Exemple #1
0
 /**
  * prepare encryption module to decrypt all files
  *
  * @param InputInterface $input
  * @param OutputInterface $output
  * @param $user
  * @return bool
  */
 public function prepare(InputInterface $input, OutputInterface $output, $user)
 {
     $question = new Question('Please enter the recovery key password: '******'Do you want to use the users login password to decrypt all files? (y/n) ', false);
         $useLoginPassword = $this->questionHelper->ask($input, $output, $questionUseLoginPassword);
         if ($useLoginPassword) {
             $question = new Question('Please enter the users login password: '******'No recovery key available for user ' . $user);
                 return false;
             } else {
                 $user = $recoveryKeyId;
             }
         }
     } else {
         $user = $recoveryKeyId;
     }
     $question->setHidden(true);
     $question->setHiddenFallback(false);
     $password = $this->questionHelper->ask($input, $output, $question);
     $privateKey = $this->getPrivateKey($user, $password);
     if ($privateKey !== false) {
         $this->updateSession($user, $privateKey);
         return true;
     } else {
         $output->writeln('Could not decrypt private key, maybe you entered the wrong password?');
     }
     return false;
 }
Exemple #2
0
 protected function execute(InputInterface $input, OutputInterface $output)
 {
     $isAlreadyEnabled = $this->util->isMasterKeyEnabled();
     if ($isAlreadyEnabled) {
         $output->writeln('Master key already enabled');
     } else {
         $question = new ConfirmationQuestion('Warning: Only available for fresh installations with no existing encrypted data! ' . 'There is also no way to disable it again. Do you want to continue? (y/n) ', false);
         if ($this->questionHelper->ask($input, $output, $question)) {
             $this->config->setAppValue('encryption', 'useMasterKey', '1');
             $output->writeln('Master key successfully enabled.');
         } else {
             $output->writeln('aborted.');
         }
     }
 }
Exemple #3
0
 public function testGetStorage()
 {
     $path = '/foo/bar.txt';
     $this->filesMock->expects($this->once())->method('getMount')->with($path)->willReturn($this->mountMock);
     $this->mountMock->expects($this->once())->method('getStorage')->willReturn(true);
     $this->assertTrue($this->instance->getStorage($path));
 }
Exemple #4
0
 public function testGetStorage()
 {
     $return = $this->getMockBuilder('OC\\Files\\Storage\\Storage')->disableOriginalConstructor()->getMock();
     $path = '/foo/bar.txt';
     $this->filesMock->expects($this->once())->method('getMount')->with($path)->willReturn($this->mountMock);
     $this->mountMock->expects($this->once())->method('getStorage')->willReturn($return);
     $this->assertEquals($return, $this->instance->getStorage($path));
 }
 /**
  * by default the encryption module should encrypt regular files, files in
  * files_versions and files in files_trashbin
  *
  * @dataProvider dataTestShouldEncrypt
  */
 public function testShouldEncrypt($path, $shouldEncryptHomeStorage, $isHomeStorage, $expected)
 {
     $this->utilMock->expects($this->once())->method('shouldEncryptHomeStorage')->willReturn($shouldEncryptHomeStorage);
     if ($shouldEncryptHomeStorage === false) {
         $this->storageMock->expects($this->once())->method('instanceOfStorage')->with('\\OCP\\Files\\IHomeStorage')->willReturn($isHomeStorage);
         $this->utilMock->expects($this->once())->method('getStorage')->with($path)->willReturn($this->storageMock);
     }
     $this->assertSame($expected, $this->instance->shouldEncrypt($path));
 }
Exemple #6
0
 /**
  * prepare encryption module to decrypt all files
  *
  * @param InputInterface $input
  * @param OutputInterface $output
  * @param $user
  * @return bool
  */
 public function prepare(InputInterface $input, OutputInterface $output, $user)
 {
     $question = new Question('Please enter the recovery key password: '******'Use master key to decrypt all files');
         $user = $this->keyManager->getMasterKeyId();
         $password = $this->keyManager->getMasterKeyPassword();
     } else {
         $recoveryKeyId = $this->keyManager->getRecoveryKeyId();
         if (!empty($user)) {
             $output->writeln('You can only decrypt the users files if you know');
