add $encryptionModuleId to methods of Keys/IStorage
This commit is contained in:
parent
570718fb6b
commit
fc4127dd62
|
@ -24,8 +24,10 @@
|
|||
namespace OCA\Encryption\AppInfo;
|
||||
|
||||
|
||||
use OC\Files\Filesystem;
|
||||
use OC\Files\View;
|
||||
use OCA\Encryption\Controller\RecoveryController;
|
||||
use OCA\Encryption\Controller\SettingsController;
|
||||
use OCA\Encryption\Controller\StatusController;
|
||||
use OCA\Encryption\Crypto\Crypt;
|
||||
use OCA\Encryption\Crypto\Encryption;
|
||||
use OCA\Encryption\HookManager;
|
||||
|
@ -126,11 +128,11 @@ class Application extends \OCP\AppFramework\App {
|
|||
function (IAppContainer $c) {
|
||||
$server = $c->getServer();
|
||||
|
||||
return new KeyManager($server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID),
|
||||
return new KeyManager($server->getEncryptionKeyStorage(),
|
||||
$c->query('Crypt'),
|
||||
$server->getConfig(),
|
||||
$server->getUserSession(),
|
||||
new \OCA\Encryption\Session($server->getSession()),
|
||||
new Session($server->getSession()),
|
||||
$server->getLogger(),
|
||||
$c->query('Util')
|
||||
);
|
||||
|
@ -146,14 +148,14 @@ class Application extends \OCP\AppFramework\App {
|
|||
$server->getSecureRandom(),
|
||||
$c->query('KeyManager'),
|
||||
$server->getConfig(),
|
||||
$server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID),
|
||||
$server->getEncryptionKeyStorage(),
|
||||
$server->getEncryptionFilesHelper(),
|
||||
new \OC\Files\View());
|
||||
new View());
|
||||
});
|
||||
|
||||
$container->registerService('RecoveryController', function (IAppContainer $c) {
|
||||
$server = $c->getServer();
|
||||
return new \OCA\Encryption\Controller\RecoveryController(
|
||||
return new RecoveryController(
|
||||
$c->getAppName(),
|
||||
$server->getRequest(),
|
||||
$server->getConfig(),
|
||||
|
@ -163,7 +165,7 @@ class Application extends \OCP\AppFramework\App {
|
|||
|
||||
$container->registerService('StatusController', function (IAppContainer $c) {
|
||||
$server = $c->getServer();
|
||||
return new \OCA\Encryption\Controller\StatusController(
|
||||
return new StatusController(
|
||||
$c->getAppName(),
|
||||
$server->getRequest(),
|
||||
$server->getL10N($c->getAppName()),
|
||||
|
@ -173,7 +175,7 @@ class Application extends \OCP\AppFramework\App {
|
|||
|
||||
$container->registerService('SettingsController', function (IAppContainer $c) {
|
||||
$server = $c->getServer();
|
||||
return new \OCA\Encryption\Controller\SettingsController(
|
||||
return new SettingsController(
|
||||
$c->getAppName(),
|
||||
$server->getRequest(),
|
||||
$server->getL10N($c->getAppName()),
|
||||
|
|
|
@ -23,6 +23,7 @@
|
|||
namespace OCA\Encryption;
|
||||
|
||||
use OC\Encryption\Exceptions\DecryptionFailedException;
|
||||
use OCA\Encryption\Crypto\Encryption;
|
||||
use OCA\Encryption\Exceptions\PrivateKeyMissingException;
|
||||
use OCA\Encryption\Exceptions\PublicKeyMissingException;
|
||||
use OCA\Encryption\Crypto\Crypt;
|
||||
|
@ -136,7 +137,8 @@ class KeyManager {
|
|||
|
||||
// Save public key
|
||||
$this->keyStorage->setSystemUserKey(
|
||||
$this->publicShareKeyId . '.publicKey', $keyPair['publicKey']);
|
||||
$this->publicShareKeyId . '.publicKey', $keyPair['publicKey'],
|
||||
Encryption::ID);
|
||||
|
||||
// Encrypt private key empty passphrase
|
||||
$encryptedKey = $this->crypt->symmetricEncryptFileContent($keyPair['privateKey'], '');
|
||||
|
@ -162,7 +164,7 @@ class KeyManager {
|
|||
* @return string
|
||||
*/
|
||||
public function getRecoveryKey() {
|
||||
return $this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.publicKey');
|
||||
return $this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.publicKey', Encryption::ID);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -179,7 +181,7 @@ class KeyManager {
|
|||
* @return bool
|
||||
*/
|
||||
public function checkRecoveryPassword($password) {
|
||||
$recoveryKey = $this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.privateKey');
|
||||
$recoveryKey = $this->keyStorage->getSystemUserKey($this->recoveryKeyId . '.privateKey', Encryption::ID);
|
||||
$decryptedRecoveryKey = $this->crypt->decryptPrivateKey($recoveryKey,
|
||||
$password);
|
||||
|
||||
|
@ -217,7 +219,10 @@ class KeyManager {
|
|||
*/
|
||||
public function setRecoveryKey($password, $keyPair) {
|
||||
// Save Public Key
|
||||
$this->keyStorage->setSystemUserKey($this->getRecoveryKeyId(). '.publicKey', $keyPair['publicKey']);
|
||||
$this->keyStorage->setSystemUserKey($this->getRecoveryKeyId().
