/**
* start receiving chunks from a file. This is the place where you can
* perform some initial step before starting encrypting/decrypting the
* chunks
*
* @param string $path to the file
* @param string $user who read/write the file
* @param string $mode php stream open mode
* @param array $header contains the header data read from the file
* @param array $accessList who has access to the file contains the key 'users' and 'public'
*
* @return array $header contain data as key-value pairs which should be
* written to the header, in case of a write operation
* or if no additional data is needed return a empty array
*/
public function begin($path, $user, $mode, array $header, array $accessList)
{
$this->path = $this->getPathToRealFile($path);
$this->accessList = $accessList;
$this->user = $user;
$this->isWriteOperation = false;
$this->writeCache = '';
if ($this->session->decryptAllModeActivated()) {
$encryptedFileKey = $this->keyManager->getEncryptedFileKey($this->path);
$shareKey = $this->keyManager->getShareKey($this->path, $this->session->getDecryptAllUid());
$this->fileKey = $this->crypt->multiKeyDecrypt($encryptedFileKey, $shareKey, $this->session->getDecryptAllKey());
} else {
$this->fileKey = $this->keyManager->getFileKey($this->path, $this->user);
}
if ($mode === 'w' || $mode === 'w+' || $mode === 'wb' || $mode === 'wb+') {
$this->isWriteOperation = true;
if (empty($this->fileKey)) {
$this->fileKey = $this->crypt->generateFileKey();
}
}
if (isset($header['cipher'])) {
$this->cipher = $header['cipher'];
} elseif ($this->isWriteOperation) {
$this->cipher = $this->crypt->getCipher();
} else {
// if we read a file without a header we fall-back to the legacy cipher
// which was used in <=oC6
$this->cipher = $this->crypt->getLegacyCipher();
}
return array('cipher' => $this->cipher);
}
/**
* @param $path
* @param $uid
* @return string
*/
public function getFileKey($path, $uid)
{
$encryptedFileKey = $this->keyStorage->getFileKey($path, $this->fileKeyId, Encryption::ID);
if (is_null($uid)) {
$uid = $this->getPublicShareKeyId();
$shareKey = $this->getShareKey($path, $uid);
$privateKey = $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.privateKey', Encryption::ID);
$privateKey = $this->crypt->decryptPrivateKey($privateKey);
} else {
$shareKey = $this->getShareKey($path, $uid);
$privateKey = $this->session->getPrivateKey();
}
if ($encryptedFileKey && $shareKey && $privateKey) {
return $this->crypt->multiKeyDecrypt($encryptedFileKey, $shareKey, $privateKey);
}
return '';
}
/**
* recover file
*
* @param string $path
* @param string $privateKey
* @param string $uid
*/
private function recoverFile($path, $privateKey, $uid)
{
$encryptedFileKey = $this->keyManager->getEncryptedFileKey($path);
$shareKey = $this->keyManager->getShareKey($path, $this->keyManager->getRecoveryKeyId());
if ($encryptedFileKey && $shareKey && $privateKey) {
$fileKey = $this->crypt->multiKeyDecrypt($encryptedFileKey, $shareKey, $privateKey);
}
if (!empty($fileKey)) {
$accessList = $this->file->getAccessList($path);
$publicKeys = array();
foreach ($accessList['users'] as $user) {
$publicKeys[$user] = $this->keyManager->getPublicKey($user);
}
$publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys, $uid);
$encryptedKeyfiles = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys);
$this->keyManager->setAllFileKeys($path, $encryptedKeyfiles);
}
}
/**
* start receiving chunks from a file. This is the place where you can
* perform some initial step before starting encrypting/decrypting the
* chunks
*
* @param string $path to the file
* @param string $user who read/write the file
* @param string $mode php stream open mode
* @param array $header contains the header data read from the file
* @param array $accessList who has access to the file contains the key 'users' and 'public'
*
* @return array $header contain data as key-value pairs which should be
* written to the header, in case of a write operation
* or if no additional data is needed return a empty array
*/
public function begin($path, $user, $mode, array $header, array $accessList)
{
$this->path = $this->getPathToRealFile($path);
$this->accessList = $accessList;
$this->user = $user;
$this->isWriteOperation = false;
$this->writeCache = '';
if ($this->session->decryptAllModeActivated()) {
$encryptedFileKey = $this->keyManager->getEncryptedFileKey($this->path);
$shareKey = $this->keyManager->getShareKey($this->path, $this->session->getDecryptAllUid());
$this->fileKey = $this->crypt->multiKeyDecrypt($encryptedFileKey, $shareKey, $this->session->getDecryptAllKey());
} else {
$this->fileKey = $this->keyManager->getFileKey($this->path, $this->user);
}
// always use the version from the original file, also part files
// need to have a correct version number if they get moved over to the
// final location
$this->version = (int) $this->keyManager->getVersion($this->stripPartFileExtension($path), new View());
if ($mode === 'w' || $mode === 'w+' || $mode === 'wb' || $mode === 'wb+') {
$this->isWriteOperation = true;
if (empty($this->fileKey)) {
$this->fileKey = $this->crypt->generateFileKey();
}
} else {
// if we read a part file we need to increase the version by 1
// because the version number was also increased by writing
// the part file
if (Scanner::isPartialFile($path)) {
$this->version = $this->version + 1;
}
}
if ($this->isWriteOperation) {
$this->cipher = $this->crypt->getCipher();
} elseif (isset($header['cipher'])) {
$this->cipher = $header['cipher'];
} else {
// if we read a file without a header we fall-back to the legacy cipher
// which was used in <=oC6
$this->cipher = $this->crypt->getLegacyCipher();
}
return array('cipher' => $this->cipher, 'signed' => 'true');
}
