mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
28,626 Commits 349 Branches 696 Tags 1.6 GiB
JavaScript 49%
PHP 47.6%
Gherkin 1.2%
Vue 1.2%
CSS 0.6%
Other 0.4%
Go to file
Lukas Reschke 4971015544 Add code integrity check 
This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository.

Furthermore, there is a basic implementation to display problems with the code integrity on the update screen.

Code signing basically happens the following way:

- There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release 😉). This certificate is not intended to be used for signing directly and only is used to sign new certificates.
- Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`,  apps need to be signed with a certificate that either has a CN of `core` (shipped apps!)  or the AppID.
- The command generates a signature.json file of the following format:
```json
{
    "hashes": {
        "/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d",
        "/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9"
    },
    "certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----",
    "signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl"
}
```
`hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the  certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`.

Steps to do in other PRs, this is already a quite huge one:
- Add nag screen in case the code check fails to ensure that administrators are aware of this.
- Add code verification also to OCC upgrade and unify display code more.
- Add enforced code verification to apps shipped from the appstore with a level of "official"
- Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release
- Add some developer documentation on how devs can request their own certificate
- Check when installing ownCloud
- Add support for CRLs to allow revoking certificates

**Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature:

```
➜  master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt
Successfully signed "core"
```

Then increase the version and you should see something like the following:

![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png)

As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen.

For packaging stable releases this requires the following additional steps as a last action before zipping:
1. Run `./occ integrity:sign-core` once
2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
 		2015-12-01 11:55:20 +01:00
.idea Add newline that was removed by 15be763d46 2014-12-10 09:38:32 +01:00
3rdparty@aaf116c4cb [3rdparty] Bump php-parser 2015-12-01 09:22:55 +01:00
apps Merge pull request #20825 from owncloud/scrutinizer-patch-1 2015-12-01 09:26:22 +01:00
build tail the server log and exit with the exit code of behat 2015-12-01 10:16:46 +01:00
config Add support for Redis password auth 2015-10-30 20:19:23 +01:00
core Add code integrity check 2015-12-01 11:55:20 +01:00
l10n Merge pull request #19398 from owncloud/fix-tranifex 2015-09-28 10:49:06 +02:00
lib Add code integrity check 2015-12-01 11:55:20 +01:00
ocs Use XMLWriter to generate response 2015-11-30 15:40:10 +01:00
ocs-provider Reference v2 in the provider list 2015-10-13 16:45:16 +02:00
resources Add code integrity check 2015-12-01 11:55:20 +01:00
settings Add code integrity check 2015-12-01 11:55:20 +01:00
tests Add code integrity check 2015-12-01 11:55:20 +01:00
themes update example theme favicon 2015-11-03 14:24:20 +01:00
.bowerrc ability to add bower resources 2014-11-03 20:54:40 +01:00
.gitignore added app "federation", allows you to connect ownClouds and exchange user lists 2015-11-19 18:06:38 +01:00
.gitmodules use https as submodule url 2014-03-21 19:38:22 +01:00
.htaccess Update .well-known redirects to the new dav endpoint 2015-11-18 17:41:03 +01:00
.jshintrc enable laxbreak option in jshintrc to comply with our coding guide lines 2014-11-04 12:51:54 +01:00
.mailmap Update .mailmap 2015-10-26 14:01:11 +01:00
.scrutinizer.yml Revert "Specify PHP 5.4 as version for scrutinizer" 2015-10-29 14:30:14 +01:00
.tag Add .tag file to make tar balls tracable 2014-06-14 17:40:32 +02:00
.travis.yml Use sqlite 2015-11-25 21:14:15 +01:00
.user.ini Also set output_buffering in .user.ini to 0 2015-09-29 17:49:37 +02:00
AUTHORS Update AUTHOR file 2015-10-26 14:04:02 +01:00
CONTRIBUTING.md Fix repo links in CONTRIBUTING.md 2015-10-30 09:50:19 +01:00
COPYING-AGPL Really add AGPL file 2011-02-09 15:12:09 +00:00
COPYING-README correct icon license, we use Elementary icons, not Silk anymore 2014-07-15 11:35:49 +02:00
README.md Update README.md 2015-11-30 14:32:37 +01:00
autotest-external.sh Don't attempt to run tests unless start file is successful 2015-10-20 14:45:16 +02:00
autotest-hhvm.sh Combine autotest-hhvm.sh with autotest.sh 2015-05-04 16:37:23 +02:00
autotest-js.sh Use a universal shebang 2015-09-27 13:03:31 +02:00
autotest.cmd Restore the development config after running the tests 2014-12-02 12:41:33 +01:00
autotest.sh Don't execute phpunit twice 2015-11-30 10:55:13 +01:00
bower.json update bootstrap from 3.3.5 to 3.3.6 2015-11-30 14:12:57 +01:00
buildjsdocs.sh Added OC.Files.Client Webdav-based files client 2015-11-22 16:05:49 +01:00
console.php update licence headers via script 2015-10-05 21:15:52 +02:00
cron.php Add debug log statement for IJobList steps in cron.php 2015-11-06 11:08:30 +01:00
db_structure.xml Merge pull request #20650 from owncloud/systemtags-core 2015-11-30 15:38:43 +01:00
index.html Try to prefer index.php over index.html in the same directory 2013-04-24 15:11:53 +02:00
index.php update licence headers via script 2015-10-05 21:15:52 +02:00
issue_template.md Add example command to the issue_template.md 2015-07-07 11:18:25 +02:00
occ Use a more universal shebang 2014-11-19 17:34:03 +01:00
public.php update licence headers via script 2015-10-05 21:15:52 +02:00
remote.php Consolidate webdav code - move all to one app 2015-10-16 13:17:12 +02:00
robots.txt Add robot.txt 2013-01-28 16:39:53 -06:00
status.php update licence headers via script 2015-10-05 21:15:52 +02:00
version.php Allow DI the system tag stuff without Application class 2015-11-30 17:08:29 +01:00

README.md

ownCloud Core

Build Status Scrutinizer Code Quality CodeClimate Coverity Dependency Status Dependency Status

ownCloud gives you freedom and control over your own data. A personal cloud which runs on your own server.

Why is this so awesome?

  • 📁 Acess your Data You can store your files, contacts, calendars and more on a server of your choosing.
  • 📦 Sync your Data You keep your files, contacts, calendars and more synchronized amongst your devices.
  • 🔄 Share your Data You share your data with others, and give them access to your latest photo galleries, your calendar or anything else you want them to see.
  • 🚀 Expandable with dozens of Apps ...like Calendar, Contacts, Mail or News.
  • ☁️ All Benefits of the Cloud ...on your own Server.
  • 🔒 Encryption You can encrypt data in transit with secure https connections. You can enable the encryption app to encrypt data on storage for improved security and privacy.
  • ...

Installation instructions

https://doc.owncloud.org/server/9.0/developer_manual/app/index.html

Contribution Guidelines

https://owncloud.org/contribute/

Get in touch

Important notice on translations

Please submit translations via Transifex: https://www.transifex.com/projects/p/owncloud/

Transifex

For more detailed information about translations: http://doc.owncloud.org/server/9.0/developer_manual/core/translation.html