             $output->writeln('the users password or if he activated the recovery key.');
             $output->writeln('');
             $questionUseLoginPassword = new ConfirmationQuestion('Do you want to use the users login password to decrypt all files? (y/n) ', false);
             $useLoginPassword = $this->questionHelper->ask($input, $output, $questionUseLoginPassword);
             if ($useLoginPassword) {
                 $question = new Question('Please enter the user\'s login password: '******'No recovery key available for user ' . $user);
                     return false;
                 } else {
                     $user = $recoveryKeyId;
                 }
             }
         } else {
             $output->writeln('You can only decrypt the files of all users if the');
             $output->writeln('recovery key is enabled by the admin and activated by the users.');
             $output->writeln('');
             $user = $recoveryKeyId;
         }
         $question->setHidden(true);
         $question->setHiddenFallback(false);
         $password = $this->questionHelper->ask($input, $output, $question);
     }
     $privateKey = $this->getPrivateKey($user, $password);
     if ($privateKey !== false) {
         $this->updateSession($user, $privateKey);
         return true;
     } else {
         $output->writeln('Could not decrypt private key, maybe you entered the wrong password?');
     }
     return false;
 }
 /**
  * add system keys such as the public share key and the recovery key
  *
  * @param array $accessList
  * @param array $publicKeys
  * @return array
  */
 public function addSystemKeys(array $accessList, array $publicKeys)
 {
     if (!empty($accessList['public'])) {
         $publicKeys[$this->keyManager->getPublicShareKeyId()] = $this->keyManager->getPublicShareKey();
     }
     if ($this->keyManager->recoveryKeyExists() && $this->util->isRecoveryEnabledForUser()) {
         $publicKeys[$this->keyManager->getRecoveryKeyId()] = $this->keyManager->getRecoveryKey();
     }
     return $publicKeys;
 }
Exemple #8
0
 /**
  * add system keys such as the public share key and the recovery key
  *
  * @param array $accessList
  * @param array $publicKeys
  * @param string $uid
  * @return array
  * @throws PublicKeyMissingException
  */
 public function addSystemKeys(array $accessList, array $publicKeys, $uid)
 {
     if (!empty($accessList['public'])) {
         $publicShareKey = $this->getPublicShareKey();
         if (empty($publicShareKey)) {
             throw new PublicKeyMissingException($this->getPublicShareKeyId());
         }
         $publicKeys[$this->getPublicShareKeyId()] = $publicShareKey;
     }
     if ($this->recoveryKeyExists() && $this->util->isRecoveryEnabledForUser($uid)) {
         $publicKeys[$this->getRecoveryKeyId()] = $this->getRecoveryKey();
     }
     return $publicKeys;
 }
Exemple #9
0
 /**
  * Change a user's encryption passphrase
  *
  * @param array $params keys: uid, password
  * @return boolean|null
  */
 public function setPassphrase($params)
 {
     // Get existing decrypted private key
     $privateKey = $this->session->getPrivateKey();
     $user = $this->user->getUser();
     // current logged in user changes his own password
     if ($user && $params['uid'] === $user->getUID() && $privateKey) {
         // Encrypt private key with new user pwd as passphrase
         $encryptedPrivateKey = $this->crypt->encryptPrivateKey($privateKey, $params['password'], $params['uid']);
         // Save private key
         if ($encryptedPrivateKey) {
             $this->keyManager->setPrivateKey($this->user->getUser()->getUID(), $this->crypt->generateHeader() . $encryptedPrivateKey);
         } else {
             $this->logger->error('Encryption could not update users encryption password');
         }
         // NOTE: Session does not need to be updated as the
         // private key has not changed, only the passphrase
         // used to decrypt it has changed
     } else {
         // admin changed the password for a different user, create new keys and re-encrypt file keys
         $user = $params['uid'];
         $this->initMountPoints($user);
         $recoveryPassword = isset($params['recoveryPassword']) ? $params['recoveryPassword'] : null;
         // we generate new keys if...
