mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

back

This commit is contained in:
jknockaert 2015-02-19 16:08:08 +01:00
parent 77c4c2856a
commit d5ba6af259
1 changed files with 34 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
apps/files_encryption/lib/stream.php
View File

@ -75,6 +75,8 @@ class Stream {
private $headerWritten = false; private $headerWritten = false;
private $containHeader = false; // the file contain a header private $containHeader = false; // the file contain a header
private $cipher; // cipher used for encryption/decryption private $cipher; // cipher used for encryption/decryption
/** @var \OCA\Files_Encryption\Util */
private $util;
/** /**
* @var \OC\Files\View * @var \OC\Files\View
@ -103,9 +105,7 @@ class Stream {
// assume that the file already exist before we decide it finally in getKey() // assume that the file already exist before we decide it finally in getKey()
$this->newFile = false; $this->newFile = false;
if (!isset($this->rootView)) { $this->rootView = new \OC\Files\View('/');
$this->rootView = new \OC\Files\View('/');
}
$this->session = new Session($this->rootView); $this->session = new Session($this->rootView);
@ -116,7 +116,8 @@ class Stream {
} }
$normalizedPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path)); $normalizedPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path));
if ($originalFile = Helper::getPathFromTmpFile($normalizedPath)) { $originalFile = Helper::getPathFromTmpFile($normalizedPath);
if ($originalFile) {
$this->rawPath = $originalFile; $this->rawPath = $originalFile;
$this->isLocalTmpFile = true; $this->isLocalTmpFile = true;
$this->localTmpFile = $normalizedPath; $this->localTmpFile = $normalizedPath;
@ -124,24 +125,33 @@ class Stream {
$this->rawPath = $normalizedPath; $this->rawPath = $normalizedPath;
} }
$this->userId = Helper::getUser($this->rawPath); $this->util = new Util($this->rootView, Helper::getUser($this->rawPath));
$util = new Util($this->rootView, $this->userId);
// get the key ID which we want to use, can be the users key or the // get the key ID which we want to use, can be the users key or the
// public share key // public share key
$this->keyId = $util->getKeyId(); $this->keyId = $this->util->getKeyId();
// Strip identifier text from path, this gives us the path relative to data/<user>/files $fileType = Helper::detectFileType($this->rawPath);
$this->relPath = Helper::stripUserFilesPath($this->rawPath);
// if raw path doesn't point to a real file, check if it is a version or a file in the trash bin
if ($this->relPath === false) {
$this->relPath = Helper::getPathToRealFile($this->rawPath);
}
if($this->relPath === false) { switch ($fileType) {
\OCP\Util::writeLog('Encryption library', 'failed to open file "' . $this->rawPath . '" expecting a path to "files", "files_versions" or "cache"', \OCP\Util::ERROR); case Util::FILE_TYPE_FILE:
return false; $this->relPath = Helper::stripUserFilesPath($this->rawPath);
$user = \OC::$server->getUserSession()->getUser();
$this->userId = $user ? $user->getUID() : Helper::getUserFromPath($this->rawPath);
break;
case Util::FILE_TYPE_VERSION:
$this->relPath = Helper::getPathFromVersion($this->rawPath);
$this->userId = Helper::getUserFromPath($this->rawPath);
break;
case Util::FILE_TYPE_CACHE:
$this->relPath = Helper::getPathFromCachedFile($this->rawPath);
Helper::mkdirr($this->rawPath, new \OC\Files\View('/'));
$user = \OC::$server->getUserSession()->getUser();
$this->userId = $user ? $user->getUID() : Helper::getUserFromPath($this->rawPath);
break;
default:
\OCP\Util::writeLog('Encryption library', 'failed to open file "' . $this->rawPath . '" expecting a path to "files", "files_versions" or "cache"', \OCP\Util::ERROR);
return false;
} }
