working on streaming decrypted content
applied some dependency injection to keymanager.php
This commit is contained in:
parent
b883bb6b42
commit
f11f524dfa
|
@ -39,6 +39,8 @@ class Hooks {
|
|||
|
||||
if ( Crypt::mode( $params['uid'] ) == 'server' ) {
|
||||
|
||||
# TODO: use lots of dependency injection here
|
||||
|
||||
$view = new \OC_FilesystemView( '/' );
|
||||
|
||||
$util = new Util( $view, $params['uid'] );
|
||||
|
@ -49,8 +51,12 @@ class Hooks {
|
|||
|
||||
}
|
||||
|
||||
$encryptedKey = Keymanager::getPrivateKey( $params['uid'] );
|
||||
\OC_FileProxy::$enabled = false;
|
||||
|
||||
$encryptedKey = Keymanager::getPrivateKey( $params['uid'], $view );
|
||||
|
||||
\OC_FileProxy::$enabled = true;
|
||||
|
||||
$_SESSION['enckey'] = Crypt::symmetricDecryptFileContent( $encryptedKey, $params['password'] );
|
||||
|
||||
}
|
||||
|
|
|
@ -30,14 +30,14 @@ class Keymanager {
|
|||
# TODO: make all dependencies (including static classes) explicit, such as ocfsview objects, by adding them as method arguments (dependency injection)
|
||||
|
||||
/**
|
||||
* @brief retrieve private key from a user
|
||||
* @brief retrieve the ENCRYPTED private key from a user
|
||||
*
|
||||
* @return string private key or false
|
||||
* @note the key returned by this method must be decrypted before use
|
||||
*/
|
||||
public static function getPrivateKey() {
|
||||
public static function getPrivateKey( $user, $view ) {
|
||||
|
||||
$user = \OCP\User::getUser();
|
||||
$view = new \OC_FilesystemView( '/' . $user . '/' . 'files_encryption' );
|
||||
$view->chroot( '/' . $user . '/' . 'files_encryption' );
|
||||
return $view->file_get_contents( '/' . $user.'.private.key' );
|
||||
|
||||
}
|
||||
|
@ -121,7 +121,7 @@ class Keymanager {
|
|||
* @return string file key or false
|
||||
*/
|
||||
public static function getFileKey( $path ) {
|
||||
trigger_error("div ".$path);
|
||||
|
||||
$keypath = ltrim( $path, '/' );
|
||||
$user = \OCP\User::getUser();
|
||||
|
||||
|
|
|
@ -135,6 +135,8 @@ class Proxy extends \OC_FileProxy {
|
|||
|
||||
public function postFile_get_contents( $path, $data ) {
|
||||
|
||||
# TODO: Use dependency injection to add required args for view and user etc. to this method
|
||||
|
||||
if ( Crypt::mode() == 'server' && Crypt::isEncryptedContent( $data ) ) {
|
||||
|
||||
$filePath = explode( '/', $path );
|
||||
|
@ -150,9 +152,7 @@ class Proxy extends \OC_FileProxy {
|
|||
|
||||
$keyFile = Keymanager::getFileKey( $filePath );
|
||||
|
||||
$privateKey = Keymanager::getPrivateKey();
|
||||
|
||||
$data = Crypt::keyDecryptKeyfile( $data, $keyFile, $privateKey );
|
||||
$data = Crypt::keyDecryptKeyfile( $data, $keyFile, $_SESSION['enckey'] );
|
||||
|
||||
\OC_FileProxy::$enabled = true;
|
||||
|
||||
|
@ -175,9 +175,15 @@ class Proxy extends \OC_FileProxy {
|
|||
// If file is encrypted, decrypt using crypto protocol
|
||||
if ( Crypt::mode() == 'server' && Crypt::isEncryptedContent( $path ) ) {
|
||||
|
||||
$keyFile = Keymanager::getFileKey( $filePath );
|
||||
|
||||
$tmp = tmpfile();
|
||||
|
||||
file_put_contents( $tmp, Crypt::keyDecryptKeyfile( $result, $keyFile, $_SESSION['enckey'] ) );
|
||||
|
||||
fclose ( $result );
|
||||
|
||||
$result = fopen( 'crypt://'.$path, $meta['mode'] );
|
||||
$result = fopen( $tmp );
|
||||
|
||||
} elseif (
|
||||
self::shouldEncrypt( $path )
|
||||
|
|
|
@ -222,9 +222,9 @@ class Util {
|
|||
|
||||
}
|
||||
|
||||
public function encryptAll( OC_FilesystemView $view ) {
|
||||
public function encryptAll( $directory ) {
|
||||
|
||||
$plainFiles = $this->findPlainFiles( $view );
|
||||
$plainFiles = $this->findFiles( $this->view, 'plain' );
|
||||
|
||||
if ( $this->encryptFiles( $plainFiles ) ) {
|
||||
|
||||
|
|
|
@ -43,6 +43,7 @@ class Test_Keymanager extends \PHPUnit_Framework_TestCase {
|
|||
|
||||
$key = Keymanager::getPrivateKey( $this->user, $this->view );
|
||||
|
||||
# TODO: replace call to Crypt with a mock object?
|
||||
$decrypted = Crypt::symmetricDecryptFileContent( $key, $this->passphrase );
|
||||
|
||||
$this->assertEquals( 1708, strlen( $decrypted ) );
|
||||
|
|
Loading…
Reference in New Issue