mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

cleanup - more to come after

This commit is contained in:
Thomas Müller 2013-02-09 18:01:38 +01:00
parent b95bc663af
commit 7f58e27495
10 changed files with 423 additions and 588 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
apps/files_encryption/ajax/mode.php
View File

@ -1,38 +0,0 @@
<?php
/**
* Copyright (c) 2012, Bjoern Schiessle <schiessle@owncloud.com>
* This file is licensed under the Affero General Public License version 3 or later.
* See the COPYING-README file.
*/
use OCA\Encryption\Keymanager;
OCP\JSON::checkAppEnabled('files_encryption');
OCP\JSON::checkLoggedIn();
OCP\JSON::callCheck();
$mode = $_POST['mode'];
$changePasswd = false;
$passwdChanged = false;
if ( isset($_POST['newpasswd']) && isset($_POST['oldpasswd']) ) {
$oldpasswd = $_POST['oldpasswd'];
$newpasswd = $_POST['newpasswd'];
$changePasswd = true;
$passwdChanged = Keymanager::changePasswd($oldpasswd, $newpasswd);
}
$query = \OC_DB::prepare( "SELECT mode FROM *PREFIX*encryption WHERE uid = ?" );
$result = $query->execute(array(\OCP\User::getUser()));
if ($result->fetchRow()){
$query = OC_DB::prepare( 'UPDATE *PREFIX*encryption SET mode = ? WHERE uid = ?' );
} else {
$query = OC_DB::prepare( 'INSERT INTO *PREFIX*encryption ( mode, uid ) VALUES( ?, ? )' );
}
if ( (!$changePasswd || $passwdChanged) && $query->execute(array($mode, \OCP\User::getUser())) ) {
OCP\JSON::success();
} else {
OCP\JSON::error();
}

4
apps/files_encryption/appinfo/app.php
View File

@ -43,6 +43,6 @@ if (
}
// Reguster settings scripts
// Register settings scripts
OCP\App::registerAdmin( 'files_encryption', 'settings' );
OCP\App::registerPersonal( 'files_encryption', 'settings-personal' );
OCP\App::registerPersonal( 'files_encryption', 'settings-personal' );

10
apps/files_encryption/hooks/hooks.php
View File

@ -165,16 +165,6 @@ class Hooks {
* @brief
*/
public static function postShared( $params ) {
// Delete existing catfile
Keymanager::deleteFileKey( );
// Generate new catfile and env keys
Crypt::multiKeyEncrypt( $plainContent, $publicKeys );
// Save env keys to user folders
}
/**

38
apps/files_encryption/js/settings-personal.js
View File

@ -1,38 +0,0 @@
/**
* Copyright (c) 2012, Bjoern Schiessle <schiessle@owncloud.com>
* This file is licensed under the Affero General Public License version 3 or later.
* See the COPYING-README file.
*/
$(document).ready(function(){
$('input[name=encryption_mode]').change(function(){
var prevmode = document.getElementById('prev_encryption_mode').value
var client=$('input[value="client"]:checked').val()
,server=$('input[value="server"]:checked').val()
,user=$('input[value="user"]:checked').val()
,none=$('input[value="none"]:checked').val()
if (client) {
$.post(OC.filePath('files_encryption', 'ajax', 'mode.php'), { mode: 'client' });
if (prevmode == 'server') {
OC.dialogs.info(t('encryption', 'Please switch to your ownCloud client and change your encryption password to complete the conversion.'), t('encryption', 'switched to client side encryption'));
}
} else if (server) {
if (prevmode == 'client') {
OC.dialogs.form([{text:'Login password', name:'newpasswd', type:'password'},{text:'Encryption password used on the client', name:'oldpasswd', type:'password'}],t('encryption', 'Change encryption password to login password'), function(data) {
$.post(OC.filePath('files_encryption', 'ajax', 'mode.php'), { mode: 'server', newpasswd: data[0].value, oldpasswd: data[1].value }, function(result) {
if (result.status != 'success') {
document.getElementById(prevmode+'_encryption').checked = true;
OC.dialogs.alert(t('encryption', 'Please check your passwords and try again.'), t('encryption', 'Could not change your file encryption password to your login password'))
} else {
console.log("alles super");
}
}, true);
});
} else {
$.post(OC.filePath('files_encryption', 'ajax', 'mode.php'), { mode: 'server' });
}
} else {
$.post(OC.filePath('files_encryption', 'ajax', 'mode.php'), { mode: 'none' });
}
})
})

