public function stream_open($path, $mode, $options, &$opened_path)
{
if (!self::$rootView) {
self::$rootView = new OC_FilesystemView('');
}
$path = str_replace('crypt://', '', $path);
if (dirname($path) == 'streams' and isset(self::$sourceStreams[basename($path)])) {
$this->source = self::$sourceStreams[basename($path)]['stream'];
$this->path = self::$sourceStreams[basename($path)]['path'];
$this->size = self::$sourceStreams[basename($path)]['size'];
} else {
$this->path = $path;
if ($mode == 'w' or $mode == 'w+' or $mode == 'wb' or $mode == 'wb+') {
$this->size = 0;
} else {
$this->size = self::$rootView->filesize($path, $mode);
}
OC_FileProxy::$enabled = false;
//disable fileproxies so we can open the source file
$this->source = self::$rootView->fopen($path, $mode);
OC_FileProxy::$enabled = true;
if (!is_resource($this->source)) {
OCP\Util::writeLog('files_encryption', 'failed to open ' . $path, OCP\Util::ERROR);
}
}
if (is_resource($this->source)) {
$this->meta = stream_get_meta_data($this->source);
}
return is_resource($this->source);
}
/**
* if session is started, check if ownCloud key pair is set up, if not create it
* @param \OC\Files\View $view
*
* @note The ownCloud key pair is used to allow public link sharing even if encryption is enabled
*/
public function __construct($view)
{
$this->view = $view;
if (!$this->view->is_dir('files_encryption')) {
$this->view->mkdir('files_encryption');
}
$appConfig = \OC::$server->getAppConfig();
$publicShareKeyId = Helper::getPublicShareKeyId();
if ($publicShareKeyId === false) {
$publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8);
$appConfig->setValue('files_encryption', 'publicShareKeyId', $publicShareKeyId);
}
if (!Keymanager::publicShareKeyExists($view)) {
$keypair = Crypt::createKeypair();
// Save public key
Keymanager::setPublicKey($keypair['publicKey'], $publicShareKeyId);
// Encrypt private key empty passphrase
$cipher = Helper::getCipher();
$encryptedKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], '', $cipher);
if ($encryptedKey) {
Keymanager::setPrivateSystemKey($encryptedKey, $publicShareKeyId);
} else {
\OCP\Util::writeLog('files_encryption', 'Could not create public share keys', \OCP\Util::ERROR);
}
}
if (Helper::isPublicAccess() && !self::getPublicSharePrivateKey()) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$encryptedKey = Keymanager::getPrivateSystemKey($publicShareKeyId);
$privateKey = Crypt::decryptPrivateKey($encryptedKey, '');
self::setPublicSharePrivateKey($privateKey);
\OC_FileProxy::$enabled = $proxyStatus;
}
}
protected function getDocumentHash($view, $path)
{
$this->validate($view, $path);
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$hash = sha1($view->file_get_contents($path));
\OC_FileProxy::$enabled = $proxyStatus;
return $hash;
}
public function testSimple()
{
$file = OC::$SERVERROOT . '/3rdparty/MDB2.php';
$original = file_get_contents($file);
OC_Filesystem::file_put_contents('/file', $original);
OC_FileProxy::$enabled = false;
$stored = OC_Filesystem::file_get_contents('/file');
OC_FileProxy::$enabled = true;
$fromFile = OC_Filesystem::file_get_contents('/file');
$this->assertNotEqual($original, $stored);
$this->assertEqual($original, $fromFile);
}
public static function createkey($username, $passcode)
{
// generate a random key
$key = mt_rand(10000, 99999) . mt_rand(10000, 99999) . mt_rand(10000, 99999) . mt_rand(10000, 99999);
// encrypt the key with the passcode of the user
$enckey = OC_Crypt::encrypt($key, $passcode);
// Write the file
$proxyEnabled = OC_FileProxy::$enabled;
OC_FileProxy::$enabled = false;
$view = new OC_FilesystemView('/' . $username);
$view->file_put_contents('/encryption.key', $enckey);
OC_FileProxy::$enabled = $proxyEnabled;
}
/**
* write key to disk
*
*
* @param string $path path to key directory
* @param string $name key name
* @param string $key key
* @param \OC\Files\View $view
* @return bool
*/
private static function setKey($path, $name, $key, $view)
{
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
self::keySetPreparation($view, $path);
$pathToKey = \OC\Files\Filesystem::normalizePath($path . '/' . $name);
$result = $view->file_put_contents($pathToKey, $key);
\OC_FileProxy::$enabled = $proxyStatus;
if (is_int($result) && $result > 0) {
self::$key_cache[$pathToKey] = $key;
return true;
}
return false;
}
public function set($key, $value, $ttl = 0)
{
$storage = $this->getStorage();
$result = false;
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
if ($storage and $storage->file_put_contents($key, $value)) {
if ($ttl === 0) {
$ttl = 86400;
// 60*60*24
}
$result = $storage->touch($key, time() + $ttl);
}
\OC_FileProxy::$enabled = $proxyStatus;
return $result;
}
/**
* if session is started, check if ownCloud key pair is set up, if not create it
* @param \OC\Files\View $view
*
* @note The ownCloud key pair is used to allow public link sharing even if encryption is enabled
*/
public function __construct($view)
{
$this->view = $view;
if (!$this->view->is_dir('owncloud_private_key')) {
$this->view->mkdir('owncloud_private_key');
}
$appConfig = \OC::$server->getAppConfig();
$publicShareKeyId = $appConfig->getValue('files_encryption', 'publicShareKeyId');
if ($publicShareKeyId === null) {
$publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8);
$appConfig->setValue('files_encryption', 'publicShareKeyId', $publicShareKeyId);
}
if (!$this->view->file_exists("/public-keys/" . $publicShareKeyId . ".public.key") || !$this->view->file_exists("/owncloud_private_key/" . $publicShareKeyId . ".private.key")) {
$keypair = Crypt::createKeypair();
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Save public key
if (!$view->is_dir('/public-keys')) {
$view->mkdir('/public-keys');
}
$this->view->file_put_contents('/public-keys/' . $publicShareKeyId . '.public.key', $keypair['publicKey']);
// Encrypt private key empty passphrase
$cipher = \OCA\Encryption\Helper::getCipher();
$encryptedKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($keypair['privateKey'], '', $cipher);
if ($encryptedKey) {
Keymanager::setPrivateSystemKey($encryptedKey, $publicShareKeyId . '.private.key');
} else {
\OCP\Util::writeLog('files_encryption', 'Could not create public share keys', \OCP\Util::ERROR);
}
\OC_FileProxy::$enabled = $proxyStatus;
}
if (\OCA\Encryption\Helper::isPublicAccess()) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$encryptedKey = $this->view->file_get_contents('/owncloud_private_key/' . $publicShareKeyId . '.private.key');
$privateKey = Crypt::decryptPrivateKey($encryptedKey, '');
$this->setPublicSharePrivateKey($privateKey);
$this->setInitialized(\OCA\Encryption\Session::INIT_SUCCESSFUL);
\OC_FileProxy::$enabled = $proxyStatus;
}
}
public function stream_open($path, $mode, $options, &$opened_path)
{
$path = str_replace('crypt://', '', $path);
if (dirname($path) == 'streams' and isset(self::$sourceStreams[basename($path)])) {
$this->source = self::$sourceStreams[basename($path)]['stream'];
$this->path = self::$sourceStreams[basename($path)]['path'];
} else {
$this->path = $path;
OCP\Util::writeLog('files_encryption', 'open encrypted ' . $path . ' in ' . $mode, OCP\Util::DEBUG);
OC_FileProxy::$enabled = false;
//disable fileproxies so we can open the source file
$this->source = OC_FileSystem::fopen($path, $mode);
OC_FileProxy::$enabled = true;
if (!is_resource($this->source)) {
OCP\Util::writeLog('files_encryption', 'failed to open ' . $path, OCP\Util::ERROR);
}
}
if (is_resource($this->source)) {
$this->meta = stream_get_meta_data($this->source);
}
return is_resource($this->source);
}
/**
* @brief if session is started, check if ownCloud key pair is set up, if not create it
* @param \OC_FilesystemView $view
*
* @note The ownCloud key pair is used to allow public link sharing even if encryption is enabled
*/
public function __construct($view)
{
$this->view = $view;
if (!$this->view->is_dir('owncloud_private_key')) {
$this->view->mkdir('owncloud_private_key');
}
$publicShareKeyId = \OC_Appconfig::getValue('files_encryption', 'publicShareKeyId');
if ($publicShareKeyId === null) {
$publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8);
\OC_Appconfig::setValue('files_encryption', 'publicShareKeyId', $publicShareKeyId);
}
if (!$this->view->file_exists("/public-keys/" . $publicShareKeyId . ".public.key") || !$this->view->file_exists("/owncloud_private_key/" . $publicShareKeyId . ".private.key")) {
$keypair = Crypt::createKeypair();
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Save public key
if (!$view->is_dir('/public-keys')) {
$view->mkdir('/public-keys');
}
$this->view->file_put_contents('/public-keys/' . $publicShareKeyId . '.public.key', $keypair['publicKey']);
// Encrypt private key empty passphrase
$encryptedPrivateKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], '');
// Save private key
$this->view->file_put_contents('/owncloud_private_key/' . $publicShareKeyId . '.private.key', $encryptedPrivateKey);
\OC_FileProxy::$enabled = $proxyStatus;
}
if (\OCA\Encryption\Helper::isPublicAccess()) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$encryptedKey = $this->view->file_get_contents('/owncloud_private_key/' . $publicShareKeyId . '.private.key');
$privateKey = Crypt::decryptPrivateKey($encryptedKey, '');
$this->setPublicSharePrivateKey($privateKey);
\OC_FileProxy::$enabled = $proxyStatus;
}
}
/**
* @medium
* Test that data that is written by the crypto stream wrapper with AES 128
* @note Encrypted data is manually prepared and decrypted here to avoid dependency on success of stream_read
* @note If this test fails with truncate content, check that enough array slices are being rejoined to form $e, as the crypt.php file may have gotten longer and broken the manual
* reassembly of its data
*/
public function testStreamDecryptLongFileContentWithoutHeader()
{
// Generate a a random filename
$filename = 'tmp-' . $this->getUniqueID() . '.test';
\OCP\Config::setSystemValue('cipher', 'AES-128-CFB');
// Save long data as encrypted file using stream wrapper
$cryptedFile = file_put_contents('crypt:///' . $this->userId . '/files/' . $filename, $this->dataLong . $this->dataLong);
\OCP\Config::deleteSystemValue('cipher');
// Test that data was successfully written
$this->assertTrue(is_int($cryptedFile));
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Get file contents without using any wrapper to get it's actual contents on disk
$retreivedCryptedFile = $this->view->file_get_contents($this->userId . '/files/' . $filename);
