/** * Action to take if this item is infected * @param Status $status * @param boolean $isBackground */ public function processInfected(Status $status, $isBackground) { $application = new \OCA\Files_Antivirus\AppInfo\Application(); $appConfig = $application->getContainer()->query('AppConfig'); $infectedAction = $appConfig->getAvInfectedAction(); $shouldDelete = !$isBackground || $isBackground && $infectedAction === 'delete'; $message = $shouldDelete ? Activity::MESSAGE_FILE_DELETED : ''; \OC::$server->getActivityManager()->publishActivity('files_antivirus', Activity::SUBJECT_VIRUS_DETECTED, array($this->path, $status->getDetails()), $message, array(), $this->path, '', $this->view->getOwner($this->path), Activity::TYPE_VIRUS_DETECTED, Activity::PRIORITY_HIGH); if ($isBackground) { if ($shouldDelete) { $this->logError('Infected file deleted. ' . $status->getDetails()); $this->view->unlink($this->path); } else { $this->logError('File is infected. ' . $status->getDetails()); } } else { $this->logError('Virus(es) found: ' . $status->getDetails()); //remove file $this->view->unlink($this->path); Notification::sendMail($this->path); $message = $this->l10n->t("Virus detected! Can't upload the file %s", array(basename($this->path))); \OCP\JSON::error(array("data" => array("message" => $message))); exit; } }
public function testRecipientUnsharesFromSelf() { $this->loginAsUser(self::TEST_FILES_SHARING_API_USER2); $this->assertTrue($this->rootView->unlink('/' . self::TEST_FILES_SHARING_API_USER2 . '/files/sub1/sub2/folder')); $this->assertEtagsForFoldersChanged([self::TEST_FILES_SHARING_API_USER2, self::TEST_FILES_SHARING_API_USER4]); $this->assertAllUnchaged(); }
/** * @medium * Test that data that is written by the crypto stream wrapper with AES 128 * @note Encrypted data is manually prepared and decrypted here to avoid dependency on success of stream_read * @note If this test fails with truncate content, check that enough array slices are being rejoined to form $e, as the crypt.php file may have gotten longer and broken the manual * reassembly of its data */ public function testStreamDecryptLongFileContentWithoutHeader() { // Generate a a random filename $filename = 'tmp-' . $this->getUniqueID() . '.test'; $this->config->setSystemValue('cipher', 'AES-128-CFB'); // Save long data as encrypted file using stream wrapper $cryptedFile = file_put_contents('crypt:///' . $this->userId . '/files/' . $filename, $this->dataLong . $this->dataLong); $this->config->deleteSystemValue('cipher'); // Test that data was successfully written $this->assertTrue(is_int($cryptedFile)); // Disable encryption proxy to prevent recursive calls $proxyStatus = \OC_FileProxy::$enabled; \OC_FileProxy::$enabled = false; // Get file contents without using any wrapper to get it's actual contents on disk $retreivedCryptedFile = $this->view->file_get_contents($this->userId . '/files/' . $filename); // Check that the file was encrypted before being written to disk $this->assertNotEquals($this->dataLong . $this->dataLong, $retreivedCryptedFile); // remove the header to check if we can also decrypt old files without a header, // this files should fall back to AES-128 $cryptedWithoutHeader = substr($retreivedCryptedFile, \OCA\Files_Encryption\Crypt::BLOCKSIZE); $this->view->file_put_contents($this->userId . '/files/' . $filename, $cryptedWithoutHeader); // Re-enable proxy - our work is done \OC_FileProxy::$enabled = $proxyStatus; $decrypted = file_get_contents('crypt:///' . $this->userId . '/files/' . $filename); $this->assertEquals($this->dataLong . $this->dataLong, $decrypted); // Teardown $this->view->unlink($this->userId . '/files/' . $filename); }
/** * @return bool */ public function stream_close() { $this->flush(); // if there is no valid private key return false if ($this->privateKey === false) { // cleanup if ($this->meta['mode'] !== 'r' && $this->meta['mode'] !== 'rb' && !$this->isLocalTmpFile) { // Disable encryption proxy to prevent recursive calls $proxyStatus = \OC_FileProxy::$enabled; \OC_FileProxy::$enabled = false; if ($this->rootView->file_exists($this->rawPath) && $this->size === 0) { $this->rootView->unlink($this->rawPath); } // Re-enable proxy - our work is done \OC_FileProxy::$enabled = $proxyStatus; } // if private key is not valid redirect user to a error page \OCA\Encryption\Helper::redirectToErrorPage($this->session); } if ($this->meta['mode'] !== 'r' && $this->meta['mode'] !