|
||||
'.publicKey',
|
||||
$keyPair['publicKey'],
|
||||
Encryption::ID);
|
||||
|
||||
$encryptedKey = $this->crypt->symmetricEncryptFileContent($keyPair['privateKey'],
|
||||
$password);
|
||||
|
@ -236,7 +241,7 @@ class KeyManager {
|
|||
* @return bool
|
||||
*/
|
||||
public function setPublicKey($userId, $key) {
|
||||
return $this->keyStorage->setUserKey($userId, $this->publicKeyId, $key);
|
||||
return $this->keyStorage->setUserKey($userId, $this->publicKeyId, $key, Encryption::ID);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -247,7 +252,8 @@ class KeyManager {
|
|||
public function setPrivateKey($userId, $key) {
|
||||
return $this->keyStorage->setUserKey($userId,
|
||||
$this->privateKeyId,
|
||||
$key);
|
||||
$key,
|
||||
Encryption::ID);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -258,7 +264,7 @@ class KeyManager {
|
|||
* @return boolean
|
||||
*/
|
||||
public function setFileKey($path, $key) {
|
||||
return $this->keyStorage->setFileKey($path, $this->fileKeyId, $key);
|
||||
return $this->keyStorage->setFileKey($path, $this->fileKeyId, $key, Encryption::ID);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -284,7 +290,7 @@ class KeyManager {
|
|||
*/
|
||||
public function setShareKey($path, $uid, $key) {
|
||||
$keyId = $uid . '.' . $this->shareKeyId;
|
||||
return $this->keyStorage->setFileKey($path, $keyId, $key);
|
||||
return $this->keyStorage->setFileKey($path, $keyId, $key, Encryption::ID);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -324,7 +330,7 @@ class KeyManager {
|
|||
*/
|
||||
public function getPrivateKey($userId) {
|
||||
$privateKey = $this->keyStorage->getUserKey($userId,
|
||||
$this->privateKeyId);
|
||||
$this->privateKeyId, Encryption::ID);
|
||||
|
||||
if (strlen($privateKey) !== 0) {
|
||||
return $privateKey;
|
||||
|
@ -338,12 +344,12 @@ class KeyManager {
|
|||
* @return string
|
||||
*/
|
||||
public function getFileKey($path, $uid) {
|
||||
$encryptedFileKey = $this->keyStorage->getFileKey($path, $this->fileKeyId);
|
||||
$encryptedFileKey = $this->keyStorage->getFileKey($path, $this->fileKeyId, Encryption::ID);
|
||||
|
||||
if (is_null($uid)) {
|
||||
$uid = $this->getPublicShareKeyId();
|
||||
$shareKey = $this->getShareKey($path, $uid);
|
||||
$privateKey = $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.privateKey');
|
||||
$privateKey = $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.privateKey', Encryption::ID);
|
||||
$privateKey = $this->crypt->decryptPrivateKey($privateKey);
|
||||
} else {
|
||||
$shareKey = $this->getShareKey($path, $uid);
|
||||
|
@ -367,7 +373,7 @@ class KeyManager {
|
|||
*/
|
||||
public function getEncryptedFileKey($path) {
|
||||
$encryptedFileKey = $this->keyStorage->getFileKey($path,
|
||||
$this->fileKeyId);
|
||||
$this->fileKeyId, Encryption::ID);
|
||||
|
||||
return $encryptedFileKey;
|
||||
}
|
||||
|
@ -380,7 +386,10 @@ class KeyManager {
|
|||
* @return boolean
|
||||
*/
|
||||
public function deleteShareKey($path, $keyId) {
|
||||
return $this->keyStorage->deleteFileKey($path, $keyId . '.' . $this->shareKeyId);
|
||||
return $this->keyStorage->deleteFileKey(
|
||||
$path,
|
||||
$keyId . '.' . $this->shareKeyId,
|
||||
Encryption::ID);
|
||||
}
|
||||
|
||||
|
||||
|
@ -391,7 +400,7 @@ class KeyManager {
|
|||
*/
|
||||
public function getShareKey($path, $uid) {
|
||||
$keyId = $uid . '.' . $this->shareKeyId;
|
||||
return $this->keyStorage->getFileKey($path, $keyId);
|
||||