// Check that the file was encrypted before being written to disk
$this->assertNotEquals($this->dataLong . $this->dataLong, $retreivedCryptedFile);
// remove the header to check if we can also decrypt old files without a header,
// this files should fall back to AES-128
$cryptedWithoutHeader = substr($retreivedCryptedFile, Encryption\Crypt::BLOCKSIZE);
$this->view->file_put_contents($this->userId . '/files/' . $filename, $cryptedWithoutHeader);
// Re-enable proxy - our work is done
\OC_FileProxy::$enabled = $proxyStatus;
$decrypted = file_get_contents('crypt:///' . $this->userId . '/files/' . $filename);
$this->assertEquals($this->dataLong . $this->dataLong, $decrypted);
// Teardown
$this->view->unlink($this->userId . '/files/' . $filename);
Encryption\Keymanager::deleteFileKey($this->view, $filename);
}
/**
* @medium
*/
function testSetFileKey()
{
$key = $this->randomKey;
$file = 'unittest-' . $this->getUniqueID() . '.txt';
$util = new Encryption\Util($this->view, $this->userId);
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$this->view->file_put_contents($this->userId . '/files/' . $file, $this->dataShort);
Encryption\Keymanager::setFileKey($this->view, $util, $file, $key);
$this->assertTrue($this->view->file_exists('/' . $this->userId . '/files_encryption/keyfiles/' . $file . '.key'));
// cleanup
$this->view->unlink('/' . $this->userId . '/files/' . $file);
// change encryption proxy to previous state
\OC_FileProxy::$enabled = $proxyStatus;
}
/**
* restore encryption keys from trash bin
*
* @param \OC\Files\View $view
* @param string $file complete path to file
* @param string $filename name of file
* @param string $uniqueFilename new file name to restore the file without overwriting existing files
* @param string $location location of file
* @param int $timestamp deleteion time
*
*/
private static function restoreEncryptionKeys($view, $file, $filename, $uniqueFilename, $location, $timestamp)
{
// Take care of encryption keys TODO! Get '.key' in file between file name and delete date (also for permanent delete!)
if (\OCP\App::isEnabled('files_encryption')) {
$user = \OCP\User::getUser();
$rootView = new \OC\Files\View('/');
$target = \OC\Files\Filesystem::normalizePath('/' . $location . '/' . $uniqueFilename);
list($owner, $ownerPath) = self::getUidAndFilename($target);
$util = new \OCA\Encryption\Util(new \OC\Files\View('/'), $user);
if ($util->isSystemWideMountPoint($ownerPath)) {
$baseDir = '/files_encryption/';
} else {
$baseDir = $owner . '/files_encryption/';
}
$path_parts = pathinfo($file);
$source_location = $path_parts['dirname'];
if ($view->is_dir('/files_trashbin/keyfiles/' . $file)) {
if ($source_location != '.') {
$keyfile = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/keyfiles/' . $source_location . '/' . $filename);
$sharekey = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/share-keys/' . $source_location . '/' . $filename);
} else {
$keyfile = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/keyfiles/' . $filename);
$sharekey = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/share-keys/' . $filename);
}
} else {
$keyfile = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/keyfiles/' . $source_location . '/' . $filename . '.key');
}
if ($timestamp) {
$keyfile .= '.d' . $timestamp;
}
// disable proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
if ($rootView->file_exists($keyfile)) {
// handle directory
if ($rootView->is_dir($keyfile)) {
// handle keyfiles
$rootView->rename($keyfile, $baseDir . '/keyfiles/' . $ownerPath);
// handle share-keys
if ($timestamp) {
$sharekey .= '.d' . $timestamp;
}
$rootView->rename($sharekey, $baseDir . '/share-keys/' . $ownerPath);
} else {
// handle keyfiles
$rootView->rename($keyfile, $baseDir . '/keyfiles/' . $ownerPath . '.key');
// handle share-keys
$ownerShareKey = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/share-keys/' . $source_location . '/' . $filename . '.' . $user . '.shareKey');
if ($timestamp) {
$ownerShareKey .= '.d' . $timestamp;
}
// move only owners key
$rootView->rename($ownerShareKey, $baseDir . '/share-keys/' . $ownerPath . '.' . $user . '.shareKey');
// try to re-share if file is shared
$filesystemView = new \OC\Files\View('/');
$session = new \OCA\Encryption\Session($filesystemView);
$util = new \OCA\Encryption\Util($filesystemView, $user);
// fix the file size
$absolutePath = \OC\Files\Filesystem::normalizePath('/' . $owner . '/files/' . $ownerPath);
$util->fixFileSize($absolutePath);
// get current sharing state
$sharingEnabled = \OCP\Share::isEnabled();
// get users sharing this file
$usersSharing = $util->getSharingUsersArray($sharingEnabled, $target);
// Attempt to set shareKey
$util->setSharedFileKeyfiles($session, $usersSharing, $target);
}
}
// enable proxy
\OC_FileProxy::$enabled = $proxyStatus;
}
}
/**
* @param string $path
* @param int $size
* @return int|bool
*/
public function postFileSize($path, $size, $fileInfo = null)
{
$view = new \OC\Files\View('/');
$userId = Helper::getUser($path);
$util = new Util($view, $userId);
// if encryption is no longer enabled or if the files aren't migrated yet
// we return the default file size
if (!\OCP\App::isEnabled('files_encryption') || $util->getMigrationStatus() !== Util::MIGRATION_COMPLETED) {
return $size;
}
