Merge pull request #1506 from owncloud/files_encryption

Files encryption

apps/files_encryption/appinfo/app.php

@@ -12,7 +12,7 @@ OC_FileProxy::register( new OCA\Encryption\Proxy() );
 
 // User-related hooks
 OCP\Util::connectHook( 'OC_User', 'post_login', 'OCA\Encryption\Hooks', 'login' );
-OCP\Util::connectHook( 'OC_User', 'post_setPassword','OCA\Encryption\Hooks', 'setPassphrase' );
+OCP\Util::connectHook( 'OC_User', 'pre_setPassword','OCA\Encryption\Hooks', 'setPassphrase' );
 
 // Sharing-related hooks
 OCP\Util::connectHook( 'OCP\Share', 'post_shared', 'OCA\Encryption\Hooks', 'postShared' );

apps/files_encryption/hooks/hooks.php

@@ -38,12 +38,15 @@ class Hooks {
 	 */
 	public static function login( $params ) {
 	
+		// Manually initialise Filesystem{} singleton with correct 
+		// fake root path, in order to avoid fatal webdav errors
 		\OC\Files\Filesystem::init( $params['uid'] . '/' . 'files' . '/' );
 	
 		$view = new \OC_FilesystemView( '/' );
 
 		$util = new Util( $view, $params['uid'] );
 		
+		// Check files_encryption infrastructure is ready for action
 		if ( ! $util->ready() ) {
 			
 			\OC_Log::write( 'Encryption library', 'User account "' . $params['uid'] . '" is not ready for encryption; configuration started', \OC_Log::DEBUG );
@@ -110,8 +113,10 @@ class Hooks {
 		// the necessary keys)
 		if ( Crypt::mode() == 'server' ) {
 			
+			$session = new Session();
+			
 			// Get existing decrypted private key
-			$privateKey = $_SESSION['privateKey'];
+			$privateKey = $session->getPrivateKey();
 			
 			// Encrypt private key with new user pwd as passphrase
 			$encryptedPrivateKey = Crypt::symmetricEncryptFileContent( $privateKey, $params['password'] );

apps/files_encryption/lib/crypt.php

@@ -46,24 +46,6 @@ class Crypt {
 	 */
 	public static function mode( $user = null ) {
 
-// 		$mode = \OC_Appconfig::getValue( 'files_encryption', 'mode', 'none' );
-// 
-// 		if ( $mode == 'user') {
-// 			if ( !$user ) {
-// 				$user = \OCP\User::getUser();
-// 			}
-// 			$mode = 'none';
-// 			if ( $user ) {
-// 				$query = \OC_DB::prepare( "SELECT mode FROM *PREFIX*encryption WHERE uid = ?" );
-// 				$result = $query->execute(array($user));
-// 				if ($row = $result->fetchRow()){
-// 					$mode = $row['mode'];
-// 				}
-// 			}
-// 		}
-// 		
-// 		return $mode;
-
 		return 'server';
 		
 	}
@@ -134,12 +116,6 @@ class Crypt {
          */
 	public static function isCatfile( $content ) {
 		
-		if ( !$content ) {
-		
-			return false;
-			
-		}
-		
 		$noPadding = self::removePadding( $content );
 		
 		// Fetch encryption metadata from end of file

apps/files_encryption/lib/util.php

@@ -69,11 +69,6 @@ class Util {
 	//// DONE: add method to fetch legacy key
 	//// DONE: add method to decrypt legacy encrypted data
 	
-	//// TODO: add method to encrypt all user files using new system
-	//// TODO: add method to decrypt all user files using new system
-	//// TODO: add method to encrypt all user files using old system
-	//// TODO: add method to decrypt all user files using old system
-	
 	
 	// Admin UI:
 	
@@ -93,7 +88,6 @@ class Util {
 	
 	// Integration testing:
 	
-	//// TODO: test new encryption with webdav
 	//// TODO: test new encryption with versioning
 	//// TODO: test new encryption with sharing
 	//// TODO: test new encryption with proxies
@@ -278,7 +272,7 @@ class Util {
 						// will eat server resources :(
 						if ( 
 							Keymanager::getFileKey( $this->view, $this->userId, $file ) 
-							&& Crypt::isCatfile( $filePath )
+							&& Crypt::isCatfile( $data )
 						) {
 						
 							$found['encrypted'][] = array( 'name' => $file, 'path' => $filePath );
@@ -391,7 +385,6 @@ class Util {
 			
 			}
 			
-			// FIXME: Legacy recrypting here isn't finished yet
 			// Encrypt legacy encrypted files
 			if ( 
 				! empty( $legacyPassphrase ) 
@@ -437,6 +430,11 @@ class Util {
 		
 	}
 	
+	/**
+	 * @brief Return important encryption related paths
+	 * @param string $pathName Name of the directory to return the path of
+	 * @return string path
+	 */
 	public function getPath( $pathName ) {
 	
 		switch ( $pathName ) {

lib/hook.php

@@ -20,15 +20,18 @@ class OC_Hook{
 	 * TODO: write example
 	 */
 	static public function connect( $signalclass, $signalname, $slotclass, $slotname ) {
-		// Create the data structure
+		// If we're trying to connect to an emitting class that isn't 
+		// yet registered, register it
 		if( !array_key_exists( $signalclass, self::$registered )) {
 			self::$registered[$signalclass] = array();
 		}
+		// If we're trying to connect to an emitting method that isn't 
+		// yet registered, register it with the emitting class
 		if( !array_key_exists( $signalname, self::$registered[$signalclass] )) {			
 			self::$registered[$signalclass][$signalname] = array();
 		}
 		
-		// register hook
+		// Connect the hook handler to the requested emitter
 		self::$registered[$signalclass][$signalname][] = array(
 		  "class" => $slotclass,
 		  "name" => $slotname );
@@ -49,10 +52,15 @@ class OC_Hook{
 	 * TODO: write example
 	 */
 	static public function emit( $signalclass, $signalname, $params = array()) {
-		// Return false if there are no slots
+		
+		// Return false if no hook handlers are listening to this
+		// emitting class
 		if( !array_key_exists( $signalclass, self::$registered )) {
 			return false;
 		}
+		
+		// Return false if no hook handlers are listening to this
+		// emitting method
 		if( !array_key_exists( $signalname, self::$registered[$signalclass] )) {
 			return false;
 		}

settings/ajax/changepassword.php

@@ -4,6 +4,9 @@
 OCP\JSON::callCheck();
 OC_JSON::checkLoggedIn();
 
+// Manually load apps to ensure hooks work correctly (workaround for issue 1503)
+OC_APP::loadApps();
+
 $username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
 $password = $_POST["password"];
 $oldPassword=isset($_POST["oldpassword"])?$_POST["oldpassword"]:'';