clean up encryption exceptions
This commit is contained in:
parent
e345697cab
commit
a10ae2816e
|
@ -11,9 +11,9 @@ OC::$CLASSPATH['OCA\Encryption\Capabilities'] = 'files_encryption/lib/capabiliti
|
||||||
OC::$CLASSPATH['OCA\Encryption\Helper'] = 'files_encryption/lib/helper.php';
|
OC::$CLASSPATH['OCA\Encryption\Helper'] = 'files_encryption/lib/helper.php';
|
||||||
|
|
||||||
// Exceptions
|
// Exceptions
|
||||||
OC::$CLASSPATH['OCA\Encryption\Exceptions\MultiKeyEncryptException'] = 'files_encryption/lib/exceptions.php';
|
OC::$CLASSPATH['OCA\Encryption\Exception\MultiKeyEncryptException'] = 'files_encryption/exception/multiKeyEncryptException.php';
|
||||||
OC::$CLASSPATH['OCA\Encryption\Exceptions\MultiKeyDecryptException'] = 'files_encryption/lib/exceptions.php';
|
OC::$CLASSPATH['OCA\Encryption\Exception\MultiKeyDecryptException'] = 'files_encryption/exception/multiKeyDecryptException.php';
|
||||||
OC::$CLASSPATH['OCA\Encryption\Exceptions\EncryptionException'] = 'files_encryption/lib/exceptions.php';
|
OC::$CLASSPATH['OCA\Encryption\Exception\EncryptionException'] = 'files_encryption/exception/encryptionException.php';
|
||||||
|
|
||||||
\OCP\Util::addTranslations('files_encryption');
|
\OCP\Util::addTranslations('files_encryption');
|
||||||
\OCP\Util::addscript('files_encryption', 'encryption');
|
\OCP\Util::addscript('files_encryption', 'encryption');
|
||||||
|
|
|
@ -0,0 +1,50 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* ownCloud
|
||||||
|
*
|
||||||
|
* @copyright (C) 2014 ownCloud, Inc.
|
||||||
|
*
|
||||||
|
* @author Bjoern Schiessle <schiessle@owncloud.com>
|
||||||
|
*
|
||||||
|
* This library is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
|
||||||
|
* License as published by the Free Software Foundation; either
|
||||||
|
* version 3 of the License, or any later version.
|
||||||
|
*
|
||||||
|
* This library is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Affero General Public
|
||||||
|
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace OCA\Encryption\Exception;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Base class for all encryption exception
|
||||||
|
*
|
||||||
|
* Possible Error Codes:
|
||||||
|
* 10 - unknown error
|
||||||
|
* 20 - unexpected end of encryption header
|
||||||
|
* 30 - unexpected blog size
|
||||||
|
* 40 - encryption header to large
|
||||||
|
* 50 - unknown cipher
|
||||||
|
* 60 - encryption failed
|
||||||
|
* 70 - decryption failed
|
||||||
|
* 80 - empty data
|
||||||
|
* 90 - private key missing
|
||||||
|
*/
|
||||||
|
class EncryptionException extends \Exception {
|
||||||
|
const UNKNOWN = 10;
|
||||||
|
const UNEXPECTED_END_OF_ENCRYPTION_HEADER = 20;
|
||||||
|
const UNEXPECTED_BLOG_SIZE = 30;
|
||||||
|
const ENCRYPTION_HEADER_TO_LARGE = 40;
|
||||||
|
const UNKNOWN_CIPHER = 50;
|
||||||
|
const ENCRYPTION_FAILED = 60;
|
||||||
|
const DECRYPTION_FAILED = 70;
|
||||||
|
const EMPTY_DATA = 80;
|
||||||
|
const PRIVATE_KEY_MISSING = 90;
|
||||||
|
}
|
|
@ -0,0 +1,34 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* ownCloud
|
||||||
|
*
|
||||||
|
* @copyright (C) 2014 ownCloud, Inc.
|
||||||
|
*
|
||||||
|
* @author Bjoern Schiessle <schiessle@owncloud.com>
|
||||||
|
*
|
||||||
|
* This library is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
|
||||||
|
* License as published by the Free Software Foundation; either
|
||||||
|
* version 3 of the License, or any later version.
