merge master into trash_fileactions

This commit is contained in:
Robin Appelman 2013-02-08 00:11:54 +01:00
commit f93f9dd50c
823 changed files with 29485 additions and 17328 deletions

12
.gitignore vendored
View File

@ -6,6 +6,17 @@ config/mount.php
apps/inc.php
3rdparty
# ignore all apps except core ones
apps/*
!apps/files
!apps/files_encryption
!apps/files_external
!apps/files_sharing
!apps/files_trashbin
!apps/files_versions
!apps/user_ldap
!apps/user_webdavauth
# just sane ignores
.*.sw[po]
*.bak
@ -45,6 +56,7 @@ nbproject
# Cloud9IDE
.settings.xml
.c9revisions
# vim ex mode
.vimrc

View File

@ -10,6 +10,8 @@ OCP\JSON::checkLoggedIn();
OCP\JSON::callCheck();
$l = OC_L10N::get('files');
$dir = $_POST['dir'];
// get array with current storage stats (e.g. max file size)
$storageStats = \OCA\files\lib\Helper::buildFileStorageStatistics($dir);
@ -37,7 +39,6 @@ foreach ($_FILES['files']['error'] as $error) {
}
$files = $_FILES['files'];
$dir = $_POST['dir'];
$error = '';
$maxUploadFilesize = OCP\Util::maxUploadFilesize($dir);

View File

@ -6,7 +6,7 @@ OCP\App::registerAdmin('files', 'admin');
OCP\App::addNavigationEntry( array( "id" => "files_index",
"order" => 0,
"href" => OCP\Util::linkTo( "files", "index.php" ),
"icon" => OCP\Util::imagePath( "core", "places/home.svg" ),
"icon" => OCP\Util::imagePath( "core", "places/files.svg" ),
"name" => $l->t("Files") ));
OC_Search::registerProvider('OC_Search_Provider_File');

View File

@ -32,12 +32,14 @@ OC_Util::obEnd();
// Backends
$authBackend = new OC_Connector_Sabre_Auth();
$lockBackend = new OC_Connector_Sabre_Locks();
$requestBackend = new OC_Connector_Sabre_Request();
// Create ownCloud Dir
$publicDir = new OC_Connector_Sabre_Directory('');
// Fire up server
$server = new Sabre_DAV_Server($publicDir);
$server->httpRequest = $requestBackend;
$server->setBaseUri($baseuri);
// Load plugins

View File

@ -3,7 +3,7 @@
See the COPYING-README file. */
/* FILE MENU */
.actions { padding:.3em; float:left; height:2em; }
.actions { padding:.3em; height:2em; width: 100%; }
.actions input, .actions button, .actions .button { margin:0; float:left; }
#new {
@ -23,7 +23,7 @@
#new>ul>li>p { cursor:pointer; }
#new>ul>li>form>input { padding:0.3em; margin:-0.3em; }
#trash { height:17px; margin:0 0 0 1em; z-index:1010; position:absolute; right:13.5em; }
#trash { height:17px; margin: 0 1em; z-index:1010; float: right; }
#upload {
height:27px; padding:0; margin-left:0.2em; overflow:hidden;
@ -44,7 +44,7 @@
z-index:20; position:relative; cursor:pointer; overflow:hidden;
}
#uploadprogresswrapper { position:absolute; right:13.5em; top:0em; }
#uploadprogresswrapper { float: right; position: relative; }
#uploadprogresswrapper #uploadprogressbar { position:relative; display:inline-block; width:10em; height:1.5em; top:.4em; }
/* FILE TABLE */
@ -55,7 +55,7 @@
font-size:1.5em; font-weight:bold;
color:#888; text-shadow:#fff 0 1px 0;
}
table { position:relative; top:37px; width:100%; }
table { position:relative; width:100%; }
tbody tr { background-color:#fff; height:2.5em; }
tbody tr:hover, tbody tr:active, tbody tr.selected { background-color:#f8f8f8; }
tbody tr.selected { background-color:#eee; }
@ -118,9 +118,6 @@ a.action>img { max-height:16px; max-width:16px; vertical-align:text-bottom; }
.selectedActions a { display:inline; margin:-.5em 0; padding:.5em !important; }
.selectedActions a img { position:relative; top:.3em; }
/* add breadcrumb divider to the File item in navigation panel */
#navigation>ul>li:first-child { background:url('%webroot%/core/img/breadcrumb-start.svg') no-repeat 12.5em 0px; width:12.5em; padding-right:1em; position:fixed; }
#navigation>ul>li:first-child+li { padding-top:2.9em; }
#scanning-message{ top:40%; left:40%; position:absolute; display:none; }

View File

@ -36,7 +36,7 @@ OCP\App::setActiveNavigationEntry('files_index');
$dir = isset($_GET['dir']) ? stripslashes($_GET['dir']) : '';
// Redirect if directory does not exist
if (!\OC\Files\Filesystem::is_dir($dir . '/')) {
header('Location: ' . $_SERVER['SCRIPT_NAME'] . '');
header('Location: ' . OCP\Util::getScriptName() . '');
exit();
}

View File

@ -115,6 +115,8 @@ var FileActions = {
// NOTE: Temporary fix to allow unsharing of files in root of Shared folder
if ($('#dir').val() == '/Shared') {
var html = '<a href="#" original-title="' + t('files', 'Unshare') + '" class="action delete" />';
} else if (typeof trashBinApp !== 'undefined' && trashBinApp) {
var html = '<a href="#" original-title="' + t('files', 'Delete permanently') + '" class="action delete" />';
} else {
var html = '<a href="#" original-title="' + t('files', 'Delete') + '" class="action delete" />';
}

View File

@ -309,7 +309,7 @@ var FileList={
$(document).ready(function(){
$('#notification').hide();
$('#notification .undo').live('click', function(){
$('#notification').on('click', '.undo', function(){
if (FileList.deleteFiles) {
$.each(FileList.deleteFiles,function(index,file){
$('tr').filterAttr('data-file',file).show();
@ -335,16 +335,16 @@ $(document).ready(function(){
FileList.lastAction = null;
OC.Notification.hide();
});
$('#notification .replace').live('click', function() {
$('#notification').on('click', '.replace', function() {
OC.Notification.hide(function() {
FileList.replace($('#notification').data('oldName'), $('#notification').data('newName'), $('#notification').data('isNewFile'));
});
});
$('#notification .suggest').live('click', function() {
$('#notification').on('click', '.suggest', function() {
$('tr').filterAttr('data-file', $('#notification').data('oldName')).show();
OC.Notification.hide();
});
$('#notification .cancel').live('click', function() {
$('#notification').on('click', '.cancel', function() {
if ($('#notification').data('isNewFile')) {
FileList.deleteCanceled = false;
FileList.deleteFiles = [$('#notification').data('oldName')];

View File

@ -110,7 +110,7 @@ $(document).ready(function() {
}
// Triggers invisible file input
$('#upload a').live('click', function() {
$('#upload a').on('click', function() {
$(this).parent().children('#file_upload_start').trigger('click');
return false;
});
@ -123,7 +123,7 @@ $(document).ready(function() {
var lastChecked;
// Sets the file link behaviour :
$('td.filename a').live('click',function(event) {
$('#fileList').on('click','td.filename a',function(event) {
if (event.ctrlKey || event.shiftKey) {
event.preventDefault();
if (event.shiftKey) {
@ -189,7 +189,7 @@ $(document).ready(function() {
procesSelection();
});
$('td.filename input:checkbox').live('change',function(event) {
$('#fileList').on('change', 'td.filename input:checkbox',function(event) {
if (event.shiftKey) {
var last = $(lastChecked).parent().parent().prevAll().length;
var first = $(this).parent().parent().prevAll().length;
@ -776,6 +776,10 @@ $(document).ready(function() {
});
function scanFiles(force, dir){
if (!OC.currentUser) {
return;
}
if(!dir){
dir = '';
}

View File

@ -20,6 +20,7 @@
"replaced {new_name}" => "s'ha substituït {new_name}",
"undo" => "desfés",
"replaced {new_name} with {old_name}" => "s'ha substituït {old_name} per {new_name}",
"perform delete operation" => "executa d'operació d'esborrar",
"'.' is an invalid file name." => "'.' és un nom no vàlid per un fitxer.",
"File name cannot be empty." => "El nom del fitxer no pot ser buit.",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "El nóm no és vàlid, '\\', '/', '<', '>', ':', '\"', '|', '?' i '*' no estan permesos.",
@ -56,6 +57,7 @@
"Text file" => "Fitxer de text",
"Folder" => "Carpeta",
"From link" => "Des d'enllaç",
"Trash" => "Esborra",
"Cancel upload" => "Cancel·la la pujada",
"Nothing in here. Upload something!" => "Res per aquí. Pugeu alguna cosa!",
"Download" => "Baixa",

View File

@ -20,6 +20,7 @@
"replaced {new_name}" => "nahrazeno {new_name}",
"undo" => "zpět",
"replaced {new_name} with {old_name}" => "nahrazeno {new_name} s {old_name}",
"perform delete operation" => "provést smazání",
"'.' is an invalid file name." => "'.' je neplatným názvem souboru.",
"File name cannot be empty." => "Název souboru nemůže být prázdný řetězec.",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "Neplatný název, znaky '\\', '/', '<', '>', ':', '\"', '|', '?' a '*' nejsou povoleny.",
@ -56,6 +57,7 @@
"Text file" => "Textový soubor",
"Folder" => "Složka",
"From link" => "Z odkazu",
"Trash" => "Koš",
"Cancel upload" => "Zrušit odesílání",
"Nothing in here. Upload something!" => "Žádný obsah. Nahrajte něco.",
"Download" => "Stáhnout",

View File

@ -8,7 +8,7 @@
"Missing a temporary folder" => "Temporärer Ordner fehlt.",
"Failed to write to disk" => "Fehler beim Schreiben auf die Festplatte",
"Not enough space available" => "Nicht genug Speicherplatz verfügbar",
"Invalid directory." => "Ungültiges Verzeichnis",
"Invalid directory." => "Ungültiges Verzeichnis.",
"Files" => "Dateien",
"Unshare" => "Nicht mehr freigeben",
"Delete" => "Löschen",
@ -20,8 +20,9 @@
"replaced {new_name}" => "{new_name} wurde ersetzt",
"undo" => "rückgängig machen",
"replaced {new_name} with {old_name}" => "{old_name} ersetzt durch {new_name}",
"'.' is an invalid file name." => "'.' ist kein gültiger Dateiname",
"File name cannot be empty." => "Der Dateiname darf nicht leer sein",
"perform delete operation" => "Löschvorgang ausführen",
"'.' is an invalid file name." => "'.' ist kein gültiger Dateiname.",
"File name cannot be empty." => "Der Dateiname darf nicht leer sein.",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "Ungültiger Name, '\\', '/', '<', '>', ':', '\"', '|', '?' und '*' sind nicht zulässig.",
"Your storage is full, files can not be updated or synced anymore!" => "Ihr Speicherplatz ist voll, Dateien können nicht mehr aktualisiert oder synchronisiert werden!",
"Your storage is almost full ({usedSpacePercent}%)" => "Ihr Speicherplatz ist fast aufgebraucht ({usedSpacePercent}%)",
@ -34,7 +35,7 @@
"{count} files uploading" => "{count} Dateien werden hochgeladen",
"Upload cancelled." => "Upload abgebrochen.",
"File upload is in progress. Leaving the page now will cancel the upload." => "Dateiupload läuft. Wenn Du die Seite jetzt verlässt, wird der Upload abgebrochen.",
"URL cannot be empty." => "Die URL darf nicht leer sein",
"URL cannot be empty." => "Die URL darf nicht leer sein.",
"Invalid folder name. Usage of 'Shared' is reserved by Owncloud" => "Ungültiger Verzeichnisname. Die Nutzung von \"Shared\" ist ownCloud vorbehalten.",
"Name" => "Name",
"Size" => "Größe",
@ -56,11 +57,13 @@
"Text file" => "Textdatei",
"Folder" => "Ordner",
"From link" => "Von einem Link",
"Trash" => "Papierkorb",
"Cancel upload" => "Upload abbrechen",
"Nothing in here. Upload something!" => "Alles leer. Lade etwas hoch!",
"Download" => "Herunterladen",
"Upload too large" => "Upload zu groß",
"The files you are trying to upload exceed the maximum size for file uploads on this server." => "Die Datei überschreitet die Maximalgröße für Uploads auf diesem Server.",
"Files are being scanned, please wait." => "Dateien werden gescannt, bitte warten.",
"Current scanning" => "Scanne"
"Current scanning" => "Scanne",
"Upgrading filesystem cache..." => "Dateisystem-Cache wird aktualisiert ..."
);

View File

@ -20,6 +20,7 @@
"replaced {new_name}" => "{new_name} wurde ersetzt",
"undo" => "rückgängig machen",
"replaced {new_name} with {old_name}" => "{old_name} wurde ersetzt durch {new_name}",
"perform delete operation" => "Führe das Löschen aus",
"'.' is an invalid file name." => "'.' ist kein gültiger Dateiname.",
"File name cannot be empty." => "Der Dateiname darf nicht leer sein.",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "Ungültiger Name, '\\', '/', '<', '>', ':', '\"', '|', '?' und '*' sind nicht zulässig.",
@ -56,11 +57,13 @@
"Text file" => "Textdatei",
"Folder" => "Ordner",
"From link" => "Von einem Link",
"Trash" => "Abfall",
"Cancel upload" => "Upload abbrechen",
"Nothing in here. Upload something!" => "Alles leer. Bitte laden Sie etwas hoch!",
"Download" => "Herunterladen",
"Upload too large" => "Der Upload ist zu groß",
"The files you are trying to upload exceed the maximum size for file uploads on this server." => "Die Datei überschreitet die Maximalgröße für Uploads auf diesem Server.",
"Files are being scanned, please wait." => "Dateien werden gescannt, bitte warten.",
"Current scanning" => "Scanne"
"Current scanning" => "Scanne",
"Upgrading filesystem cache..." => "Aktualisiere den Dateisystem-Cache"
);

View File

@ -20,9 +20,12 @@
"replaced {new_name}" => "reemplazado {new_name}",
"undo" => "deshacer",
"replaced {new_name} with {old_name}" => "reemplazado {new_name} con {old_name}",
"perform delete operation" => "Eliminar",
"'.' is an invalid file name." => "'.' es un nombre de archivo inválido.",
"File name cannot be empty." => "El nombre de archivo no puede estar vacío.",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "Nombre Invalido, \"\\\", \"/\", \"<\", \">\", \":\", \"\", \"|\" \"?\" y \"*\" no están permitidos ",
"Your storage is full, files can not be updated or synced anymore!" => "Su almacenamiento esta lleno, los archivos no pueden ser mas actualizados o sincronizados!",
"Your storage is almost full ({usedSpacePercent}%)" => "Su almacenamiento esta lleno en un ({usedSpacePercent}%)",
"Your download is being prepared. This might take some time if the files are big." => "Tu descarga esta siendo preparada. Esto puede tardar algun tiempo si los archivos son muy grandes.",
"Unable to upload your file as it is a directory or has 0 bytes" => "No ha sido posible subir tu archivo porque es un directorio o tiene 0 bytes",
"Upload Error" => "Error al subir el archivo",
@ -54,11 +57,13 @@
"Text file" => "Archivo de texto",
"Folder" => "Carpeta",
"From link" => "Desde el enlace",
"Trash" => "Basura",
"Cancel upload" => "Cancelar subida",
"Nothing in here. Upload something!" => "Aquí no hay nada. ¡Sube algo!",
"Download" => "Descargar",
"Upload too large" => "El archivo es demasiado grande",
"The files you are trying to upload exceed the maximum size for file uploads on this server." => "Los archivos que estás intentando subir sobrepasan el tamaño máximo permitido por este servidor.",
"Files are being scanned, please wait." => "Se están escaneando los archivos, por favor espere.",
"Current scanning" => "Ahora escaneando"
"Current scanning" => "Ahora escaneando",
"Upgrading filesystem cache..." => "Actualizando cache de archivos de sistema"
);

View File

@ -20,6 +20,7 @@
"replaced {new_name}" => "reemplazado {new_name}",
"undo" => "deshacer",
"replaced {new_name} with {old_name}" => "reemplazado {new_name} con {old_name}",
"perform delete operation" => "Eliminar",
"'.' is an invalid file name." => "'.' es un nombre de archivo inválido.",
"File name cannot be empty." => "El nombre del archivo no puede quedar vacío.",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "Nombre invalido, '\\', '/', '<', '>', ':', '\"', '|', '?' y '*' no están permitidos.",
@ -56,11 +57,13 @@
"Text file" => "Archivo de texto",
"Folder" => "Carpeta",
"From link" => "Desde enlace",
"Trash" => "Papelera",
"Cancel upload" => "Cancelar subida",
"Nothing in here. Upload something!" => "No hay nada. ¡Subí contenido!",
"Download" => "Descargar",
"Upload too large" => "El archivo es demasiado grande",
"The files you are trying to upload exceed the maximum size for file uploads on this server." => "Los archivos que intentás subir sobrepasan el tamaño máximo ",
"Files are being scanned, please wait." => "Se están escaneando los archivos, por favor esperá.",
"Current scanning" => "Escaneo actual"
"Current scanning" => "Escaneo actual",
"Upgrading filesystem cache..." => "Actualizando el cache del sistema de archivos"
);

