/** * update encrypted file, e.g. give additional users access to the file * * @param string $path path to the file which should be updated * @param string $uid of the user who performs the operation * @param array $accessList who has access to the file contains the key 'users' and 'public' * @return boolean */ public function update($path, $uid, array $accessList) { if (empty($accessList)) { if (isset(self::$rememberVersion[$path])) { $this->keyManager->setVersion($path, self::$rememberVersion[$path], new View()); unset(self::$rememberVersion[$path]); } return; } $fileKey = $this->keyManager->getFileKey($path, $uid); if (!empty($fileKey)) { $publicKeys = array(); if ($this->useMasterPassword === true) { $publicKeys[$this->keyManager->getMasterKeyId()] = $this->keyManager->getPublicMasterKey(); } else { foreach ($accessList['users'] as $user) { try { $publicKeys[$user] = $this->keyManager->getPublicKey($user); } catch (PublicKeyMissingException $e) { $this->logger->warning('Could not encrypt file for ' . $user . ': ' . $e->getMessage()); } } } $publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys, $uid); $encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys); $this->keyManager->deleteAllFileKeys($path); $this->keyManager->setAllFileKeys($path, $encryptedFileKey); } else { $this->logger->debug('no file key found, we assume that the file "{file}" is not encrypted', array('file' => $path, 'app' => 'encryption')); return false; } return true; }
/** * get the private key which will be used to decrypt all files * * @param string $user * @param string $password * @return bool|string * @throws \OCA\Encryption\Exceptions\PrivateKeyMissingException */ protected function getPrivateKey($user, $password) { $recoveryKeyId = $this->keyManager->getRecoveryKeyId(); $masterKeyId = $this->keyManager->getMasterKeyId(); if ($user === $recoveryKeyId) { $recoveryKey = $this->keyManager->getSystemPrivateKey($recoveryKeyId); $privateKey = $this->crypt->decryptPrivateKey($recoveryKey, $password); } elseif ($user === $masterKeyId) { $masterKey = $this->keyManager->getSystemPrivateKey($masterKeyId); $privateKey = $this->crypt->decryptPrivateKey($masterKey, $password, $masterKeyId); } else { $userKey = $this->keyManager->getPrivateKey($user); $privateKey = $this->crypt->decryptPrivateKey($userKey, $password, $user); } return $privateKey; }
/** * update encrypted file, e.g. give additional users access to the file * * @param string $path path to the file which should be updated * @param string $uid of the user who performs the operation * @param array $accessList who has access to the file contains the key 'users' and 'public' * @return boolean */ public function update($path, $uid, array $accessList) { $fileKey = $this->keyManager->getFileKey($path, $uid); if (!empty($fileKey)) { $publicKeys = array(); if ($this->useMasterPassword === true) { $publicKeys[$this->keyManager->getMasterKeyId()] = $this->keyManager->getPublicMasterKey(); } else { foreach ($accessList['users'] as $user) { $publicKeys[$user] = $this->keyManager->getPublicKey($user); } } $publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys, $uid); $encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys); $this->keyManager->deleteAllFileKeys($path); $this->keyManager->setAllFileKeys($path, $encryptedFileKey); } else { $this->logger->debug('no file key found, we assume that the file "{file}" is not encrypted', array('file' => $path, 'app' => 'encryption')); return false; } return true; }
public function testGetMasterKeyId() { $this->assertSame('systemKeyId', $this->instance->getMasterKeyId()); }