         // ...we have a recovery password and the user enabled the recovery key
         // ...encryption was activated for the first time (no keys exists)
         // ...the user doesn't have any files
         if ($this->recovery->isRecoveryEnabledForUser($user) && $recoveryPassword || !$this->keyManager->userHasKeys($user) || !$this->util->userHasFiles($user)) {
             // backup old keys
             //$this->backupAllKeys('recovery');
             $newUserPassword = $params['password'];
             $keyPair = $this->crypt->createKeyPair();
             // Save public key
             $this->keyManager->setPublicKey($user, $keyPair['publicKey']);
             // Encrypt private key with new password
             $encryptedKey = $this->crypt->encryptPrivateKey($keyPair['privateKey'], $newUserPassword, $user);
             if ($encryptedKey) {
                 $this->keyManager->setPrivateKey($user, $this->crypt->generateHeader() . $encryptedKey);
                 if ($recoveryPassword) {
                     // if recovery key is set we can re-encrypt the key files
                     $this->recovery->recoverUsersFiles($recoveryPassword, $user);
                 }
             } else {
                 $this->logger->error('Encryption Could not update users encryption password');
             }
         }
     }
 }
Exemple #10
0
 /**
  * Tests that filterShareReadyUsers() returns the correct list of
  * users that are ready or not ready for encryption
  */
 public function testFilterShareReadyUsers()
 {
     $appConfig = \OC::$server->getAppConfig();
     $publicShareKeyId = $appConfig->getValue('files_encryption', 'publicShareKeyId');
     $recoveryKeyId = $appConfig->getValue('files_encryption', 'recoveryKeyId');
     $usersToTest = array('readyUser', 'notReadyUser', 'nonExistingUser', $publicShareKeyId, $recoveryKeyId);
     \Test_Encryption_Util::loginHelper('readyUser', true);
     \Test_Encryption_Util::loginHelper('notReadyUser', true);
     // delete encryption dir to make it not ready
     $this->view->unlink('notReadyUser/files_encryption/');
     // login as user1
     \Test_Encryption_Util::loginHelper(\Test_Encryption_Util::TEST_ENCRYPTION_UTIL_USER1);
     $result = $this->util->filterShareReadyUsers($usersToTest);
     $this->assertEquals(array('readyUser', $publicShareKeyId, $recoveryKeyId), $result['ready']);
     $this->assertEquals(array('notReadyUser', 'nonExistingUser'), $result['unready']);
     \OC_User::deleteUser('readyUser');
 }
Exemple #11
0
 /**
  * check if the encryption module is able to read the file,
  * e.g. if all encryption keys exists
  *
  * @param string $path
  * @param string $uid user for whom we want to check if he can read the file
  * @return bool
  * @throws DecryptionFailedException
  */
 public function isReadable($path, $uid)
 {
     $fileKey = $this->keyManager->getFileKey($path, $uid);
     if (empty($fileKey)) {
         $owner = $this->util->getOwner($path);
         if ($owner !== $uid) {
             // if it is a shared file we throw a exception with a useful
             // error message because in this case it means that the file was
             // shared with the user at a point where the user didn't had a
             // valid private/public key
             $msg = 'Encryption module "' . $this->getDisplayName() . '" is not able to read ' . $path;
             $hint = $this->l->t('Can not read this file, probably this is a shared file. Please ask the file owner to reshare the file with you.');
             $this->logger->warning($msg);
             throw new DecryptionFailedException($msg, $hint);
         }
         return false;
     }
     return true;
 }
Exemple #12
0
 /**
  * iterate over all user and encrypt their files
  */
 protected function encryptAllUsersFiles()
 {
     $this->output->writeln("\n");
     $progress = new ProgressBar($this->output);
     $progress->setFormat(" %message% \n [%bar%]");
     $progress->start();
     $numberOfUsers = count($this->userPasswords);
     $userNo = 1;
     if ($this->util->isMasterKeyEnabled()) {
         $this->encryptAllUserFilesWithMasterKey($progress);
     } else {
         foreach ($this->userPasswords as $uid => $password) {
             $userCount = "{$uid} ({$userNo} of {$numberOfUsers})";
             $this->encryptUsersFiles($uid, $progress, $userCount);
             $userNo++;
         }
     }
     $progress->setMessage("all files encrypted");
     $progress->finish();
 }
 /**
  * test add public share key and or recovery key to the list of public keys
  *
  * @dataProvider dataTestAddSystemKeys
  *
  * @param array $accessList
  * @param array $publicKeys
  * @param string $uid
  * @param array $expectedKeys
  */
 public function testAddSystemKeys($accessList, $publicKeys, $uid, $expectedKeys)
 {
     $publicShareKeyId = 'publicShareKey';
     $recoveryKeyId = 'recoveryKey';
     $this->keyStorageMock->expects($this->any())->method('getSystemUserKey')->willReturnCallback(function ($keyId, $encryptionModuleId) {
         return $keyId;
     });
     $this->utilMock->expects($this->any())->method('isRecoveryEnabledForUser')->willReturnCallback(function ($uid) {
         if ($uid === 'user1') {
             return true;
         }
         return false;
     });
     // set key IDs
     self::invokePrivate($this->instance, 'publicShareKeyId', [$publicShareKeyId]);
     self::invokePrivate($this->instance, 'recoveryKeyId', [$recoveryKeyId]);
     $result = $this->instance->addSystemKeys($accessList, $publicKeys, $uid);
     foreach ($expectedKeys as $expected) {
         $this->assertArrayHasKey($expected, $result);
     }
     $this->assertSameSize($expectedKeys, $result);
 }
Exemple #14
0
 /**
  * @brief remember the file which should be deleted and it's owner
  * @param array $params
  * @return boolean
  */
 public static function preDelete($params)
 {
     $path = $params[\OC\Files\Filesystem::signal_param_path];
     // skip this method if the trash bin is enabled or if we delete a file
     // outside of /data/user/files
     if (\OCP\App::isEnabled('files_trashbin')) {
         return true;
     }
     $util = new Util(new \OC_FilesystemView('/'), \OCP\USER::getUser());
     list($owner, $ownerPath) = $util->getUidAndFilename($path);
     self::$deleteFiles[$params[\OC\Files\Filesystem::signal_param_path]] = array('uid' => $owner, 'path' => $ownerPath);
 }
Exemple #15
0
 /**
  * Returns whether the given user is ready for encryption.
  * Also returns true if the given user is the public user
  * or the recovery key user.
  *
  * @param string $user user to check
  *
  * @return boolean true if the user is ready, false otherwise
  */
 private function isUserReady($user)
 {
     if ($user === $this->publicShareKeyId || $user === $this->recoveryKeyId) {
         return true;
     }
     try {
         $util = new Util($this->view, $user);
         return $util->ready();
     } catch (NoUserException $e) {
         \OCP\Util::writeLog('Encryption library', 'No User object for ' . $user, \OCP\Util::DEBUG);
         return false;
     }
 }
Exemple #16
0
 /**
  * unmount file from yourself
  */
 public static function postUmount($params)
 {
     if (!isset(self::$umountedFiles[$params[\OC\Files\Filesystem::signal_param_path]])) {
         return true;
     }
     $umountedFile = self::$umountedFiles[$params[\OC\Files\Filesystem::signal_param_path]];
     $path = $umountedFile['path'];
     $user = $umountedFile['uid'];
     $itemType = $umountedFile['itemType'];
     $view = new \OC\Files\View();
     $util = new Util($view, $user);
     // we don't need to remember the file any longer
     unset(self::$umountedFiles[$params[\OC\Files\Filesystem::signal_param_path]]);
     // if we unshare a folder we need a list of all (sub-)files
     if ($itemType === 'folder') {
         $allFiles = $util->getAllFiles($path);
     } else {
         $allFiles = array($path);
     }
     foreach ($allFiles as $path) {
         // check if the user still has access to the file, otherwise delete share key
         $sharingUsers = \OCP\Share::getUsersSharingFile($path, $user);
         if (!in_array(\OCP\User::getUser(), $sharingUsers['users'])) {
             Keymanager::delShareKey($view, array(\OCP\User::getUser()), $path, $user);
         }
     }
 }
Exemple #17
0
 /**
  * retrieve shareKey for an encrypted file
  * @param \OC\Files\View $view
  * @param string $userId
  * @param \OCA\Encryption\Util $util
  * @param string $filePath
  * @return string file key or false
  * @note The sharekey returned is encrypted. Decryption
  * of the keyfile must be performed by client code
  */
 public static function getShareKey(\OC\Files\View $view, $userId, $util, $filePath)
 {
     // try reusing key file if part file
     $proxyStatus = \OC_FileProxy::$enabled;
     \OC_FileProxy::$enabled = false;
     list($owner, $filename) = $util->getUidAndFilename($filePath);
     $filename = Helper::stripPartialFileExtension($filename);
     // in case of system wide mount points the keys are stored directly in the data directory
     if ($util->isSystemWideMountPoint($filename)) {
         $shareKeyPath = '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey';
     } else {
         $shareKeyPath = '/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey';
     }
     if ($view->file_exists($shareKeyPath)) {
         $result = $view->file_get_contents($shareKeyPath);
     } else {
         $result = false;
     }
     \OC_FileProxy::$enabled = $proxyStatus;
     return $result;
 }
 function testSetEncryptHomeStorage()
 {
     $value = true;
     $this->utilMock->expects($this->once())->method('setEncryptHomeStorage')->with($value);
     $this->controller->setEncryptHomeStorage($value);
 }
Exemple #19
0
 function testDescryptAllWithBrokenFiles()
 {
     $file1 = "/decryptAll1" . uniqid() . ".txt";
     $file2 = "/decryptAll2" . uniqid() . ".txt";
     $util = new Encryption\Util($this->view, $this->userId);
     $this->view->file_put_contents($this->userId . '/files/' . $file1, $this->dataShort);
     $this->view->file_put_contents($this->userId . '/files/' . $file2, $this->dataShort);
     $fileInfoEncrypted1 = $this->view->getFileInfo($this->userId . '/files/' . $file1);
     $fileInfoEncrypted2 = $this->view->getFileInfo($this->userId . '/files/' . $file2);
     $this->assertTrue($fileInfoEncrypted1 instanceof \OC\Files\FileInfo);
     $this->assertTrue($fileInfoEncrypted2 instanceof \OC\Files\FileInfo);
     $this->assertEquals($fileInfoEncrypted1['encrypted'], 1);
     $this->assertEquals($fileInfoEncrypted2['encrypted'], 1);
     // rename keyfile for file1 so that the decryption for file1 fails
     // Expected behaviour: decryptAll() returns false, file2 gets decrypted anyway
     $this->view->rename($this->userId . '/files_encryption/keyfiles/' . $file1 . '.key', $this->userId . '/files_encryption/keyfiles/' . $file1 . '.key.moved');
     // decrypt all encrypted files
     $result = $util->decryptAll();
     $this->assertFalse($result);
     $fileInfoUnencrypted1 = $this->view->getFileInfo($this->userId . '/files/' . $file1);
     $fileInfoUnencrypted2 = $this->view->getFileInfo($this->userId . '/files/' . $file2);
     $this->assertTrue($fileInfoUnencrypted1 instanceof \OC\Files\FileInfo);
     $this->assertTrue($fileInfoUnencrypted2 instanceof \OC\Files\FileInfo);
     // file1 should be still encrypted; file2 should be decrypted
     $this->assertEquals(1, $fileInfoUnencrypted1['encrypted']);
     $this->assertEquals(0, $fileInfoUnencrypted2['encrypted']);
     // keyfiles and share keys should still exist
     $this->assertTrue($this->view->is_dir($this->userId . '/files_encryption/keyfiles/'));
     $this->assertTrue($this->view->is_dir($this->userId . '/files_encryption/share-keys/'));
     // rename the keyfile for file1 back
     $this->view->rename($this->userId . '/files_encryption/keyfiles/' . $file1 . '.key.moved', $this->userId . '/files_encryption/keyfiles/' . $file1 . '.key');
     // try again to decrypt all encrypted files
     $result = $util->decryptAll();
     $this->assertTrue($result);
     $fileInfoUnencrypted1 = $this->view->getFileInfo($this->userId . '/files/' . $file1);
     $fileInfoUnencrypted2 = $this->view->getFileInfo($this->userId . '/files/' . $file2);
     $this->assertTrue($fileInfoUnencrypted1 instanceof \OC\Files\FileInfo);
     $this->assertTrue($fileInfoUnencrypted2 instanceof \OC\Files\FileInfo);
     // now both files should be decrypted
     $this->assertEquals(0, $fileInfoUnencrypted1['encrypted']);
     $this->assertEquals(0, $fileInfoUnencrypted2['encrypted']);
     // keyfiles and share keys should be deleted
     $this->assertFalse($this->view->is_dir($this->userId . '/files_encryption/keyfiles/'));
     $this->assertFalse($this->view->is_dir($this->userId . '/files_encryption/share-keys/'));
     //cleanup
     $this->view->unlink($this->userId . '/files/' . $file1);
     $this->view->unlink($this->userId . '/files/' . $file2);
     $this->view->deleteAll($this->userId . '/files_encryption/keyfiles.backup');
     $this->view->deleteAll($this->userId . '/files_encryption/share-keys.backup');
 }
Exemple #20
0
 public function testUserHasFiles()
 {
     $this->filesMock->expects($this->once())->method('file_exists')->will($this->returnValue(true));
     $this->assertTrue($this->instance->userHasFiles('admin'));
 }
<?php

/**
 * Copyright (c) 2013, Bjoern Schiessle <*****@*****.**>
 * This file is licensed under the Affero General Public License version 3 or later.
 * See the COPYING-README file.
 *
 * @brief check migration status
 */
use OCA\Encryption\Util;
\OCP\JSON::checkAppEnabled('files_encryption');
$loginname = isset($_POST['user']) ? $_POST['user'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
$migrationCompleted = true;
if ($loginname !== '' && $password !== '') {
    $username = \OCP\User::checkPassword($loginname, $password);
    if ($username) {
        $util = new Util(new \OC_FilesystemView('/'), $username);
        if ($util->getMigrationStatus() !== Util::MIGRATION_COMPLETED) {
            $migrationCompleted = false;
        }
    }
}
\OCP\JSON::success(array('data' => array('migrationCompleted' => $migrationCompleted)));
Exemple #22
0
 /**
  * @brief after a file is renamed, rename its keyfile and share-keys also fix the file size and fix also the sharing
  * @param array with oldpath and newpath
  *
  * This function is connected to the rename signal of OC_Filesystem and adjust the name and location
  * of the stored versions along the actual file
  */
 public static function postRename($params)
 {
     if (\OCP\App::isEnabled('files_encryption') === false) {
         return true;
     }
     // Disable encryption proxy to prevent recursive calls
     $proxyStatus = \OC_FileProxy::$enabled;
     \OC_FileProxy::$enabled = false;
     $view = new \OC_FilesystemView('/');
     $session = new \OCA\Encryption\Session($view);
     $userId = \OCP\User::getUser();
     $util = new Util($view, $userId);
     // Format paths to be relative to user files dir
     if ($util->isSystemWideMountPoint($params['oldpath'])) {
         $baseDir = 'files_encryption/';
         $oldKeyfilePath = $baseDir . 'keyfiles/' . $params['oldpath'];
     } else {
         $baseDir = $userId . '/' . 'files_encryption/';
         $oldKeyfilePath = $baseDir . 'keyfiles/' . $params['oldpath'];
     }
     if ($util->isSystemWideMountPoint($params['newpath'])) {
         $newKeyfilePath = $baseDir . 'keyfiles/' . $params['newpath'];
     } else {
         $newKeyfilePath = $baseDir . 'keyfiles/' . $params['newpath'];
     }
     // add key ext if this is not an folder
     if (!$view->is_dir($oldKeyfilePath)) {
         $oldKeyfilePath .= '.key';
         $newKeyfilePath .= '.key';
         // handle share-keys
         $localKeyPath = $view->getLocalFile($baseDir . 'share-keys/' . $params['oldpath']);
         $escapedPath = Helper::escapeGlobPattern($localKeyPath);
         $matches = glob($escapedPath . '*.shareKey');
         foreach ($matches as $src) {
             $dst = \OC\Files\Filesystem::normalizePath(str_replace($params['oldpath'], $params['newpath'], $src));
             // create destination folder if not exists
             if (!file_exists(dirname($dst))) {
                 mkdir(dirname($dst), 0750, true);
             }
             rename($src, $dst);
         }
     } else {
         // handle share-keys folders
         $oldShareKeyfilePath = $baseDir . 'share-keys/' . $params['oldpath'];
         $newShareKeyfilePath = $baseDir . 'share-keys/' . $params['newpath'];
         // create destination folder if not exists
         if (!$view->file_exists(dirname($newShareKeyfilePath))) {
             $view->mkdir(dirname($newShareKeyfilePath), 0750, true);
         }
         $view->rename($oldShareKeyfilePath, $newShareKeyfilePath);
     }
     // Rename keyfile so it isn't orphaned
     if ($view->file_exists($oldKeyfilePath)) {
         // create destination folder if not exists
         if (!$view->file_exists(dirname($newKeyfilePath))) {
             $view->mkdir(dirname($newKeyfilePath), 0750, true);
         }
         $view->rename($oldKeyfilePath, $newKeyfilePath);
     }
     // build the path to the file
     $newPath = '/' . $userId . '/files' . $params['newpath'];
     $newPathRelative = $params['newpath'];
     if ($util->fixFileSize($newPath)) {
         // get sharing app state
         $sharingEnabled = \OCP\Share::isEnabled();
         // get users
         $usersSharing = $util->getSharingUsersArray($sharingEnabled, $newPathRelative);
         // update sharing-keys
         $util->setSharedFileKeyfiles($session, $usersSharing, $newPathRelative);
     }
     \OC_FileProxy::$enabled = $proxyStatus;
 }
 /**
  * @UseSession
  *
  * @param bool $encryptHomeStorage
  * @return DataResponse
  */
 public function setEncryptHomeStorage($encryptHomeStorage)
 {
     $this->util->setEncryptHomeStorage($encryptHomeStorage);
     return new DataResponse();
 }
Exemple #24
0
 /**
  * @dataProvider dataTestIsMasterKeyEnabled
  *
  * @param string $value
  * @param bool $expect
  */
 public function testIsMasterKeyEnabled($value, $expect)
 {
     $this->configMock->expects($this->once())->method('getAppValue')->with('encryption', 'useMasterKey', '0')->willReturn($value);
     $this->assertSame($expect, $this->instance->isMasterKeyEnabled());
 }
<?php

/**
 * Copyright (c) 2013, Bjoern Schiessle <*****@*****.**>
 * This file is licensed under the Affero General Public License version 3 or later.
 * See the COPYING-README file.
 *
 * check migration status
 */
use OCA\Encryption\Util;
\OCP\JSON::checkAppEnabled('files_encryption');
$loginname = isset($_POST['user']) ? $_POST['user'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
$migrationStatus = Util::MIGRATION_COMPLETED;
if ($loginname !== '' && $password !== '') {
    $username = \OCP\User::checkPassword($loginname, $password);
    if ($username) {
        $util = new Util(new \OC\Files\View('/'), $username);
        $migrationStatus = $util->getMigrationStatus();
    }
}
\OCP\JSON::success(array('data' => array('migrationStatus' => $migrationStatus)));
Exemple #26
0
 /**
  * @large
  */
 function testEncryptLegacyFiles()
 {
     \Test_Encryption_Util::loginHelper(\Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER);
     $userView = new \OC_FilesystemView('/' . \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER);
     $view = new \OC_FilesystemView('/' . \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER . '/files');
     // Disable encryption proxy to prevent recursive calls
     $proxyStatus = \OC_FileProxy::$enabled;
     \OC_FileProxy::$enabled = false;
     $encryptionKeyContent = file_get_contents($this->legacyEncryptedDataKey);
     $userView->file_put_contents('/encryption.key', $encryptionKeyContent);
     $legacyEncryptedData = file_get_contents($this->legacyEncryptedData);
     $view->mkdir('/test/');
     $view->mkdir('/test/subtest/');
     $view->file_put_contents('/test/subtest/legacy-encrypted-text.txt', $legacyEncryptedData);
     $fileInfo = $view->getFileInfo('/test/subtest/legacy-encrypted-text.txt');
     $fileInfo['encrypted'] = true;
     $view->putFileInfo('/test/subtest/legacy-encrypted-text.txt', $fileInfo);
     \OC_FileProxy::$enabled = $proxyStatus;
     $params['uid'] = \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER;
     $params['password'] = \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER;
     $util = new Encryption\Util($this->view, \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER);
     $this->setMigrationStatus(0, \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER);
     $this->assertTrue(OCA\Encryption\Hooks::login($params));
     $this->assertEquals($this->legacyKey, \OC::$session->get('legacyKey'));
     $files = $util->findEncFiles('/' . \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER . '/files/');
     $this->assertTrue(is_array($files));
     $found = false;
     foreach ($files['encrypted'] as $encryptedFile) {
         if ($encryptedFile['name'] === 'legacy-encrypted-text.txt') {
             $found = true;
             break;
         }
     }
     $this->assertTrue($found);
 }