== 'rb' && $this->isLocalTmpFile === false && $this->size > 0 && $this->unencryptedSize > 0) { // only write keyfiles if it was a new file if ($this->newFile === true) { // Disable encryption proxy to prevent recursive calls $proxyStatus = \OC_FileProxy::$enabled; \OC_FileProxy::$enabled = false; // Fetch user's public key $this->publicKey = Keymanager::getPublicKey($this->rootView, $this->keyId); // Check if OC sharing api is enabled $sharingEnabled = \OCP\Share::isEnabled(); $util = new Util($this->rootView, $this->userId); // Get all users sharing the file includes current user $uniqueUserIds = $util->getSharingUsersArray($sharingEnabled, $this->relPath); $checkedUserIds = $util->filterShareReadyUsers($uniqueUserIds); // Fetch public keys for all sharing users $publicKeys = Keymanager::getPublicKeys($this->rootView, $checkedUserIds['ready']); // Encrypt enc key for all sharing users $this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys); // Save the new encrypted file key Keymanager::setFileKey($this->rootView, $util, $this->relPath, $this->encKeyfiles['data']); // Save the sharekeys Keymanager::setShareKeys($this->rootView, $util, $this->relPath, $this->encKeyfiles['keys']); // Re-enable proxy - our work is done \OC_FileProxy::$enabled = $proxyStatus; } // we need to update the file info for the real file, not for the // part file. $path = Helper::stripPartialFileExtension($this->rawPath); // get file info $fileInfo = $this->rootView->getFileInfo($path); if (is_array($fileInfo)) { // set encryption data $fileInfo['encrypted'] = true; $fileInfo['size'] = $this->size; $fileInfo['unencrypted_size'] = $this->unencryptedSize; // set fileinfo $this->rootView->putFileInfo($path, $fileInfo); } } return fclose($this->handle); }
/** * @medium * test if stream wrapper can read files outside from the data folder */ function testStreamFromLocalFile() { $filename = '/' . $this->userId . '/files/' . 'tmp-' . $this->getUniqueID() . '.txt'; $tmpFilename = "/tmp/" . $this->getUniqueID() . ".txt"; // write an encrypted file $cryptedFile = $this->view->file_put_contents($filename, $this->dataShort); // Test that data was successfully written $this->assertTrue(is_int($cryptedFile)); // create a copy outside of the data folder in /tmp $proxyStatus = \OC_FileProxy::$enabled; \OC_FileProxy::$enabled = false; $encryptedContent = $this->view->file_get_contents($filename); \OC_FileProxy::$enabled = $proxyStatus; file_put_contents($tmpFilename, $encryptedContent); \OCA\Files_Encryption\Helper::addTmpFileToMapper($tmpFilename, $filename); // try to read the file from /tmp $handle = fopen("crypt://" . $tmpFilename, "r"); $contentFromTmpFile = stream_get_contents($handle); // check if it was successful $this->assertEquals($this->dataShort, $contentFromTmpFile); fclose($handle); // clean up unlink($tmpFilename); $this->view->unlink($filename); }
/** * Test that deleting a file doesn't error when nobody is logged in */ public function testSingleStorageDeleteFileLoggedOut() { $this->logout(); if (!$this->userView->file_exists('test.txt')) { $this->markTestSkipped('Skipping since the current home storage backend requires the user to logged in'); } else { $this->userView->unlink('test.txt'); } }
/** * Remove the certificate and re-generate the certificate bundle * * @param string $name * @return bool */ public function removeCertificate($name) { if (!Filesystem::isValidPath($name)) { return false; } $path = $this->getPathToCertificates() . 'uploads/'; if ($this->view->file_exists($path . $name)) { $this->view->unlink($path . $name); $this->createCertificateBundle(); } return true; }
/** * @medium */ function testSetPrivateSystemKey() { $key = "dummy key"; $keyName = "myDummyKey"; $encHeader = \OCA\Files_Encryption\Crypt::generateHeader(); \OCA\Files_Encryption\Keymanager::setPrivateSystemKey($key, $keyName); $this->assertTrue($this->view->file_exists('/files_encryption/' . $keyName . '.privateKey')); $result = \OCA\Files_Encryption\Keymanager::getPrivateSystemKey($keyName); $this->assertSame($encHeader . $key, $result); // clean up $this->view->unlink('/files_encryption/' . $keyName . '.privateKey'); }
function testPostFileSizeWithDirectory() { $this->view->file_put_contents($this->filename, $this->data); \OC_FileProxy::$enabled = false; // get root size, must match the file's unencrypted size $unencryptedSize = $this->view->filesize(''); \OC_FileProxy::$enabled = true; $encryptedSize = $this->view->filesize(''); $this->assertTrue($encryptedSize !== $unencryptedSize); // cleanup $this->view->unlink($this->filename); }