return $this->keyStorage->getFileKey($path, $keyId, Encryption::ID);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -416,7 +425,7 @@ class KeyManager {
|
|||
* @throws PublicKeyMissingException
|
||||
*/
|
||||
public function getPublicKey($userId) {
|
||||
$publicKey = $this->keyStorage->getUserKey($userId, $this->publicKeyId);
|
||||
$publicKey = $this->keyStorage->getUserKey($userId, $this->publicKeyId, Encryption::ID);
|
||||
|
||||
if (strlen($publicKey) !== 0) {
|
||||
return $publicKey;
|
||||
|
@ -434,7 +443,7 @@ class KeyManager {
|
|||
* @return string
|
||||
*/
|
||||
public function getPublicShareKey() {
|
||||
return $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.publicKey');
|
||||
return $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.publicKey', Encryption::ID);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -460,7 +469,7 @@ class KeyManager {
|
|||
* @return bool
|
||||
*/
|
||||
public function deletePublicKey($uid) {
|
||||
return $this->keyStorage->deleteUserKey($uid, $this->publicKeyId);
|
||||
return $this->keyStorage->deleteUserKey($uid, $this->publicKeyId, Encryption::ID);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -468,11 +477,11 @@ class KeyManager {
|
|||
* @return bool
|
||||
*/
|
||||
private function deletePrivateKey($uid) {
|
||||
return $this->keyStorage->deleteUserKey($uid, $this->privateKeyId);
|
||||
return $this->keyStorage->deleteUserKey($uid, $this->privateKeyId, Encryption::ID);
|
||||
}
|
||||
|
||||
public function deleteAllFileKeys($path) {
|
||||
return $this->keyStorage->deleteAllFileKeys($path);
|
||||
return $this->keyStorage->deleteAllFileKeys($path, Encryption::ID);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -500,7 +509,7 @@ class KeyManager {
|
|||
* @return string returns openssl key
|
||||
*/
|
||||
public function getSystemPrivateKey($keyId) {
|
||||
return $this->keyStorage->getSystemUserKey($keyId . '.' . $this->privateKeyId);
|
||||
return $this->keyStorage->getSystemUserKey($keyId . '.' . $this->privateKeyId, Encryption::ID);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -509,7 +518,10 @@ class KeyManager {
|
|||
* @return string returns openssl key
|
||||
*/
|
||||
public function setSystemPrivateKey($keyId, $key) {
|
||||
return $this->keyStorage->setSystemUserKey($keyId . '.' . $this->privateKeyId, $key);
|
||||
return $this->keyStorage->setSystemUserKey(
|
||||
$keyId . '.' . $this->privateKeyId,
|
||||
$key,
|
||||
Encryption::ID);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -38,7 +38,7 @@ $util = new \OCA\Encryption\Util(
|
|||
\OC::$server->getConfig());
|
||||
|
||||
$keyManager = new \OCA\Encryption\KeyManager(
|
||||
\OC::$server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID),
|
||||
\OC::$server->getEncryptionKeyStorage(),
|
||||
$crypt,
|
||||
\OC::$server->getConfig(),
|
||||
$userSession,
|
||||
|
|
|
@ -76,8 +76,8 @@ class DummyModule implements IEncryptionModule {
|
|||
public function end($path) {
|
||||
|
||||
if ($this->isWriteOperation) {
|
||||
$storage = \OC::$server->getEncryptionKeyStorage($this->getId());
|
||||
$storage->setFileKey($path, 'fileKey', 'foo');
|
||||
$storage = \OC::$server->getEncryptionKeyStorage();
|
||||
$storage->setFileKey($path, 'fileKey', 'foo', $this->getId());
|
||||
}
|
||||
return '';
|
||||
}
|
||||
|
|
|
@ -1,50 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* @author Björn Schießle <schiessle@owncloud.com>
|
||||
*
|
||||
* @copyright Copyright (c) 2015, ownCloud, Inc.
|
||||
* @license AGPL-3.0
|
||||
*
|
||||
* This code is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License, version 3,
|
||||
* as published by the Free Software Foundation.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License, version 3,
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OC\Encryption\Keys;
|
||||
|
||||
use OC\Encryption\Util;
|
||||
use OC\Files\View;
|
||||
use OC\User;
|
||||
|
||||
/**
|
||||
* Factory provides KeyStorage for different encryption modules
|
||||
*/
|
||||
class Factory {
|
||||
/** @var array */
|
||||
protected $instances = array();
|
||||
|
||||
/**
|
||||
* get a KeyStorage instance
|
||||
*
|
||||
* @param string $encryptionModuleId
|
||||
* @param View $view
|
||||
* @param Util $util
|
||||
* @return Storage
|
||||
*/
|
||||
public function get($encryptionModuleId,View $view, Util $util) {
|
||||
if (!isset($this->instances[$encryptionModuleId])) {
|
||||
$this->instances[$encryptionModuleId] = new Storage($encryptionModuleId, $view, $util);
|
||||
}
|
||||
return $this->instances[$encryptionModuleId];
|
||||
}
|
||||
|
||||
}
|
|
@ -23,10 +23,12 @@
|
|||
namespace OC\Encryption\Keys;
|
||||
|
||||
use OC\Encryption\Util;
|
||||
use OC\Files\Filesystem;
|
||||
use OC\Files\View;
|
||||
use OCP\Encryption\Exceptions\GenericEncryptionException;
|
||||
use OCP\Encryption\Keys\IStorage;
|
||||
|
||||
class Storage implements \OCP\Encryption\Keys\IStorage {
|
||||
class Storage implements IStorage {
|
||||
|
||||
/** @var View */
|
||||
private $view;
|
||||
|
@ -40,152 +42,100 @@ class Storage implements \OCP\Encryption\Keys\IStorage {
|
|||
|
||||
private $keyCache = array();
|
||||
|
||||
/** @var string */
|
||||
private $encryptionModuleId;
|
||||
|
||||
/**
|
||||
* @param string $encryptionModuleId
|
||||
* @param View $view
|
||||
* @param Util $util
|
||||
*/
|
||||
public function __construct($encryptionModuleId, View $view, Util $util) {
|
||||
public function __construct(View $view, Util $util) {
|
||||
$this->view = $view;
|
||||
$this->util = $util;
|
||||
$this->encryptionModuleId = $encryptionModuleId;
|
||||
|
||||
$this->encryption_base_dir = '/files_encryption';
|
||||
$this->keys_base_dir = $this->encryption_base_dir .'/keys';
|
||||
}
|
||||
|
||||
/**
|
||||
* get user specific key
|
||||
*
|
||||
* @param string $uid ID if the user for whom we want the key
|
||||
* @param string $keyId id of the key
|
||||
*
|
||||
* @return mixed key
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getUserKey($uid, $keyId) {
|
||||
$path = $this->constructUserKeyPath($keyId, $uid);
|
||||
public function getUserKey($uid, $keyId, $encryptionModuleId) {
|
||||
$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
|
||||
return $this->getKey($path);
|
||||
}
|
||||
|
||||
/**
|
||||
* get file specific key
|
||||
*
|
||||
* @param string $path path to file
|
||||
* @param string $keyId id of the key
|
||||
*
|
||||
* @return mixed key
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getFileKey($path, $keyId) {
|
||||
$keyDir = $this->getFileKeyDir($path);
|
||||
public function getFileKey($path, $keyId, $encryptionModuleId) {
|
||||
$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
|
||||
return $this->getKey($keyDir . $keyId);
|
||||
}
|
||||
|
||||
/**
|
||||
* get system-wide encryption keys not related to a specific user,
|
||||
* e.g something like a key for public link shares
|
||||
*
|
||||
* @param string $keyId id of the key
|
||||
*
|
||||
* @return mixed key
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getSystemUserKey($keyId) {
|
||||
$path = $this->constructUserKeyPath($keyId);
|
||||
public function getSystemUserKey($keyId, $encryptionModuleId) {
|
||||
$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
|
||||
return $this->getKey($path);
|
||||
}
|
||||
|
||||
/**
|
||||
* set user specific key
|
||||
*
|
||||
* @param string $uid ID if the user for whom we want the key
|
||||
* @param string $keyId id of the key
|
||||
* @param mixed $key
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function setUserKey($uid, $keyId, $key) {
|
||||
$path = $this->constructUserKeyPath($keyId, $uid);
|
||||
public function setUserKey($uid, $keyId, $key, $encryptionModuleId) {
|
||||
$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
|
||||
return $this->setKey($path, $key);
|
||||
}
|
||||
|
||||
/**
|
||||
* set file specific key
|
||||
*
|
||||
* @param string $path path to file
|
||||
* @param string $keyId id of the key
|
||||
* @param boolean
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function setFileKey($path, $keyId, $key) {
|
||||
$keyDir = $this->getFileKeyDir($path);
|
||||
public function setFileKey($path, $keyId, $key, $encryptionModuleId) {
|
||||
$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
|
||||
return $this->setKey($keyDir . $keyId, $key);
|
||||
}
|
||||
|
||||
/**
|
||||
* set system-wide encryption keys not related to a specific user,
|
||||
* e.g something like a key for public link shares
|
||||
*
|
||||
* @param string $keyId id of the key
|
||||
* @param mixed $key
|
||||
*
|
||||
* @return mixed key
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function setSystemUserKey($keyId, $key) {
|
||||
$path = $this->constructUserKeyPath($keyId);
|
||||
public function setSystemUserKey($keyId, $key, $encryptionModuleId) {
|
||||
$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
|
||||
return $this->setKey($path, $key);
|
||||
}
|
||||
|
||||
/**
|
||||
* delete user specific key
|
||||
*
|
||||
* @param string $uid ID if the user for whom we want to delete the key
|
||||
* @param string $keyId id of the key
|
||||
*
|
||||
* @return boolean False when the key could not be deleted
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function deleteUserKey($uid, $keyId) {
|
||||
$path = $this->constructUserKeyPath($keyId, $uid);
|
||||
public function deleteUserKey($uid, $keyId, $encryptionModuleId) {
|
||||
$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
|
||||
return !$this->view->file_exists($path) || $this->view->unlink($path);
|
||||
}
|
||||
|
||||
/**
|
||||
* delete file specific key
|
||||
*
|
||||
* @param string $path path to file
|
||||
* @param string $keyId id of the key
|
||||
*
|
||||
* @return boolean False when the key could not be deleted
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function deleteFileKey($path, $keyId) {
|
||||
$keyDir = $this->getFileKeyDir($path);
|
||||
public function deleteFileKey($path, $keyId, $encryptionModuleId) {
|
||||
$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
|
||||
return !$this->view->file_exists($keyDir . $keyId) || $this->view->unlink($keyDir . $keyId);
|
||||
}
|
||||
|
||||
/**
|
||||
* delete all file keys for a given file
|
||||
*
|
||||
* @param string $path to the file
|
||||
* @return boolean False when the key could not be deleted
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function deleteAllFileKeys($path) {
|
||||
$keyDir = $this->getFileKeyDir($path);
|
||||
public function deleteAllFileKeys($path, $encryptionModuleId) {
|
||||
$keyDir = $this->getFileKeyDir($encryptionModuleId, $path);
|
||||
$path = dirname($keyDir);
|
||||
return !$this->view->file_exists($path) || $this->view->deleteAll($path);
|
||||
}
|
||||
|
||||
/**
|
||||
* delete system-wide encryption keys not related to a specific user,
|
||||
* e.g something like a key for public link shares
|
||||
*
|
||||
* @param string $keyId id of the key
|
||||
*
|
||||
* @return boolean False when the key could not be deleted
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function deleteSystemUserKey($keyId) {
|
||||
$path = $this->constructUserKeyPath($keyId);
|
||||
public function deleteSystemUserKey($keyId, $encryptionModuleId) {
|
||||
$path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
|
||||
return !$this->view->file_exists($path) || $this->view->unlink($path);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* construct path to users key
|
||||
*
|
||||
|
@ -193,13 +143,13 @@ class Storage implements \OCP\Encryption\Keys\IStorage {
|
|||
* @param string $uid
|
||||
* @return string
|
||||
*/
|
||||
protected function constructUserKeyPath($keyId, $uid = null) {
|
||||
protected function constructUserKeyPath($encryptionModuleId, $keyId, $uid) {
|
||||
|
||||
if ($uid === null) {
|
||||
$path = $this->encryption_base_dir . '/' . $this->encryptionModuleId . '/' . $keyId;
|
||||
$path = $this->encryption_base_dir . '/' . $encryptionModuleId . '/' . $keyId;
|
||||
} else {
|
||||
$path = '/' . $uid . $this->encryption_base_dir . '/'
|
||||
. $this->encryptionModuleId . '/' . $uid . '.' . $keyId;
|
||||
. $encryptionModuleId . '/' . $uid . '.' . $keyId;
|
||||
}
|
||||
|
||||
return $path;
|
||||
|
@ -256,7 +206,7 @@ class Storage implements \OCP\Encryption\Keys\IStorage {
|
|||
* @throws GenericEncryptionException
|
||||
* @internal param string $keyId
|
||||
*/
|
||||
private function getFileKeyDir($path) {
|
||||
private function getFileKeyDir($encryptionModuleId, $path) {
|
||||
|
||||
if ($this->view->is_dir($path)) {
|
||||
throw new GenericEncryptionException("file was expected but directory was given: $path");
|
||||
|
@ -272,7 +222,7 @@ class Storage implements \OCP\Encryption\Keys\IStorage {
|
|||
$keyPath = '/' . $owner . $this->keys_base_dir . $filename . '/';
|
||||
}
|
||||
|
||||
return \OC\Files\Filesystem::normalizePath($keyPath . $this->encryptionModuleId . '/', false);
|
||||
return Filesystem::normalizePath($keyPath . $encryptionModuleId . '/', false);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -187,8 +187,9 @@ class Encryption extends Wrapper {
|
|||
|
||||
$encryptionModule = $this->getEncryptionModule($path);
|
||||
if ($encryptionModule) {
|
||||
$keyStorage = $this->getKeyStorage($encryptionModule->getId());
|
||||
$keyStorage->deleteAllFileKeys($this->getFullPath($path));
|
||||
$keyStorage = $this->getKeyStorage();
|
||||
$keyStorage->deleteAllFileKeys($this->getFullPath($path),
|
||||
$encryptionModule->getId());
|
||||
}
|
||||
|
||||
return $this->storage->unlink($path);
|
||||
|
@ -436,8 +437,8 @@ class Encryption extends Wrapper {
|
|||
* @param string $encryptionModuleId
|
||||
* @return \OCP\Encryption\Keys\IStorage
|
||||
*/
|
||||
protected function getKeyStorage($encryptionModuleId) {
|
||||
$keyStorage = \OC::$server->getEncryptionKeyStorage($encryptionModuleId);
|
||||
protected function getKeyStorage() {
|
||||
$keyStorage = \OC::$server->getEncryptionKeyStorage();
|
||||
return $keyStorage;
|
||||
}
|
||||
|
||||
|
|
|
@ -97,8 +97,16 @@ class Server extends SimpleContainer implements IServerContainer {
|
|||
return new Encryption\File($util);
|
||||
});
|
||||
|
||||
$this->registerService('EncryptionKeyStorageFactory', function ($c) {
|
||||
return new Encryption\Keys\Factory();
|
||||
$this->registerService('EncryptionKeyStorage', function (Server $c) {
|
||||
$view = new \OC\Files\View();
|
||||
$util = new \OC\Encryption\Util(
|
||||
$view,
|
||||
$c->getUserManager(),
|
||||
$c->getGroupManager(),
|
||||
$c->getConfig()
|
||||
);
|
||||
|
||||
return new Encryption\Keys\Storage($view, $util);
|
||||
});
|
||||
$this->registerService('TagMapper', function(Server $c) {
|
||||
return new TagMapper($c->getDatabaseConnection());
|
||||
|
@ -436,19 +444,10 @@ class Server extends SimpleContainer implements IServerContainer {
|
|||
}
|
||||
|
||||
/**
|
||||
* @param string $encryptionModuleId encryption module ID
|
||||
*
|
||||
* @return \OCP\Encryption\Keys\IStorage
|
||||
*/
|
||||
public function getEncryptionKeyStorage($encryptionModuleId) {
|
||||
$view = new \OC\Files\View();
|
||||
$util = new \OC\Encryption\Util(
|
||||
$view,
|
||||
\OC::$server->getUserManager(),
|
||||
\OC::$server->getGroupManager(),
|
||||
\OC::$server->getConfig()
|
||||
);
|
||||
return $this->query('EncryptionKeyStorageFactory')->get($encryptionModuleId, $view, $util);
|
||||
public function getEncryptionKeyStorage() {
|
||||
return $this->query('EncryptionKeyStorage');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -35,33 +35,36 @@ interface IStorage {
|
|||
*
|
||||
* @param string $uid ID if the user for whom we want the key
|
||||
* @param string $keyId id of the key
|
||||
* @param string $encryptionModuleId
|
||||
*
|
||||
* @return mixed key
|
||||
* @since 8.1.0
|
||||
*/
|
||||
public function getUserKey($uid, $keyId);
|
||||
public function getUserKey($uid, $keyId, $encryptionModuleId);
|
||||
|
||||
/**
|
||||
* get file specific key
|
||||
*
|
||||
* @param string $path path to file
|
||||
* @param string $keyId id of the key
|
||||
* @param string $encryptionModuleId
|
||||
*
|
||||
* @return mixed key
|
||||
* @since 8.1.0
|
||||
*/
|
||||
public function getFileKey($path, $keyId);
|
||||
public function getFileKey($path, $keyId, $encryptionModuleId);
|
||||
|
||||
/**
|
||||
* get system-wide encryption keys not related to a specific user,
|
||||
* e.g something like a key for public link shares
|
||||
*
|
||||
* @param string $keyId id of the key
|
||||
* @param string $encryptionModuleId
|
||||
*
|
||||
* @return mixed key
|
||||
* @since 8.1.0
|
||||
*/
|
||||
public function getSystemUserKey($keyId);
|
||||
public function getSystemUserKey($keyId, $encryptionModuleId);
|
||||
|
||||
/**
|
||||
* set user specific key
|
||||
|
@ -69,19 +72,21 @@ interface IStorage {
|
|||
* @param string $uid ID if the user for whom we want the key
|
||||
* @param string $keyId id of the key
|
||||
* @param mixed $key
|
||||
* @param string $encryptionModuleId
|
||||
* @since 8.1.0
|
||||
*/
|
||||
public function setUserKey($uid, $keyId, $key);
|
||||
public function setUserKey($uid, $keyId, $key, $encryptionModuleId);
|
||||
|
||||
/**
|
||||
* set file specific key
|
||||
*
|
||||
* @param string $path path to file
|
||||
* @param string $keyId id of the key
|
||||
* @param boolean
|
||||
* @param mixed $key
|
||||
* @param string $encryptionModuleId
|
||||
* @since 8.1.0
|
||||
*/
|
||||
public function setFileKey($path, $keyId, $key);
|
||||
public function setFileKey($path, $keyId, $key, $encryptionModuleId);
|
||||
|
||||
/**
|
||||
* set system-wide encryption keys not related to a specific user,
|
||||
|
@ -89,53 +94,59 @@ interface IStorage {
|
|||
*
|
||||
* @param string $keyId id of the key
|
||||
* @param mixed $key
|
||||
* @param string $encryptionModuleId
|
||||
*
|
||||
* @return mixed key
|
||||
* @since 8.1.0
|
||||
*/
|
||||
public function setSystemUserKey($keyId, $key);
|
||||
public function setSystemUserKey($keyId, $key, $encryptionModuleId);
|
||||
|
||||
/**
|
||||
* delete user specific key
|
||||
*
|
||||
* @param string $uid ID if the user for whom we want to delete the key
|
||||
* @param string $keyId id of the key
|
||||
* @param string $encryptionModuleId
|
||||
*
|
||||
* @return boolean False when the key could not be deleted
|
||||
* @since 8.1.0
|
||||
*/
|
||||
public function deleteUserKey($uid, $keyId);
|
||||
public function deleteUserKey($uid, $keyId, $encryptionModuleId);
|
||||
|
||||
/**
|
||||
* delete file specific key
|
||||
*
|
||||
* @param string $path path to file
|
||||
* @param string $keyId id of the key
|
||||
* @param string $encryptionModuleId
|
||||
*
|
||||
* @return boolean False when the key could not be deleted
|
||||
* @since 8.1.0
|
||||
*/
|
||||
public function deleteFileKey($path, $keyId);
|
||||
public function deleteFileKey($path, $keyId, $encryptionModuleId);
|
||||
|
||||
/**
|
||||
* delete all file keys for a given file
|
||||
*
|
||||
* @param string $path to the file
|
||||
* @param string $encryptionModuleId
|
||||
*
|
||||
* @return boolean False when the keys could not be deleted
|
||||
* @since 8.1.0
|
||||
*/
|
||||
public function deleteAllFileKeys($path);
|
||||
public function deleteAllFileKeys($path, $encryptionModuleId);
|
||||
|
||||
/**
|
||||
* delete system-wide encryption keys not related to a specific user,
|
||||
* e.g something like a key for public link shares
|
||||
*
|
||||
* @param string $keyId id of the key
|
||||
* @param string $encryptionModuleId
|
||||
*
|
||||
* @return boolean False when the key could not be deleted
|
||||
* @since 8.1.0
|
||||
*/
|
||||
public function deleteSystemUserKey($keyId);
|
||||
public function deleteSystemUserKey($keyId, $encryptionModuleId);
|
||||
|
||||
/**
|
||||
* copy keys if a file was renamed
|
||||
|
|
|
@ -211,12 +211,10 @@ interface IServerContainer {
|
|||
public function getEncryptionFilesHelper();
|
||||
|
||||
/**
|
||||
* @param string $encryptionModuleId encryption module ID
|
||||
*
|
||||
* @return \OCP\Encryption\Keys\IStorage
|
||||
* @since 8.1.0
|
||||
*/
|
||||
public function getEncryptionKeyStorage($encryptionModuleId);
|
||||
public function getEncryptionKeyStorage();
|
||||
|
||||
/**
|
||||
* Returns the URL generator
|
||||
|
|
|
@ -83,7 +83,7 @@ class Controller {
|
|||
\OC::$server->getLogger(),
|
||||
\OC::$server->getUserSession(),
|
||||
\OC::$server->getConfig());
|
||||
$keyStorage = \OC::$server->getEncryptionKeyStorage(\OCA\Encryption\Crypto\Encryption::ID);
|
||||
$keyStorage = \OC::$server->getEncryptionKeyStorage();
|
||||
$util = new \OCA\Encryption\Util(
|
||||
new \OC\Files\View(),
|
||||
$crypt,
|
||||
|
|
|
@ -48,8 +48,7 @@ class StorageTest extends TestCase {
|
|||
->disableOriginalConstructor()
|
||||
->getMock();
|
||||
|
||||