View File

@ -17,6 +17,7 @@
"suggest name" => "ehdota nimeä",
"cancel" => "peru",
"undo" => "kumoa",
"perform delete operation" => "suorita poistotoiminto",
"'.' is an invalid file name." => "'.' on virheellinen nimi tiedostolle.",
"File name cannot be empty." => "Tiedoston nimi ei voi olla tyhjä.",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "Virheellinen nimi, merkit '\\', '/', '<', '>', ':', '\"', '|', '?' ja '*' eivät ole sallittuja.",
@ -50,11 +51,13 @@
"Text file" => "Tekstitiedosto",
"Folder" => "Kansio",
"From link" => "Linkistä",
"Trash" => "Roskakori",
"Cancel upload" => "Peru lähetys",
"Nothing in here. Upload something!" => "Täällä ei ole mitään. Lähetä tänne jotakin!",
"Download" => "Lataa",
"Upload too large" => "Lähetettävä tiedosto on liian suuri",
"The files you are trying to upload exceed the maximum size for file uploads on this server." => "Lähetettäväksi valitsemasi tiedostot ylittävät palvelimen salliman tiedostokoon rajan.",
"Files are being scanned, please wait." => "Tiedostoja tarkistetaan, odota hetki.",
"Current scanning" => "Tämänhetkinen tutkinta"
"Current scanning" => "Tämänhetkinen tutkinta",
"Upgrading filesystem cache..." => "Päivitetään tiedostojärjestelmän välimuistia..."
);

View File

@ -20,6 +20,7 @@
"replaced {new_name}" => "{new_name} a été remplacé",
"undo" => "annuler",
"replaced {new_name} with {old_name}" => "{new_name} a été remplacé par {old_name}",
"perform delete operation" => "effectuer l'opération de suppression",
"'.' is an invalid file name." => "'.' n'est pas un nom de fichier valide.",
"File name cannot be empty." => "Le nom de fichier ne peut être vide.",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "Nom invalide, les caractères '\\', '/', '<', '>', ':', '\"', '|', '?' et '*' ne sont pas autorisés.",
@ -56,11 +57,13 @@
"Text file" => "Fichier texte",
"Folder" => "Dossier",
"From link" => "Depuis le lien",
"Trash" => "Corbeille",
"Cancel upload" => "Annuler l'envoi",
"Nothing in here. Upload something!" => "Il n'y a rien ici ! Envoyez donc quelque chose :)",
"Download" => "Télécharger",
"Upload too large" => "Fichier trop volumineux",
"The files you are trying to upload exceed the maximum size for file uploads on this server." => "Les fichiers que vous essayez d'envoyer dépassent la taille maximale permise par ce serveur.",
"Files are being scanned, please wait." => "Les fichiers sont en cours d'analyse, veuillez patienter.",
"Current scanning" => "Analyse en cours"
"Current scanning" => "Analyse en cours",
"Upgrading filesystem cache..." => "Mise à niveau du cache du système de fichier"
);

View File

@ -20,6 +20,7 @@
"replaced {new_name}" => "sostituito {new_name}",
"undo" => "annulla",
"replaced {new_name} with {old_name}" => "sostituito {new_name} con {old_name}",
"perform delete operation" => "esegui l'operazione di eliminazione",
"'.' is an invalid file name." => "'.' non è un nome file valido.",
"File name cannot be empty." => "Il nome del file non può essere vuoto.",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "Nome non valido, '\\', '/', '<', '>', ':', '\"', '|', '?' e '*' non sono consentiti.",
@ -56,6 +57,7 @@
"Text file" => "File di testo",
"Folder" => "Cartella",
"From link" => "Da collegamento",
"Trash" => "Cestino",
"Cancel upload" => "Annulla invio",
"Nothing in here. Upload something!" => "Non c'è niente qui. Carica qualcosa!",
"Download" => "Scarica",

View File

@ -20,6 +20,7 @@
"replaced {new_name}" => "{new_name} を置換",
"undo" => "元に戻す",
"replaced {new_name} with {old_name}" => "{old_name} を {new_name} に置換",
"perform delete operation" => "削除を実行",
"'.' is an invalid file name." => "'.' は無効なファイル名です。",
"File name cannot be empty." => "ファイル名を空にすることはできません。",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "無効な名前、'\\', '/', '<', '>', ':', '\"', '|', '?', '*' は使用できません。",
@ -56,11 +57,13 @@
"Text file" => "テキストファイル",
"Folder" => "フォルダ",
"From link" => "リンク",
"Trash" => "ゴミ箱",
"Cancel upload" => "アップロードをキャンセル",
"Nothing in here. Upload something!" => "ここには何もありません。何かアップロードしてください。",
"Download" => "ダウンロード",
"Upload too large" => "ファイルサイズが大きすぎます",
"The files you are trying to upload exceed the maximum size for file uploads on this server." => "アップロードしようとしているファイルは、サーバで規定された最大サイズを超えています。",
"Files are being scanned, please wait." => "ファイルをスキャンしています、しばらくお待ちください。",
"Current scanning" => "スキャン中"
"Current scanning" => "スキャン中",
"Upgrading filesystem cache..." => "ファイルシステムキャッシュを更新中..."
);

View File

@ -1,40 +1,69 @@
<?php $TRANSLATIONS = array(
"There is no error, the file uploaded with success" => "Viss kārtībā, augšupielāde veiksmīga",
"No file was uploaded" => "Neviens fails netika augšuplādēts",
"No file was uploaded. Unknown error" => "Netika augšupielādēta neviena datne. Nezināma kļūda",
"There is no error, the file uploaded with success" => "Augšupielāde pabeigta bez kļūdām",
"The uploaded file exceeds the upload_max_filesize directive in php.ini: " => "Augšupielādētā datne pārsniedz upload_max_filesize norādījumu php.ini datnē:",
"The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form" => "Augšupielādētā datne pārsniedz MAX_FILE_SIZE norādi, kas ir norādīta HTML formā",
"The uploaded file was only partially uploaded" => "Augšupielādētā datne ir tikai daļēji augšupielādēta",
"No file was uploaded" => "Neviena datne netika augšupielādēta",
"Missing a temporary folder" => "Trūkst pagaidu mapes",
"Failed to write to disk" => "Nav iespējams saglabāt",
"Files" => "Faili",
"Unshare" => "Pārtraukt līdzdalīšanu",
"Delete" => "Izdzēst",
"Rename" => "Pārdēvēt",
"Failed to write to disk" => "Neizdevās saglabāt diskā",
"Not enough space available" => "Nepietiek brīvas vietas",
"Invalid directory." => "Nederīga direktorija.",
"Files" => "Datnes",
"Unshare" => "Pārtraukt dalīšanos",
"Delete" => "Dzēst",
"Rename" => "Pārsaukt",
"{new_name} already exists" => "{new_name} jau eksistē",
"replace" => "aizvietot",
"suggest name" => "Ieteiktais nosaukums",
"suggest name" => "ieteiktais nosaukums",
"cancel" => "atcelt",
"undo" => "vienu soli atpakaļ",
"Unable to upload your file as it is a directory or has 0 bytes" => "Nav iespējams augšuplādēt jūsu failu, jo tāds jau eksistē vai arī failam nav izmēra (0 baiti)",
"Upload Error" => "Augšuplādēšanas laikā radās kļūda",
"replaced {new_name}" => "aizvietots {new_name}",
"undo" => "atsaukt",
"replaced {new_name} with {old_name}" => "aizvietoja {new_name} ar {old_name}",
"perform delete operation" => "veikt dzēšanas darbību",
"'.' is an invalid file name." => "'.' ir nederīgs datnes nosaukums.",
"File name cannot be empty." => "Datnes nosaukums nevar būt tukšs.",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "Nederīgs nosaukums, nav atļauti '\\', '/', '<', '>', ':', '\"', '|', '?' un '*'.",
"Your storage is full, files can not be updated or synced anymore!" => "Jūsu krātuve ir pilna, datnes vairs nevar augšupielādēt vai sinhronizēt!",
"Your storage is almost full ({usedSpacePercent}%)" => "Jūsu krātuve ir gandrīz pilna ({usedSpacePercent}%)",
"Your download is being prepared. This might take some time if the files are big." => "Tiek sagatavota lejupielāde. Tas var aizņemt kādu laiciņu, ja datnes ir lielas.",
"Unable to upload your file as it is a directory or has 0 bytes" => "Nevar augšupielādēt jūsu datni, jo tā ir direktorija vai arī tās izmērs ir 0 baiti",
"Upload Error" => "Kļūda augšupielādējot",
"Close" => "Aizvērt",
"Pending" => "Gaida savu kārtu",
"Upload cancelled." => "Augšuplāde ir atcelta",
"1 file uploading" => "Augšupielādē 1 datni",
"{count} files uploading" => "augšupielādē {count} datnes",
"Upload cancelled." => "Augšupielāde ir atcelta.",
"File upload is in progress. Leaving the page now will cancel the upload." => "Notiek augšupielāde. Pametot lapu tagad, tiks atcelta augšupielāde.",
"URL cannot be empty." => "URL nevar būt tukšs.",
"Invalid folder name. Usage of 'Shared' is reserved by Owncloud" => "Nederīgs mapes nosaukums. “Koplietots” izmantojums ir rezervēts ownCloud servisam.",
"Name" => "Nosaukums",
"Size" => "Izmērs",
"Modified" => "Izmainīts",
"Upload" => "Augšuplādet",
"File handling" => "Failu pārvaldība",
"Maximum upload size" => "Maksimālais failu augšuplādes apjoms",
"max. possible: " => "maksīmālais iespējamais:",
"Needed for multi-file and folder downloads." => "Vajadzīgs vairāku failu un mapju lejuplādei",
"Enable ZIP-download" => "Iespējot ZIP lejuplādi",
"Modified" => "Mainīts",
"1 folder" => "1 mape",
"{count} folders" => "{count} mapes",
"1 file" => "1 datne",
"{count} files" => "{count} datnes",
"Upload" => "Augšupielādēt",
"File handling" => "Datņu pārvaldība",
"Maximum upload size" => "Maksimālais datņu augšupielādes apjoms",
"max. possible: " => "maksimālais iespējamais:",
"Needed for multi-file and folder downloads." => "Vajadzīgs vairāku datņu un mapju lejupielādēšanai.",
"Enable ZIP-download" => "Aktivēt ZIP lejupielādi",
"0 is unlimited" => "0 ir neierobežots",
"Maximum input size for ZIP files" => "Maksimālais ievades izmērs ZIP datnēm",
"Save" => "Saglabāt",
"New" => "Jauns",
"Text file" => "Teksta fails",
"New" => "Jauna",
"Text file" => "Teksta datne",
"Folder" => "Mape",
"Cancel upload" => "Atcelt augšuplādi",
"Nothing in here. Upload something!" => "Te vēl nekas nav. Rīkojies, sāc augšuplādēt",
"Download" => "Lejuplādēt",
"Upload too large" => "Fails ir par lielu lai to augšuplādetu",
"The files you are trying to upload exceed the maximum size for file uploads on this server." => "Jūsu augšuplādējamie faili pārsniedz servera pieļaujamo failu augšupielādes apjomu",
"Files are being scanned, please wait." => "Faili šobrīd tiek caurskatīti, nedaudz jāpagaida.",
"Current scanning" => "Šobrīd tiek pārbaudīti"
"From link" => "No saites",
"Trash" => "Miskaste",
"Cancel upload" => "Atcelt augšupielādi",
"Nothing in here. Upload something!" => "Te vēl nekas nav. Rīkojies, sāc augšupielādēt!",
"Download" => "Lejupielādēt",
"Upload too large" => "Datne ir par lielu, lai to augšupielādētu",
"The files you are trying to upload exceed the maximum size for file uploads on this server." => "Augšupielādējamās datnes pārsniedz servera pieļaujamo datņu augšupielādes apjomu",
"Files are being scanned, please wait." => "Datnes šobrīd tiek caurskatītas, lūdzu, uzgaidiet.",
"Current scanning" => "Šobrīd tiek caurskatīts",
"Upgrading filesystem cache..." => "Uzlabo datņu sistēmas kešatmiņu..."
);

View File

@ -20,9 +20,12 @@
"replaced {new_name}" => "verving {new_name}",
"undo" => "ongedaan maken",
"replaced {new_name} with {old_name}" => "verving {new_name} met {old_name}",
"perform delete operation" => "uitvoeren verwijderactie",
"'.' is an invalid file name." => "'.' is een ongeldige bestandsnaam.",
"File name cannot be empty." => "Bestandsnaam kan niet leeg zijn.",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "Onjuiste naam; '\\', '/', '<', '>', ':', '\"', '|', '?' en '*' zijn niet toegestaan.",
"Your storage is full, files can not be updated or synced anymore!" => "Uw opslagruimte zit vol, Bestanden kunnen niet meer worden ge-upload of gesynchroniseerd!",
"Your storage is almost full ({usedSpacePercent}%)" => "Uw opslagruimte zit bijna vol ({usedSpacePercent}%)",
"Your download is being prepared. This might take some time if the files are big." => "Uw download wordt voorbereid. Dit kan enige tijd duren bij grote bestanden.",
"Unable to upload your file as it is a directory or has 0 bytes" => "uploaden van de file mislukt, het is of een directory of de bestandsgrootte is 0 bytes",
"Upload Error" => "Upload Fout",
@ -54,11 +57,13 @@
"Text file" => "Tekstbestand",
"Folder" => "Map",
"From link" => "Vanaf link",
"Trash" => "Verwijderen",
"Cancel upload" => "Upload afbreken",
"Nothing in here. Upload something!" => "Er bevindt zich hier niets. Upload een bestand!",
"Download" => "Download",
"Upload too large" => "Bestanden te groot",
"The files you are trying to upload exceed the maximum size for file uploads on this server." => "De bestanden die u probeert te uploaden zijn groter dan de maximaal toegestane bestandsgrootte voor deze server.",
"Files are being scanned, please wait." => "Bestanden worden gescand, even wachten.",
"Current scanning" => "Er wordt gescand"
"Current scanning" => "Er wordt gescand",
"Upgrading filesystem cache..." => "Upgraden bestandssysteem cache..."
);

View File

@ -20,6 +20,7 @@
"replaced {new_name}" => "{new_name} substituido",
"undo" => "desfazer",
"replaced {new_name} with {old_name}" => "substituido {new_name} por {old_name}",
"perform delete operation" => "Executar a tarefa de apagar",
"'.' is an invalid file name." => "'.' não é um nome de ficheiro válido!",
"File name cannot be empty." => "O nome do ficheiro não pode estar vazio.",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "Nome Inválido, os caracteres '\\', '/', '<', '>', ':', '\"', '|', '?' e '*' não são permitidos.",
@ -56,6 +57,7 @@
"Text file" => "Ficheiro de texto",
"Folder" => "Pasta",
"From link" => "Da ligação",
"Trash" => "Lixo",
"Cancel upload" => "Cancelar envio",
"Nothing in here. Upload something!" => "Vazio. Envie alguma coisa!",
"Download" => "Transferir",

View File

@ -20,9 +20,13 @@
"replaced {new_name}" => "заменено {new_name}",
"undo" => "отмена",
"replaced {new_name} with {old_name}" => "заменено {new_name} на {old_name}",
"perform delete operation" => "выполняется операция удаления",
"'.' is an invalid file name." => "'.' - неправильное имя файла.",
"File name cannot be empty." => "Имя файла не может быть пустым.",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "Неправильное имя, '\\', '/', '<', '>', ':', '\"', '|', '?' и '*' недопустимы.",
"Your storage is full, files can not be updated or synced anymore!" => "Ваше дисковое пространство полностью заполнено, произведите очистку перед загрузкой новых файлов.",
"Your storage is almost full ({usedSpacePercent}%)" => "Ваше хранилище почти заполнено ({usedSpacePercent}%)",
"Your download is being prepared. This might take some time if the files are big." => "Загрузка началась. Это может потребовать много времени, если файл большого размера.",
"Unable to upload your file as it is a directory or has 0 bytes" => "Не удается загрузить файл размером 0 байт в каталог",
"Upload Error" => "Ошибка загрузки",
"Close" => "Закрыть",
@ -53,11 +57,13 @@
"Text file" => "Текстовый файл",
"Folder" => "Папка",
"From link" => "Из ссылки",
"Trash" => "Корзина",
"Cancel upload" => "Отмена загрузки",
"Nothing in here. Upload something!" => "Здесь ничего нет. Загрузите что-нибудь!",
"Download" => "Скачать",
"Upload too large" => "Файл слишком большой",
"The files you are trying to upload exceed the maximum size for file uploads on this server." => "Файлы, которые Вы пытаетесь загрузить, превышают лимит для файлов на этом сервере.",
"Files are being scanned, please wait." => "Подождите, файлы сканируются.",
"Current scanning" => "Текущее сканирование"
"Current scanning" => "Текущее сканирование",
"Upgrading filesystem cache..." => "Обновление кеша файловой системы..."
);

View File

@ -20,6 +20,7 @@
"replaced {new_name}" => "prepísaný {new_name}",
"undo" => "vrátiť",
"replaced {new_name} with {old_name}" => "prepísaný {new_name} súborom {old_name}",
"perform delete operation" => "vykonať zmazanie",
"'.' is an invalid file name." => "'.' je neplatné meno súboru.",
"File name cannot be empty." => "Meno súboru nemôže byť prázdne",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "Nesprávne meno, '\\', '/', '<', '>', ':', '\"', '|', '?' a '*' nie sú povolené hodnoty.",
@ -56,11 +57,13 @@
"Text file" => "Textový súbor",
"Folder" => "Priečinok",
"From link" => "Z odkazu",
"Trash" => "Kôš",
"Cancel upload" => "Zrušiť odosielanie",
"Nothing in here. Upload something!" => "Žiadny súbor. Nahrajte niečo!",
"Download" => "Stiahnuť",
"Upload too large" => "Odosielaný súbor je príliš veľký",
"The files you are trying to upload exceed the maximum size for file uploads on this server." => "Súbory, ktoré sa snažíte nahrať, presahujú maximálnu veľkosť pre nahratie súborov na tento server.",
"Files are being scanned, please wait." => "Čakajte, súbory sú prehľadávané.",
"Current scanning" => "Práve prehliadané"
"Current scanning" => "Práve prehliadané",
"Upgrading filesystem cache..." => "Aktualizujem medzipamäť súborového systému..."
);

