Example #1
0
 /**
  * decrypt given file with recovery key and encrypt it again to the owner and his new key
  * @param string $file
  * @param string $privateKey recovery key to decrypt the file
  */
 private function recoverFile($file, $privateKey)
 {
     $sharingEnabled = \OCP\Share::isEnabled();
     // Find out who, if anyone, is sharing the file
     if ($sharingEnabled) {
         $result = \OCP\Share::getUsersSharingFile($file, $this->userId, true);
         $userIds = $result['users'];
         $userIds[] = $this->recoveryKeyId;
         if ($result['public']) {
             $userIds[] = $this->publicShareKeyId;
         }
     } else {
         $userIds = array($this->userId, $this->recoveryKeyId);
     }
     $filteredUids = $this->filterShareReadyUsers($userIds);
     $proxyStatus = \OC_FileProxy::$enabled;
     \OC_FileProxy::$enabled = false;
     //decrypt file key
     $encKeyfile = $this->view->file_get_contents($this->keyfilesPath . $file . ".key");
     $shareKey = $this->view->file_get_contents($this->shareKeysPath . $file . "." . $this->recoveryKeyId . ".shareKey");
     $plainKeyfile = Crypt::multiKeyDecrypt($encKeyfile, $shareKey, $privateKey);
     // encrypt file key again to all users, this time with the new public key for the recovered use
     $userPubKeys = Keymanager::getPublicKeys($this->view, $filteredUids['ready']);
     $multiEncKey = Crypt::multiKeyEncrypt($plainKeyfile, $userPubKeys);
     // write new keys to filesystem TDOO!
     $this->view->file_put_contents($this->keyfilesPath . $file . '.key', $multiEncKey['data']);
     foreach ($multiEncKey['keys'] as $userId => $shareKey) {
         $shareKeyPath = $this->shareKeysPath . $file . '.' . $userId . '.shareKey';
         $this->view->file_put_contents($shareKeyPath, $shareKey);
     }
     // Return proxy to original status
     \OC_FileProxy::$enabled = $proxyStatus;
 }
Example #2
0
 /**
  * @return bool
  */
 public function stream_close()
 {
     $this->flush();
     // if there is no valid private key return false
     if ($this->privateKey === false) {
         // cleanup
         if ($this->meta['mode'] !== 'r' && $this->meta['mode'] !== 'rb' && !$this->isLocalTmpFile) {
             // Disable encryption proxy to prevent recursive calls
             $proxyStatus = \OC_FileProxy::$enabled;
             \OC_FileProxy::$enabled = false;
             if ($this->rootView->file_exists($this->rawPath) && $this->size === 0) {
                 $this->rootView->unlink($this->rawPath);
             }
             // Re-enable proxy - our work is done
             \OC_FileProxy::$enabled = $proxyStatus;
         }
         // if private key is not valid redirect user to a error page
         \OCA\Encryption\Helper::redirectToErrorPage($this->session);
     }
     if ($this->meta['mode'] !== 'r' && $this->meta['mode'] !== 'rb' && $this->isLocalTmpFile === false && $this->size > 0 && $this->unencryptedSize > 0) {
         // only write keyfiles if it was a new file
         if ($this->newFile === true) {
             // Disable encryption proxy to prevent recursive calls
             $proxyStatus = \OC_FileProxy::$enabled;
             \OC_FileProxy::$enabled = false;
             // Fetch user's public key
             $this->publicKey = Keymanager::getPublicKey($this->rootView, $this->keyId);
             // Check if OC sharing api is enabled
             $sharingEnabled = \OCP\Share::isEnabled();
             $util = new Util($this->rootView, $this->userId);
             // Get all users sharing the file includes current user
             $uniqueUserIds = $util->getSharingUsersArray($sharingEnabled, $this->relPath);
             $checkedUserIds = $util->filterShareReadyUsers($uniqueUserIds);
             // Fetch public keys for all sharing users
             $publicKeys = Keymanager::getPublicKeys($this->rootView, $checkedUserIds['ready']);
             // Encrypt enc key for all sharing users
             $this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
             // Save the new encrypted file key
             Keymanager::setFileKey($this->rootView, $util, $this->relPath, $this->encKeyfiles['data']);
             // Save the sharekeys
             Keymanager::setShareKeys($this->rootView, $util, $this->relPath, $this->encKeyfiles['keys']);
             // Re-enable proxy - our work is done
             \OC_FileProxy::$enabled = $proxyStatus;
         }
         // we need to update the file info for the real file, not for the
         // part file.