$this->storage = new Storage('encModule', $this->view, $this->util);
|
||||
|
||||
$this->storage = new Storage($this->view, $this->util);
|
||||
}
|
||||
|
||||
public function testSetFileKey() {
|
||||
|
@ -69,7 +68,7 @@ class StorageTest extends TestCase {
|
|||
->willReturn(strlen('key'));
|
||||
|
||||
$this->assertTrue(
|
||||
$this->storage->setFileKey('user1/files/foo.txt', 'fileKey', 'key')
|
||||
$this->storage->setFileKey('user1/files/foo.txt', 'fileKey', 'key', 'encModule')
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -93,7 +92,7 @@ class StorageTest extends TestCase {
|
|||
->willReturn(true);
|
||||
|
||||
$this->assertSame('key',
|
||||
$this->storage->getFileKey('user1/files/foo.txt', 'fileKey')
|
||||
$this->storage->getFileKey('user1/files/foo.txt', 'fileKey', 'encModule')
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -114,7 +113,7 @@ class StorageTest extends TestCase {
|
|||
->willReturn(strlen('key'));
|
||||
|
||||
$this->assertTrue(
|
||||
$this->storage->setFileKey('user1/files/foo.txt', 'fileKey', 'key')
|
||||
$this->storage->setFileKey('user1/files/foo.txt', 'fileKey', 'key', 'encModule')
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -138,7 +137,7 @@ class StorageTest extends TestCase {
|
|||
->willReturn(true);
|
||||
|
||||
$this->assertSame('key',
|
||||
$this->storage->getFileKey('user1/files/foo.txt', 'fileKey')
|
||||
$this->storage->getFileKey('user1/files/foo.txt', 'fileKey', 'encModule')
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -150,7 +149,7 @@ class StorageTest extends TestCase {
|
|||
->willReturn(strlen('key'));
|
||||
|
||||
$this->assertTrue(
|
||||
$this->storage->setSystemUserKey('shareKey_56884', 'key')
|
||||
$this->storage->setSystemUserKey('shareKey_56884', 'key', 'encModule')
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -162,7 +161,7 @@ class StorageTest extends TestCase {
|
|||
->willReturn(strlen('key'));
|
||||
|
||||
$this->assertTrue(
|
||||
$this->storage->setUserKey('user1', 'publicKey', 'key')
|
||||
$this->storage->setUserKey('user1', 'publicKey', 'key', 'encModule')
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -177,7 +176,7 @@ class StorageTest extends TestCase {
|
|||
->willReturn(true);
|
||||
|
||||
$this->assertSame('key',
|
||||
$this->storage->getSystemUserKey('shareKey_56884')
|
||||
$this->storage->getSystemUserKey('shareKey_56884', 'encModule')
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -192,7 +191,7 @@ class StorageTest extends TestCase {
|
|||
->willReturn(true);
|
||||
|
||||
$this->assertSame('key',
|
||||
$this->storage->getUserKey('user1', 'publicKey')
|
||||
$this->storage->getUserKey('user1', 'publicKey', 'encModule')
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -207,7 +206,7 @@ class StorageTest extends TestCase {
|
|||
->willReturn(true);
|
||||
|
||||
$this->assertTrue(
|
||||
$this->storage->deleteUserKey('user1', 'publicKey')
|
||||
$this->storage->deleteUserKey('user1', 'publicKey', 'encModule')
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -222,7 +221,7 @@ class StorageTest extends TestCase {
|
|||
->willReturn(true);
|
||||
|
||||
$this->assertTrue(
|
||||
$this->storage->deleteSystemUserKey('shareKey_56884')
|
||||
$this->storage->deleteSystemUserKey('shareKey_56884', 'encModule')
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -246,7 +245,7 @@ class StorageTest extends TestCase {
|
|||
->willReturn(true);
|
||||
|
||||
$this->assertTrue(
|
||||
$this->storage->deleteFileKey('user1/files/foo.txt', 'fileKey')
|
||||
$this->storage->deleteFileKey('user1/files/foo.txt', 'fileKey', 'encModule')
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -270,7 +269,7 @@ class StorageTest extends TestCase {
|
|||
->willReturn(true);
|
||||
|
||||
$this->assertTrue(
|
||||
$this->storage->deleteFileKey('user1/files/foo.txt', 'fileKey')
|
||||
$this->storage->deleteFileKey('user1/files/foo.txt', 'fileKey', 'encModule')
|
||||
);
|
||||
}
|
||||
|
||||
|
|
|
@ -112,7 +112,7 @@ class EncryptionWrapper extends \OC\Files\Storage\Wrapper\Encryption {
|
|||
parent::__construct($parameters, $encryptionManager, $util, $logger, $fileHelper, $uid);
|
||||
}
|
||||
|
||||
protected function getKeyStorage($encryptionModuleId) {
|
||||
protected function getKeyStorage() {
|
||||
return $this->keyStore;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue