Merge branch 'files_encryption' of github.com:owncloud/core into files_encryption
This commit is contained in:
commit
8790ceba25
|
@ -237,6 +237,11 @@ class Proxy extends \OC_FileProxy {
|
||||||
*/
|
*/
|
||||||
public function preUnlink( $path ) {
|
public function preUnlink( $path ) {
|
||||||
|
|
||||||
|
// let the trashbin handle this
|
||||||
|
if ( \OCP\App::isEnabled('files_trashbin') ) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
$path = Keymanager::fixPartialFilePath( $path );
|
$path = Keymanager::fixPartialFilePath( $path );
|
||||||
|
|
||||||
// Disable encryption proxy to prevent recursive calls
|
// Disable encryption proxy to prevent recursive calls
|
||||||
|
@ -283,38 +288,54 @@ class Proxy extends \OC_FileProxy {
|
||||||
* @return bool Result of rename()
|
* @return bool Result of rename()
|
||||||
* @note This is pre rather than post because using post didn't work
|
* @note This is pre rather than post because using post didn't work
|
||||||
*/
|
*/
|
||||||
public function preRename( $oldPath, $newPath ) {
|
public function preRename( $oldPath, $newPath )
|
||||||
|
{
|
||||||
|
|
||||||
// Disable encryption proxy to prevent recursive calls
|
// Disable encryption proxy to prevent recursive calls
|
||||||
\OC_FileProxy::$enabled = false;
|
\OC_FileProxy::$enabled = false;
|
||||||
|
|
||||||
$view = new \OC_FilesystemView( '/' );
|
$view = new \OC_FilesystemView('/');
|
||||||
|
|
||||||
$userId = \OCP\USER::getUser();
|
$userId = \OCP\USER::getUser();
|
||||||
|
|
||||||
// Format paths to be relative to user files dir
|
// Format paths to be relative to user files dir
|
||||||
$oldTrimmed = ltrim( $oldPath, '/' );
|
$oldTrimmed = ltrim($oldPath, '/');
|
||||||
$oldSplit = explode( '/', $oldTrimmed );
|
$oldSplit = explode('/', $oldTrimmed);
|
||||||
$oldSliced = array_slice( $oldSplit, 2 );
|
$oldSliced = array_slice($oldSplit, 2);
|
||||||
$oldRelPath = implode( '/', $oldSliced );
|
$oldRelPath = implode('/', $oldSliced);
|
||||||
$oldKeyfilePath = $userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $oldRelPath . '.key';
|
$oldKeyfilePath = $userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $oldRelPath;
|
||||||
|
|
||||||
$newTrimmed = ltrim( $newPath, '/' );
|
|
||||||
$newSplit = explode( '/', $newTrimmed );
|
|
||||||
$newSliced = array_slice( $newSplit, 2 );
|
|
||||||
$newRelPath = implode( '/', $newSliced );
|
|
||||||
$newKeyfilePath = $userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $newRelPath . '.key';
|
|
||||||
|
|
||||||
// Rename keyfile so it isn't orphaned
|
$newTrimmed = ltrim($newPath, '/');
|
||||||
$result = $view->rename( $oldKeyfilePath, $newKeyfilePath );
|
$newSplit = explode('/', $newTrimmed);
|
||||||
|
$newSliced = array_slice($newSplit, 2);
|
||||||
|
$newRelPath = implode('/', $newSliced);
|
||||||
|
$newKeyfilePath = $userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $newRelPath;
|
||||||
|
|
||||||
\OC_FileProxy::$enabled = true;
|
// add key ext if this is not an folder
|
||||||
|
if (!$view->is_dir($oldKeyfilePath)) {
|
||||||
|
$oldKeyfilePath .= '.key';
|
||||||
|
$newKeyfilePath .= '.key';
|
||||||
|
} else {
|
||||||
|
// handle share-keys folders
|
||||||
|
$oldShareKeyfilePath = $userId . '/' . 'files_encryption' . '/' . 'share-keys' . '/' . $oldRelPath;
|
||||||
|
$newShareKeyfilePath = $userId . '/' . 'files_encryption' . '/' . 'share-keys' . '/' . $newRelPath;
|
||||||
|
$view->rename($oldShareKeyfilePath, $newShareKeyfilePath);
|
||||||
|
}
|
||||||
|
|
||||||
return $result;
|
//TODO add support for share-keys files
|
||||||
|
//...
|
||||||
|
|
||||||
}
|
// Rename keyfile so it isn't orphaned
|
||||||
|
$result = $view->rename($oldKeyfilePath, $newKeyfilePath);
|
||||||
|
|
||||||
public function postFopen( $path, &$result ){
|
\OC_FileProxy::$enabled = true;
|
||||||
|
|
||||||
|
return $result;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
public function postFopen( $path, &$result ){
|
||||||
|
|
||||||
if ( !$result ) {
|
if ( !$result ) {
|
||||||
|
|
||||||
|
@ -417,16 +438,54 @@ class Proxy extends \OC_FileProxy {
|
||||||
|
|
||||||
public function postFileSize( $path, $size ) {
|
public function postFileSize( $path, $size ) {
|
||||||
|
|
||||||
if ( Crypt::isCatfileContent( $path ) ) {
|
// Reformat path for use with OC_FSV
|
||||||
|
$path_split = explode('/', $path);
|
||||||
|
$path_f = implode('/', array_slice($path_split, 3));
|
||||||
|
|
||||||
$cached = \OC\Files\Filesystem::getFileInfo( $path, '' );
|
$view = new \OC_FilesystemView( '/' );
|
||||||
|
$userId = \OCP\User::getUser();
|
||||||
|
$util = new Util( $view, $userId );
|
||||||
|
|
||||||
return $cached['size'];
|
if ($util->isEncryptedPath($path)) {
|
||||||
|
|
||||||
} else {
|
// Disable encryption proxy to prevent recursive calls
|
||||||
|
\OC_FileProxy::$enabled = false;
|
||||||
|
|
||||||
return $size;
|
// get file info
|
||||||
|
$cached = \OC\Files\Filesystem::getFileInfo($path_f, '');
|
||||||
|
|
||||||
}
|
// calculate last chunk nr
|
||||||
|
$lastChunckNr = floor($size / 8192);
|
||||||
|
|
||||||
|
// open stream
|
||||||
|
$result = fopen('crypt://' . $path_f, "r");
|
||||||
|
|
||||||
|
if(is_resource($result)) {
|
||||||
|
// calculate last chunk position
|
||||||
|
$lastChunckPos = ($lastChunckNr * 8192);
|
||||||
|
|
||||||
|
// seek to end
|
||||||
|
fseek($result, $lastChunckPos);
|
||||||
|
|
||||||
|
// get the content of the last chunck
|
||||||
|
$lastChunkContent = fgets($result);
|
||||||
|
|
||||||
|
// calc the real file size with the size of the last chunk
|
||||||
|
$realSize = (($lastChunckNr * 6126) + strlen($lastChunkContent));
|
||||||
|
|
||||||
|
// set the size
|
||||||
|
$cached['size'] = $realSize;
|
||||||
|
}
|
||||||
|
|
||||||
|
// enable proxy
|
||||||
|
\OC_FileProxy::$enabled = true;
|
||||||
|
|
||||||
|
return $cached['size'];
|
||||||
|
|
||||||
|
} else {
|
||||||
|
|
||||||
|
return $size;
|
||||||
|
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -101,6 +101,9 @@ class Stream {
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
|
// Disable fileproxies so we can get the file size and open the source file without recursive encryption
|
||||||
|
\OC_FileProxy::$enabled = false;
|
||||||
|
|
||||||
if (
|
if (
|
||||||
$mode == 'w'
|
$mode == 'w'
|
||||||
or $mode == 'w+'
|
or $mode == 'w+'
|
||||||
|
@ -119,9 +122,6 @@ class Stream {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Disable fileproxies so we can open the source file without recursive encryption
|
|
||||||
\OC_FileProxy::$enabled = false;
|
|
||||||
|
|
||||||
//$this->handle = fopen( $this->rawPath, $mode );
|
//$this->handle = fopen( $this->rawPath, $mode );
|
||||||
|
|
||||||
$this->handle = $this->rootView->fopen( $this->rawPath, $mode );
|
$this->handle = $this->rootView->fopen( $this->rawPath, $mode );
|
||||||
|
@ -241,13 +241,12 @@ class Stream {
|
||||||
// Avoid problems with .part file extensions
|
// Avoid problems with .part file extensions
|
||||||
$this->relPath = Keymanager::fixPartialFilePath( $this->relPath );
|
$this->relPath = Keymanager::fixPartialFilePath( $this->relPath );
|
||||||
|
|
||||||
|
// Fetch and decrypt keyfile
|
||||||
|
// Fetch existing keyfile
|
||||||
|
$this->encKeyfile = Keymanager::getFileKey( $this->rootView, $this->userId, $this->relPath );
|
||||||
|
|
||||||
// If a keyfile already exists
|
// If a keyfile already exists
|
||||||
if ( $this->rootView->file_exists( $this->userId . '/'. 'files_encryption' . '/' . 'keyfiles' . '/' . $this->relPath . '.key' ) ) {
|
if ( $this->encKeyfile ) {
|
||||||
|
|
||||||
// Fetch and decrypt keyfile
|
|
||||||
// Fetch existing keyfile
|
|
||||||
$this->encKeyfile = Keymanager::getFileKey( $this->rootView, $this->userId, $this->relPath );
|
|
||||||
|
|
||||||
$this->setUserProperty();
|
$this->setUserProperty();
|
||||||
|
|
||||||
$session = new Session( $this->rootView );
|
$session = new Session( $this->rootView );
|
||||||
|
@ -339,10 +338,14 @@ class Stream {
|
||||||
// Get all users sharing the file
|
// Get all users sharing the file
|
||||||
$uniqueUserIds = $util->getSharingUsersArray( $sharingEnabled, $this->relPath );
|
$uniqueUserIds = $util->getSharingUsersArray( $sharingEnabled, $this->relPath );
|
||||||
|
|
||||||
|
// allways add current user
|
||||||
|
$uniqueUserIds[] = $this->userId;
|
||||||
|
array_unique( $uniqueUserIds );
|
||||||
|
|
||||||
// Fetch public keys for all sharing users
|
// Fetch public keys for all sharing users
|
||||||
$publicKeys = Keymanager::getPublicKeys( $this->rootView, $uniqueUserIds );
|
$publicKeys = Keymanager::getPublicKeys( $this->rootView, $uniqueUserIds );
|
||||||
|
|
||||||
// Encrypt enc key for all sharing users
|
// Encrypt enc key for all sharing users
|
||||||
$this->encKeyfiles = Crypt::multiKeyEncrypt( $this->plainKey, $publicKeys );
|
$this->encKeyfiles = Crypt::multiKeyEncrypt( $this->plainKey, $publicKeys );
|
||||||
|
|
||||||
$view = new \OC_FilesystemView( '/' );
|
$view = new \OC_FilesystemView( '/' );
|
||||||
|
@ -429,7 +432,7 @@ class Stream {
|
||||||
|
|
||||||
$encrypted = $this->preWriteEncrypt( $chunk, $this->plainKey );
|
$encrypted = $this->preWriteEncrypt( $chunk, $this->plainKey );
|
||||||
|
|
||||||
trigger_error("\$encrypted = $encrypted");
|
//trigger_error("\$encrypted = $encrypted");
|
||||||
|
|
||||||
// Write the data chunk to disk. This will be
|
// Write the data chunk to disk. This will be
|
||||||
// attended to the last data chunk if the file
|
// attended to the last data chunk if the file
|
||||||
|
@ -513,7 +516,7 @@ class Stream {
|
||||||
and $this->meta['mode']!='rb'
|
and $this->meta['mode']!='rb'
|
||||||
) {
|
) {
|
||||||
|
|
||||||
\OC\Files\Filesystem::putFileInfo( $this->path, array( 'encrypted' => true, 'size' => $this->size ), '' );
|
\OC\Files\Filesystem::putFileInfo( $this->relPath, array( 'encrypted' => true, 'size' => $this->size ), '' );
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue