7 +29,11 @@ $user = \OCP\User::getUser(); $view = new \OC\Files\View('/'); $util = new \OCA\Encryption\Util( - new \OC\Files\View(), $crypt, $keymanager, \OC::$server->getLogger(), \OC::$server->getUserSession(), \OC::$server->getConfig()); + new \OC\Files\View(), + $crypt, $keymanager, + \OC::$server->getLogger(), + \OC::$server->getUserSession(), + \OC::$server->getConfig()); $privateKeySet = $session->isPrivateKeySet(); // did we tried to initialize the keys for this session? diff --git a/apps/encryption/templates/settings-personal.php b/apps/encryption/templates/settings-personal.php index cefd6f4ad5..6b8821ca8a 100644 --- a/apps/encryption/templates/settings-personal.php +++ b/apps/encryption/templates/settings-personal.php @@ -1,6 +1,8 @@

t('ownCloud basic encryption module')); ?>

diff --git a/lib/base.php b/lib/base.php index a5ca08123a..1d53646415 100644 --- a/lib/base.php +++ b/lib/base.php @@ -723,6 +723,7 @@ class OC { \OC::$server->getConfig()), \OC\Files\Filesystem::getMountManager(), \OC::$server->getEncryptionManager(), + \OC::$server->getEncryptionFilesHelper(), $uid ); \OCP\Util::connectHook('OCP\Share', 'post_shared', $updater, 'postShared'); diff --git a/lib/private/encryption/file.php b/lib/private/encryption/file.php new file mode 100644 index 0000000000..f231500fb0 --- /dev/null +++ b/lib/private/encryption/file.php @@ -0,0 +1,81 @@ + + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE + * License as published by the Free Software Foundation; either + * version 3 of the License, or any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU AFFERO GENERAL PUBLIC LICENSE for more details. + * + * You should have received a copy of the GNU Affero General Public + * License along with this library. If not, see . + */ + +namespace OC\Encryption; + +use OC\Encryption\Util; + +class File implements \OCP\Encryption\IFile { + + /** @var Util */ + protected $util; + + public function __construct(Util $util) { + $this->util = $util; + } + + + /** + * get list of users with access to the file + * + * @param $path to the file + * @return array + */ + public function getAccessList($path) { + + // Make sure that a share key is generated for the owner too + list($owner, $ownerPath) = $this->util->getUidAndFilename($path); + + // always add owner to the list of users with access to the file + $userIds = array($owner); + + if (!$this->util->isFile($ownerPath)) { + return array('users' => $userIds, 'public' => false); + } + + $ownerPath = substr($ownerPath, strlen('/files')); + $ownerPath = $this->util->stripPartialFileExtension($ownerPath); + + // Find out who, if anyone, is sharing the file + $result = \OCP\Share::getUsersSharingFile($ownerPath, $owner); + $userIds = \array_merge($userIds, $result['users']); + $public = $result['public'] || $result['remote']; + + // check if it is a group mount + if (\OCP\App::isEnabled("files_external")) { + $mounts = \OC_Mount_Config::getSystemMountPoints(); + foreach ($mounts as $mount) { + if ($mount['mountpoint'] == substr($ownerPath, 1, strlen($mount['mountpoint']))) { + $mountedFor = $this->util->getUserWithAccessToMountPoint($mount['applicable']['users'], $mount['applicable']['groups']); + $userIds = array_merge($userIds, $mountedFor); + } + } + } + + // Remove duplicate UIDs + $uniqueUserIds = array_unique($userIds); + + return array('users' => $uniqueUserIds, 'public' => $public); + } + +} \ No newline at end of file diff --git a/lib/private/encryption/update.php b/lib/private/encryption/update.php index 06dc330151..21cedde614 100644 --- a/lib/private/encryption/update.php +++ b/lib/private/encryption/update.php @@ -46,12 +46,16 @@ class Update { /** @var string */ protected $uid; + /** @var \OC\Encryption\File */ + protected $file; + /** * * @param \OC\Files\View $view * @param \OC\Encryption\Util $util * @param \OC\Files\Mount\Manager $mountManager * @param \OC\Encryption\Manager $encryptionManager + * @param \OC\Encryption\File $file * @param string $uid */ public function __construct( @@ -59,6 +63,7 @@ class Update { Util $util, Mount\Manager $mountManager, Manager $encryptionManager, + File $file, $uid ) { @@ -66,6 +71,7 @@ class Update { $this->util = $util; $this->mountManager = $mountManager; $this->encryptionManager = $encryptionManager; + $this->file = $file; $this->uid = $uid; } @@ -103,7 +109,7 @@ class Update { $encryptionModule = $this->encryptionManager->getDefaultEncryptionModule(); foreach ($allFiles as $path) { - $usersSharing = $this->util->getSharingUsersArray($path); + $usersSharing = $this->file->getAccessList($path); $encryptionModule->update($absPath, $this->uid, $usersSharing); } } diff --git a/lib/private/encryption/util.php b/lib/private/encryption/util.php index 1308d27c92..734da741fd 100644 --- a/lib/private/encryption/util.php +++ b/lib/private/encryption/util.php @@ -162,49 +162,6 @@ class Util { return $paddedHeader; } - /** - * Find, sanitise and format users sharing a file - * @note This wraps other methods into a portable bundle - * @param string $path path relative to current users files folder - * @return array - */ - public function getSharingUsersArray($path) { - - // Make sure that a share key is generated for the owner too - list($owner, $ownerPath) = $this->getUidAndFilename($path); - - // always add owner to the list of users with access to the file - $userIds = array($owner); - - if (!$this->isFile($ownerPath)) { - return array('users' => $userIds, 'public' => false); - } - - $ownerPath = substr($ownerPath, strlen('/files')); - $ownerPath = $this->stripPartialFileExtension($ownerPath); - - // Find out who, if anyone, is sharing the file - $result = \OCP\Share::getUsersSharingFile($ownerPath, $owner); - $userIds = \array_merge($userIds, $result['users']); - $public = $result['public'] || $result['remote']; - - // check if it is a group mount - if (\OCP\App::isEnabled("files_external")) { - $mounts = \OC_Mount_Config::getSystemMountPoints(); - foreach ($mounts as $mount) { - if ($mount['mountpoint'] == substr($ownerPath, 1, strlen($mount['mountpoint']))) { - $mountedFor = $this->getUserWithAccessToMountPoint($mount['applicable']['users'], $mount['applicable']['groups']); - $userIds = array_merge($userIds, $mountedFor); - } - } - } - - // Remove duplicate UIDs - $uniqueUserIds = array_unique($userIds); - - return array('users' => $uniqueUserIds, 'public' => $public); - } - /** * go recursively through a dir and collect all files and sub files. * @@ -243,7 +200,7 @@ class Util { * @param string $path * @return boolean */ - protected function isFile($path) { + public function isFile($path) { if (substr($path, 0, strlen('/files/')) === '/files/') { return true; } @@ -361,7 +318,7 @@ class Util { } } - protected function getUserWithAccessToMountPoint($users, $groups) { + public function getUserWithAccessToMountPoint($users, $groups) { $result = array(); if (in_array('all', $users)) { $result = \OCP\User::getUsers(); diff --git a/lib/private/files/stream/encryption.php b/lib/private/files/stream/encryption.php index e3927edff2..a96d573723 100644 --- a/lib/private/files/stream/encryption.php +++ b/lib/private/files/stream/encryption.php @@ -31,6 +31,9 @@ class Encryption extends Wrapper { /** @var \OC\Encryption\Util */ protected $util; + /** @var \OC\Encryption\File */ + protected $file; + /** @var \OCP\Encryption\IEncryptionModule */ protected $encryptionModule; @@ -97,6 +100,7 @@ class Encryption extends Wrapper { 'encryptionModule', 'header', 'uid', + 'file', 'util', 'size', 'unencryptedSize', @@ -117,6 +121,7 @@ class Encryption extends Wrapper { * @param \OC\Files\Storage\Storage $storage * @param \OC\Files\Storage\Wrapper\Encryption $encStorage * @param \OC\Encryption\Util $util + * @param \OC\Encryption\File $file * @param string $mode * @param int $size * @param int $unencryptedSize @@ -130,6 +135,7 @@ class Encryption extends Wrapper { \OC\Files\Storage\Storage $storage, \OC\Files\Storage\Wrapper\Encryption $encStorage, \OC\Encryption\Util $util, + \OC\Encryption\File $file, $mode, $size, $unencryptedSize) { @@ -144,6 +150,7 @@ class Encryption extends Wrapper { 'header' => $header, 'uid' => $uid, 'util' => $util, + 'file' => $file, 'size' => $size, 'unencryptedSize' => $unencryptedSize, 'encryptionStorage' => $encStorage @@ -229,7 +236,7 @@ class Encryption extends Wrapper { $sharePath = dirname($path); } - $accessList = $this->util->getSharingUsersArray($sharePath); + $accessList = $this->file->getAccessList($sharePath); $this->newHeader = $this->encryptionModule->begin($this->fullPath, $this->uid, $this->header, $accessList); return true; diff --git a/lib/private/server.php b/lib/private/server.php index a38096cf74..661aaf6786 100644 --- a/lib/private/server.php +++ b/lib/private/server.php @@ -87,6 +87,11 @@ class Server extends SimpleContainer implements IServerContainer { return new Encryption\Manager($c->getConfig()); }); + $this->registerService('EncryptionFileHelper', function (Server $c) { + $util = new \OC\Encryption\Util(new \OC\Files\View(), $c->getUserManager(), $c->getConfig()); + return new Encryption\File($util); + }); + $this->registerService('EncryptionKeyStorageFactory', function ($c) { return new Encryption\Keys\Factory(); }); @@ -407,6 +412,13 @@ class Server extends SimpleContainer implements IServerContainer { return $this->query('EncryptionManager'); } + /** + * @return \OC\Encryption\File + */ + function getEncryptionFilesHelper() { + return $this->query('EncryptionFileHelper'); + } + /** * @param string $encryptionModuleId encryption module ID * diff --git a/lib/public/encryption/ifile.php b/lib/public/encryption/ifile.php new file mode 100644 index 0000000000..cb4faea062 --- /dev/null +++ b/lib/public/encryption/ifile.php @@ -0,0 +1,36 @@ + + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE + * License as published by the Free Software Foundation; either + * version 3 of the License, or any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU AFFERO GENERAL PUBLIC LICENSE for more details. + * + * You should have received a copy of the GNU Affero General Public + * License along with this library. If not, see . + */ + +namespace OCP\Encryption; + +interface IFile { + + /** + * get list of users with access to the file + * + * @param $path to the file + * @return array + */ + public function getAccessList($path); + +} \ No newline at end of file diff --git a/lib/public/encryption/imanager.php b/lib/public/encryption/imanager.php index 9a12e40159..2691604ac3 100644 --- a/lib/public/encryption/imanager.php +++ b/lib/public/encryption/imanager.php @@ -22,9 +22,7 @@ */ namespace OCP\Encryption; -// -// TODO: move exceptions to OCP -// + use OC\Encryption\Exceptions\ModuleDoesNotExistsException; use OC\Encryption\Exceptions\ModuleAlreadyExistsException; diff --git a/lib/public/iservercontainer.php b/lib/public/iservercontainer.php index 9e36bc31be..509e5894d4 100644 --- a/lib/public/iservercontainer.php +++ b/lib/public/iservercontainer.php @@ -183,6 +183,11 @@ interface IServerContainer { */ function getEncryptionManager(); + /** + * @return \OC\Encryption\File + */ + function getEncryptionFilesHelper(); + /** * @param string $encryptionModuleId encryption module ID * From 1358d07d3516ffb6ecedc451bd1a0ad60d3cb673 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Tue, 31 Mar 2015 17:13:36 +0200 Subject: [PATCH 056/119] let user enable recovery key --- apps/encryption/appinfo/application.php | 11 +++++-- apps/encryption/js/settings-personal.js | 2 +- apps/encryption/lib/crypto/encryption.php | 4 ++- apps/encryption/lib/keymanager.php | 33 +++++++++++++++++-- apps/encryption/lib/recovery.php | 17 ++++++---- apps/encryption/lib/util.php | 24 +------------- .../encryption/settings/settings-personal.php | 22 ++++++------- 7 files changed, 65 insertions(+), 48 deletions(-) diff --git a/apps/encryption/appinfo/application.php b/apps/encryption/appinfo/application.php index 372d49e5ef..955146f718 100644 --- a/apps/encryption/appinfo/application.php +++ b/apps/encryption/appinfo/application.php @@ -124,7 +124,8 @@ class Application extends \OCP\AppFramework\App { $server->getConfig(), $server->getUserSession(), new \OCA\Encryption\Session($server->getSession()), - $server->getLogger() + $server->getLogger(), + $c->query('Util') ); }); @@ -167,8 +168,12 @@ class Application extends \OCP\AppFramework\App { function (IAppContainer $c) { $server = $c->getServer(); - return new Util(new View(), $c->query('Crypt'), $c->query('KeyManager'), $server->getLogger(), $server->getUserSession(), $server->getConfig() - ); + return new Util( + new View(), + $c->query('Crypt'), + $server->getLogger(), + $server->getUserSession(), + $server->getConfig()); }); } diff --git a/apps/encryption/js/settings-personal.js b/apps/encryption/js/settings-personal.js index 7f0f4c6c26..dcfbba4ecd 100644 --- a/apps/encryption/js/settings-personal.js +++ b/apps/encryption/js/settings-personal.js @@ -9,7 +9,7 @@ function updatePrivateKeyPasswd() { var newPrivateKeyPassword = $('input:password[id="newPrivateKeyPassword"]').val(); OC.msg.startSaving('#encryption .msg'); $.post( - OC.filePath( 'files_encryption', 'ajax', 'updatePrivateKeyPassword.php' ) + OC.generateUrl('/apps/encryption/ajax/updatePrivateKeyPassword') , { oldPassword: oldPrivateKeyPassword, newPassword: newPrivateKeyPassword } , function( data ) { if (data.status === "error") { diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index 3c93f75940..aa62078582 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -131,6 +131,8 @@ class Encryption implements IEncryptionModule { $publicKeys[$uid] = $this->keymanager->getPublicKey($uid); } + $publicKeys = $this->keymanager->addSystemKeys($this->accessList, $publicKeys); + $encryptedKeyfiles = $this->crypt->multiKeyEncrypt($this->fileKey, $publicKeys); $this->keymanager->setAllFileKeys($path, $encryptedKeyfiles); } @@ -235,7 +237,7 @@ class Encryption implements IEncryptionModule { $publicKeys[$user] = $this->keymanager->getPublicKey($user); } - $publicKeys = $this->addSystemKeys($accessList, $publicKeys); + $publicKeys = $this->keymanager->addSystemKeys($accessList, $publicKeys); $encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys); diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index 67a32d7590..9aae6fb2d9 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -27,6 +27,7 @@ use OCA\Encryption\Exceptions\PrivateKeyMissingException; use OC\Encryption\Exceptions\PublicKeyMissingException; use OCA\Encryption\Crypto\Crypt; use OCP\Encryption\Keys\IStorage; +use OCA\Encryption\Util; use OCP\IConfig; use OCP\ILogger; use OCP\IUserSession; @@ -84,6 +85,10 @@ class KeyManager { * @var ILogger */ private $log; + /** + * @var Util + */ + private $util; /** * @param IStorage $keyStorage @@ -92,6 +97,7 @@ class KeyManager { * @param IUserSession $userSession * @param Session $session * @param ILogger $log + * @param Util $util */ public function __construct( IStorage $keyStorage, @@ -99,9 +105,11 @@ class KeyManager { IConfig $config, IUserSession $userSession, Session $session, - ILogger $log + ILogger $log, + Util $util ) { + $this->util = $util; $this->session = $session; $this->keyStorage = $keyStorage; $this->crypt = $crypt; @@ -153,7 +161,7 @@ class KeyManager { * @return bool */ public function recoveryKeyExists() { - return (!empty($this->keyStorage->getSystemUserKey($this->recoveryKeyId))); + return (!empty($this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.publicKey'))); } /** @@ -471,4 +479,25 @@ class KeyManager { public function setSystemPrivateKey($keyId, $key) { return $this->keyStorage->setSystemUserKey($keyId . '.' . $this->privateKeyId, $key); } + + /** + * add system keys such as the public share key and the recovery key + * + * @param array $accessList + * @param array $publicKeys + * @return array + */ + public function addSystemKeys(array $accessList, array $publicKeys) { + if (!empty($accessList['public'])) { + $publicKeys[$this->getPublicShareKeyId()] = $this->getPublicShareKey(); + } + + if ($this->recoveryKeyExists() && + $this->util->isRecoveryEnabledForUser()) { + + $publicKeys[$this->getRecoveryKeyId()] = $this->getRecoveryKey(); + } + + return $publicKeys; + } } diff --git a/apps/encryption/lib/recovery.php b/apps/encryption/lib/recovery.php index 701c0934c9..b3da82a3cc 100644 --- a/apps/encryption/lib/recovery.php +++ b/apps/encryption/lib/recovery.php @@ -90,7 +90,7 @@ class Recovery { IStorage $keyStorage, IFile $file, View $view) { - $this->user = $user && $user->isLoggedIn() ? $user->getUser() : false; + $this->user = ($user && $user->isLoggedIn()) ? $user->getUser() : false; $this->crypt = $crypt; $this->random = $random; $this->keyManager = $keyManager; @@ -180,7 +180,7 @@ class Recovery { $value); if ($value === '1') { - $this->addRecoveryKeys('/' . $this->user . '/files/'); + $this->addRecoveryKeys('/' . $this->user->getUID() . '/files/'); } else { $this->removeRecoveryKeys(); } @@ -198,20 +198,22 @@ class Recovery { $dirContent = $this->view->getDirectoryContent($path); foreach ($dirContent as $item) { // get relative path from files_encryption/keyfiles/ - $filePath = $item['path']; + $filePath = $item->getPath(); if ($item['type'] === 'dir') { $this->addRecoveryKeys($filePath . '/'); } else { - $fileKey = $this->keyManager->getFileKey($filePath, $this->user); + $fileKey = $this->keyManager->getFileKey($filePath, $this->user->getUID()); if (!empty($fileKey)) { - $accessList = $this->file->getAccessList($path); + $accessList = $this->file->getAccessList($filePath); $publicKeys = array(); foreach ($accessList['users'] as $uid) { - $publicKeys[$uid] = $this->keymanager->getPublicKey($uid); + $publicKeys[$uid] = $this->keyManager->getPublicKey($uid); } + $publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys); + $encryptedKeyfiles = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys); - $this->keymanager->setAllFileKeys($path, $encryptedKeyfiles); + $this->keyManager->setAllFileKeys($filePath, $encryptedKeyfiles); } } } @@ -221,6 +223,7 @@ class Recovery { * remove recovery key to all encrypted files */ private function removeRecoveryKeys($path = '/') { + return true; $dirContent = $this->view->getDirectoryContent($this->keyfilesPath . $path); foreach ($dirContent as $item) { // get relative path from files_encryption/keyfiles diff --git a/apps/encryption/lib/util.php b/apps/encryption/lib/util.php index 45891be5da..6b6b8b6b38 100644 --- a/apps/encryption/lib/util.php +++ b/apps/encryption/lib/util.php @@ -23,16 +23,13 @@ namespace OCA\Encryption; -use OC\Files\Filesystem; use OC\Files\View; use OCA\Encryption\Crypto\Crypt; -use OCP\App; use OCP\IConfig; use OCP\ILogger; use OCP\IUser; use OCP\IUserSession; use OCP\PreConditionNotMetException; -use OCP\Share; class Util { /** @@ -43,10 +40,6 @@ class Util { * @var Crypt */ private $crypt; - /** - * @var KeyManager - */ - private $keyManager; /** * @var ILogger */ @@ -65,21 +58,18 @@ class Util { * * @param View $files * @param Crypt $crypt - * @param KeyManager $keyManager * @param ILogger $logger * @param IUserSession $userSession * @param IConfig $config */ public function __construct(View $files, Crypt $crypt, - KeyManager $keyManager, ILogger $logger, IUserSession $userSession, IConfig $config ) { $this->files = $files; $this->crypt = $crypt; - $this->keyManager = $keyManager; $this->logger = $logger; $this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser() : false; $this->config = $config; @@ -88,7 +78,7 @@ class Util { /** * @return bool */ - public function recoveryEnabledForUser() { + public function isRecoveryEnabledForUser() { $recoveryMode = $this->config->getUserValue($this->user->getUID(), 'encryption', 'recoveryEnabled', @@ -115,18 +105,6 @@ class Util { } } - /** - * @param $recoveryPassword - */ - public function recoverUsersFiles($recoveryPassword) { - $encryptedKey = $this->keyManager->getSystemPrivateKey(); - - $privateKey = $this->crypt->decryptPrivateKey($encryptedKey, - $recoveryPassword); - - $this->recoverAllFiles('/', $privateKey); - } - /** * @param string $uid * @return bool diff --git a/apps/encryption/settings/settings-personal.php b/apps/encryption/settings/settings-personal.php index 8caacbd19c..417bf1433b 100644 --- a/apps/encryption/settings/settings-personal.php +++ b/apps/encryption/settings/settings-personal.php @@ -16,38 +16,38 @@ $crypt = new \OCA\Encryption\Crypto\Crypt( \OC::$server->getLogger(), \OC::$server->getUserSession(), \OC::$server->getConfig()); + +$util = new \OCA\Encryption\Util( + new \OC\Files\View(), + $crypt, + \OC::$server->getLogger(), + \OC::$server->getUserSession(), + \OC::$server->getConfig()); + $keymanager = new \OCA\Encryption\KeyManager( \OC::$server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID), $crypt, \OC::$server->getConfig(), \OC::$server->getUserSession(), $session, - \OC::$server->getLogger(), null); + \OC::$server->getLogger(), $util); $user = \OCP\User::getUser(); $view = new \OC\Files\View('/'); -$util = new \OCA\Encryption\Util( - new \OC\Files\View(), - $crypt, $keymanager, - \OC::$server->getLogger(), - \OC::$server->getUserSession(), - \OC::$server->getConfig()); + $privateKeySet = $session->isPrivateKeySet(); // did we tried to initialize the keys for this session? $initialized = $session->getStatus(); $recoveryAdminEnabled = \OC::$server->getConfig()->getAppValue('encryption', 'recoveryAdminEnabled'); -$recoveryEnabledForUser = $util->recoveryEnabledForUser(); +$recoveryEnabledForUser = $util->isRecoveryEnabledForUser(); $result = false; if ($recoveryAdminEnabled || !$privateKeySet) { - - \OCP\Util::addscript('encryption', 'settings-personal'); - $tmpl->assign('recoveryEnabled', $recoveryAdminEnabled); $tmpl->assign('recoveryEnabledForUser', $recoveryEnabledForUser); $tmpl->assign('privateKeySet', $privateKeySet); From 48e3864c779a6ac6a8222a5d7afbb91a1a84996d Mon Sep 17 00:00:00 2001 From: Clark Tomlinson Date: Tue, 31 Mar 2015 12:17:01 -0400 Subject: [PATCH 057/119] :100:% coverage for session class --- apps/encryption/lib/session.php | 9 +- apps/encryption/tests/lib/SessionTest.php | 140 ++++++++++++++++++++++ 2 files changed, 145 insertions(+), 4 deletions(-) create mode 100644 apps/encryption/tests/lib/SessionTest.php diff --git a/apps/encryption/lib/session.php b/apps/encryption/lib/session.php index 8da11e522c..785991ec2e 100644 --- a/apps/encryption/lib/session.php +++ b/apps/encryption/lib/session.php @@ -54,7 +54,7 @@ class Session { */ public function getStatus() { $status = $this->session->get('encryptionInitialized'); - if (is_null($status)) { + if (!$status) { $status = self::NOT_INITIALIZED; } @@ -69,7 +69,8 @@ class Session { */ public function getPrivateKey() { $key = $this->session->get('privateKey'); - if (is_null($key)) { + + if (!$key) { throw new Exceptions\PrivateKeyMissingException('no private key stored in session'); } return $key; @@ -82,7 +83,7 @@ class Session { */ public function isPrivateKeySet() { $key = $this->session->get('privateKey'); - if (is_null($key)) { + if (!$key) { return false; } @@ -111,4 +112,4 @@ class Session { } -} \ No newline at end of file +} diff --git a/apps/encryption/tests/lib/SessionTest.php b/apps/encryption/tests/lib/SessionTest.php new file mode 100644 index 0000000000..ea7ddf37a4 --- /dev/null +++ b/apps/encryption/tests/lib/SessionTest.php @@ -0,0 +1,140 @@ + + * @since 3/31/15, 10:19 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + + +namespace OCA\Encryption\Tests; + + +use OCA\Encryption\Session; +use Test\TestCase; + +class SessionTest extends TestCase { + private static $tempStorage = []; + /** + * @var Session + */ + private $instance; + private $sessionMock; + + /** + * @throws \OCA\Encryption\Exceptions\PrivateKeyMissingException + */ + public function testThatGetPrivateKeyThrowsExceptionWhenNotSet() { + $this->setExpectedException('OCA\Encryption\Exceptions\PrivateKeyMissingException', 'no private key stored in session'); + $this->instance->getPrivateKey(); + } + + /** + * @depends testThatGetPrivateKeyThrowsExceptionWhenNotSet + */ + public function testSetAndGetPrivateKey() { + $this->instance->setPrivateKey('dummyPrivateKey'); + $this->assertEquals('dummyPrivateKey', $this->instance->getPrivateKey()); + + } + + /** + * @depends testSetAndGetPrivateKey + */ + public function testIsPrivateKeySet() { + $this->assertTrue($this->instance->isPrivateKeySet()); + + unset(self::$tempStorage['privateKey']); + $this->assertFalse($this->instance->isPrivateKeySet()); + + // Set private key back so we can test clear method + self::$tempStorage['privateKey'] = 'dummyPrivateKey'; + } + + /** + * + */ + public function testSetAndGetStatusWillSetAndReturn() { + // Check if get status will return 0 if it has not been set before + $this->assertEquals(0, $this->instance->getStatus()); + + $this->instance->setStatus(Session::NOT_INITIALIZED); + $this->assertEquals(0, $this->instance->getStatus()); + + $this->instance->setStatus(Session::INIT_EXECUTED); + $this->assertEquals(1, $this->instance->getStatus()); + + $this->instance->setStatus(Session::INIT_SUCCESSFUL); + $this->assertEquals(2, $this->instance->getStatus()); + } + + /** + * @param $key + * @param $value + */ + public function setValueTester($key, $value) { + self::$tempStorage[$key] = $value; + } + + /** + * @param $key + */ + public function removeValueTester($key) { + unset(self::$tempStorage[$key]); + } + + /** + * @param $key + * @return mixed + */ + public function getValueTester($key) { + if (!empty(self::$tempStorage[$key])) { + return self::$tempStorage[$key]; + } + return false; + } + + /** + * + */ + public function testClearWillRemoveValues() { + $this->instance->clear(); + $this->assertEmpty(self::$tempStorage); + } + + /** + * + */ + protected function setUp() { + parent::setUp(); + $this->sessionMock = $this->getMock('OCP\ISession'); + + $this->sessionMock->expects($this->any()) + ->method('set') + ->will($this->returnCallback([$this, "setValueTester"])); + + $this->sessionMock->expects($this->any()) + ->method('get') + ->will($this->returnCallback([$this, "getValueTester"])); + + $this->sessionMock->expects($this->any()) + ->method('remove') + ->will($this->returnCallback([$this, "removeValueTester"])); + + + $this->instance = new Session($this->sessionMock); + } +} From ea6b53042d8464792c5ce7545d618f90128c914d Mon Sep 17 00:00:00 2001 From: Clark Tomlinson Date: Tue, 31 Mar 2015 12:21:30 -0400 Subject: [PATCH 058/119] fixing test helper and undoing fubar in class... --- apps/encryption/lib/session.php | 7 +++---- apps/encryption/tests/lib/SessionTest.php | 2 +- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/apps/encryption/lib/session.php b/apps/encryption/lib/session.php index 785991ec2e..5e97391376 100644 --- a/apps/encryption/lib/session.php +++ b/apps/encryption/lib/session.php @@ -54,7 +54,7 @@ class Session { */ public function getStatus() { $status = $this->session->get('encryptionInitialized'); - if (!$status) { + if (is_null($status)) { $status = self::NOT_INITIALIZED; } @@ -69,8 +69,7 @@ class Session { */ public function getPrivateKey() { $key = $this->session->get('privateKey'); - - if (!$key) { + if (is_null($key)) { throw new Exceptions\PrivateKeyMissingException('no private key stored in session'); } return $key; @@ -83,7 +82,7 @@ class Session { */ public function isPrivateKeySet() { $key = $this->session->get('privateKey'); - if (!$key) { + if (is_null($key)) { return false; } diff --git a/apps/encryption/tests/lib/SessionTest.php b/apps/encryption/tests/lib/SessionTest.php index ea7ddf37a4..dbf3ecc45a 100644 --- a/apps/encryption/tests/lib/SessionTest.php +++ b/apps/encryption/tests/lib/SessionTest.php @@ -104,7 +104,7 @@ class SessionTest extends TestCase { if (!empty(self::$tempStorage[$key])) { return self::$tempStorage[$key]; } - return false; + return null; } /** From dac94679c640a34f897802e9b61bcd871014e1ec Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Tue, 31 Mar 2015 19:24:52 +0200 Subject: [PATCH 059/119] delete recovery keys on disable --- apps/encryption/lib/keymanager.php | 12 ++++++++++++ apps/encryption/lib/recovery.php | 17 ++++++----------- 2 files changed, 18 insertions(+), 11 deletions(-) diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index 9aae6fb2d9..e8e92cd549 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -352,6 +352,18 @@ class KeyManager { return $key; } + /** + * delete file key + * + * @param string $path + * @param string $keyId + * @return boolean + */ + public function deleteFileKey($path, $keyId) { + return $this->keyStorage->deleteFileKey($path, $keyId); + } + + /** * @param $path * @param $uid diff --git a/apps/encryption/lib/recovery.php b/apps/encryption/lib/recovery.php index b3da82a3cc..00711e3bfa 100644 --- a/apps/encryption/lib/recovery.php +++ b/apps/encryption/lib/recovery.php @@ -182,7 +182,7 @@ class Recovery { if ($value === '1') { $this->addRecoveryKeys('/' . $this->user->getUID() . '/files/'); } else { - $this->removeRecoveryKeys(); + $this->removeRecoveryKeys('/' . $this->user->getUID() . '/files/'); } return true; @@ -194,10 +194,9 @@ class Recovery { /** * add recovery key to all encrypted files */ - private function addRecoveryKeys($path = '/') { + private function addRecoveryKeys($path) { $dirContent = $this->view->getDirectoryContent($path); foreach ($dirContent as $item) { - // get relative path from files_encryption/keyfiles/ $filePath = $item->getPath(); if ($item['type'] === 'dir') { $this->addRecoveryKeys($filePath . '/'); @@ -222,18 +221,14 @@ class Recovery { /** * remove recovery key to all encrypted files */ - private function removeRecoveryKeys($path = '/') { - return true; - $dirContent = $this->view->getDirectoryContent($this->keyfilesPath . $path); + private function removeRecoveryKeys($path) { + $dirContent = $this->view->getDirectoryContent($path); foreach ($dirContent as $item) { - // get relative path from files_encryption/keyfiles - $filePath = substr($item['path'], strlen('files_encryption/keyfiles')); + $filePath = $item->getPath(); if ($item['type'] === 'dir') { $this->removeRecoveryKeys($filePath . '/'); } else { - // remove '.key' extension from path e.g. 