29
apps/files_encryption/js/settings.js
View File

@ -9,38 +9,11 @@ $(document).ready(function(){
$('#encryption_blacklist').multiSelect({
oncheck:blackListChange,
onuncheck:blackListChange,
createText:'...',
createText:'...'
});
function blackListChange(){
var blackList=$('#encryption_blacklist').val().join(',');
OC.AppConfig.setValue('files_encryption','type_blacklist',blackList);
}
//TODO: Handle switch between client and server side encryption
$('input[name=encryption_mode]').change(function(){
var client=$('input[value="client"]:checked').val()
,server=$('input[value="server"]:checked').val()
,user=$('input[value="user"]:checked').val()
,none=$('input[value="none"]:checked').val()
,disable=false
if (client) {
OC.AppConfig.setValue('files_encryption','mode','client');
disable = true;
} else if (server) {
OC.AppConfig.setValue('files_encryption','mode','server');
disable = true;
} else if (user) {
OC.AppConfig.setValue('files_encryption','mode','user');
disable = true;
} else {
OC.AppConfig.setValue('files_encryption','mode','none');
}
if (disable) {
document.getElementById('server_encryption').disabled = true;
document.getElementById('client_encryption').disabled = true;
document.getElementById('user_encryption').disabled = true;
document.getElementById('none_encryption').disabled = true;
}
})
})

779
apps/files_encryption/lib/crypt.php
View File

File diff suppressed because it is too large Load Diff

103
apps/files_encryption/lib/keymanager.php
View File

@ -28,7 +28,7 @@ namespace OCA\Encryption;
* @note Where a method requires a view object, it's root must be '/'
*/
class Keymanager {
/**
* @brief retrieve the ENCRYPTED private key from a user
*
@ -46,8 +46,8 @@ class Keymanager {
/**
* @brief retrieve public key for a specified user
* @param \OC_FilesystemView $view
* @param $userId
* @param \OC_FilesystemView $view
* @param $userId
* @return string public key or false
*/
public static function getPublicKey( \OC_FilesystemView $view, $userId ) {
@ -58,8 +58,8 @@ class Keymanager {
/**
* @brief retrieve both keys from a user (private and public)
* @param \OC_FilesystemView $view
* @param $userId
* @param \OC_FilesystemView $view
* @param $userId
* @return array keys: privateKey, publicKey
*/
public static function getUserKeys( \OC_FilesystemView $view, $userId ) {
@ -148,11 +148,11 @@ class Keymanager {
/**
* @brief retrieve keyfile for an encrypted file
* @param \OC_FilesystemView $view
* @param $userId
* @param $filePath
* @internal param \OCA\Encryption\file $string name
* @return string file key or false
* @param \OC_FilesystemView $view
* @param $userId
* @param $filePath
* @internal param \OCA\Encryption\file $string name
* @return string file key or false
* @note The keyfile returned is asymmetrically encrypted. Decryption
* of the keyfile must be performed by client code
*/
@ -177,12 +177,12 @@ class Keymanager {
/**
* @brief Delete a keyfile
*
* @param OC_FilesystemView $view
* @param string $userId username
* @param string $path path of the file the key belongs to
* @return bool Outcome of unlink operation
* @note $path must be relative to data/user/files. e.g. mydoc.txt NOT
* /data/admin/files/mydoc.txt
* @param OC_FilesystemView $view
* @param string $userId username
* @param string $path path of the file the key belongs to
* @return bool Outcome of unlink operation
* @note $path must be relative to data/user/files. e.g. mydoc.txt NOT
* /data/admin/files/mydoc.txt
*/
public static function deleteFileKey( \OC_FilesystemView $view, $userId, $path ) {
@ -220,12 +220,11 @@ class Keymanager {
\OC_FileProxy::$enabled = false;
if ( !$view->file_exists( '' ) ) $view->mkdir( '' );
if ( !$view->file_exists( '' ) )
$view->mkdir( '' );
return $view->file_put_contents( $user . '.private.key', $key );
\OC_FileProxy::$enabled = true;
}
/**
@ -253,24 +252,24 @@ class Keymanager {
\OC_FileProxy::$enabled = false;
if ( !$view->file_exists( '' ) ) $view->mkdir( '' );
if ( !$view->file_exists( '' ) )
$view->mkdir( '' );
return $view->file_put_contents( \OCP\User::getUser() . '.public.key', $key );
\OC_FileProxy::$enabled = true;
}
/**
* @brief store file encryption key
*
* @param string $path relative path of the file, including filename
* @param string $key
* @param null $view
* @param string $dbClassName
* @return bool true/false
* @note The keyfile is not encrypted here. Client code must
* asymmetrically encrypt the keyfile before passing it to this method
* @brief store file encryption key
*
* @param string $path relative path of the file, including filename
* @param string $key
* @param null $view
* @param string $dbClassName
* @return bool true/false
* @note The keyfile is not encrypted here. Client code must
* asymmetrically encrypt the keyfile before passing it to this method
*/
public static function setShareKey( \OC_FilesystemView $view, $path, $userId, $shareKey ) {
@ -280,54 +279,38 @@ class Keymanager {
return $view->file_put_contents( $basePath . '/' . $shareKeyPath . '.shareKey', $shareKey );
}
/**
* @brief Make preparations to vars and filesystem for saving a keyfile
*/
public static function keySetPreparation( \OC_FilesystemView $view, $path, $basePath, $userId ) {
}
/**
* @brief Make preparations to vars and filesystem for saving a keyfile
*/
public static function keySetPreparation( \OC_FilesystemView $view, $path, $basePath, $userId ) {
$targetPath = ltrim( $path, '/' );
$path_parts = pathinfo( $targetPath );
// If the file resides within a subdirectory, create it
if (
isset( $path_parts['dirname'] )
&& ! $view->file_exists( $basePath . '/' . $path_parts['dirname'] )
if (
isset( $path_parts['dirname'] )
&& ! $view->file_exists( $basePath . '/' . $path_parts['dirname'] )
) {
$view->mkdir( $basePath . '/' . $path_parts['dirname'] );
}
return $targetPath;
}
return $targetPath;
/**
* @brief change password of private encryption key
*
* @param string $oldpasswd old password
* @param string $newpasswd new password
* @return bool true/false
*/
public static function changePasswd($oldpasswd, $newpasswd) {
if ( \OCP\User::checkPassword(\OCP\User::getUser(), $newpasswd) ) {
return Crypt::changekeypasscode($oldpasswd, $newpasswd);
}
return false;
}
/**
* @brief Fetch the legacy encryption key from user files
* @param string $login used to locate the legacy key
* @param string $passphrase used to decrypt the legacy key
* @return true / false
*
* if the key is left out, the default handeler will be used
* if the key is left out, the default handler will be used
*/
public function getLegacyKey() {

6
apps/files_encryption/lib/stream.php
View File

@ -173,7 +173,7 @@ class Stream {
// $count will always be 8192 https://bugs.php.net/bug.php?id=21641
// This makes this function a lot simpler, but will break this class if the above 'bug' gets 'fixed'
\OCP\Util::writeLog( 'files_encryption', 'PHP "bug" 21641 no longer holds, decryption system requires refactoring', OCP\Util::FATAL );
\OCP\Util::writeLog( 'files_encryption', 'PHP "bug" 21641 no longer holds, decryption system requires refactoring', \OCP\Util::FATAL );
die();
@ -209,7 +209,7 @@ class Stream {
}
/**
* @brief Encrypt and pad data ready for writting to disk
* @brief Encrypt and pad data ready for writing to disk
* @param string $plainData data to be encrypted
* @param string $key key to use for encryption
* @return encrypted data on success, false on failure
@ -403,7 +403,7 @@ class Stream {
$encrypted = $this->preWriteEncrypt( $chunk, $this->keyfile );
// Write the data chunk to disk. This will be
// addended to the last data chunk if the file
// attended to the last data chunk if the file
// being handled totals more than 6126 bytes
fwrite( $this->handle, $encrypted );

2
apps/files_encryption/settings-personal.php
View File

@ -12,8 +12,6 @@ $blackList = explode( ',', \OCP\Config::getAppValue( 'files_encryption', 'type_b
$tmpl->assign( 'blacklist', $blackList );
OCP\Util::addscript('files_encryption','settings-personal');
return $tmpl->fetchPage();
return null;

2
apps/files_encryption/templates/settings-personal.php
View File

@ -16,7 +16,7 @@
<?php echo $type; ?>
</li>
<?php endforeach; ?>
</p>
</ul>
<?php endif; ?>
</fieldset>
</form>