|
||||||
|
*
|
||||||
|
* This library is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Affero General Public
|
||||||
|
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace OCA\Encryption\Exception;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Throw this encryption if multi key decryption failed
|
||||||
|
*
|
||||||
|
* Possible error codes:
|
||||||
|
* 110 - openssl_open failed
|
||||||
|
*/
|
||||||
|
class MultiKeyDecryptException extends EncryptionException {
|
||||||
|
const OPENSSL_OPEN_FAILED = 110;
|
||||||
|
}
|
|
@ -0,0 +1,34 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* ownCloud
|
||||||
|
*
|
||||||
|
* @copyright (C) 2014 ownCloud, Inc.
|
||||||
|
*
|
||||||
|
* @author Bjoern Schiessle <schiessle@owncloud.com>
|
||||||
|
*
|
||||||
|
* This library is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
|
||||||
|
* License as published by the Free Software Foundation; either
|
||||||
|
* version 3 of the License, or any later version.
|
||||||
|
*
|
||||||
|
* This library is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Affero General Public
|
||||||
|
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace OCA\Encryption\Exception;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Throw this exception if multi key encrytion fails
|
||||||
|
*
|
||||||
|
* Possible error codes:
|
||||||
|
* 110 - openssl_seal failed
|
||||||
|
*/
|
||||||
|
class MultiKeyEncryptException extends EncryptionException {
|
||||||
|
const OPENSSL_SEAL_FAILED = 110;
|
||||||
|
}
|
|
@ -3,10 +3,12 @@
|
||||||
/**
|
/**
|
||||||
* ownCloud
|
* ownCloud
|
||||||
*
|
*
|
||||||
* @author Sam Tuke, Frank Karlitschek, Robin Appelman
|
* @copyright (C) 2014 ownCloud, Inc.
|
||||||
* @copyright 2012 Sam Tuke samtuke@owncloud.com,
|
*
|
||||||
* Robin Appelman icewind@owncloud.com, Frank Karlitschek
|
* @author Bjoern Schiessle <schiessle@owncloud.com>
|
||||||
* frank@owncloud.org
|
* @author Sam Tuke <samtuke@owncloud.com>
|
||||||
|
* @author Frank Karlitschek <frank@owncloud.com>
|
||||||
|
* @author Robin Appelman <icewind@owncloud.com>
|
||||||
*
|
*
|
||||||
* This library is free software; you can redistribute it and/or
|
* This library is free software; you can redistribute it and/or
|
||||||
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
|
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
|
||||||
|
@ -24,7 +26,6 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
namespace OCA\Encryption;
|
namespace OCA\Encryption;
|
||||||
use OCA\Encryption\Exceptions\EncryptionException;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class for common cryptography functionality
|
* Class for common cryptography functionality
|
||||||
|
@ -189,7 +190,7 @@ class Crypt {
|
||||||
* @param string $passphrase
|
* @param string $passphrase
|
||||||
* @param string $cypher used for encryption, currently we support AES-128-CFB and AES-256-CFB
|
* @param string $cypher used for encryption, currently we support AES-128-CFB and AES-256-CFB
|
||||||
* @return string encrypted file content
|
* @return string encrypted file content
|
||||||
* @throws \OCA\Encryption\Exceptions\EncryptionException
|
* @throws \OCA\Encryption\Exception\EncryptionException
|
||||||
*/
|
*/
|
||||||
private static function encrypt($plainContent, $iv, $passphrase = '', $cipher = Crypt::DEFAULT_CIPHER) {
|
private static function encrypt($plainContent, $iv, $passphrase = '', $cipher = Crypt::DEFAULT_CIPHER) {
|
||||||
|
|
||||||
|
@ -198,7 +199,7 @@ class Crypt {
|
||||||
if (!$encryptedContent) {
|
if (!$encryptedContent) {
|
||||||
$error = "Encryption (symmetric) of content failed: " . openssl_error_string();
|
$error = "Encryption (symmetric) of content failed: " . openssl_error_string();
|
||||||
\OCP\Util::writeLog('Encryption library', $error, \OCP\Util::ERROR);
|
\OCP\Util::writeLog('Encryption library', $error, \OCP\Util::ERROR);
|
||||||
throw new Exceptions\EncryptionException($error, 50);
|
throw new Exception\EncryptionException($error, Exception\EncryptionException::ENCRYPTION_FAILED);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $encryptedContent;
|
return $encryptedContent;
|
||||||
|
@ -290,7 +291,7 @@ class Crypt {
