e7e0dc608b
fix strings
2016-06-20 13:13:37 +02:00
aba539703c
Update license headers
2016-05-26 19:57:24 +02:00
0f728b4cd1
don't fail on "bad signature" during login. Most likely this happens because
...
the login password changed at the user back-end (e.g ldap). Such failures will
be handled after login correctly by allowing the user to adjust the passwords
2016-05-25 11:39:44 +02:00
4a3311f430
Move Encryption app to PSR-4 ( #24524 )
...
* Move Encryption to PSR-4
* Move encryption tests to PSR-4
* Fix the tests
2016-05-12 09:42:19 +02:00
d86f8ba5f8
if we don't have a encrypted file key we can return a empty string right away
2016-04-26 11:06:55 +02:00
088ffd05d7
don't create a private-/public-key pair for each user if the master key is enabled
2016-04-26 11:06:55 +02:00
b50d3255fb
Merge pull request #22791 from owncloud/enc_master_key_improvements
...
Enc master key improvements
2016-04-21 11:48:26 +02:00
50e20e531e
Introduce isReadyForUser and verify in file transfer ownership - fixes #23786
2016-04-15 15:07:40 +02:00
89223379ad
replaceUserKeys() actually deletes the users keys -> update method name and doc-block
2016-03-18 11:06:14 +01:00
5e267589d4
only create and update user specific key if no master key is enabled
2016-03-18 11:06:14 +01:00
f3f08cf910
Merge pull request #23192 from owncloud/make-ancient-users-happy-with-totally-untested-stuff
...
Fallback for crappy ancient distributions
2016-03-16 21:56:36 +01:00
9de4a8338e
allow group shares, even if not all public keys are available
2016-03-15 11:33:19 +01:00
3a5f58c9b0
Fallback for crappy ancient distributions
...
Fixes https://github.com/owncloud/core/issues/23181
2016-03-12 23:11:31 +01:00
c353d51810
Remove Scrutinizer Auto Fixer
2016-03-01 17:48:23 +01:00
933f60e314
Update author information
...
Probably nice for the people that contributed to 9.0 to see themselves in the AUTHORS file :)
2016-03-01 17:25:15 +01:00
95ea2ccb53
make decrypt all work with the master key
2016-02-29 14:54:32 +01:00
9dc759b4dc
remember signature version and only set it on update to make sure that other
...
apps like files_versions still get the old signature version
2016-02-10 13:27:32 +01:00
43ed86313c
use the version of the original file if we write the part file to have a proper version if we move the file over to the original location
2016-02-10 11:08:03 +01:00
45c78476f5
Use cache update instead of put for encryption version
...
Saves a call to fetch the file id which didn't even work for a reason.
This fix properly sets the version in the database.
2016-02-09 23:43:28 +01:00
6724f76573
Use cache and add tests
2016-02-09 23:43:27 +01:00
377d7fb8a8
don't decrease ->version for part files but only a local variable, otherwise it can happen that we decrease it twice and end up with the wrong value
2016-02-09 23:43:27 +01:00
966eb4b084
realPath should contain the path to the file we want to read, e.g. the version and not the original file
2016-02-09 23:43:27 +01:00
5ccb9dfa7e
Use database for keeping track of the version
2016-02-09 23:43:27 +01:00
3badf5caf5
Use number of chunk for HMAC as well
...
Prevents switching single blocks within the encrypted file.
2016-02-09 23:43:26 +01:00
b5824f024a
Keep track of file version
...
This way it is not possible anymore for an external storage admin to put up old versions of the file.
2016-02-09 23:43:26 +01:00
d5c1596887
Clarify documentation
2016-02-09 23:43:26 +01:00
3b62459c41
Use hash with appended "a" of the original password for the authentication
2016-02-09 23:43:26 +01:00
9bb97c714b
fixing unit tests
2016-02-09 23:43:26 +01:00
b9ff16498b
Use random_bytes instead OpenSSL
2016-02-09 23:43:26 +01:00
61dd191253
meta data are at the end of the file
2016-02-09 23:43:25 +01:00
e7ff84df5c
always use default cipher for write operations, no matter how the file was encrypted before
2016-02-09 23:43:25 +01:00
cf3a8f274f
make it backward compatible to work with signed and un-signed files
2016-02-09 23:43:25 +01:00
40a5ba72fc
sign all encrypted blocks and check signature on decrypt
2016-02-09 23:43:25 +01:00
db8f267647
Add note about the addPadding function
2016-02-09 23:43:25 +01:00
59ebad0b53
Use an actual 16 byte long IV
...
The previous IV was actually 12 byte extended to 16 byte using base64. As the encrypted file should be fine with containing binary data as well we can simply remove the encoding like that here.
2016-02-09 23:43:24 +01:00
d25b8dacb3
Use AES-256-CTR as default
...
CTR is recommended over CFB mode.
2016-02-09 23:43:24 +01:00
e0aa6e01ab
Merge pull request #21612 from owncloud/fix_21598
...
fix public link sharing if the master key is enabled
2016-01-13 10:34:48 +01:00
682821c71e
Happy new year!
2016-01-12 15:02:18 +01:00
876fb83ddc
getMediumStrengthGenerator is deprecated and does not do anything anymore
2016-01-11 20:06:30 +01:00
46f6c289ca
only use master key ID if a user is logged in. Otherwise keep the public link share key
2016-01-11 13:09:06 +01:00
0654d37da8
Remove undefined variable
2016-01-07 21:30:44 +01:00
00a01a8de2
Fix PHPDoc + Add handling for error cases
...
Makes static code analyzers happier.
2016-01-07 21:30:44 +01:00
f3360d51c6
Use PHP polyfills
2015-12-11 08:47:36 +01:00
eebe2b9c23
User IUser::getEMailAddress() all over the place
2015-12-02 21:25:05 +01:00
be4c3a8b56
Scrutinizer Auto-Fixes
...
This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com
2015-11-27 15:32:44 +00:00
b025f07fb7
Make Cache\Updater per storage
2015-11-25 14:16:00 +01:00
46261b5ff1
Correct the description of function setEncryptHomeStorage
2015-11-03 22:47:55 +05:45
5fad45b230
make encryption configurable for home storage
2015-10-27 14:24:20 +01:00
8f09d5b67c
Update license headers
2015-10-26 14:04:01 +01:00
e0a56317fa
Fix "Call to a member function getUID() on boolean" in Crypt
2015-10-22 11:46:37 +02:00
Morris Jobke
Lukas Reschke
Björn Schießle
Joas Schilling
Vincent Petry
Thomas Müller
Björn Schießle
Roeland Jago Douma
Scrutinizer Auto-Fixer
Robin Appelman
Phil Davis
Joas Schilling