// if path is a folder do nothing
if ($view->is_dir($path)) {
$proxyState = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$fileInfo = $view->getFileInfo($path);
\OC_FileProxy::$enabled = $proxyState;
if (isset($fileInfo['unencrypted_size']) && $fileInfo['unencrypted_size'] > 0) {
return $fileInfo['unencrypted_size'];
}
return $size;
}
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
// if path is empty we cannot resolve anything
if (empty($relativePath)) {
return $size;
}
// get file info from database/cache if not .part file
if (empty($fileInfo) && !Helper::isPartialFilePath($path)) {
$proxyState = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$fileInfo = $view->getFileInfo($path);
\OC_FileProxy::$enabled = $proxyState;
}
// if file is encrypted return real file size
if (isset($fileInfo['encrypted']) && $fileInfo['encrypted'] === true) {
// try to fix unencrypted file size if it doesn't look plausible
if ((int) $fileInfo['size'] > 0 && (int) $fileInfo['unencrypted_size'] === 0) {
$fixSize = $util->getFileSize($path);
$fileInfo['unencrypted_size'] = $fixSize;
// put file info if not .part file
if (!Helper::isPartialFilePath($relativePath)) {
$view->putFileInfo($path, array('unencrypted_size' => $fixSize));
}
}
$size = $fileInfo['unencrypted_size'];
} else {
$fileInfoUpdates = array();
$fixSize = $util->getFileSize($path);
if ($fixSize > 0) {
$size = $fixSize;
$fileInfoUpdates['encrypted'] = true;
$fileInfoUpdates['unencrypted_size'] = $size;
// put file info if not .part file
if (!Helper::isPartialFilePath($relativePath)) {
$view->putFileInfo($path, $fileInfoUpdates);
}
}
}
return $size;
}
/**
* @NoAdminRequired
*/
public function start()
{
$request = $this->request;
$response = new JSONResponse();
$params = $this->request->urlParams;
$app = new App($this->api->getUserId());
$addressBook = $app->getAddressBook($params['backend'], $params['addressBookId']);
if (!$addressBook->hasPermission(\OCP\PERMISSION_CREATE)) {
$response->setStatus('403');
$response->bailOut(App::$l10n->t('You do not have permissions to import into this address book.'));
return $response;
}
$filename = isset($request->post['filename']) ? $request->post['filename'] : null;
$progresskey = isset($request->post['progresskey']) ? $request->post['progresskey'] : null;
if (is_null($filename)) {
$response->bailOut(App::$l10n->t('File name missing from request.'));
return $response;
}
if (is_null($progresskey)) {
$response->bailOut(App::$l10n->t('Progress key missing from request.'));
return $response;
}
$filename = strtr($filename, array('/' => '', "\\" => ''));
if (\OC\Files\Filesystem::isFileBlacklisted($filename)) {
$response->bailOut(App::$l10n->t('Attempt to access blacklisted file:') . $filename);
return $response;
}
$view = \OCP\Files::getStorage('contacts');
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$file = $view->file_get_contents('/imports/' . $filename);
\OC_FileProxy::$enabled = $proxyStatus;
$writeProgress = function ($pct) use($progresskey) {
\OC_Cache::set($progresskey, $pct, 300);
};
$cleanup = function () use($view, $filename, $progresskey) {
if (!$view->unlink('/imports/' . $filename)) {
$response->debug('Unable to unlink /imports/' . $filename);
}
\OC_Cache::remove($progresskey);
};
$writeProgress('20');
$nl = "\n";
$file = str_replace(array("\r", "\n\n"), array("\n", "\n"), $file);
$lines = explode($nl, $file);
$inelement = false;
$parts = array();
$card = array();
foreach ($lines as $line) {
if (strtoupper(trim($line)) == 'BEGIN:VCARD') {
$inelement = true;
} elseif (strtoupper(trim($line)) == 'END:VCARD') {
$card[] = $line;
$parts[] = implode($nl, $card);
$card = array();
$inelement = false;
}
if ($inelement === true && trim($line) != '') {
$card[] = $line;
}
}
if (count($parts) === 0) {
$response->bailOut(App::$l10n->t('No contacts found in: ') . $filename);
$cleanup();
return $response;
}
//import the contacts
$imported = 0;
$failed = 0;
$partially = 0;
$processed = 0;
// TODO: Add a new group: "Imported at {date}"
foreach ($parts as $part) {
try {
$vcard = VObject\Reader::read($part);
} catch (VObject\ParseException $e) {
try {
$vcard = VObject\Reader::read($part, VObject\Reader::OPTION_IGNORE_INVALID_LINES);
$partially += 1;
$response->debug('Import: Retrying reading card. Error parsing VCard: ' . $e->getMessage());
} catch (\Exception $e) {
$failed += 1;
$response->debug('Import: skipping card. Error parsing VCard: ' . $e->getMessage());
continue;
// Ditch cards that can't be parsed by Sabre.
}
}
try {
$vcard->validate(MyVCard::REPAIR | MyVCard::UPGRADE);
} catch (\Exception $e) {
\OCP\Util::writeLog('contacts', __METHOD__ . ' ' . 'Error validating vcard: ' . $e->getMessage(), \OCP\Util::ERROR);
$failed += 1;
}
/**
* TODO
* - Check if a contact with identical UID exists.
* - If so, fetch that contact and call $contact->mergeFromVCard($vcard);
* - Increment $updated var (not present yet.)
* - continue
*/
try {
if ($addressBook->addChild($vcard)) {
$imported += 1;
} else {
$failed += 1;
}
} catch (\Exception $e) {
$response->debug('Error importing vcard: ' . $e->getMessage() . $nl . $vcard->serialize());
$failed += 1;
}
$processed += 1;
$writeProgress($processed);
}
//done the import
sleep(3);
// Give client side a chance to read the progress.