/** * remove recovery key to all encrypted files */ public function removeRecoveryKeys($path = '/') { $dirContent = $this->view->getDirectoryContent($this->keysPath . '/' . $path); foreach ($dirContent as $item) { // get relative path from files_encryption/keyfiles $filePath = substr($item['path'], strlen('files_encryption/keys')); if ($this->view->is_dir($this->userFilesDir . '/' . $filePath)) { $this->removeRecoveryKeys($filePath . '/'); } else { $this->view->unlink($this->keysPath . '/' . $filePath . '/' . $this->recoveryKeyId . '.shareKey'); } } }
/** * encrypt file * * @param string $path * @return bool */ protected function encryptFile($path) { $source = $path; $target = $path . '.encrypted.' . time(); try { $this->rootView->copy($source, $target); $this->rootView->rename($target, $source); } catch (DecryptionFailedException $e) { if ($this->rootView->file_exists($target)) { $this->rootView->unlink($target); } return false; } return true; }
/** * Tests that filterShareReadyUsers() returns the correct list of * users that are ready or not ready for encryption */ public function testFilterShareReadyUsers() { $appConfig = \OC::$server->getAppConfig(); $publicShareKeyId = $appConfig->getValue('files_encryption', 'publicShareKeyId'); $recoveryKeyId = $appConfig->getValue('files_encryption', 'recoveryKeyId'); $usersToTest = array('readyUser', 'notReadyUser', 'nonExistingUser', $publicShareKeyId, $recoveryKeyId); self::loginHelper('readyUser', true); self::loginHelper('notReadyUser', true); // delete encryption dir to make it not ready $this->view->unlink('notReadyUser/files_encryption/'); // login as user1 self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1); $result = $this->util->filterShareReadyUsers($usersToTest); $this->assertEquals(array('readyUser', $publicShareKeyId, $recoveryKeyId), $result['ready']); $this->assertEquals(array('notReadyUser', 'nonExistingUser'), $result['unready']); \OC_User::deleteUser('readyUser'); }
/** * Delete should fail is the source file cant be deleted */ public function testSingleStorageDeleteFileFail() { /** * @var \OC\Files\Storage\Temporary | \PHPUnit_Framework_MockObject_MockObject $storage */ $storage = $this->getMockBuilder('\\OC\\Files\\Storage\\Temporary')->setConstructorArgs([[]])->setMethods(['rename', 'unlink'])->getMock(); $storage->expects($this->any())->method('unlink')->will($this->returnValue(false)); $cache = $storage->getCache(); Filesystem::mount($storage, [], '/' . $this->user . '/files'); $this->userView->file_put_contents('test.txt', 'foo'); $this->assertTrue($storage->file_exists('test.txt')); $this->assertFalse($this->userView->unlink('test.txt')); $this->assertTrue($storage->file_exists('test.txt')); $this->assertTrue($cache->inCache('test.txt')); // file should not be in the trashbin $results = $this->rootView->getDirectoryContent($this->user . '/files_trashbin/files/'); $this->assertEquals(0, count($results)); }
/** * test rename operation */ function doTestCopyHook($filename) { // check if keys exists $this->assertTrue($this->rootView->file_exists( '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' . $filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); $this->assertTrue($this->rootView->file_exists( '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' . $filename . '.key')); // make subfolder and sub-subfolder $this->rootView->mkdir('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder); $this->rootView->mkdir('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder . '/' . $this->folder); $this->assertTrue($this->rootView->is_dir('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder . '/' . $this->folder)); // copy the file to the sub-subfolder \OC\Files\Filesystem::copy($filename, '/' . $this->folder . '/' . $this->folder . '/' . $filename); $this->assertTrue($this->rootView->file_exists('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $filename)); $this->assertTrue($this->rootView->file_exists('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder . '/' . $this->folder . '/' . $filename)); // keys should be copied too $this->assertTrue($this->rootView->file_exists( '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' . $filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); $this->assertTrue($this->rootView->file_exists( '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' . $filename . '.key')); $this->assertTrue($this->rootView->file_exists( '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' . $this->folder . '/' . $this->folder . '/' . $filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); $this->assertTrue($this->rootView->file_exists( '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' . $this->folder . '/' . $this->folder . '/' . $filename . '.key')); // cleanup $this->rootView->unlink('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder); $this->rootView->unlink('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $filename); }