View File

@ -20,6 +20,7 @@
"replaced {new_name}" => "ersatt {new_name}",
"undo" => "ångra",
"replaced {new_name} with {old_name}" => "ersatt {new_name} med {old_name}",
"perform delete operation" => "utför raderingen",
"'.' is an invalid file name." => "'.' är ett ogiltigt filnamn.",
"File name cannot be empty." => "Filnamn kan inte vara tomt.",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "Ogiltigt namn, '\\', '/', '<', '>', ':', '\"', '|', '?' och '*' är inte tillåtet.",
@ -56,6 +57,7 @@
"Text file" => "Textfil",
"Folder" => "Mapp",
"From link" => "Från länk",
"Trash" => "Papperskorgen",
"Cancel upload" => "Avbryt uppladdning",
"Nothing in here. Upload something!" => "Ingenting här. Ladda upp något!",
"Download" => "Ladda ner",

View File

@ -20,6 +20,7 @@
"replaced {new_name}" => "แทนที่ {new_name} แล้ว",
"undo" => "เลิกทำ",
"replaced {new_name} with {old_name}" => "แทนที่ {new_name} ด้วย {old_name} แล้ว",
"perform delete operation" => "ดำเนินการตามคำสั่งลบ",
"'.' is an invalid file name." => "'.' เป็นชื่อไฟล์ที่ไม่ถูกต้อง",
"File name cannot be empty." => "ชื่อไฟล์ไม่สามารถเว้นว่างได้",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "ชื่อที่ใช้ไม่ถูกต้อง, '\\', '/', '<', '>', ':', '\"', '|', '?' และ '*' ไม่ได้รับอนุญาตให้ใช้งานได้",
@ -56,11 +57,13 @@
"Text file" => "ไฟล์ข้อความ",
"Folder" => "แฟ้มเอกสาร",
"From link" => "จากลิงก์",
"Trash" => "ถังขยะ",
"Cancel upload" => "ยกเลิกการอัพโหลด",
"Nothing in here. Upload something!" => "ยังไม่มีไฟล์ใดๆอยู่ที่นี่ กรุณาอัพโหลดไฟล์!",
"Download" => "ดาวน์โหลด",
"Upload too large" => "ไฟล์ที่อัพโหลดมีขนาดใหญ่เกินไป",
"The files you are trying to upload exceed the maximum size for file uploads on this server." => "ไฟล์ที่คุณพยายามที่จะอัพโหลดมีขนาดเกินกว่าขนาดสูงสุดที่กำหนดไว้ให้อัพโหลดได้สำหรับเซิร์ฟเวอร์นี้",
"Files are being scanned, please wait." => "ไฟล์กำลังอยู่ระหว่างการสแกน, กรุณารอสักครู่.",
"Current scanning" => "ไฟล์ที่กำลังสแกนอยู่ขณะนี้"
"Current scanning" => "ไฟล์ที่กำลังสแกนอยู่ขณะนี้",
"Upgrading filesystem cache..." => "กำลังอัพเกรดหน่วยความจำแคชของระบบไฟล์..."
);

View File

@ -20,9 +20,12 @@
"replaced {new_name}" => "已取代 {new_name}",
"undo" => "復原",
"replaced {new_name} with {old_name}" => "使用 {new_name} 取代 {old_name}",
"perform delete operation" => "進行刪除動作",
"'.' is an invalid file name." => "'.' 是不合法的檔名。",
"File name cannot be empty." => "檔名不能為空。",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "檔名不合法,不允許 '\\', '/', '<', '>', ':', '\"', '|', '?' 和 '*' 。",
"Your storage is full, files can not be updated or synced anymore!" => "您的儲存空間已滿,沒有辦法再更新或是同步檔案!",
"Your storage is almost full ({usedSpacePercent}%)" => "您的儲存空間快要滿了 ({usedSpacePercent}%)",
"Your download is being prepared. This might take some time if the files are big." => "正在準備您的下載,若您的檔案較大,將會需要更多時間。",
"Unable to upload your file as it is a directory or has 0 bytes" => "無法上傳您的檔案因為它可能是一個目錄或檔案大小為0",
"Upload Error" => "上傳發生錯誤",
@ -54,11 +57,13 @@
"Text file" => "文字檔",
"Folder" => "資料夾",
"From link" => "從連結",
"Trash" => "回收筒",
"Cancel upload" => "取消上傳",
"Nothing in here. Upload something!" => "沒有任何東西。請上傳內容!",
"Download" => "下載",
"Upload too large" => "上傳過大",
"The files you are trying to upload exceed the maximum size for file uploads on this server." => "您試圖上傳的檔案已超過伺服器的最大檔案大小限制。 ",
"Files are being scanned, please wait." => "正在掃描檔案,請稍等。",
"Current scanning" => "目前掃描"
"Current scanning" => "目前掃描",
"Upgrading filesystem cache..." => "正在更新檔案系統快取..."
);

View File

@ -59,7 +59,7 @@
<div id="emptyfolder"><?php echo $l->t('Nothing in here. Upload something!')?></div>
<?php endif; ?>
<table>
<table class="hascontrols">
<thead>
<tr>
<th id='headerName'>

View File

@ -1,10 +1,16 @@
<?php if(count($_["breadcrumb"])):?>
<div class="crumb">
<a href="<?php echo $_['baseURL']; ?>">
<img src="<?php echo OCP\image_path('core','places/home.svg');?>" />
</a>
</div>
<?php endif;?>
<?php for($i=0; $i<count($_["breadcrumb"]); $i++):
$crumb = $_["breadcrumb"][$i];
$dir = str_replace('+', '%20', urlencode($crumb["dir"]));
$dir = str_replace('%2F', '/', $dir); ?>
<div class="crumb <?php if($i == count($_["breadcrumb"])-1) echo 'last';?> svg"
data-dir='<?php echo $dir;?>'
style='background-image:url("<?php echo OCP\image_path('core', 'breadcrumb.png');?>")'>
data-dir='<?php echo $dir;?>'>
<a href="<?php echo $_['baseURL'].$dir; ?>"><?php echo OCP\Util::sanitizeHTML($crumb["name"]); ?></a>
</div>
<?php endfor;
<?php endfor;

View File

@ -28,7 +28,7 @@
>
<?php if(!isset($_['readonly']) || !$_['readonly']): ?><input type="checkbox" /><?php endif; ?>
<?php if($file['type'] == 'dir'): ?>
<a class="name" href="<?php echo $_['baseURL'].$directory.'/'.$name; ?>)" title="">
<a class="name" href="<?php echo $_['baseURL'].$directory.'/'.$name; ?>" title="">
<?php else: ?>
<a class="name" href="<?php echo $_['downloadURL'].$directory.'/'.$name; ?>" title="">
<?php endif; ?>

View File

@ -10,21 +10,31 @@ OC::$CLASSPATH['OCA\Encryption\Session'] = 'apps/files_encryption/lib/session.ph
OC_FileProxy::register( new OCA\Encryption\Proxy() );
OCP\Util::connectHook( 'OC_User','post_login', 'OCA\Encryption\Hooks', 'login' );
// User-related hooks
OCP\Util::connectHook( 'OC_User', 'post_login', 'OCA\Encryption\Hooks', 'login' );
OCP\Util::connectHook( 'OC_User', 'pre_setPassword','OCA\Encryption\Hooks', 'setPassphrase' );
// Sharing-related hooks
OCP\Util::connectHook( 'OCP\Share', 'post_shared', 'OCA\Encryption\Hooks', 'postShared' );
OCP\Util::connectHook( 'OCP\Share', 'pre_unshare', 'OCA\Encryption\Hooks', 'preUnshare' );
OCP\Util::connectHook( 'OCP\Share', 'pre_unshareAll', 'OCA\Encryption\Hooks', 'preUnshareAll' );
// Webdav-related hooks
OCP\Util::connectHook( 'OC_Webdav_Properties', 'update', 'OCA\Encryption\Hooks', 'updateKeyfile' );
OCP\Util::connectHook( 'OC_User','post_setPassword','OCA\Encryption\Hooks' ,'setPassphrase' );
stream_wrapper_register( 'crypt', 'OCA\Encryption\Stream' );
$session = new OCA\Encryption\Session();
if (
! $session->getPrivateKey( \OCP\USER::getUser() )
&& OCP\User::isLoggedIn()
&& OCA\Encryption\Crypt::mode() == 'server'
! $session->getPrivateKey( \OCP\USER::getUser() )
&& OCP\User::isLoggedIn()
&& OCA\Encryption\Crypt::mode() == 'server'
) {
// Force the user to re-log in if the encryption key isn't unlocked (happens when a user is logged in before the encryption app is enabled)
// Force the user to log-in again if the encryption key isn't unlocked
// (happens when a user is logged in before the encryption app is
// enabled)
OCP\User::logout();
header( "Location: " . OC::$WEBROOT.'/' );
@ -33,5 +43,6 @@ if (
}
OCP\App::registerAdmin( 'files_encryption', 'settings');
// Reguster settings scripts
OCP\App::registerAdmin( 'files_encryption', 'settings' );
OCP\App::registerPersonal( 'files_encryption', 'settings-personal' );

View File

@ -0,0 +1,19 @@
Encrypted files
---------------
- Each encrypted file has at least two components: the encrypted data file
('catfile'), and it's corresponding key file ('keyfile'). Shared files have an
additional key file ('share key'). The catfile contains the encrypted data
concatenated with delimiter text, followed by the initialisation vector ('IV'),
and padding. e.g.:
[encrypted data string][delimiter][IV][padding]
[anhAAjAmcGXqj1X9g==][00iv00][MSHU5N5gECP7aAg7][xx] (square braces added)
Notes
-----
- The user passphrase is required in order to set up or upgrade the app. New
keypair generation, and the re-encryption of legacy encrypted files requires
it. Therefore an appinfo/update.php script cannot be used, and upgrade logic
is handled in the login hook listener.

View File

@ -1 +1 @@
0.2.1
0.3

View File

@ -1,4 +1,5 @@
<?php
/**
* ownCloud
*
@ -28,7 +29,8 @@ namespace OCA\Encryption;
class Hooks {
# TODO: use passphrase for encrypting private key that is separate to the login password
// TODO: use passphrase for encrypting private key that is separate to
// the login password
/**
* @brief Startup encryption backend upon user login
@ -36,49 +38,65 @@ class Hooks {
*/
public static function login( $params ) {
// if ( Crypt::mode( $params['uid'] ) == 'server' ) {
# TODO: use lots of dependency injection here
$view = new \OC_FilesystemView( '/' );
// Manually initialise Filesystem{} singleton with correct
// fake root path, in order to avoid fatal webdav errors
\OC\Files\Filesystem::init( $params['uid'] . '/' . 'files' . '/' );
$view = new \OC_FilesystemView( '/' );
$util = new Util( $view, $params['uid'] );
if ( ! $util->ready() ) {
\OC_Log::write( 'Encryption library', 'User account "' . $params['uid'] . '" is not ready for encryption; configuration started' , \OC_Log::DEBUG );
return $util->setupServerSide( $params['password'] );
}
$util = new Util( $view, $params['uid'] );
\OC_FileProxy::$enabled = false;
// Check files_encryption infrastructure is ready for action
if ( ! $util->ready() ) {
$encryptedKey = Keymanager::getPrivateKey( $view, $params['uid'] );
\OC_Log::write( 'Encryption library', 'User account "' . $params['uid'] . '" is not ready for encryption; configuration started', \OC_Log::DEBUG );
\OC_FileProxy::$enabled = true;
# TODO: dont manually encrypt the private keyfile - use the config options of openssl_pkey_export instead for better mobile compatibility
$privateKey = Crypt::symmetricDecryptFileContent( $encryptedKey, $params['password'] );
$session = new Session();
$session->setPrivateKey( $privateKey, $params['uid'] );
$view1 = new \OC_FilesystemView( '/' . $params['uid'] );
// Set legacy encryption key if it exists, to support
// depreciated encryption system
if (
return $util->setupServerSide( $params['password'] );
}
\OC_FileProxy::$enabled = false;
$encryptedKey = Keymanager::getPrivateKey( $view, $params['uid'] );
\OC_FileProxy::$enabled = true;
$privateKey = Crypt::symmetricDecryptFileContent( $encryptedKey, $params['password'] );
$session = new Session();
$session->setPrivateKey( $privateKey, $params['uid'] );
$view1 = new \OC_FilesystemView( '/' . $params['uid'] );
// Set legacy encryption key if it exists, to support
// depreciated encryption system
if (
$view1->file_exists( 'encryption.key' )
&& $legacyKey = $view1->file_get_contents( 'encryption.key' )
) {
$_SESSION['legacyenckey'] = Crypt::legacyDecrypt( $legacyKey, $params['password'] );
&& $encLegacyKey = $view1->file_get_contents( 'encryption.key' )
) {
$plainLegacyKey = Crypt::legacyDecrypt( $encLegacyKey, $params['password'] );
}
// }
$session->setLegacyKey( $plainLegacyKey );
}
$publicKey = Keymanager::getPublicKey( $view, $params['uid'] );
// Encrypt existing user files:
// This serves to upgrade old versions of the encryption
// app (see appinfo/spec.txt)
if (
$util->encryptAll( $publicKey, '/' . $params['uid'] . '/' . 'files', $session->getLegacyKey(), $params['password'] )
) {
\OC_Log::write(
'Encryption library', 'Encryption of existing files belonging to "' . $params['uid'] . '" started at login'
, \OC_Log::INFO
);
}
return true;
@ -89,14 +107,16 @@ class Hooks {
* @param array $params keys: uid, password
*/
public static function setPassphrase( $params ) {
// Only attempt to change passphrase if server-side encryption
// is in use (client-side encryption does not have access to
// the necessary keys)
if ( Crypt::mode() == 'server' ) {
$session = new Session();
// Get existing decrypted private key
$privateKey = $_SESSION['privateKey'];
$privateKey = $session->getPrivateKey();
// Encrypt private key with new user pwd as passphrase
$encryptedPrivateKey = Crypt::symmetricEncryptFileContent( $privateKey, $params['password'] );
@ -104,9 +124,9 @@ class Hooks {
// Save private key
Keymanager::setPrivateKey( $encryptedPrivateKey );
# NOTE: Session does not need to be updated as the
# private key has not changed, only the passphrase
# used to decrypt it has changed
// NOTE: Session does not need to be updated as the
// private key has not changed, only the passphrase
// used to decrypt it has changed
}
@ -121,8 +141,11 @@ class Hooks {
if ( isset( $params['properties']['key'] ) ) {
Keymanager::setFileKey( $params['path'], $params['properties']['key'] );
$view = new \OC_FilesystemView( '/' );
$userId = \OCP\User::getUser();
Keymanager::setFileKey( $view, $params['path'], $userId, $params['properties']['key'] );
} else {
\OC_Log::write(
@ -138,6 +161,41 @@ class Hooks {
}
/**
* @brief
*/
public static function postShared( $params ) {
// Delete existing catfile
Keymanager::deleteFileKey( );
// Generate new catfile and env keys
Crypt::multiKeyEncrypt( $plainContent, $publicKeys );
// Save env keys to user folders
}
/**
* @brief
*/
public static function preUnshare( $params ) {
// Delete existing catfile
// Generate new catfile and env keys
// Save env keys to user folders
}
/**
* @brief
*/
public static function preUnshareAll( $params ) {
trigger_error( "preUnshareAll" );
}
}
?>

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "التشفير",
"Exclude the following file types from encryption" => "استبعد أنواع الملفات التالية من التشفير",
"None" => "لا شيء"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Криптиране",
"Exclude the following file types from encryption" => "Изключване на следните файлови типове от криптирането",
"None" => "Няма"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "সংকেতায়ন",
"Exclude the following file types from encryption" => "সংকেতায়ন থেকে নিম্নোক্ত ধরণসমূহ বাদ দাও",
"None" => "কোনটিই নয়"
);

View File

@ -4,13 +4,9 @@
"Change encryption password to login password" => "Canvia la contrasenya d'encriptació per la d'accés",
"Please check your passwords and try again." => "Comproveu les contrasenyes i proveu-ho de nou.",
"Could not change your file encryption password to your login password" => "No s'ha pogut canviar la contrasenya d'encriptació de fitxers per la d'accés",
"Choose encryption mode:" => "Escolliu el mode d'encriptació:",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "Encriptació per part del client (més segura però fa impossible l'accés a les dades des de la interfície web)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "Encriptació per part del servidor (permet accedir als fitxers des de la interfície web i des del client d'escriptori)",
"None (no encryption at all)" => "Cap (sense encriptació)",
"Important: Once you selected an encryption mode there is no way to change it back" => "Important: quan seleccioneu un mode d'encriptació no hi ha manera de canviar-lo de nou",
"User specific (let the user decide)" => "Específic per usuari (permet que l'usuari ho decideixi)",
"Encryption" => "Encriptatge",
"Exclude the following file types from encryption" => "Exclou els tipus de fitxers següents de l'encriptatge",
"File encryption is enabled." => "L'encriptació de fitxers està activada.",
"The following file types will not be encrypted:" => "Els tipus de fitxers següents no s'encriptaran:",
"Exclude the following file types from encryption:" => "Exclou els tipus de fitxers següents de l'encriptatge:",
"None" => "Cap"
);

