Merge pull request #1383 from owncloud/files_encryption-style-fixes
first style fixes - @samtuke: I added some TODO regarding undefined vari...
This commit is contained in:
commit
9bf1f22d5f
|
@ -1,38 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* Copyright (c) 2012, Bjoern Schiessle <schiessle@owncloud.com>
|
||||
* This file is licensed under the Affero General Public License version 3 or later.
|
||||
* See the COPYING-README file.
|
||||
*/
|
||||
|
||||
use OCA\Encryption\Keymanager;
|
||||
|
||||
OCP\JSON::checkAppEnabled('files_encryption');
|
||||
OCP\JSON::checkLoggedIn();
|
||||
OCP\JSON::callCheck();
|
||||
|
||||
$mode = $_POST['mode'];
|
||||
$changePasswd = false;
|
||||
$passwdChanged = false;
|
||||
|
||||
if ( isset($_POST['newpasswd']) && isset($_POST['oldpasswd']) ) {
|
||||
$oldpasswd = $_POST['oldpasswd'];
|
||||
$newpasswd = $_POST['newpasswd'];
|
||||
$changePasswd = true;
|
||||
$passwdChanged = Keymanager::changePasswd($oldpasswd, $newpasswd);
|
||||
}
|
||||
|
||||
$query = \OC_DB::prepare( "SELECT mode FROM *PREFIX*encryption WHERE uid = ?" );
|
||||
$result = $query->execute(array(\OCP\User::getUser()));
|
||||
|
||||
if ($result->fetchRow()){
|
||||
$query = OC_DB::prepare( 'UPDATE *PREFIX*encryption SET mode = ? WHERE uid = ?' );
|
||||
} else {
|
||||
$query = OC_DB::prepare( 'INSERT INTO *PREFIX*encryption ( mode, uid ) VALUES( ?, ? )' );
|
||||
}
|
||||
|
||||
if ( (!$changePasswd || $passwdChanged) && $query->execute(array($mode, \OCP\User::getUser())) ) {
|
||||
OCP\JSON::success();
|
||||
} else {
|
||||
OCP\JSON::error();
|
||||
}
|
|
@ -43,6 +43,6 @@ if (
|
|||
|
||||
}
|
||||
|
||||
// Reguster settings scripts
|
||||
// Register settings scripts
|
||||
OCP\App::registerAdmin( 'files_encryption', 'settings' );
|
||||
OCP\App::registerPersonal( 'files_encryption', 'settings-personal' );
|
|
@ -165,16 +165,6 @@ class Hooks {
|
|||
* @brief
|
||||
*/
|
||||
public static function postShared( $params ) {
|
||||
|
||||
// Delete existing catfile
|
||||
Keymanager::deleteFileKey( );
|
||||
|
||||
// Generate new catfile and env keys
|
||||
Crypt::multiKeyEncrypt( $plainContent, $publicKeys );
|
||||
|
||||
// Save env keys to user folders
|
||||
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,38 +0,0 @@
|
|||
/**
|
||||
* Copyright (c) 2012, Bjoern Schiessle <schiessle@owncloud.com>
|
||||
* This file is licensed under the Affero General Public License version 3 or later.
|
||||
* See the COPYING-README file.
|
||||
*/
|
||||
|
||||
$(document).ready(function(){
|
||||
$('input[name=encryption_mode]').change(function(){
|
||||
var prevmode = document.getElementById('prev_encryption_mode').value
|
||||
var client=$('input[value="client"]:checked').val()
|
||||
,server=$('input[value="server"]:checked').val()
|
||||
,user=$('input[value="user"]:checked').val()
|
||||
,none=$('input[value="none"]:checked').val()
|
||||
if (client) {
|
||||
$.post(OC.filePath('files_encryption', 'ajax', 'mode.php'), { mode: 'client' });
|
||||
if (prevmode == 'server') {
|
||||
OC.dialogs.info(t('encryption', 'Please switch to your ownCloud client and change your encryption password to complete the conversion.'), t('encryption', 'switched to client side encryption'));
|
||||
}
|
||||
} else if (server) {
|
||||
if (prevmode == 'client') {
|
||||
OC.dialogs.form([{text:'Login password', name:'newpasswd', type:'password'},{text:'Encryption password used on the client', name:'oldpasswd', type:'password'}],t('encryption', 'Change encryption password to login password'), function(data) {
|
||||
$.post(OC.filePath('files_encryption', 'ajax', 'mode.php'), { mode: 'server', newpasswd: data[0].value, oldpasswd: data[1].value }, function(result) {
|
||||
if (result.status != 'success') {
|
||||
document.getElementById(prevmode+'_encryption').checked = true;
|
||||
OC.dialogs.alert(t('encryption', 'Please check your passwords and try again.'), t('encryption', 'Could not change your file encryption password to your login password'))
|
||||
} else {
|
||||
console.log("alles super");
|
||||
}
|
||||
}, true);
|
||||
});
|
||||
} else {
|
||||
$.post(OC.filePath('files_encryption', 'ajax', 'mode.php'), { mode: 'server' });
|
||||
}
|
||||
} else {
|
||||
$.post(OC.filePath('files_encryption', 'ajax', 'mode.php'), { mode: 'none' });
|
||||
}
|
||||
})
|
||||
})
|
|
@ -9,38 +9,11 @@ $(document).ready(function(){
|
|||
$('#encryption_blacklist').multiSelect({
|
||||
oncheck:blackListChange,
|
||||
onuncheck:blackListChange,
|
||||
createText:'...',
|
||||
createText:'...'
|
||||
});
|
||||
|
||||
function blackListChange(){
|
||||
var blackList=$('#encryption_blacklist').val().join(',');
|
||||
OC.AppConfig.setValue('files_encryption','type_blacklist',blackList);
|
||||
}
|
||||
|
||||
//TODO: Handle switch between client and server side encryption
|
||||
$('input[name=encryption_mode]').change(function(){
|
||||
var client=$('input[value="client"]:checked').val()
|
||||
,server=$('input[value="server"]:checked').val()
|
||||
,user=$('input[value="user"]:checked').val()
|
||||
,none=$('input[value="none"]:checked').val()
|
||||
,disable=false
|
||||
if (client) {
|
||||
OC.AppConfig.setValue('files_encryption','mode','client');
|
||||
disable = true;
|
||||
} else if (server) {
|
||||
OC.AppConfig.setValue('files_encryption','mode','server');
|
||||
disable = true;
|
||||
} else if (user) {
|
||||
OC.AppConfig.setValue('files_encryption','mode','user');
|
||||
disable = true;
|
||||
} else {
|
||||
OC.AppConfig.setValue('files_encryption','mode','none');
|
||||
}
|
||||
if (disable) {
|
||||
document.getElementById('server_encryption').disabled = true;
|
||||
document.getElementById('client_encryption').disabled = true;
|
||||
document.getElementById('user_encryption').disabled = true;
|
||||
document.getElementById('none_encryption').disabled = true;
|
||||
}
|
||||
})
|
||||
})
|
|
@ -116,6 +116,12 @@ class Crypt {
|
|||
*/
|
||||
public static function isCatfile( $content ) {
|
||||
|
||||
if ( !$content ) {
|
||||
|
||||
return false;
|
||||
|
||||
}
|
||||
|
||||
$noPadding = self::removePadding( $content );
|
||||
|
||||
// Fetch encryption metadata from end of file
|
||||
|
@ -221,8 +227,6 @@ class Crypt {
|
|||
|
||||
throw new \Exception( 'Encryption library: Decryption (symmetric) of content failed' );
|
||||
|
||||
return false;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -421,7 +425,7 @@ class Crypt {
|
|||
}
|
||||
|
||||
/**
|
||||
* @brief Asymetrically encrypt a string using a public key
|
||||
* @brief Asymmetrically encrypt a string using a public key
|
||||
* @returns encrypted file
|
||||
*/
|
||||
public static function keyEncrypt( $plainContent, $publicKey ) {
|
||||
|
@ -509,12 +513,6 @@ class Crypt {
|
|||
|
||||
}
|
||||
|
||||
//echo "hags ";
|
||||
|
||||
//echo "\n\n\n\$crypted = $crypted\n\n\n";
|
||||
|
||||
//print_r($testarray);
|
||||
|
||||
return $crypted;
|
||||
|
||||
}
|
||||
|
@ -543,8 +541,6 @@ class Crypt {
|
|||
|
||||
}
|
||||
|
||||
//echo "\n\n\$testarray = "; print_r($testarray);
|
||||
|
||||
return $decrypted;
|
||||
|
||||
}
|
||||
|
@ -572,7 +568,7 @@ class Crypt {
|
|||
|
||||
} else {
|
||||
|
||||
throw new Exception( 'Generating IV failed' );
|
||||
throw new \Exception( 'Generating IV failed' );
|
||||
|
||||
}
|
||||
|
||||
|
@ -590,7 +586,7 @@ class Crypt {
|
|||
if ( !$strong ) {
|
||||
|
||||
// If OpenSSL indicates randomness is insecure, log error
|
||||
throw new Exception ( 'Encryption library, Insecure symmetric key was generated using openssl_random_pseudo_bytes()' );
|
||||
throw new \Exception ( 'Encryption library, Insecure symmetric key was generated using openssl_random_pseudo_bytes()' );
|
||||
|
||||
}
|
||||
|
||||
|
@ -604,29 +600,6 @@ class Crypt {
|
|||
|
||||
}
|
||||
|
||||
public static function changekeypasscode( $oldPassword, $newPassword ) {
|
||||
|
||||
if ( \OCP\User::isLoggedIn() ) {
|
||||
|
||||
$key = Keymanager::getPrivateKey( $user, $view );
|
||||
|
||||
if ( ( $key = Crypt::symmetricDecryptFileContent($key,$oldpasswd) ) ) {
|
||||
|
||||
if ( ( $key = Crypt::symmetricEncryptFileContent( $key, $newpasswd ) ) ) {
|
||||
|
||||
Keymanager::setPrivateKey( $key );
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
return false;
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Get the blowfish encryption handeler for a key
|
||||
* @param $key string (optional)
|
||||
|
|
|
@ -46,6 +46,8 @@ class Keymanager {
|
|||
|
||||
/**
|
||||
* @brief retrieve public key for a specified user
|
||||
* @param \OC_FilesystemView $view
|
||||
* @param $userId
|
||||
* @return string public key or false
|
||||
*/
|
||||
public static function getPublicKey( \OC_FilesystemView $view, $userId ) {
|
||||
|
@ -56,6 +58,8 @@ class Keymanager {
|
|||
|
||||
/**
|
||||
* @brief retrieve both keys from a user (private and public)
|
||||
* @param \OC_FilesystemView $view
|
||||
* @param $userId
|
||||
* @return array keys: privateKey, publicKey
|
||||
*/
|
||||
public static function getUserKeys( \OC_FilesystemView $view, $userId ) {
|
||||
|
@ -144,8 +148,11 @@ class Keymanager {
|
|||
|
||||
/**
|
||||
* @brief retrieve keyfile for an encrypted file
|
||||
* @param string file name
|
||||
* @return string file key or false on failure
|
||||
* @param \OC_FilesystemView $view
|
||||
* @param $userId
|
||||
* @param $filePath
|
||||
* @internal param \OCA\Encryption\file $string name
|
||||
* @return string file key or false
|
||||
* @note The keyfile returned is asymmetrically encrypted. Decryption
|
||||
* of the keyfile must be performed by client code
|
||||
*/
|
||||
|
@ -213,12 +220,11 @@ class Keymanager {
|
|||
|
||||
\OC_FileProxy::$enabled = false;
|
||||
|
||||
if ( !$view->file_exists( '' ) ) $view->mkdir( '' );
|
||||
if ( !$view->file_exists( '' ) )
|
||||
$view->mkdir( '' );
|
||||
|
||||
return $view->file_put_contents( $user . '.private.key', $key );
|
||||
|
||||
\OC_FileProxy::$enabled = true;
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -246,16 +252,24 @@ class Keymanager {