/** * test rename a shared file mount point */ function testRename() { // login as admin self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); // save file with content $cryptedFile = file_put_contents('crypt:///' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename, $this->dataShort); // test that data was successfully written $this->assertInternalType('int', $cryptedFile); // get the file info from previous created file $fileInfo = $this->view->getFileInfo('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename); // check if we have a valid file info $this->assertInstanceOf('\\OC\\Files\\FileInfo', $fileInfo); // share the file \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, self::TEST_ENCRYPTION_SHARE_USER2, \OCP\Constants::PERMISSION_ALL); // check if share key for user1 and user2 exists $this->assertTrue($this->view->file_exists('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); $this->assertTrue($this->view->file_exists('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); // login as user2 self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER2); $this->assertTrue($this->view->file_exists('/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->filename)); // get file contents $retrievedCryptedFile = $this->view->file_get_contents('/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->filename); // check if data is the same as we previously written $this->assertEquals($this->dataShort, $retrievedCryptedFile); \OC\Files\Filesystem::mkdir($this->folder1); // move the file to a subfolder \OC\Files\Filesystem::rename($this->filename, $this->folder1 . $this->filename); // check if we can read the moved file $retrievedRenamedFile = $this->view->file_get_contents('/' . self::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->folder1 . $this->filename); // check if data is the same as we previously written $this->assertEquals($this->dataShort, $retrievedRenamedFile); // check if share key for user2 and user1 still exists $this->assertTrue($this->view->file_exists('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); $this->assertTrue($this->view->file_exists('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->filename . '/' . self::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); // cleanup self::loginHelper(self::TEST_ENCRYPTION_SHARE_USER1); $this->view->unlink('/' . self::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename); }
/** {@inheritDoc} */ public function run(IOutput $out) { $rootView = new View(); $dataDirectory = $this->config->getSystemValue('datadirectory', null); if (is_null($dataDirectory)) { throw new \Exception('No data directory specified'); } $pathToRootCerts = '/files_external/rootcerts.crt'; foreach ($rootView->getDirectoryContent('', 'httpd/unix-directory') as $fileInfo) { $uid = trim($fileInfo->getPath(), '/'); if ($rootView->file_exists($uid . $pathToRootCerts)) { // Delete the existing root certificate $rootView->unlink($uid . $pathToRootCerts); /** * FIXME: The certificate manager does only allow specifying the user * within the constructor. This makes DI impossible. */ // Regenerate the certificates $certificateManager = $this->server->getCertificateManager($uid); $certificateManager->createCertificateBundle(); } } }
/** * @expectedException \OCP\Files\NotFoundException */ public function testDownloadShareWithDeletedFile() { $this->container['UserManager']->expects($this->once())->method('userExists')->with($this->user)->will($this->returnValue(true)); $view = new View('/' . $this->user . '/files'); $view->unlink('file1.txt'); $linkItem = Share::getShareByToken($this->token, false); \OC::$server->getSession()->set('public_link_authenticated', $linkItem['id']); $this->shareController->downloadShare($this->token); }
/** * @param \OC\Files\View $view */ private static function deleteEncryptionKeys($view, $file, $filename, $timestamp) { $size = 0; if (\OCP\App::isEnabled('files_encryption')) { $user = \OCP\User::getUser(); if ($view->is_dir('/files_trashbin/files/' . $file)) { $keyfile = \OC\Files\Filesystem::normalizePath('files_trashbin/keyfiles/' . $filename); $sharekeys = \OC\Files\Filesystem::normalizePath('files_trashbin/share-keys/' . $filename); } else { $keyfile = \OC\Files\Filesystem::normalizePath('files_trashbin/keyfiles/' . $filename . '.key'); $sharekeys = \OC\Files\Filesystem::normalizePath('files_trashbin/share-keys/' . $filename . '.' . $user . '.shareKey'); } if ($timestamp) { $keyfile .= '.d' . $timestamp; $sharekeys .= '.d' . $timestamp; } if ($view->file_exists($keyfile)) { if ($view->is_dir($keyfile)) { $size += self::calculateSize(new \OC\Files\View('/' . $user . '/' . $keyfile)); $size += self::calculateSize(new \OC\Files\View('/' . $user . '/' . $sharekeys)); } else { $size += $view->filesize($keyfile); $size += $view->filesize($sharekeys); } $view->unlink($keyfile); $view->unlink($sharekeys); } } return $size; }
/** * delete all share keys of a given file * @param \OC\Files\View $view * @param string $userId owner of the file * @param string $filePath path to the file, relative to the owners file dir */ public static function delAllShareKeys($view, $userId, $filePath) { $filePath = ltrim($filePath, '/'); if ($view->file_exists('/' . $userId . '/files/' . $filePath)) { \OCP\Util::writeLog('Encryption library', 'File still exists, stop deleting share keys!', \OCP\Util::ERROR); return false; } if ($filePath === '') { \OCP\Util::writeLog('Encryption library', 'Can\'t delete share-keys empty path given!', \OCP\Util::ERROR); return false; } $util = new util($view, $userId); if ($util->isSystemWideMountPoint($filePath)) { $baseDir = '/files_encryption/share-keys/'; } else { $baseDir = $userId . '/files_encryption/share-keys/'; } $result = true; if ($view->is_dir($baseDir . $filePath)) { \OCP\Util::writeLog('files_encryption', 'delAllShareKeys: delete share keys: ' . $baseDir . $filePath, \OCP\Util::DEBUG); $result = $view->unlink($baseDir . $filePath); } else { $parentDir = dirname($baseDir . $filePath); $filename = pathinfo($filePath, PATHINFO_BASENAME); foreach ($view->getDirectoryContent($parentDir) as $content) { $path = $content['path']; if (self::getFilenameFromShareKey($content['name']) === $filename) { \OCP\Util::writeLog('files_encryption', 'dellAllShareKeys: delete share keys: ' . '/' . $userId . '/' . $path, \OCP\Util::DEBUG); $result &= $view->unlink('/' . $userId . '/' . $path); } } } return (bool) $result; }
/** * @param \OC\Files\View $view * @param $file * @param $filename * @param $timestamp * @return int */ private static function deleteVersions(\OC\Files\View $view, $file, $filename, $timestamp, $user) { $size = 0; if (\OCP\App::isEnabled('files_versions')) { if ($view->is_dir('files_trashbin/versions/' . $file)) { $size += self::calculateSize(new \OC\Files\view('/' . $user . '/files_trashbin/versions/' . $file)); $view->unlink('files_trashbin/versions/' . $file); } else { if ($versions = self::getVersionsFromTrash($filename, $timestamp, $user)) { foreach ($versions as $v) { if ($timestamp) { $size += $view->filesize('/files_trashbin/versions/' . $filename . '.v' . $v . '.d' . $timestamp); $view->unlink('/files_trashbin/versions/' . $filename . '.v' . $v . '.d' . $timestamp); } else { $size += $view->filesize('/files_trashbin/versions/' . $filename . '.v' . $v); $view->unlink('/files_trashbin/versions/' . $filename . '.v' . $v); } } } } } return $size; }
/** * remove the users avatar * @return void */ public function remove() { $this->view->unlink('avatar.jpg'); $this->view->unlink('avatar.png'); }
/** * delete the version from the storage and cache * * @param View $view * @param string $path */ protected static function deleteVersion($view, $path) { $view->unlink($path); /** * @var \OC\Files\Storage\Storage $storage * @var string $internalPath */ list($storage, $internalPath) = $view->resolvePath($path); $cache = $storage->getCache($internalPath); $cache->remove($internalPath); }
public static function unlink($path) { return self::$defaultInstance->unlink($path); }
public function unlink($path) { $this->setup(); $path = substr($path, strlen('oc://')); return self::$rootView->unlink($path); }
/** * @inheritdoc */ public function deleteSystemUserKey($keyId, $encryptionModuleId) { $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null); return !$this->view->file_exists($path) || $this->view->unlink($path); }
/** * @return bool */ public function stream_close() { $this->flush(); // if there is no valid private key return false if ($this->privateKey === false) { // cleanup if ($this->meta['mode'] !== 'r' && $this->meta['mode'] !== 'rb' && !$this->isLocalTmpFile) { // Disable encryption proxy to prevent recursive calls $proxyStatus = \OC_FileProxy::$enabled; \OC_FileProxy::$enabled = false; if ($this->rootView->file_exists($this->rawPath) && $this->size === 0) { fclose($this->handle); $this->rootView->unlink($this->rawPath); } // Re-enable proxy - our work is done \OC_FileProxy::$enabled = $proxyStatus; } // if private key is not valid redirect user to a error page Helper::redirectToErrorPage($this->session); } if ($this->meta['mode'] !== 'r' && $this->meta['mode'] !== 'rb' && $this->isLocalTmpFile === false && $this->size > 0 && $this->unencryptedSize > 0) { // only write keyfiles if it was a new file if ($this->newFile === true) { // Disable encryption proxy to prevent recursive calls $proxyStatus = \OC_FileProxy::$enabled; \OC_FileProxy::$enabled = false; // Fetch user's public key $this->publicKey = Keymanager::getPublicKey($this->rootView, $this->keyId); // Check if OC sharing api is enabled $sharingEnabled = \OCP\Share::isEnabled(); // Get all users sharing the file includes current user $uniqueUserIds = $this->util->getSharingUsersArray($sharingEnabled, $this->relPath); $checkedUserIds = $this->util->filterShareReadyUsers($uniqueUserIds); // Fetch public keys for all sharing users $publicKeys = Keymanager::getPublicKeys($this->rootView, $checkedUserIds['ready']); // Encrypt enc key for all sharing users $this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys); // Save the new encrypted file key Keymanager::setFileKey($this->rootView, $this->util, $this->relPath, $this->encKeyfiles['data']); // Save the sharekeys Keymanager::setShareKeys($this->rootView, $this->util, $this->relPath, $this->encKeyfiles['keys']); // Re-enable proxy - our work is done \OC_FileProxy::$enabled = $proxyStatus; } // we need to update the file info for the real file, not for the // part file. $path = Helper::stripPartialFileExtension($this->rawPath); $fileInfo = array('mimetype' => $this->rootView->getMimeType($this->rawPath), 'encrypted' => true, 'unencrypted_size' => $this->unencryptedSize); // if we write a part file we also store the unencrypted size for // the part file so that it can be re-used later $this->rootView->putFileInfo($this->rawPath, $fileInfo); if ($path !== $this->rawPath) { $this->rootView->putFileInfo($path, $fileInfo); } } $result = fclose($this->handle); if ($result === false) { \OCP\Util::writeLog('Encryption library', 'Could not close stream, file could be corrupted', \OCP\Util::FATAL); } return $result; }
/** * delete all share keys of a given file * @param \OC\Files\View $view * @param string $userId owner of the file * @param string $filePath path to the file, relative to the owners file dir */ public static function delAllShareKeys($view, $userId, $filePath) { $filePath = ltrim($filePath, '/'); if ($view->file_exists('/' . $userId . '/files/' . $filePath)) { \OCP\Util::writeLog('Encryption library', 'File still exists, stop deleting share keys!', \OCP\Util::ERROR); return false; } if ($filePath === '') { \OCP\Util::writeLog('Encryption library', 'Can\'t delete share-keys empty path given!', \OCP\Util::ERROR); return false; } $util = new util($view, $userId); if ($util->isSystemWideMountPoint($filePath)) { $baseDir = '/files_encryption/share-keys/'; } else { $baseDir = $userId . '/files_encryption/share-keys/'; } $result = true; if ($view->is_dir($baseDir . $filePath)) { \OCP\Util::writeLog('files_encryption', 'delAllShareKeys: delete share keys: ' . $baseDir . $filePath, \OCP\Util::DEBUG); $result = $view->unlink($baseDir . $filePath); } else { $sharingEnabled = \OCP\Share::isEnabled(); $users = $util->getSharingUsersArray($sharingEnabled, $filePath); foreach ($users as $user) { $keyName = $baseDir . $filePath . '.' . $user . '.shareKey'; if ($view->file_exists($keyName)) { \OCP\Util::writeLog('files_encryption', 'dellAllShareKeys: delete share keys: "' . $keyName . '"', \OCP\Util::DEBUG); $result &= $view->unlink($keyName); } } } return (bool) $result; }
/** * delete key * * @param \OC\Files\View $view * @param string $path * @return boolean */ private static function deleteKey($view, $path) { $normalizedPath = \OC\Files\Filesystem::normalizePath($path); $result = $view->unlink($normalizedPath); if ($result) { unset(self::$key_cache[$normalizedPath]); return true; } return false; }