View File

@ -4,13 +4,9 @@
"Change encryption password to login password" => "Změnit šifrovací heslo na přihlašovací",
"Please check your passwords and try again." => "Zkontrolujte, prosím, své heslo a zkuste to znovu.",
"Could not change your file encryption password to your login password" => "Nelze změnit šifrovací heslo na přihlašovací.",
"Choose encryption mode:" => "Vyberte režim šifrování:",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "Šifrování na straně klienta (nejbezpečnější ale neumožňuje vám přistupovat k souborům z webového rozhraní)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "Šifrování na straně serveru (umožňuje vám přistupovat k souborům pomocí webového rozhraní i aplikací)",
"None (no encryption at all)" => "Žádný (vůbec žádné šifrování)",
"Important: Once you selected an encryption mode there is no way to change it back" => "Důležité: jak si jednou vyberete režim šifrování nelze jej opětovně změnit",
"User specific (let the user decide)" => "Definován uživatelem (umožní uživateli si vybrat)",
"Encryption" => "Šifrování",
"Exclude the following file types from encryption" => "Při šifrování vynechat následující typy souborů",
"File encryption is enabled." => "Šifrování je povoleno.",
"The following file types will not be encrypted:" => "Následující typy souborů nebudou šifrovány:",
"Exclude the following file types from encryption:" => "Vyjmout následující typy souborů ze šifrování:",
"None" => "Žádné"
);

View File

@ -4,13 +4,6 @@
"Change encryption password to login password" => "Udskift krypteringskode til login-adgangskode",
"Please check your passwords and try again." => "Check adgangskoder og forsøg igen.",
"Could not change your file encryption password to your login password" => "Kunne ikke udskifte krypteringskode med login-adgangskode",
"Choose encryption mode:" => "Vælg krypteringsform:",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "Kryptering på klientsiden (mere sikker, men udelukker adgang til dataene fra webinterfacet)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "Kryptering på serversiden (gør det muligt at tilgå filer fra webinterfacet såvel som desktopklienten)",
"None (no encryption at all)" => "Ingen (ingen kryptering)",
"Important: Once you selected an encryption mode there is no way to change it back" => "Vigtigt: Når der er valgt krypteringsform, kan det ikke ændres tilbage igen.",
"User specific (let the user decide)" => "Brugerspecifik (lad brugeren bestemme)",
"Encryption" => "Kryptering",
"Exclude the following file types from encryption" => "Ekskluder følgende filtyper fra kryptering",
"None" => "Ingen"
);

View File

@ -4,13 +4,6 @@
"Change encryption password to login password" => "Ändern des Verschlüsselungspasswortes zum Anmeldepasswort",
"Please check your passwords and try again." => "Bitte überprüfen sie Ihr Passwort und versuchen Sie es erneut.",
"Could not change your file encryption password to your login password" => "Ihr Verschlüsselungspasswort konnte nicht als Anmeldepasswort gesetzt werden.",
"Choose encryption mode:" => "Wählen Sie die Verschlüsselungsart:",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "Clientseitige Verschlüsselung (am sichersten, aber macht es unmöglich auf ihre Daten über das Webinterface zuzugreifen)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "Serverseitige Verschlüsselung (erlaubt es ihnen auf ihre Daten über das Webinterface und den Desktop-Client zuzugreifen)",
"None (no encryption at all)" => "Keine (ohne Verschlüsselung)",
"Important: Once you selected an encryption mode there is no way to change it back" => "Wichtig: Sobald sie eine Verschlüsselungsmethode gewählt haben, können Sie diese nicht ändern!",
"User specific (let the user decide)" => "Benutzerspezifisch (der Benutzer kann entscheiden)",
"Encryption" => "Verschlüsselung",
"Exclude the following file types from encryption" => "Die folgenden Dateitypen von der Verschlüsselung ausnehmen",
"None" => "Keine"
);

View File

@ -4,13 +4,6 @@
"Change encryption password to login password" => "Ändern des Verschlüsselungspasswortes zum Anmeldepasswort",
"Please check your passwords and try again." => "Bitte überprüfen sie Ihr Passwort und versuchen Sie es erneut.",
"Could not change your file encryption password to your login password" => "Ihr Verschlüsselungspasswort konnte nicht als Anmeldepasswort gesetzt werden.",
"Choose encryption mode:" => "Wählen Sie die Verschlüsselungsmethode:",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "Clientseitige Verschlüsselung (am sichersten, aber macht es unmöglich auf ihre Daten über das Webinterface zuzugreifen)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "Serverseitige Verschlüsselung (erlaubt es ihnen auf ihre Daten über das Webinterface und den Desktop-Client zuzugreifen)",
"None (no encryption at all)" => "Keine (ohne Verschlüsselung)",
"Important: Once you selected an encryption mode there is no way to change it back" => "Wichtig: Sobald sie eine Verschlüsselungsmethode gewählt haben, können Sie diese nicht ändern!",
"User specific (let the user decide)" => "Benutzerspezifisch (der Benutzer kann entscheiden)",
"Encryption" => "Verschlüsselung",
"Exclude the following file types from encryption" => "Die folgenden Dateitypen von der Verschlüsselung ausnehmen",
"None" => "Keine"
);

View File

@ -2,8 +2,6 @@
"Change encryption password to login password" => "Αλλαγή συνθηματικού κρυπτογράφησης στο συνθηματικό εισόδου ",
"Please check your passwords and try again." => "Παρακαλώ ελέγξτε το συνθηματικό σας και προσπαθήστε ξανά.",
"Could not change your file encryption password to your login password" => "Αδυναμία αλλαγής συνθηματικού κρυπτογράφησης αρχείων στο συνθηματικό εισόδου σας",
"Choose encryption mode:" => "Επιλογή κατάστασης κρυπτογράφησης:",
"Encryption" => "Κρυπτογράφηση",
"Exclude the following file types from encryption" => "Εξαίρεση των παρακάτω τύπων αρχείων από την κρυπτογράφηση",
"None" => "Καμία"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Ĉifrado",
"Exclude the following file types from encryption" => "Malinkluzivigi la jenajn dosiertipojn el ĉifrado",
"None" => "Nenio"
);

View File

@ -4,13 +4,9 @@
"Change encryption password to login password" => "Cambie la clave de cifrado para su contraseña de inicio de sesión",
"Please check your passwords and try again." => "Por favor revise su contraseña e intentelo de nuevo.",
"Could not change your file encryption password to your login password" => "No se pudo cambiar la contraseña de cifrado de archivos de su contraseña de inicio de sesión",
"Choose encryption mode:" => "Elegir el modo de cifrado:",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "Cifrado del lado del Cliente ( es el más seguro, pero hace que sea imposible acceder a sus datos desde la interfaz web)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "Cifrado del lado del Servidor (le permite acceder a sus archivos desde la interfaz web y el cliente de escritorio)",
"None (no encryption at all)" => "Ninguno (ningún cifrado en absoluto)",
"Important: Once you selected an encryption mode there is no way to change it back" => "Importante: Una vez que haya seleccionado un modo de cifrado no existe forma de cambiarlo de nuevo",
"User specific (let the user decide)" => "Específico del usuario (dejar que el usuario decida)",
"Encryption" => "Cifrado",
"Exclude the following file types from encryption" => "Excluir del cifrado los siguientes tipos de archivo",
"File encryption is enabled." => "La encriptacion de archivo esta activada.",
"The following file types will not be encrypted:" => "Los siguientes tipos de archivo no seran encriptados:",
"Exclude the following file types from encryption:" => "Excluir los siguientes tipos de archivo de la encriptacion:",
"None" => "Ninguno"
);

View File

@ -4,13 +4,6 @@
"Change encryption password to login password" => "Cambiá la clave de encriptado para tu contraseña de inicio de sesión",
"Please check your passwords and try again." => "Por favor, revisá tu contraseña e intentalo de nuevo.",
"Could not change your file encryption password to your login password" => "No se pudo cambiar la contraseña de encriptación de archivos de tu contraseña de inicio de sesión",
"Choose encryption mode:" => "Elegir el modo de encriptación:",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "Encriptación por parte del cliente (es el modo más seguro, pero hace que sea imposible acceder a tus datos desde la interfaz web)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "Encriptación por parte del servidor (te permite acceder a tus archivos desde la interfaz web y desde el cliente de escritorio)",
"None (no encryption at all)" => "Ninguno (ninguna encriptación en absoluto)",
"Important: Once you selected an encryption mode there is no way to change it back" => "Importante: Una vez que haya seleccionado un modo de encriptación, no existe forma de cambiarlo nuevamente",
"User specific (let the user decide)" => "Específico por usuario (deja que el usuario decida)",
"Encryption" => "Encriptación",
"Exclude the following file types from encryption" => "Exceptuar de la encriptación los siguientes tipos de archivo",
"None" => "Ninguno"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Krüpteerimine",
"Exclude the following file types from encryption" => "Järgnevaid failitüüpe ära krüpteeri",
"None" => "Pole"
);

View File

@ -1,9 +1,5 @@
<?php $TRANSLATIONS = array(
"Please check your passwords and try again." => "Mesedez egiaztatu zure pasahitza eta saia zaitez berriro:",
"Choose encryption mode:" => "Hautatu enkriptazio modua:",
"None (no encryption at all)" => "Bat ere ez (enkriptaziorik gabe)",
"User specific (let the user decide)" => "Erabiltzaileak zehaztuta (utzi erabiltzaileari hautatzen)",
"Encryption" => "Enkriptazioa",
"Exclude the following file types from encryption" => "Ez enkriptatu hurrengo fitxategi motak",
"None" => "Bat ere ez"
);

View File

@ -1,5 +1,5 @@
<?php $TRANSLATIONS = array(
"Please check your passwords and try again." => "لطفا گذرواژه خود را بررسی کنید و دوباره امتحان کنید.",
"Encryption" => "رمزگذاری",
"Exclude the following file types from encryption" => "نادیده گرفتن فایل های زیر برای رمز گذاری",
"None" => "هیچ‌کدام"
);

View File

@ -1,5 +1,5 @@
<?php $TRANSLATIONS = array(
"Please check your passwords and try again." => "Tarkista salasanasi ja yritä uudelleen.",
"Encryption" => "Salaus",
"Exclude the following file types from encryption" => "Jätä seuraavat tiedostotyypit salaamatta",
"None" => "Ei mitään"
);

View File

@ -4,13 +4,6 @@
"Change encryption password to login password" => "Convertir le mot de passe de chiffrement en mot de passe de connexion",
"Please check your passwords and try again." => "Veuillez vérifier vos mots de passe et réessayer.",
"Could not change your file encryption password to your login password" => "Impossible de convertir votre mot de passe de chiffrement en mot de passe de connexion",
"Choose encryption mode:" => "Choix du type de chiffrement :",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "Chiffrement côté client (plus sécurisé, mais ne permet pas l'accès à vos données depuis l'interface web)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "Chiffrement côté serveur (vous permet d'accéder à vos fichiers depuis l'interface web et depuis le client de synchronisation)",
"None (no encryption at all)" => "Aucun (pas de chiffrement)",
"Important: Once you selected an encryption mode there is no way to change it back" => "Important : Une fois le mode de chiffrement choisi, il est impossible de revenir en arrière",
"User specific (let the user decide)" => "Propre à l'utilisateur (laisse le choix à l'utilisateur)",
"Encryption" => "Chiffrement",
"Exclude the following file types from encryption" => "Ne pas chiffrer les fichiers dont les types sont les suivants",
"None" => "Aucun"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Cifrado",
"Exclude the following file types from encryption" => "Excluír os seguintes tipos de ficheiro do cifrado",
"None" => "Nada"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "הצפנה",
"Exclude the following file types from encryption" => "הוצא את סוגי הקבצים הבאים מהצפנה",
"None" => "כלום"
);

View File

@ -4,13 +4,6 @@
"Change encryption password to login password" => "Titkosítási jelszó módosítása a bejelentkezési jelszóra",
"Please check your passwords and try again." => "Kérjük, ellenőrizze a jelszavait, és próbálja meg újra.",
"Could not change your file encryption password to your login password" => "Nem módosíthatja a fájltitkosítási jelszavát a bejelentkezési jelszavára",
"Choose encryption mode:" => "Válassza ki a titkosítási módot:",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "Kliens oldali titkosítás (biztonságosabb, de lehetetlenné teszi a fájlok elérését a böngészőből)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "Kiszolgáló oldali titkosítás (lehetővé teszi a fájlok elérését úgy böngészőből mint az asztali kliensből)",
"None (no encryption at all)" => "Semmi (semmilyen titkosítás)",
"Important: Once you selected an encryption mode there is no way to change it back" => "Fontos: Ha egyszer kiválasztotta a titkosítás módját, többé már nem lehet megváltoztatni",
"User specific (let the user decide)" => "Felhasználó specifikus (a felhasználó választhat)",
"Encryption" => "Titkosítás",
"Exclude the following file types from encryption" => "A következő fájltípusok kizárása a titkosításból",
"None" => "Egyik sem"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "enkripsi",
"Exclude the following file types from encryption" => "pengecualian untuk tipe file berikut dari enkripsi",
"None" => "tidak ada"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Dulkóðun",
"Exclude the following file types from encryption" => "Undanskilja eftirfarandi skráartegundir frá dulkóðun",
"None" => "Ekkert"
);

View File

@ -4,13 +4,9 @@
"Change encryption password to login password" => "Converti la password di cifratura nella password di accesso",
"Please check your passwords and try again." => "Controlla la password e prova ancora.",
"Could not change your file encryption password to your login password" => "Impossibile convertire la password di cifratura nella password di accesso",
"Choose encryption mode:" => "Scegli la modalità di cifratura.",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "Cifratura lato client (più sicura ma rende impossibile accedere ai propri dati dall'interfaccia web)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "Cifratura lato server (ti consente di accedere ai tuoi file dall'interfaccia web e dal client desktop)",
"None (no encryption at all)" => "Nessuna (senza alcuna cifratura)",
"Important: Once you selected an encryption mode there is no way to change it back" => "Importante: una volta selezionata la modalità di cifratura non sarà possibile tornare indietro",
"User specific (let the user decide)" => "Specificato dall'utente (lascia decidere all'utente)",
"Encryption" => "Cifratura",
"Exclude the following file types from encryption" => "Escludi i seguenti tipi di file dalla cifratura",
"File encryption is enabled." => "La cifratura dei file è abilitata.",
"The following file types will not be encrypted:" => "I seguenti tipi di file non saranno cifrati:",
"Exclude the following file types from encryption:" => "Escludi i seguenti tipi di file dalla cifratura:",
"None" => "Nessuna"
);

View File

@ -4,13 +4,6 @@
"Change encryption password to login password" => "暗号化パスワードをログインパスワードに変更",
"Please check your passwords and try again." => "パスワードを確認してもう一度行なってください。",
"Could not change your file encryption password to your login password" => "ファイル暗号化パスワードをログインパスワードに変更できませんでした。",
"Choose encryption mode:" => "暗号化モードを選択:",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "クライアントサイドの暗号化最もセキュアですが、WEBインターフェースからデータにアクセスできなくなります",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "サーバサイド暗号化WEBインターフェースおよびデスクトップクライアントからファイルにアクセスすることができます",
"None (no encryption at all)" => "暗号化無し(何も暗号化しません)",
"Important: Once you selected an encryption mode there is no way to change it back" => "重要: 一度暗号化を選択してしまうと、もとに戻す方法はありません",
"User specific (let the user decide)" => "ユーザ指定(ユーザが選べるようにする)",
"Encryption" => "暗号化",
"Exclude the following file types from encryption" => "暗号化から除外するファイルタイプ",
"None" => "なし"
);

View File

@ -4,13 +4,6 @@
"Change encryption password to login password" => "암호화 암호를 로그인 암호로 변경",
"Please check your passwords and try again." => "암호를 확인한 다음 다시 시도하십시오.",
"Could not change your file encryption password to your login password" => "암호화 암호를 로그인 암호로 변경할 수 없습니다",
"Choose encryption mode:" => "암호화 모드 선택:",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "클라이언트 암호화 (안전하지만 웹에서 데이터에 접근할 수 없음)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "서버 암호화 (웹 및 데스크톱 클라이언트에서 데이터에 접근할 수 있음)",
"None (no encryption at all)" => "없음 (암호화하지 않음)",
"Important: Once you selected an encryption mode there is no way to change it back" => "알림: 암호화 모드를 선택하면 다른 것으로 변경할 수 없습니다",
"User specific (let the user decide)" => "사용자 지정 (사용자별 설정)",
"Encryption" => "암호화",
"Exclude the following file types from encryption" => "다음 파일 형식은 암호화하지 않음",
"None" => "없음"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "نهێنیکردن",
"Exclude the following file types from encryption" => "به‌ربه‌ست کردنی ئه‌م جۆره‌ په‌ڕگانه له‌ نهێنیکردن",
"None" => "هیچ"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Šifravimas",
"Exclude the following file types from encryption" => "Nešifruoti pasirinkto tipo failų",
"None" => "Nieko"
);

View File

@ -0,0 +1,12 @@
<?php $TRANSLATIONS = array(
"Please switch to your ownCloud client and change your encryption password to complete the conversion." => "Lūdzu, pārslēdzieties uz savu ownCloud klientu un maniet savu šifrēšanas paroli, lai pabeigtu pārveidošanu.",
"switched to client side encryption" => "Pārslēdzās uz klienta puses šifrēšanu",
"Change encryption password to login password" => "Mainīt šifrēšanas paroli uz ierakstīšanās paroli",
"Please check your passwords and try again." => "Lūdzu, pārbaudiet savas paroles un mēģiniet vēlreiz.",
"Could not change your file encryption password to your login password" => "Nevarēja mainīt datņu šifrēšanas paroli uz ierakstīšanās paroli",
"Encryption" => "Šifrēšana",
"File encryption is enabled." => "Datņu šifrēšana ir aktivēta.",
"The following file types will not be encrypted:" => "Sekojošās datnes netiks šifrētas:",
"Exclude the following file types from encryption:" => "Sekojošos datņu tipus izslēgt no šifrēšanas:",
"None" => "Nav"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Енкрипција",
"Exclude the following file types from encryption" => "Исклучи ги следните типови на датотеки од енкрипција",
"None" => "Ништо"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Kryptering",
"Exclude the following file types from encryption" => "Ekskluder følgende filer fra kryptering",
"None" => "Ingen"
);

View File

@ -1,5 +1,8 @@
<?php $TRANSLATIONS = array(
"switched to client side encryption" => "overgeschakeld naar client side encryptie",
"Change encryption password to login password" => "Verander encryptie wachtwoord naar login wachtwoord",
"Please check your passwords and try again." => "Controleer uw wachtwoorden en probeer het opnieuw.",
"Could not change your file encryption password to your login password" => "Kon het bestandsencryptie wachtwoord niet veranderen naar het login wachtwoord",
"Encryption" => "Versleuteling",
"Exclude the following file types from encryption" => "Versleutel de volgende bestand types niet",
"None" => "Geen"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Szyfrowanie",
"Exclude the following file types from encryption" => "Wyłącz następujące typy plików z szyfrowania",
"None" => "Brak"
);

View File

@ -4,13 +4,6 @@
"Change encryption password to login password" => "Mudar senha de criptografia para senha de login",
"Please check your passwords and try again." => "Por favor, verifique suas senhas e tente novamente.",
"Could not change your file encryption password to your login password" => "Não foi possível mudar sua senha de criptografia de arquivos para sua senha de login",
"Choose encryption mode:" => "Escolha o modo de criptografia:",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "Criptografia por parte do cliente (mais segura, mas torna impossível acessar seus dados a partir da interface web)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "Criptografia por parte do servidor (permite que você acesse seus arquivos da interface web e do cliente desktop)",
"None (no encryption at all)" => "Nenhuma (sem qualquer criptografia)",
"Important: Once you selected an encryption mode there is no way to change it back" => "Importante: Uma vez que tiver escolhido um modo de criptografia, não há um meio de voltar atrás",
"User specific (let the user decide)" => "Específico por usuário (deixa o usuário decidir)",
"Encryption" => "Criptografia",
"Exclude the following file types from encryption" => "Excluir os seguintes tipos de arquivo da criptografia",
"None" => "Nenhuma"
);

View File

@ -4,13 +4,6 @@
"Change encryption password to login password" => "Alterar a password de encriptação para a password de login",
"Please check your passwords and try again." => "Por favor verifique as suas paswords e tente de novo.",
"Could not change your file encryption password to your login password" => "Não foi possível alterar a password de encriptação de ficheiros para a sua password de login",
"Choose encryption mode:" => "Escolha o método de encriptação",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "Encriptação do lado do cliente (mais seguro mas torna possível o acesso aos dados através do interface web)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "Encriptação do lado do servidor (permite o acesso aos seus ficheiros através do interface web e do cliente de sincronização)",
"None (no encryption at all)" => "Nenhuma (sem encriptação)",
"Important: Once you selected an encryption mode there is no way to change it back" => "Importante: Uma vez escolhido o modo de encriptação, não existe maneira de o alterar!",
"User specific (let the user decide)" => "Escolhido pelo utilizador",
"Encryption" => "Encriptação",
"Exclude the following file types from encryption" => "Excluir da encriptação os seguintes tipo de ficheiros",
"None" => "Nenhum"
);

View File

@ -4,13 +4,6 @@
"Change encryption password to login password" => "Schimbă parola de ecriptare în parolă de acces",
"Please check your passwords and try again." => "Verifică te rog parolele și înceracă din nou.",
"Could not change your file encryption password to your login password" => "Nu s-a putut schimba parola de encripție a fișierelor ca parolă de acces",
"Choose encryption mode:" => "Alege tipul de ecripție",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "Encripție locală (cea mai sigură, dar face ca datele să nu mai fie accesibile din interfața web)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "Encripție pe server (permite să accesezi datele tale din interfața web și din clientul pentru calculator)",
"None (no encryption at all)" => "Fără (nici un fel de ecriptare)",
"Important: Once you selected an encryption mode there is no way to change it back" => "Important: Din moment ce ai setat un mod de encriptare, nu mai există metode de a-l schimba înapoi",
"User specific (let the user decide)" => "Spefic fiecărui utilizator (lasă utilizatorul să decidă)",
"Encryption" => "Încriptare",
"Exclude the following file types from encryption" => "Exclude următoarele tipuri de fișiere de la încriptare",
"None" => "Niciuna"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Шифрование",
"Exclude the following file types from encryption" => "Исключить шифрование следующих типов файлов",
"None" => "Ничего"
);

View File

@ -2,13 +2,6 @@
"Please switch to your ownCloud client and change your encryption password to complete the conversion." => "Пожалуйста, переключитесь на ownCloud-клиент и измените Ваш пароль шифрования для завершения конвертации.",
"switched to client side encryption" => "переключено на шифрование на клиентской стороне",
"Please check your passwords and try again." => "Пожалуйста, проверьте Ваш пароль и попробуйте снова",
"Choose encryption mode:" => "Выберите способ шифрования:",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "Шифрование на стороне клиента (наиболее безопасно, но делает невозможным получение доступа к Вашим данным по вэб-интерфейсу)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "Шифрование на стороне сервера (позволяет Вам получить доступ к Вашим файлам по вэб-интерфейсу и десктопному клиенту)",
"None (no encryption at all)" => "Нет (шифрование полностью отсутствует)",
"Important: Once you selected an encryption mode there is no way to change it back" => "Важно: Невозможно будет изменить выбранный способ шифрования",
"User specific (let the user decide)" => "Специфика пользователя (позволено решить пользователю)",
"Encryption" => "Шифрование",
"Exclude the following file types from encryption" => "Исключите следующие типы файлов из шифрования",
"None" => "Ни один"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "ගුප්ත කේතනය",
"Exclude the following file types from encryption" => "මෙම ගොනු වර්ග ගුප්ත කේතනය කිරීමෙන් බැහැරව තබන්න",
"None" => "කිසිවක් නැත"
);

View File

@ -4,13 +4,6 @@
"Change encryption password to login password" => "Zmeniť šifrovacie heslo na prihlasovacie",
"Please check your passwords and try again." => "Skontrolujte si heslo a skúste to znovu.",
"Could not change your file encryption password to your login password" => "Nie je možné zmeniť šifrovacie heslo na prihlasovacie",
"Choose encryption mode:" => "Vyberte režim šifrovania:",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "Šifrovanie prostredníctvom klienta (najbezpečnejšia voľba, neumožňuje však prístup k súborom z webového rozhrania)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "Šifrovanie na serveri (umožňuje pristupovať k súborom z webového rozhrania a desktopového klienta)",
"None (no encryption at all)" => "Žiadne (žiadne šifrovanie)",
"Important: Once you selected an encryption mode there is no way to change it back" => "Dôležité: ak si zvolíte režim šifrovania, nie je možné ho znovu zrušiť",
"User specific (let the user decide)" => "Definovaný používateľom (umožňuje používateľovi vybrať si)",
"Encryption" => "Šifrovanie",
"Exclude the following file types from encryption" => "Vynechať nasledujúce súbory pri šifrovaní",
"None" => "Žiadne"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Šifriranje",
"Exclude the following file types from encryption" => "Navedene vrste datotek naj ne bodo šifrirane",
"None" => "Brez"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Шифровање",
"Exclude the following file types from encryption" => "Не шифруј следеће типове датотека",
"None" => "Ништа"
);

View File

@ -4,13 +4,9 @@
"Change encryption password to login password" => "Ändra krypteringslösenord till loginlösenord",
"Please check your passwords and try again." => "Kontrollera dina lösenord och försök igen.",
"Could not change your file encryption password to your login password" => "Kunde inte ändra ditt filkrypteringslösenord till ditt loginlösenord",
"Choose encryption mode:" => "Välj krypteringsläge:",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "Kryptering på klientsidan (säkraste men gör det omöjligt att komma åt dina filer med en webbläsare)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "Kryptering på serversidan (kan komma åt dina filer från webbläsare och datorklient)",
"None (no encryption at all)" => "Ingen (ingen kryptering alls)",
"Important: Once you selected an encryption mode there is no way to change it back" => "Viktigt: När du har valt ett krypteringsläge finns det inget sätt att ändra tillbaka",
"User specific (let the user decide)" => "Användarspecifik (låter användaren bestämma)",
"Encryption" => "Kryptering",
"Exclude the following file types from encryption" => "Exkludera följande filtyper från kryptering",
"File encryption is enabled." => "Filkryptering är aktiverat.",
"The following file types will not be encrypted:" => "Följande filtyper kommer inte att krypteras:",
"Exclude the following file types from encryption:" => "Exkludera följande filtyper från kryptering:",
"None" => "Ingen"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "மறைக்குறியீடு",
"Exclude the following file types from encryption" => "மறைக்குறியாக்கலில் பின்வரும் கோப்பு வகைகளை நீக்கவும்",
"None" => "ஒன்றுமில்லை"
);

View File

@ -4,13 +4,6 @@
"Change encryption password to login password" => "เปลี่ยนรหัสผ่านสำหรับเข้ารหัสไปเป็นรหัสผ่านสำหรับการเข้าสู่ระบบ",
"Please check your passwords and try again." => "กรุณาตรวจสอบรหัสผ่านของคุณแล้วลองใหม่อีกครั้ง",
"Could not change your file encryption password to your login password" => "ไม่สามารถเปลี่ยนรหัสผ่านสำหรับการเข้ารหัสไฟล์ของคุณไปเป็นรหัสผ่านสำหรับการเข้าสู่ระบบของคุณได้",
"Choose encryption mode:" => "เลือกรูปแบบการเข้ารหัส:",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "การเข้ารหัสด้วยโปรแกรมไคลเอนต์ (ปลอดภัยที่สุด แต่จะทำให้คุณไม่สามารถเข้าถึงข้อมูลต่างๆจากหน้าจอเว็บไซต์ได้)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "การเข้ารหัสจากทางฝั่งเซิร์ฟเวอร์ (อนุญาตให้คุณเข้าถึงไฟล์ของคุณจากหน้าจอเว็บไซต์ และโปรแกรมไคลเอนต์จากเครื่องเดสก์ท็อปได้)",
"None (no encryption at all)" => "ไม่ต้อง (ไม่มีการเข้ารหัสเลย)",
"Important: Once you selected an encryption mode there is no way to change it back" => "ข้อความสำคัญ: หลังจากที่คุณได้เลือกรูปแบบการเข้ารหัสแล้ว จะไม่สามารถเปลี่ยนกลับมาใหม่ได้อีก",
"User specific (let the user decide)" => "ให้ผู้ใช้งานเลือกเอง (ปล่อยให้ผู้ใช้งานตัดสินใจเอง)",
"Encryption" => "การเข้ารหัส",
"Exclude the following file types from encryption" => "ไม่ต้องรวมชนิดของไฟล์ดังต่อไปนี้จากการเข้ารหัส",
"None" => "ไม่ต้อง"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Şifreleme",
"Exclude the following file types from encryption" => "Aşağıdaki dosya tiplerini şifrelemeye dahil etme",
"None" => "Hiçbiri"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Шифрування",
"Exclude the following file types from encryption" => "Не шифрувати файли наступних типів",
"None" => "Жоден"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Mã hóa",
"Exclude the following file types from encryption" => "Loại trừ các loại tập tin sau đây từ mã hóa",
"None" => "Không có gì hết"
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "加密",
"Exclude the following file types from encryption" => "从加密中排除如下文件类型",
"None" => ""
);

View File

@ -1,5 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "加密",
"Exclude the following file types from encryption" => "从加密中排除列出的文件类型",
"None" => "None"
);

View File

@ -4,13 +4,6 @@
"Change encryption password to login password" => "將加密密碼修改為登入密碼",
"Please check your passwords and try again." => "請檢查您的密碼並再試一次。",
"Could not change your file encryption password to your login password" => "無法變更您的檔案加密密碼為登入密碼",
"Choose encryption mode:" => "選擇加密模式:",
"Client side encryption (most secure but makes it impossible to access your data from the web interface)" => "客戶端加密 (最安全但是會使您無法從網頁界面存取您的檔案)",
"Server side encryption (allows you to access your files from the web interface and the desktop client)" => "伺服器端加密 (您可以從網頁界面及客戶端程式存取您的檔案)",
"None (no encryption at all)" => "無 (不加密)",
"Important: Once you selected an encryption mode there is no way to change it back" => "重要:一旦您選擇了加密就無法再改回來",
"User specific (let the user decide)" => "使用者自訂 (讓使用者自己決定)",
"Encryption" => "加密",
"Exclude the following file types from encryption" => "下列的檔案類型不加密",
"None" => ""
);

View File

@ -1,4 +1,5 @@
<?php
/**
* ownCloud
*
@ -27,12 +28,10 @@ namespace OCA\Encryption;
require_once 'Crypt_Blowfish/Blowfish.php';
// Todo:
// - Crypt/decrypt button in the userinterface
// - Setting if crypto should be on by default
// - Add a setting "Don´t encrypt files larger than xx because of performance reasons"
// - Transparent decrypt/encrypt in filesystem.php. Autodetect if a file is encrypted (.encrypted extension)
// - Don't use a password directly as encryption key. but a key which is stored on the server and encrypted with the user password. -> password change faster
// - IMPORTANT! Check if the block lenght of the encrypted data stays the same
// - Add a setting "Don´t encrypt files larger than xx because of performance"
// - Don't use a password directly as encryption key. but a key which is
// stored on the server and encrypted with the user password. -> change pass
// faster
/**
* Class for common cryptography functionality
@ -46,24 +45,6 @@ class Crypt {
* @return string 'client' or 'server'
*/
public static function mode( $user = null ) {
// $mode = \OC_Appconfig::getValue( 'files_encryption', 'mode', 'none' );
//
// if ( $mode == 'user') {
// if ( !$user ) {
// $user = \OCP\User::getUser();
// }
// $mode = 'none';
// if ( $user ) {
// $query = \OC_DB::prepare( "SELECT mode FROM *PREFIX*encryption WHERE uid = ?" );
// $result = $query->execute(array($user));
// if ($row = $result->fetchRow()){
// $mode = $row['mode'];
// }
// }
// }
//
// return $mode;
return 'server';
@ -93,7 +74,10 @@ class Crypt {
* @brief Add arbitrary padding to encrypted data
* @param string $data data to be padded
* @return padded data
* @note In order to end up with data exactly 8192 bytes long we must add two letters. It is impossible to achieve exactly 8192 length blocks with encryption alone, hence padding is added to achieve the required length.
* @note In order to end up with data exactly 8192 bytes long we must
* add two letters. It is impossible to achieve exactly 8192 length
* blocks with encryption alone, hence padding is added to achieve the
* required length.
*/
public static function addPadding( $data ) {
@ -118,7 +102,7 @@ class Crypt {
} else {
# TODO: log the fact that unpadded data was submitted for removal of padding
// TODO: log the fact that unpadded data was submitted for removal of padding
return false;
}
@ -130,13 +114,7 @@ class Crypt {
* @return true / false
* @note see also OCA\Encryption\Util->isEncryptedPath()
*/
public static function isEncryptedContent( $content ) {
if ( !$content ) {
return false;
}
public static function isCatfile( $content ) {
$noPadding = self::removePadding( $content );
@ -168,10 +146,10 @@ class Crypt {
*/
public static function isEncryptedMeta( $path ) {
# TODO: Use DI to get OC_FileCache_Cached out of here
// TODO: Use DI to get \OC\Files\Filesystem out of here
// Fetch all file metadata from DB
$metadata = \OC_FileCache_Cached::get( $path, '' );
$metadata = \OC\Files\Filesystem::getFileInfo( $path, '' );
// Return encryption status
return isset( $metadata['encrypted'] ) and ( bool )$metadata['encrypted'];
@ -180,19 +158,22 @@ class Crypt {
/**
* @brief Check if a file is encrypted via legacy system
* @param string $relPath The path of the file, relative to user/data;
* e.g. filename or /Docs/filename, NOT admin/files/filename
* @return true / false
*/
public static function isLegacyEncryptedContent( $content ) {
public static function isLegacyEncryptedContent( $data, $relPath ) {
// Fetch all file metadata from DB
$metadata = \OC_FileCache_Cached::get( $content, '' );
// If a file is flagged with encryption in DB, but isn't a valid content + IV combination, it's probably using the legacy encryption system
$metadata = \OC\Files\Filesystem::getFileInfo( $relPath, '' );
// If a file is flagged with encryption in DB, but isn't a
// valid content + IV combination, it's probably using the
// legacy encryption system
if (
$content
and isset( $metadata['encrypted'] )
and $metadata['encrypted'] === true
and !self::isEncryptedContent( $content )
isset( $metadata['encrypted'] )
and $metadata['encrypted'] === true
and ! self::isCatfile( $data )
) {
return true;
@ -217,7 +198,7 @@ class Crypt {
} else {
\OC_Log::write( 'Encryption library', 'Encryption (symmetric) of content failed' , \OC_Log::ERROR );
\OC_Log::write( 'Encryption library', 'Encryption (symmetric) of content failed', \OC_Log::ERROR );
return false;
@ -313,7 +294,7 @@ class Crypt {
} else {
\OC_Log::write( 'Encryption library', 'Encryption (symmetric) of keyfile content failed' , \OC_Log::ERROR );
\OC_Log::write( 'Encryption library', 'Encryption (symmetric) of keyfile content failed', \OC_Log::ERROR );
return false;
@ -390,6 +371,8 @@ class Crypt {
*/
public static function multiKeyEncrypt( $plainContent, array $publicKeys ) {
// Set empty vars to be set by openssl by reference
$sealed = '';
$envKeys = array();
if( openssl_seal( $plainContent, $sealed, $envKeys, $publicKeys ) ) {
@ -429,7 +412,7 @@ class Crypt {
} else {
\OC_Log::write( 'Encryption library', 'Decryption (asymmetric) of sealed content failed' , \OC_Log::ERROR );
\OC_Log::write( 'Encryption library', 'Decryption (asymmetric) of sealed content failed', \OC_Log::ERROR );
return false;
@ -577,7 +560,7 @@ class Crypt {
if ( !$strong ) {
// If OpenSSL indicates randomness is insecure, log error
\OC_Log::write( 'Encryption library', 'Insecure symmetric key was generated using openssl_random_pseudo_bytes()' , \OC_Log::WARN );
\OC_Log::write( 'Encryption library', 'Insecure symmetric key was generated using openssl_random_pseudo_bytes()', \OC_Log::WARN );
}
@ -621,18 +604,27 @@ class Crypt {
}
public static function changekeypasscode($oldPassword, $newPassword) {
public static function changekeypasscode( $oldPassword, $newPassword ) {
if(\OCP\User::isLoggedIn()){
if ( \OCP\User::isLoggedIn() ) {
$key = Keymanager::getPrivateKey( $user, $view );
if ( ($key = Crypt::symmetricDecryptFileContent($key,$oldpasswd)) ) {
if ( ($key = Crypt::symmetricEncryptFileContent($key, $newpasswd)) ) {
Keymanager::setPrivateKey($key);
if ( ( $key = Crypt::symmetricDecryptFileContent($key,$oldpasswd) ) ) {
if ( ( $key = Crypt::symmetricEncryptFileContent( $key, $newpasswd ) ) ) {
Keymanager::setPrivateKey( $key );
return true;
}
}
}
return false;
}
/**
@ -723,10 +715,8 @@ class Crypt {
*/
public static function legacyRecrypt( $legacyContent, $legacyPassphrase, $newPassphrase ) {
# TODO: write me
// TODO: write me
}
}
?>
}

View File

@ -1,5 +1,6 @@
<?php
/***
/**
* ownCloud
*
* @author Bjoern Schiessle
@ -27,8 +28,6 @@ namespace OCA\Encryption;
* @note Where a method requires a view object, it's root must be '/'
*/
class Keymanager {
# TODO: make all dependencies (including static classes) explicit, such as ocfsview objects, by adding them as method arguments (dependency injection)
/**
* @brief retrieve the ENCRYPTED private key from a user
@ -84,38 +83,7 @@ class Keymanager {
// Check if sharing is enabled
if ( OC_App::isEnabled( 'files_sharing' ) ) {
// // Check if file was shared with other users
// $query = \OC_DB::prepare( "
// SELECT
// uid_owner
// , source
// , target
// , uid_shared_with
// FROM
// `*PREFIX*sharing`
// WHERE
// ( target = ? AND uid_shared_with = ? )
// OR source = ?
// " );
//
// $result = $query->execute( array ( $filepath, $userId, $filepath ) );
//
// $users = array();
//
// if ( $row = $result->fetchRow() )
// {
// $source = $row['source'];
// $owner = $row['uid_owner'];
// $users[] = $owner;
// // get the uids of all user with access to the file
// $query = \OC_DB::prepare( "SELECT source, uid_shared_with FROM `*PREFIX*sharing` WHERE source = ?" );
// $result = $query->execute( array ($source));
// while ( ($row = $result->fetchRow()) ) {
// $users[] = $row['uid_shared_with'];
//
// }
//
// }
} else {
@ -146,63 +114,87 @@ class Keymanager {
}
/**
* @brief store file encryption key
*
* @param string $path relative path of the file, including filename
* @param string $key
* @return bool true/false
* @note The keyfile is not encrypted here. Client code must
* asymmetrically encrypt the keyfile before passing it to this method
*/
public static function setFileKey( \OC_FilesystemView $view, $path, $userId, $catfile ) {
$basePath = '/' . $userId . '/files_encryption/keyfiles';
$targetPath = self::keySetPreparation( $view, $path, $basePath, $userId );
if ( $view->is_dir( $basePath . '/' . $targetPath ) ) {
} else {
// Save the keyfile in parallel directory
return $view->file_put_contents( $basePath . '/' . $targetPath . '.key', $catfile );
}
}
/**
* @brief retrieve keyfile for an encrypted file
* @param string file name
* @return string file key or false
* @return string file key or false on failure
* @note The keyfile returned is asymmetrically encrypted. Decryption
* of the keyfile must be performed by client code
*/
public static function getFileKey( \OC_FilesystemView $view, $userId, $filePath ) {
$filePath_f = ltrim( $filePath, '/' );
$catfilePath = '/' . $userId . '/files_encryption/keyfiles/' . $filePath_f . '.key';
if ( $view->file_exists( $catfilePath ) ) {
// // update $keypath and $userId if path point to a file shared by someone else
// $query = \OC_DB::prepare( "SELECT uid_owner, source, target FROM `*PREFIX*sharing` WHERE target = ? AND uid_shared_with = ?" );
//
// $result = $query->execute( array ('/'.$userId.'/files/'.$keypath, $userId));
//
// if ($row = $result->fetchRow()) {
//
// $keypath = $row['source'];
// $keypath_parts = explode( '/', $keypath );
// $userId = $keypath_parts[1];
// $keypath = str_replace( '/' . $userId . '/files/', '', $keypath );
//
// }
return $view->file_get_contents( '/' . $userId . '/files_encryption/keyfiles/' . $filePath_f . '.key' );
return $view->file_get_contents( $catfilePath );
} else {
return false;
}
}
/**
* @brief retrieve file encryption key
* @brief Delete a keyfile
*
* @param string file name
* @return string file key or false
* @param OC_FilesystemView $view
* @param string $userId username
* @param string $path path of the file the key belongs to
* @return bool Outcome of unlink operation
* @note $path must be relative to data/user/files. e.g. mydoc.txt NOT
* /data/admin/files/mydoc.txt
*/
public static function deleteFileKey( $path, $staticUserClass = 'OCP\User' ) {
public static function deleteFileKey( \OC_FilesystemView $view, $userId, $path ) {
$keypath = ltrim( $path, '/' );
$user = $staticUserClass::getUser();
// update $keypath and $user if path point to a file shared by someone else
// $query = \OC_DB::prepare( "SELECT uid_owner, source, target FROM `*PREFIX*sharing` WHERE target = ? AND uid_shared_with = ?" );
//
// $result = $query->execute( array ('/'.$user.'/files/'.$keypath, $user));
//
// if ($row = $result->fetchRow()) {
//
// $keypath = $row['source'];
// $keypath_parts = explode( '/', $keypath );
// $user = $keypath_parts[1];
// $keypath = str_replace( '/' . $user . '/files/', '', $keypath );
//
// }
$trimmed = ltrim( $path, '/' );
$keyPath = '/' . $userId . '/files_encryption/keyfiles/' . $trimmed . '.key';
$view = new \OC_FilesystemView('/'.$user.'/files_encryption/keyfiles/');
// Unlink doesn't tell us if file was deleted (not found returns
// true), so we perform our own test
if ( $view->file_exists( $keyPath ) ) {
return $view->unlink( $keypath . '.key' );
return $view->unlink( $keyPath );
} else {
\OC_Log::write( 'Encryption library', 'Could not delete keyfile; does not exist: "' . $keyPath, \OC_Log::ERROR );
return false;
}
}
@ -238,7 +230,7 @@ class Keymanager {
*/
public static function setUserKeys($privatekey, $publickey) {
return (self::setPrivateKey($privatekey) && self::setPublicKey($publickey));
return ( self::setPrivateKey( $privatekey ) && self::setPublicKey( $publickey ) );
}
@ -263,71 +255,39 @@ class Keymanager {
}
/**
* @brief store file encryption key
*
* @param string $path relative path of the file, including filename
* @param string $key
* @return bool true/false
* @note The keyfile is not encrypted here. Client code must
* asymmetrically encrypt the keyfile before passing it to this method
* @note 'shareKey' is a more user-friendly name for env_key
*/
public static function setFileKey( $path, $key, $view = Null, $dbClassName = '\OC_DB') {
$targetPath = ltrim( $path, '/' );
$user = \OCP\User::getUser();
public static function setShareKey( \OC_FilesystemView $view, $path, $userId, $shareKey ) {
// // update $keytarget and $user if key belongs to a file shared by someone else
// $query = $dbClassName::prepare( "SELECT uid_owner, source, target FROM `*PREFIX*sharing` WHERE target = ? AND uid_shared_with = ?" );
//
// $result = $query->execute( array ( '/'.$user.'/files/'.$targetPath, $user ) );
//
// if ( $row = $result->fetchRow( ) ) {
//
// $targetPath = $row['source'];
//
// $targetPath_parts = explode( '/', $targetPath );
//
// $user = $targetPath_parts[1];
//
// $rootview = new \OC_FilesystemView( '/' );
//
// if ( ! $rootview->is_writable( $targetPath ) ) {
//
// \OC_Log::write( 'Encryption library', "File Key not updated because you don't have write access for the corresponding file", \OC_Log::ERROR );
//
// return false;
//
// }
//
// $targetPath = str_replace( '/'.$user.'/files/', '', $targetPath );
//
// //TODO: check for write permission on shared file once the new sharing API is in place
//
// }
$basePath = '/' . $userId . '/files_encryption/share-keys';
$shareKeyPath = self::keySetPreparation( $view, $path, $basePath, $userId );
return $view->file_put_contents( $basePath . '/' . $shareKeyPath . '.shareKey', $shareKey );
}
/**
* @brief Make preparations to vars and filesystem for saving a keyfile
*/
public static function keySetPreparation( \OC_FilesystemView $view, $path, $basePath, $userId ) {
$targetPath = ltrim( $path, '/' );
$path_parts = pathinfo( $targetPath );
if ( !$view ) {
$view = new \OC_FilesystemView( '/' );
}
$view->chroot( '/' . $user . '/files_encryption/keyfiles' );
// If the file resides within a subdirectory, create it
if (
isset( $path_parts['dirname'] )
&& ! $view->file_exists( $path_parts['dirname'] )
&& ! $view->file_exists( $basePath . '/' . $path_parts['dirname'] )
) {
$view->mkdir( $path_parts['dirname'] );
$view->mkdir( $basePath . '/' . $path_parts['dirname'] );
}
// Save the keyfile in parallel directory
return $view->file_put_contents( '/' . $targetPath . '.key', $key );
return $targetPath;
}
/**

View File

@ -22,6 +22,12 @@
*
*/
/**
* @brief Encryption proxy which handles filesystem operations before and after
* execution and encrypts, and handles keyfiles accordingly. Used for
* webui.
*/
namespace OCA\Encryption;
class Proxy extends \OC_FileProxy {
@ -42,8 +48,8 @@ class Proxy extends \OC_FileProxy {
if ( is_null( self::$enableEncryption ) ) {
if (
\OCP\Config::getAppValue( 'files_encryption', 'enable_encryption', 'true' ) == 'true'
&& Crypt::mode() == 'server'
\OCP\Config::getAppValue( 'files_encryption', 'enable_encryption', 'true' ) == 'true'
&& Crypt::mode() == 'server'
) {
self::$enableEncryption = true;
@ -64,19 +70,19 @@ class Proxy extends \OC_FileProxy {
if ( is_null(self::$blackList ) ) {
self::$blackList = explode(',', \OCP\Config::getAppValue( 'files_encryption','type_blacklist','jpg,png,jpeg,avi,mpg,mpeg,mkv,mp3,oga,ogv,ogg' ) );
self::$blackList = explode(',', \OCP\Config::getAppValue( 'files_encryption', 'type_blacklist', 'jpg,png,jpeg,avi,mpg,mpeg,mkv,mp3,oga,ogv,ogg' ) );
}
if ( Crypt::isEncryptedContent( $path ) ) {
if ( Crypt::isCatfile( $path ) ) {
return true;
}
$extension = substr( $path, strrpos( $path,'.' ) +1 );
$extension = substr( $path, strrpos( $path, '.' ) +1 );
if ( array_search( $extension, self::$blackList ) === false ){
if ( array_search( $extension, self::$blackList ) === false ) {
return true;
@ -101,6 +107,8 @@ class Proxy extends \OC_FileProxy {
// Disable encryption proxy to prevent recursive calls
\OC_FileProxy::$enabled = false;
// TODO: Check if file is shared, if so, use multiKeyEncrypt
// Encrypt plain data and fetch key
$encrypted = Crypt::keyEncryptKeyfile( $data, Keymanager::getPublicKey( $rootView, $userId ) );
@ -113,14 +121,15 @@ class Proxy extends \OC_FileProxy {
$filePath = '/' . implode( '/', $filePath );
# TODO: make keyfile dir dynamic from app config
$view = new \OC_FilesystemView( '/' . $userId . '/files_encryption/keyfiles' );
// TODO: make keyfile dir dynamic from app config
$view = new \OC_FilesystemView( '/' );
// Save keyfile for newly encrypted file in parallel directory tree
Keymanager::setFileKey( $filePath, $encrypted['key'], $view, '\OC_DB' );
Keymanager::setFileKey( $view, $filePath, $userId, $encrypted['key'] );
// Update the file cache with file info
\OC_FileCache::put( $path, array( 'encrypted'=>true, 'size' => $size ), '' );
\OC\Files\Filesystem::putFileInfo( $path, array( 'encrypted'=>true, 'size' => $size ), '' );
// Re-enable proxy - our work is done
\OC_FileProxy::$enabled = true;
@ -136,15 +145,15 @@ class Proxy extends \OC_FileProxy {
*/
public function postFile_get_contents( $path, $data ) {
# TODO: Use dependency injection to add required args for view and user etc. to this method
// TODO: Use dependency injection to add required args for view and user etc. to this method
// Disable encryption proxy to prevent recursive calls
\OC_FileProxy::$enabled = false;
// If data is a catfile
if (
Crypt::mode() == 'server'
&& Crypt::isEncryptedContent( $data )
Crypt::mode() == 'server'
&& Crypt::isCatfile( $data )
) {
$split = explode( '/', $path );
@ -153,12 +162,14 @@ class Proxy extends \OC_FileProxy {
$filePath = '/' . implode( '/', $filePath );
//$cached = \OC_FileCache_Cached::get( $path, '' );
//$cached = \OC\Files\Filesystem::getFileInfo( $path, '' );
$view = new \OC_FilesystemView( '' );
$userId = \OCP\USER::getUser();
// TODO: Check if file is shared, if so, use multiKeyDecrypt
$encryptedKeyfile = Keymanager::getFileKey( $view, $userId, $filePath );
$session = new Session();
@ -187,6 +198,79 @@ class Proxy extends \OC_FileProxy {
}
/**
* @brief When a file is deleted, remove its keyfile also
*/
public function preUnlink( $path ) {
// Disable encryption proxy to prevent recursive calls
\OC_FileProxy::$enabled = false;
$view = new \OC_FilesystemView( '/' );
$userId = \OCP\USER::getUser();
// Format path to be relative to user files dir
$trimmed = ltrim( $path, '/' );
$split = explode( '/', $trimmed );
$sliced = array_slice( $split, 2 );
$relPath = implode( '/', $sliced );
if ( $view->is_dir( $path ) ) {
// Dirs must be handled separately as deleteFileKey
// doesn't handle them
$view->unlink( $userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/'. $relPath );
} else {
// Delete keyfile so it isn't orphaned
$result = Keymanager::deleteFileKey( $view, $userId, $relPath );
\OC_FileProxy::$enabled = true;
return $result;
}
}
/**
* @brief When a file is renamed, rename its keyfile also
* @return bool Result of rename()
* @note This is pre rather than post because using post didn't work
*/
public function preRename( $oldPath, $newPath ) {
// Disable encryption proxy to prevent recursive calls
\OC_FileProxy::$enabled = false;
$view = new \OC_FilesystemView( '/' );
$userId = \OCP\USER::getUser();
// Format paths to be relative to user files dir
$oldTrimmed = ltrim( $oldPath, '/' );
$oldSplit = explode( '/', $oldTrimmed );
$oldSliced = array_slice( $oldSplit, 2 );
$oldRelPath = implode( '/', $oldSliced );
$oldKeyfilePath = $userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $oldRelPath . '.key';
$newTrimmed = ltrim( $newPath, '/' );
$newSplit = explode( '/', $newTrimmed );
$newSliced = array_slice( $newSplit, 2 );
$newRelPath = implode( '/', $newSliced );
$newKeyfilePath = $userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $newRelPath . '.key';
// Rename keyfile so it isn't orphaned
$result = $view->rename( $oldKeyfilePath, $newKeyfilePath );
\OC_FileProxy::$enabled = true;
return $result;
}
public function postFopen( $path, &$result ){
if ( !$result ) {
@ -210,8 +294,8 @@ class Proxy extends \OC_FileProxy {
// If file is already encrypted, decrypt using crypto protocol
if (
Crypt::mode() == 'server'
&& $util->isEncryptedPath( $path )
Crypt::mode() == 'server'
&& $util->isEncryptedPath( $path )
) {
// Close the original encrypted file
@ -223,9 +307,9 @@ class Proxy extends \OC_FileProxy {
} elseif (
self::shouldEncrypt( $path )
and $meta ['mode'] != 'r'
and $meta['mode'] != 'rb'
self::shouldEncrypt( $path )
and $meta ['mode'] != 'r'
and $meta['mode'] != 'rb'
) {
// If the file is not yet encrypted, but should be
// encrypted when it's saved (it's not read only)
@ -263,27 +347,43 @@ class Proxy extends \OC_FileProxy {
}
public function postGetMimeType($path,$mime){
if( Crypt::isEncryptedContent($path)){
$mime = \OCP\Files::getMimeType('crypt://'.$path,'w');
public function postGetMimeType( $path, $mime ) {
if ( Crypt::isCatfile( $path ) ) {
$mime = \OCP\Files::getMimeType( 'crypt://' . $path, 'w' );
}
return $mime;
}
public function postStat($path,$data){
if( Crypt::isEncryptedContent($path)){
$cached= \OC_FileCache_Cached::get($path,'');
$data['size']=$cached['size'];
public function postStat( $path, $data ) {
if ( Crypt::isCatfile( $path ) ) {
$cached = \OC\Files\Filesystem::getFileInfo( $path, '' );
$data['size'] = $cached['size'];
}
return $data;
}
public function postFileSize($path,$size){
if( Crypt::isEncryptedContent($path)){
$cached = \OC_FileCache_Cached::get($path,'');
public function postFileSize( $path, $size ) {
if ( Crypt::isCatfile( $path ) ) {
$cached = \OC\Files\Filesystem::getFileInfo( $path, '' );
return $cached['size'];
}else{
} else {
return $size;
}
}
}

View File

@ -29,11 +29,11 @@ namespace OCA\Encryption;
class Session {
/**
* @brief Sets user id for session and triggers emit
* @brief Sets user private key to session
* @return bool
*
*/
public function setPrivateKey( $privateKey, $userId ) {
public function setPrivateKey( $privateKey ) {
$_SESSION['privateKey'] = $privateKey;
@ -42,15 +42,15 @@ class Session {
}
/**
* @brief Gets user id for session and triggers emit
* @brief Gets user private key from session
* @returns string $privateKey The user's plaintext private key
*
*/
public function getPrivateKey( $userId ) {
public function getPrivateKey() {
if (
isset( $_SESSION['privateKey'] )
&& !empty( $_SESSION['privateKey'] )
isset( $_SESSION['privateKey'] )
&& !empty( $_SESSION['privateKey'] )
) {
return $_SESSION['privateKey'];
@ -62,5 +62,42 @@ class Session {
}
}
/**
* @brief Sets user legacy key to session
* @return bool
*
*/
public function setLegacyKey( $legacyKey ) {
if ( $_SESSION['legacyKey'] = $legacyKey ) {
return true;
}
}
/**
* @brief Gets user legacy key from session
* @returns string $legacyKey The user's plaintext legacy key
*
*/
public function getLegacyKey() {
if (
isset( $_SESSION['legacyKey'] )
&& !empty( $_SESSION['legacyKey'] )
) {
return $_SESSION['legacyKey'];
} else {
return false;
}
}
}

View File

@ -49,9 +49,10 @@ class Stream {
public static $sourceStreams = array();
# TODO: make all below properties private again once unit testing is configured correctly
// TODO: make all below properties private again once unit testing is
// configured correctly
public $rawPath; // The raw path received by stream_open
public $path_f; // The raw path formatted to include username and data directory
public $path_f; // The raw path formatted to include username and data dir
private $userId;
private $handle; // Resource returned by fopen
private $path;
@ -235,10 +236,12 @@ class Stream {
*/
public function getKey() {
// If a keyfile already exists for a file named identically to file to be written
// If a keyfile already exists for a file named identically to
// file to be written
if ( self::$view->file_exists( $this->userId . '/'. 'files_encryption' . '/' . 'keyfiles' . '/' . $this->rawPath . '.key' ) ) {
# TODO: add error handling for when file exists but no keyfile
// TODO: add error handling for when file exists but no
// keyfile
// Fetch existing keyfile
$this->encKeyfile = Keymanager::getFileKey( $this->rootView, $this->userId, $this->rawPath );
@ -266,13 +269,14 @@ class Stream {
// Only get the user again if it isn't already set
if ( empty( $this->userId ) ) {
# TODO: Move this user call out of here - it belongs elsewhere
// TODO: Move this user call out of here - it belongs
// elsewhere
$this->userId = \OCP\User::getUser();
}
# TODO: Add a method for getting the user in case OCP\User::
# getUser() doesn't work (can that scenario ever occur?)
// TODO: Add a method for getting the user in case OCP\User::
// getUser() doesn't work (can that scenario ever occur?)
}
@ -287,7 +291,10 @@ class Stream {
*/
public function stream_write( $data ) {
// Disable the file proxies so that encryption is not automatically attempted when the file is written to disk - we are handling that separately here and we don't want to get into an infinite loop
// Disable the file proxies so that encryption is not
// automatically attempted when the file is written to disk -
// we are handling that separately here and we don't want to
// get into an infinite loop
\OC_FileProxy::$enabled = false;
// Get the length of the unencrypted data that we are handling
@ -296,14 +303,19 @@ class Stream {
// So far this round, no data has been written
$written = 0;
// Find out where we are up to in the writing of data to the file
// Find out where we are up to in the writing of data to the
// file
$pointer = ftell( $this->handle );
// Make sure the userId is set
$this->getuser();
// TODO: Check if file is shared, if so, use multiKeyEncrypt and
// save shareKeys in necessary user directories
// Get / generate the keyfile for the file we're handling
// If we're writing a new file (not overwriting an existing one), save the newly generated keyfile
// If we're writing a new file (not overwriting an existing
// one), save the newly generated keyfile
if ( ! $this->getKey() ) {
$this->keyfile = Crypt::generateKey();
@ -312,26 +324,32 @@ class Stream {
$this->encKeyfile = Crypt::keyEncrypt( $this->keyfile, $this->publicKey );
// Save the new encrypted file key
Keymanager::setFileKey( $this->rawPath, $this->encKeyfile, new \OC_FilesystemView( '/' ) );
$view = new \OC_FilesystemView( '/' );
$userId = \OCP\User::getUser();
# TODO: move this new OCFSV out of here some how, use DI
// Save the new encrypted file key
Keymanager::setFileKey( $view, $this->rawPath, $userId, $this->encKeyfile );
}
// If extra data is left over from the last round, make sure it is integrated into the next 6126 / 8192 block
// If extra data is left over from the last round, make sure it
// is integrated into the next 6126 / 8192 block
if ( $this->writeCache ) {
// Concat writeCache to start of $data
$data = $this->writeCache . $data;
// Clear the write cache, ready for resuse - it has been flushed and its old contents processed
// Clear the write cache, ready for resuse - it has been
// flushed and its old contents processed
$this->writeCache = '';
}
//
// // Make sure we always start on a block start
if ( 0 != ( $pointer % 8192 ) ) { // if the current positoin of file indicator is not aligned to a 8192 byte block, fix it so that it is
if ( 0 != ( $pointer % 8192 ) ) {
// if the current position of
// file indicator is not aligned to a 8192 byte block, fix it
// so that it is
// fseek( $this->handle, - ( $pointer % 8192 ), SEEK_CUR );
//
@ -356,14 +374,22 @@ class Stream {
// // While there still remains somed data to be processed & written
while( strlen( $data ) > 0 ) {
//
// // Remaining length for this iteration, not of the entire file (may be greater than 8192 bytes)
// // Remaining length for this iteration, not of the
// // entire file (may be greater than 8192 bytes)
// $remainingLength = strlen( $data );
//
// // If data remaining to be written is less than the size of 1 6126 byte block
// // If data remaining to be written is less than the
// // size of 1 6126 byte block
if ( strlen( $data ) < 6126 ) {
// Set writeCache to contents of $data
// The writeCache will be carried over to the next write round, and added to the start of $data to ensure that written blocks are always the correct length. If there is still data in writeCache after the writing round has finished, then the data will be written to disk by $this->flush().
// The writeCache will be carried over to the
// next write round, and added to the start of
// $data to ensure that written blocks are
// always the correct length. If there is still
// data in writeCache after the writing round
// has finished, then the data will be written
// to disk by $this->flush().
$this->writeCache = $data;
// Clear $data ready for next round
@ -376,13 +402,17 @@ class Stream {
$encrypted = $this->preWriteEncrypt( $chunk, $this->keyfile );
// Write the data chunk to disk. This will be addended to the last data chunk if the file being handled totals more than 6126 bytes
// Write the data chunk to disk. This will be
// addended to the last data chunk if the file
// being handled totals more than 6126 bytes
fwrite( $this->handle, $encrypted );
$writtenLen = strlen( $encrypted );
//fseek( $this->handle, $writtenLen, SEEK_CUR );
// Remove the chunk we just processed from $data, leaving only unprocessed data in $data var, for handling on the next round
// Remove the chunk we just processed from
// $data, leaving only unprocessed data in $data
// var, for handling on the next round
$data = substr( $data, 6126 );
}
@ -396,16 +426,16 @@ class Stream {
}
public function stream_set_option($option,$arg1,$arg2) {
public function stream_set_option( $option, $arg1, $arg2 ) {
switch($option) {
case STREAM_OPTION_BLOCKING:
stream_set_blocking($this->handle,$arg1);
stream_set_blocking( $this->handle, $arg1 );
break;
case STREAM_OPTION_READ_TIMEOUT:
stream_set_timeout($this->handle,$arg1,$arg2);
stream_set_timeout( $this->handle, $arg1, $arg2 );
break;
case STREAM_OPTION_WRITE_BUFFER:
stream_set_write_buffer($this->handle,$arg1,$arg2);
stream_set_write_buffer( $this->handle, $arg1, $arg2 );
}
}
@ -413,13 +443,14 @@ class Stream {
return fstat($this->handle);
}
public function stream_lock($mode) {
flock($this->handle,$mode);
public function stream_lock( $mode ) {
flock( $this->handle, $mode );
}
public function stream_flush() {
return fflush($this->handle); // Not a typo: http://php.net/manual/en/function.fflush.php
return fflush( $this->handle );
// Not a typo: http://php.net/manual/en/function.fflush.php
}
@ -453,7 +484,7 @@ class Stream {
and $this->meta['mode']!='rb'
) {
\OC_FileCache::put( $this->path, array( 'encrypted' => true, 'size' => $this->size ), '' );
\OC\Files\Filesystem::putFileInfo( $this->path, array( 'encrypted' => true, 'size' => $this->size ), '' );
}

View File

@ -24,81 +24,83 @@
// Todo:
// - Crypt/decrypt button in the userinterface
// - Setting if crypto should be on by default
// - Add a setting "Don´t encrypt files larger than xx because of performance reasons"
// - Transparent decrypt/encrypt in filesystem.php. Autodetect if a file is encrypted (.encrypted extension)
// - Don't use a password directly as encryption key. but a key which is stored on the server and encrypted with the user password. -> password change faster
// - Add a setting "Don´t encrypt files larger than xx because of performance
// reasons"
// - Transparent decrypt/encrypt in filesystem.php. Autodetect if a file is
// encrypted (.encrypted extension)
// - Don't use a password directly as encryption key. but a key which is
// stored on the server and encrypted with the user password. -> password
// change faster
// - IMPORTANT! Check if the block lenght of the encrypted data stays the same
namespace OCA\Encryption;
/**
* @brief Class for utilities relating to encrypted file storage system
* @param $view OC_FilesystemView object, expected to have OC '/' as root path
* @param $client flag indicating status of client side encryption. Currently
* @param OC_FilesystemView $view expected to have OC '/' as root path
* @param string $userId ID of the logged in user
* @param int $client indicating status of client side encryption. Currently
* unused, likely to become obsolete shortly
*/
class Util {
# Web UI:
// Web UI:
## DONE: files created via web ui are encrypted
## DONE: file created & encrypted via web ui are readable in web ui
## DONE: file created & encrypted via web ui are readable via webdav
//// DONE: files created via web ui are encrypted
//// DONE: file created & encrypted via web ui are readable in web ui
//// DONE: file created & encrypted via web ui are readable via webdav
# WebDAV:
// WebDAV:
## DONE: new data filled files added via webdav get encrypted
## DONE: new data filled files added via webdav are readable via webdav
## DONE: reading unencrypted files when encryption is enabled works via webdav
## DONE: files created & encrypted via web ui are readable via webdav
//// DONE: new data filled files added via webdav get encrypted
//// DONE: new data filled files added via webdav are readable via webdav
//// DONE: reading unencrypted files when encryption is enabled works via
//// webdav
//// DONE: files created & encrypted via web ui are readable via webdav
# Legacy support:
// Legacy support:
## DONE: add method to check if file is encrypted using new system
## DONE: add method to check if file is encrypted using old system
## DONE: add method to fetch legacy key
## DONE: add method to decrypt legacy encrypted data
## TODO: add method to encrypt all user files using new system
## TODO: add method to decrypt all user files using new system
## TODO: add method to encrypt all user files using old system
## TODO: add method to decrypt all user files using old system
//// DONE: add method to check if file is encrypted using new system
//// DONE: add method to check if file is encrypted using old system
//// DONE: add method to fetch legacy key
//// DONE: add method to decrypt legacy encrypted data
# Admin UI:
// Admin UI:
## DONE: changing user password also changes encryption passphrase
//// DONE: changing user password also changes encryption passphrase
## TODO: add support for optional recovery in case of lost passphrase / keys
## TODO: add admin optional required long passphrase for users
## TODO: add UI buttons for encrypt / decrypt everything
## TODO: implement flag system to allow user to specify encryption by folder, subfolder, etc.
//// TODO: add support for optional recovery in case of lost passphrase / keys
//// TODO: add admin optional required long passphrase for users
//// TODO: add UI buttons for encrypt / decrypt everything
//// TODO: implement flag system to allow user to specify encryption by folder, subfolder, etc.
# Sharing:
// Sharing:
## TODO: add support for encrypting to multiple public keys
## TODO: add support for decrypting to multiple private keys
//// TODO: add support for encrypting to multiple public keys
//// TODO: add support for decrypting to multiple private keys
# Integration testing:
// Integration testing:
## TODO: test new encryption with webdav
## TODO: test new encryption with versioning
## TODO: test new encryption with sharing
## TODO: test new encryption with proxies
//// TODO: test new encryption with versioning
//// TODO: test new encryption with sharing
//// TODO: test new encryption with proxies
private $view; // OC_FilesystemView object for filesystem operations
private $userId; // ID of the currently logged-in user
private $pwd; // User Password
private $client; // Client side encryption mode flag
private $publicKeyDir; // Directory containing all public user keys
private $encryptionDir; // Directory containing user's files_encryption
private $keyfilesPath; // Directory containing user's keyfiles
private $publicKeyDir; // Dir containing all public user keys
private $encryptionDir; // Dir containing user's files_encryption
private $keyfilesPath; // Dir containing user's keyfiles
private $shareKeysPath; // Dir containing env keys for shared files
private $publicKeyPath; // Path to user's public key
private $privateKeyPath; // Path to user's private key
@ -107,9 +109,12 @@ class Util {
$this->view = $view;
$this->userId = $userId;
$this->client = $client;
$this->userDir = '/' . $this->userId;
$this->userFilesDir = '/' . $this->userId . '/' . 'files';
$this->publicKeyDir = '/' . 'public-keys';
$this->encryptionDir = '/' . $this->userId . '/' . 'files_encryption';
$this->keyfilesPath = $this->encryptionDir . '/' . 'keyfiles';
$this->shareKeysPath = $this->encryptionDir . '/' . 'share-keys';
$this->publicKeyPath = $this->publicKeyDir . '/' . $this->userId . '.public.key'; // e.g. data/public-keys/admin.public.key
$this->privateKeyPath = $this->encryptionDir . '/' . $this->userId . '.private.key'; // e.g. data/admin/admin.private.key
@ -118,7 +123,9 @@ class Util {
public function ready() {
if(
!$this->view->file_exists( $this->keyfilesPath )
!$this->view->file_exists( $this->encryptionDir )
or !$this->view->file_exists( $this->keyfilesPath )
or !$this->view->file_exists( $this->shareKeysPath )
or !$this->view->file_exists( $this->publicKeyPath )
or !$this->view->file_exists( $this->privateKeyPath )
) {
@ -139,6 +146,20 @@ class Util {
*/
public function setupServerSide( $passphrase = null ) {
// Create user dir
if( !$this->view->file_exists( $this->userDir ) ) {
$this->view->mkdir( $this->userDir );
}
// Create user files dir
if( !$this->view->file_exists( $this->userFilesDir ) ) {
$this->view->mkdir( $this->userFilesDir );
}
// Create shared public key directory
if( !$this->view->file_exists( $this->publicKeyDir ) ) {
@ -159,16 +180,23 @@ class Util {
$this->view->mkdir( $this->keyfilesPath );
}
// Create mirrored share env keys directory
if( !$this->view->file_exists( $this->shareKeysPath ) ) {
$this->view->mkdir( $this->shareKeysPath );
}
// Create user keypair
if (
!$this->view->file_exists( $this->publicKeyPath )
or !$this->view->file_exists( $this->privateKeyPath )
! $this->view->file_exists( $this->publicKeyPath )
or ! $this->view->file_exists( $this->privateKeyPath )
) {
// Generate keypair
$keypair = Crypt::createKeypair();
\OC_FileProxy::$enabled = false;
// Save public key
@ -188,48 +216,77 @@ class Util {
}
public function findFiles( $directory, $type = 'plain' ) {
# TODO: test finding non plain content
/**
* @brief Find all files and their encryption status within a directory
* @param string $directory The path of the parent directory to search
* @return mixed false if 0 found, array on success. Keys: name, path
* @note $directory needs to be a path relative to OC data dir. e.g.
* /admin/files NOT /backup OR /home/www/oc/data/admin/files
*/
public function findFiles( $directory ) {
// Disable proxy - we don't want files to be decrypted before
// we handle them
\OC_FileProxy::$enabled = false;
$found = array( 'plain' => array(), 'encrypted' => array(), 'legacy' => array() );
if (
$this->view->is_dir( $directory )
&& $handle = $this->view->opendir( $directory )
) {
if ( $handle = $this->view->opendir( $directory ) ) {
while ( false !== ( $file = readdir( $handle ) ) ) {
if (
$file != "."
&& $file != ".."
) {
$filePath = $directory . '/' . $this->view->getRelativePath( '/' . $file );
$relPath = $this->stripUserFilesPath( $filePath );
var_dump($filePath);
// If the path is a directory, search
// its contents
if ( $this->view->is_dir( $filePath ) ) {
$this->findFiles( $filePath );
// If the path is a file, determine
// its encryption status
} elseif ( $this->view->is_file( $filePath ) ) {
if ( $type == 'plain' ) {
$this->files[] = array( 'name' => $file, 'path' => $filePath );
} elseif ( $type == 'encrypted' ) {
if ( Crypt::isEncryptedContent( $this->view->file_get_contents( $filePath ) ) ) {
$this->files[] = array( 'name' => $file, 'path' => $filePath );
}
// Disable proxies again, some-
// where they got re-enabled :/
\OC_FileProxy::$enabled = false;
} elseif ( $type == 'legacy' ) {
$data = $this->view->file_get_contents( $filePath );
if ( Crypt::isLegacyEncryptedContent( $this->view->file_get_contents( $filePath ) ) ) {
// If the file is encrypted
// NOTE: If the userId is
// empty or not set, file will
// detected as plain
// NOTE: This is inefficient;
// scanning every file like this
// will eat server resources :(
if (
Keymanager::getFileKey( $this->view, $this->userId, $file )
&& Crypt::isCatfile( $data )
) {
$found['encrypted'][] = array( 'name' => $file, 'path' => $filePath );
// If the file uses old
// encryption system
} elseif ( Crypt::isLegacyEncryptedContent( $this->view->file_get_contents( $filePath ), $relPath ) ) {
$this->files[] = array( 'name' => $file, 'path' => $filePath );
$found['legacy'][] = array( 'name' => $file, 'path' => $filePath );
}
// If the file is not encrypted
} else {
$found['plain'][] = array( 'name' => $file, 'path' => $filePath );
}
@ -239,18 +296,22 @@ class Util {
}
if ( !empty( $this->files ) ) {
\OC_FileProxy::$enabled = true;
return $this->files;
} else {
if ( empty( $found ) ) {
return false;
} else {
return $found;
}
}
\OC_FileProxy::$enabled = true;
return false;
}
@ -269,26 +330,111 @@ class Util {
\OC_FileProxy::$enabled = true;
return Crypt::isEncryptedContent( $data );
return Crypt::isCatfile( $data );
}
public function encryptAll( $directory ) {
/**
* @brief Format a path to be relative to the /user/files/ directory
*/
public function stripUserFilesPath( $path ) {
$plainFiles = $this->findFiles( $this->view, 'plain' );
$trimmed = ltrim( $path, '/' );
$split = explode( '/', $trimmed );
$sliced = array_slice( $split, 2 );
$relPath = implode( '/', $sliced );
if ( $this->encryptFiles( $plainFiles ) ) {
return $relPath;
}
/**
* @brief Encrypt all files in a directory
* @param string $publicKey the public key to encrypt files with
* @param string $dirPath the directory whose files will be encrypted
* @note Encryption is recursive
*/
public function encryptAll( $publicKey, $dirPath, $legacyPassphrase = null, $newPassphrase = null ) {
if ( $found = $this->findFiles( $dirPath ) ) {
return true;
// Disable proxy to prevent file being encrypted twice
\OC_FileProxy::$enabled = false;
// Encrypt unencrypted files
foreach ( $found['plain'] as $plainFile ) {
// Fetch data from file
$plainData = $this->view->file_get_contents( $plainFile['path'] );
// Encrypt data, generate catfile
$encrypted = Crypt::keyEncryptKeyfile( $plainData, $publicKey );
$relPath = $this->stripUserFilesPath( $plainFile['path'] );
// Save keyfile
Keymanager::setFileKey( $this->view, $relPath, $this->userId, $encrypted['key'] );
// Overwrite the existing file with the encrypted one
$this->view->file_put_contents( $plainFile['path'], $encrypted['data'] );
$size = strlen( $encrypted['data'] );
// Add the file to the cache
\OC\Files\Filesystem::putFileInfo( $plainFile['path'], array( 'encrypted'=>true, 'size' => $size ), '' );
}
// Encrypt legacy encrypted files
if (
! empty( $legacyPassphrase )
&& ! empty( $newPassphrase )
) {
foreach ( $found['legacy'] as $legacyFile ) {
// Fetch data from file
$legacyData = $this->view->file_get_contents( $legacyFile['path'] );
// Recrypt data, generate catfile
$recrypted = Crypt::legacyKeyRecryptKeyfile( $legacyData, $legacyPassphrase, $publicKey, $newPassphrase );
$relPath = $this->stripUserFilesPath( $legacyFile['path'] );
// Save keyfile
Keymanager::setFileKey( $this->view, $relPath, $this->userId, $recrypted['key'] );
// Overwrite the existing file with the encrypted one
$this->view->file_put_contents( $legacyFile['path'], $recrypted['data'] );
$size = strlen( $recrypted['data'] );
// Add the file to the cache
\OC\Files\Filesystem::putFileInfo( $legacyFile['path'], array( 'encrypted'=>true, 'size' => $size ), '' );
}
}
\OC_FileProxy::$enabled = true;
// If files were found, return true
return true;
} else {
// If no files were found, return false
return false;
}
}
/**
* @brief Return important encryption related paths
* @param string $pathName Name of the directory to return the path of
* @return string path
*/
public function getPath( $pathName ) {
switch ( $pathName ) {

View File

@ -1,29 +1,19 @@
<?php
/**
* Copyright (c) 2012 Bjoern Schiessle <schiessle@owncloud.com>
* Copyright (c) 2013 Sam Tuke <samtuke@owncloud.com>
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
$sysEncMode = \OC_Appconfig::getValue('files_encryption', 'mode', 'none');
$tmpl = new OCP\Template( 'files_encryption', 'settings-personal');
if ($sysEncMode == 'user') {
$blackList = explode( ',', \OCP\Config::getAppValue( 'files_encryption', 'type_blacklist', 'jpg,png,jpeg,avi,mpg,mpeg,mkv,mp3,oga,ogv,ogg' ) );
$tmpl = new OCP\Template( 'files_encryption', 'settings-personal');
$tmpl->assign( 'blacklist', $blackList );
$query = \OC_DB::prepare( "SELECT mode FROM *PREFIX*encryption WHERE uid = ?" );
$result = $query->execute(array(\OCP\User::getUser()));
if ($row = $result->fetchRow()){
$mode = $row['mode'];
} else {
$mode = 'none';
}
OCP\Util::addscript('files_encryption','settings-personal');
$tmpl->assign('encryption_mode', $mode);
return $tmpl->fetchPage();
}
OCP\Util::addscript('files_encryption','settings-personal');
return $tmpl->fetchPage();
return null;

View File

@ -1,45 +1,22 @@
<form id="encryption">
<fieldset class="personalblock">
<strong><?php echo $l->t('Choose encryption mode:'); ?></strong>
<legend>
<?php echo $l->t( 'Encryption' ); ?>
</legend>
<p>
<input
type="hidden"
name="prev_encryption_mode"
id="prev_encryption_mode"
value="<?php echo $_['encryption_mode']; ?>"
>
<input
type="radio"
name="encryption_mode"
value="client"
id='client_encryption'
style="width:20px;"
<?php if ($_['encryption_mode'] == 'client') echo "checked='checked'"?>
/>
<?php echo $l->t('Client side encryption (most secure but makes it impossible to access your data from the web interface)'); ?>
<br />
<input
type="radio"
name="encryption_mode"
value="server"
id='server_encryption'
style="width:20px;" <?php if ($_['encryption_mode'] == 'server') echo "checked='checked'"?>
/>
<?php echo $l->t('Server side encryption (allows you to access your files from the web interface and the desktop client)'); ?>
<br />
<input
type="radio"
name="encryption_mode"
value="none"
id='none_encryption'
style="width:20px;"
<?php if ($_['encryption_mode'] == 'none') echo "checked='checked'"?>
/>
<?php echo $l->t('None (no encryption at all)'); ?>
<br/>
<?php echo $l->t( 'File encryption is enabled.' ); ?>
</p>
<?php if ( ! empty( $_["blacklist"] ) ): ?>
<p>
<?php $l->t( 'The following file types will not be encrypted:' ); ?>
</p>
<ul>
<?php foreach( $_["blacklist"] as $type ): ?>
<li>
<?php echo $type; ?>
</li>
<?php endforeach; ?>
</p>
<?php endif; ?>
</fieldset>
</form>

View File

@ -1,77 +1,18 @@
<form id="encryption">
<fieldset class="personalblock">
<strong>
<?php echo $l->t('Choose encryption mode:'); ?>
</strong>
<p>
<i>
<?php echo $l->t('Important: Once you selected an encryption mode there is no way to change it back'); ?>
</i>
</p>
<p>
<input
type="radio"
name="encryption_mode"
id="client_encryption"
value="client"
style="width:20px;"
<?php if ($_['encryption_mode'] == 'client') echo "checked='checked'"; if ($_['encryption_mode'] != 'none') echo "DISABLED"?>
/>
<strong><?php echo $l->t( 'Encryption' ); ?></strong>
<?php echo $l->t("Client side encryption (most secure but makes it impossible to access your data from the web interface)"); ?>
<?php echo $l->t( "Exclude the following file types from encryption:" ); ?>
<br />
<input
type="radio"
name="encryption_mode"
id="server_encryption"
value="server"
style="width:20px;"
<?php if ($_['encryption_mode'] == 'server') echo "checked='checked'"; if ($_['encryption_mode'] != 'none') echo "DISABLED"?>
/>
<?php echo $l->t('Server side encryption (allows you to access your files from the web interface and the desktop client)'); ?>
<br />
<input
type="radio"
name="encryption_mode"
id="user_encryption"
value="user"
style="width:20px;"
<?php if ($_['encryption_mode'] == 'user') echo "checked='checked'"; if ($_['encryption_mode'] != 'none') echo "DISABLED"?>
/>
<?php echo $l->t('User specific (let the user decide)'); ?>
<br/>
<input
type="radio"
name="encryption_mode"
id="none_encryption"
value="none"
style="width:20px;"
<?php if ($_['encryption_mode'] == 'none') echo "checked='checked'"; if ($_['encryption_mode'] != 'none') echo "DISABLED"?>
/>
<?php echo $l->t('None (no encryption at all)'); ?>
<br/>
</p>
<p>
<strong><?php echo $l->t('Encryption'); ?></strong>
<?php echo $l->t("Exclude the following file types from encryption"); ?>
<select
id='encryption_blacklist'
title="<?php echo $l->t('None')?>"
title="<?php echo $l->t( 'None' )?>"
multiple="multiple">
<?php foreach($_["blacklist"] as $type): ?>
<option selected="selected" value="<?php echo $type;?>"> <?php echo $type;?> </option>
<option selected="selected" value="<?php echo $type; ?>"> <?php echo $type; ?> </option>
<?php endforeach;?>
</select>
</p>

View File

@ -416,13 +416,13 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase {
function testIsEncryptedContent() {
$this->assertFalse( Encryption\Crypt::isEncryptedContent( $this->dataUrl ) );
$this->assertFalse( Encryption\Crypt::isCatfile( $this->dataUrl ) );
$this->assertFalse( Encryption\Crypt::isEncryptedContent( $this->legacyEncryptedData ) );
$this->assertFalse( Encryption\Crypt::isCatfile( $this->legacyEncryptedData ) );
$keyfileContent = Encryption\Crypt::symmetricEncryptFileContent( $this->dataUrl, 'hat' );
$this->assertTrue( Encryption\Crypt::isEncryptedContent( $keyfileContent ) );
$this->assertTrue( Encryption\Crypt::isCatfile( $keyfileContent ) );
}

View File

@ -79,15 +79,13 @@ class Test_Keymanager extends \PHPUnit_Framework_TestCase {
# NOTE: This cannot be tested until we are able to break out
# of the FileSystemView data directory root
// $key = Crypt::symmetricEncryptFileContentKeyfile( $this->data, 'hat' );
//
// $tmpPath = sys_get_temp_dir(). '/' . 'testSetFileKey';
//
// $view = new \OC_FilesystemView( '/tmp/' );
//
// //$view = new \OC_FilesystemView( '/' . $this->userId . '/files_encryption/keyfiles' );
//
// Encryption\Keymanager::setFileKey( $tmpPath, $key['key'], $view );
$key = Encryption\Crypt::symmetricEncryptFileContentKeyfile( $this->randomKey, 'hat' );
$path = 'unittest-'.time().'txt';
//$view = new \OC_FilesystemView( '/' . $this->userId . '/files_encryption/keyfiles' );
Encryption\Keymanager::setFileKey( $this->view, $path, $this->userId, $key['key'] );
}

View File

@ -51,7 +51,7 @@ class Test_Enc_Util extends \PHPUnit_Framework_TestCase {
$this->publicKeyPath = $this->publicKeyDir . '/' . $this->userId . '.public.key'; // e.g. data/public-keys/admin.public.key
$this->privateKeyPath = $this->encryptionDir . '/' . $this->userId . '.private.key'; // e.g. data/admin/admin.private.key
$this->view = new OC_FilesystemView( '/admin' );
$this->view = new \OC_FilesystemView( '/' );
$this->mockView = m::mock('OC_FilesystemView');
$this->util = new Encryption\Util( $this->mockView, $this->userId );
@ -88,8 +88,8 @@ class Test_Enc_Util extends \PHPUnit_Framework_TestCase {
$mockView = m::mock('OC_FilesystemView');
$mockView->shouldReceive( 'file_exists' )->times(4)->andReturn( false );
$mockView->shouldReceive( 'mkdir' )->times(3)->andReturn( true );
$mockView->shouldReceive( 'file_exists' )->times(5)->andReturn( false );
$mockView->shouldReceive( 'mkdir' )->times(4)->andReturn( true );
$mockView->shouldReceive( 'file_put_contents' )->withAnyArgs();
$util = new Encryption\Util( $mockView, $this->userId );
@ -105,7 +105,7 @@ class Test_Enc_Util extends \PHPUnit_Framework_TestCase {
$mockView = m::mock('OC_FilesystemView');
$mockView->shouldReceive( 'file_exists' )->times(5)->andReturn( true );
$mockView->shouldReceive( 'file_exists' )->times(6)->andReturn( true );
$mockView->shouldReceive( 'file_put_contents' )->withAnyArgs();
$util = new Encryption\Util( $mockView, $this->userId );
@ -149,6 +149,21 @@ class Test_Enc_Util extends \PHPUnit_Framework_TestCase {
# then false will be returned. Use strict ordering?
}
function testFindFiles() {
// $this->view->chroot( "/data/{$this->userId}/files" );
$util = new Encryption\Util( $this->view, $this->userId );
$files = $util->findFiles( '/', 'encrypted' );
var_dump( $files );
# TODO: Add more tests here to check that if any of the dirs are
# then false will be returned. Use strict ordering?
}
// /**
// * @brief test decryption using legacy blowfish method

View File

@ -36,7 +36,7 @@ $(document).ready(function() {
}
});
$('#externalStorage tbody tr input').live('keyup', function() {
$('#externalStorage tbody').on('keyup', 'tr input', function() {
var tr = $(this).parent().parent();
if ($(tr).hasClass('\\\\OC\\\\Files\\\\Storage\\\\Dropbox') && $(tr).find('[data-parameter="configured"]').val() != 'true') {
var config = $(tr).find('.configuration');
@ -52,7 +52,7 @@ $(document).ready(function() {
}
});
$('.dropbox').live('click', function(event) {
$('.dropbox').on('click', function(event) {
event.preventDefault();
var app_key = $(this).parent().find('[data-parameter="app_key"]').val();
var app_secret = $(this).parent().find('[data-parameter="app_secret"]').val();

View File

@ -33,8 +33,7 @@ $(document).ready(function() {
}
});
$('#externalStorage tbody tr').live('change', function() {
console.log('hello');
$('#externalStorage tbody').on('change', 'tr', function() {
if ($(this).hasClass('\\\\OC\\\\Files\\\\Storage\\\\Google') && $(this).find('[data-parameter="configured"]').val() != 'true') {
if ($(this).find('.mountPoint input').val() != '') {
if ($(this).find('.google').length == 0) {
@ -44,7 +43,7 @@ $(document).ready(function() {
}
});
$('#externalStorage tbody tr .mountPoint input').live('keyup', function() {
$('#externalStorage tbody').on('keyup', 'tr .mountPoint input', function() {
var tr = $(this).parent().parent();
if ($(tr).hasClass('\\\\OC\\\\Files\\\\Storage\\\\Google') && $(tr).find('[data-parameter="configured"]').val() != 'true' && $(tr).find('.google').length > 0) {
if ($(this).val() != '') {
@ -55,7 +54,7 @@ $(document).ready(function() {
}
});
$('.google').live('click', function(event) {
$('.google').on('click', function(event) {
event.preventDefault();
var tr = $(this).parent().parent();
var configured = $(this).parent().find('[data-parameter="configured"]');

View File

@ -71,7 +71,7 @@ OC.MountConfig={
$(document).ready(function() {
$('.chzn-select').chosen();
$('#selectBackend').live('change', function() {
$('#selectBackend').on('change', function() {
var tr = $(this).parent().parent();
$('#externalStorage tbody').append($(tr).clone());
$('#externalStorage tbody tr').last().find('.mountPoint input').val('');
@ -135,11 +135,11 @@ $(document).ready(function() {
return defaultMountPoint+append;
}
$('#externalStorage td').live('change', function() {
$('#externalStorage').on('change', 'td', function() {
OC.MountConfig.saveStorage($(this).parent());
});
$('td.remove>img').live('click', function() {
$('td.remove>img').on('click', function() {
var tr = $(this).parent().parent();
var mountPoint = $(tr).find('.mountPoint input').val();
if ( ! mountPoint) {

View File

@ -0,0 +1,3 @@
<?php $TRANSLATIONS = array(
"Users" => "Gebruikers"
);

Some files were not shown because too many files have changed in this diff Show More