$response->setParams(array('backend' => $params['backend'], 'addressBookId' => $params['addressBookId'], 'imported' => $imported, 'partially' => $partially, 'failed' => $failed));
return $response;
}
/**
* rollback to an old version of a file.
*/
public static function rollback($file, $revision)
{
if (\OCP\Config::getSystemValue('files_versions', Storage::DEFAULTENABLED) == 'true') {
list($uid, $filename) = self::getUidAndFilename($file);
$users_view = new \OC\Files\View('/' . $uid);
$files_view = new \OC\Files\View('/' . \OCP\User::getUser() . '/files');
$versionCreated = false;
//first create a new version
$version = 'files_versions' . $filename . '.v' . $users_view->filemtime('files' . $filename);
if (!$users_view->file_exists($version)) {
// disable proxy to prevent multiple fopen calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$users_view->copy('files' . $filename, 'files_versions' . $filename . '.v' . $users_view->filemtime('files' . $filename));
// reset proxy state
\OC_FileProxy::$enabled = $proxyStatus;
$versionCreated = true;
}
// rollback
if (@$users_view->rename('files_versions' . $filename . '.v' . $revision, 'files' . $filename)) {
$files_view->touch($file, $revision);
Storage::expire($file);
return true;
} else {
if ($versionCreated) {
$users_view->unlink($version);
}
}
}
return false;
}
/**
* @brief if the file was really deleted we remove the encryption keys
* @param array $params
* @return boolean
*/
public static function postDelete($params)
{
if (!isset(self::$deleteFiles[$params[\OC\Files\Filesystem::signal_param_path]])) {
return true;
}
$deletedFile = self::$deleteFiles[$params[\OC\Files\Filesystem::signal_param_path]];
$path = $deletedFile['path'];
$user = $deletedFile['uid'];
// we don't need to remember the file any longer
unset(self::$deleteFiles[$params[\OC\Files\Filesystem::signal_param_path]]);
$view = new \OC\Files\View('/');
// return if the file still exists and wasn't deleted correctly
if ($view->file_exists('/' . $user . '/files/' . $path)) {
return true;
}
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Delete keyfile & shareKey so it isn't orphaned
if (!Keymanager::deleteFileKey($view, $path, $user)) {
\OCP\Util::writeLog('Encryption library', 'Keyfile or shareKey could not be deleted for file "' . $user . '/files/' . $path . '"', \OCP\Util::ERROR);
}
Keymanager::delAllShareKeys($view, $user, $path);
\OC_FileProxy::$enabled = $proxyStatus;
}
/**
* recover users files in case of password lost
* @param string $recoveryPassword
*/
public function recoverUsersFiles($recoveryPassword)
{
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$encryptedKey = $this->view->file_get_contents('/owncloud_private_key/' . $this->recoveryKeyId . '.private.key');
$privateKey = Crypt::decryptPrivateKey($encryptedKey, $recoveryPassword);
\OC_FileProxy::$enabled = $proxyStatus;
$this->recoverAllFiles('/', $privateKey);
}
/**
* @brief enable recovery
*
* @param $recoveryKeyId
* @param $recoveryPassword
* @internal param \OCA\Encryption\Util $util
* @internal param string $password
* @return bool
*/
public static function adminEnableRecovery($recoveryKeyId, $recoveryPassword)
{
$view = new \OC\Files\View('/');
if ($recoveryKeyId === null) {
$recoveryKeyId = 'recovery_' . substr(md5(time()), 0, 8);
\OC_Appconfig::setValue('files_encryption', 'recoveryKeyId', $recoveryKeyId);
}
if (!$view->is_dir('/owncloud_private_key')) {
$view->mkdir('/owncloud_private_key');
}
if (!$view->file_exists("/public-keys/" . $recoveryKeyId . ".public.key") || !$view->file_exists("/owncloud_private_key/" . $recoveryKeyId . ".private.key")) {
$keypair = \OCA\Encryption\Crypt::createKeypair();
\OC_FileProxy::$enabled = false;
// Save public key
if (!$view->is_dir('/public-keys')) {
$view->mkdir('/public-keys');
}
$view->file_put_contents('/public-keys/' . $recoveryKeyId . '.public.key', $keypair['publicKey']);
// Encrypt private key empty passphrase
$encryptedPrivateKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($keypair['privateKey'], $recoveryPassword);
// Save private key
$view->file_put_contents('/owncloud_private_key/' . $recoveryKeyId . '.private.key', $encryptedPrivateKey);
\OC_FileProxy::$enabled = true;
// Set recoveryAdmin as enabled
\OC_Appconfig::setValue('files_encryption', 'recoveryAdminEnabled', 1);
$return = true;
} else {
// get recovery key and check the password
$util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), \OCP\User::getUser());
$return = $util->checkRecoveryPassword($recoveryPassword);
if ($return) {
\OC_Appconfig::setValue('files_encryption', 'recoveryAdminEnabled', 1);
}
}
return $return;
}
/**
* @medium
*/
function testGetUidAndFilename()
{
\OC_User::setUserId(self::TEST_ENCRYPTION_UTIL_USER1);
$filename = '/tmp-' . $this->getUniqueID() . '.test';
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$this->view->file_put_contents($this->userId . '/files/' . $filename, $this->dataShort);
// Re-enable proxy - our work is done
\OC_FileProxy::$enabled = $proxyStatus;
$util = new \OCA\Files_Encryption\Util($this->view, $this->userId);
list($fileOwnerUid, $file) = $util->getUidAndFilename($filename);
$this->assertEquals(self::TEST_ENCRYPTION_UTIL_USER1, $fileOwnerUid);
$this->assertEquals($file, $filename);
$this->view->unlink($this->userId . '/files/' . $filename);
}
/**
* @NoAdminRequired
*/
public function start()
{
$request = $this->request;
$response = new JSONResponse();
$params = $this->request->urlParams;
$app = new App(\OCP\User::getUser());
$addressBookId = $params['addressBookId'];
$format = $params['importType'];
$addressBook = $app->getAddressBook($params['backend'], $addressBookId);
if (!$addressBook->hasPermission(\OCP\PERMISSION_CREATE)) {
$response->setStatus('403');
$response->bailOut(App::$l10n->t('You do not have permissions to import into this address book.'));
return $response;
}
$filename = isset($request->post['filename']) ? $request->post['filename'] : null;
$progresskey = isset($request->post['progresskey']) ? $request->post['progresskey'] : null;
if (is_null($filename)) {
$response->bailOut(App::$l10n->t('File name missing from request.'));
return $response;
}
if (is_null($progresskey)) {
$response->bailOut(App::$l10n->t('Progress key missing from request.'));
return $response;
}
$filename = strtr($filename, array('/' => '', "\\" => ''));
if (\OC\Files\Filesystem::isFileBlacklisted($filename)) {
$response->bailOut(App::$l10n->t('Attempt to access blacklisted file:') . $filename);
return $response;
}
$view = \OCP\Files::getStorage('contacts');
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$file = $view->file_get_contents('/imports/' . $filename);
\OC_FileProxy::$enabled = $proxyStatus;
$importManager = new ImportManager();
$formatList = $importManager->getTypes();
$found = false;
$parts = array();
foreach ($formatList as $formatName => $formatDisplayName) {
if ($formatName == $format) {
$parts = $importManager->importFile($view->getLocalFile('/imports/' . $filename), $formatName);
$found = true;
}
}
if (!$found) {
// detect file type
$mostLikelyName = "";
$mostLikelyValue = 0;
$probability = $importManager->detectFileType($view->getLocalFile('/imports/' . $filename));
foreach ($probability as $probName => $probValue) {
if ($probValue > $mostLikelyValue) {
$mostLikelyName = $probName;
$mostLikelyValue = $probValue;
}
}
if ($mostLikelyValue > 0) {
// found one (most likely...)
$parts = $importManager->importFile($view->getLocalFile('/imports/' . $filename), $mostLikelyName);
}
}
if ($parts) {
//import the contacts
$imported = 0;
$failed = 0;
$processed = 0;
$total = count($parts);
foreach ($parts as $part) {
/**
* TODO
* - Check if a contact with identical UID exists.
* - If so, fetch that contact and call $contact->mergeFromVCard($part);
* - Increment $updated var (not present yet.)
* - continue
*/
try {
$id = $addressBook->addChild($part);
if ($id) {
$imported++;
$favourites = $part->select('X-FAVOURITES');
foreach ($favourites as $favourite) {
if ($favourite->getValue() == 'yes') {
$this->tagMgr->addToFavorites($id);
}
}
} else {
$failed++;
}
} catch (\Exception $e) {
$response->debug('Error importing vcard: ' . $e->getMessage() . $nl . $part->serialize());
$failed++;
}
$processed++;
$this->writeProcess($processed, $total, $progresskey);
}
} else {
$imported = 0;
$failed = 0;
$processed = 0;
$total = 0;
}
$this->cleanup($view, $filename, $progresskey, $response);
//done the import
sleep(3);
// Give client side a chance to read the progress.
$response->setParams(array('backend' => $params['backend'], 'addressBookId' => $params['addressBookId'], 'importType' => $params['importType'], 'imported' => $imported, 'count' => $processed, 'total' => $total, 'failed' => $failed));
return $response;
}
/**
* Returns a view to ownCloud's files folder
*
* @param string $userId user ID
* @return \OCP\Files\Folder
*/
function getUserFolder($userId = null)
{
if ($userId === null) {
$user = $this->getUserSession()->getUser();
if (!$user) {
return null;
}
$userId = $user->getUID();
} else {
$user = $this->getUserManager()->get($userId);
}
$dir = '/' . $userId;
$root = $this->getRootFolder();
$folder = null;
if (!$root->nodeExists($dir)) {
$folder = $root->newFolder($dir);
} else {
$folder = $root->get($dir);
}
$dir = '/files';
if (!$folder->nodeExists($dir)) {
$folder = $folder->newFolder($dir);
if (\OCP\App::isEnabled('files_encryption')) {
// disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
}
\OC_Util::copySkeleton($user, $folder);
if (\OCP\App::isEnabled('files_encryption')) {
// re-enable proxy - our work is done
\OC_FileProxy::$enabled = $proxyStatus;
}
} else {
$folder = $folder->get($dir);
}
return $folder;
}
/**
* @param $path
*/
public function handleFile($path)
{
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$view = new \OC_FilesystemView('/');
$session = new \OCA\Encryption\Session($view);
$userId = Helper::getUser($path);
$util = new Util($view, $userId);
// split the path parts
$pathParts = explode('/', $path);
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
// only if file is on 'files' folder fix file size and sharing
if (isset($pathParts[2]) && $pathParts[2] === 'files' && $util->fixFileSize($path)) {
// get sharing app state
$sharingEnabled = \OCP\Share::isEnabled();
// get users
$usersSharing = $util->getSharingUsersArray($sharingEnabled, $relativePath);
// update sharing-keys
$util->setSharedFileKeyfiles($session, $usersSharing, $relativePath);
}
\OC_FileProxy::$enabled = $proxyStatus;
}
/**
* Delete a single user's shareKey for a single file
*
* @param \OC\Files\View $view relative to data/
* @param array $userIds list of users we want to remove
* @param string $filename the owners name of the file for which we want to remove the users relative to data/user/files
* @param string $owner owner of the file
*/
public static function delShareKey($view, $userIds, $filename, $owner)
{
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$util = new Util($view, $owner);
if ($util->isSystemWideMountPoint($filename)) {
$shareKeyPath = \OC\Files\Filesystem::normalizePath('/files_encryption/share-keys/' . $filename);
} else {
$shareKeyPath = \OC\Files\Filesystem::normalizePath('/' . $owner . '/files_encryption/share-keys/' . $filename);
}
if ($view->is_dir($shareKeyPath)) {
self::recursiveDelShareKeys($shareKeyPath, $userIds, $owner, $view);
} else {
foreach ($userIds as $userId) {
if ($userId === $owner && $view->file_exists('/' . $owner . '/files/' . $filename)) {
\OCP\Util::writeLog('files_encryption', 'Tried to delete owner key, but the file still exists!', \OCP\Util::FATAL);
continue;
}
$result = $view->unlink($shareKeyPath . '.' . $userId . '.shareKey');
\OCP\Util::writeLog('files_encryption', 'delShareKey: delete share key: ' . $shareKeyPath . '.' . $userId . '.shareKey', \OCP\Util::DEBUG);
if (!$result) {
\OCP\Util::writeLog('Encryption library', 'Could not delete shareKey; does not exist: "' . $shareKeyPath . '.' . $userId . '.shareKey"', \OCP\Util::ERROR);
}
}
}
\OC_FileProxy::$enabled = $proxyStatus;
}
$errorMessage = $l->t('Please repeat the new recovery password');
\OCP\JSON::error(array('data' => array('message' => $errorMessage)));
exit;
}
if ($_POST['newPassword'] !== $_POST['confirmPassword']) {
$errorMessage = $l->t('Repeated recovery key password does not match the provided recovery key password');
\OCP\JSON::error(array('data' => array('message' => $errorMessage)));
exit;
}
$view = new \OC\Files\View('/');
$util = new \OCA\Files_Encryption\Util(new \OC\Files\View('/'), \OCP\User::getUser());
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$keyId = $util->getRecoveryKeyId();
$encryptedRecoveryKey = \OCA\Files_Encryption\Keymanager::getPrivateSystemKey($keyId);
$decryptedRecoveryKey = $encryptedRecoveryKey ? \OCA\Files_Encryption\Crypt::decryptPrivateKey($encryptedRecoveryKey, $oldPassword) : false;
if ($decryptedRecoveryKey) {
$cipher = \OCA\Files_Encryption\Helper::getCipher();
$encryptedKey = \OCA\Files_Encryption\Crypt::symmetricEncryptFileContent($decryptedRecoveryKey, $newPassword, $cipher);
if ($encryptedKey) {
\OCA\Files_Encryption\Keymanager::setPrivateSystemKey($encryptedKey, $keyId);
$return = true;
}
}
\OC_FileProxy::$enabled = $proxyStatus;
// success or failure
if ($return) {
\OCP\JSON::success(array('data' => array('message' => $l->t('Password successfully changed.'))));
} else {
\OCP\JSON::error(array('data' => array('message' => $l->t('Could not change the password. Maybe the old password was not correct.'))));
}
/**
* test webdav put random file
*/
function testWebdavPUT()
{
// generate filename
$filename = '/tmp-' . uniqid() . '.txt';
// set server vars
$_SERVER['REQUEST_METHOD'] = 'OPTIONS';
$_SERVER['REQUEST_METHOD'] = 'PUT';
$_SERVER['REQUEST_URI'] = '/remote.php/webdav' . $filename;
$_SERVER['HTTP_AUTHORIZATION'] = 'Basic dGVzdC13ZWJkYXYtdXNlcjE6dGVzdC13ZWJkYXYtdXNlcjE=';
$_SERVER['CONTENT_TYPE'] = 'application/octet-stream';
$_SERVER['PATH_INFO'] = '/webdav' . $filename;
$_SERVER['CONTENT_LENGTH'] = strlen($this->dataShort);
// handle webdav request
$this->handleWebdavRequest($this->dataShort);
// check if file was created
$this->assertTrue($this->view->file_exists('/' . $this->userId . '/files' . $filename));
// check if key-file was created
$this->assertTrue($this->view->file_exists('/' . $this->userId . '/files_encryption/keyfiles/' . $filename . '.key'));
// check if shareKey-file was created
$this->assertTrue($this->view->file_exists('/' . $this->userId . '/files_encryption/share-keys/' . $filename . '.' . $this->userId . '.shareKey'));
// disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// get encrypted file content
$encryptedContent = $this->view->file_get_contents('/' . $this->userId . '/files' . $filename);
// restore proxy state
\OC_FileProxy::$enabled = $proxyStatus;
// check if encrypted content is valid
$this->assertTrue(Encryption\Crypt::isCatfileContent($encryptedContent));
// get decrypted file contents
$decrypt = file_get_contents('crypt:///' . $this->userId . '/files' . $filename);
// check if file content match with the written content
$this->assertEquals($this->dataShort, $decrypt);
// return filename for next test
return $filename;
}
/**
* @medium
* @brief Test that data that is read by the crypto stream wrapper
*/
function testSymmetricStreamDecryptShortFileContent()
{
$filename = 'tmp-' . uniqid();
// Save long data as encrypted file using stream wrapper
$cryptedFile = file_put_contents('crypt:///' . $this->userId . '/files/' . $filename, $this->dataShort);
// Test that data was successfully written
$this->assertTrue(is_int($cryptedFile));
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$this->assertTrue(Encryption\Crypt::isEncryptedMeta($filename));
\OC_FileProxy::$enabled = $proxyStatus;
// Get file decrypted contents
$decrypt = file_get_contents('crypt:///' . $this->userId . '/files/' . $filename);
$this->assertEquals($this->dataShort, $decrypt);
// tear down
$this->view->unlink($this->userId . '/files/' . $filename);
}
/**
* @medium
*/
function testFailShareFile()
{
// login as admin
\Test_Encryption_Util::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1);
// save file with content
$cryptedFile = file_put_contents('crypt:///' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename, $this->dataShort);
// test that data was successfully written
$this->assertTrue(is_int($cryptedFile));
// disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// get the file info from previous created file
$fileInfo = $this->view->getFileInfo('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename);
// check if we have a valid file info
$this->assertTrue(is_array($fileInfo));
// check if the unencrypted file size is stored
$this->assertGreaterThan(0, $fileInfo['unencrypted_size']);
// break users public key
$this->view->rename('/public-keys/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.public.key', '/public-keys/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.public.key_backup');
// re-enable the file proxy
\OC_FileProxy::$enabled = $proxyStatus;
// share the file
try {
\OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_GROUP1, OCP\PERMISSION_ALL);
} catch (Exception $e) {
$this->assertEquals(0, strpos($e->getMessage(), "Following users are not set up for encryption"));
}
// login as admin
\Test_Encryption_Util::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1);
// check if share key for user1 not exists
$this->assertFalse($this->view->file_exists('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
// disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// break user1 public key
$this->view->rename('/public-keys/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.public.key_backup', '/public-keys/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.public.key');
// remove share file
$this->view->unlink('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey');
// re-enable the file proxy
\OC_FileProxy::$enabled = $proxyStatus;
// unshare the file with user1
\OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_GROUP1);
// check if share key not exists
$this->assertFalse($this->view->file_exists('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
// cleanup
$this->view->chroot('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/');
$this->view->unlink($this->filename);
$this->view->chroot('/');
}
/**
* Encrypt keyfile to multiple users
* @param Session $session
* @param array $users list of users which should be able to access the file
* @param string $filePath path of the file to be shared
* @return bool
*/
public function setSharedFileKeyfiles(Session $session, array $users, $filePath)
{
// Make sure users are capable of sharing
$filteredUids = $this->filterShareReadyUsers($users);
// If we're attempting to share to unready users
if (!empty($filteredUids['unready'])) {
\OCP\Util::writeLog('Encryption library', 'Sharing to these user(s) failed as they are unready for encryption:"' . print_r($filteredUids['unready'], 1), \OCP\Util::WARN);
return false;
}
// Get public keys for each user, ready for generating sharekeys
$userPubKeys = Keymanager::getPublicKeys($this->view, $filteredUids['ready']);
// Note proxy status then disable it
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Get the current users's private key for decrypting existing keyfile
$privateKey = $session->getPrivateKey();
try {
// Decrypt keyfile
$plainKeyfile = $this->decryptKeyfile($filePath, $privateKey);
// Re-enc keyfile to (additional) sharekeys
$multiEncKey = Crypt::multiKeyEncrypt($plainKeyfile, $userPubKeys);
} catch (Exception\EncryptionException $e) {
$msg = 'set shareFileKeyFailed (code: ' . $e->getCode() . '): ' . $e->getMessage();
\OCP\Util::writeLog('files_encryption', $msg, \OCP\Util::FATAL);
return false;
} catch (\Exception $e) {
$msg = 'set shareFileKeyFailed (unknown error): ' . $e->getMessage();
\OCP\Util::writeLog('files_encryption', $msg, \OCP\Util::FATAL);
return false;
}
// Save the recrypted key to it's owner's keyfiles directory
// Save new sharekeys to all necessary user directory
if (!Keymanager::setFileKey($this->view, $this, $filePath, $multiEncKey['data']) || !Keymanager::setShareKeys($this->view, $this, $filePath, $multiEncKey['keys'])) {
\OCP\Util::writeLog('Encryption library', 'Keyfiles could not be saved for users sharing ' . $filePath, \OCP\Util::ERROR);
return false;
}
// Return proxy to original status
\OC_FileProxy::$enabled = $proxyStatus;
return true;
}
/**
* @medium
* test if stream wrapper can read files outside from the data folder
*/
function testStreamFromLocalFile()
{
$filename = '/' . $this->userId . '/files/' . 'tmp-' . $this->getUniqueID() . '.txt';
$tmpFilename = "/tmp/" . $this->getUniqueID() . ".txt";
// write an encrypted file
$cryptedFile = $this->view->file_put_contents($filename, $this->dataShort);
// Test that data was successfully written
$this->assertTrue(is_int($cryptedFile));
// create a copy outside of the data folder in /tmp
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$encryptedContent = $this->view->file_get_contents($filename);
\OC_FileProxy::$enabled = $proxyStatus;
file_put_contents($tmpFilename, $encryptedContent);
\OCA\Files_Encryption\Helper::addTmpFileToMapper($tmpFilename, $filename);
// try to read the file from /tmp
$handle = fopen("crypt://" . $tmpFilename, "r");
$contentFromTmpFile = stream_get_contents($handle);
// check if it was successful
$this->assertEquals($this->dataShort, $contentFromTmpFile);
fclose($handle);
// clean up
unlink($tmpFilename);
$this->view->unlink($filename);
}
