mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #1383 from owncloud/files_encryption-style-fixes 

first style fixes - @samtuke: I added some TODO regarding undefined vari...
This commit is contained in:
Sam Tuke 2013-02-09 09:04:47 -08:00
parent bb656ca2fb 7f58e27495
commit 9bf1f22d5f
10 changed files with 705 additions and 849 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
apps/files_encryption/ajax/mode.php
View File

@ -1,38 +0,0 @@
<?php
/**
* Copyright (c) 2012, Bjoern Schiessle <schiessle@owncloud.com>
* This file is licensed under the Affero General Public License version 3 or later.
* See the COPYING-README file.
*/
use OCA\Encryption\Keymanager;
OCP\JSON::checkAppEnabled('files_encryption');
OCP\JSON::checkLoggedIn();
OCP\JSON::callCheck();
$mode = $_POST['mode'];
$changePasswd = false;
$passwdChanged = false;
if ( isset($_POST['newpasswd']) && isset($_POST['oldpasswd']) ) {
$oldpasswd = $_POST['oldpasswd'];
$newpasswd = $_POST['newpasswd'];
$changePasswd = true;
$passwdChanged = Keymanager::changePasswd($oldpasswd, $newpasswd);
}
$query = \OC_DB::prepare( "SELECT mode FROM *PREFIX*encryption WHERE uid = ?" );
$result = $query->execute(array(\OCP\User::getUser()));
if ($result->fetchRow()){
$query = OC_DB::prepare( 'UPDATE *PREFIX*encryption SET mode = ? WHERE uid = ?' );
} else {
$query = OC_DB::prepare( 'INSERT INTO *PREFIX*encryption ( mode, uid ) VALUES( ?, ? )' );
}
if ( (!$changePasswd || $passwdChanged) && $query->execute(array($mode, \OCP\User::getUser())) ) {
OCP\JSON::success();
} else {
OCP\JSON::error();
}

2
apps/files_encryption/appinfo/app.php
View File

@ -43,6 +43,6 @@ if (
}
// Reguster settings scripts
// Register settings scripts
OCP\App::registerAdmin( 'files_encryption', 'settings' );
OCP\App::registerPersonal( 'files_encryption', 'settings-personal' );

10
apps/files_encryption/hooks/hooks.php
View File

@ -165,16 +165,6 @@ class Hooks {
* @brief
*/
public static function postShared( $params ) {
// Delete existing catfile
Keymanager::deleteFileKey( );
// Generate new catfile and env keys
Crypt::multiKeyEncrypt( $plainContent, $publicKeys );
// Save env keys to user folders
}
/**

38
apps/files_encryption/js/settings-personal.js
View File

@ -1,38 +0,0 @@
/**
* Copyright (c) 2012, Bjoern Schiessle <schiessle@owncloud.com>
* This file is licensed under the Affero General Public License version 3 or later.
* See the COPYING-README file.
*/
$(document).ready(function(){
$('input[name=encryption_mode]').change(function(){
var prevmode = document.getElementById('prev_encryption_mode').value
var client=$('input[value="client"]:checked').val()
,server=$('input[value="server"]:checked').val()
,user=$('input[value="user"]:checked').val()
,none=$('input[value="none"]:checked').val()
if (client) {
$.post(OC.filePath('files_encryption', 'ajax', 'mode.php'), { mode: 'client' });
if (prevmode == 'server') {
OC.dialogs.info(t('encryption', 'Please switch to your ownCloud client and change your encryption password to complete the conversion.'), t('encryption', 'switched to client side encryption'));
}
} else if (server) {
if (prevmode == 'client') {
OC.dialogs.form([{text:'Login password', name:'newpasswd', type:'password'},{text:'Encryption password used on the client', name:'oldpasswd', type:'password'}],t('encryption', 'Change encryption password to login password'), function(data) {
$.post(OC.filePath('files_encryption', 'ajax', 'mode.php'), { mode: 'server', newpasswd: data[0].value, oldpasswd: data[1].value }, function(result) {
if (result.status != 'success') {
document.getElementById(prevmode+'_encryption').checked = true;
OC.dialogs.alert(t('encryption', 'Please check your passwords and try again.'), t('encryption', 'Could not change your file encryption password to your login password'))
} else {
console.log("alles super");
}
}, true);
});
} else {
$.post(OC.filePath('files_encryption', 'ajax', 'mode.php'), { mode: 'server' });
}
} else {
$.post(OC.filePath('files_encryption', 'ajax', 'mode.php'), { mode: 'none' });
}
})
})

29
apps/files_encryption/js/settings.js
View File

@ -9,38 +9,11 @@ $(document).ready(function(){
$('#encryption_blacklist').multiSelect({
oncheck:blackListChange,
onuncheck:blackListChange,
createText:'...',
createText:'...'
});
function blackListChange(){
var blackList=$('#encryption_blacklist').val().join(',');
OC.AppConfig.setValue('files_encryption','type_blacklist',blackList);
}
//TODO: Handle switch between client and server side encryption
$('input[name=encryption_mode]').change(function(){
var client=$('input[value="client"]:checked').val()
,server=$('input[value="server"]:checked').val()
,user=$('input[value="user"]:checked').val()
,none=$('input[value="none"]:checked').val()
,disable=false
if (client) {
OC.AppConfig.setValue('files_encryption','mode','client');
disable = true;
} else if (server) {
OC.AppConfig.setValue('files_encryption','mode','server');
disable = true;
} else if (user) {
OC.AppConfig.setValue('files_encryption','mode','user');
disable = true;
} else {
OC.AppConfig.setValue('files_encryption','mode','none');
}
if (disable) {
document.getElementById('server_encryption').disabled = true;
document.getElementById('client_encryption').disabled = true;
document.getElementById('user_encryption').disabled = true;
document.getElementById('none_encryption').disabled = true;
}
})
})

45
apps/files_encryption/lib/crypt.php
View File

@ -116,6 +116,12 @@ class Crypt {
*/
public static function isCatfile( $content ) {
if ( !$content ) {
return false;
}
$noPadding = self::removePadding( $content );
// Fetch encryption metadata from end of file
@ -221,8 +227,6 @@ class Crypt {
throw new \Exception( 'Encryption library: Decryption (symmetric) of content failed' );
return false;
}
}
@ -421,7 +425,7 @@ class Crypt {
}
/**
* @brief Asymetrically encrypt a string using a public key
* @brief Asymmetrically encrypt a string using a public key
* @returns encrypted file
*/
public static function keyEncrypt( $plainContent, $publicKey ) {
@ -509,12 +513,6 @@ class Crypt {
}
//echo "hags ";
//echo "\n\n\n\$crypted = $crypted\n\n\n";
//print_r($testarray);
return $crypted;
}
@ -543,8 +541,6 @@ class Crypt {
}
//echo "\n\n\$testarray = "; print_r($testarray);
return $decrypted;
}
@ -572,7 +568,7 @@ class Crypt {
} else {
throw new Exception( 'Generating IV failed' );
throw new \Exception( 'Generating IV failed' );
}
@ -590,7 +586,7 @@ class Crypt {
if ( !$strong ) {
// If OpenSSL indicates randomness is insecure, log error
throw new Exception ( 'Encryption library, Insecure symmetric key was generated using openssl_random_pseudo_bytes()' );
throw new \Exception ( 'Encryption library, Insecure symmetric key was generated using openssl_random_pseudo_bytes()' );
}
@ -604,29 +600,6 @@ class Crypt {
}
public static function changekeypasscode( $oldPassword, $newPassword ) {
if ( \OCP\User::isLoggedIn() ) {
$key = Keymanager::getPrivateKey( $user, $view );
if ( ( $key = Crypt::symmetricDecryptFileContent($key,$oldpasswd) ) ) {
if ( ( $key = Crypt::symmetricEncryptFileContent( $key, $newpasswd ) ) ) {
Keymanager::setPrivateKey( $key );
return true;
}
}
}
return false;
}
/**
* @brief Get the blowfish encryption handeler for a key
* @param $key string (optional)

48
apps/files_encryption/lib/keymanager.php
View File

@ -46,6 +46,8 @@ class Keymanager {
/**
* @brief retrieve public key for a specified user
* @param \OC_FilesystemView $view
* @param $userId
* @return string public key or false
*/
public static function getPublicKey( \OC_FilesystemView $view, $userId ) {
@ -56,6 +58,8 @@ class Keymanager {
/**
* @brief retrieve both keys from a user (private and public)
* @param \OC_FilesystemView $view
* @param $userId
* @return array keys: privateKey, publicKey
*/
public static function getUserKeys( \OC_FilesystemView $view, $userId ) {
@ -144,8 +148,11 @@ class Keymanager {
/**
* @brief retrieve keyfile for an encrypted file
* @param string file name
* @return string file key or false on failure
* @param \OC_FilesystemView $view
* @param $userId
* @param $filePath
* @internal param \OCA\Encryption\file $string name
* @return string file key or false
* @note The keyfile returned is asymmetrically encrypted. Decryption
* of the keyfile must be performed by client code
*/
@ -213,12 +220,11 @@ class Keymanager {
\OC_FileProxy::$enabled = false;
if ( !$view->file_exists( '' ) ) $view->mkdir( '' );
if ( !$view->file_exists( '' ) )
$view->mkdir( '' );
return $view->file_put_contents( $user . '.private.key', $key );
\OC_FileProxy::$enabled = true;
}
/**
@ -246,16 +252,24 @@ class Keymanager {
\OC_FileProxy::$enabled = false;
if ( !$view->file_exists( '' ) ) $view->mkdir( '' );
if ( !$view->file_exists( '' ) )
$view->mkdir( '' );
return $view->file_put_contents( \OCP\User::getUser() . '.public.key', $key );
\OC_FileProxy::$enabled = true;
}
/**
* @note 'shareKey' is a more user-friendly name for env_key
* @brief store file encryption key
*
* @param string $path relative path of the file, including filename
* @param string $key
* @param null $view
* @param string $dbClassName
* @return bool true/false
* @note The keyfile is not encrypted here. Client code must
* asymmetrically encrypt the keyfile before passing it to this method
*/
public static function setShareKey( \OC_FilesystemView $view, $path, $userId, $shareKey ) {
@ -290,29 +304,13 @@ class Keymanager {
}
/**
* @brief change password of private encryption key
*
* @param string $oldpasswd old password
* @param string $newpasswd new password
* @return bool true/false
*/
public static function changePasswd($oldpasswd, $newpasswd) {
if ( \OCP\User::checkPassword(\OCP\User::getUser(), $newpasswd) ) {
return Crypt::changekeypasscode($oldpasswd, $newpasswd);
}
return false;
}
/**
* @brief Fetch the legacy encryption key from user files
* @param string $login used to locate the legacy key
* @param string $passphrase used to decrypt the legacy key
* @return true / false
*
* if the key is left out, the default handeler will be used
* if the key is left out, the default handler will be used
*/
public function getLegacyKey() {

6
apps/files_encryption/lib/stream.php
View File

@ -173,7 +173,7 @@ class Stream {
// $count will always be 8192 https://bugs.php.net/bug.php?id=21641
// This makes this function a lot simpler, but will break this class if the above 'bug' gets 'fixed'
\OCP\Util::writeLog( 'files_encryption', 'PHP "bug" 21641 no longer holds, decryption system requires refactoring', OCP\Util::FATAL );
\OCP\Util::writeLog( 'files_encryption', 'PHP "bug" 21641 no longer holds, decryption system requires refactoring', \OCP\Util::FATAL );
die();
@ -209,7 +209,7 @@ class Stream {
}
/**
* @brief Encrypt and pad data ready for writting to disk
* @brief Encrypt and pad data ready for writing to disk
* @param string $plainData data to be encrypted
* @param string $key key to use for encryption
* @return encrypted data on success, false on failure
@ -403,7 +403,7 @@ class Stream {
$encrypted = $this->preWriteEncrypt( $chunk, $this->keyfile );
// Write the data chunk to disk. This will be
// addended to the last data chunk if the file
// attended to the last data chunk if the file
// being handled totals more than 6126 bytes
fwrite( $this->handle, $encrypted );

2
apps/files_encryption/settings-personal.php
View File

@ -12,8 +12,6 @@ $blackList = explode( ',', \OCP\Config::getAppValue( 'files_encryption', 'type_b
$tmpl->assign( 'blacklist', $blackList );
OCP\Util::addscript('files_encryption','settings-personal');
return $tmpl->fetchPage();
return null;

2
apps/files_encryption/templates/settings-personal.php
View File

@ -16,7 +16,7 @@
<?php echo $type; ?>
</li>
<?php endforeach; ?>
</p>
</ul>
<?php endif; ?>
</fieldset>
</form>