|
||||||
$padded = self::addPadding($catfile);
|
$padded = self::addPadding($catfile);
|
||||||
|
|
||||||
return $padded;
|
return $padded;
|
||||||
} catch (EncryptionException $e) {
|
} catch (Exception\EncryptionException $e) {
|
||||||
$message = 'Could not encrypt file content (code: ' . $e->getCode() . '): ';
|
$message = 'Could not encrypt file content (code: ' . $e->getCode() . '): ';
|
||||||
\OCP\Util::writeLog('files_encryption', $message . $e->getMessage(), \OCP\Util::ERROR);
|
\OCP\Util::writeLog('files_encryption', $message . $e->getMessage(), \OCP\Util::ERROR);
|
||||||
return false;
|
return false;
|
||||||
|
@ -378,7 +379,7 @@ class Crypt {
|
||||||
* @param string $plainContent content to be encrypted
|
* @param string $plainContent content to be encrypted
|
||||||
* @param array $publicKeys array keys must be the userId of corresponding user
|
* @param array $publicKeys array keys must be the userId of corresponding user
|
||||||
* @return array keys: keys (array, key = userId), data
|
* @return array keys: keys (array, key = userId), data
|
||||||
* @throws \OCA\Encryption\Exceptions\\MultiKeyEncryptException if encryption failed
|
* @throws \OCA\Encryption\Exception\MultiKeyEncryptException if encryption failed
|
||||||
* @note symmetricDecryptFileContent() can decrypt files created using this method
|
* @note symmetricDecryptFileContent() can decrypt files created using this method
|
||||||
*/
|
*/
|
||||||
public static function multiKeyEncrypt($plainContent, array $publicKeys) {
|
public static function multiKeyEncrypt($plainContent, array $publicKeys) {
|
||||||
|
@ -386,7 +387,7 @@ class Crypt {
|
||||||
// openssl_seal returns false without errors if $plainContent
|
// openssl_seal returns false without errors if $plainContent
|
||||||
// is empty, so trigger our own error
|
// is empty, so trigger our own error
|
||||||
if (empty($plainContent)) {
|
if (empty($plainContent)) {
|
||||||
throw new Exceptions\MultiKeyEncryptException('Cannot multiKeyEncrypt empty plain content', 10);
|
throw new Exception\MultiKeyEncryptException('Cannot multiKeyEncrypt empty plain content', Exception\MultiKeyEncryptException::EMPTY_DATA);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Set empty vars to be set by openssl by reference
|
// Set empty vars to be set by openssl by reference
|
||||||
|
@ -413,7 +414,8 @@ class Crypt {
|
||||||
);
|
);
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
throw new Exceptions\MultiKeyEncryptException('multi key encryption failed: ' . openssl_error_string(), 20);
|
throw new Exception\MultiKeyEncryptException('multi key encryption failed: ' . openssl_error_string(),
|
||||||
|
Exception\MultiKeyEncryptException::OPENSSL_SEAL_FAILED);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -423,7 +425,7 @@ class Crypt {
|
||||||
* @param string $encryptedContent
|
* @param string $encryptedContent
|
||||||
* @param string $shareKey
|
* @param string $shareKey
|
||||||
* @param mixed $privateKey
|
* @param mixed $privateKey
|
||||||
* @throws \OCA\Encryption\Exceptions\\MultiKeyDecryptException if decryption failed
|
* @throws \OCA\Encryption\Exception\MultiKeyDecryptException if decryption failed
|
||||||
* @internal param string $plainContent contains decrypted content
|
* @internal param string $plainContent contains decrypted content
|
||||||
* @return string $plainContent decrypted string
|
* @return string $plainContent decrypted string
|
||||||
* @note symmetricDecryptFileContent() can be used to decrypt files created using this method
|
* @note symmetricDecryptFileContent() can be used to decrypt files created using this method
|
||||||
|
@ -433,7 +435,8 @@ class Crypt {
|
||||||
public static function multiKeyDecrypt($encryptedContent, $shareKey, $privateKey) {
|
public static function multiKeyDecrypt($encryptedContent, $shareKey, $privateKey) {
|
||||||
|
|
||||||
if (!$encryptedContent) {
|
if (!$encryptedContent) {
|
||||||
throw new Exceptions\MultiKeyDecryptException('Cannot mutliKeyDecrypt empty plain content', 10);
|
throw new Exception\MultiKeyDecryptException('Cannot mutliKeyDecrypt empty plain content',
|
||||||
|
Exception\MultiKeyDecryptException::EMPTY_DATA);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (openssl_open($encryptedContent, $plainContent, $shareKey, $privateKey)) {
|
if (openssl_open($encryptedContent, $plainContent, $shareKey, $privateKey)) {
|
||||||
|
@ -441,7 +444,8 @@ class Crypt {
|
||||||
return $plainContent;
|
return $plainContent;
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
throw new Exceptions\MultiKeyDecryptException('multiKeyDecrypt with share-key' . $shareKey . 'failed: ' . openssl_error_string(), 20);
|
throw new Exception\MultiKeyDecryptException('multiKeyDecrypt with share-key' . $shareKey . 'failed: ' . openssl_error_string(),
|
||||||
|
Exception\MultiKeyDecryptException::OPENSSL_OPEN_FAILED);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -550,14 +554,15 @@ class Crypt {
|
||||||
* get chiper from header
|
* get chiper from header
|
||||||
*
|
*
|
||||||
* @param array $header
|
* @param array $header
|
||||||
* @throws \OCA\Encryption\Exceptions\EncryptionException
|
* @throws \OCA\Encryption\Exception\EncryptionException
|
||||||
*/
|
*/
|
||||||
public static function getCipher($header) {
|
public static function getCipher($header) {
|
||||||
$cipher = isset($header['cipher']) ? $header['cipher'] : 'AES-128-CFB';
|
$cipher = isset($header['cipher']) ? $header['cipher'] : 'AES-128-CFB';
|
||||||
|
|
||||||
if ($cipher !== 'AES-256-CFB' && $cipher !== 'AES-128-CFB') {
|
if ($cipher !== 'AES-256-CFB' && $cipher !== 'AES-128-CFB') {
|
||||||
|
|
||||||
throw new \OCA\Encryption\Exceptions\EncryptionException('file header broken, no supported cipher defined', 40);
|
throw new Exception\EncryptionException('file header broken, no supported cipher defined',
|
||||||
|
Exception\EncryptionException::UNKNOWN_CIPHER);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $cipher;
|
return $cipher;
|
||||||
|
|
|
@ -1,63 +0,0 @@
|
||||||
<?php
|
|
||||||
/**
|
|
||||||
* ownCloud
|
|
||||||
*
|
|
||||||
* @author Bjoern Schiessle
|
|
||||||
* @copyright 2014 Bjoern Schiessle <schiessle@owncloud.com>
|
|
||||||
*
|
|
||||||
* This library is free software; you can redistribute it and/or
|
|
||||||
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
|
|
||||||
* License as published by the Free Software Foundation; either
|
|
||||||
* version 3 of the License, or any later version.
|
|
||||||
*
|
|
||||||
* This library is distributed in the hope that it will be useful,
|
|
||||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
|
|
||||||
*
|
|
||||||
* You should have received a copy of the GNU Affero General Public
|
|
||||||
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
namespace OCA\Encryption\Exceptions;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* General encryption exception
|
|
||||||
* Possible Error Codes:
|
|
||||||
* 10 - unexpected end of encryption header
|
|
||||||
* 20 - unexpected blog size
|
|
||||||
* 30 - encryption header to large
|
|
||||||
* 40 - unknown cipher
|
|
||||||
* 50 - encryption failed
|
|
||||||
* 60 - no private key available
|
|
||||||
*/
|
|
||||||
class EncryptionException extends \Exception {
|
|
||||||
const UNEXPECTED_END_OF_ENCRTYPTION_HEADER = 10;
|
|
||||||
const UNEXPECTED_BLOG_SIZE = 20;
|
|
||||||
const ENCRYPTION_HEADER_TO_LARGE = 30;
|
|
||||||
const UNKNOWN_CIPHER = 40;
|
|
||||||
const ENCRYPTION_FAILED = 50;
|
|
||||||
const NO_PRIVATE_KEY_AVAILABLE = 60;
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Throw this exception if multi key encrytion fails
|
|
||||||
*
|
|
||||||
* Possible error codes:
|
|
||||||
* 10 - empty plain content was given
|
|
||||||
* 20 - openssl_seal failed
|
|
||||||
*/
|
|
||||||
class MultiKeyEncryptException extends EncryptionException {
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Throw this encryption if multi key decryption failed
|
|
||||||
*
|
|
||||||
* Possible error codes:
|
|
||||||
* 10 - empty encrypted content was given
|
|
||||||
* 20 - openssl_open failed
|
|
||||||
*/
|
|
||||||
class MultiKeyDecryptException extends EncryptionException {
|
|
||||||
}
|
|
|
@ -2,10 +2,11 @@
|
||||||
/**
|
/**
|
||||||
* ownCloud
|
* ownCloud
|
||||||
*
|
*
|
||||||
* @author Bjoern Schiessle, Robin Appelman
|
* @copyright (C) 2014 ownCloud, Inc.
|
||||||
* @copyright 2014 Bjoern Schiessle <schiessle@owncloud.com>
|
*
|
||||||
* 2012 Sam Tuke <samtuke@owncloud.com>,
|
* @author Bjoern Schiessle <schiessle@owncloud.com>
|
||||||
* 2011 Robin Appelman <icewind1991@gmail.com>
|
* @author Robin Appelman <icewind@owncloud.com>
|
||||||
|
* @author Sam Tuke <samtuke@owncloud.com>
|
||||||
*
|
*
|
||||||
* This library is free software; you can redistribute it and/or
|
* This library is free software; you can redistribute it and/or
|
||||||
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
|
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
|
||||||
|
@ -30,7 +31,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
namespace OCA\Encryption;
|
namespace OCA\Encryption;
|
||||||
use OCA\Encryption\Exceptions\EncryptionException;
|
use OCA\Encryption\Exception\EncryptionException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Provides 'crypt://' stream wrapper protocol.
|
* Provides 'crypt://' stream wrapper protocol.
|
||||||
|
@ -91,6 +92,7 @@ class Stream {
|
||||||
* @param int $options
|
* @param int $options
|
||||||
* @param string $opened_path
|
* @param string $opened_path
|
||||||
* @return bool
|
* @return bool
|
||||||
|
* @throw \OCA\Encryption\Exception\EncryptionException
|
||||||
*/
|
*/
|
||||||
public function stream_open($path, $mode, $options, &$opened_path) {
|
public function stream_open($path, $mode, $options, &$opened_path) {
|
||||||
|
|
||||||
|
@ -109,7 +111,7 @@ class Stream {
|
||||||
$this->privateKey = $this->session->getPrivateKey();
|
$this->privateKey = $this->session->getPrivateKey();
|
||||||
if ($this->privateKey === false) {
|
if ($this->privateKey === false) {
|
||||||
throw new EncryptionException('Session does not contain a private key, maybe your login password changed?',
|
throw new EncryptionException('Session does not contain a private key, maybe your login password changed?',
|
||||||
EncryptionException::NO_PRIVATE_KEY_AVAILABLE);
|
EncryptionException::PRIVATE_KEY_MISSING);
|
||||||
}
|
}
|
||||||
|
|
||||||
$normalizedPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path));
|
$normalizedPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path));
|
||||||
|
@ -249,7 +251,7 @@ class Stream {
|
||||||
/**
|
/**
|
||||||
* @param int $count
|
* @param int $count
|
||||||
* @return bool|string
|
* @return bool|string
|
||||||
* @throws \OCA\Encryption\Exceptions\EncryptionException
|
* @throws \OCA\Encryption\Exception\EncryptionException
|
||||||
*/
|
*/
|
||||||
public function stream_read($count) {
|
public function stream_read($count) {
|
||||||
|
|
||||||
|
@ -257,7 +259,7 @@ class Stream {
|
||||||
|
|
||||||
if ($count !== Crypt::BLOCKSIZE) {
|
if ($count !== Crypt::BLOCKSIZE) {
|
||||||
\OCP\Util::writeLog('Encryption library', 'PHP "bug" 21641 no longer holds, decryption system requires refactoring', \OCP\Util::FATAL);
|
\OCP\Util::writeLog('Encryption library', 'PHP "bug" 21641 no longer holds, decryption system requires refactoring', \OCP\Util::FATAL);
|
||||||
throw new \OCA\Encryption\Exceptions\EncryptionException('expected a blog size of 8192 byte', 20);
|
throw new EncryptionException('expected a blog size of 8192 byte', EncryptionException::UNEXPECTED_BLOG_SIZE);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get the data from the file handle
|
// Get the data from the file handle
|
||||||
|
@ -365,14 +367,14 @@ class Stream {
|
||||||
/**
|
/**
|
||||||
* write header at beginning of encrypted file
|
* write header at beginning of encrypted file
|
||||||
*
|
*
|
||||||
* @throws Exceptions\EncryptionException
|
* @throws Exception\EncryptionException
|
||||||
*/
|
*/
|
||||||
private function writeHeader() {
|
private function writeHeader() {
|
||||||
|
|
||||||
$header = Crypt::generateHeader();
|
$header = Crypt::generateHeader();
|
||||||
|
|
||||||
if (strlen($header) > Crypt::BLOCKSIZE) {
|
if (strlen($header) > Crypt::BLOCKSIZE) {
|
||||||
throw new Exceptions\EncryptionException('max header size exceeded', 30);
|
throw new EncryptionException('max header size exceeded', EncryptionException::ENCRYPTION_HEADER_TO_LARGE);
|
||||||
}
|
}
|
||||||
|
|
||||||
$paddedHeader = str_pad($header, Crypt::BLOCKSIZE, self::PADDING_CHAR, STR_PAD_RIGHT);
|
$paddedHeader = str_pad($header, Crypt::BLOCKSIZE, self::PADDING_CHAR, STR_PAD_RIGHT);
|
||||||
|
|
|
@ -960,7 +960,7 @@ class Util {
|
||||||
$plainKeyfile = $this->decryptKeyfile($filePath, $privateKey);
|
$plainKeyfile = $this->decryptKeyfile($filePath, $privateKey);
|
||||||
// Re-enc keyfile to (additional) sharekeys
|
// Re-enc keyfile to (additional) sharekeys
|
||||||
$multiEncKey = Crypt::multiKeyEncrypt($plainKeyfile, $userPubKeys);
|
$multiEncKey = Crypt::multiKeyEncrypt($plainKeyfile, $userPubKeys);
|
||||||
} catch (Exceptions\EncryptionException $e) {
|
} catch (Exception\EncryptionException $e) {
|
||||||
$msg = 'set shareFileKeyFailed (code: ' . $e->getCode() . '): ' . $e->getMessage();
|
$msg = 'set shareFileKeyFailed (code: ' . $e->getCode() . '): ' . $e->getMessage();
|
||||||
\OCP\Util::writeLog('files_encryption', $msg, \OCP\Util::FATAL);
|
\OCP\Util::writeLog('files_encryption', $msg, \OCP\Util::FATAL);
|
||||||
return false;
|
return false;
|
||||||
|
|
|
@ -100,7 +100,7 @@ class OC_Connector_Sabre_File extends OC_Connector_Sabre_Node implements \Sabre\
|
||||||
} catch (\OCP\Files\LockNotAcquiredException $e) {
|
} catch (\OCP\Files\LockNotAcquiredException $e) {
|
||||||
// the file is currently being written to by another process
|
// the file is currently being written to by another process
|
||||||
throw new OC_Connector_Sabre_Exception_FileLocked($e->getMessage(), $e->getCode(), $e);
|
throw new OC_Connector_Sabre_Exception_FileLocked($e->getMessage(), $e->getCode(), $e);
|
||||||
} catch (\OCA\Encryption\Exceptions\EncryptionException $e) {
|
} catch (\OCA\Encryption\Exception\EncryptionException $e) {
|
||||||
throw new \Sabre\DAV\Exception\Forbidden($e->getMessage());
|
throw new \Sabre\DAV\Exception\Forbidden($e->getMessage());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -156,7 +156,7 @@ class OC_Connector_Sabre_File extends OC_Connector_Sabre_Node implements \Sabre\
|
||||||
} else {
|
} else {
|
||||||
try {
|
try {
|
||||||
return $this->fileView->fopen(ltrim($this->path, '/'), 'rb');
|
return $this->fileView->fopen(ltrim($this->path, '/'), 'rb');
|
||||||
} catch (\OCA\Encryption\Exceptions\EncryptionException $e) {
|
} catch (\OCA\Encryption\Exception\EncryptionException $e) {
|
||||||
throw new \Sabre\DAV\Exception\Forbidden($e->getMessage());
|
throw new \Sabre\DAV\Exception\Forbidden($e->getMessage());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue