From 4f9cbadfa437c72db03e5d6def76d6d9103453b1 Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Thu, 30 May 2013 22:41:30 +0200 Subject: [PATCH 1/8] fix for autoloader while user logged in and system is in maintenance --- apps/files_encryption/appinfo/app.php | 51 +++++++++++++++------------ 1 file changed, 28 insertions(+), 23 deletions(-) diff --git a/apps/files_encryption/appinfo/app.php b/apps/files_encryption/appinfo/app.php index d9bb4d5e74..d2bac218a9 100644 --- a/apps/files_encryption/appinfo/app.php +++ b/apps/files_encryption/appinfo/app.php @@ -10,39 +10,44 @@ OC::$CLASSPATH['OCA\Encryption\Session'] = 'files_encryption/lib/session.php'; OC::$CLASSPATH['OCA\Encryption\Capabilities'] = 'files_encryption/lib/capabilities.php'; OC::$CLASSPATH['OCA\Encryption\Helper'] = 'files_encryption/lib/helper.php'; -OC_FileProxy::register(new OCA\Encryption\Proxy()); +if(!OC_Config::getValue('maintenance', false)) { + OC_FileProxy::register(new OCA\Encryption\Proxy()); -// User related hooks -OCA\Encryption\Helper::registerUserHooks(); + // User related hooks + OCA\Encryption\Helper::registerUserHooks(); -// Sharing related hooks -OCA\Encryption\Helper::registerShareHooks(); + // Sharing related hooks + OCA\Encryption\Helper::registerShareHooks(); -// Filesystem related hooks -OCA\Encryption\Helper::registerFilesystemHooks(); + // Filesystem related hooks + OCA\Encryption\Helper::registerFilesystemHooks(); -stream_wrapper_register('crypt', 'OCA\Encryption\Stream'); + stream_wrapper_register('crypt', 'OCA\Encryption\Stream'); -// check if we are logged in -if (OCP\User::isLoggedIn()) { - $view = new OC_FilesystemView('/'); - $session = new \OCA\Encryption\Session($view); + // check if we are logged in + if (OCP\User::isLoggedIn()) { + $view = new OC_FilesystemView('/'); + $session = new \OCA\Encryption\Session($view); - // check if user has a private key - if ( - !$session->getPrivateKey(\OCP\USER::getUser()) - && OCA\Encryption\Crypt::mode() === 'server' - ) { + // check if user has a private key + if ( + !$session->getPrivateKey(\OCP\USER::getUser()) + && OCA\Encryption\Crypt::mode() === 'server' + ) { - // Force the user to log-in again if the encryption key isn't unlocked - // (happens when a user is logged in before the encryption app is - // enabled) - OCP\User::logout(); + // Force the user to log-in again if the encryption key isn't unlocked + // (happens when a user is logged in before the encryption app is + // enabled) + OCP\User::logout(); - header("Location: " . OC::$WEBROOT . '/'); + header("Location: " . OC::$WEBROOT . '/'); - exit(); + exit(); + } } +} else { + // logout user if we are in maintenance to force re-login + OCP\User::logout(); } // Register settings scripts From 986e9dd362809cedec783f55f161d6b3bce7d680 Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Fri, 31 May 2013 01:35:48 +0200 Subject: [PATCH 2/8] use legacyDecrypt to decrypt key file like the previous files_encryption --- apps/files_encryption/hooks/hooks.php | 2 +- apps/files_encryption/lib/crypt.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index 955425595b..4e0e5c4b95 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -76,7 +76,7 @@ class Hooks { && $encLegacyKey = $userView->file_get_contents('encryption.key') ) { - $plainLegacyKey = Crypt::legacyBlockDecrypt($encLegacyKey, $params['password']); + $plainLegacyKey = Crypt::legacyDecrypt($encLegacyKey, $params['password']); $session->setLegacyKey($plainLegacyKey); diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php index ddeb3590f6..d84a4d4e3c 100755 --- a/apps/files_encryption/lib/crypt.php +++ b/apps/files_encryption/lib/crypt.php @@ -608,7 +608,7 @@ class Crypt { * * This function decrypts an content */ - private static function legacyDecrypt($content, $passphrase = '') { + public static function legacyDecrypt($content, $passphrase = '') { $bf = self::getBlowfish($passphrase); From 8e324aad38851f866c536416a0e8809b330f9c99 Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Fri, 31 May 2013 01:36:49 +0200 Subject: [PATCH 3/8] fix re-encrypt legacy files --- apps/files_encryption/lib/util.php | 42 +++++++++++------------------- 1 file changed, 15 insertions(+), 27 deletions(-) diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index 0d663549bf..b27b26ccaa 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -732,40 +732,28 @@ class Util { // Fetch data from file $legacyData = $this->view->file_get_contents($legacyFile['path']); - $sharingEnabled = \OCP\Share::isEnabled(); - - // if file exists try to get sharing users - if ($this->view->file_exists($legacyFile['path'])) { - $uniqueUserIds = $this->getSharingUsersArray($sharingEnabled, $legacyFile['path'], $this->userId); - } else { - $uniqueUserIds[] = $this->userId; - } - - // Fetch public keys for all users who will share the file - $publicKeys = Keymanager::getPublicKeys($this->view, $uniqueUserIds); - - // Recrypt data, generate catfile - $recrypted = Crypt::legacyKeyRecryptKeyfile( $legacyData, $legacyPassphrase, $publicKeys ); + // decrypt data, generate catfile + $decrypted = Crypt::legacyBlockDecrypt($legacyData, $legacyPassphrase); $rawPath = $legacyFile['path']; - $relPath = $this->stripUserFilesPath($rawPath); - // Save keyfile - Keymanager::setFileKey($this->view, $relPath, $this->userId, $recrypted['filekey']); + // enable proxy the ensure encryption is handled + \OC_FileProxy::$enabled = true; - // Save sharekeys to user folders - Keymanager::setShareKeys($this->view, $relPath, $recrypted['sharekeys']); + // Open enc file handle for binary writing, with same filename as original plain file + $encHandle = $this->view->fopen( $rawPath, 'wb' ); - // Overwrite the existing file with the encrypted one - $this->view->file_put_contents($rawPath, $recrypted['data']); + if (is_resource($encHandle)) { - $size = strlen($recrypted['data']); + // write data to stream + fwrite($encHandle, $decrypted); - // Add the file to the cache - \OC\Files\Filesystem::putFileInfo($rawPath, array( - 'encrypted' => true, - 'size' => $size - ), ''); + // close stream + fclose($encHandle); + } + + // disable proxy to prevent file being encrypted twice + \OC_FileProxy::$enabled = false; } } From ccdfb5942616a5b4bfeea04cfafac91017afc010 Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Fri, 31 May 2013 01:55:48 +0200 Subject: [PATCH 4/8] fix legacy key in until test --- apps/files_encryption/tests/util.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/files_encryption/tests/util.php b/apps/files_encryption/tests/util.php index 0dc452a41c..b36d7e4117 100755 --- a/apps/files_encryption/tests/util.php +++ b/apps/files_encryption/tests/util.php @@ -75,7 +75,7 @@ class Test_Encryption_Util extends \PHPUnit_Framework_TestCase { $this->legacyData = realpath(dirname(__FILE__) . '/legacy-text.txt'); $this->legacyEncryptedData = realpath(dirname(__FILE__) . '/legacy-encrypted-text.txt'); $this->legacyEncryptedDataKey = realpath(dirname(__FILE__) . '/encryption.key'); - $this->legacyKey = '30943623843030686906'; + $this->legacyKey = "30943623843030686906\0\0\0\0"; $keypair = Encryption\Crypt::createKeypair(); From 96ef926161155cf710838612501bf76756f89cb4 Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Fri, 31 May 2013 01:57:32 +0200 Subject: [PATCH 5/8] normalize path to prevent following split to fail --- apps/files_encryption/lib/proxy.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/apps/files_encryption/lib/proxy.php b/apps/files_encryption/lib/proxy.php index 11308612da..e5f7f2e695 100644 --- a/apps/files_encryption/lib/proxy.php +++ b/apps/files_encryption/lib/proxy.php @@ -299,6 +299,8 @@ class Proxy extends \OC_FileProxy { */ public function postFopen($path, &$result) { + $path = \OC\Files\Filesystem::normalizePath($path); + if (!$result) { return $result; From 46e5e9bd73a68f7b50bb79f883a8bc6efacaca97 Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Fri, 31 May 2013 22:49:32 +0200 Subject: [PATCH 6/8] cleanup unused method legacyKeyRecryptKeyfile --- apps/files_encryption/lib/crypt.php | 24 ------------------------ apps/files_encryption/tests/crypt.php | 17 ----------------- 2 files changed, 41 deletions(-) diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php index d84a4d4e3c..ced9ab7c67 100755 --- a/apps/files_encryption/lib/crypt.php +++ b/apps/files_encryption/lib/crypt.php @@ -637,28 +637,4 @@ class Crypt { } } - /** - * @param $legacyEncryptedContent - * @param $legacyPassphrase - * @param $publicKeys - * @return array - */ - public static function legacyKeyRecryptKeyfile($legacyEncryptedContent, $legacyPassphrase, $publicKeys) { - - $decrypted = self::legacyBlockDecrypt($legacyEncryptedContent, $legacyPassphrase); - - // Encrypt plain data, generate keyfile & encrypted file - $cryptedData = self::symmetricEncryptFileContentKeyfile($decrypted); - - // Encrypt plain keyfile to multiple sharefiles - $multiEncrypted = Crypt::multiKeyEncrypt($cryptedData['key'], $publicKeys); - - return array( - 'data' => $cryptedData['encrypted'], - 'filekey' => $multiEncrypted['data'], - 'sharekeys' => $multiEncrypted['keys'] - ); - - } - } \ No newline at end of file diff --git a/apps/files_encryption/tests/crypt.php b/apps/files_encryption/tests/crypt.php index 32156eea27..e153a49a2c 100755 --- a/apps/files_encryption/tests/crypt.php +++ b/apps/files_encryption/tests/crypt.php @@ -569,23 +569,6 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase { } - /** - * @brief test decryption using legacy blowfish method - * @depends testLegacyEncryptLong - */ - function testLegacyKeyRecryptKeyfileEncrypt($crypted) { - - $recrypted = Encryption\Crypt::LegacyKeyRecryptKeyfile($crypted, $this->pass, array($this->genPublicKey)); - - $this->assertNotEquals($this->dataLong, $recrypted['data']); - - return $recrypted; - - # TODO: search inencrypted text for actual content to ensure it - # genuine transformation - - } - function testRenameFile() { $filename = 'tmp-' . time(); From 2daec351d4fc8754a89422faea21dd0c84df40bf Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Wed, 12 Jun 2013 23:21:24 +0200 Subject: [PATCH 7/8] update submodule --- 3rdparty | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3rdparty b/3rdparty index a13af72fbe..3ef9f738a9 160000 --- a/3rdparty +++ b/3rdparty @@ -1 +1 @@ -Subproject commit a13af72fbe8983686fc47489a750e60319f68ac2 +Subproject commit 3ef9f738a9107879dddc7d97842cf4d2198fae4c From 2f1005f05fda3f2df5a02e1faf976682b5af319f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Schie=C3=9Fle?= Date: Thu, 13 Jun 2013 10:44:05 +0200 Subject: [PATCH 8/8] LegacyKeyRecryptKeyfileEncrypt() no longer exists, so test can be removed --- apps/files_encryption/tests/crypt.php | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/apps/files_encryption/tests/crypt.php b/apps/files_encryption/tests/crypt.php index 341904b118..c105e5ad31 100755 --- a/apps/files_encryption/tests/crypt.php +++ b/apps/files_encryption/tests/crypt.php @@ -611,24 +611,6 @@ class Test_Encryption_Crypt extends \PHPUnit_Framework_TestCase { } - /** - * @medium - * @brief test decryption using legacy blowfish method - * @depends testLegacyEncryptLong - */ - function testLegacyKeyRecryptKeyfileEncrypt($crypted) { - - $recrypted = Encryption\Crypt::LegacyKeyRecryptKeyfile($crypted, $this->pass, array($this->genPublicKey)); - - $this->assertNotEquals($this->dataLong, $recrypted['data']); - - return $recrypted; - - # TODO: search inencrypted text for actual content to ensure it - # genuine transformation - - } - /** * @medium */