// Disable fileproxies so we can get the file size and open the source file without recursive encryption // Disable fileproxies so we can get the file size and open the source file without recursive encryption
@ -154,22 +164,12 @@ class Stream {
or $mode === 'wb' or $mode === 'wb'
or $mode === 'wb+' or $mode === 'wb+'
) { ) {
// We're writing a new file so start write counter with 0 bytes // We're writing a new file so start write counter with 0 bytes
$this->size = 0; $this->size = 0;
$this->unencryptedSize = 0; $this->unencryptedSize = 0;
} else { } else {
if($this->privateKey === false) {
// if private key is not valid redirect user to a error page
Helper::redirectToErrorPage($this->session);
}
$this->size = $this->rootView->filesize($this->rawPath); $this->size = $this->rootView->filesize($this->rawPath);
$this->readHeader(); $this->readHeader();
} }
if ($this->isLocalTmpFile) { if ($this->isLocalTmpFile) {
@ -260,7 +260,7 @@ class Stream {
if ($count !== Crypt::BLOCKSIZE) { if ($count !== Crypt::BLOCKSIZE) {
\OCP\Util::writeLog('Encryption library', 'PHP "bug" 21641 no longer holds, decryption system requires refactoring', \OCP\Util::FATAL); \OCP\Util::writeLog('Encryption library', 'PHP "bug" 21641 no longer holds, decryption system requires refactoring', \OCP\Util::FATAL);
throw new EncryptionException('expected a blog size of 8192 byte', EncryptionException::UNEXPECTED_BLOG_SIZE); throw new EncryptionException('expected a block size of 8192 byte', EncryptionException::UNEXPECTED_BLOCK_SIZE);
} }
// Get the data from the file handle // Get the data from the file handle
@ -328,9 +328,10 @@ class Stream {
} }
$util = new Util($this->rootView, $this->userId);
// Fetch and decrypt keyfile // Fetch and decrypt keyfile
// Fetch existing keyfile // Fetch existing keyfile
$util = new Util($this->rootView, $this->userId);
$this->encKeyfile = Keymanager::getFileKey($this->rootView, $util, $this->relPath); $this->encKeyfile = Keymanager::getFileKey($this->rootView, $util, $this->relPath);
// If a keyfile already exists // If a keyfile already exists
@ -614,11 +615,9 @@ class Stream {
// Check if OC sharing api is enabled // Check if OC sharing api is enabled
$sharingEnabled = \OCP\Share::isEnabled(); $sharingEnabled = \OCP\Share::isEnabled();
$util = new Util($this->rootView, $this->userId);
// Get all users sharing the file includes current user // Get all users sharing the file includes current user
$uniqueUserIds = $util->getSharingUsersArray($sharingEnabled, $this->relPath); $uniqueUserIds = $this->util->getSharingUsersArray($sharingEnabled, $this->relPath);
$checkedUserIds = $util->filterShareReadyUsers($uniqueUserIds); $checkedUserIds = $this->util->filterShareReadyUsers($uniqueUserIds);
// Fetch public keys for all sharing users // Fetch public keys for all sharing users
$publicKeys = Keymanager::getPublicKeys($this->rootView, $checkedUserIds['ready']); $publicKeys = Keymanager::getPublicKeys($this->rootView, $checkedUserIds['ready']);
@ -627,10 +626,10 @@ class Stream {
$this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys); $this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
// Save the new encrypted file key // Save the new encrypted file key
Keymanager::setFileKey($this->rootView, $util, $this->relPath, $this->encKeyfiles['data']); Keymanager::setFileKey($this->rootView, $this->util, $this->relPath, $this->encKeyfiles['data']);
// Save the sharekeys // Save the sharekeys
Keymanager::setShareKeys($this->rootView, $util, $this->relPath, $this->encKeyfiles['keys']); Keymanager::setShareKeys($this->rootView, $this->util, $this->relPath, $this->encKeyfiles['keys']);
// Re-enable proxy - our work is done // Re-enable proxy - our work is done
\OC_FileProxy::$enabled = $proxyStatus; \OC_FileProxy::$enabled = $proxyStatus;