|
|||
|
||||
\OC_FileProxy::$enabled = false;
|
||||
|
||||
if ( !$view->file_exists( '' ) ) $view->mkdir( '' );
|
||||
if ( !$view->file_exists( '' ) )
|
||||
$view->mkdir( '' );
|
||||
|
||||
return $view->file_put_contents( \OCP\User::getUser() . '.public.key', $key );
|
||||
|
||||
\OC_FileProxy::$enabled = true;
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @note 'shareKey' is a more user-friendly name for env_key
|
||||
* @brief store file encryption key
|
||||
*
|
||||
* @param string $path relative path of the file, including filename
|
||||
* @param string $key
|
||||
* @param null $view
|
||||
* @param string $dbClassName
|
||||
* @return bool true/false
|
||||
* @note The keyfile is not encrypted here. Client code must
|
||||
* asymmetrically encrypt the keyfile before passing it to this method
|
||||
*/
|
||||
public static function setShareKey( \OC_FilesystemView $view, $path, $userId, $shareKey ) {
|
||||
|
||||
|
@ -290,29 +304,13 @@ class Keymanager {
|
|||
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief change password of private encryption key
|
||||
*
|
||||
* @param string $oldpasswd old password
|
||||
* @param string $newpasswd new password
|
||||
* @return bool true/false
|
||||
*/
|
||||
public static function changePasswd($oldpasswd, $newpasswd) {
|
||||
|
||||
if ( \OCP\User::checkPassword(\OCP\User::getUser(), $newpasswd) ) {
|
||||
return Crypt::changekeypasscode($oldpasswd, $newpasswd);
|
||||
}
|
||||
return false;
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Fetch the legacy encryption key from user files
|
||||
* @param string $login used to locate the legacy key
|
||||
* @param string $passphrase used to decrypt the legacy key
|
||||
* @return true / false
|
||||
*
|
||||
* if the key is left out, the default handeler will be used
|
||||
* if the key is left out, the default handler will be used
|
||||
*/
|
||||
public function getLegacyKey() {
|
||||
|
||||
|
|
|
@ -173,7 +173,7 @@ class Stream {
|
|||
|
||||
// $count will always be 8192 https://bugs.php.net/bug.php?id=21641
|
||||
// This makes this function a lot simpler, but will break this class if the above 'bug' gets 'fixed'
|
||||
\OCP\Util::writeLog( 'files_encryption', 'PHP "bug" 21641 no longer holds, decryption system requires refactoring', OCP\Util::FATAL );
|
||||
\OCP\Util::writeLog( 'files_encryption', 'PHP "bug" 21641 no longer holds, decryption system requires refactoring', \OCP\Util::FATAL );
|
||||
|
||||
die();
|
||||
|
||||
|
@ -209,7 +209,7 @@ class Stream {
|
|||
}
|
||||
|
||||
/**
|
||||
* @brief Encrypt and pad data ready for writting to disk
|
||||
* @brief Encrypt and pad data ready for writing to disk
|
||||
* @param string $plainData data to be encrypted
|
||||
* @param string $key key to use for encryption
|
||||
* @return encrypted data on success, false on failure
|
||||
|
@ -403,7 +403,7 @@ class Stream {
|
|||
$encrypted = $this->preWriteEncrypt( $chunk, $this->keyfile );
|
||||
|
||||
// Write the data chunk to disk. This will be
|
||||
// addended to the last data chunk if the file
|
||||
// attended to the last data chunk if the file
|
||||
// being handled totals more than 6126 bytes
|
||||
fwrite( $this->handle, $encrypted );
|
||||
|
||||
|
|
|
@ -12,8 +12,6 @@ $blackList = explode( ',', \OCP\Config::getAppValue( 'files_encryption', 'type_b
|
|||
|
||||
$tmpl->assign( 'blacklist', $blackList );
|
||||
|
||||
OCP\Util::addscript('files_encryption','settings-personal');
|
||||
|
||||
return $tmpl->fetchPage();
|
||||
|
||||
return null;
|
||||
|
|
|
@ -16,7 +16,7 @@
|
|||
<?php echo $type; ?>
|
||||
</li>
|
||||
<?php endforeach; ?>
|
||||
</p>
|
||||
</ul>
|
||||
<?php endif; ?>
|
||||
</fieldset>
|
||||
</form>
|
||||
|
|
Loading…
Reference in New Issue