         $path = Helper::stripPartialFileExtension($this->rawPath);
         $fileInfo = array('encrypted' => true, 'size' => $this->size, 'unencrypted_size' => $this->unencryptedSize);
         // set fileinfo
         $this->rootView->putFileInfo($path, $fileInfo);
     }
     $result = fclose($this->handle);
     if ($result === false) {
         \OCP\Util::writeLog('Encryption library', 'Could not close stream, file could be corrupted', \OCP\Util::FATAL);
     }
     return $result;
 }
Example #3
0
 /**
  * decrypt given file with recovery key and encrypt it again to the owner and his new key
  * @param string $file
  * @param string $privateKey recovery key to decrypt the file
  */
 private function recoverFile($file, $privateKey)
 {
     $sharingEnabled = \OCP\Share::isEnabled();
     // Find out who, if anyone, is sharing the file
     if ($sharingEnabled) {
         $result = \OCP\Share::getUsersSharingFile($file, $this->userId, true);
         $userIds = $result['users'];
         $userIds[] = $this->recoveryKeyId;
         if ($result['public']) {
             $userIds[] = $this->publicShareKeyId;
         }
     } else {
         $userIds = array($this->userId, $this->recoveryKeyId);
     }
     $filteredUids = $this->filterShareReadyUsers($userIds);
     //decrypt file key
     $encKeyfile = Keymanager::getFileKey($this->view, $this, $file);
     $shareKey = Keymanager::getShareKey($this->view, $this->recoveryKeyId, $this, $file);
     $plainKeyfile = Crypt::multiKeyDecrypt($encKeyfile, $shareKey, $privateKey);
     // encrypt file key again to all users, this time with the new public key for the recovered use
     $userPubKeys = Keymanager::getPublicKeys($this->view, $filteredUids['ready']);
     $multiEncKey = Crypt::multiKeyEncrypt($plainKeyfile, $userPubKeys);
     Keymanager::setFileKey($this->view, $this, $file, $multiEncKey['data']);
     Keymanager::setShareKeys($this->view, $this, $file, $multiEncKey['keys']);
 }
Example #4
0
 /**
  * @return bool
  */
 public function stream_close()
 {
     $this->flush();
     // if there is no valid private key return false
     if ($this->privateKey === false) {
         // cleanup
         if ($this->meta['mode'] !== 'r' && $this->meta['mode'] !== 'rb') {
             // Disable encryption proxy to prevent recursive calls
             $proxyStatus = \OC_FileProxy::$enabled;
             \OC_FileProxy::$enabled = false;
             if ($this->rootView->file_exists($this->rawPath) && $this->size === 0) {
                 $this->rootView->unlink($this->rawPath);
             }
             // Re-enable proxy - our work is done
             \OC_FileProxy::$enabled = $proxyStatus;
         }
         // if private key is not valid redirect user to a error page
         \OCA\Encryption\Helper::redirectToErrorPage();
     }
     if ($this->meta['mode'] !== 'r' and $this->meta['mode'] !== 'rb' and $this->size > 0) {
         // Disable encryption proxy to prevent recursive calls
         $proxyStatus = \OC_FileProxy::$enabled;
         \OC_FileProxy::$enabled = false;
         // Fetch user's public key
         $this->publicKey = Keymanager::getPublicKey($this->rootView, $this->userId);
         // Check if OC sharing api is enabled
         $sharingEnabled = \OCP\Share::isEnabled();
         $util = new Util($this->rootView, $this->userId);
         // Get all users sharing the file includes current user
         $uniqueUserIds = $util->getSharingUsersArray($sharingEnabled, $this->relPath, $this->userId);
         // Fetch public keys for all sharing users
         $publicKeys = Keymanager::getPublicKeys($this->rootView, $uniqueUserIds);
         // Encrypt enc key for all sharing users
         $this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
         // Save the new encrypted file key
         Keymanager::setFileKey($this->rootView, $this->relPath, $this->userId, $this->encKeyfiles['data']);
         // Save the sharekeys
         Keymanager::setShareKeys($this->rootView, $this->relPath, $this->encKeyfiles['keys']);
         // get file info
         $fileInfo = $this->rootView->getFileInfo($this->rawPath);
         if (!is_array($fileInfo)) {
             $fileInfo = array();
         }
         // Re-enable proxy - our work is done
         \OC_FileProxy::$enabled = $proxyStatus;
         // set encryption data
         $fileInfo['encrypted'] = true;
         $fileInfo['size'] = $this->size;
         $fileInfo['unencrypted_size'] = $this->unencryptedSize;
         // set fileinfo
         $this->rootView->putFileInfo($this->rawPath, $fileInfo);
     }
     return fclose($this->handle);
 }