Commit Graph

137 Commits

Author SHA1 Message Date
Bjoern Schiessle 9dc759b4dc remember signature version and only set it on update to make sure that other
apps like files_versions still get the old signature version
2016-02-10 13:27:32 +01:00
Bjoern Schiessle 43ed86313c use the version of the original file if we write the part file to have a proper version if we move the file over to the original location 2016-02-10 11:08:03 +01:00
Vincent Petry 45c78476f5 Use cache update instead of put for encryption version
Saves a call to fetch the file id which didn't even work for a reason.

This fix properly sets the version in the database.
2016-02-09 23:43:28 +01:00
Lukas Reschke 6724f76573 Use cache and add tests 2016-02-09 23:43:27 +01:00
Bjoern Schiessle 377d7fb8a8 don't decrease ->version for part files but only a local variable, otherwise it can happen that we decrease it twice and end up with the wrong value 2016-02-09 23:43:27 +01:00
Bjoern Schiessle 966eb4b084 realPath should contain the path to the file we want to read, e.g. the version and not the original file 2016-02-09 23:43:27 +01:00
Lukas Reschke 5ccb9dfa7e Use database for keeping track of the version 2016-02-09 23:43:27 +01:00
Lukas Reschke 3badf5caf5 Use number of chunk for HMAC as well
Prevents switching single blocks within the encrypted file.
2016-02-09 23:43:26 +01:00
Lukas Reschke b5824f024a Keep track of file version
This way it is not possible anymore for an external storage admin to put up old versions of the file.
2016-02-09 23:43:26 +01:00
Lukas Reschke d5c1596887 Clarify documentation 2016-02-09 23:43:26 +01:00
Lukas Reschke 3b62459c41 Use hash with appended "a" of the original password for the authentication 2016-02-09 23:43:26 +01:00
Björn Schießle 9bb97c714b fixing unit tests 2016-02-09 23:43:26 +01:00
Lukas Reschke b9ff16498b Use random_bytes instead OpenSSL 2016-02-09 23:43:26 +01:00
Björn Schießle 61dd191253 meta data are at the end of the file 2016-02-09 23:43:25 +01:00
Björn Schießle e7ff84df5c always use default cipher for write operations, no matter how the file was encrypted before 2016-02-09 23:43:25 +01:00
Björn Schießle cf3a8f274f make it backward compatible to work with signed and un-signed files 2016-02-09 23:43:25 +01:00
Björn Schießle 40a5ba72fc sign all encrypted blocks and check signature on decrypt 2016-02-09 23:43:25 +01:00
Lukas Reschke db8f267647 Add note about the addPadding function 2016-02-09 23:43:25 +01:00
Lukas Reschke 59ebad0b53 Use an actual 16 byte long IV
The previous IV was actually 12 byte extended to 16 byte using base64. As the encrypted file should be fine with containing binary data as well we can simply remove the encoding like that here.
2016-02-09 23:43:24 +01:00
Lukas Reschke d25b8dacb3 Use AES-256-CTR as default
CTR is recommended over CFB mode.
2016-02-09 23:43:24 +01:00
Thomas Müller e0aa6e01ab Merge pull request #21612 from owncloud/fix_21598
fix public link sharing if the master key is enabled
2016-01-13 10:34:48 +01:00
Thomas Müller 682821c71e Happy new year! 2016-01-12 15:02:18 +01:00
Roeland Jago Douma 876fb83ddc getMediumStrengthGenerator is deprecated and does not do anything anymore 2016-01-11 20:06:30 +01:00
Björn Schießle 46f6c289ca only use master key ID if a user is logged in. Otherwise keep the public link share key 2016-01-11 13:09:06 +01:00
Lukas Reschke 0654d37da8 Remove undefined variable 2016-01-07 21:30:44 +01:00
Lukas Reschke 00a01a8de2 Fix PHPDoc + Add handling for error cases
Makes static code analyzers happier.
2016-01-07 21:30:44 +01:00
Lukas Reschke f3360d51c6 Use PHP polyfills 2015-12-11 08:47:36 +01:00
Thomas Müller eebe2b9c23 User IUser::getEMailAddress() all over the place 2015-12-02 21:25:05 +01:00
Scrutinizer Auto-Fixer be4c3a8b56 Scrutinizer Auto-Fixes
This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com
2015-11-27 15:32:44 +00:00
Robin Appelman b025f07fb7 Make Cache\Updater per storage 2015-11-25 14:16:00 +01:00
Phil Davis 46261b5ff1 Correct the description of function setEncryptHomeStorage 2015-11-03 22:47:55 +05:45
Bjoern Schiessle 5fad45b230 make encryption configurable for home storage 2015-10-27 14:24:20 +01:00
Lukas Reschke 8f09d5b67c Update license headers 2015-10-26 14:04:01 +01:00
Joas Schilling e0a56317fa Fix "Call to a member function getUID() on boolean" in Crypt 2015-10-22 11:46:37 +02:00
Morris Jobke b945d71384 update licence headers via script 2015-10-05 21:15:52 +02:00
Bjoern Schiessle bf82015254 add some output to explain the pre-conditions for decrypt-all 2015-10-05 12:41:05 +02:00
Bjoern Schiessle 90f1e3dc94 no need to list users if all users already had a key-pair 2015-09-24 12:47:46 +02:00
Bjoern Schiessle daf5d1ff2e fix small typo 2015-09-21 16:48:15 +02:00
Bjoern Schiessle 9bd4f2d41e occ script to disable encryption and to decrypt all files again 2015-09-15 22:39:44 +02:00
Lukas Reschke 7953cc9494 Function does return void
This function does return void and not a bool.
2015-09-15 14:02:10 +02:00
Bjoern Schiessle acfc7d7c4d enable usage of a master key 2015-09-07 16:08:41 +02:00
Bjoern Schiessle 166e57cf61 return false if private key is not valid 2015-08-30 15:31:19 +02:00
Björn Schießle 6e210d960c Merge pull request #18423 from owncloud/occ_encrypt_all
occ command line tool to encrypt all files
2015-08-28 20:44:55 +02:00
Bjoern Schiessle 8c08dd0ac2 occ tool to encrypt all files 2015-08-26 14:58:22 +02:00
Lukas Reschke cca35f0c3e Merge pull request #18121 from owncloud/enc_improve_privkey_encryption
use password hash to encrypt private key
2015-08-24 12:03:27 +02:00
Joas Schilling e6eb74958f Remove unnecessary DB prefixes from existing query builder usages 2015-08-10 16:21:41 +02:00
Bjoern Schiessle 854fd63ea9 use uid as additional information for salt 2015-08-07 15:51:43 +02:00
Bjoern Schiessle 62bc0e5264 use password hash instead of the plain password to encrypt the private key 2015-08-07 15:21:08 +02:00
Bjoern Schiessle 2f4bebb045 only update database on the first run (first run = we have a version number from the old encryption app) 2015-07-31 10:47:02 +02:00
Joas Schilling f77e5f411d Fix existing usages by removing the quotes 2015-07-21 15:25:47 +02:00