update file encryption key over webdav properties for client side encryption

This commit is contained in:
Bjoern Schiessle 2012-07-31 15:03:28 +02:00
parent ee15c40b14
commit 9bab06537c
4 changed files with 43 additions and 4 deletions

View File

@ -10,6 +10,7 @@ OC::$CLASSPATH['OCA_Encryption\Proxy'] = 'apps/files_encryption/lib/proxy.php';
OC_FileProxy::register(new OCA_Encryption\Proxy());
OCP\Util::connectHook('OC_User','post_login','OCA_Encryption\Hooks','login');
OCP\Util::connectHook('OC_Webdav_Properties', 'update', 'OCA_Encryption\Hooks', 'updateKeyfile');
stream_wrapper_register('crypt','OC_CryptStream');

View File

@ -58,6 +58,18 @@ class Hooks {
}
/**
* @brief update the encryption key of the file uploaded by the client
*/
public static function updateKeyfile( $params ) {
if (Crypt::mode(\OCP\User::getUser()) == 'client')
if (isset($params['properties']['key'])) {
Keymanager::setFileKey(\OCP\User::getUser(), $params['path'], $params['properties']['key']);
} else {
error_log("Client side encryption is enabled but the client doesn't provide a encryption key for the file!");
}
}
}
?>

View File

@ -22,6 +22,7 @@
*/
abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IProperties {
const GETETAG_PROPERTYNAME = '{DAV:}getetag';
/**
* The path to the current node
@ -140,7 +141,9 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
*/
public function updateProperties($properties) {
$existing = $this->getProperties(array());
OC_Hook::emit('OC_Webdav_Properties', 'update', array('properties' => $properties, 'path' => $this->path));
foreach($properties as $propertyName => $propertyValue) {
$propertyName = preg_replace("/^{.*}/", "", $propertyName); // remove leading namespace from property name
// If it was null, we need to delete the property
if (is_null($propertyValue)) {
if(array_key_exists( $propertyName, $existing )){
@ -178,7 +181,7 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
* @param array $properties
* @return void
*/
function getProperties($properties) {
public function getProperties($properties) {
if (is_null($this->property_cache)) {
$query = OC_DB::prepare( 'SELECT * FROM *PREFIX*properties WHERE userid = ? AND propertypath = ?' );
$result = $query->execute( array( OC_User::getUser(), $this->path ));
@ -200,4 +203,29 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr
}
return $props;
}
/**
* Returns the ETag surrounded by double-quotes for this path.
* @param string $path Path of the file
* @return string|null Returns null if the ETag can not effectively be determined
*/
static public function getETagPropertyForFile($path) {
$tag = OC_Filesystem::hash('md5', $path);
if (empty($tag)) {
return null;
}
$etag = '"'.$tag.'"';
$query = OC_DB::prepare( 'INSERT INTO *PREFIX*properties (userid,propertypath,propertyname,propertyvalue) VALUES(?,?,?,?)' );
$query->execute( array( OC_User::getUser(), $path, self::GETETAG_PROPERTYNAME, $etag ));
return $etag;
}
/**
* Remove the ETag from the cache.
* @param string $path Path of the file
*/
static public function removeETagPropertyForFile($path) {
$query = OC_DB::prepare( 'DELETE FROM *PREFIX*properties WHERE userid = ? AND propertypath = ? AND propertyname = ?' );
$query->execute( array( OC_User::getUser(), $path, self::GETETAG_PROPERTYNAME ));
}
}

View File

@ -808,8 +808,7 @@ class OC_OCS {
$login=OC_OCS::checkpassword();
if(($login==$user)) {
if(OC_App::isEnabled('files_encryption') && OCA_Encryption\Crypt::mode($user) === 'client') {
if (($key = OCA_Encryption\Keymanager::setFileKey($user, $file, $key))) {
// TODO: emit hook to move file from tmp location to the right place
if (($key = OCA_Encryption\Keymanager::setFileKey($user, $file, $key))) {
echo self::generateXml('', 'ok', 100, '');
return true;
} else {
@ -821,7 +820,6 @@ class OC_OCS {
}else{
echo self::generateXml('', 'fail', 300, 'You don´t have permission to access this ressource.');
}
//TODO: emit signal to remove file from tmp location
return false;
}