'file.txt.key' to 'file.txt' - $file = substr($filePath, 0, -4); - $this->view->unlink($this->shareKeysPath . '/' . $file . '.' . $this->recoveryKeyId . '.shareKey'); + $this->keyManager->deleteFileKey($filePath, $this->keyManager->getRecoveryKeyId() . '.shareKey'); } } } From 4efbcb02803bfba7844276e1f83f8ecb5c6370b7 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Tue, 31 Mar 2015 20:30:54 +0200 Subject: [PATCH 060/119] cleanup keymanager test and add some additional tests --- apps/encryption/lib/keymanager.php | 9 +- apps/encryption/lib/recovery.php | 2 +- apps/encryption/tests/lib/KeyManagerTest.php | 334 +++++++++++++++---- 3 files changed, 269 insertions(+), 76 deletions(-) diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index e8e92cd549..f96c426a72 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -300,6 +300,7 @@ class KeyManager { * * @param string $uid userid * @param string $passPhrase users password + * @return boolean */ public function init($uid, $passPhrase) { try { @@ -314,6 +315,8 @@ class KeyManager { $this->session->setPrivateKey($privateKey); $this->session->setStatus(Session::INIT_SUCCESSFUL); + + return true; } /** @@ -353,14 +356,14 @@ class KeyManager { } /** - * delete file key + * delete share key * * @param string $path * @param string $keyId * @return boolean */ - public function deleteFileKey($path, $keyId) { - return $this->keyStorage->deleteFileKey($path, $keyId); + public function deleteShareKey($path, $keyId) { + return $this->keyStorage->deleteFileKey($path, $keyId . '.' . $this->shareKeyId); } diff --git a/apps/encryption/lib/recovery.php b/apps/encryption/lib/recovery.php index 00711e3bfa..4201b829ec 100644 --- a/apps/encryption/lib/recovery.php +++ b/apps/encryption/lib/recovery.php @@ -228,7 +228,7 @@ class Recovery { if ($item['type'] === 'dir') { $this->removeRecoveryKeys($filePath . '/'); } else { - $this->keyManager->deleteFileKey($filePath, $this->keyManager->getRecoveryKeyId() . '.shareKey'); + $this->keyManager->deleteShareKey($filePath, $this->keyManager->getRecoveryKeyId()); } } } diff --git a/apps/encryption/tests/lib/KeyManagerTest.php b/apps/encryption/tests/lib/KeyManagerTest.php index 510ab17988..98ffe85c37 100644 --- a/apps/encryption/tests/lib/KeyManagerTest.php +++ b/apps/encryption/tests/lib/KeyManagerTest.php @@ -48,6 +48,30 @@ class KeyManagerTest extends TestCase { */ private $dataDir; + /** @var string */ + private $systemKeyId; + + /** @var \PHPUnit_Framework_MockObject_MockObject */ + private $keyStorageMock; + + /** @var \PHPUnit_Framework_MockObject_MockObject */ + private $cryptMock; + + /** @var \PHPUnit_Framework_MockObject_MockObject */ + private $userMock; + + /** @var \PHPUnit_Framework_MockObject_MockObject */ + private $sessionMock; + + /** @var \PHPUnit_Framework_MockObject_MockObject */ + private $logMock; + + /** @var \PHPUnit_Framework_MockObject_MockObject */ + private $utilMock; + + /** @var \PHPUnit_Framework_MockObject_MockObject */ + private $configMock; + /** * */ @@ -70,124 +94,290 @@ class KeyManagerTest extends TestCase { public function setUp() { parent::setUp(); - $keyStorageMock = $this->getMock('OCP\Encryption\Keys\IStorage'); + $this->userId = 'user1'; + $this->systemKeyId = 'systemKeyId'; + $this->keyStorageMock = $this->getMock('OCP\Encryption\Keys\IStorage'); + + /* $keyStorageMock->method('getUserKey') ->will($this->returnValue(false)); $keyStorageMock->method('setUserKey') ->will($this->returnValue(true)); - $cryptMock = $this->getMockBuilder('OCA\Encryption\Crypto\Crypt') + */ + + $this->cryptMock = $this->getMockBuilder('OCA\Encryption\Crypto\Crypt') ->disableOriginalConstructor() ->getMock(); - $configMock = $this->getMock('OCP\IConfig'); - $userMock = $this->getMock('OCP\IUserSession'); + $this->configMock = $this->getMock('OCP\IConfig'); + $this->configMock->expects($this->any()) + ->method('getAppValue') + ->willReturn($this->systemKeyId); + $this->userMock = $this->getMock('OCP\IUserSession'); + + /* $userMock ->method('getUID') ->will($this->returnValue('admin')); - $sessionMock = $this->getMock('OCP\ISession'); - $logMock = $this->getMock('OCP\ILogger'); - $recoveryMock = $this->getMockBuilder('OCA\Encryption\Recovery') + */ + + $this->sessionMock = $this->getMockBuilder('OCA\Encryption\Session') + ->disableOriginalConstructor() + ->getMock(); + $this->logMock = $this->getMock('OCP\ILogger'); + $this->utilMock = $this->getMockBuilder('OCA\Encryption\Util') ->disableOriginalConstructor() ->getMock(); - - $this->instance = new KeyManager($keyStorageMock, - $cryptMock, - $configMock, - $userMock, - $sessionMock, - $logMock, - $recoveryMock); - - self::loginAsUser(self::$testUser); - $this->userId = self::$testUser; - $this->userPassword = self::$testUser; - $this->view = new View('/'); - - $this->dummyKeys = [ - 'privateKey' => 'superinsecureprivatekey', - 'publicKey' => 'superinsecurepublickey' - ]; - - - $userManager = \OC::$server->getUserManager(); - - $userHome = $userManager->get($this->userId)->getHome(); - - $this->dataDir = str_replace('/' . $this->userId, '', $userHome); } - protected function tearDown() { - parent::tearDown(); - $this->view->deleteAll('/' . self::$testUser . '/files_encryption/keys'); - } + public function testDeleteShareKey() { + $this->keyStorageMock->expects($this->any()) + ->method('deleteFileKey') + ->with($this->equalTo('/path'), $this->equalTo('keyId.shareKey')) + ->willReturn(true); + $keymanager = new KeyManager( + $this->keyStorageMock, + $this->cryptMock, + $this->configMock, + $this->userMock, + $this->sessionMock, + $this->logMock, + $this->utilMock); - public static function tearDownAfterClass() { - parent::tearDownAfterClass(); - // Cleanup Test user - \OC::$server->getUserManager()->get(self::$testUser)->delete(); - // Reset app files_trashbin - if (self::$trashbinState) { - \OC_App::enable('files_trashbin'); - } + $this->assertTrue( + $keymanager->deleteShareKey('/path', 'keyId') + ); } - /** - * @expectedException \OC\Encryption\Exceptions\PrivateKeyMissingException - */ public function testGetPrivateKey() { - $this->assertFalse($this->instance->getPrivateKey($this->userId)); + $this->keyStorageMock->expects($this->any()) + ->method('getUserKey') + ->with($this->equalTo($this->userId), $this->equalTo('privateKey')) + ->willReturn('privateKey'); + $keymanager = new KeyManager( + $this->keyStorageMock, + $this->cryptMock, + $this->configMock, + $this->userMock, + $this->sessionMock, + $this->logMock, + $this->utilMock); + + $this->assertSame('privateKey', + $keymanager->getPrivateKey($this->userId) + ); } - /** - * @expectedException \OC\Encryption\Exceptions\PublicKeyMissingException - */ public function testGetPublicKey() { - $this->assertFalse($this->instance->getPublicKey($this->userId)); + $this->keyStorageMock->expects($this->any()) + ->method('getUserKey') + ->with($this->equalTo($this->userId), $this->equalTo('publicKey')) + ->willReturn('publicKey'); + $keymanager = new KeyManager( + $this->keyStorageMock, + $this->cryptMock, + $this->configMock, + $this->userMock, + $this->sessionMock, + $this->logMock, + $this->utilMock); + + $this->assertSame('publicKey', + $keymanager->getPublicKey($this->userId) + ); } - /** - * - */ public function testRecoveryKeyExists() { - $this->assertFalse($this->instance->recoveryKeyExists()); + $this->keyStorageMock->expects($this->any()) + ->method('getSystemUserKey') + ->with($this->equalTo($this->systemKeyId . '.publicKey')) + ->willReturn('recoveryKey'); + $keymanager = new KeyManager( + $this->keyStorageMock, + $this->cryptMock, + $this->configMock, + $this->userMock, + $this->sessionMock, + $this->logMock, + $this->utilMock); + + $this->assertTrue($keymanager->recoveryKeyExists()); } /** * */ public function testCheckRecoveryKeyPassword() { - $this->assertFalse($this->instance->checkRecoveryPassword('pass')); + $this->keyStorageMock->expects($this->any()) + ->method('getSystemUserKey') + ->with($this->equalTo($this->systemKeyId . '.privateKey')) + ->willReturn('recoveryKey'); + $this->cryptMock->expects($this->any()) + ->method('decryptPrivateKey') + ->with($this->equalTo('recoveryKey'), $this->equalTo('pass')) + ->willReturn('decryptedRecoveryKey'); + $keymanager = new KeyManager( + $this->keyStorageMock, + $this->cryptMock, + $this->configMock, + $this->userMock, + $this->sessionMock, + $this->logMock, + $this->utilMock); + + $this->assertTrue($keymanager->checkRecoveryPassword('pass')); } - /** - * - */ + public function testSetPublicKey() { + $this->keyStorageMock->expects($this->any()) + ->method('setUserKey') + ->with( + $this->equalTo($this->userId), + $this->equalTo('publicKey'), + $this->equalTo('key')) + ->willReturn(true); + $keymanager = new KeyManager( + $this->keyStorageMock, + $this->cryptMock, + $this->configMock, + $this->userMock, + $this->sessionMock, + $this->logMock, + $this->utilMock); + + $this->assertTrue( + $keymanager->setPublicKey($this->userId, 'key') + ); - $this->assertTrue($this->instance->setPublicKey($this->userId, - $this->dummyKeys['publicKey'])); } - /** - * - */ public function testSetPrivateKey() { - $this->assertTrue($this->instance->setPrivateKey($this->userId, - $this->dummyKeys['privateKey'])); + $this->keyStorageMock->expects($this->any()) + ->method('setUserKey') + ->with( + $this->equalTo($this->userId), + $this->equalTo('privateKey'), + $this->equalTo('key')) + ->willReturn(true); + $keymanager = new KeyManager( + $this->keyStorageMock, + $this->cryptMock, + $this->configMock, + $this->userMock, + $this->sessionMock, + $this->logMock, + $this->utilMock); + + $this->assertTrue( + $keymanager->setPrivateKey($this->userId, 'key') + ); } - /** - * - */ public function testUserHasKeys() { - $this->assertFalse($this->instance->userHasKeys($this->userId)); + $this->keyStorageMock->expects($this->exactly(2)) + ->method('getUserKey') + ->with($this->equalTo($this->userId), $this->anything()) + ->willReturn('key'); + $keymanager = new KeyManager( + $this->keyStorageMock, + $this->cryptMock, + $this->configMock, + $this->userMock, + $this->sessionMock, + $this->logMock, + $this->utilMock); + + $this->assertTrue( + $keymanager->userHasKeys($this->userId) + ); } /** * */ public function testInit() { - $this->assertFalse($this->instance->init($this->userId, 'pass')); + $this->keyStorageMock->expects($this->any()) + ->method('getUserKey') + ->with($this->equalTo($this->userId), $this->equalTo('privateKey')) + ->willReturn('privateKey'); + $this->cryptMock->expects($this->any()) + ->method('decryptPrivateKey') + ->with($this->equalTo('privateKey'), $this->equalTo('pass')) + ->willReturn('decryptedPrivateKey'); + $keymanager = new KeyManager( + $this->keyStorageMock, + $this->cryptMock, + $this->configMock, + $this->userMock, + $this->sessionMock, + $this->logMock, + $this->utilMock); + + $this->assertTrue( + $keymanager->init($this->userId, 'pass') + ); + + } + + public function testSetRecoveryKey() { + $this->keyStorageMock->expects($this->exactly(2)) + ->method('setSystemUserKey') + ->willReturn(true); + $this->cryptMock->expects($this->any()) + ->method('symmetricEncryptFileContent') + ->with($this->equalTo('privateKey'), $this->equalTo('pass')) + ->willReturn('decryptedPrivateKey'); + $keymanager = new KeyManager( + $this->keyStorageMock, + $this->cryptMock, + $this->configMock, + $this->userMock, + $this->sessionMock, + $this->logMock, + $this->utilMock); + + $this->assertTrue( + $keymanager->setRecoveryKey('pass', array('publicKey' => 'publicKey', 'privateKey' => 'privateKey')) + ); + } + + public function setSystemPrivateKey() { + $this->keyStorageMock->expects($this->exactly(1)) + ->method('setSystemUserKey') + ->with($this->equalTo('keyId.privateKey'), $this->equalTo('key')) + ->willReturn(true); + $keymanager = new KeyManager( + $this->keyStorageMock, + $this->cryptMock, + $this->configMock, + $this->userMock, + $this->sessionMock, + $this->logMock, + $this->utilMock); + + $this->assertTrue( + $keymanager->setSystemPrivateKey('keyId', 'key') + ); + } + + public function getSystemPrivateKey() { + $this->keyStorageMock->expects($this->exactly(1)) + ->method('setSystemUserKey') + ->with($this->equalTo('keyId.privateKey')) + ->willReturn('systemPrivateKey'); + $keymanager = new KeyManager( + $this->keyStorageMock, + $this->cryptMock, + $this->configMock, + $this->userMock, + $this->sessionMock, + $this->logMock, + $this->utilMock); + + $this->assertSame('systemPrivateKey', + $keymanager->getSystemPrivateKey('keyId') + ); } From c9ca068427e3adfcd7411dafbcc15632415d65d0 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Tue, 31 Mar 2015 20:32:50 +0200 Subject: [PATCH 061/119] keyManagerTest: remove code which is no longer needed --- apps/encryption/tests/lib/KeyManagerTest.php | 32 -------------------- 1 file changed, 32 deletions(-) diff --git a/apps/encryption/tests/lib/KeyManagerTest.php b/apps/encryption/tests/lib/KeyManagerTest.php index 98ffe85c37..b4c19f5ec8 100644 --- a/apps/encryption/tests/lib/KeyManagerTest.php +++ b/apps/encryption/tests/lib/KeyManagerTest.php @@ -10,7 +10,6 @@ namespace OCA\Encryption\Tests; -use OC\Files\View; use OCA\Encryption\KeyManager; use Test\TestCase; @@ -27,26 +26,10 @@ class KeyManagerTest extends TestCase { * @var string */ private static $testUser = 'test-keyManager-user.dot'; - /** - * @var - */ - private $dummyKeys; /** * @var string */ private $userId; - /** - * @var string - */ - private $userPassword; - /** - * @var \OC\Files\View - */ - private $view; - /** - * @var string - */ - private $dataDir; /** @var string */ private $systemKeyId; @@ -97,14 +80,6 @@ class KeyManagerTest extends TestCase { $this->userId = 'user1'; $this->systemKeyId = 'systemKeyId'; $this->keyStorageMock = $this->getMock('OCP\Encryption\Keys\IStorage'); - - /* - $keyStorageMock->method('getUserKey') - ->will($this->returnValue(false)); - $keyStorageMock->method('setUserKey') - ->will($this->returnValue(true)); - */ - $this->cryptMock = $this->getMockBuilder('OCA\Encryption\Crypto\Crypt') ->disableOriginalConstructor() ->getMock(); @@ -113,13 +88,6 @@ class KeyManagerTest extends TestCase { ->method('getAppValue') ->willReturn($this->systemKeyId); $this->userMock = $this->getMock('OCP\IUserSession'); - - /* - $userMock - ->method('getUID') - ->will($this->returnValue('admin')); - */ - $this->sessionMock = $this->getMockBuilder('OCA\Encryption\Session') ->disableOriginalConstructor() ->getMock(); From 1fb29ec546105857b1a20cbaac700dbcb6f79b1d Mon Sep 17 00:00:00 2001 From: Clark Tomlinson Date: Tue, 31 Mar 2015 14:50:23 -0400 Subject: [PATCH 062/119] adding hook manager test --- apps/encryption/lib/hookmanager.php | 1 - apps/encryption/tests/lib/HookManagerTest.php | 74 +++++++++++++++++++ 2 files changed, 74 insertions(+), 1 deletion(-) create mode 100644 apps/encryption/tests/lib/HookManagerTest.php diff --git a/apps/encryption/lib/hookmanager.php b/apps/encryption/lib/hookmanager.php index 9e6d9cd855..e2b03d91bc 100644 --- a/apps/encryption/lib/hookmanager.php +++ b/apps/encryption/lib/hookmanager.php @@ -40,7 +40,6 @@ class HookManager { return false; } $this->hookInstances[] = $instance; - return true; } } diff --git a/apps/encryption/tests/lib/HookManagerTest.php b/apps/encryption/tests/lib/HookManagerTest.php new file mode 100644 index 0000000000..3c360ff350 --- /dev/null +++ b/apps/encryption/tests/lib/HookManagerTest.php @@ -0,0 +1,74 @@ + + * @since 3/31/15, 1:54 PM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + + +namespace OCA\Encryption\Tests; + + +use OCA\Encryption\HookManager; +use Test\TestCase; + +class HookManagerTest extends TestCase { + + /** + * @var HookManager + */ + private static $instance; + + /** + * + */ + public function testRegisterHookWithArray() { + self::$instance->registerHook([ + $this->getMockBuilder('OCA\Encryption\Hooks\Contracts\IHook')->disableOriginalConstructor()->getMock(), + $this->getMockBuilder('OCA\Encryption\Hooks\Contracts\IHook')->disableOriginalConstructor()->getMock(), + $this->getMock('NotIHook') + ]); + + $hookInstances = \Test_Helper::invokePrivate(self::$instance, 'hookInstances'); + // Make sure our type checking works + $this->assertCount(2, $hookInstances); + } + + + /** + * + */ + public static function setUpBeforeClass() { + parent::setUpBeforeClass(); + // have to make instance static to preserve data between tests + self::$instance = new HookManager(); + + } + + /** + * + */ + public function testRegisterHooksWithInstance() { + $mock = $this->getMockBuilder('OCA\Encryption\Hooks\Contracts\IHook')->disableOriginalConstructor()->getMock(); + self::$instance->registerHook($mock); + + $hookInstances = \Test_Helper::invokePrivate(self::$instance, 'hookInstances'); + $this->assertCount(3, $hookInstances); + + } + +} From 505e0eaf6168f6131951bcde7d4f75db9dcf48b7 Mon Sep 17 00:00:00 2001 From: Clark Tomlinson Date: Tue, 31 Mar 2015 14:50:58 -0400 Subject: [PATCH 063/119] remove useless setup base class --- apps/encryption/lib/setup.php | 38 ----------------------------- apps/encryption/lib/users/setup.php | 13 ++++++++-- 2 files changed, 11 insertions(+), 40 deletions(-) delete mode 100644 apps/encryption/lib/setup.php diff --git a/apps/encryption/lib/setup.php b/apps/encryption/lib/setup.php deleted file mode 100644 index cc8f00f0a4..0000000000 --- a/apps/encryption/lib/setup.php +++ /dev/null @@ -1,38 +0,0 @@ - - * @since 3/6/15, 11:30 AM - * @link http:/www.clarkt.com - * @copyright Clark Tomlinson © 2015 - * - */ - -namespace OCA\Encryption; - - -use OCP\ILogger; -use OCP\IUser; -use OCP\IUserSession; - -class Setup { - /** - * @var ILogger - */ - protected $logger; - /** - * @var IUser - */ - protected $user; - - /** - * Setup constructor. - * - * @param ILogger $logger - * @param IUserSession $userSession - */ - public function __construct(ILogger $logger, IUserSession $userSession) { - $this->logger = $logger; - $this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false; - - } -} diff --git a/apps/encryption/lib/users/setup.php b/apps/encryption/lib/users/setup.php index bf415c8188..e80bf6003e 100644 --- a/apps/encryption/lib/users/setup.php +++ b/apps/encryption/lib/users/setup.php @@ -15,7 +15,7 @@ use OCA\Encryption\KeyManager; use OCP\ILogger; use OCP\IUserSession; -class Setup extends \OCA\Encryption\Setup { +class Setup { /** * @var Crypt */ @@ -24,6 +24,14 @@ class Setup extends \OCA\Encryption\Setup { * @var KeyManager */ private $keyManager; + /** + * @var ILogger + */ + private $logger; + /** + * @var bool|string + */ + private $user; /** @@ -33,7 +41,8 @@ class Setup extends \OCA\Encryption\Setup { * @param KeyManager $keyManager */ public function __construct(ILogger $logger, IUserSession $userSession, Crypt $crypt, KeyManager $keyManager) { - parent::__construct($logger, $userSession); + $this->logger = $logger; + $this->user = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false; $this->crypt = $crypt; $this->keyManager = $keyManager; } From d90663704cc9bd1940374ca15519d5cbe1e7ca4e Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Wed, 1 Apr 2015 10:19:07 +0200 Subject: [PATCH 064/119] fix hook registration --- apps/encryption/lib/hookmanager.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/apps/encryption/lib/hookmanager.php b/apps/encryption/lib/hookmanager.php index e2b03d91bc..19ee142a62 100644 --- a/apps/encryption/lib/hookmanager.php +++ b/apps/encryption/lib/hookmanager.php @@ -42,8 +42,9 @@ class HookManager { $this->hookInstances[] = $instance; } + } elseif ($instances instanceof IHook) { + $this->hookInstances[] = $instances; } - $this->hookInstances[] = $instances; return true; } From 83cb382b3fb919bc7ce2d4e7f1fea027c3867460 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Wed, 1 Apr 2015 10:37:48 +0200 Subject: [PATCH 065/119] pass file helper to encryption wrapper --- lib/private/encryption/manager.php | 3 ++- lib/private/files/storage/wrapper/encryption.php | 8 +++++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/lib/private/encryption/manager.php b/lib/private/encryption/manager.php index cf11c3cf33..77f02b0c48 100644 --- a/lib/private/encryption/manager.php +++ b/lib/private/encryption/manager.php @@ -194,7 +194,8 @@ class Manager implements \OCP\Encryption\IManager { $user = \OC::$server->getUserSession()->getUser(); $logger = \OC::$server->getLogger(); $uid = $user ? $user->getUID() : null; - return new Encryption($parameters, $manager, $util, $logger, $uid); + $fileHelper = \OC::$server->getEncryptionFilesHelper(); + return new Encryption($parameters, $manager, $util, $logger, $fileHelper, $uid); }); } } diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php index cea7a38d41..43052af844 100644 --- a/lib/private/files/storage/wrapper/encryption.php +++ b/lib/private/files/storage/wrapper/encryption.php @@ -45,11 +45,15 @@ class Encryption extends Wrapper { /** @var array */ private $unencryptedSize; + /** @var \OC\Encryption\File */ + private $fileHelper; + /** * @param array $parameters * @param \OC\Encryption\Manager $encryptionManager * @param \OC\Encryption\Util $util * @param \OC\Log $logger + * @param \OC\Encryption\File $fileHelper * @param string $uid user who perform the read/write operation (null for public access) */ public function __construct( @@ -57,6 +61,7 @@ class Encryption extends Wrapper { \OC\Encryption\Manager $encryptionManager = null, \OC\Encryption\Util $util = null, \OC\Log $logger = null, + \OC\Encryption\File $fileHelper = null, $uid = null ) { @@ -65,6 +70,7 @@ class Encryption extends Wrapper { $this->util = $util; $this->logger = $logger; $this->uid = $uid; + $this->fileHelper = $fileHelper; $this->unencryptedSize = array(); parent::__construct($parameters); } @@ -250,7 +256,7 @@ class Encryption extends Wrapper { $uid = $owner; } $handle = \OC\Files\Stream\Encryption::wrap($source, $path, $fullPath, $header, - $uid, $encryptionModule, $this->storage, $this, $this->util, $mode, + $uid, $encryptionModule, $this->storage, $this, $this->util, $this->fileHelper, $mode, $size, $unencryptedSize); return $handle; } else { From f20844ac89f9c9d0860660b5cd5db352c6a38f80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Wed, 1 Apr 2015 12:31:28 +0200 Subject: [PATCH 066/119] PHPDoc --- lib/private/encryption/file.php | 6 ++---- lib/public/encryption/ifile.php | 4 ++-- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/lib/private/encryption/file.php b/lib/private/encryption/file.php index f231500fb0..3600936ed0 100644 --- a/lib/private/encryption/file.php +++ b/lib/private/encryption/file.php @@ -23,8 +23,6 @@ namespace OC\Encryption; -use OC\Encryption\Util; - class File implements \OCP\Encryption\IFile { /** @var Util */ @@ -38,7 +36,7 @@ class File implements \OCP\Encryption\IFile { /** * get list of users with access to the file * - * @param $path to the file + * @param string $path to the file * @return array */ public function getAccessList($path) { @@ -78,4 +76,4 @@ class File implements \OCP\Encryption\IFile { return array('users' => $uniqueUserIds, 'public' => $public); } -} \ No newline at end of file +} diff --git a/lib/public/encryption/ifile.php b/lib/public/encryption/ifile.php index cb4faea062..464f41509d 100644 --- a/lib/public/encryption/ifile.php +++ b/lib/public/encryption/ifile.php @@ -28,9 +28,9 @@ interface IFile { /** * get list of users with access to the file * - * @param $path to the file + * @param string $path to the file * @return array */ public function getAccessList($path); -} \ No newline at end of file +} From 137c13566499beb70a099162919c02146136f020 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Wed, 1 Apr 2015 12:35:12 +0200 Subject: [PATCH 067/119] file_put_contents has to return the number of written bytes --- lib/private/files/storage/wrapper/encryption.php | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php index 43052af844..3e98098419 100644 --- a/lib/private/files/storage/wrapper/encryption.php +++ b/lib/private/files/storage/wrapper/encryption.php @@ -135,8 +135,9 @@ class Encryption extends Wrapper { public function file_put_contents($path, $data) { // file put content will always be translated to a stream write $handle = $this->fopen($path, 'w'); - fwrite($handle, $data); - return fclose($handle); + $written = fwrite($handle, $data); + fclose($handle); + return $written; } /** @@ -250,13 +251,8 @@ class Encryption extends Wrapper { if($shouldEncrypt === true && !$this->util->isExcluded($fullPath) && $encryptionModule !== null) { $source = $this->storage->fopen($path, $mode); - $uid = $this->uid; - if (is_null($uid)) { - list($owner, ) = $this->util->getUidAndFilename($fullPath); - $uid = $owner; - } $handle = \OC\Files\Stream\Encryption::wrap($source, $path, $fullPath, $header, - $uid, $encryptionModule, $this->storage, $this, $this->util, $this->fileHelper, $mode, + $this->uid, $encryptionModule, $this->storage, $this, $this->util, $this->fileHelper, $mode, $size, $unencryptedSize); return $handle; } else { From a57918fb10a85e27aa283eb4abb39d57e718035c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Wed, 1 Apr 2015 12:35:42 +0200 Subject: [PATCH 068/119] Hook: fixing error message in exception case --- lib/private/hook.php | 23 ++++++++++++++++------- 1 file changed, 16 insertions(+), 7 deletions(-) diff --git a/lib/private/hook.php b/lib/private/hook.php index d2a0fa898d..824bb72507 100644 --- a/lib/private/hook.php +++ b/lib/private/hook.php @@ -72,8 +72,9 @@ class OC_Hook{ /** * emits a signal - * @param string $signalclass class name of emitter - * @param string $signalname name of signal + * + * @param string $signalClass class name of emitter + * @param string $signalName name of signal * @param mixed $params default: array() array with additional data * @return bool true if slots exists or false if not * @@ -81,28 +82,36 @@ class OC_Hook{ * * TODO: write example */ - static public function emit( $signalclass, $signalname, $params = array()) { + static public function emit($signalClass, $signalName, $params = array()) { // Return false if no hook handlers are listening to this // emitting class - if( !array_key_exists( $signalclass, self::$registered )) { + if( !array_key_exists($signalClass, self::$registered )) { return false; } // Return false if no hook handlers are listening to this // emitting method - if( !array_key_exists( $signalname, self::$registered[$signalclass] )) { + if( !array_key_exists( $signalName, self::$registered[$signalClass] )) { return false; } // Call all slots - foreach( self::$registered[$signalclass][$signalname] as $i ) { + foreach( self::$registered[$signalClass][$signalName] as $i ) { try { call_user_func( array( $i["class"], $i["name"] ), $params ); } catch (Exception $e){ self::$thrownExceptions[] = $e; + $class = $i["class"]; + if (is_object($i["class"])) { + $class = get_class($i["class"]); + } + $message = $e->getMessage(); + if (empty($message)) { + $message = get_class($e); + } OC_Log::write('hook', - 'error while running hook (' . $i["class"] . '::' . $i["name"] . '): '.$e->getMessage(), + 'error while running hook (' . $class . '::' . $i["name"] . '): ' . $message, OC_Log::ERROR); } } From 035646c0f60c2a9fb7105f0f1c6abdbda91b2d9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Wed, 1 Apr 2015 13:58:23 +0200 Subject: [PATCH 069/119] fix exception handling --- apps/encryption/lib/crypto/crypt.php | 64 ++++++++----------- .../exceptions/filekeymissingexception.php | 8 +++ .../exceptions/multikeydecryptexception.php | 7 ++ .../exceptions/multikeyencryptexception.php | 7 ++ 4 files changed, 48 insertions(+), 38 deletions(-) create mode 100644 apps/encryption/lib/exceptions/filekeymissingexception.php create mode 100644 apps/encryption/lib/exceptions/multikeydecryptexception.php create mode 100644 apps/encryption/lib/exceptions/multikeyencryptexception.php diff --git a/apps/encryption/lib/crypto/crypt.php b/apps/encryption/lib/crypto/crypt.php index ea7f9e1cdf..6b79057fe7 100644 --- a/apps/encryption/lib/crypto/crypt.php +++ b/apps/encryption/lib/crypto/crypt.php @@ -25,6 +25,8 @@ namespace OCA\Encryption\Crypto; use OC\Encryption\Exceptions\DecryptionFailedException; use OC\Encryption\Exceptions\EncryptionFailedException; use OC\Encryption\Exceptions\GenericEncryptionException; +use OCA\Encryption\Exceptions\MultiKeyDecryptException; +use OCA\Encryption\Exceptions\MultiKeyEncryptException; use OCP\IConfig; use OCP\ILogger; use OCP\IUser; @@ -120,11 +122,11 @@ class Crypt { /** * @param $plainContent - * @param $passphrase + * @param $passPhrase * @return bool|string * @throws GenericEncryptionException */ - public function symmetricEncryptFileContent($plainContent, $passphrase) { + public function symmetricEncryptFileContent($plainContent, $passPhrase) { if (!$plainContent) { $this->logger->error('Encryption Library, symmetrical encryption failed no content given', @@ -134,37 +136,29 @@ class Crypt { $iv = $this->generateIv(); - try { - $encryptedContent = $this->encrypt($plainContent, - $iv, - $passphrase, - $this->getCipher()); - // combine content to encrypt the IV identifier and actual IV - $catFile = $this->concatIV($encryptedContent, $iv); - $padded = $this->addPadding($catFile); - - return $padded; - } catch (EncryptionFailedException $e) { - $message = 'Could not encrypt file content (code: ' . $e->getCode() . '): '; - $this->logger->error('files_encryption' . $message . $e->getMessage(), - ['app' => 'encryption']); - return false; - } + $encryptedContent = $this->encrypt($plainContent, + $iv, + $passPhrase, + $this->getCipher()); + // combine content to encrypt the IV identifier and actual IV + $catFile = $this->concatIV($encryptedContent, $iv); + $padded = $this->addPadding($catFile); + return $padded; } /** * @param $plainContent * @param $iv - * @param string $passphrase + * @param string $passPhrase * @param string $cipher * @return string * @throws EncryptionFailedException */ - private function encrypt($plainContent, $iv, $passphrase = '', $cipher = self::DEFAULT_CIPHER) { + private function encrypt($plainContent, $iv, $passPhrase = '', $cipher = self::DEFAULT_CIPHER) { $encryptedContent = openssl_encrypt($plainContent, $cipher, - $passphrase, + $passPhrase, false, $iv); @@ -246,27 +240,21 @@ class Crypt { /** * @param $keyFileContents - * @param string $passphrase + * @param string $passPhrase * @param string $cipher - * @return bool|string + * @return string * @throws DecryptionFailedException */ - public function symmetricDecryptFileContent($keyFileContents, $passphrase = '', $cipher = self::DEFAULT_CIPHER) { + public function symmetricDecryptFileContent($keyFileContents, $passPhrase = '', $cipher = self::DEFAULT_CIPHER) { // Remove Padding $noPadding = $this->removePadding($keyFileContents); $catFile = $this->splitIv($noPadding); - $plainContent = $this->decrypt($catFile['encrypted'], + return $this->decrypt($catFile['encrypted'], $catFile['iv'], - $passphrase, + $passPhrase, $cipher); - - if ($plainContent) { - return $plainContent; - } - - return false; } /** @@ -304,22 +292,22 @@ class Crypt { /** * @param $encryptedContent * @param $iv - * @param string $passphrase + * @param string $passPhrase * @param string $cipher * @return string * @throws DecryptionFailedException */ - private function decrypt($encryptedContent, $iv, $passphrase = '', $cipher = self::DEFAULT_CIPHER) { + private function decrypt($encryptedContent, $iv, $passPhrase = '', $cipher = self::DEFAULT_CIPHER) { $plainContent = openssl_decrypt($encryptedContent, $cipher, - $passphrase, + $passPhrase, false, $iv); if ($plainContent) { return $plainContent; } else { - throw new DecryptionFailedException('Encryption library: Decryption (symmetric) of content failed'); + throw new DecryptionFailedException('Encryption library: Decryption (symmetric) of content failed: ' . openssl_error_string()); } } @@ -427,7 +415,7 @@ class Crypt { if (openssl_open($encKeyFile, $plainContent, $shareKey, $privateKey)) { return $plainContent; } else { - throw new MultiKeyDecryptException('multikeydecrypt with share key failed'); + throw new MultiKeyDecryptException('multikeydecrypt with share key failed:' . openssl_error_string()); } } @@ -452,7 +440,7 @@ class Crypt { if (openssl_seal($plainContent, $sealed, $shareKeys, $keyFiles)) { $i = 0; - // Ensure each shareKey is labelled with its coreesponding keyid + // Ensure each shareKey is labelled with its corresponding key id foreach ($keyFiles as $userId => $publicKey) { $mappedShareKeys[$userId] = $shareKeys[$i]; $i++; diff --git a/apps/encryption/lib/exceptions/filekeymissingexception.php b/apps/encryption/lib/exceptions/filekeymissingexception.php new file mode 100644 index 0000000000..9eb2d4c80d --- /dev/null +++ b/apps/encryption/lib/exceptions/filekeymissingexception.php @@ -0,0 +1,8 @@ + Date: Wed, 1 Apr 2015 13:58:50 +0200 Subject: [PATCH 070/119] only encrypt files and files_versions --- apps/encryption/lib/crypto/encryption.php | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index aa62078582..d8b7f91e26 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -278,7 +278,19 @@ class Encryption implements IEncryptionModule { * @return boolean */ public function shouldEncrypt($path) { - return true; + $parts = explode('/', $path); + if (count($parts) < 3) { + return false; + } + + if ($parts[2] == '/files/') { + return true; + } + if ($parts[2] == '/files_versions/') { + return true; + } + + return false; } /** From cac83642f2df98497ecedcded1716c28fa676313 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Wed, 1 Apr 2015 13:59:29 +0200 Subject: [PATCH 071/119] Finally fixing encryption with public share --- apps/encryption/lib/keymanager.php | 58 +++++++++++++------------ lib/private/encryption/update.php | 32 +++++++------- lib/private/files/stream/encryption.php | 2 +- 3 files changed, 48 insertions(+), 44 deletions(-) diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index f96c426a72..f3f96b9ef2 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -23,6 +23,7 @@ namespace OCA\Encryption; use OC\Encryption\Exceptions\DecryptionFailedException; +use OCA\Encryption\Exceptions\FileKeyMissingException; use OCA\Encryption\Exceptions\PrivateKeyMissingException; use OC\Encryption\Exceptions\PublicKeyMissingException; use OCA\Encryption\Crypto\Crypt; @@ -114,6 +115,8 @@ class KeyManager { $this->keyStorage = $keyStorage; $this->crypt = $crypt; $this->config = $config; + $this->log = $log; + $this->recoveryKeyId = $this->config->getAppValue('encryption', 'recoveryKeyId'); if (empty($this->recoveryKeyId)) { @@ -123,34 +126,24 @@ class KeyManager { $this->recoveryKeyId); } - $this->publicShareKeyId = $this->config->getAppValue('encryption', 'publicShareKeyId'); - $this->log = $log; - if (empty($this->publicShareKeyId)) { $this->publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8); - $this->config->setAppValue('encryption', - 'publicShareKeyId', - $this->publicShareKeyId); + $this->config->setAppValue('encryption', 'publicShareKeyId', $this->publicShareKeyId); + } + $shareKey = $this->getPublicShareKey(); + if (empty($shareKey)) { $keyPair = $this->crypt->createKeyPair(); // Save public key $this->keyStorage->setSystemUserKey( - $this->publicShareKeyId . '.publicKey', - $keyPair['publicKey']); + $this->publicShareKeyId . '.publicKey', $keyPair['publicKey']); // Encrypt private key empty passphrase - $encryptedKey = $this->crypt->symmetricEncryptFileContent($keyPair['privateKey'], - ''); - if ($encryptedKey) { - $this->keyStorage->setSystemUserKey($this->publicShareKeyId . '.privateKey', - $encryptedKey); - } else { - $this->log->error('Could not create public share keys'); - } - + $encryptedKey = $this->crypt->symmetricEncryptFileContent($keyPair['privateKey'], ''); + $this->keyStorage->setSystemUserKey($this->publicShareKeyId . '.privateKey', $encryptedKey); } $this->keyId = $userSession && $userSession->isLoggedIn() ? $userSession->getUser()->getUID() : false; @@ -161,7 +154,8 @@ class KeyManager { * @return bool */ public function recoveryKeyExists() { - return (!empty($this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.publicKey'))); + $key = $this->getRecoveryKey(); + return (!empty($key)); } /** @@ -340,19 +334,25 @@ class KeyManager { * @return string */ public function getFileKey($path, $uid) { - $key = ''; - $encryptedFileKey = $this->keyStorage->getFileKey($path, - $this->fileKeyId); - $shareKey = $this->getShareKey($path, $uid); - $privateKey = $this->session->getPrivateKey(); + $encryptedFileKey = $this->keyStorage->getFileKey($path, $this->fileKeyId); + + if (is_null($uid)) { + $uid = $this->getPublicShareKeyId(); + $shareKey = $this->getShareKey($path, $uid); + $privateKey = $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.privateKey'); + $privateKey = $this->crypt->symmetricDecryptFileContent($privateKey); + } else { + $shareKey = $this->getShareKey($path, $uid); + $privateKey = $this->session->getPrivateKey(); + } if ($encryptedFileKey && $shareKey && $privateKey) { - $key = $this->crypt->multiKeyDecrypt($encryptedFileKey, + return $this->crypt->multiKeyDecrypt($encryptedFileKey, $shareKey, $privateKey); } - return $key; + throw new FileKeyMissingException(); } /** @@ -412,7 +412,7 @@ class KeyManager { } /** - * get public key for public link shares + * get public key for public link shares * * @return string */ @@ -504,7 +504,11 @@ class KeyManager { */ public function addSystemKeys(array $accessList, array $publicKeys) { if (!empty($accessList['public'])) { - $publicKeys[$this->getPublicShareKeyId()] = $this->getPublicShareKey(); + $publicShareKey = $this->getPublicShareKey(); + if (empty($publicShareKey)) { + throw new PublicKeyMissingException(); + } + $publicKeys[$this->getPublicShareKeyId()] = $publicShareKey; } if ($this->recoveryKeyExists() && diff --git a/lib/private/encryption/update.php b/lib/private/encryption/update.php index 21cedde614..e838e87050 100644 --- a/lib/private/encryption/update.php +++ b/lib/private/encryption/update.php @@ -93,25 +93,25 @@ class Update { * @param int $fileSource file source id */ private function update($fileSource) { - $path = \OC\Files\Filesystem::getPath($fileSource); - $absPath = '/' . $this->uid . '/files' . $path; + $path = \OC\Files\Filesystem::getPath($fileSource); + $absPath = '/' . $this->uid . '/files' . $path; - $mount = $this->mountManager->find($path); - $mountPoint = $mount->getMountPoint(); + $mount = $this->mountManager->find($path); + $mountPoint = $mount->getMountPoint(); - // if a folder was shared, get a list of all (sub-)folders - if ($this->view->is_dir($absPath)) { - $allFiles = $this->util->getAllFiles($absPath, $mountPoint); - } else { - $allFiles = array($absPath); - } + // if a folder was shared, get a list of all (sub-)folders + if ($this->view->is_dir($absPath)) { + $allFiles = $this->util->getAllFiles($absPath, $mountPoint); + } else { + $allFiles = array($absPath); + } - $encryptionModule = $this->encryptionManager->getDefaultEncryptionModule(); + $encryptionModule = $this->encryptionManager->getDefaultEncryptionModule(); - foreach ($allFiles as $path) { - $usersSharing = $this->file->getAccessList($path); - $encryptionModule->update($absPath, $this->uid, $usersSharing); - } + foreach ($allFiles as $path) { + $usersSharing = $this->file->getAccessList($path); + $encryptionModule->update($absPath, $this->uid, $usersSharing); + } } -} \ No newline at end of file +} diff --git a/lib/private/files/stream/encryption.php b/lib/private/files/stream/encryption.php index a96d573723..88957825de 100644 --- a/lib/private/files/stream/encryption.php +++ b/lib/private/files/stream/encryption.php @@ -198,7 +198,7 @@ class Encryption extends Wrapper { $context = parent::loadContext($name); foreach ($this->expectedContextProperties as $property) { - if (isset($context[$property])) { + if (array_key_exists($property, $context)) { $this->{$property} = $context[$property]; } else { throw new \BadMethodCallException('Invalid context, "' . $property . '" options not set'); From 51302d58120e9050fb8842cf63cef88620f74203 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Wed, 1 Apr 2015 14:24:42 +0200 Subject: [PATCH 072/119] getUidAndFilename() always get uid from path --- lib/private/encryption/util.php | 52 ++++----------------------------- 1 file changed, 6 insertions(+), 46 deletions(-) diff --git a/lib/private/encryption/util.php b/lib/private/encryption/util.php index 734da741fd..1183e6622b 100644 --- a/lib/private/encryption/util.php +++ b/lib/private/encryption/util.php @@ -226,7 +226,7 @@ class Util { } /** - * get the owner and the path for the owner + * get the owner and the path for the file relative to the owners files folder * * @param string $path * @return array @@ -240,55 +240,15 @@ class Util { $uid = $parts[1]; } if (!$this->userManager->userExists($uid)) { - throw new \BadMethodCallException('path needs to be relative to the system wide data folder and point to a user specific file'); + throw new \BadMethodCallException( + 'path needs to be relative to the system wide data folder and point to a user specific file' + ); } - $pathInfo = pathinfo($path); - $partFile = false; - $parentFolder = false; - if (array_key_exists('extension', $pathInfo) && $pathInfo['extension'] === 'part') { - // if the real file exists we check this file - $filePath = $pathInfo['dirname'] . '/' . $pathInfo['filename']; - if ($this->view->file_exists($filePath)) { - $pathToCheck = $pathInfo['dirname'] . '/' . $pathInfo['filename']; - } else { // otherwise we look for the parent - $pathToCheck = $pathInfo['dirname']; - $parentFolder = true; - } - $partFile = true; - } else { - $pathToCheck = $path; - } + $ownerPath = implode('/', array_slice($parts, 2)); - $pathToCheck = substr($pathToCheck, strlen('/' . $uid)); + return array($uid, \OC\Files\Filesystem::normalizePath($ownerPath)); - $this->view->chroot('/' . $uid); - $owner = $this->view->getOwner($pathToCheck); - - // Check that UID is valid - if (!$this->userManager->userExists($owner)) { - throw new \BadMethodCallException('path needs to be relative to the system wide data folder and point to a user specific file'); - } - - \OC\Files\Filesystem::initMountPoints($owner); - - $info = $this->view->getFileInfo($pathToCheck); - $this->view->chroot('/' . $owner); - $ownerPath = $this->view->getPath($info->getId()); - $this->view->chroot('/'); - - if ($parentFolder) { - $ownerPath = $ownerPath . '/'. $pathInfo['filename']; - } - - if ($partFile) { - $ownerPath = $ownerPath . '.' . $pathInfo['extension']; - } - - return array( - $owner, - \OC\Files\Filesystem::normalizePath($ownerPath) - ); } /** From a057108c0c1ec77b6f61f6f387c0714c84653254 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Wed, 1 Apr 2015 14:24:56 +0200 Subject: [PATCH 073/119] make recovery key work --- apps/encryption/appinfo/application.php | 1 + .../controller/recoverycontroller.php | 3 + apps/encryption/hooks/userhooks.php | 23 +++-- apps/encryption/lib/keymanager.php | 14 ++- apps/encryption/lib/recovery.php | 93 ++++++++++--------- settings/changepassword/controller.php | 37 +++++++- settings/users.php | 4 +- 7 files changed, 115 insertions(+), 60 deletions(-) diff --git a/apps/encryption/appinfo/application.php b/apps/encryption/appinfo/application.php index 955146f718..0d1bd0d6be 100644 --- a/apps/encryption/appinfo/application.php +++ b/apps/encryption/appinfo/application.php @@ -75,6 +75,7 @@ class Application extends \OCP\AppFramework\App { $server->getUserSession(), $container->query('Util'), new \OCA\Encryption\Session($server->getSession()), + $container->query('Crypt'), $container->query('Recovery')) ]); diff --git a/apps/encryption/controller/recoverycontroller.php b/apps/encryption/controller/recoverycontroller.php index d115feb8e3..24d7f5a06e 100644 --- a/apps/encryption/controller/recoverycontroller.php +++ b/apps/encryption/controller/recoverycontroller.php @@ -142,6 +142,9 @@ class RecoveryController extends Controller { } } + /** + * @NoAdminRequired + */ public function userSetRecovery($userEnableRecovery) { if ($userEnableRecovery === '0' || $userEnableRecovery === '1') { diff --git a/apps/encryption/hooks/userhooks.php b/apps/encryption/hooks/userhooks.php index 330d8a873b..3b56135c36 100644 --- a/apps/encryption/hooks/userhooks.php +++ b/apps/encryption/hooks/userhooks.php @@ -25,6 +25,7 @@ namespace OCA\Encryption\Hooks; use OCP\Util as OCUtil; use OCA\Encryption\Hooks\Contracts\IHook; use OCA\Encryption\KeyManager; +use OCA\Encryption\Crypto\Crypt; use OCA\Encryption\Users\Setup; use OCP\App; use OCP\ILogger; @@ -62,6 +63,10 @@ class UserHooks implements IHook { * @var Recovery */ private $recovery; + /** + * @var Crypt + */ + private $crypt; /** * UserHooks constructor. @@ -72,6 +77,7 @@ class UserHooks implements IHook { * @param IUserSession $user * @param Util $util * @param Session $session + * @param Crypt $crypt * @param Recovery $recovery */ public function __construct(KeyManager $keyManager, @@ -80,6 +86,7 @@ class UserHooks implements IHook { IUserSession $user, Util $util, Session $session, + Crypt $crypt, Recovery $recovery) { $this->keyManager = $keyManager; @@ -89,6 +96,7 @@ class UserHooks implements IHook { $this->util = $util; $this->session = $session; $this->recovery = $recovery; + $this->crypt = $crypt; } /** @@ -214,7 +222,7 @@ class UserHooks implements IHook { // Save private key if ($encryptedPrivateKey) { - $this->setPrivateKey($this->user->getUser()->getUID(), + $this->keyManager->setPrivateKey($this->user->getUser()->getUID(), $encryptedPrivateKey); } else { $this->log->error('Encryption could not update users encryption password'); @@ -231,28 +239,31 @@ class UserHooks implements IHook { // ...we have a recovery password and the user enabled the recovery key // ...encryption was activated for the first time (no keys exists) // ...the user doesn't have any files - if (($util->recoveryEnabledForUser() && $recoveryPassword) || !$this->userHasKeys($user) || !$util->userHasFiles($user) + if ( + ($this->recovery->isRecoveryEnabledForUser($user) && $recoveryPassword) + || !$this->keyManager->userHasKeys($user) + || !$this->util->userHasFiles($user) ) { // backup old keys - $this->backupAllKeys('recovery'); + //$this->backupAllKeys('recovery'); $newUserPassword = $params['password']; $keyPair = $this->crypt->createKeyPair(); // Save public key - $this->setPublicKey($user, $keyPair['publicKey']); + $this->keyManager->setPublicKey($user, $keyPair['publicKey']); // Encrypt private key with new password $encryptedKey = $this->crypt->symmetricEncryptFileContent($keyPair['privateKey'], $newUserPassword); if ($encryptedKey) { - $this->setPrivateKey($user, $encryptedKey); + $this->keyManager->setPrivateKey($user, $encryptedKey); if ($recoveryPassword) { // if recovery key is set we can re-encrypt the key files - $this->recovery->recoverUsersFiles($recoveryPassword); + $this->recovery->recoverUsersFiles($recoveryPassword, $user); } } else { $this->log->error('Encryption Could not update users encryption password'); diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index f3f96b9ef2..4c5cb1365e 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -206,7 +206,6 @@ class KeyManager { if ($encryptedKey) { $this->setPrivateKey($uid, $encryptedKey); - $this->config->setAppValue('encryption', 'recoveryAdminEnabled', 0); return true; } return false; @@ -355,6 +354,19 @@ class KeyManager { throw new FileKeyMissingException(); } + /** + * get the encrypted file key + * + * @param $path + * @return string + */ + public function getEncryptedFileKey($path) { + $encryptedFileKey = $this->keyStorage->getFileKey($path, + $this->fileKeyId); + + return $encryptedFileKey; + } + /** * delete share key * diff --git a/apps/encryption/lib/recovery.php b/apps/encryption/lib/recovery.php index 4201b829ec..34acdd0a6e 100644 --- a/apps/encryption/lib/recovery.php +++ b/apps/encryption/lib/recovery.php @@ -156,10 +156,15 @@ class Recovery { } /** + * check if recovery is enabled for user + * + * @param string $user if no user is given we check the current logged-in user + * * @return bool */ - public function recoveryEnabledForUser() { - $recoveryMode = $this->config->getUserValue($this->user->getUID(), + public function isRecoveryEnabledForUser($user = '') { + $uid = empty($user) ? $this->user->getUID() : $user; + $recoveryMode = $this->config->getUserValue($uid, 'encryption', 'recoveryEnabled', 0); @@ -167,6 +172,17 @@ class Recovery { return ($recoveryMode === '1'); } + /** + * check if recovery is key is enabled by the administrator + * + * @return bool + */ + public function isRecoveryKeyEnabled() { + $enabled = $this->config->getAppValue('encryption', 'recoveryAdminEnabled', 0); + + return ($enabled === '1'); + } + /** * @param string $value * @return bool @@ -234,15 +250,18 @@ class Recovery { } /** - * @param $recoveryPassword + * recover users files with the recovery key + * + * @param string $recoveryPassword + * @param string $user */ - public function recoverUsersFiles($recoveryPassword) { - $encryptedKey = $this->keyManager->getSystemPrivateKey(); + public function recoverUsersFiles($recoveryPassword, $user) { + $encryptedKey = $this->keyManager->getSystemPrivateKey($this->keyManager->getRecoveryKeyId()); $privateKey = $this->crypt->decryptPrivateKey($encryptedKey, $recoveryPassword); - $this->recoverAllFiles('/', $privateKey); + $this->recoverAllFiles('/' . $user . '/files/', $privateKey); } /** @@ -250,12 +269,12 @@ class Recovery { * @param $privateKey */ private function recoverAllFiles($path, $privateKey) { - $dirContent = $this->files->getDirectoryContent($path); + $dirContent = $this->view->getDirectoryContent($path); foreach ($dirContent as $item) { // Get relative path from encryption/keyfiles - $filePath = substr($item['path'], strlen('encryption/keys')); - if ($this->files->is_dir($this->user->getUID() . '/files' . '/' . $filePath)) { + $filePath = $item->getPath(); + if ($this->view->is_dir($filePath)) { $this->recoverAllFiles($filePath . '/', $privateKey); } else { $this->recoverFile($filePath, $privateKey); @@ -265,50 +284,32 @@ class Recovery { } /** - * @param $filePath - * @param $privateKey + * @param string $path + * @param string $privateKey */ - private function recoverFile($filePath, $privateKey) { - $sharingEnabled = Share::isEnabled(); - $uid = $this->user->getUID(); + private function recoverFile($path, $privateKey) { + $encryptedFileKey = $this->keyManager->getEncryptedFileKey($path); + $shareKey = $this->keyManager->getShareKey($path, $this->keyManager->getRecoveryKeyId()); - // Find out who, if anyone, is sharing the file - if ($sharingEnabled) { - $result = Share::getUsersSharingFile($filePath, - $uid, - true); - $userIds = $result['users']; - $userIds[] = 'public'; - } else { - $userIds = [ - $uid, - $this->recoveryKeyId - ]; + if ($encryptedFileKey && $shareKey && $privateKey) { + $fileKey = $this->crypt->multiKeyDecrypt($encryptedFileKey, + $shareKey, + $privateKey); } - $filteredUids = $this->filterShareReadyUsers($userIds); - // Decrypt file key - $encKeyFile = $this->keyManager->getFileKey($filePath, - $uid); + if (!empty($fileKey)) { + $accessList = $this->file->getAccessList($path); + $publicKeys = array(); + foreach ($accessList['users'] as $uid) { + $publicKeys[$uid] = $this->keyManager->getPublicKey($uid); + } - $shareKey = $this->keyManager->getShareKey($filePath, - $uid); + $publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys); - $plainKeyFile = $this->crypt->multiKeyDecrypt($encKeyFile, - $shareKey, - $privateKey); + $encryptedKeyfiles = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys); + $this->keyManager->setAllFileKeys($path, $encryptedKeyfiles); + } - // Encrypt the file key again to all users, this time with the new publick keyt for the recovered user - $userPublicKeys = $this->keyManager->getPublicKeys($filteredUids['ready']); - $multiEncryptionKey = $this->crypt->multiKeyEncrypt($plainKeyFile, - $userPublicKeys); - - $this->keyManager->setFileKey($multiEncryptionKey['data'], - $uid); - - $this->keyManager->setShareKey($filePath, - $uid, - $multiEncryptionKey['keys']); } diff --git a/settings/changepassword/controller.php b/settings/changepassword/controller.php index 1be30b725d..f041cb5b29 100644 --- a/settings/changepassword/controller.php +++ b/settings/changepassword/controller.php @@ -77,16 +77,43 @@ class Controller { exit(); } - if (\OC_App::isEnabled('files_encryption')) { + if (\OC_App::isEnabled('encryption')) { //handle the recovery case - $util = new \OCA\Files_Encryption\Util(new \OC\Files\View('/'), $username); - $recoveryAdminEnabled = \OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled'); + $crypt = new \OCA\Encryption\Crypto\Crypt( + \OC::$server->getLogger(), + \OC::$server->getUserSession(), + \OC::$server->getConfig()); + $keyStorage = \OC::$server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID); + $util = new \OCA\Encryption\Util( + new \OC\Files\View(), + $crypt, + \OC::$server->getLogger(), + \OC::$server->getUserSession(), + \OC::$server->getConfig()); + $keyManager = new \OCA\Encryption\KeyManager( + $keyStorage, + $crypt, + \OC::$server->getConfig(), + \OC::$server->getUserSession(), + new \OCA\Encryption\Session(\OC::$server->getSession()), + \OC::$server->getLogger(), + $util); + $recovery = new \OCA\Encryption\Recovery( + \OC::$server->getUserSession(), + $crypt, + \OC::$server->getSecureRandom(), + $keyManager, + \OC::$server->getConfig(), + $keyStorage, + \OC::$server->getEncryptionFilesHelper(), + new \OC\Files\View()); + $recoveryAdminEnabled = $recovery->isRecoveryKeyEnabled(); $validRecoveryPassword = false; $recoveryEnabledForUser = false; if ($recoveryAdminEnabled) { - $validRecoveryPassword = $util->checkRecoveryPassword($recoveryPassword); - $recoveryEnabledForUser = $util->recoveryEnabledForUser(); + $validRecoveryPassword = $keyManager->checkRecoveryPassword($recoveryPassword); + $recoveryEnabledForUser = $recovery->isRecoveryEnabledForUser(); } if ($recoveryEnabledForUser && $recoveryPassword === '') { diff --git a/settings/users.php b/settings/users.php index 08498edec2..0fc9fbeafc 100644 --- a/settings/users.php +++ b/settings/users.php @@ -45,8 +45,8 @@ $groupsInfo = new \OC\Group\MetaData(OC_User::getUser(), $isAdmin, $groupManager $groupsInfo->setSorting($groupsInfo::SORT_USERCOUNT); list($adminGroup, $groups) = $groupsInfo->get(); -$recoveryAdminEnabled = OC_App::isEnabled('files_encryption') && - $config->getAppValue( 'files_encryption', 'recoveryAdminEnabled', null ); +$recoveryAdminEnabled = OC_App::isEnabled('encryption') && + $config->getAppValue( 'encryption', 'recoveryAdminEnabled', null ); if($isAdmin) { $subadmins = OC_SubAdmin::getAllSubAdmins(); From 43c0af2580a615f328c0a3a6d0d6256b4e625f3f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Wed, 1 Apr 2015 15:41:31 +0200 Subject: [PATCH 074/119] Fix shouldEncrypt and don't throw exception id fileKey not present - can happen --- apps/encryption/lib/crypto/encryption.php | 41 ++++++++++--------- .../exceptions/filekeymissingexception.php | 8 ---- apps/encryption/lib/keymanager.php | 30 ++------------ 3 files changed, 25 insertions(+), 54 deletions(-) delete mode 100644 apps/encryption/lib/exceptions/filekeymissingexception.php diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index d8b7f91e26..c3fd340536 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -10,6 +10,7 @@ namespace OCA\Encryption\Crypto; +use OCA\Encryption\Util; use OCP\Encryption\IEncryptionModule; use OCA\Encryption\KeyManager; @@ -38,7 +39,7 @@ class Encryption implements IEncryptionModule { private $writeCache; /** @var KeyManager */ - private $keymanager; + private $keyManager; /** @var array */ private $accessList; @@ -46,18 +47,18 @@ class Encryption implements IEncryptionModule { /** @var boolean */ private $isWriteOperation; - /** @var \OCA\Encryption\Util */ + /** @var Util */ private $util; /** * * @param \OCA\Encryption\Crypto\Crypt $crypt - * @param KeyManager $keymanager - * @param \OCA\Encryption\Util $util + * @param KeyManager $keyManager + * @param Util $util */ - public function __construct(Crypt $crypt, KeyManager $keymanager, \OCA\Encryption\Util $util) { + public function __construct(Crypt $crypt, KeyManager $keyManager, Util $util) { $this->crypt = $crypt; - $this->keymanager = $keymanager; + $this->keyManager = $keyManager; $this->util = $util; } @@ -105,7 +106,7 @@ class Encryption implements IEncryptionModule { $this->writeCache = ''; $this->isWriteOperation = false; - $this->fileKey = $this->keymanager->getFileKey($path, $this->user); + $this->fileKey = $this->keyManager->getFileKey($path, $this->user); return array('cipher' => $this->cipher); } @@ -128,13 +129,13 @@ class Encryption implements IEncryptionModule { } $publicKeys = array(); foreach ($this->accessList['users'] as $uid) { - $publicKeys[$uid] = $this->keymanager->getPublicKey($uid); + $publicKeys[$uid] = $this->keyManager->getPublicKey($uid); } - $publicKeys = $this->keymanager->addSystemKeys($this->accessList, $publicKeys); + $publicKeys = $this->keyManager->addSystemKeys($this->accessList, $publicKeys); $encryptedKeyfiles = $this->crypt->multiKeyEncrypt($this->fileKey, $publicKeys); - $this->keymanager->setAllFileKeys($path, $encryptedKeyfiles); + $this->keyManager->setAllFileKeys($path, $encryptedKeyfiles); } return $result; } @@ -231,19 +232,19 @@ class Encryption implements IEncryptionModule { * @return boolean */ public function update($path, $uid, $accessList) { - $fileKey = $this->keymanager->getFileKey($path, $uid); + $fileKey = $this->keyManager->getFileKey($path, $uid); $publicKeys = array(); foreach ($accessList['users'] as $user) { - $publicKeys[$user] = $this->keymanager->getPublicKey($user); + $publicKeys[$user] = $this->keyManager->getPublicKey($user); } - $publicKeys = $this->keymanager->addSystemKeys($accessList, $publicKeys); + $publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys); $encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys); - $this->keymanager->deleteAllFileKeys($path); + $this->keyManager->deleteAllFileKeys($path); - $this->keymanager->setAllFileKeys($path, $encryptedFileKey); + $this->keyManager->setAllFileKeys($path, $encryptedFileKey); return true; } @@ -257,13 +258,13 @@ class Encryption implements IEncryptionModule { */ public function addSystemKeys(array $accessList, array $publicKeys) { if (!empty($accessList['public'])) { - $publicKeys[$this->keymanager->getPublicShareKeyId()] = $this->keymanager->getPublicShareKey(); + $publicKeys[$this->keyManager->getPublicShareKeyId()] = $this->keyManager->getPublicShareKey(); } - if ($this->keymanager->recoveryKeyExists() && + if ($this->keyManager->recoveryKeyExists() && $this->util->recoveryEnabled($this->user)) { - $publicKeys[$this->keymanager->getRecoveryKeyId()] = $this->keymanager->getRecoveryKey(); + $publicKeys[$this->keyManager->getRecoveryKeyId()] = $this->keyManager->getRecoveryKey(); } @@ -283,10 +284,10 @@ class Encryption implements IEncryptionModule { return false; } - if ($parts[2] == '/files/') { + if ($parts[2] == 'files') { return true; } - if ($parts[2] == '/files_versions/') { + if ($parts[2] == 'files_versions') { return true; } diff --git a/apps/encryption/lib/exceptions/filekeymissingexception.php b/apps/encryption/lib/exceptions/filekeymissingexception.php deleted file mode 100644 index 9eb2d4c80d..0000000000 --- a/apps/encryption/lib/exceptions/filekeymissingexception.php +++ /dev/null @@ -1,8 +0,0 @@ - - * @since 2/19/15, 1:20 PM - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ namespace OCA\Encryption; - use OC\Encryption\Exceptions\DecryptionFailedException; -use OCA\Encryption\Exceptions\FileKeyMissingException; use OCA\Encryption\Exceptions\PrivateKeyMissingException; use OC\Encryption\Exceptions\PublicKeyMissingException; use OCA\Encryption\Crypto\Crypt; use OCP\Encryption\Keys\IStorage; -use OCA\Encryption\Util; use OCP\IConfig; use OCP\ILogger; use OCP\IUserSession; -use \OCA\Encryption\Session; class KeyManager { @@ -211,11 +188,11 @@ class KeyManager { return false; } - /** - * @param string $uid + /** * @param string $password * @param array $keyPair * @return bool + * @internal param string $uid */ public function setRecoveryKey($password, $keyPair) { // Save Public Key @@ -351,7 +328,7 @@ class KeyManager { $privateKey); } - throw new FileKeyMissingException(); + return ''; } /** @@ -513,6 +490,7 @@ class KeyManager { * @param array $accessList * @param array $publicKeys * @return array + * @throws PublicKeyMissingException */ public function addSystemKeys(array $accessList, array $publicKeys) { if (!empty($accessList['public'])) { From feb9a6e21630724f3388ea219daccca3b13f69d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Wed, 1 Apr 2015 15:42:08 +0200 Subject: [PATCH 075/119] Set human readable module ids --- apps/encryption/lib/crypto/encryption.php | 2 +- apps/encryption_dummy/lib/dummymodule.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index c3fd340536..b66be26370 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -16,7 +16,7 @@ use OCA\Encryption\KeyManager; class Encryption implements IEncryptionModule { - const ID = '42'; + const ID = 'OC_DEFAULT_MODULE'; /** * @var Crypt diff --git a/apps/encryption_dummy/lib/dummymodule.php b/apps/encryption_dummy/lib/dummymodule.php index 55e8f26af9..8cec9dfaf4 100644 --- a/apps/encryption_dummy/lib/dummymodule.php +++ b/apps/encryption_dummy/lib/dummymodule.php @@ -34,7 +34,7 @@ class DummyModule implements IEncryptionModule { * @return string defining the technical unique id */ public function getId() { - return "34876934"; + return "OC_DUMMY_MODULE"; } /** From de4ec21c3948f86685450269a1857473babc4a56 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Wed, 1 Apr 2015 16:12:49 +0200 Subject: [PATCH 076/119] work arround to make sure that shares are initialized only once --- apps/files_sharing/lib/sharedstorage.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/apps/files_sharing/lib/sharedstorage.php b/apps/files_sharing/lib/sharedstorage.php index ce8665c97a..27be977fd1 100644 --- a/apps/files_sharing/lib/sharedstorage.php +++ b/apps/files_sharing/lib/sharedstorage.php @@ -39,6 +39,7 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage { private $share; // the shared resource private $files = array(); + private static $isInitialized = false; public function __construct($arguments) { $this->share = $arguments['share']; @@ -426,8 +427,12 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage { $shares = \OCP\Share::getItemsSharedWithUser('file', $options['user']); $manager = Filesystem::getMountManager(); $loader = Filesystem::getLoader(); - if (!\OCP\User::isLoggedIn() || \OCP\User::getUser() != $options['user'] - || $shares + if ( + !self::$isInitialized && ( + !\OCP\User::isLoggedIn() + || \OCP\User::getUser() != $options['user'] + || $shares + ) ) { foreach ($shares as $share) { // don't mount shares where we have no permissions @@ -445,6 +450,7 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage { } } } + self::$isInitialized = true; } /** From c9d6ed3d7d04412b721745f61402ff1400c59aeb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Wed, 1 Apr 2015 16:35:46 +0200 Subject: [PATCH 077/119] in case the file exists we require the explicit module as specified in the file header - otherwise we need to fail hard to prevent data loss on client side --- lib/private/files/storage/wrapper/encryption.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php index 3e98098419..09ba090acf 100644 --- a/lib/private/files/storage/wrapper/encryption.php +++ b/lib/private/files/storage/wrapper/encryption.php @@ -219,6 +219,12 @@ class Encryption extends Wrapper { $size = $unencryptedSize = 0; if ($this->file_exists($path)) { + // in case the file exists we require the explicit module as + // specified in the file header - otherwise we need to fail hard to + // prevent data loss on client side + if (!empty($encryptionModuleId)) { + $encryptionModule = $this->encryptionManager->getEncryptionModule($encryptionModuleId); + } $size = $this->storage->filesize($path); $unencryptedSize = $this->filesize($path); } From 664b2bb7af2c8253aa0bbade42531ad4a3ef6bab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Wed, 1 Apr 2015 16:36:08 +0200 Subject: [PATCH 078/119] cleaning up exception mess --- apps/encryption/lib/crypto/crypt.php | 2 +- .../exceptions/multikeydecryptexception.php | 4 ++- .../exceptions/multikeyencryptexception.php | 4 ++- .../exceptions/privatekeymissingexception.php | 14 ++++++++-- .../exceptions/publickeymissingexception.php | 20 +++++++++++++ apps/encryption/lib/keymanager.php | 8 +++--- apps/encryption/lib/session.php | 2 +- lib/private/connector/sabre/file.php | 4 +-- .../exceptions/decryptionfailedexception.php | 1 + .../emptyencryptiondataexception.php | 1 + .../exceptions/encryptionfailedexception.php | 1 + .../encryptionheaderkeyexistsexception.php | 13 +++++---- .../encryptionheadertolargeexception.php | 5 ++++ .../modulealreadyexistsexception.php | 12 +++++++- .../moduledoesnotexistsexception.php | 4 ++- .../exceptions/publickeymissingexception.php | 28 ------------------- .../unexpectedblocksizeexception.php | 28 ------------------- ...expectedendofencryptionheaderexception.php | 28 ------------------- .../exceptions/unknowncipherexception.php | 3 +- lib/private/encryption/keys/storage.php | 4 +-- lib/private/encryption/manager.php | 3 +- lib/private/encryption/util.php | 4 +-- .../exceptions/genericencryptionexception.php | 9 +++++- 23 files changed, 91 insertions(+), 111 deletions(-) create mode 100644 apps/encryption/lib/exceptions/publickeymissingexception.php delete mode 100644 lib/private/encryption/exceptions/publickeymissingexception.php delete mode 100644 lib/private/encryption/exceptions/unexpectedblocksizeexception.php delete mode 100644 lib/private/encryption/exceptions/unexpectedendofencryptionheaderexception.php rename lib/{private => public}/encryption/exceptions/genericencryptionexception.php (76%) diff --git a/apps/encryption/lib/crypto/crypt.php b/apps/encryption/lib/crypto/crypt.php index 6b79057fe7..80878b3ddb 100644 --- a/apps/encryption/lib/crypto/crypt.php +++ b/apps/encryption/lib/crypto/crypt.php @@ -24,9 +24,9 @@ namespace OCA\Encryption\Crypto; use OC\Encryption\Exceptions\DecryptionFailedException; use OC\Encryption\Exceptions\EncryptionFailedException; -use OC\Encryption\Exceptions\GenericEncryptionException; use OCA\Encryption\Exceptions\MultiKeyDecryptException; use OCA\Encryption\Exceptions\MultiKeyEncryptException; +use OCP\Encryption\Exceptions\GenericEncryptionException; use OCP\IConfig; use OCP\ILogger; use OCP\IUser; diff --git a/apps/encryption/lib/exceptions/multikeydecryptexception.php b/apps/encryption/lib/exceptions/multikeydecryptexception.php index 36a95544e6..1466d35eda 100644 --- a/apps/encryption/lib/exceptions/multikeydecryptexception.php +++ b/apps/encryption/lib/exceptions/multikeydecryptexception.php @@ -2,6 +2,8 @@ namespace OCA\Encryption\Exceptions; -class MultiKeyDecryptException extends \Exception { +use OCP\Encryption\Exceptions\GenericEncryptionException; + +class MultiKeyDecryptException extends GenericEncryptionException { } diff --git a/apps/encryption/lib/exceptions/multikeyencryptexception.php b/apps/encryption/lib/exceptions/multikeyencryptexception.php index e518a09d1c..daf528e2cf 100644 --- a/apps/encryption/lib/exceptions/multikeyencryptexception.php +++ b/apps/encryption/lib/exceptions/multikeyencryptexception.php @@ -2,6 +2,8 @@ namespace OCA\Encryption\Exceptions; -class MultiKeyEncryptException extends \Exception { +use OCP\Encryption\Exceptions\GenericEncryptionException; + +class MultiKeyEncryptException extends GenericEncryptionException { } diff --git a/apps/encryption/lib/exceptions/privatekeymissingexception.php b/apps/encryption/lib/exceptions/privatekeymissingexception.php index ddc3d11cdb..50d75870b2 100644 --- a/apps/encryption/lib/exceptions/privatekeymissingexception.php +++ b/apps/encryption/lib/exceptions/privatekeymissingexception.php @@ -19,10 +19,20 @@ * */ - namespace OCA\Encryption\Exceptions; +use OCP\Encryption\Exceptions\GenericEncryptionException; -class PrivateKeyMissingException extends \Exception{ +class PrivateKeyMissingException extends GenericEncryptionException { + + /** + * @param string $userId + */ + public function __construct($userId) { + if(empty($userId)) { + $userId = ""; + } + parent::__construct("Private Key missing for user: $userId"); + } } diff --git a/apps/encryption/lib/exceptions/publickeymissingexception.php b/apps/encryption/lib/exceptions/publickeymissingexception.php new file mode 100644 index 0000000000..9638c28e42 --- /dev/null +++ b/apps/encryption/lib/exceptions/publickeymissingexception.php @@ -0,0 +1,20 @@ +"; + } + parent::__construct("Public Key missing for user: $userId"); + } + +} diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index c7e0f2617f..d2659f55a7 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -4,7 +4,7 @@ namespace OCA\Encryption; use OC\Encryption\Exceptions\DecryptionFailedException; use OCA\Encryption\Exceptions\PrivateKeyMissingException; -use OC\Encryption\Exceptions\PublicKeyMissingException; +use OCA\Encryption\Exceptions\PublicKeyMissingException; use OCA\Encryption\Crypto\Crypt; use OCP\Encryption\Keys\IStorage; use OCP\IConfig; @@ -301,7 +301,7 @@ class KeyManager { if (strlen($privateKey) !== 0) { return $privateKey; } - throw new PrivateKeyMissingException(); + throw new PrivateKeyMissingException($userId); } /** @@ -393,7 +393,7 @@ class KeyManager { if (strlen($publicKey) !== 0) { return $publicKey; } - throw new PublicKeyMissingException(); + throw new PublicKeyMissingException($userId); } public function getPublicShareKeyId() { @@ -496,7 +496,7 @@ class KeyManager { if (!empty($accessList['public'])) { $publicShareKey = $this->getPublicShareKey(); if (empty($publicShareKey)) { - throw new PublicKeyMissingException(); + throw new PublicKeyMissingException($this->getPublicShareKeyId()); } $publicKeys[$this->getPublicShareKeyId()] = $publicShareKey; } diff --git a/apps/encryption/lib/session.php b/apps/encryption/lib/session.php index 5e97391376..82c7829ecb 100644 --- a/apps/encryption/lib/session.php +++ b/apps/encryption/lib/session.php @@ -70,7 +70,7 @@ class Session { public function getPrivateKey() { $key = $this->session->get('privateKey'); if (is_null($key)) { - throw new Exceptions\PrivateKeyMissingException('no private key stored in session'); + throw new Exceptions\PrivateKeyMissingException('no private key stored in session', 0); } return $key; } diff --git a/lib/private/connector/sabre/file.php b/lib/private/connector/sabre/file.php index a436973ba9..f6f5daf207 100644 --- a/lib/private/connector/sabre/file.php +++ b/lib/private/connector/sabre/file.php @@ -35,7 +35,7 @@ namespace OC\Connector\Sabre; -use OC\Encryption\Exceptions\GenericEncryptionException; +use OCP\Encryption\Exceptions\GenericEncryptionException; class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { @@ -184,7 +184,7 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { //throw exception if encryption is disabled but files are still encrypted try { return $this->fileView->fopen(ltrim($this->path, '/'), 'rb'); - } catch (\OCP\Encryption\Exception\EncryptionException $e) { + } catch (\OCP\Encryption\Exceptions\GenericEncryptionException $e) { throw new \Sabre\DAV\Exception\Forbidden($e->getMessage()); } catch (\OCP\Files\StorageNotAvailableException $e) { throw new \Sabre\DAV\Exception\ServiceUnavailable("Failed to open file: ".$e->getMessage()); diff --git a/lib/private/encryption/exceptions/decryptionfailedexception.php b/lib/private/encryption/exceptions/decryptionfailedexception.php index 43fea90fed..f8b4fdf07f 100644 --- a/lib/private/encryption/exceptions/decryptionfailedexception.php +++ b/lib/private/encryption/exceptions/decryptionfailedexception.php @@ -22,6 +22,7 @@ namespace OC\Encryption\Exceptions; +use OCP\Encryption\Exceptions\GenericEncryptionException; class DecryptionFailedException extends GenericEncryptionException { diff --git a/lib/private/encryption/exceptions/emptyencryptiondataexception.php b/lib/private/encryption/exceptions/emptyencryptiondataexception.php index ea18180985..d3dc923004 100644 --- a/lib/private/encryption/exceptions/emptyencryptiondataexception.php +++ b/lib/private/encryption/exceptions/emptyencryptiondataexception.php @@ -22,6 +22,7 @@ namespace OC\Encryption\Exceptions; +use OCP\Encryption\Exceptions\GenericEncryptionException; class EmptyEncryptionDataException extends GenericEncryptionException{ diff --git a/lib/private/encryption/exceptions/encryptionfailedexception.php b/lib/private/encryption/exceptions/encryptionfailedexception.php index 9e6648f7bf..ac489c7325 100644 --- a/lib/private/encryption/exceptions/encryptionfailedexception.php +++ b/lib/private/encryption/exceptions/encryptionfailedexception.php @@ -22,6 +22,7 @@ namespace OC\Encryption\Exceptions; +use OCP\Encryption\Exceptions\GenericEncryptionException; class EncryptionFailedException extends GenericEncryptionException{ diff --git a/lib/private/encryption/exceptions/encryptionheaderkeyexistsexception.php b/lib/private/encryption/exceptions/encryptionheaderkeyexistsexception.php index 23103b90c4..5e8e48efd7 100644 --- a/lib/private/encryption/exceptions/encryptionheaderkeyexistsexception.php +++ b/lib/private/encryption/exceptions/encryptionheaderkeyexistsexception.php @@ -23,11 +23,14 @@ namespace OC\Encryption\Exceptions; +use OCP\Encryption\Exceptions\GenericEncryptionException; -class EncryptionHeaderKeyExistsException extends \Exception { - -} - -class EncryptionHeaderToLargeException extends \Exception { +class EncryptionHeaderKeyExistsException extends GenericEncryptionException { + /** + * @param string $key + */ + public function __construct($key) { + parent::__construct('header key "'. $key . '" already reserved by ownCloud'); + } } diff --git a/lib/private/encryption/exceptions/encryptionheadertolargeexception.php b/lib/private/encryption/exceptions/encryptionheadertolargeexception.php index cc980aa4be..94a130d792 100644 --- a/lib/private/encryption/exceptions/encryptionheadertolargeexception.php +++ b/lib/private/encryption/exceptions/encryptionheadertolargeexception.php @@ -22,7 +22,12 @@ namespace OC\Encryption\Exceptions; +use OCP\Encryption\Exceptions\GenericEncryptionException; class EncryptionHeaderToLargeException extends GenericEncryptionException { + public function __construct($key) { + parent::__construct('max header size exceeded'); + } + } diff --git a/lib/private/encryption/exceptions/modulealreadyexistsexception.php b/lib/private/encryption/exceptions/modulealreadyexistsexception.php index 41fc0188e2..fa1e70a5c3 100644 --- a/lib/private/encryption/exceptions/modulealreadyexistsexception.php +++ b/lib/private/encryption/exceptions/modulealreadyexistsexception.php @@ -23,6 +23,16 @@ namespace OC\Encryption\Exceptions; -class ModuleAlreadyExistsException extends \Exception { +use OCP\Encryption\Exceptions\GenericEncryptionException; + +class ModuleAlreadyExistsException extends GenericEncryptionException { + + /** + * @param string $id + * @param string $name + */ + public function __construct($id, $name) { + parent::__construct('Id "' . $id . '" already used by encryption module "' . $name . '"'); + } } diff --git a/lib/private/encryption/exceptions/moduledoesnotexistsexception.php b/lib/private/encryption/exceptions/moduledoesnotexistsexception.php index 5507bd03da..2c699e8dc2 100644 --- a/lib/private/encryption/exceptions/moduledoesnotexistsexception.php +++ b/lib/private/encryption/exceptions/moduledoesnotexistsexception.php @@ -23,6 +23,8 @@ namespace OC\Encryption\Exceptions; -class ModuleDoesNotExistsException extends \Exception { +use OCP\Encryption\Exceptions\GenericEncryptionException; + +class ModuleDoesNotExistsException extends GenericEncryptionException { } diff --git a/lib/private/encryption/exceptions/publickeymissingexception.php b/lib/private/encryption/exceptions/publickeymissingexception.php deleted file mode 100644 index d5f2aae42c..0000000000 --- a/lib/private/encryption/exceptions/publickeymissingexception.php +++ /dev/null @@ -1,28 +0,0 @@ - - * @since 2/25/15, 9:39 AM - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - - -namespace OC\Encryption\Exceptions; - - -class PublicKeyMissingException extends GenericEncryptionException { - -} diff --git a/lib/private/encryption/exceptions/unexpectedblocksizeexception.php b/lib/private/encryption/exceptions/unexpectedblocksizeexception.php deleted file mode 100644 index 799d08e6ba..0000000000 --- a/lib/private/encryption/exceptions/unexpectedblocksizeexception.php +++ /dev/null @@ -1,28 +0,0 @@ - - * @since 2/25/15, 9:35 AM - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - - -namespace OC\Encryption\Exceptions; - - -interface UnexpectedBlockSize { - -} diff --git a/lib/private/encryption/exceptions/unexpectedendofencryptionheaderexception.php b/lib/private/encryption/exceptions/unexpectedendofencryptionheaderexception.php deleted file mode 100644 index 04f65cf762..0000000000 --- a/lib/private/encryption/exceptions/unexpectedendofencryptionheaderexception.php +++ /dev/null @@ -1,28 +0,0 @@ - - * @since 2/25/15, 9:34 AM - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - - -namespace OC\Encryption\Exceptions; - - -class UnexpectedEndOfEncryptionHeaderException extends GenericEncryptionException { - -} diff --git a/lib/private/encryption/exceptions/unknowncipherexception.php b/lib/private/encryption/exceptions/unknowncipherexception.php index 5177af6106..188f740384 100644 --- a/lib/private/encryption/exceptions/unknowncipherexception.php +++ b/lib/private/encryption/exceptions/unknowncipherexception.php @@ -22,7 +22,8 @@ namespace OC\Encryption\Exceptions; +use OCP\Encryption\Exceptions\GenericEncryptionException; -class UnknownCipherException extends GenericEncryptionException{ +class UnknownCipherException extends GenericEncryptionException { } diff --git a/lib/private/encryption/keys/storage.php b/lib/private/encryption/keys/storage.php index 82753df1dc..e4e3fb084f 100644 --- a/lib/private/encryption/keys/storage.php +++ b/lib/private/encryption/keys/storage.php @@ -23,9 +23,9 @@ namespace OC\Encryption\Keys; -use OC\Encryption\Exceptions\GenericEncryptionException; use OC\Encryption\Util; use OC\Files\View; +use OCP\Encryption\Exceptions\GenericEncryptionException; class Storage implements \OCP\Encryption\Keys\IStorage { @@ -259,7 +259,7 @@ class Storage implements \OCP\Encryption\Keys\IStorage { private function getFileKeyDir($path) { if ($this->view->is_dir($path)) { - throw new GenericEncryptionException('file was expected but directory was given'); + throw new GenericEncryptionException("file was expected but directory was given: $path"); } list($owner, $filename) = $this->util->getUidAndFilename($path); diff --git a/lib/private/encryption/manager.php b/lib/private/encryption/manager.php index 77f02b0c48..f8ac174479 100644 --- a/lib/private/encryption/manager.php +++ b/lib/private/encryption/manager.php @@ -70,8 +70,7 @@ class Manager implements \OCP\Encryption\IManager { $name = $module->getDisplayName(); if (isset($this->encryptionModules[$id])) { - $message = 'Id "' . $id . '" already used by encryption module "' . $name . '"'; - throw new Exceptions\ModuleAlreadyExistsException($message); + throw new Exceptions\ModuleAlreadyExistsException($id, $name); } $defaultEncryptionModuleId = $this->getDefaultEncryptionModuleId(); diff --git a/lib/private/encryption/util.php b/lib/private/encryption/util.php index 1183e6622b..e2c7fa26e6 100644 --- a/lib/private/encryption/util.php +++ b/lib/private/encryption/util.php @@ -147,14 +147,14 @@ class Util { $header = self::HEADER_START . ':' . self::HEADER_ENCRYPTION_MODULE_KEY . ':' . $encryptionModule->getId() . ':'; foreach ($headerData as $key => $value) { if (in_array($key, $this->ocHeaderKeys)) { - throw new EncryptionHeaderKeyExistsException('header key "'. $key . '" already reserved by ownCloud'); + throw new EncryptionHeaderKeyExistsException($key); } $header .= $key . ':' . $value . ':'; } $header .= self::HEADER_END; if (strlen($header) > $this->getHeaderSize()) { - throw new EncryptionHeaderToLargeException('max header size exceeded'); + throw new EncryptionHeaderToLargeException(); } $paddedHeader = str_pad($header, $this->headerSize, self::HEADER_PADDING_CHAR, STR_PAD_RIGHT); diff --git a/lib/private/encryption/exceptions/genericencryptionexception.php b/lib/public/encryption/exceptions/genericencryptionexception.php similarity index 76% rename from lib/private/encryption/exceptions/genericencryptionexception.php rename to lib/public/encryption/exceptions/genericencryptionexception.php index 608e5e6010..b7addd3b0c 100644 --- a/lib/private/encryption/exceptions/genericencryptionexception.php +++ b/lib/public/encryption/exceptions/genericencryptionexception.php @@ -19,9 +19,16 @@ * */ -namespace OC\Encryption\Exceptions; +namespace OCP\Encryption\Exceptions; class GenericEncryptionException extends \Exception { + public function __construct($message = "", $code = 0, \Exception $previous = null) { + if (empty($message)) { + $message = 'Unspecified encryption exception'; + } + parent::__construct($message, $code, $previous); + } + } From 5ea94b7c45e26e535375fbbf158840629089d98c Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Wed, 1 Apr 2015 17:22:04 +0200 Subject: [PATCH 079/119] add priority to trashbin storage wrapper so that he is always on top --- apps/files_trashbin/lib/storage.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/files_trashbin/lib/storage.php b/apps/files_trashbin/lib/storage.php index 3f474d71da..df80649a50 100644 --- a/apps/files_trashbin/lib/storage.php +++ b/apps/files_trashbin/lib/storage.php @@ -117,7 +117,7 @@ class Storage extends Wrapper { public static function setupStorage() { \OC\Files\Filesystem::addStorageWrapper('oc_trashbin', function ($mountPoint, $storage) { return new \OCA\Files_Trashbin\Storage(array('storage' => $storage, 'mountPoint' => $mountPoint)); - }); + }, 1); } } From a74ee674768cec92c85d313a27ea0c2de5aa29c1 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Wed, 1 Apr 2015 17:22:29 +0200 Subject: [PATCH 080/119] don't wrap share storages --- lib/private/encryption/manager.php | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/lib/private/encryption/manager.php b/lib/private/encryption/manager.php index f8ac174479..484e0f540b 100644 --- a/lib/private/encryption/manager.php +++ b/lib/private/encryption/manager.php @@ -185,16 +185,19 @@ class Manager implements \OCP\Encryption\IManager { 'storage' => $storage, 'mountPoint' => $mountPoint, 'mount' => $mount]; - $manager = \OC::$server->getEncryptionManager(); - $util = new \OC\Encryption\Util( - new \OC\Files\View(), - \OC::$server->getUserManager(), - \OC::$server->getConfig()); - $user = \OC::$server->getUserSession()->getUser(); - $logger = \OC::$server->getLogger(); - $uid = $user ? $user->getUID() : null; - $fileHelper = \OC::$server->getEncryptionFilesHelper(); - return new Encryption($parameters, $manager, $util, $logger, $fileHelper, $uid); - }); + + if (!($storage instanceof \OC\Files\Storage\Shared)) { + $manager = \OC::$server->getEncryptionManager(); + $util = new \OC\Encryption\Util( + new \OC\Files\View(), \OC::$server->getUserManager(), \OC::$server->getConfig()); + $user = \OC::$server->getUserSession()->getUser(); + $logger = \OC::$server->getLogger(); + $uid = $user ? $user->getUID() : null; + $fileHelper = \OC::$server->getEncryptionFilesHelper(); + return new Encryption($parameters, $manager, $util, $logger, $fileHelper, $uid); + } else { + return $storage; + } + }, 2); } } From 9d8c07850d8ade68fd75f8d6934687a6fbe8bc68 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Wed, 1 Apr 2015 17:42:56 +0200 Subject: [PATCH 081/119] fixing unencrypted file size --- lib/private/files/storage/wrapper/encryption.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php index 09ba090acf..7cc488aa91 100644 --- a/lib/private/files/storage/wrapper/encryption.php +++ b/lib/private/files/storage/wrapper/encryption.php @@ -88,8 +88,11 @@ class Encryption extends Wrapper { $info = $this->getCache()->get($path); - if (isset($this->unencryptedSize[$fullPath]) && isset($info['fileid'])) { + if (isset($this->unencryptedSize[$fullPath])) { $size = $this->unencryptedSize[$fullPath]; + } + + if (isset($info['fileid'])) { $info['encrypted'] = true; $info['size'] = $size; $this->getCache()->put($path, $info); From ee53ba5ed6e41cc997ed07b1f47305804d607afd Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Wed, 1 Apr 2015 17:46:09 +0200 Subject: [PATCH 082/119] remove encryption specific code from files app --- apps/files/index.php | 3 --- apps/files/js/files.js | 17 ----------------- apps/files/templates/index.php | 1 - 3 files changed, 21 deletions(-) diff --git a/apps/files/index.php b/apps/files/index.php index 23830da695..ea0fd0ce2f 100644 --- a/apps/files/index.php +++ b/apps/files/index.php @@ -84,8 +84,6 @@ $config = \OC::$server->getConfig(); // mostly for the home storage's free space $dirInfo = \OC\Files\Filesystem::getFileInfo('/', false); $storageInfo=OC_Helper::getStorageInfo('/', $dirInfo); -// if the encryption app is disabled, than everything is fine (INIT_SUCCESSFUL status code) -$encryptionInitStatus = 2; $nav = new OCP\Template('files', 'appnavigation', ''); @@ -145,7 +143,6 @@ $tmpl->assign('isPublic', false); $tmpl->assign("mailNotificationEnabled", $config->getAppValue('core', 'shareapi_allow_mail_notification', 'no')); $tmpl->assign("mailPublicNotificationEnabled", $config->getAppValue('core', 'shareapi_allow_public_notification', 'no')); $tmpl->assign("allowShareWithLink", $config->getAppValue('core', 'shareapi_allow_links', 'yes')); -$tmpl->assign("encryptionInitStatus", $encryptionInitStatus); $tmpl->assign('appNavigation', $nav); $tmpl->assign('appContents', $contentItems); diff --git a/apps/files/js/files.js b/apps/files/js/files.js index 9d2d563984..68e9315954 100644 --- a/apps/files/js/files.js +++ b/apps/files/js/files.js @@ -120,22 +120,6 @@ } }, - displayEncryptionWarning: function() { - - if (!OC.Notification.isHidden()) { - return; - } - - var initStatus = $('#encryptionInitStatus').val(); - if (initStatus === '0') { // enc not initialized, but should be - OC.Notification.show(t('files', 'Encryption App is enabled but your keys are not initialized, please log-out and log-in again')); - return; - } - if (initStatus === '1') { // encryption tried to init but failed - OC.Notification.show(t('files', 'Invalid private key for Encryption App. Please update your private key password in your personal settings to recover access to your encrypted files.')); - } - }, - /** * Returns the download URL of the given file(s) * @param filename string or array of file names to download @@ -214,7 +198,6 @@ */ initialize: function() { Files.getMimeIcon.cache = {}; - Files.displayEncryptionWarning(); Files.bindKeyboardShortcuts(document, $); // TODO: move file list related code (upload) to OCA.Files.FileList diff --git a/apps/files/templates/index.php b/apps/files/templates/index.php index 84f3033ba9..77f80bc346 100644 --- a/apps/files/templates/index.php +++ b/apps/files/templates/index.php @@ -12,7 +12,6 @@ - From 2511c32e61c2bd7500d3e1f55fc7e8666fc8361e Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Wed, 1 Apr 2015 17:46:33 +0200 Subject: [PATCH 083/119] add more descriptive message to the exception, will be displayed to the user --- apps/encryption/lib/session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/encryption/lib/session.php b/apps/encryption/lib/session.php index 82c7829ecb..e705611fa6 100644 --- a/apps/encryption/lib/session.php +++ b/apps/encryption/lib/session.php @@ -70,7 +70,7 @@ class Session { public function getPrivateKey() { $key = $this->session->get('privateKey'); if (is_null($key)) { - throw new Exceptions\PrivateKeyMissingException('no private key stored in session', 0); + throw new Exceptions\PrivateKeyMissingException('please try to log-out and log-in again', 0); } return $key; } From e507dc11a044bacde23e4b97970a3c78895b64bc Mon Sep 17 00:00:00 2001 From: Clark Tomlinson Date: Wed, 1 Apr 2015 13:07:54 -0400 Subject: [PATCH 084/119] adding util test and reducing keymanager instances to one in test --- apps/encryption/tests/lib/KeyManagerTest.php | 141 +++++-------------- apps/encryption/tests/lib/UtilTest.php | 128 +++++++++++++++++ 2 files changed, 161 insertions(+), 108 deletions(-) create mode 100644 apps/encryption/tests/lib/UtilTest.php diff --git a/apps/encryption/tests/lib/KeyManagerTest.php b/apps/encryption/tests/lib/KeyManagerTest.php index b4c19f5ec8..040390e827 100644 --- a/apps/encryption/tests/lib/KeyManagerTest.php +++ b/apps/encryption/tests/lib/KeyManagerTest.php @@ -68,6 +68,7 @@ class KeyManagerTest extends TestCase { \OC_App::disable('files_trashbin'); $userManager = \OC::$server->getUserManager(); + $userManager->get(self::$testUser)->delete(); $userManager->createUser(self::$testUser, self::$testUser); @@ -95,14 +96,8 @@ class KeyManagerTest extends TestCase { $this->utilMock = $this->getMockBuilder('OCA\Encryption\Util') ->disableOriginalConstructor() ->getMock(); - } - - public function testDeleteShareKey() { - $this->keyStorageMock->expects($this->any()) - ->method('deleteFileKey') - ->with($this->equalTo('/path'), $this->equalTo('keyId.shareKey')) - ->willReturn(true); - $keymanager = new KeyManager( + + $this->instance = new KeyManager( $this->keyStorageMock, $this->cryptMock, $this->configMock, @@ -110,9 +105,16 @@ class KeyManagerTest extends TestCase { $this->sessionMock, $this->logMock, $this->utilMock); + } + public function testDeleteShareKey() { + $this->keyStorageMock->expects($this->any()) + ->method('deleteFileKey') + ->with($this->equalTo('/path'), $this->equalTo('keyId.shareKey')) + ->willReturn(true); + $this->assertTrue( - $keymanager->deleteShareKey('/path', 'keyId') + $this->instance->deleteShareKey('/path', 'keyId') ); } @@ -122,17 +124,10 @@ class KeyManagerTest extends TestCase { ->method('getUserKey') ->with($this->equalTo($this->userId), $this->equalTo('privateKey')) ->willReturn('privateKey'); - $keymanager = new KeyManager( - $this->keyStorageMock, - $this->cryptMock, - $this->configMock, - $this->userMock, - $this->sessionMock, - $this->logMock, - $this->utilMock); + $this->assertSame('privateKey', - $keymanager->getPrivateKey($this->userId) + $this->instance->getPrivateKey($this->userId) ); } @@ -141,17 +136,10 @@ class KeyManagerTest extends TestCase { ->method('getUserKey') ->with($this->equalTo($this->userId), $this->equalTo('publicKey')) ->willReturn('publicKey'); - $keymanager = new KeyManager( - $this->keyStorageMock, - $this->cryptMock, - $this->configMock, - $this->userMock, - $this->sessionMock, - $this->logMock, - $this->utilMock); + $this->assertSame('publicKey', - $keymanager->getPublicKey($this->userId) + $this->instance->getPublicKey($this->userId) ); } @@ -160,16 +148,9 @@ class KeyManagerTest extends TestCase { ->method('getSystemUserKey') ->with($this->equalTo($this->systemKeyId . '.publicKey')) ->willReturn('recoveryKey'); - $keymanager = new KeyManager( - $this->keyStorageMock, - $this->cryptMock, - $this->configMock, - $this->userMock, - $this->sessionMock, - $this->logMock, - $this->utilMock); + - $this->assertTrue($keymanager->recoveryKeyExists()); + $this->assertTrue($this->instance->recoveryKeyExists()); } /** @@ -184,16 +165,9 @@ class KeyManagerTest extends TestCase { ->method('decryptPrivateKey') ->with($this->equalTo('recoveryKey'), $this->equalTo('pass')) ->willReturn('decryptedRecoveryKey'); - $keymanager = new KeyManager( - $this->keyStorageMock, - $this->cryptMock, - $this->configMock, - $this->userMock, - $this->sessionMock, - $this->logMock, - $this->utilMock); + - $this->assertTrue($keymanager->checkRecoveryPassword('pass')); + $this->assertTrue($this->instance->checkRecoveryPassword('pass')); } @@ -205,17 +179,10 @@ class KeyManagerTest extends TestCase { $this->equalTo('publicKey'), $this->equalTo('key')) ->willReturn(true); - $keymanager = new KeyManager( - $this->keyStorageMock, - $this->cryptMock, - $this->configMock, - $this->userMock, - $this->sessionMock, - $this->logMock, - $this->utilMock); + $this->assertTrue( - $keymanager->setPublicKey($this->userId, 'key') + $this->instance->setPublicKey($this->userId, 'key') ); } @@ -228,17 +195,10 @@ class KeyManagerTest extends TestCase { $this->equalTo('privateKey'), $this->equalTo('key')) ->willReturn(true); - $keymanager = new KeyManager( - $this->keyStorageMock, - $this->cryptMock, - $this->configMock, - $this->userMock, - $this->sessionMock, - $this->logMock, - $this->utilMock); + $this->assertTrue( - $keymanager->setPrivateKey($this->userId, 'key') + $this->instance->setPrivateKey($this->userId, 'key') ); } @@ -247,17 +207,10 @@ class KeyManagerTest extends TestCase { ->method('getUserKey') ->with($this->equalTo($this->userId), $this->anything()) ->willReturn('key'); - $keymanager = new KeyManager( - $this->keyStorageMock, - $this->cryptMock, - $this->configMock, - $this->userMock, - $this->sessionMock, - $this->logMock, - $this->utilMock); + $this->assertTrue( - $keymanager->userHasKeys($this->userId) + $this->instance->userHasKeys($this->userId) ); } @@ -273,17 +226,10 @@ class KeyManagerTest extends TestCase { ->method('decryptPrivateKey') ->with($this->equalTo('privateKey'), $this->equalTo('pass')) ->willReturn('decryptedPrivateKey'); - $keymanager = new KeyManager( - $this->keyStorageMock, - $this->cryptMock, - $this->configMock, - $this->userMock, - $this->sessionMock, - $this->logMock, - $this->utilMock); + $this->assertTrue( - $keymanager->init($this->userId, 'pass') + $this->instance->init($this->userId, 'pass') ); } @@ -296,17 +242,10 @@ class KeyManagerTest extends TestCase { ->method('symmetricEncryptFileContent') ->with($this->equalTo('privateKey'), $this->equalTo('pass')) ->willReturn('decryptedPrivateKey'); - $keymanager = new KeyManager( - $this->keyStorageMock, - $this->cryptMock, - $this->configMock, - $this->userMock, - $this->sessionMock, - $this->logMock, - $this->utilMock); + $this->assertTrue( - $keymanager->setRecoveryKey('pass', array('publicKey' => 'publicKey', 'privateKey' => 'privateKey')) + $this->instance->setRecoveryKey('pass', array('publicKey' => 'publicKey', 'privateKey' => 'privateKey')) ); } @@ -315,17 +254,10 @@ class KeyManagerTest extends TestCase { ->method('setSystemUserKey') ->with($this->equalTo('keyId.privateKey'), $this->equalTo('key')) ->willReturn(true); - $keymanager = new KeyManager( - $this->keyStorageMock, - $this->cryptMock, - $this->configMock, - $this->userMock, - $this->sessionMock, - $this->logMock, - $this->utilMock); + $this->assertTrue( - $keymanager->setSystemPrivateKey('keyId', 'key') + $this->instance->setSystemPrivateKey('keyId', 'key') ); } @@ -334,17 +266,10 @@ class KeyManagerTest extends TestCase { ->method('setSystemUserKey') ->with($this->equalTo('keyId.privateKey')) ->willReturn('systemPrivateKey'); - $keymanager = new KeyManager( - $this->keyStorageMock, - $this->cryptMock, - $this->configMock, - $this->userMock, - $this->sessionMock, - $this->logMock, - $this->utilMock); + $this->assertSame('systemPrivateKey', - $keymanager->getSystemPrivateKey('keyId') + $this->instance->getSystemPrivateKey('keyId') ); } diff --git a/apps/encryption/tests/lib/UtilTest.php b/apps/encryption/tests/lib/UtilTest.php new file mode 100644 index 0000000000..fa87a629f2 --- /dev/null +++ b/apps/encryption/tests/lib/UtilTest.php @@ -0,0 +1,128 @@ + + * @since 3/31/15, 3:49 PM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + + +namespace OCA\Encryption\Tests; + + +use OCA\Encryption\Util; +use Test\TestCase; + +class UtilTest extends TestCase { + private static $tempStorage = []; + private $configMock; + private $filesMock; + /** + * @var Util + */ + private $instance; + + public function testSetRecoveryForUser() { + $this->instance->setRecoveryForUser('1'); + $this->assertArrayHasKey('recoveryEnabled', self::$tempStorage); + } + + /** + * + */ + public function testIsRecoveryEnabledForUser() { + $this->assertTrue($this->instance->isRecoveryEnabledForUser()); + + // Assert recovery will return default value if not set + unset(self::$tempStorage['recoveryEnabled']); + $this->assertEquals(0, $this->instance->isRecoveryEnabledForUser()); + } + + public function testUserHasFiles() { + $this->filesMock->expects($this->once()) + ->method('file_exists') + ->will($this->returnValue(true)); + + $this->assertTrue($this->instance->userHasFiles('admin')); + } + + protected function setUp() { + parent::setUp(); + $this->filesMock = $this->getMock('OC\Files\View'); + + $cryptMock = $this->getMockBuilder('OCA\Encryption\Crypto\Crypt') + ->disableOriginalConstructor() + ->getMock(); + $loggerMock = $this->getMock('OCP\ILogger'); + $userSessionMock = $this->getMockBuilder('OCP\IUserSession') + ->disableOriginalConstructor() + ->setMethods([ + 'isLoggedIn', + 'getUID', + 'login', + 'logout', + 'setUser', + 'getUser' + ]) + ->getMock(); + + $userSessionMock->method('isLoggedIn')->will($this->returnValue(true)); + + $userSessionMock->method('getUID')->will($this->returnValue('admin')); + + $userSessionMock->expects($this->any()) + ->method($this->anything()) + ->will($this->returnSelf()); + + + $this->configMock = $configMock = $this->getMock('OCP\IConfig'); + + $this->configMock->expects($this->any()) + ->method('getUserValue') + ->will($this->returnCallback([$this, 'getValueTester'])); + + $this->configMock->expects($this->any()) + ->method('setUserValue') + ->will($this->returnCallback([$this, 'setValueTester'])); + + $this->instance = new Util($this->filesMock, $cryptMock, $loggerMock, $userSessionMock, $configMock); + } + + /** + * @param $userId + * @param $app + * @param $key + * @param $value + */ + public function setValueTester($userId, $app, $key, $value) { + self::$tempStorage[$key] = $value; + } + + /** + * @param $userId + * @param $app + * @param $key + * @param $default + * @return mixed + */ + public function getValueTester($userId, $app, $key, $default) { + if (!empty(self::$tempStorage[$key])) { + return self::$tempStorage[$key]; + } + return $default ?: null; + } + +} From 4c899238e912817a8417c87a7fda26cee84325c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 2 Apr 2015 10:26:40 +0200 Subject: [PATCH 085/119] fixing unit test execution --- apps/encryption/lib/keymanager.php | 1 - apps/encryption/tests/lib/KeyManagerTest.php | 47 ++------------------ apps/encryption/tests/lib/SessionTest.php | 4 +- 3 files changed, 5 insertions(+), 47 deletions(-) diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index d2659f55a7..1f71a891e8 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -192,7 +192,6 @@ class KeyManager { * @param string $password * @param array $keyPair * @return bool - * @internal param string $uid */ public function setRecoveryKey($password, $keyPair) { // Save Public Key diff --git a/apps/encryption/tests/lib/KeyManagerTest.php b/apps/encryption/tests/lib/KeyManagerTest.php index 040390e827..5a85007aa5 100644 --- a/apps/encryption/tests/lib/KeyManagerTest.php +++ b/apps/encryption/tests/lib/KeyManagerTest.php @@ -14,18 +14,10 @@ use OCA\Encryption\KeyManager; use Test\TestCase; class KeyManagerTest extends TestCase { - /** - * @var bool - */ - private static $trashbinState; /** * @var KeyManager */ private $instance; - /** - * @var string - */ - private static $testUser = 'test-keyManager-user.dot'; /** * @var string */ @@ -55,27 +47,6 @@ class KeyManagerTest extends TestCase { /** @var \PHPUnit_Framework_MockObject_MockObject */ private $configMock; - /** - * - */ - public static function setUpBeforeClass() { - parent::setUpBeforeClass(); - - // Remember files_trashbin state - self::$trashbinState = \OC_App::isEnabled('files_trashbin'); - - // We dont want tests with app files_trashbin enabled - \OC_App::disable('files_trashbin'); - - $userManager = \OC::$server->getUserManager(); - $userManager->get(self::$testUser)->delete(); - $userManager->createUser(self::$testUser, - self::$testUser); - - // Create test user - parent::loginAsUser(self::$testUser); - } - public function setUp() { parent::setUp(); $this->userId = 'user1'; @@ -118,7 +89,6 @@ class KeyManagerTest extends TestCase { ); } - public function testGetPrivateKey() { $this->keyStorageMock->expects($this->any()) ->method('getUserKey') @@ -153,9 +123,6 @@ class KeyManagerTest extends TestCase { $this->assertTrue($this->instance->recoveryKeyExists()); } - /** - * - */ public function testCheckRecoveryKeyPassword() { $this->keyStorageMock->expects($this->any()) ->method('getSystemUserKey') @@ -165,12 +132,10 @@ class KeyManagerTest extends TestCase { ->method('decryptPrivateKey') ->with($this->equalTo('recoveryKey'), $this->equalTo('pass')) ->willReturn('decryptedRecoveryKey'); - $this->assertTrue($this->instance->checkRecoveryPassword('pass')); } - public function testSetPublicKey() { $this->keyStorageMock->expects($this->any()) ->method('setUserKey') @@ -184,7 +149,6 @@ class KeyManagerTest extends TestCase { $this->assertTrue( $this->instance->setPublicKey($this->userId, 'key') ); - } public function testSetPrivateKey() { @@ -214,9 +178,6 @@ class KeyManagerTest extends TestCase { ); } - /** - * - */ public function testInit() { $this->keyStorageMock->expects($this->any()) ->method('getUserKey') @@ -249,7 +210,7 @@ class KeyManagerTest extends TestCase { ); } - public function setSystemPrivateKey() { + public function testSetSystemPrivateKey() { $this->keyStorageMock->expects($this->exactly(1)) ->method('setSystemUserKey') ->with($this->equalTo('keyId.privateKey'), $this->equalTo('key')) @@ -261,9 +222,9 @@ class KeyManagerTest extends TestCase { ); } - public function getSystemPrivateKey() { + public function testGetSystemPrivateKey() { $this->keyStorageMock->expects($this->exactly(1)) - ->method('setSystemUserKey') + ->method('getSystemUserKey') ->with($this->equalTo('keyId.privateKey')) ->willReturn('systemPrivateKey'); @@ -272,6 +233,4 @@ class KeyManagerTest extends TestCase { $this->instance->getSystemPrivateKey('keyId') ); } - - } diff --git a/apps/encryption/tests/lib/SessionTest.php b/apps/encryption/tests/lib/SessionTest.php index dbf3ecc45a..f7e026808f 100644 --- a/apps/encryption/tests/lib/SessionTest.php +++ b/apps/encryption/tests/lib/SessionTest.php @@ -35,10 +35,10 @@ class SessionTest extends TestCase { private $sessionMock; /** - * @throws \OCA\Encryption\Exceptions\PrivateKeyMissingException + * @expectedException \OCA\Encryption\Exceptions\PrivateKeyMissingException + * @expectedExceptionMessage Private Key missing for user: please try to log-out and log-in again */ public function testThatGetPrivateKeyThrowsExceptionWhenNotSet() { - $this->setExpectedException('OCA\Encryption\Exceptions\PrivateKeyMissingException', 'no private key stored in session'); $this->instance->getPrivateKey(); } From 391fab35f078bd37d7b432eaf6a1c6fab701dff4 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 2 Apr 2015 10:54:51 +0200 Subject: [PATCH 086/119] reset storage for each unit test --- apps/files_sharing/tests/testcase.php | 13 +++++++++++++ apps/files_sharing/tests/updater.php | 2 +- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/apps/files_sharing/tests/testcase.php b/apps/files_sharing/tests/testcase.php index bef727edac..69f68f7dfe 100644 --- a/apps/files_sharing/tests/testcase.php +++ b/apps/files_sharing/tests/testcase.php @@ -141,6 +141,8 @@ abstract class TestCase extends \Test\TestCase { \OC_Group::addToGroup($user, 'group'); } + self::resetStorage(); + \OC_Util::tearDownFS(); \OC::$server->getUserSession()->setUser(null); \OC\Files\Filesystem::tearDown(); @@ -148,6 +150,17 @@ abstract class TestCase extends \Test\TestCase { \OC_Util::setupFS($user); } + /** + * reset init status for the share storage + */ + protected static function resetStorage() { + $storage = new \ReflectionClass('\OC\Files\Storage\Shared'); + $isInitialized = $storage->getProperty('isInitialized'); + $isInitialized->setAccessible(true); + $isInitialized->setValue(false); + $isInitialized->setAccessible(false); + } + /** * get some information from a given share * @param int $shareID diff --git a/apps/files_sharing/tests/updater.php b/apps/files_sharing/tests/updater.php index df1bbe1cc6..67c76c28ed 100644 --- a/apps/files_sharing/tests/updater.php +++ b/apps/files_sharing/tests/updater.php @@ -27,7 +27,7 @@ /** * Class Test_Files_Sharing_Updater */ -class Test_Files_Sharing_Updater extends OCA\Files_sharing\Tests\TestCase { +class Test_Files_Sharing_Updater extends OCA\Files_Sharing\Tests\TestCase { const TEST_FOLDER_NAME = '/folder_share_updater_test'; From 8ffa6db110007dc053db0073e14c9374b75a4c16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 2 Apr 2015 11:07:07 +0200 Subject: [PATCH 087/119] fixing unit tests for stream wrapper --- lib/private/files/stream/encryption.php | 2 +- tests/lib/files/stream/encryption.php | 52 ++++++++++++++++++++----- 2 files changed, 43 insertions(+), 11 deletions(-) diff --git a/lib/private/files/stream/encryption.php b/lib/private/files/stream/encryption.php index 88957825de..fcc9984500 100644 --- a/lib/private/files/stream/encryption.php +++ b/lib/private/files/stream/encryption.php @@ -248,7 +248,7 @@ class Encryption extends Wrapper { $result = ''; // skip the header if we read the file from the beginning - if ($this->position === 0 && !empty($this->header)) { + if ($this->position === 0) { parent::stream_read($this->util->getBlockSize()); } diff --git a/tests/lib/files/stream/encryption.php b/tests/lib/files/stream/encryption.php index 1c5e5cf7a4..3a5a2d4899 100644 --- a/tests/lib/files/stream/encryption.php +++ b/tests/lib/files/stream/encryption.php @@ -11,14 +11,14 @@ class Encryption extends \Test\TestCase { * @param string $mode * @param integer $limit */ - protected function getStream($mode) { + protected function getStream($fileName, $mode) { - $source = fopen('php://temp', $mode); - $internalPath = ''; - $fullPath = ''; + $source = fopen($fileName, $mode); + $internalPath = $fileName; + $fullPath = $fileName; $header = []; $uid = ''; - $encryptionModule = new DummyModule(); + $encryptionModule = $this->buildMockModule(); $storage = $this->getMockBuilder('\OC\Files\Storage\Storage') ->disableOriginalConstructor()->getMock(); $encStorage = $this->getMockBuilder('\OC\Files\Storage\Wrapper\Encryption') @@ -26,19 +26,51 @@ class Encryption extends \Test\TestCase { $config = $this->getMockBuilder('\OCP\IConfig') ->disableOriginalConstructor() ->getMock(); - $util = new \OC\Encryption\Util(new View(), new \OC\User\Manager(), $config); + $file = $this->getMockBuilder('\OC\Encryption\File') + ->disableOriginalConstructor() + ->getMock(); + $util = $this->getMock('\OC\Encryption\Util', ['getUidAndFilename'], [new View(), new \OC\User\Manager(), $config]); + $util->expects($this->any()) + ->method('getUidAndFilename') + ->willReturn(['user1', $internalPath]); $size = 12; $unencryptedSize = 8000; return \OC\Files\Stream\Encryption::wrap($source, $internalPath, $fullPath, $header, $uid, $encryptionModule, $storage, $encStorage, - $util, $mode, $size, $unencryptedSize); + $util, $file, $mode, $size, $unencryptedSize); } - public function testWriteEnoughSpace() { - $stream = $this->getStream('w+'); + public function testWriteRead() { + $fileName = tempnam("/tmp", "FOO"); + $stream = $this->getStream($fileName, 'w+'); $this->assertEquals(6, fwrite($stream, 'foobar')); - rewind($stream); + fclose($stream); + + $stream = $this->getStream($fileName, 'r'); $this->assertEquals('foobar', fread($stream, 100)); + fclose($stream); + } + + /** + * @return \PHPUnit_Framework_MockObject_MockObject + */ + protected function buildMockModule() { + $encryptionModule = $this->getMockBuilder('\OCP\Encryption\IEncryptionModule') + ->disableOriginalConstructor() + ->setMethods(['getId', 'getDisplayName', 'begin', 'end', 'encrypt', 'decrypt', 'update', 'shouldEncrypt', 'calculateUnencryptedSize', 'getUnencryptedBlockSize']) + ->getMock(); + + $encryptionModule->expects($this->any())->method('getId')->willReturn('UNIT_TEST_MODULE'); + $encryptionModule->expects($this->any())->method('getDisplayName')->willReturn('Unit test module'); + $encryptionModule->expects($this->any())->method('begin')->willReturn([]); + $encryptionModule->expects($this->any())->method('end')->willReturn(''); + $encryptionModule->expects($this->any())->method('encrypt')->willReturnArgument(0); + $encryptionModule->expects($this->any())->method('decrypt')->willReturnArgument(0); + $encryptionModule->expects($this->any())->method('update')->willReturn(true); + $encryptionModule->expects($this->any())->method('shouldEncrypt')->willReturn(true); + $encryptionModule->expects($this->any())->method('calculateUnencryptedSize')->willReturn(42); + $encryptionModule->expects($this->any())->method('getUnencryptedBlockSize')->willReturn(6126); + return $encryptionModule; } } From 8b1a12a224e95936d1136368c265043ccc7c3071 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 2 Apr 2015 11:08:02 +0200 Subject: [PATCH 088/119] use loginHelper from base class --- apps/files_sharing/tests/propagation.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/apps/files_sharing/tests/propagation.php b/apps/files_sharing/tests/propagation.php index 25bf0864b6..546f67556f 100644 --- a/apps/files_sharing/tests/propagation.php +++ b/apps/files_sharing/tests/propagation.php @@ -19,17 +19,17 @@ * */ -namespace OCA\Files_sharing\Tests; +namespace OCA\Files_Sharing\Tests; use OC\Files\View; class Propagation extends TestCase { public function testSizePropagationWhenOwnerChangesFile() { - $this->loginAsUser(self::TEST_FILES_SHARING_API_USER1); + $this->loginHelper(self::TEST_FILES_SHARING_API_USER1); $recipientView = new View('/' . self::TEST_FILES_SHARING_API_USER1 . '/files'); - $this->loginAsUser(self::TEST_FILES_SHARING_API_USER2); + $this->loginHelper(self::TEST_FILES_SHARING_API_USER2); $ownerView = new View('/' . self::TEST_FILES_SHARING_API_USER2 . '/files'); $ownerView->mkdir('/sharedfolder/subfolder'); $ownerView->file_put_contents('/sharedfolder/subfolder/foo.txt', 'bar'); @@ -38,30 +38,30 @@ class Propagation extends TestCase { \OCP\Share::shareItem('folder', $sharedFolderInfo->getId(), \OCP\Share::SHARE_TYPE_USER, self::TEST_FILES_SHARING_API_USER1, 31); $ownerRootInfo = $ownerView->getFileInfo('', false); - $this->loginAsUser(self::TEST_FILES_SHARING_API_USER1); + $this->loginHelper(self::TEST_FILES_SHARING_API_USER1); $this->assertTrue($recipientView->file_exists('/sharedfolder/subfolder/foo.txt')); $recipientRootInfo = $recipientView->getFileInfo('', false); // when file changed as owner - $this->loginAsUser(self::TEST_FILES_SHARING_API_USER2); + $this->loginHelper(self::TEST_FILES_SHARING_API_USER2); $ownerView->file_put_contents('/sharedfolder/subfolder/foo.txt', 'foobar'); // size of recipient's root stays the same - $this->loginAsUser(self::TEST_FILES_SHARING_API_USER1); + $this->loginHelper(self::TEST_FILES_SHARING_API_USER1); $newRecipientRootInfo = $recipientView->getFileInfo('', false); $this->assertEquals($recipientRootInfo->getSize(), $newRecipientRootInfo->getSize()); // size of owner's root increases - $this->loginAsUser(self::TEST_FILES_SHARING_API_USER2); + $this->loginHelper(self::TEST_FILES_SHARING_API_USER2); $newOwnerRootInfo = $ownerView->getFileInfo('', false); $this->assertEquals($ownerRootInfo->getSize() + 3, $newOwnerRootInfo->getSize()); } public function testSizePropagationWhenRecipientChangesFile() { - $this->loginAsUser(self::TEST_FILES_SHARING_API_USER1); + $this->loginHelper(self::TEST_FILES_SHARING_API_USER1); $recipientView = new View('/' . self::TEST_FILES_SHARING_API_USER1 . '/files'); - $this->loginAsUser(self::TEST_FILES_SHARING_API_USER2); + $this->loginHelper(self::TEST_FILES_SHARING_API_USER2); $ownerView = new View('/' . self::TEST_FILES_SHARING_API_USER2 . '/files'); $ownerView->mkdir('/sharedfolder/subfolder'); $ownerView->file_put_contents('/sharedfolder/subfolder/foo.txt', 'bar'); @@ -70,7 +70,7 @@ class Propagation extends TestCase { \OCP\Share::shareItem('folder', $sharedFolderInfo->getId(), \OCP\Share::SHARE_TYPE_USER, self::TEST_FILES_SHARING_API_USER1, 31); $ownerRootInfo = $ownerView->getFileInfo('', false); - $this->loginAsUser(self::TEST_FILES_SHARING_API_USER1); + $this->loginHelper(self::TEST_FILES_SHARING_API_USER1); $this->assertTrue($recipientView->file_exists('/sharedfolder/subfolder/foo.txt')); $recipientRootInfo = $recipientView->getFileInfo('', false); @@ -82,7 +82,7 @@ class Propagation extends TestCase { $this->assertEquals($recipientRootInfo->getSize(), $newRecipientRootInfo->getSize()); // size of owner's root increases - $this->loginAsUser(self::TEST_FILES_SHARING_API_USER2); + $this->loginHelper(self::TEST_FILES_SHARING_API_USER2); $newOwnerRootInfo = $ownerView->getFileInfo('', false); $this->assertEquals($ownerRootInfo->getSize() + 3, $newOwnerRootInfo->getSize()); } From 60d8a39f03aef3a2b555505396ccd5716ad85eb1 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 2 Apr 2015 12:02:32 +0200 Subject: [PATCH 089/119] store init status per user --- apps/files_sharing/lib/sharedstorage.php | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/apps/files_sharing/lib/sharedstorage.php b/apps/files_sharing/lib/sharedstorage.php index 27be977fd1..6e3abb1f56 100644 --- a/apps/files_sharing/lib/sharedstorage.php +++ b/apps/files_sharing/lib/sharedstorage.php @@ -39,7 +39,7 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage { private $share; // the shared resource private $files = array(); - private static $isInitialized = false; + private static $isInitialized = array(); public function __construct($arguments) { $this->share = $arguments['share']; @@ -424,11 +424,12 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage { } public static function setup($options) { - $shares = \OCP\Share::getItemsSharedWithUser('file', $options['user']); + $user = $options['user']; + $shares = \OCP\Share::getItemsSharedWithUser('file', $user); $manager = Filesystem::getMountManager(); $loader = Filesystem::getLoader(); if ( - !self::$isInitialized && ( + !isset(self::$isInitialized[$user]) && ( !\OCP\User::isLoggedIn() || \OCP\User::getUser() != $options['user'] || $shares @@ -442,7 +443,7 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage { $options['user_dir'] . '/' . $share['file_target'], array( 'share' => $share, - 'user' => $options['user'] + 'user' => $user ), $loader ); @@ -450,7 +451,7 @@ class Shared extends \OC\Files\Storage\Common implements ISharedStorage { } } } - self::$isInitialized = true; + self::$isInitialized[$user] = true; } /** From fac7ec3fc445ed528d84b258717e856e3638d734 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 2 Apr 2015 12:03:37 +0200 Subject: [PATCH 090/119] fix re-shares with encryption --- apps/files_sharing/tests/testcase.php | 2 +- lib/private/encryption/update.php | 8 ++++++-- lib/private/encryption/util.php | 6 +++--- 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/apps/files_sharing/tests/testcase.php b/apps/files_sharing/tests/testcase.php index 69f68f7dfe..b9f8658a69 100644 --- a/apps/files_sharing/tests/testcase.php +++ b/apps/files_sharing/tests/testcase.php @@ -157,7 +157,7 @@ abstract class TestCase extends \Test\TestCase { $storage = new \ReflectionClass('\OC\Files\Storage\Shared'); $isInitialized = $storage->getProperty('isInitialized'); $isInitialized->setAccessible(true); - $isInitialized->setValue(false); + $isInitialized->setValue(array()); $isInitialized->setAccessible(false); } diff --git a/lib/private/encryption/update.php b/lib/private/encryption/update.php index e838e87050..1cfe935e58 100644 --- a/lib/private/encryption/update.php +++ b/lib/private/encryption/update.php @@ -94,7 +94,11 @@ class Update { */ private function update($fileSource) { $path = \OC\Files\Filesystem::getPath($fileSource); - $absPath = '/' . $this->uid . '/files' . $path; + $info = \OC\Files\Filesystem::getFileInfo($path); + $owner = \OC\Files\Filesystem::getOwner($path); + $view = new \OC\Files\View('/' . $owner . '/files'); + $ownerPath = $view->getPath($info->getId()); + $absPath = '/' . $owner . '/files' . $ownerPath; $mount = $this->mountManager->find($path); $mountPoint = $mount->getMountPoint(); @@ -110,7 +114,7 @@ class Update { foreach ($allFiles as $path) { $usersSharing = $this->file->getAccessList($path); - $encryptionModule->update($absPath, $this->uid, $usersSharing); + $encryptionModule->update($path, $this->uid, $usersSharing); } } diff --git a/lib/private/encryption/util.php b/lib/private/encryption/util.php index e2c7fa26e6..54d587715b 100644 --- a/lib/private/encryption/util.php +++ b/lib/private/encryption/util.php @@ -180,11 +180,11 @@ class Util { foreach ($content as $c) { // getDirectoryContent() returns the paths relative to the mount points, so we need // to re-construct the complete path - $path = ($mountPoint !== '') ? $mountPoint . '/' . $c['path'] : $c['path']; + $path = ($mountPoint !== '') ? $mountPoint . '/' . $c->getPath() : $c->getPath(); if ($c['type'] === 'dir') { - $dirList[] = $path; + $dirList[] = \OC\Files\Filesystem::normalizePath($path); } else { - $result[] = $path; + $result[] = \OC\Files\Filesystem::normalizePath($path); } } From e8e5bd61aedb7a3f6105b3184b62a91fa81ce382 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 2 Apr 2015 12:48:41 +0200 Subject: [PATCH 091/119] fixing unit tests for encryption stream wrapper seek --- tests/lib/files/stream/encryption.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/tests/lib/files/stream/encryption.php b/tests/lib/files/stream/encryption.php index 3a5a2d4899..fac1b76855 100644 --- a/tests/lib/files/stream/encryption.php +++ b/tests/lib/files/stream/encryption.php @@ -52,6 +52,19 @@ class Encryption extends \Test\TestCase { fclose($stream); } + public function testSeek() { + $fileName = tempnam("/tmp", "FOO"); + $stream = $this->getStream($fileName, 'w+'); + $this->assertEquals(6, fwrite($stream, 'foobar')); + $this->assertEquals(0, fseek($stream, 3)); + $this->assertEquals(6, fwrite($stream, 'foobar')); + fclose($stream); + + $stream = $this->getStream($fileName, 'r'); + $this->assertEquals('foofoobar', fread($stream, 100)); + fclose($stream); + } + /** * @return \PHPUnit_Framework_MockObject_MockObject */ From 8cf9b423d5b2d66694f5772bc5310d088cb466c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 2 Apr 2015 13:12:05 +0200 Subject: [PATCH 092/119] cleanup --- apps/encryption/hooks/userhooks.php | 6 ++--- .../encryption/settings/settings-personal.php | 26 +++++++++---------- .../templates/invalid_private_key.php | 12 --------- 3 files changed, 15 insertions(+), 29 deletions(-) delete mode 100644 apps/encryption/templates/invalid_private_key.php diff --git a/apps/encryption/hooks/userhooks.php b/apps/encryption/hooks/userhooks.php index 3b56135c36..742c7d7580 100644 --- a/apps/encryption/hooks/userhooks.php +++ b/apps/encryption/hooks/userhooks.php @@ -201,7 +201,7 @@ class UserHooks implements IHook { } } - /** + /** * Change a user's encryption passphrase * * @param array $params keys: uid, password @@ -225,7 +225,7 @@ class UserHooks implements IHook { $this->keyManager->setPrivateKey($this->user->getUser()->getUID(), $encryptedPrivateKey); } else { - $this->log->error('Encryption could not update users encryption password'); + $this->logger->error('Encryption could not update users encryption password'); } // NOTE: Session does not need to be updated as the @@ -266,7 +266,7 @@ class UserHooks implements IHook { $this->recovery->recoverUsersFiles($recoveryPassword, $user); } } else { - $this->log->error('Encryption Could not update users encryption password'); + $this->logger->error('Encryption Could not update users encryption password'); } } } diff --git a/apps/encryption/settings/settings-personal.php b/apps/encryption/settings/settings-personal.php index 417bf1433b..ec3d30f457 100644 --- a/apps/encryption/settings/settings-personal.php +++ b/apps/encryption/settings/settings-personal.php @@ -6,33 +6,31 @@ * See the COPYING-README file. */ -// Add CSS stylesheet -\OC_Util::addStyle('encryption', 'settings-personal'); - $session = new \OCA\Encryption\Session(\OC::$server->getSession()); +$userSession = \OC::$server->getUserSession(); -$tmpl = new OCP\Template('encryption', 'settings-personal'); +$template = new OCP\Template('encryption', 'settings-personal'); $crypt = new \OCA\Encryption\Crypto\Crypt( \OC::$server->getLogger(), - \OC::$server->getUserSession(), + $userSession, \OC::$server->getConfig()); $util = new \OCA\Encryption\Util( new \OC\Files\View(), $crypt, \OC::$server->getLogger(), - \OC::$server->getUserSession(), + $userSession, \OC::$server->getConfig()); -$keymanager = new \OCA\Encryption\KeyManager( +$keyManager = new \OCA\Encryption\KeyManager( \OC::$server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID), $crypt, \OC::$server->getConfig(), - \OC::$server->getUserSession(), + $userSession, $session, \OC::$server->getLogger(), $util); -$user = \OCP\User::getUser(); +$user = $userSession->getUser()->getUID(); $view = new \OC\Files\View('/'); @@ -48,12 +46,12 @@ $recoveryEnabledForUser = $util->isRecoveryEnabledForUser(); $result = false; if ($recoveryAdminEnabled || !$privateKeySet) { - $tmpl->assign('recoveryEnabled', $recoveryAdminEnabled); - $tmpl->assign('recoveryEnabledForUser', $recoveryEnabledForUser); - $tmpl->assign('privateKeySet', $privateKeySet); - $tmpl->assign('initialized', $initialized); + $template->assign('recoveryEnabled', $recoveryAdminEnabled); + $template->assign('recoveryEnabledForUser', $recoveryEnabledForUser); + $template->assign('privateKeySet', $privateKeySet); + $template->assign('initialized', $initialized); - $result = $tmpl->fetchPage(); + $result = $template->fetchPage(); } return $result; diff --git a/apps/encryption/templates/invalid_private_key.php b/apps/encryption/templates/invalid_private_key.php deleted file mode 100644 index b148e65b19..0000000000 --- a/apps/encryption/templates/invalid_private_key.php +++ /dev/null @@ -1,12 +0,0 @@ -
From d3e887a7cf7a0285a813fe2eddf0184e094447fd Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 2 Apr 2015 13:28:18 +0200 Subject: [PATCH 093/119] reset init status before login --- apps/files_trashbin/tests/trashbin.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/apps/files_trashbin/tests/trashbin.php b/apps/files_trashbin/tests/trashbin.php index c98de79cbd..bf6446389f 100644 --- a/apps/files_trashbin/tests/trashbin.php +++ b/apps/files_trashbin/tests/trashbin.php @@ -26,7 +26,7 @@ use OCA\Files_Trashbin; /** - * Class Test_Encryption_Crypt + * Class Test_Encryption */ class Test_Trashbin extends \Test\TestCase { @@ -306,6 +306,12 @@ class Test_Trashbin extends \Test\TestCase { } } + $storage = new \ReflectionClass('\OC\Files\Storage\Shared'); + $isInitialized = $storage->getProperty('isInitialized'); + $isInitialized->setAccessible(true); + $isInitialized->setValue(array()); + $isInitialized->setAccessible(false); + \OC_Util::tearDownFS(); \OC_User::setUserId(''); \OC\Files\Filesystem::tearDown(); From d9c41b00ab4271b401ed838ccc0b19a9a0f67a76 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 2 Apr 2015 14:44:25 +0200 Subject: [PATCH 094/119] Introducing trait LocalTempFileTrait --- lib/private/files/storage/common.php | 43 +--------- .../files/storage/localtempfiletrait.php | 85 +++++++++++++++++++ 2 files changed, 88 insertions(+), 40 deletions(-) create mode 100644 lib/private/files/storage/localtempfiletrait.php diff --git a/lib/private/files/storage/common.php b/lib/private/files/storage/common.php index 9fef53fa95..ed85d3c07c 100644 --- a/lib/private/files/storage/common.php +++ b/lib/private/files/storage/common.php @@ -56,6 +56,9 @@ use OCP\Files\ReservedWordException; * in classes which extend it, e.g. $this->stat() . */ abstract class Common implements Storage { + + use LocalTempFileTrait; + protected $cache; protected $scanner; protected $watcher; @@ -63,11 +66,6 @@ abstract class Common implements Storage { protected $mountOptions = []; - /** - * @var string[] - */ - protected $cachedFiles = array(); - public function __construct($parameters) { } @@ -247,27 +245,6 @@ abstract class Common implements Storage { return $this->getCachedFile($path); } - /** - * @param string $path - * @return string - */ - protected function toTmpFile($path) { //no longer in the storage api, still useful here - $source = $this->fopen($path, 'r'); - if (!$source) { - return false; - } - if ($pos = strrpos($path, '.')) { - $extension = substr($path, $pos); - } else { - $extension = ''; - } - $tmpFile = \OC_Helper::tmpFile($extension); - $target = fopen($tmpFile, 'w'); - \OC_Helper::streamCopy($source, $target); - fclose($target); - return $tmpFile; - } - public function getLocalFolder($path) { $baseDir = \OC_Helper::tmpFolder(); $this->addLocalFolder($path, $baseDir); @@ -450,20 +427,6 @@ abstract class Common implements Storage { return false; } - /** - * @param string $path - */ - protected function getCachedFile($path) { - if (!isset($this->cachedFiles[$path])) { - $this->cachedFiles[$path] = $this->toTmpFile($path); - } - return $this->cachedFiles[$path]; - } - - protected function removeCachedFile($path) { - unset($this->cachedFiles[$path]); - } - /** * Check if the storage is an instance of $class or is a wrapper for a storage that is an instance of $class * diff --git a/lib/private/files/storage/localtempfiletrait.php b/lib/private/files/storage/localtempfiletrait.php new file mode 100644 index 0000000000..444e4e2e89 --- /dev/null +++ b/lib/private/files/storage/localtempfiletrait.php @@ -0,0 +1,85 @@ + + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + +namespace OC\Files\Storage; + +use OC\Files\Cache\Cache; +use OC\Files\Cache\Scanner; +use OC\Files\Filesystem; +use OC\Files\Cache\Watcher; +use OCP\Files\FileNameTooLongException; +use OCP\Files\InvalidCharacterInPathException; +use OCP\Files\InvalidPathException; +use OCP\Files\ReservedWordException; + +/** + * Storage backend class for providing common filesystem operation methods + * which are not storage-backend specific. + * + * \OC\Files\Storage\Common is never used directly; it is extended by all other + * storage backends, where its methods may be overridden, and additional + * (backend-specific) methods are defined. + * + * Some \OC\Files\Storage\Common methods call functions which are first defined + * in classes which extend it, e.g. $this->stat() . + */ +trait LocalTempFileTrait { + + /** + * @var string[] + */ + protected $cachedFiles = array(); + + /** + * @param string $path + */ + protected function getCachedFile($path) { + if (!isset($this->cachedFiles[$path])) { + $this->cachedFiles[$path] = $this->toTmpFile($path); + } + return $this->cachedFiles[$path]; + } + + protected function removeCachedFile($path) { + unset($this->cachedFiles[$path]); + } + + /** + * @param string $path + * @return string + */ + protected function toTmpFile($path) { //no longer in the storage api, still useful here + $source = $this->fopen($path, 'r'); + if (!$source) { + return false; + } + if ($pos = strrpos($path, '.')) { + $extension = substr($path, $pos); + } else { + $extension = ''; + } + $tmpFile = \OC_Helper::tmpFile($extension); + $target = fopen($tmpFile, 'w'); + \OC_Helper::streamCopy($source, $target); + fclose($target); + return $tmpFile; + } +} From 104d11ec4c5d359c54985e01c171ba1845537632 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 2 Apr 2015 14:44:58 +0200 Subject: [PATCH 095/119] Fixing encryption storage wrapper tests --- .../encryptionheadertolargeexception.php | 2 +- .../files/storage/wrapper/encryption.php | 69 ++++++++++++++++++- tests/lib/files/storage/storage.php | 2 +- .../lib/files/storage/wrapper/encryption.php | 69 +++++++++++++++++-- 4 files changed, 133 insertions(+), 9 deletions(-) diff --git a/lib/private/encryption/exceptions/encryptionheadertolargeexception.php b/lib/private/encryption/exceptions/encryptionheadertolargeexception.php index 94a130d792..cdb5f94080 100644 --- a/lib/private/encryption/exceptions/encryptionheadertolargeexception.php +++ b/lib/private/encryption/exceptions/encryptionheadertolargeexception.php @@ -26,7 +26,7 @@ use OCP\Encryption\Exceptions\GenericEncryptionException; class EncryptionHeaderToLargeException extends GenericEncryptionException { - public function __construct($key) { + public function __construct() { parent::__construct('max header size exceeded'); } diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php index 7cc488aa91..58d963613a 100644 --- a/lib/private/files/storage/wrapper/encryption.php +++ b/lib/private/files/storage/wrapper/encryption.php @@ -24,9 +24,12 @@ namespace OC\Files\Storage\Wrapper; use OC\Encryption\Exceptions\ModuleDoesNotExistsException; +use OC\Files\Storage\LocalTempFileTrait; class Encryption extends Wrapper { + use LocalTempFileTrait; + /** @var string */ private $mountPoint; @@ -156,8 +159,8 @@ class Encryption extends Wrapper { $encryptionModule = $this->getEncryptionModule($path); if ($encryptionModule) { - $keyStorage = \OC::$server->getEncryptionKeyStorage($encryptionModule->getId()); - $keyStorage->deleteAllFileKeys($this->getFullPath($path)); + $keyStorage = $this->getKeyStorage($encryptionModule->getId()); + $keyStorage->deleteAllFileKeys($this->getFullPath($path)); } return $this->storage->unlink($path); @@ -184,7 +187,7 @@ class Encryption extends Wrapper { list(, $target) = $this->util->getUidAndFilename($fullPath2); $encryptionModule = $this->getEncryptionModule($path2); if ($encryptionModule) { - $keyStorage = \OC::$server->getEncryptionKeyStorage($encryptionModule->getId()); + $keyStorage = $this->getKeyStorage($encryptionModule->getId()); $keyStorage->renameKeys($source, $target, $owner, $systemWide); } } @@ -269,6 +272,57 @@ class Encryption extends Wrapper { } } + /** + * get the path to a local version of the file. + * The local version of the file can be temporary and doesn't have to be persistent across requests + * + * @param string $path + * @return string + */ + public function getLocalFile($path) { + return $this->getCachedFile($path); + } + + /** + * Returns the wrapped storage's value for isLocal() + * + * @return bool wrapped storage's isLocal() value + */ + public function isLocal() { + return false; + } + + /** + * see http://php.net/manual/en/function.stat.php + * only the following keys are required in the result: size and mtime + * + * @param string $path + * @return array + */ + public function stat($path) { + $stat = $this->storage->stat($path); + $fileSize = $this->filesize($path); + $stat['size'] = $fileSize; + $stat[7] = $fileSize; + return $stat; + } + + /** + * see http://php.net/manual/en/function.hash.php + * + * @param string $type + * @param string $path + * @param bool $raw + * @return string + */ + public function hash($type, $path, $raw = false) { + $fh = $this->fopen($path, 'rb'); + $ctx = hash_init($type); + hash_update_stream($ctx, $fh); + fclose($fh); + return hash_final($ctx, $raw); + } + /** * return full path, including mount point * @@ -322,4 +376,13 @@ class Encryption extends Wrapper { $this->unencryptedSize[$path] = $unencryptedSize; } + /** + * @param string $encryptionModule + * @return \OCP\Encryption\Keys\IStorage + */ + protected function getKeyStorage($encryptionModuleId) { + $keyStorage = \OC::$server->getEncryptionKeyStorage($encryptionModuleId); + return $keyStorage; + } + } diff --git a/tests/lib/files/storage/storage.php b/tests/lib/files/storage/storage.php index ad7522f1ea..938fecb5bf 100644 --- a/tests/lib/files/storage/storage.php +++ b/tests/lib/files/storage/storage.php @@ -253,7 +253,7 @@ abstract class Storage extends \Test\TestCase { $this->instance->file_put_contents('/lorem.txt', file_get_contents($textFile)); $localFile = $this->instance->getLocalFile('/lorem.txt'); $this->assertTrue(file_exists($localFile)); - $this->assertEquals(file_get_contents($localFile), file_get_contents($textFile)); + $this->assertEquals(file_get_contents($textFile), file_get_contents($localFile)); $this->instance->mkdir('/folder'); $this->instance->file_put_contents('/folder/lorem.txt', file_get_contents($textFile)); diff --git a/tests/lib/files/storage/wrapper/encryption.php b/tests/lib/files/storage/wrapper/encryption.php index eea6a53e04..9f681a3429 100644 --- a/tests/lib/files/storage/wrapper/encryption.php +++ b/tests/lib/files/storage/wrapper/encryption.php @@ -16,6 +16,7 @@ class Encryption extends \Test\Files\Storage\Storage { parent::setUp(); + $mockModule = $this->buildMockModule(); $encryptionManager = $this->getMockBuilder('\OC\Encryption\Manager') ->disableOriginalConstructor() ->setMethods(['getDefaultEncryptionModule', 'getEncryptionModule']) @@ -25,22 +26,57 @@ class Encryption extends \Test\Files\Storage\Storage { ->getMock(); $encryptionManager->expects($this->any()) ->method('getDefaultEncryptionModule') - ->willReturn(new DummyModule()); + ->willReturn($mockModule); + $encryptionManager->expects($this->any()) + ->method('getEncryptionModule') + ->willReturn($mockModule); - $util = new \OC\Encryption\Util(new View(), new \OC\User\Manager(), $config); + $util = $this->getMock('\OC\Encryption\Util', ['getUidAndFilename'], [new View(), new \OC\User\Manager(), $config]); + $util->expects($this->any()) + ->method('getUidAndFilename') + ->willReturnCallback(function ($path) { + return ['user1', $path]; + }); + $file = $this->getMockBuilder('\OC\Encryption\File') + ->disableOriginalConstructor() + ->getMock(); $logger = $this->getMock('\OC\Log'); $this->sourceStorage = new \OC\Files\Storage\Temporary(array()); - $this->instance = new \OC\Files\Storage\Wrapper\Encryption([ + $keyStore = $this->getMockBuilder('\OC\Encryption\Keys\Storage') + ->disableOriginalConstructor()->getMock(); + $this->instance = new EncryptionWrapper([ 'storage' => $this->sourceStorage, 'root' => 'foo', 'mountPoint' => '/' ], - $encryptionManager, $util, $logger + $encryptionManager, $util, $logger, $file, null, $keyStore ); } + /** + * @return \PHPUnit_Framework_MockObject_MockObject + */ + protected function buildMockModule() { + $encryptionModule = $this->getMockBuilder('\OCP\Encryption\IEncryptionModule') + ->disableOriginalConstructor() + ->setMethods(['getId', 'getDisplayName', 'begin', 'end', 'encrypt', 'decrypt', 'update', 'shouldEncrypt', 'calculateUnencryptedSize', 'getUnencryptedBlockSize']) + ->getMock(); + + $encryptionModule->expects($this->any())->method('getId')->willReturn('UNIT_TEST_MODULE'); + $encryptionModule->expects($this->any())->method('getDisplayName')->willReturn('Unit test module'); + $encryptionModule->expects($this->any())->method('begin')->willReturn([]); + $encryptionModule->expects($this->any())->method('end')->willReturn(''); + $encryptionModule->expects($this->any())->method('encrypt')->willReturnArgument(0); + $encryptionModule->expects($this->any())->method('decrypt')->willReturnArgument(0); + $encryptionModule->expects($this->any())->method('update')->willReturn(true); + $encryptionModule->expects($this->any())->method('shouldEncrypt')->willReturn(true); + $encryptionModule->expects($this->any())->method('calculateUnencryptedSize')->willReturn(42); + $encryptionModule->expects($this->any())->method('getUnencryptedBlockSize')->willReturn(6126); + return $encryptionModule; + } + // public function testMkDirRooted() { // $this->instance->mkdir('bar'); // $this->assertTrue($this->sourceStorage->is_dir('foo/bar')); @@ -51,3 +87,28 @@ class Encryption extends \Test\Files\Storage\Storage { // $this->assertEquals('asd', $this->sourceStorage->file_get_contents('foo/bar')); // } } + +// +// FIXME: this is too bad and needs adjustment +// +class EncryptionWrapper extends \OC\Files\Storage\Wrapper\Encryption { + private $keyStore; + + public function __construct( + $parameters, + \OC\Encryption\Manager $encryptionManager = null, + \OC\Encryption\Util $util = null, + \OC\Log $logger = null, + \OC\Encryption\File $fileHelper = null, + $uid = null, + $keyStore = null + ) { + $this->keyStore = $keyStore; + parent::__construct($parameters, $encryptionManager, $util, $logger, $fileHelper, $uid); + } + + protected function getKeyStorage($encryptionModuleId) { + return $this->keyStore; + } + +} From 02404a6a8cd07ca79add601deaefe3b4940eddfa Mon Sep 17 00:00:00 2001 From: jknockaert Date: Thu, 2 Apr 2015 14:52:54 +0200 Subject: [PATCH 096/119] Fixing encryption stream wrapper seek - thanks @jknockaert --- lib/private/files/stream/encryption.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/private/files/stream/encryption.php b/lib/private/files/stream/encryption.php index fcc9984500..fdfe73d99c 100644 --- a/lib/private/files/stream/encryption.php +++ b/lib/private/files/stream/encryption.php @@ -362,8 +362,11 @@ class Encryption extends Wrapper { $newFilePosition = floor($newPosition / $this->unencryptedBlockSize) * $this->util->getBlockSize() + $this->util->getHeaderSize(); + $oldFilePosition = parent::stream_tell(); if (parent::stream_seek($newFilePosition)) { + parent::stream_seek($oldFilePosition); $this->flush(); + parent::stream_seek($newFilePosition); $this->position = $newPosition; $return = true; } From b3c5ef3afef572a29011af3aaff4649f2e0563df Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 2 Apr 2015 15:19:09 +0200 Subject: [PATCH 097/119] Adding unit test for read and write of big file --- tests/lib/files/stream/encryption.php | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tests/lib/files/stream/encryption.php b/tests/lib/files/stream/encryption.php index fac1b76855..c7e7f0ddf9 100644 --- a/tests/lib/files/stream/encryption.php +++ b/tests/lib/files/stream/encryption.php @@ -65,6 +65,22 @@ class Encryption extends \Test\TestCase { fclose($stream); } + public function testWriteReadBigFile() { + $expectedData = file_get_contents(\OC::$SERVERROOT . '/tests/data/lorem-big.txt'); + // write it + $fileName = tempnam("/tmp", "FOO"); + $stream = $this->getStream($fileName, 'w+'); + fwrite($stream, $expectedData); + fclose($stream); + + // read it all + $stream = $this->getStream($fileName, 'r'); + $data = stream_get_contents($stream); + fclose($stream); + + $this->assertEquals($expectedData, $data); + } + /** * @return \PHPUnit_Framework_MockObject_MockObject */ From e8fa3a2370585e3e04d5215d86e26b7c116c01ae Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 2 Apr 2015 15:29:10 +0200 Subject: [PATCH 098/119] fix versions download and previews --- apps/encryption/lib/crypto/encryption.php | 18 ++++- .../tests/lib/crypto/encryptionTest.php | 79 +++++++++++++++++++ 2 files changed, 94 insertions(+), 3 deletions(-) create mode 100644 apps/encryption/tests/lib/crypto/encryptionTest.php diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index b66be26370..7c633b7411 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -100,13 +100,13 @@ class Encryption implements IEncryptionModule { $this->cipher = $this->crypt->getCipher(); } - $this->path = $path; + $this->path = $this->getPathToRealFile($path); $this->accessList = $accessList; $this->user = $user; $this->writeCache = ''; $this->isWriteOperation = false; - $this->fileKey = $this->keyManager->getFileKey($path, $this->user); + $this->fileKey = $this->keyManager->getFileKey($this->path, $this->user); return array('cipher' => $this->cipher); } @@ -135,7 +135,7 @@ class Encryption implements IEncryptionModule { $publicKeys = $this->keyManager->addSystemKeys($this->accessList, $publicKeys); $encryptedKeyfiles = $this->crypt->multiKeyEncrypt($this->fileKey, $publicKeys); - $this->keyManager->setAllFileKeys($path, $encryptedKeyfiles); + $this->keyManager->setAllFileKeys($this->path, $encryptedKeyfiles); } return $result; } @@ -313,4 +313,16 @@ class Encryption implements IEncryptionModule { public function getUnencryptedBlockSize() { return 6126; } + + protected function getPathToRealFile($path) { + $realPath = $path; + $parts = explode('/', $path); + if ($parts[2] === 'files_versions') { + $realPath = '/' . $parts[1] . '/files/' . implode('/', array_slice($parts, 3)); + $length = strrpos($realPath, '.'); + $realPath = substr($realPath, 0, $length); + } + + return $realPath; + } } diff --git a/apps/encryption/tests/lib/crypto/encryptionTest.php b/apps/encryption/tests/lib/crypto/encryptionTest.php new file mode 100644 index 0000000000..7f3a16a36b --- /dev/null +++ b/apps/encryption/tests/lib/crypto/encryptionTest.php @@ -0,0 +1,79 @@ + + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE + * License as published by the Free Software Foundation; either + * version 3 of the License, or any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU AFFERO GENERAL PUBLIC LICENSE for more details. + * + * You should have received a copy of the GNU Affero General Public + * License along with this library. If not, see . + */ + +namespace OCA\Encryption\Tests\Crypto; + +use Test\TestCase; +use OCA\Encryption\Crypto\Encryption; + +class EncryptionTest extends TestCase { + + /** @var Encryption */ + private $instance; + + /** @var \PHPUnit_Framework_MockObject_MockObject */ + private $keyManagerMock; + + /** @var \PHPUnit_Framework_MockObject_MockObject */ + private $cryptMock; + + /** @var \PHPUnit_Framework_MockObject_MockObject */ + private $utilMock; + + public function setUp() { + parent::setUp(); + + $this->cryptMock = $this->getMockBuilder('OCA\Encryption\Crypto\Crypt') + ->disableOriginalConstructor() + ->getMock(); + $this->utilMock = $this->getMockBuilder('OCA\Encryption\Util') + ->disableOriginalConstructor() + ->getMock(); + $this->keyManagerMock = $this->getMockBuilder('OCA\Encryption\KeyManager') + ->disableOriginalConstructor() + ->getMock(); + + $this->instance = new Encryption($this->cryptMock, $this->keyManagerMock, $this->utilMock); + } + + /** + * @dataProvider dataProviderForTestGetPathToRealFile + */ + public function testGetPathToRealFile($path, $expected) { + $result = \Test_Helper::invokePrivate($this->instance, 'getPathToRealFile', array($path)); + $this->assertSame($expected, + \Test_Helper::invokePrivate($this->instance, 'getPathToRealFile', array($path)) + ); + } + + public function dataProviderForTestGetPathToRealFile() { + return array( + array('/user/files/foo/bar.txt', '/user/files/foo/bar.txt'), + array('/user/files/foo.txt', '/user/files/foo.txt'), + array('/user/files_versions/foo.txt.v543534', '/user/files/foo.txt'), + array('/user/files_versions/foo/bar.txt.v5454', '/user/files/foo/bar.txt'), + ); + } + + +} \ No newline at end of file From a7e71513644a2e1a3ec632eb8d93f6affcee6cca Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 2 Apr 2015 15:30:02 +0200 Subject: [PATCH 099/119] remove unused code --- apps/encryption/tests/lib/crypto/encryptionTest.php | 1 - 1 file changed, 1 deletion(-) diff --git a/apps/encryption/tests/lib/crypto/encryptionTest.php b/apps/encryption/tests/lib/crypto/encryptionTest.php index 7f3a16a36b..52a322463a 100644 --- a/apps/encryption/tests/lib/crypto/encryptionTest.php +++ b/apps/encryption/tests/lib/crypto/encryptionTest.php @@ -60,7 +60,6 @@ class EncryptionTest extends TestCase { * @dataProvider dataProviderForTestGetPathToRealFile */ public function testGetPathToRealFile($path, $expected) { - $result = \Test_Helper::invokePrivate($this->instance, 'getPathToRealFile', array($path)); $this->assertSame($expected, \Test_Helper::invokePrivate($this->instance, 'getPathToRealFile', array($path)) ); From 3e3226da4c6bb120f16e58f07c2f8c6ad17a2350 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 2 Apr 2015 16:16:06 +0200 Subject: [PATCH 100/119] Properly set size and unencrypted size in the stream unit tests --- tests/lib/files/stream/encryption.php | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/tests/lib/files/stream/encryption.php b/tests/lib/files/stream/encryption.php index c7e7f0ddf9..3e30385dfe 100644 --- a/tests/lib/files/stream/encryption.php +++ b/tests/lib/files/stream/encryption.php @@ -11,8 +11,9 @@ class Encryption extends \Test\TestCase { * @param string $mode * @param integer $limit */ - protected function getStream($fileName, $mode) { + protected function getStream($fileName, $mode, $unencryptedSize) { + $size = filesize($fileName); $source = fopen($fileName, $mode); $internalPath = $fileName; $fullPath = $fileName; @@ -33,8 +34,6 @@ class Encryption extends \Test\TestCase { $util->expects($this->any()) ->method('getUidAndFilename') ->willReturn(['user1', $internalPath]); - $size = 12; - $unencryptedSize = 8000; return \OC\Files\Stream\Encryption::wrap($source, $internalPath, $fullPath, $header, $uid, $encryptionModule, $storage, $encStorage, @@ -43,24 +42,24 @@ class Encryption extends \Test\TestCase { public function testWriteRead() { $fileName = tempnam("/tmp", "FOO"); - $stream = $this->getStream($fileName, 'w+'); + $stream = $this->getStream($fileName, 'w+', 0); $this->assertEquals(6, fwrite($stream, 'foobar')); fclose($stream); - $stream = $this->getStream($fileName, 'r'); + $stream = $this->getStream($fileName, 'r', 6); $this->assertEquals('foobar', fread($stream, 100)); fclose($stream); } public function testSeek() { $fileName = tempnam("/tmp", "FOO"); - $stream = $this->getStream($fileName, 'w+'); + $stream = $this->getStream($fileName, 'w+', 0); $this->assertEquals(6, fwrite($stream, 'foobar')); $this->assertEquals(0, fseek($stream, 3)); $this->assertEquals(6, fwrite($stream, 'foobar')); fclose($stream); - $stream = $this->getStream($fileName, 'r'); + $stream = $this->getStream($fileName, 'r', 9); $this->assertEquals('foofoobar', fread($stream, 100)); fclose($stream); } @@ -69,12 +68,12 @@ class Encryption extends \Test\TestCase { $expectedData = file_get_contents(\OC::$SERVERROOT . '/tests/data/lorem-big.txt'); // write it $fileName = tempnam("/tmp", "FOO"); - $stream = $this->getStream($fileName, 'w+'); + $stream = $this->getStream($fileName, 'w+', 0); fwrite($stream, $expectedData); fclose($stream); // read it all - $stream = $this->getStream($fileName, 'r'); + $stream = $this->getStream($fileName, 'r', strlen($expectedData)); $data = stream_get_contents($stream); fclose($stream); From ff16e3dbff4031bd1d3e7340ac0b53f22c60ac44 Mon Sep 17 00:00:00 2001 From: jknockaert Date: Thu, 2 Apr 2015 16:17:25 +0200 Subject: [PATCH 101/119] Adjusting count on read --- lib/private/files/stream/encryption.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/private/files/stream/encryption.php b/lib/private/files/stream/encryption.php index fdfe73d99c..9ef666d78e 100644 --- a/lib/private/files/stream/encryption.php +++ b/lib/private/files/stream/encryption.php @@ -249,9 +249,10 @@ class Encryption extends Wrapper { // skip the header if we read the file from the beginning if ($this->position === 0) { - parent::stream_read($this->util->getBlockSize()); + parent::stream_read($this->util->getHeaderSize()); } + $count = min($count, $this->unencryptedSize - $this->position); while ($count > 0) { $remainingLength = $count; // update the cache of the current block From 8991272269632bc094fb8ad537d5af5a1bc372b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 2 Apr 2015 16:18:10 +0200 Subject: [PATCH 102/119] Using stream_get_contents in file_get_contents implementation + close handle --- .../files/storage/wrapper/encryption.php | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php index 58d963613a..3ea3b987d4 100644 --- a/lib/private/files/storage/wrapper/encryption.php +++ b/lib/private/files/storage/wrapper/encryption.php @@ -112,23 +112,18 @@ class Encryption extends Wrapper { */ public function file_get_contents($path) { - $data = null; $encryptionModule = $this->getEncryptionModule($path); if ($encryptionModule) { - - $handle = $this->fopen($path, 'r'); - - if (is_resource($handle)) { - while (!feof($handle)) { - $data .= fread($handle, $this->util->getBlockSize()); - } + $handle = $this->fopen($path, "r"); + if (!$handle) { + return false; } - } else { - $data = $this->storage->file_get_contents($path); + $data = stream_get_contents($handle); + fclose($handle); + return $data; } - - return $data; + return $this->storage->file_get_contents($path); } /** From fe74a0cb4f319ac9dccfce8c296365c3535ef84e Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 2 Apr 2015 16:25:01 +0200 Subject: [PATCH 103/119] implement webdav copy --- lib/private/encryption/keys/storage.php | 35 ++++++++- .../files/storage/wrapper/encryption.php | 28 ++++--- lib/public/encryption/keys/istorage.php | 12 ++- tests/lib/encryption/keys/storage.php | 76 +++++++++++++++++++ 4 files changed, 138 insertions(+), 13 deletions(-) diff --git a/lib/private/encryption/keys/storage.php b/lib/private/encryption/keys/storage.php index e4e3fb084f..7d0612ae30 100644 --- a/lib/private/encryption/keys/storage.php +++ b/lib/private/encryption/keys/storage.php @@ -283,7 +283,12 @@ class Storage implements \OCP\Encryption\Keys\IStorage { * @param string $owner * @param bool $systemWide */ - public function renameKeys($source, $target, $owner, $systemWide) { + public function renameKeys($source, $target) { + + list($owner, $source) = $this->util->getUidAndFilename($source); + list(, $target) = $this->util->getUidAndFilename($target); + $systemWide = $this->util->isSystemWideMountPoint($target); + if ($systemWide) { $sourcePath = $this->keys_base_dir . $source . '/'; $targetPath = $this->keys_base_dir . $target . '/'; @@ -298,6 +303,34 @@ class Storage implements \OCP\Encryption\Keys\IStorage { } } + /** + * copy keys if a file was renamed + * + * @param string $source + * @param string $target + * @param string $owner + * @param bool $systemWide + */ + public function copyKeys($source, $target) { + + list($owner, $source) = $this->util->getUidAndFilename($source); + list(, $target) = $this->util->getUidAndFilename($target); + $systemWide = $this->util->isSystemWideMountPoint($target); + + if ($systemWide) { + $sourcePath = $this->keys_base_dir . $source . '/'; + $targetPath = $this->keys_base_dir . $target . '/'; + } else { + $sourcePath = '/' . $owner . $this->keys_base_dir . $source . '/'; + $targetPath = '/' . $owner . $this->keys_base_dir . $target . '/'; + } + + if ($this->view->file_exists($sourcePath)) { + $this->keySetPreparation(dirname($targetPath)); + $this->view->copy($sourcePath, $targetPath); + } + } + /** * Make preparations to filesystem for saving a keyfile * diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php index 3ea3b987d4..2e5bbfd97b 100644 --- a/lib/private/files/storage/wrapper/encryption.php +++ b/lib/private/files/storage/wrapper/encryption.php @@ -173,17 +173,14 @@ class Encryption extends Wrapper { return $this->storage->rename($path1, $path2); } - $fullPath1 = $this->getFullPath($path1); - list($owner, $source) = $this->util->getUidAndFilename($fullPath1); + $source = $this->getFullPath($path1); $result = $this->storage->rename($path1, $path2); if ($result) { - $fullPath2 = $this->getFullPath($path2); - $systemWide = $this->util->isSystemWideMountPoint($this->mountPoint); - list(, $target) = $this->util->getUidAndFilename($fullPath2); + $target = $this->getFullPath($path2); $encryptionModule = $this->getEncryptionModule($path2); if ($encryptionModule) { $keyStorage = $this->getKeyStorage($encryptionModule->getId()); - $keyStorage->renameKeys($source, $target, $owner, $systemWide); + $keyStorage->renameKeys($source, $target); } } @@ -198,9 +195,22 @@ class Encryption extends Wrapper { * @return bool */ public function copy($path1, $path2) { - // todo copy encryption keys, get users with access to the file and reencrypt - // or is this to encryption module specific? Then we can hand this over - return $this->storage->copy($path1, $path2); + if ($this->util->isExcluded($path1)) { + return $this->storage->rename($path1, $path2); + } + + $source = $this->getFullPath($path1); + $result = $this->storage->copy($path1, $path2); + if ($result) { + $target = $this->getFullPath($path2); + $encryptionModule = $this->getEncryptionModule($path2); + if ($encryptionModule) { + $keyStorage = $this->getKeyStorage($encryptionModule->getId()); + $keyStorage->copyKeys($source, $target); + } + } + + return $result; } /** diff --git a/lib/public/encryption/keys/istorage.php b/lib/public/encryption/keys/istorage.php index 0a3ed44d37..2d1672face 100644 --- a/lib/public/encryption/keys/istorage.php +++ b/lib/public/encryption/keys/istorage.php @@ -122,14 +122,20 @@ interface IStorage { */ public function deleteSystemUserKey($keyId); + /** + * copy keys if a file was renamed + * + * @param string $source + * @param string $target + */ + public function renameKeys($source, $target); + /** * move keys if a file was renamed * * @param string $source * @param string $target - * @param string $owner - * @param bool $systemWide */ - public function renameKeys($source, $target, $owner, $systemWide); + public function copyKeys($source, $target); } diff --git a/tests/lib/encryption/keys/storage.php b/tests/lib/encryption/keys/storage.php index c2e5bdbd3d..be32f0e44a 100644 --- a/tests/lib/encryption/keys/storage.php +++ b/tests/lib/encryption/keys/storage.php @@ -277,4 +277,80 @@ class StorageTest extends TestCase { ); } + /** + * @dataProvider dataProviderCopyRename + */ + public function testRenameKeys($source, $target, $systemWideMount, $expectedSource, $expectedTarget) { + $this->view->expects($this->any()) + ->method('file_exists') + ->willReturn(true); + $this->view->expects($this->any()) + ->method('is_dir') + ->willReturn(true); + $this->view->expects($this->once()) + ->method('rename') + ->with( + $this->equalTo($expectedSource), + $this->equalTo($expectedTarget)) + ->willReturn(true); + $this->util->expects($this->any()) + ->method('getUidAndFilename') + ->will($this->returnCallback(array($this, 'getUidAndFilenameCallback'))); + $this->util->expects($this->any()) + ->method('isSystemWideMountPoint') + ->willReturn($systemWideMount); + + $storage = new Storage('encModule', $this->view, $this->util); + $storage->renameKeys($source, $target); + } + + /** + * @dataProvider dataProviderCopyRename + */ + public function testCopyKeys($source, $target, $systemWideMount, $expectedSource, $expectedTarget) { + $this->view->expects($this->any()) + ->method('file_exists') + ->willReturn(true); + $this->view->expects($this->any()) + ->method('is_dir') + ->willReturn(true); + $this->view->expects($this->once()) + ->method('copy') + ->with( + $this->equalTo($expectedSource), + $this->equalTo($expectedTarget)) + ->willReturn(true); + $this->util->expects($this->any()) + ->method('getUidAndFilename') + ->will($this->returnCallback(array($this, 'getUidAndFilenameCallback'))); + $this->util->expects($this->any()) + ->method('isSystemWideMountPoint') + ->willReturn($systemWideMount); + + $storage = new Storage('encModule', $this->view, $this->util); + $storage->copyKeys($source, $target); + } + + public function getUidAndFilenameCallback() { + $args = func_get_args(); + + $path = $args[0]; + $parts = explode('/', $path); + + return array($parts[1], '/' . implode('/', array_slice($parts, 2))); + } + + public function dataProviderCopyRename() { + return array( + array('/user1/files/foo.txt', '/user1/files/bar.txt', false, + '/user1/files_encryption/keys/files/foo.txt/', '/user1/files_encryption/keys/files/bar.txt/'), + array('/user1/files/foo/foo.txt', '/user1/files/bar.txt', false, + '/user1/files_encryption/keys/files/foo/foo.txt/', '/user1/files_encryption/keys/files/bar.txt/'), + array('/user1/files/foo.txt', '/user1/files/foo/bar.txt', false, + '/user1/files_encryption/keys/files/foo.txt/', '/user1/files_encryption/keys/files/foo/bar.txt/'), + array('/user1/files/foo.txt', '/user1/files/foo/bar.txt', true, + '/files_encryption/keys/files/foo.txt/', '/files_encryption/keys/files/foo/bar.txt/'), + ); + } + } From 3d7404fe68474e72a520cb804d7c493e00215752 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 2 Apr 2015 16:42:28 +0200 Subject: [PATCH 104/119] add unit tests to the keystorage --- lib/private/encryption/keys/storage.php | 2 +- tests/lib/encryption/keys/storage.php | 85 +++++++++++++------------ 2 files changed, 46 insertions(+), 41 deletions(-) diff --git a/lib/private/encryption/keys/storage.php b/lib/private/encryption/keys/storage.php index 7d0612ae30..42610bd0b4 100644 --- a/lib/private/encryption/keys/storage.php +++ b/lib/private/encryption/keys/storage.php @@ -339,7 +339,7 @@ class Storage implements \OCP\Encryption\Keys\IStorage { protected function keySetPreparation($path) { // If the file resides within a subdirectory, create it if (!$this->view->file_exists($path)) { - $sub_dirs = explode('/', $path); + $sub_dirs = explode('/', ltrim($path, '/')); $dir = ''; foreach ($sub_dirs as $sub_dir) { $dir .= '/' . $sub_dir; diff --git a/tests/lib/encryption/keys/storage.php b/tests/lib/encryption/keys/storage.php index be32f0e44a..8ab46987f8 100644 --- a/tests/lib/encryption/keys/storage.php +++ b/tests/lib/encryption/keys/storage.php @@ -28,6 +28,9 @@ use Test\TestCase; class StorageTest extends TestCase { + /** @var Storage */ + protected $storage; + /** @var \PHPUnit_Framework_MockObject_MockObject */ protected $util; @@ -45,6 +48,8 @@ class StorageTest extends TestCase { ->disableOriginalConstructor() ->getMock(); + $this->storage = new Storage('encModule', $this->view, $this->util); + } public function testSetFileKey() { @@ -63,10 +68,8 @@ class StorageTest extends TestCase { $this->equalTo('key')) ->willReturn(strlen('key')); - $storage = new Storage('encModule', $this->view, $this->util); - $this->assertTrue( - $storage->setFileKey('user1/files/foo.txt', 'fileKey', 'key') + $this->storage->setFileKey('user1/files/foo.txt', 'fileKey', 'key') ); } @@ -89,10 +92,8 @@ class StorageTest extends TestCase { ->with($this->equalTo('/user1/files_encryption/keys/files/foo.txt/encModule/fileKey')) ->willReturn(true); - $storage = new Storage('encModule', $this->view, $this->util); - $this->assertSame('key', - $storage->getFileKey('user1/files/foo.txt', 'fileKey') + $this->storage->getFileKey('user1/files/foo.txt', 'fileKey') ); } @@ -112,10 +113,8 @@ class StorageTest extends TestCase { $this->equalTo('key')) ->willReturn(strlen('key')); - $storage = new Storage('encModule', $this->view, $this->util); - $this->assertTrue( - $storage->setFileKey('user1/files/foo.txt', 'fileKey', 'key') + $this->storage->setFileKey('user1/files/foo.txt', 'fileKey', 'key') ); } @@ -138,10 +137,8 @@ class StorageTest extends TestCase { ->with($this->equalTo('/files_encryption/keys/files/foo.txt/encModule/fileKey')) ->willReturn(true); - $storage = new Storage('encModule', $this->view, $this->util); - $this->assertSame('key', - $storage->getFileKey('user1/files/foo.txt', 'fileKey') + $this->storage->getFileKey('user1/files/foo.txt', 'fileKey') ); } @@ -152,10 +149,8 @@ class StorageTest extends TestCase { $this->equalTo('key')) ->willReturn(strlen('key')); - $storage = new Storage('encModule', $this->view, $this->util); - $this->assertTrue( - $storage->setSystemUserKey('shareKey_56884', 'key') + $this->storage->setSystemUserKey('shareKey_56884', 'key') ); } @@ -166,10 +161,8 @@ class StorageTest extends TestCase { $this->equalTo('key')) ->willReturn(strlen('key')); - $storage = new Storage('encModule', $this->view, $this->util); - $this->assertTrue( - $storage->setUserKey('user1', 'publicKey', 'key') + $this->storage->setUserKey('user1', 'publicKey', 'key') ); } @@ -183,10 +176,8 @@ class StorageTest extends TestCase { ->with($this->equalTo('/files_encryption/encModule/shareKey_56884')) ->willReturn(true); - $storage = new Storage('encModule', $this->view, $this->util); - $this->assertSame('key', - $storage->getSystemUserKey('shareKey_56884') + $this->storage->getSystemUserKey('shareKey_56884') ); } @@ -200,10 +191,8 @@ class StorageTest extends TestCase { ->with($this->equalTo('/user1/files_encryption/encModule/user1.publicKey')) ->willReturn(true); - $storage = new Storage('encModule', $this->view, $this->util); - $this->assertSame('key', - $storage->getUserKey('user1', 'publicKey') + $this->storage->getUserKey('user1', 'publicKey') ); } @@ -213,10 +202,8 @@ class StorageTest extends TestCase { ->with($this->equalTo('/user1/files_encryption/encModule/user1.publicKey')) ->willReturn(true); - $storage = new Storage('encModule', $this->view, $this->util); - $this->assertTrue( - $storage->deleteUserKey('user1', 'publicKey') + $this->storage->deleteUserKey('user1', 'publicKey') ); } @@ -226,10 +213,8 @@ class StorageTest extends TestCase { ->with($this->equalTo('/files_encryption/encModule/shareKey_56884')) ->willReturn(true); - $storage = new Storage('encModule', $this->view, $this->util); - $this->assertTrue( - $storage->deleteSystemUserKey('shareKey_56884') + $this->storage->deleteSystemUserKey('shareKey_56884') ); } @@ -248,10 +233,8 @@ class StorageTest extends TestCase { ->with($this->equalTo('/files_encryption/keys/files/foo.txt/encModule/fileKey')) ->willReturn(true); - $storage = new Storage('encModule', $this->view, $this->util); - $this->assertTrue( - $storage->deleteFileKey('user1/files/foo.txt', 'fileKey') + $this->storage->deleteFileKey('user1/files/foo.txt', 'fileKey') ); } @@ -270,10 +253,8 @@ class StorageTest extends TestCase { ->with($this->equalTo('/user1/files_encryption/keys/files/foo.txt/encModule/fileKey')) ->willReturn(true); - $storage = new Storage('encModule', $this->view, $this->util); - $this->assertTrue( - $storage->deleteFileKey('user1/files/foo.txt', 'fileKey') + $this->storage->deleteFileKey('user1/files/foo.txt', 'fileKey') ); } @@ -300,8 +281,7 @@ class StorageTest extends TestCase { ->method('isSystemWideMountPoint') ->willReturn($systemWideMount); - $storage = new Storage('encModule', $this->view, $this->util); - $storage->renameKeys($source, $target); + $this->storage->renameKeys($source, $target); } /** @@ -327,8 +307,7 @@ class StorageTest extends TestCase { ->method('isSystemWideMountPoint') ->willReturn($systemWideMount); - $storage = new Storage('encModule', $this->view, $this->util); - $storage->copyKeys($source, $target); + $this->storage->copyKeys($source, $target); } public function getUidAndFilenameCallback() { @@ -353,4 +332,30 @@ class StorageTest extends TestCase { ); } + public function testKeySetPreparation() { + $this->view->expects($this->any()) + ->method('file_exists') + ->willReturn(false); + $this->view->expects($this->any()) + ->method('is_dir') + ->willReturn(false); + $this->view->expects($this->any()) + ->method('mkdir') + ->will($this->returnCallback(array($this, 'mkdirCallback'))); + + $this->mkdirStack = array( + '/user1/files_encryption/keys/foo', + '/user1/files_encryption/keys', + '/user1/files_encryption', + '/user1'); + + \Test_Helper::invokePrivate($this->storage, 'keySetPreparation', array('/user1/files_encryption/keys/foo')); + } + + public function mkdirCallback() { + $args = func_get_args(); + $expected = array_pop($this->mkdirStack); + $this->assertSame($expected, $args[0]); + } + } From 9a7fbbbc5adb449def29e8571a5a14dcb776b63c Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 2 Apr 2015 16:53:38 +0200 Subject: [PATCH 105/119] fix versions tests --- apps/files_versions/tests/versions.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/apps/files_versions/tests/versions.php b/apps/files_versions/tests/versions.php index 6852f769a3..f8bfe38df4 100644 --- a/apps/files_versions/tests/versions.php +++ b/apps/files_versions/tests/versions.php @@ -431,6 +431,12 @@ class Test_Files_Versioning extends \Test\TestCase { \OC::$server->getUserManager()->registerBackend($backend); } + $storage = new \ReflectionClass('\OC\Files\Storage\Shared'); + $isInitialized = $storage->getProperty('isInitialized'); + $isInitialized->setAccessible(true); + $isInitialized->setValue(array()); + $isInitialized->setAccessible(false); + \OC_Util::tearDownFS(); \OC_User::setUserId(''); \OC\Files\Filesystem::tearDown(); From ba9a797eaad9aaeeed7960f03f40593a84096512 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 2 Apr 2015 17:16:27 +0200 Subject: [PATCH 106/119] Encryption storage wrapper is enabled by default - necessary to detect encrypted files even if encryption was disabled after files have been encrypted - prevents data corruption --- lib/base.php | 5 +---- lib/private/files/storage/wrapper/encryption.php | 14 +++++++++++++- 2 files changed, 14 insertions(+), 5 deletions(-) diff --git a/lib/base.php b/lib/base.php index 1d53646415..be397e5244 100644 --- a/lib/base.php +++ b/lib/base.php @@ -701,10 +701,7 @@ class OC { } private static function registerEncryptionWrapper() { - $enabled = self::$server->getEncryptionManager()->isEnabled(); - if ($enabled) { - \OCP\Util::connectHook('OC_Filesystem', 'setup', 'OC\Encryption\Manager', 'setupStorage'); - } + \OCP\Util::connectHook('OC_Filesystem', 'setup', 'OC\Encryption\Manager', 'setupStorage'); } private static function registerEncryptionHooks() { diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php index 2e5bbfd97b..946e7bfbe4 100644 --- a/lib/private/files/storage/wrapper/encryption.php +++ b/lib/private/files/storage/wrapper/encryption.php @@ -229,13 +229,17 @@ class Encryption extends Wrapper { $encryptionModuleId = $this->util->getEncryptionModuleId($header); $size = $unencryptedSize = 0; - if ($this->file_exists($path)) { + $targetExists = $this->file_exists($path); + $targetIsEncrypted = false; + if ($targetExists) { // in case the file exists we require the explicit module as // specified in the file header - otherwise we need to fail hard to // prevent data loss on client side if (!empty($encryptionModuleId)) { + $targetIsEncrypted = true; $encryptionModule = $this->encryptionManager->getEncryptionModule($encryptionModuleId); } + $size = $this->storage->filesize($path); $unencryptedSize = $this->filesize($path); } @@ -266,6 +270,14 @@ class Encryption extends Wrapper { '" not found, file will be stored unencrypted'); } + // encryption disabled on write of new file and write to existing unencrypted file -> don't encrypt + $encEnabled = $this->encryptionManager->isEnabled(); + if (!$encEnabled ) { + if (!$targetExists || !$targetIsEncrypted) { + $shouldEncrypt = false; + } + } + if($shouldEncrypt === true && !$this->util->isExcluded($fullPath) && $encryptionModule !== null) { $source = $this->storage->fopen($path, $mode); $handle = \OC\Files\Stream\Encryption::wrap($source, $path, $fullPath, $header, From 69e95531f88f89c793ec383139bb093f0c979596 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 2 Apr 2015 17:21:47 +0200 Subject: [PATCH 107/119] comment change as it broke unit tests --- lib/private/files/stream/encryption.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/private/files/stream/encryption.php b/lib/private/files/stream/encryption.php index 9ef666d78e..b4e06c9994 100644 --- a/lib/private/files/stream/encryption.php +++ b/lib/private/files/stream/encryption.php @@ -252,7 +252,7 @@ class Encryption extends Wrapper { parent::stream_read($this->util->getHeaderSize()); } - $count = min($count, $this->unencryptedSize - $this->position); +// $count = min($count, $this->unencryptedSize - $this->position); while ($count > 0) { $remainingLength = $count; // update the cache of the current block From b9e4e61759b4cc3cdf5c0cabd8e5a8d6828d5528 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 2 Apr 2015 17:36:51 +0200 Subject: [PATCH 108/119] userRecovery() was replaced by setRecoveryForUser() --- apps/encryption/appinfo/routes.php | 5 ----- apps/encryption/controller/recoverycontroller.php | 12 ------------ 2 files changed, 17 deletions(-) diff --git a/apps/encryption/appinfo/routes.php b/apps/encryption/appinfo/routes.php index 1a6cf18fbe..d4867f5fda 100644 --- a/apps/encryption/appinfo/routes.php +++ b/apps/encryption/appinfo/routes.php @@ -29,11 +29,6 @@ namespace OCA\Encryption\AppInfo; 'url' => '/ajax/adminRecovery', 'verb' => 'POST' ], - [ - 'name' => 'Recovery#userRecovery', - 'url' => '/ajax/userRecovery', - 'verb' => 'POST' - ], [ 'name' => 'Recovery#changeRecoveryPassword', 'url' => '/ajax/changeRecoveryPassword', diff --git a/apps/encryption/controller/recoverycontroller.php b/apps/encryption/controller/recoverycontroller.php index 24d7f5a06e..da55d81f63 100644 --- a/apps/encryption/controller/recoverycontroller.php +++ b/apps/encryption/controller/recoverycontroller.php @@ -130,18 +130,6 @@ class RecoveryController extends Controller { } } - public function userRecovery($userEnableRecovery) { - if (isset($userEnableRecovery) && ($userEnableRecovery === '0' || $userEnableRecovery === '1')) { - $userId = $this->user->getUID(); - if ($userEnableRecovery === '1') { - // Todo xxx figure out if we need keyid's here or what. - return $this->recovery->addRecoveryKeys(); - } - // Todo xxx see :98 - return $this->recovery->removeRecoveryKeys(); - } - } - /** * @NoAdminRequired */ From 111fbabfb4772310cfae7037dfc3b71dcb881cc5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 2 Apr 2015 17:53:40 +0200 Subject: [PATCH 109/119] PHPDoc cleanup - clean code \o/ --- apps/encryption/hooks/userhooks.php | 2 - apps/encryption/lib/crypto/crypt.php | 37 +++++++++---------- lib/private/encryption/util.php | 2 +- .../files/storage/wrapper/encryption.php | 2 +- lib/private/hook.php | 29 ++++++++------- lib/public/util.php | 13 ++++--- 6 files changed, 42 insertions(+), 43 deletions(-) diff --git a/apps/encryption/hooks/userhooks.php b/apps/encryption/hooks/userhooks.php index 742c7d7580..1ec0950d94 100644 --- a/apps/encryption/hooks/userhooks.php +++ b/apps/encryption/hooks/userhooks.php @@ -205,8 +205,6 @@ class UserHooks implements IHook { * Change a user's encryption passphrase * * @param array $params keys: uid, password - * @param IUserSession $user - * @param Util $util * @return bool */ public function setPassphrase($params) { diff --git a/apps/encryption/lib/crypto/crypt.php b/apps/encryption/lib/crypto/crypt.php index 80878b3ddb..c0b737a3da 100644 --- a/apps/encryption/lib/crypto/crypt.php +++ b/apps/encryption/lib/crypto/crypt.php @@ -34,11 +34,10 @@ use OCP\IUserSession; class Crypt { - const BLOCKSIZE = 8192; const DEFAULT_CIPHER = 'AES-256-CFB'; - const HEADERSTART = 'HBEGIN'; - const HEADEREND = 'HEND'; + const HEADER_START = 'HBEGIN'; + const HEADER_END = 'HEND'; /** * @var ILogger */ @@ -64,7 +63,7 @@ class Crypt { } /** - * + * @return array|bool */ public function createKeyPair() { @@ -121,8 +120,8 @@ class Crypt { } /** - * @param $plainContent - * @param $passPhrase + * @param string $plainContent + * @param string $passPhrase * @return bool|string * @throws GenericEncryptionException */ @@ -148,8 +147,8 @@ class Crypt { } /** - * @param $plainContent - * @param $iv + * @param string $plainContent + * @param string $iv * @param string $passPhrase * @param string $cipher * @return string @@ -187,8 +186,8 @@ class Crypt { } /** - * @param $encryptedContent - * @param $iv + * @param string $encryptedContent + * @param string $iv * @return string */ private function concatIV($encryptedContent, $iv) { @@ -204,20 +203,20 @@ class Crypt { } /** - * @param $recoveryKey - * @param $password + * @param string $recoveryKey + * @param string $password * @return bool|string */ public function decryptPrivateKey($recoveryKey, $password) { $header = $this->parseHeader($recoveryKey); - $cipher = $this->getCipher($header); + $cipher = $this->getCipher(); // If we found a header we need to remove it from the key we want to decrypt if (!empty($header)) { $recoveryKey = substr($recoveryKey, strpos($recoveryKey, - self::HEADEREND) + strlen(self::HEADERSTART)); + self::HEADER_END) + strlen(self::HEADER_START)); } $plainKey = $this->symmetricDecryptFileContent($recoveryKey, @@ -318,17 +317,17 @@ class Crypt { private function parseHeader($data) { $result = []; - if (substr($data, 0, strlen(self::HEADERSTART)) === self::HEADERSTART) { - $endAt = strpos($data, self::HEADEREND); - $header = substr($data, 0, $endAt + strlen(self::HEADEREND)); + if (substr($data, 0, strlen(self::HEADER_START)) === self::HEADER_START) { + $endAt = strpos($data, self::HEADER_END); + $header = substr($data, 0, $endAt + strlen(self::HEADER_END)); // +1 not to start with an ':' which would result in empty element at the beginning $exploded = explode(':', - substr($header, strlen(self::HEADERSTART) + 1)); + substr($header, strlen(self::HEADER_START) + 1)); $element = array_shift($exploded); - while ($element != self::HEADEREND) { + while ($element != self::HEADER_END) { $result[$element] = array_shift($exploded); $element = array_shift($exploded); } diff --git a/lib/private/encryption/util.php b/lib/private/encryption/util.php index 54d587715b..6312d8813e 100644 --- a/lib/private/encryption/util.php +++ b/lib/private/encryption/util.php @@ -57,7 +57,7 @@ class Util { /** @var array */ protected $ocHeaderKeys; - /** @var Manager */ + /** @var \OC\User\Manager */ protected $userManager; /** @var IConfig */ diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php index 946e7bfbe4..bc0b5c87ad 100644 --- a/lib/private/files/storage/wrapper/encryption.php +++ b/lib/private/files/storage/wrapper/encryption.php @@ -394,7 +394,7 @@ class Encryption extends Wrapper { } /** - * @param string $encryptionModule + * @param string $encryptionModuleId * @return \OCP\Encryption\Keys\IStorage */ protected function getKeyStorage($encryptionModuleId) { diff --git a/lib/private/hook.php b/lib/private/hook.php index 824bb72507..c4ea1999b0 100644 --- a/lib/private/hook.php +++ b/lib/private/hook.php @@ -32,38 +32,39 @@ class OC_Hook{ /** * connects a function to a hook - * @param string $signalclass class name of emitter - * @param string $signalname name of signal - * @param string $slotclass class name of slot - * @param string $slotname name of slot + * + * @param string $signalClass class name of emitter + * @param string $signalName name of signal + * @param string|object $slotClass class name of slot + * @param string $slotName name of slot * @return bool * * This function makes it very easy to connect to use hooks. * * TODO: write example */ - static public function connect( $signalclass, $signalname, $slotclass, $slotname ) { + static public function connect($signalClass, $signalName, $slotClass, $slotName ) { // If we're trying to connect to an emitting class that isn't // yet registered, register it - if( !array_key_exists( $signalclass, self::$registered )) { - self::$registered[$signalclass] = array(); + if( !array_key_exists($signalClass, self::$registered )) { + self::$registered[$signalClass] = array(); } // If we're trying to connect to an emitting method that isn't // yet registered, register it with the emitting class - if( !array_key_exists( $signalname, self::$registered[$signalclass] )) { - self::$registered[$signalclass][$signalname] = array(); + if( !array_key_exists( $signalName, self::$registered[$signalClass] )) { + self::$registered[$signalClass][$signalName] = array(); } // dont connect hooks twice - foreach (self::$registered[$signalclass][$signalname] as $hook) { - if ($hook['class'] === $slotclass and $hook['name'] === $slotname) { + foreach (self::$registered[$signalClass][$signalName] as $hook) { + if ($hook['class'] === $slotClass and $hook['name'] === $slotName) { return false; } } // Connect the hook handler to the requested emitter - self::$registered[$signalclass][$signalname][] = array( - "class" => $slotclass, - "name" => $slotname + self::$registered[$signalClass][$signalName][] = array( + "class" => $slotClass, + "name" => $slotName ); // No chance for failure ;-) diff --git a/lib/public/util.php b/lib/public/util.php index 37cb1b5448..721bcaadb6 100644 --- a/lib/public/util.php +++ b/lib/public/util.php @@ -394,18 +394,19 @@ class Util { /** * connects a function to a hook - * @param string $signalclass class name of emitter - * @param string $signalname name of signal - * @param string $slotclass class name of slot - * @param string $slotname name of slot + * + * @param string $signalClass class name of emitter + * @param string $signalName name of signal + * @param string|object $slotClass class name of slot + * @param string $slotName name of slot * @return bool * * This function makes it very easy to connect to use hooks. * * TODO: write example */ - static public function connectHook( $signalclass, $signalname, $slotclass, $slotname ) { - return(\OC_Hook::connect( $signalclass, $signalname, $slotclass, $slotname )); + static public function connectHook($signalClass, $signalName, $slotClass, $slotName ) { + return(\OC_Hook::connect($signalClass, $signalName, $slotClass, $slotName )); } /** From 870c53ee37a406d60d8cb6b319a19a3f423dda9c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Thu, 2 Apr 2015 18:12:20 +0200 Subject: [PATCH 110/119] fixing unit test execution --- .../lib/files/storage/wrapper/encryption.php | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/tests/lib/files/storage/wrapper/encryption.php b/tests/lib/files/storage/wrapper/encryption.php index 9f681a3429..41bd2f8499 100644 --- a/tests/lib/files/storage/wrapper/encryption.php +++ b/tests/lib/files/storage/wrapper/encryption.php @@ -2,13 +2,13 @@ namespace Test\Files\Storage\Wrapper; +use OC\Files\Storage\Temporary; use OC\Files\View; -use OCA\Encryption_Dummy\DummyModule; class Encryption extends \Test\Files\Storage\Storage { /** - * @var \OC\Files\Storage\Temporary + * @var Temporary */ private $sourceStorage; @@ -19,10 +19,7 @@ class Encryption extends \Test\Files\Storage\Storage { $mockModule = $this->buildMockModule(); $encryptionManager = $this->getMockBuilder('\OC\Encryption\Manager') ->disableOriginalConstructor() - ->setMethods(['getDefaultEncryptionModule', 'getEncryptionModule']) - ->getMock(); - $config = $this->getMockBuilder('\OCP\IConfig') - ->disableOriginalConstructor() + ->setMethods(['getDefaultEncryptionModule', 'getEncryptionModule', 'isEnabled']) ->getMock(); $encryptionManager->expects($this->any()) ->method('getDefaultEncryptionModule') @@ -30,6 +27,13 @@ class Encryption extends \Test\Files\Storage\Storage { $encryptionManager->expects($this->any()) ->method('getEncryptionModule') ->willReturn($mockModule); + $encryptionManager->expects($this->any()) + ->method('isEnabled') + ->willReturn(true); + + $config = $this->getMockBuilder('\OCP\IConfig') + ->disableOriginalConstructor() + ->getMock(); $util = $this->getMock('\OC\Encryption\Util', ['getUidAndFilename'], [new View(), new \OC\User\Manager(), $config]); $util->expects($this->any()) @@ -37,13 +41,14 @@ class Encryption extends \Test\Files\Storage\Storage { ->willReturnCallback(function ($path) { return ['user1', $path]; }); + $file = $this->getMockBuilder('\OC\Encryption\File') ->disableOriginalConstructor() ->getMock(); $logger = $this->getMock('\OC\Log'); - $this->sourceStorage = new \OC\Files\Storage\Temporary(array()); + $this->sourceStorage = new Temporary(array()); $keyStore = $this->getMockBuilder('\OC\Encryption\Keys\Storage') ->disableOriginalConstructor()->getMock(); $this->instance = new EncryptionWrapper([ From fce42a316188fa4bc7be53f4e43b261092972aab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Fri, 3 Apr 2015 11:42:25 +0200 Subject: [PATCH 111/119] fixing unit test execution - test dummy module was behaving wrong --- tests/lib/files/storage/wrapper/encryption.php | 2 +- tests/lib/files/stream/encryption.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/lib/files/storage/wrapper/encryption.php b/tests/lib/files/storage/wrapper/encryption.php index 41bd2f8499..e25002eee2 100644 --- a/tests/lib/files/storage/wrapper/encryption.php +++ b/tests/lib/files/storage/wrapper/encryption.php @@ -78,7 +78,7 @@ class Encryption extends \Test\Files\Storage\Storage { $encryptionModule->expects($this->any())->method('update')->willReturn(true); $encryptionModule->expects($this->any())->method('shouldEncrypt')->willReturn(true); $encryptionModule->expects($this->any())->method('calculateUnencryptedSize')->willReturn(42); - $encryptionModule->expects($this->any())->method('getUnencryptedBlockSize')->willReturn(6126); + $encryptionModule->expects($this->any())->method('getUnencryptedBlockSize')->willReturn(8192); return $encryptionModule; } diff --git a/tests/lib/files/stream/encryption.php b/tests/lib/files/stream/encryption.php index 3e30385dfe..84156337ad 100644 --- a/tests/lib/files/stream/encryption.php +++ b/tests/lib/files/stream/encryption.php @@ -98,7 +98,7 @@ class Encryption extends \Test\TestCase { $encryptionModule->expects($this->any())->method('update')->willReturn(true); $encryptionModule->expects($this->any())->method('shouldEncrypt')->willReturn(true); $encryptionModule->expects($this->any())->method('calculateUnencryptedSize')->willReturn(42); - $encryptionModule->expects($this->any())->method('getUnencryptedBlockSize')->willReturn(6126); + $encryptionModule->expects($this->any())->method('getUnencryptedBlockSize')->willReturn(8192); return $encryptionModule; } } From c7c3caedf5a66b5b179978bd54a2539eb632bc54 Mon Sep 17 00:00:00 2001 From: Clark Tomlinson Date: Fri, 3 Apr 2015 11:37:54 -0400 Subject: [PATCH 112/119] adding recovery tests --- apps/encryption/tests/lib/RecoveryTest.php | 224 +++++++++++++++++++++ 1 file changed, 224 insertions(+) create mode 100644 apps/encryption/tests/lib/RecoveryTest.php diff --git a/apps/encryption/tests/lib/RecoveryTest.php b/apps/encryption/tests/lib/RecoveryTest.php new file mode 100644 index 0000000000..406c816702 --- /dev/null +++ b/apps/encryption/tests/lib/RecoveryTest.php @@ -0,0 +1,224 @@ + + * @since 4/3/15, 9:57 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + + +namespace OCA\Encryption\Tests; + + +use OCA\Encryption\Recovery; +use Test\TestCase; + +class RecoveryTest extends TestCase { + private static $tempStorage = []; + /** + * @var \PHPUnit_Framework_MockObject_MockObject + */ + private $viewMock; + /** + * @var \PHPUnit_Framework_MockObject_MockObject + */ + private $userSessionMock; + /** + * @var \PHPUnit_Framework_MockObject_MockObject + */ + private $keyManagerMock; + /** + * @var \PHPUnit_Framework_MockObject_MockObject + */ + private $configMock; + /** + * @var \PHPUnit_Framework_MockObject_MockObject + */ + private $cryptMock; + /** + * @var Recovery + */ + private $instance; + + public function testEnableAdminRecovery() { + $this->keyManagerMock->expects($this->exactly(2)) + ->method('recoveryKeyExists') + ->willReturnOnConsecutiveCalls(false, true); + + $this->cryptMock->expects($this->once()) + ->method('createKeyPair') + ->willReturn(true); + + $this->keyManagerMock->expects($this->once()) + ->method('setRecoveryKey') + ->willReturn(false); + + $this->keyManagerMock->expects($this->exactly(2)) + ->method('checkRecoveryPassword') + ->willReturnOnConsecutiveCalls(true, false); + + $this->assertTrue($this->instance->enableAdminRecovery('password')); + $this->assertArrayHasKey('recoveryAdminEnabled', self::$tempStorage); + $this->assertEquals(1, self::$tempStorage['recoveryAdminEnabled']); + + $this->assertFalse($this->instance->enableAdminRecovery('password')); + } + + public function testChangeRecoveryKeyPassword() { + $this->assertFalse($this->instance->changeRecoveryKeyPassword('password', + 'passwordOld')); + + $this->keyManagerMock->expects($this->once()) + ->method('getSystemPrivateKey'); + + $this->cryptMock->expects($this->once()) + ->method('decryptPrivateKey'); + + $this->cryptMock->expects($this->once()) + ->method('symmetricEncryptFileContent') + ->willReturn(true); + + $this->assertTrue($this->instance->changeRecoveryKeyPassword('password', + 'passwordOld')); + } + + public function testDisableAdminRecovery() { + + $this->keyManagerMock->expects($this->exactly(2)) + ->method('checkRecoveryPassword') + ->willReturnOnConsecutiveCalls(true, false); + + $this->assertArrayHasKey('recoveryAdminEnabled', self::$tempStorage); + $this->assertTrue($this->instance->disableAdminRecovery('password')); + $this->assertEquals(0, self::$tempStorage['recoveryAdminEnabled']); + + $this->assertFalse($this->instance->disableAdminRecovery('password')); + } + + public function testIsRecoveryEnabledForUser() { + + $this->configMock->expects($this->exactly(2)) + ->method('getUserValue') + ->willReturnOnConsecutiveCalls('1', '0'); + + $this->assertTrue($this->instance->isRecoveryEnabledForUser()); + $this->assertFalse($this->instance->isRecoveryEnabledForUser('admin')); + } + + public function testIsRecoveryKeyEnabled() { + $this->assertFalse($this->instance->isRecoveryKeyEnabled()); + self::$tempStorage['recoveryAdminEnabled'] = '1'; + $this->assertTrue($this->instance->isRecoveryKeyEnabled()); + } + + public function testSetRecoveryFolderForUser() { + $this->viewMock->expects($this->exactly(2)) + ->method('getDirectoryContent') + ->willReturn([]); + $this->assertTrue($this->instance->setRecoveryForUser(0)); + $this->assertTrue($this->instance->setRecoveryForUser('1')); + } + + public function testRecoverUserFiles() { + $this->viewMock->expects($this->once()) + ->method('getDirectoryContent') + ->willReturn([]); + + $this->cryptMock->expects($this->once()) + ->method('decryptPrivateKey'); + $this->assertNull($this->instance->recoverUsersFiles('password', + 'admin')); + } + + protected function setUp() { + parent::setUp(); + + + $this->userSessionMock = $this->getMockBuilder('OCP\IUserSession') + ->disableOriginalConstructor() + ->setMethods([ + 'isLoggedIn', + 'getUID', + 'login', + 'logout', + 'setUser', + 'getUser' + ]) + ->getMock(); + + $this->userSessionMock->expects($this->any())->method('getUID')->will($this->returnValue('admin')); + + $this->userSessionMock->expects($this->any()) + ->method($this->anything()) + ->will($this->returnSelf()); + + $this->cryptMock = $this->getMockBuilder('OCA\Encryption\Crypto\Crypt')->disableOriginalConstructor()->getMock(); + $randomMock = $this->getMock('OCP\Security\ISecureRandom'); + $this->keyManagerMock = $this->getMockBuilder('OCA\Encryption\KeyManager')->disableOriginalConstructor()->getMock(); + $this->configMock = $this->getMock('OCP\IConfig'); + $keyStorageMock = $this->getMock('OCP\Encryption\Keys\IStorage'); + $fileMock = $this->getMock('OCP\Encryption\IFile'); + $this->viewMock = $this->getMock('OC\Files\View'); + + $this->configMock->expects($this->any()) + ->method('setAppValue') + ->will($this->returnCallback([$this, 'setValueTester'])); + + $this->configMock->expects($this->any()) + ->method('getAppValue') + ->will($this->returnCallback([$this, 'getValueTester'])); + + $this->instance = new Recovery($this->userSessionMock, + $this->cryptMock, + $randomMock, + $this->keyManagerMock, + $this->configMock, + $keyStorageMock, + $fileMock, + $this->viewMock); + } + + + /** + * @param $app + * @param $key + * @param $value + */ + public function setValueTester($app, $key, $value) { + self::$tempStorage[$key] = $value; + } + + /** + * @param $key + */ + public function removeValueTester($key) { + unset(self::$tempStorage[$key]); + } + + /** + * @param $app + * @param $key + * @return mixed + */ + public function getValueTester($app, $key) { + if (!empty(self::$tempStorage[$key])) { + return self::$tempStorage[$key]; + } + return null; + } + + +} From 28c801792857efa539720ba7702c24f4df3b9ddd Mon Sep 17 00:00:00 2001 From: Clark Tomlinson Date: Mon, 6 Apr 2015 11:49:18 -0400 Subject: [PATCH 113/119] adding recoverFileTest --- apps/encryption/tests/lib/RecoveryTest.php | 45 +++++++++++++++++++++- 1 file changed, 43 insertions(+), 2 deletions(-) diff --git a/apps/encryption/tests/lib/RecoveryTest.php b/apps/encryption/tests/lib/RecoveryTest.php index 406c816702..701762b56d 100644 --- a/apps/encryption/tests/lib/RecoveryTest.php +++ b/apps/encryption/tests/lib/RecoveryTest.php @@ -28,6 +28,10 @@ use Test\TestCase; class RecoveryTest extends TestCase { private static $tempStorage = []; + /** + * @var \PHPUnit_Framework_MockObject_MockObject + */ + private $fileMock; /** * @var \PHPUnit_Framework_MockObject_MockObject */ @@ -143,6 +147,43 @@ class RecoveryTest extends TestCase { 'admin')); } + public function testRecoverFile() { + $this->keyManagerMock->expects($this->once()) + ->method('getEncryptedFileKey') + ->willReturn(true); + + $this->keyManagerMock->expects($this->once()) + ->method('getShareKey') + ->willReturn(true); + + $this->cryptMock->expects($this->once()) + ->method('multiKeyDecrypt') + ->willReturn(true); + + $this->fileMock->expects($this->once()) + ->method('getAccessList') + ->willReturn(['users' => ['admin']]); + + $this->keyManagerMock->expects($this->once()) + ->method('getPublicKey') + ->willReturn('publicKey'); + + $this->keyManagerMock->expects($this->once()) + ->method('addSystemKeys') + ->willReturn(['admin' => 'publicKey']); + + + $this->cryptMock->expects($this->once()) + ->method('multiKeyEncrypt'); + + $this->keyManagerMock->expects($this->once()) + ->method('setAllFileKeys'); + + $this->assertNull(\Test_Helper::invokePrivate($this->instance, + 'recoverFile', + ['/', 'testkey'])); + } + protected function setUp() { parent::setUp(); @@ -170,7 +211,7 @@ class RecoveryTest extends TestCase { $this->keyManagerMock = $this->getMockBuilder('OCA\Encryption\KeyManager')->disableOriginalConstructor()->getMock(); $this->configMock = $this->getMock('OCP\IConfig'); $keyStorageMock = $this->getMock('OCP\Encryption\Keys\IStorage'); - $fileMock = $this->getMock('OCP\Encryption\IFile'); + $this->fileMock = $this->getMock('OCP\Encryption\IFile'); $this->viewMock = $this->getMock('OC\Files\View'); $this->configMock->expects($this->any()) @@ -187,7 +228,7 @@ class RecoveryTest extends TestCase { $this->keyManagerMock, $this->configMock, $keyStorageMock, - $fileMock, + $this->fileMock, $this->viewMock); } From d637bffac6b8149aa2520ee7acb637ca1cbcc5f1 Mon Sep 17 00:00:00 2001 From: Clark Tomlinson Date: Mon, 6 Apr 2015 15:08:09 -0400 Subject: [PATCH 114/119] adding user setup test and adding 4 tests to keymanager --- apps/encryption/tests/lib/KeyManagerTest.php | 76 ++++++++++++++--- apps/encryption/tests/lib/users/SetupTest.php | 81 +++++++++++++++++++ 2 files changed, 144 insertions(+), 13 deletions(-) create mode 100644 apps/encryption/tests/lib/users/SetupTest.php diff --git a/apps/encryption/tests/lib/KeyManagerTest.php b/apps/encryption/tests/lib/KeyManagerTest.php index 5a85007aa5..d12578bb8d 100644 --- a/apps/encryption/tests/lib/KeyManagerTest.php +++ b/apps/encryption/tests/lib/KeyManagerTest.php @@ -67,7 +67,7 @@ class KeyManagerTest extends TestCase { $this->utilMock = $this->getMockBuilder('OCA\Encryption\Util') ->disableOriginalConstructor() ->getMock(); - + $this->instance = new KeyManager( $this->keyStorageMock, $this->cryptMock, @@ -83,7 +83,7 @@ class KeyManagerTest extends TestCase { ->method('deleteFileKey') ->with($this->equalTo('/path'), $this->equalTo('keyId.shareKey')) ->willReturn(true); - + $this->assertTrue( $this->instance->deleteShareKey('/path', 'keyId') ); @@ -94,7 +94,7 @@ class KeyManagerTest extends TestCase { ->method('getUserKey') ->with($this->equalTo($this->userId), $this->equalTo('privateKey')) ->willReturn('privateKey'); - + $this->assertSame('privateKey', $this->instance->getPrivateKey($this->userId) @@ -106,7 +106,7 @@ class KeyManagerTest extends TestCase { ->method('getUserKey') ->with($this->equalTo($this->userId), $this->equalTo('publicKey')) ->willReturn('publicKey'); - + $this->assertSame('publicKey', $this->instance->getPublicKey($this->userId) @@ -118,7 +118,7 @@ class KeyManagerTest extends TestCase { ->method('getSystemUserKey') ->with($this->equalTo($this->systemKeyId . '.publicKey')) ->willReturn('recoveryKey'); - + $this->assertTrue($this->instance->recoveryKeyExists()); } @@ -144,7 +144,7 @@ class KeyManagerTest extends TestCase { $this->equalTo('publicKey'), $this->equalTo('key')) ->willReturn(true); - + $this->assertTrue( $this->instance->setPublicKey($this->userId, 'key') @@ -159,7 +159,7 @@ class KeyManagerTest extends TestCase { $this->equalTo('privateKey'), $this->equalTo('key')) ->willReturn(true); - + $this->assertTrue( $this->instance->setPrivateKey($this->userId, 'key') @@ -171,7 +171,7 @@ class KeyManagerTest extends TestCase { ->method('getUserKey') ->with($this->equalTo($this->userId), $this->anything()) ->willReturn('key'); - + $this->assertTrue( $this->instance->userHasKeys($this->userId) @@ -187,7 +187,7 @@ class KeyManagerTest extends TestCase { ->method('decryptPrivateKey') ->with($this->equalTo('privateKey'), $this->equalTo('pass')) ->willReturn('decryptedPrivateKey'); - + $this->assertTrue( $this->instance->init($this->userId, 'pass') @@ -203,10 +203,11 @@ class KeyManagerTest extends TestCase { ->method('symmetricEncryptFileContent') ->with($this->equalTo('privateKey'), $this->equalTo('pass')) ->willReturn('decryptedPrivateKey'); - + $this->assertTrue( - $this->instance->setRecoveryKey('pass', array('publicKey' => 'publicKey', 'privateKey' => 'privateKey')) + $this->instance->setRecoveryKey('pass', + array('publicKey' => 'publicKey', 'privateKey' => 'privateKey')) ); } @@ -215,7 +216,7 @@ class KeyManagerTest extends TestCase { ->method('setSystemUserKey') ->with($this->equalTo('keyId.privateKey'), $this->equalTo('key')) ->willReturn(true); - + $this->assertTrue( $this->instance->setSystemPrivateKey('keyId', 'key') @@ -227,10 +228,59 @@ class KeyManagerTest extends TestCase { ->method('getSystemUserKey') ->with($this->equalTo('keyId.privateKey')) ->willReturn('systemPrivateKey'); - + $this->assertSame('systemPrivateKey', $this->instance->getSystemPrivateKey('keyId') ); } + + public function testGetEncryptedFileKey() { + $this->keyStorageMock->expects($this->once()) + ->method('getFileKey') + ->with('/', 'fileKey') + ->willReturn(true); + + $this->assertTrue($this->instance->getEncryptedFileKey('/')); + } + + public function testGetFileKey() { + $this->keyStorageMock->expects($this->exactly(4)) + ->method('getFileKey') + ->willReturn(true); + + $this->keyStorageMock->expects($this->once()) + ->method('getSystemUserKey') + ->willReturn(true); + + $this->cryptMock->expects($this->once()) + ->method('symmetricDecryptFileContent') + ->willReturn(true); + + $this->cryptMock->expects($this->once()) + ->method('multiKeyDecrypt') + ->willReturn(true); + + $this->assertTrue($this->instance->getFileKey('/', null)); + $this->assertEmpty($this->instance->getFileKey('/', $this->userId)); + } + + public function testDeletePrivateKey() { + $this->keyStorageMock->expects($this->once()) + ->method('deleteUserKey') + ->with('user1', 'privateKey') + ->willReturn(true); + + $this->assertTrue(\Test_Helper::invokePrivate($this->instance, + 'deletePrivateKey', + [$this->userId])); + } + + public function testDeleteAllFileKeys() { + $this->keyStorageMock->expects($this->once()) + ->method('deleteAllFileKeys') + ->willReturn(true); + + $this->assertTrue($this->instance->deleteAllFileKeys('/')); + } } diff --git a/apps/encryption/tests/lib/users/SetupTest.php b/apps/encryption/tests/lib/users/SetupTest.php new file mode 100644 index 0000000000..6a66df3674 --- /dev/null +++ b/apps/encryption/tests/lib/users/SetupTest.php @@ -0,0 +1,81 @@ + + * @since 4/6/15, 11:50 AM + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + + +namespace OCA\Encryption\Tests\Users; + + +use OCA\Encryption\Users\Setup; +use Test\TestCase; + +class SetupTest extends TestCase { + /** + * @var \PHPUnit_Framework_MockObject_MockObject + */ + private $keyManagerMock; + /** + * @var \PHPUnit_Framework_MockObject_MockObject + */ + private $cryptMock; + /** + * @var Setup + */ + private $instance; + + public function testSetupServerSide() { + $this->keyManagerMock->expects($this->exactly(2)) + ->method('userHasKeys') + ->with('admin') + ->willReturnOnConsecutiveCalls(true, false); + + $this->assertTrue($this->instance->setupServerSide('admin', + 'password')); + + $this->keyManagerMock->expects($this->once()) + ->method('storeKeyPair') + ->with('admin', 'password') + ->willReturn(false); + + $this->assertFalse($this->instance->setupServerSide('admin', + 'password')); + } + + protected function setUp() { + parent::setUp(); + $logMock = $this->getMock('OCP\ILogger'); + $userSessionMock = $this->getMockBuilder('OCP\IUserSession') + ->disableOriginalConstructor() + ->getMock(); + $this->cryptMock = $this->getMockBuilder('OCA\Encryption\Crypto\Crypt') + ->disableOriginalConstructor() + ->getMock(); + + $this->keyManagerMock = $this->getMockBuilder('OCA\Encryption\KeyManager') + ->disableOriginalConstructor() + ->getMock(); + + $this->instance = new Setup($logMock, + $userSessionMock, + $this->cryptMock, + $this->keyManagerMock); + } + +} From 4a70ca665c64253ef4da7b0e8b18f12db9cda442 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Tue, 7 Apr 2015 09:42:54 +0200 Subject: [PATCH 115/119] respect mount option while encrypting --- lib/private/files/storage/wrapper/encryption.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/private/files/storage/wrapper/encryption.php b/lib/private/files/storage/wrapper/encryption.php index bc0b5c87ad..5245fe4cc4 100644 --- a/lib/private/files/storage/wrapper/encryption.php +++ b/lib/private/files/storage/wrapper/encryption.php @@ -25,6 +25,7 @@ namespace OC\Files\Storage\Wrapper; use OC\Encryption\Exceptions\ModuleDoesNotExistsException; use OC\Files\Storage\LocalTempFileTrait; +use OCP\Files\Mount\IMountPoint; class Encryption extends Wrapper { @@ -51,6 +52,9 @@ class Encryption extends Wrapper { /** @var \OC\Encryption\File */ private $fileHelper; + /** @var IMountPoint */ + private $mount; + /** * @param array $parameters * @param \OC\Encryption\Manager $encryptionManager @@ -69,6 +73,7 @@ class Encryption extends Wrapper { ) { $this->mountPoint = $parameters['mountPoint']; + $this->mount = $parameters['mount']; $this->encryptionManager = $encryptionManager; $this->util = $util; $this->logger = $logger; @@ -272,7 +277,7 @@ class Encryption extends Wrapper { // encryption disabled on write of new file and write to existing unencrypted file -> don't encrypt $encEnabled = $this->encryptionManager->isEnabled(); - if (!$encEnabled ) { + if (!$encEnabled || !$this->mount->getOption('encrypt', true)) { if (!$targetExists || !$targetIsEncrypted) { $shouldEncrypt = false; } From 268d346b369f5afb630decb3e9b4e6cd9a7c124f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Tue, 7 Apr 2015 10:03:44 +0200 Subject: [PATCH 116/119] fixing unit tests --- tests/lib/files/storage/wrapper/encryption.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/tests/lib/files/storage/wrapper/encryption.php b/tests/lib/files/storage/wrapper/encryption.php index e25002eee2..bf4464f0eb 100644 --- a/tests/lib/files/storage/wrapper/encryption.php +++ b/tests/lib/files/storage/wrapper/encryption.php @@ -51,10 +51,16 @@ class Encryption extends \Test\Files\Storage\Storage { $this->sourceStorage = new Temporary(array()); $keyStore = $this->getMockBuilder('\OC\Encryption\Keys\Storage') ->disableOriginalConstructor()->getMock(); + $mount = $this->getMockBuilder('\OC\Files\Mount\MountPoint') + ->disableOriginalConstructor() + ->setMethods(['getOption']) + ->getMock(); + $mount->expects($this->any())->method('getOption')->willReturn(true); $this->instance = new EncryptionWrapper([ 'storage' => $this->sourceStorage, 'root' => 'foo', - 'mountPoint' => '/' + 'mountPoint' => '/', + 'mount' => $mount ], $encryptionManager, $util, $logger, $file, null, $keyStore ); From 54a3bdf1c5cab73fd9fbedbfb94c78c9f720855b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Tue, 7 Apr 2015 12:46:07 +0200 Subject: [PATCH 117/119] fixing unit test execution related to trashbin --- apps/files_trashbin/lib/storage.php | 2 +- tests/lib/avatar.php | 13 +++++++++++++ tests/lib/streamwrappers.php | 14 ++++++++++++++ 3 files changed, 28 insertions(+), 1 deletion(-) diff --git a/apps/files_trashbin/lib/storage.php b/apps/files_trashbin/lib/storage.php index df80649a50..61e0816fd2 100644 --- a/apps/files_trashbin/lib/storage.php +++ b/apps/files_trashbin/lib/storage.php @@ -84,7 +84,7 @@ class Storage extends Wrapper { * @param string $path */ public function unlink($path) { - if (self::$disableTrash) { + if (self::$disableTrash || !\OC_App::isEnabled('files_trashbin')) { return $this->storage->unlink($path); } $normalized = Filesystem::normalizePath($this->mountPoint . '/' . $path); diff --git a/tests/lib/avatar.php b/tests/lib/avatar.php index e852a7fc6f..9e1f367108 100644 --- a/tests/lib/avatar.php +++ b/tests/lib/avatar.php @@ -10,7 +10,9 @@ use OC\Avatar; class Test_Avatar extends \Test\TestCase { + private static $trashBinStatus; + /** @var @var string */ private $user; protected function setUp() { @@ -21,6 +23,17 @@ class Test_Avatar extends \Test\TestCase { \OC\Files\Filesystem::mount($storage, array(), '/' . $this->user . '/'); } + public static function setUpBeforeClass() { + self::$trashBinStatus = \OC_App::isEnabled('files_trashbin'); + \OC_App::disable('files_trashbin'); + } + + public static function tearDownAfterClass() { + if (self::$trashBinStatus) { + \OC_App::enable('files_trashbin'); + } + } + public function testAvatar() { $avatar = new Avatar($this->user); diff --git a/tests/lib/streamwrappers.php b/tests/lib/streamwrappers.php index 2a8c8676c1..fc3d02acae 100644 --- a/tests/lib/streamwrappers.php +++ b/tests/lib/streamwrappers.php @@ -21,6 +21,20 @@ */ class Test_StreamWrappers extends \Test\TestCase { + + private static $trashBinStatus; + + public static function setUpBeforeClass() { + self::$trashBinStatus = \OC_App::isEnabled('files_trashbin'); + \OC_App::disable('files_trashbin'); + } + + public static function tearDownAfterClass() { + if (self::$trashBinStatus) { + \OC_App::enable('files_trashbin'); + } + } + public function testFakeDir() { $items = array('foo', 'bar'); \OC\Files\Stream\Dir::register('test', $items); From 161d80da5bd1f025dfec40dd18ae17e343dd7b5d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Tue, 7 Apr 2015 14:17:28 +0200 Subject: [PATCH 118/119] In case of encryption exceptions we return 503 - this will allow the client to retry --- lib/private/connector/sabre/file.php | 122 +++++++++++++++------------ 1 file changed, 68 insertions(+), 54 deletions(-) diff --git a/lib/private/connector/sabre/file.php b/lib/private/connector/sabre/file.php index f6f5daf207..b4acaa1507 100644 --- a/lib/private/connector/sabre/file.php +++ b/lib/private/connector/sabre/file.php @@ -35,9 +35,24 @@ namespace OC\Connector\Sabre; +use OC\Connector\Sabre\Exception\EntityTooLarge; +use OC\Connector\Sabre\Exception\FileLocked; +use OC\Connector\Sabre\Exception\UnsupportedMediaType; use OCP\Encryption\Exceptions\GenericEncryptionException; +use OCP\Files\EntityTooLargeException; +use OCP\Files\InvalidContentException; +use OCP\Files\InvalidPathException; +use OCP\Files\LockNotAcquiredException; +use OCP\Files\NotPermittedException; +use OCP\Files\StorageNotAvailableException; +use Sabre\DAV\Exception; +use Sabre\DAV\Exception\BadRequest; +use Sabre\DAV\Exception\Forbidden; +use Sabre\DAV\Exception\NotImplemented; +use Sabre\DAV\Exception\ServiceUnavailable; +use Sabre\DAV\IFile; -class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { +class File extends Node implements IFile { /** * Updates the data @@ -58,22 +73,22 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { * * @param resource $data * - * @throws \Sabre\DAV\Exception\Forbidden - * @throws \OC\Connector\Sabre\Exception\UnsupportedMediaType - * @throws \Sabre\DAV\Exception\BadRequest - * @throws \Sabre\DAV\Exception - * @throws \OC\Connector\Sabre\Exception\EntityTooLarge - * @throws \Sabre\DAV\Exception\ServiceUnavailable + * @throws Forbidden + * @throws UnsupportedMediaType + * @throws BadRequest + * @throws Exception + * @throws EntityTooLarge + * @throws ServiceUnavailable * @return string|null */ public function put($data) { try { if ($this->info && $this->fileView->file_exists($this->path) && !$this->info->isUpdateable()) { - throw new \Sabre\DAV\Exception\Forbidden(); + throw new Forbidden(); } - } catch (\OCP\Files\StorageNotAvailableException $e) { - throw new \Sabre\DAV\Exception\ServiceUnavailable("File is not updatable: ".$e->getMessage()); + } catch (StorageNotAvailableException $e) { + throw new ServiceUnavailable("File is not updatable: ".$e->getMessage()); } // verify path of the target @@ -101,31 +116,29 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { \OC_Log::write('webdav', '\OC\Files\Filesystem::file_put_contents() failed', \OC_Log::ERROR); $this->fileView->unlink($partFilePath); // because we have no clue about the cause we can only throw back a 500/Internal Server Error - throw new \Sabre\DAV\Exception('Could not write file contents'); + throw new Exception('Could not write file contents'); } - } catch (\OCP\Files\NotPermittedException $e) { + } catch (NotPermittedException $e) { // a more general case - due to whatever reason the content could not be written - throw new \Sabre\DAV\Exception\Forbidden($e->getMessage()); - - } catch (\OCP\Files\EntityTooLargeException $e) { + throw new Forbidden($e->getMessage()); + } catch (EntityTooLargeException $e) { // the file is too big to be stored - throw new \OC\Connector\Sabre\Exception\EntityTooLarge($e->getMessage()); - - } catch (\OCP\Files\InvalidContentException $e) { + throw new EntityTooLarge($e->getMessage()); + } catch (InvalidContentException $e) { // the file content is not permitted - throw new \OC\Connector\Sabre\Exception\UnsupportedMediaType($e->getMessage()); - - } catch (\OCP\Files\InvalidPathException $e) { + throw new UnsupportedMediaType($e->getMessage()); + } catch (InvalidPathException $e) { // the path for the file was not valid // TODO: find proper http status code for this case - throw new \Sabre\DAV\Exception\Forbidden($e->getMessage()); - } catch (\OCP\Files\LockNotAcquiredException $e) { + throw new Forbidden($e->getMessage()); + } catch (LockNotAcquiredException $e) { // the file is currently being written to by another process - throw new \OC\Connector\Sabre\Exception\FileLocked($e->getMessage(), $e->getCode(), $e); + throw new FileLocked($e->getMessage(), $e->getCode(), $e); } catch (GenericEncryptionException $e) { - throw new \Sabre\DAV\Exception\Forbidden($e->getMessage()); - } catch (\OCP\Files\StorageNotAvailableException $e) { - throw new \Sabre\DAV\Exception\ServiceUnavailable("Failed to write file contents: ".$e->getMessage()); + // returning 503 will allow retry of the operation at a later point in time + throw new ServiceUnavailable("Encryption not ready: " . $e->getMessage()); + } catch (StorageNotAvailableException $e) { + throw new ServiceUnavailable("Failed to write file contents: ".$e->getMessage()); } try { @@ -137,7 +150,7 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { $actual = $this->fileView->filesize($partFilePath); if ($actual != $expected) { $this->fileView->unlink($partFilePath); - throw new \Sabre\DAV\Exception\BadRequest('expected filesize ' . $expected . ' got ' . $actual); + throw new BadRequest('expected filesize ' . $expected . ' got ' . $actual); } } @@ -149,12 +162,12 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { if ($renameOkay === false || $fileExists === false) { \OC_Log::write('webdav', '\OC\Files\Filesystem::rename() failed', \OC_Log::ERROR); $this->fileView->unlink($partFilePath); - throw new \Sabre\DAV\Exception('Could not rename part file to final file'); + throw new Exception('Could not rename part file to final file'); } } - catch (\OCP\Files\LockNotAcquiredException $e) { + catch (LockNotAcquiredException $e) { // the file is currently being written to by another process - throw new \OC\Connector\Sabre\Exception\FileLocked($e->getMessage(), $e->getCode(), $e); + throw new FileLocked($e->getMessage(), $e->getCode(), $e); } } @@ -166,8 +179,8 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { } } $this->refreshInfo(); - } catch (\OCP\Files\StorageNotAvailableException $e) { - throw new \Sabre\DAV\Exception\ServiceUnavailable("Failed to check file size: ".$e->getMessage()); + } catch (StorageNotAvailableException $e) { + throw new ServiceUnavailable("Failed to check file size: ".$e->getMessage()); } return '"' . $this->info->getEtag() . '"'; @@ -176,38 +189,39 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { /** * Returns the data * @return string|resource - * @throws \Sabre\DAV\Exception\Forbidden - * @throws \Sabre\DAV\Exception\ServiceUnavailable + * @throws Forbidden + * @throws ServiceUnavailable */ public function get() { //throw exception if encryption is disabled but files are still encrypted try { return $this->fileView->fopen(ltrim($this->path, '/'), 'rb'); - } catch (\OCP\Encryption\Exceptions\GenericEncryptionException $e) { - throw new \Sabre\DAV\Exception\Forbidden($e->getMessage()); - } catch (\OCP\Files\StorageNotAvailableException $e) { - throw new \Sabre\DAV\Exception\ServiceUnavailable("Failed to open file: ".$e->getMessage()); + } catch (GenericEncryptionException $e) { + // returning 503 will allow retry of the operation at a later point in time + throw new ServiceUnavailable("Encryption not ready: " . $e->getMessage()); + } catch (StorageNotAvailableException $e) { + throw new ServiceUnavailable("Failed to open file: ".$e->getMessage()); } } /** * Delete the current file - * @throws \Sabre\DAV\Exception\Forbidden - * @throws \Sabre\DAV\Exception\ServiceUnavailable + * @throws Forbidden + * @throws ServiceUnavailable */ public function delete() { if (!$this->info->isDeletable()) { - throw new \Sabre\DAV\Exception\Forbidden(); + throw new Forbidden(); } try { if (!$this->fileView->unlink($this->path)) { // assume it wasn't possible to delete due to permissions - throw new \Sabre\DAV\Exception\Forbidden(); + throw new Forbidden(); } - } catch (\OCP\Files\StorageNotAvailableException $e) { - throw new \Sabre\DAV\Exception\ServiceUnavailable("Failed to unlink: ".$e->getMessage()); + } catch (StorageNotAvailableException $e) { + throw new ServiceUnavailable("Failed to unlink: ".$e->getMessage()); } } @@ -247,10 +261,10 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { /** * @param resource $data * @return null|string - * @throws \Sabre\DAV\Exception - * @throws \Sabre\DAV\Exception\BadRequest - * @throws \Sabre\DAV\Exception\NotImplemented - * @throws \Sabre\DAV\Exception\ServiceUnavailable + * @throws Exception + * @throws BadRequest + * @throws NotImplemented + * @throws ServiceUnavailable */ private function createFileChunked($data) { @@ -258,7 +272,7 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { $info = \OC_FileChunking::decodeName($name); if (empty($info)) { - throw new \Sabre\DAV\Exception\NotImplemented(); + throw new NotImplemented(); } $chunk_handler = new \OC_FileChunking($info); $bytesWritten = $chunk_handler->store($info['index'], $data); @@ -269,7 +283,7 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { $expected = $_SERVER['CONTENT_LENGTH']; if ($bytesWritten != $expected) { $chunk_handler->remove($info['index']); - throw new \Sabre\DAV\Exception\BadRequest( + throw new BadRequest( 'expected filesize ' . $expected . ' got ' . $bytesWritten); } } @@ -295,7 +309,7 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { if ($fileExists) { $this->fileView->unlink($targetPath); } - throw new \Sabre\DAV\Exception('Could not rename part file assembled from chunks'); + throw new Exception('Could not rename part file assembled from chunks'); } } else { // assemble directly into the final file @@ -312,8 +326,8 @@ class File extends \OC\Connector\Sabre\Node implements \Sabre\DAV\IFile { $info = $this->fileView->getFileInfo($targetPath); return $info->getEtag(); - } catch (\OCP\Files\StorageNotAvailableException $e) { - throw new \Sabre\DAV\Exception\ServiceUnavailable("Failed to put file: ".$e->getMessage()); + } catch (StorageNotAvailableException $e) { + throw new ServiceUnavailable("Failed to put file: ".$e->getMessage()); } } From 2d2cb09715554926945de29b80f033905a219abd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Tue, 7 Apr 2015 14:30:01 +0200 Subject: [PATCH 119/119] fixing unit test - expected value change due to different size being stored in cache table --- tests/lib/files/cache/cache.php | 2 +- tests/lib/files/storage/wrapper/quota.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/lib/files/cache/cache.php b/tests/lib/files/cache/cache.php index 3d7f77cb54..9a64375f4e 100644 --- a/tests/lib/files/cache/cache.php +++ b/tests/lib/files/cache/cache.php @@ -205,7 +205,7 @@ class Cache extends \Test\TestCase { $fileData['unkownSize'] = array('size' => 5, 'mtime' => 25, 'mimetype' => 'foo/file'); $this->cache->put($file4, $fileData['unkownSize']); - $this->assertEquals(916, $this->cache->calculateFolderSize($file1)); + $this->assertEquals(1025, $this->cache->calculateFolderSize($file1)); // direct cache entry retrieval returns the original values $entry = $this->cache->get($file1); $this->assertEquals(1025, $entry['size']); diff --git a/tests/lib/files/storage/wrapper/quota.php b/tests/lib/files/storage/wrapper/quota.php index ec2c907ba9..a5828296be 100644 --- a/tests/lib/files/storage/wrapper/quota.php +++ b/tests/lib/files/storage/wrapper/quota.php @@ -87,7 +87,7 @@ class Quota extends \Test\Files\Storage\Storage { $instance->getCache()->put( '', array('size' => 7) ); - $this->assertEquals(6, $instance->free_space('')); + $this->assertEquals(2, $instance->free_space('')); } public function testFWriteNotEnoughSpace() {