예제 #1
0
파일: crypt.php 프로젝트: noci2012/owncloud
 public static function init($login, $password)
 {
     $view = new OC_FilesystemView('/');
     if (!$view->file_exists('/' . $login)) {
         $view->mkdir('/' . $login);
     }
     OC_FileProxy::$enabled = false;
     if (!$view->file_exists('/' . $login . '/encryption.key')) {
         // does key exist?
         OC_Crypt::createkey($login, $password);
     }
     $key = $view->file_get_contents('/' . $login . '/encryption.key');
     OC_FileProxy::$enabled = true;
     $_SESSION['enckey'] = OC_Crypt::decrypt($key, $password);
 }
예제 #2
0
 /**
  * @medium
  */
 function testRecursiveDelShareKeys()
 {
     // generate filename
     $filename = '/tmp-' . time() . '.txt';
     // create folder structure
     $this->view->mkdir('/' . Test_Encryption_Keymanager::TEST_USER . '/files/folder1');
     $this->view->mkdir('/' . Test_Encryption_Keymanager::TEST_USER . '/files/folder1/subfolder');
     $this->view->mkdir('/' . Test_Encryption_Keymanager::TEST_USER . '/files/folder1/subfolder/subsubfolder');
     // enable encryption proxy
     $proxyStatus = \OC_FileProxy::$enabled;
     \OC_FileProxy::$enabled = true;
     // save file with content
     $cryptedFile = file_put_contents('crypt:///' . Test_Encryption_Keymanager::TEST_USER . '/files/folder1/subfolder/subsubfolder' . $filename, $this->dataShort);
     // test that data was successfully written
     $this->assertTrue(is_int($cryptedFile));
     // change encryption proxy to previous state
     \OC_FileProxy::$enabled = $proxyStatus;
     // recursive delete keys
     Encryption\Keymanager::delShareKey($this->view, array('admin'), '/folder1/');
     // check if share key not exists
     $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys/folder1/subfolder/subsubfolder/' . $filename . '.admin.shareKey'));
     // enable encryption proxy
     $proxyStatus = \OC_FileProxy::$enabled;
     \OC_FileProxy::$enabled = true;
     // cleanup
     $this->view->unlink('/admin/files/folder1');
     // change encryption proxy to previous state
     \OC_FileProxy::$enabled = $proxyStatus;
 }
예제 #3
0
 /**
  * @brief test moving a shared file out of the Shared folder
  */
 function testRename()
 {
     // login as admin
     \Test_Encryption_Util::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1);
     // save file with content
     $cryptedFile = file_put_contents('crypt:///' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename, $this->dataShort);
     // test that data was successfully written
     $this->assertTrue(is_int($cryptedFile));
     // get the file info from previous created file
     $fileInfo = $this->view->getFileInfo('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename);
     // check if we have a valid file info
     $this->assertTrue(is_array($fileInfo));
     // share the file
     \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2, OCP\PERMISSION_ALL);
     // check if share key for user2exists
     $this->assertTrue($this->view->file_exists('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
     // login as user2
     \Test_Encryption_Util::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2);
     $this->assertTrue($this->view->file_exists('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files/Shared/' . $this->filename));
     // get file contents
     $retrievedCryptedFile = $this->view->file_get_contents('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files/Shared/' . $this->filename);
     // check if data is the same as we previously written
     $this->assertEquals($this->dataShort, $retrievedCryptedFile);
     // move the file out of the shared folder
     $this->view->rename('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files/Shared/' . $this->filename, '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->filename);
     // check if we can read the moved file
     $retrievedRenamedFile = $this->view->file_get_contents('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->filename);
     // check if data is the same as we previously written
     $this->assertEquals($this->dataShort, $retrievedRenamedFile);
     // the owners file should be deleted
     $this->assertFalse($this->view->file_exists('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename));
     // cleanup
     $this->view->unlink('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files/' . $this->filename);
 }
예제 #4
0
 /**
  * store a new version of a file.
  */
 public function store($filename)
 {
     if (\OCP\Config::getSystemValue('files_versions', Storage::DEFAULTENABLED) == 'true') {
         list($uid, $filename) = self::getUidAndFilename($filename);
         $files_view = new \OC_FilesystemView('/' . $uid . '/files');
         $users_view = new \OC_FilesystemView('/' . $uid);
         //check if source file already exist as version to avoid recursions.
         // todo does this check work?
         if ($users_view->file_exists($filename)) {
             return false;
         }
         // check if filename is a directory
         if ($files_view->is_dir($filename)) {
             return false;
         }
         // check filetype blacklist
         $blacklist = explode(' ', \OCP\Config::getSystemValue('files_versionsblacklist', Storage::DEFAULTBLACKLIST));
         foreach ($blacklist as $bl) {
             $parts = explode('.', $filename);
             $ext = end($parts);
             if (strtolower($ext) == $bl) {
                 return false;
             }
         }
         // we should have a source file to work with
         if (!$files_view->file_exists($filename)) {
             return false;
         }
         // check filesize
         if ($files_view->filesize($filename) > \OCP\Config::getSystemValue('files_versionsmaxfilesize', Storage::DEFAULTMAXFILESIZE)) {
             return false;
         }
         // check mininterval if the file is being modified by the owner (all shared files should be versioned despite mininterval)
         if ($uid == \OCP\User::getUser()) {
             $versions_fileview = new \OC_FilesystemView('/' . $uid . '/files_versions');
             $versionsName = \OCP\Config::getSystemValue('datadirectory') . $versions_fileview->getAbsolutePath($filename);
             $versionsFolderName = \OCP\Config::getSystemValue('datadirectory') . $versions_fileview->getAbsolutePath('');
             $matches = glob($versionsName . '.v*');
             sort($matches);
             $parts = explode('.v', end($matches));
             if (end($parts) + Storage::DEFAULTMININTERVAL > time()) {
                 return false;
             }
         }
         // create all parent folders
         $info = pathinfo($filename);
         if (!file_exists($versionsFolderName . '/' . $info['dirname'])) {
             mkdir($versionsFolderName . '/' . $info['dirname'], 0750, true);
         }
         // store a new version of a file
         $users_view->copy('files' . $filename, 'files_versions' . $filename . '.v' . time());
         // expire old revisions if necessary
         Storage::expire($filename);
     }
 }
예제 #5
0
 /**
  * @brief test webdav delete random file
  * @depends testWebdavGET
  */
 function testWebdavDELETE($filename)
 {
     // set server vars
     $_SERVER['REQUEST_METHOD'] = 'DELETE';
     $_SERVER['REQUEST_URI'] = '/remote.php/webdav' . $filename;
     $_SERVER['HTTP_AUTHORIZATION'] = 'Basic dGVzdC13ZWJkYXYtdXNlcjE6dGVzdC13ZWJkYXYtdXNlcjE=';
     $_SERVER['PATH_INFO'] = '/webdav' . $filename;
     // handle webdav request
     $content = $this->handleWebdavRequest();
     // check if file was removed
     $this->assertFalse($this->view->file_exists('/' . $this->userId . '/files' . $filename));
     // check if key-file was removed
     $this->assertFalse($this->view->file_exists('/' . $this->userId . '/files_encryption/keyfiles' . $filename . '.key'));
     // check if shareKey-file was removed
     $this->assertFalse($this->view->file_exists('/' . $this->userId . '/files_encryption/share-keys' . $filename . '.' . $this->userId . '.shareKey'));
 }
예제 #6
0
 /**
  * @medium
  */
 function testFailShareFile()
 {
     // login as admin
     \Test_Encryption_Util::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1);
     // save file with content
     $cryptedFile = file_put_contents('crypt:///' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename, $this->dataShort);
     // test that data was successfully written
     $this->assertTrue(is_int($cryptedFile));
     // disable encryption proxy to prevent recursive calls
     $proxyStatus = \OC_FileProxy::$enabled;
     \OC_FileProxy::$enabled = false;
     // get the file info from previous created file
     $fileInfo = $this->view->getFileInfo('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename);
     // check if we have a valid file info
     $this->assertTrue(is_array($fileInfo));
     // check if the unencrypted file size is stored
     $this->assertGreaterThan(0, $fileInfo['unencrypted_size']);
     // break users public key
     $this->view->rename('/public-keys/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.public.key', '/public-keys/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.public.key_backup');
     // re-enable the file proxy
     \OC_FileProxy::$enabled = $proxyStatus;
     // share the file
     try {
         \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_GROUP1, OCP\PERMISSION_ALL);
     } catch (Exception $e) {
         $this->assertEquals(0, strpos($e->getMessage(), "Following users are not set up for encryption"));
     }
     // login as admin
     \Test_Encryption_Util::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1);
     // check if share key for user1 not exists
     $this->assertFalse($this->view->file_exists('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
     // disable encryption proxy to prevent recursive calls
     $proxyStatus = \OC_FileProxy::$enabled;
     \OC_FileProxy::$enabled = false;
     // break user1 public key
     $this->view->rename('/public-keys/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.public.key_backup', '/public-keys/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.public.key');
     // remove share file
     $this->view->unlink('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey');
     // re-enable the file proxy
     \OC_FileProxy::$enabled = $proxyStatus;
     // unshare the file with user1
     \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_GROUP1);
     // check if share key not exists
     $this->assertFalse($this->view->file_exists('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
     // cleanup
     $this->view->unlink('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/' . $this->filename);
 }
예제 #7
0
파일: file.php 프로젝트: noci2012/owncloud
 protected function getStorage()
 {
     if (isset($this->storage)) {
         return $this->storage;
     }
     if (OC_User::isLoggedIn()) {
         $subdir = 'cache';
         $view = new OC_FilesystemView('/' . OC_User::getUser());
         if (!$view->file_exists($subdir)) {
             $view->mkdir($subdir);
         }
         $this->storage = new OC_FilesystemView('/' . OC_User::getUser() . '/' . $subdir);
         return $this->storage;
     } else {
         OC_Log::write('core', 'Can\'t get cache storage, user not logged in', OC_Log::ERROR);
         return false;
     }
 }
예제 #8
0
 /**
  * @medium
  * @brief test delete file forever
  */
 function testPermanentDeleteFile()
 {
     // generate filename
     $filename = 'tmp-' . time() . '.txt';
     // save file with content
     $cryptedFile = file_put_contents('crypt:///' . $this->userId . '/files/' . $filename, $this->dataShort);
     // test that data was successfully written
     $this->assertTrue(is_int($cryptedFile));
     // check if key for admin exists
     $this->assertTrue($this->view->file_exists('/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/' . $filename . '.key'));
     // check if share key for admin exists
     $this->assertTrue($this->view->file_exists('/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/' . $filename . '.' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
     // delete file
     \OC\FIles\Filesystem::unlink($filename);
     // check if file not exists
     $this->assertFalse($this->view->file_exists('/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files/' . $filename));
     // check if key for admin not exists
     $this->assertFalse($this->view->file_exists('/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/' . $filename . '.key'));
     // check if share key for admin not exists
     $this->assertFalse($this->view->file_exists('/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/' . $filename . '.' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
     // find created file with timestamp
     $query = \OC_DB::prepare('SELECT `timestamp`,`type` FROM `*PREFIX*files_trash`' . ' WHERE `id`=?');
     $result = $query->execute(array($filename))->fetchRow();
     $this->assertTrue(is_array($result));
     // build suffix
     $trashFileSuffix = 'd' . $result['timestamp'];
     // check if key for admin exists
     $this->assertTrue($this->view->file_exists('/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keyfiles/' . $filename . '.key.' . $trashFileSuffix));
     // check if share key for admin exists
     $this->assertTrue($this->view->file_exists('/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/share-keys/' . $filename . '.' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey.' . $trashFileSuffix));
     // get timestamp from file
     $timestamp = str_replace('d', '', $trashFileSuffix);
     // delete file forever
     $this->assertGreaterThan(0, \OCA\Files_Trashbin\Trashbin::delete($filename, $timestamp));
     // check if key for admin not exists
     $this->assertFalse($this->view->file_exists('/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/files/' . $filename . '.' . $trashFileSuffix));
     // check if key for admin not exists
     $this->assertFalse($this->view->file_exists('/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keyfiles/' . $filename . '.key.' . $trashFileSuffix));
     // check if share key for admin not exists
     $this->assertFalse($this->view->file_exists('/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/share-keys/' . $filename . '.' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey.' . $trashFileSuffix));
 }
예제 #9
0
 /**
  * delete non existing files from the cache
  */
 public static function cleanFolder($path, $root = false)
 {
     if ($root === false) {
         $view = OC_Filesystem::getView();
     } else {
         $view = new OC_FilesystemView($root);
     }
     $cachedContent = OC_FileCache_Cached::getFolderContent($path, $root);
     foreach ($cachedContent as $fileData) {
         $path = $fileData['path'];
         $file = $view->getRelativePath($path);
         if (!$view->file_exists($file)) {
             if ($root === false) {
                 //filesystem hooks are only valid for the default root
                 OC_Hook::emit('OC_Filesystem', 'post_delete', array('path' => $file));
             } else {
                 self::delete($file, $root);
             }
         }
     }
 }
예제 #10
0
파일: util.php 프로젝트: hjimmy/owncloud
 /**
  * test if all keys get moved to the backup folder correctly
  */
 function testBackupAllKeys()
 {
     self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1);
     // create some dummy key files
     $encPath = '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '/files_encryption';
     $this->view->file_put_contents($encPath . '/keyfiles/foo.key', 'key');
     $this->view->file_put_contents($encPath . '/share-keys/foo.user1.shareKey', 'share key');
     $this->view->mkdir($encPath . '/keyfiles/subfolder/');
     $this->view->mkdir($encPath . '/share-keys/subfolder/');
     $this->view->file_put_contents($encPath . '/keyfiles/subfolder/foo.key', 'key');
     $this->view->file_put_contents($encPath . '/share-keys/subfolder/foo.user1.shareKey', 'share key');
     $util = new \OCA\Encryption\Util($this->view, self::TEST_ENCRYPTION_UTIL_USER1);
     $util->backupAllKeys('testing');
     $encFolderContent = $this->view->getDirectoryContent($encPath);
     $backupPath = '';
     foreach ($encFolderContent as $c) {
         $name = $c['name'];
         if (substr($name, 0, strlen('backup')) === 'backup') {
             $backupPath = $encPath . '/' . $c['name'];
             break;
         }
     }
     $this->assertTrue($backupPath !== '');
     // check backupDir Content
     $this->assertTrue($this->view->is_dir($backupPath . '/keyfiles'));
     $this->assertTrue($this->view->is_dir($backupPath . '/share-keys'));
     $this->assertTrue($this->view->file_exists($backupPath . '/keyfiles/foo.key'));
     $this->assertTrue($this->view->file_exists($backupPath . '/share-keys/foo.user1.shareKey'));
     $this->assertTrue($this->view->file_exists($backupPath . '/keyfiles/subfolder/foo.key'));
     $this->assertTrue($this->view->file_exists($backupPath . '/share-keys/subfolder/foo.user1.shareKey'));
     $this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.private.key'));
     $this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.public.key'));
     //cleanup
     $this->view->deleteAll($backupPath);
     $this->view->unlink($encPath . '/keyfiles/foo.key', 'key');
     $this->view->unlink($encPath . '/share-keys/foo.user1.shareKey', 'share key');
 }
예제 #11
0
 function testDelAllShareKeysFile()
 {
     $this->view->mkdir('/' . Test_Encryption_Keymanager::TEST_USER . '/files/folder1');
     $this->view->file_put_contents('/' . Test_Encryption_Keymanager::TEST_USER . '/files/folder1/existingFile.txt', 'data');
     // create folder structure for some dummy share key files
     $this->view->mkdir('/' . Test_Encryption_Keymanager::TEST_USER . '/files_encryption/share-keys/folder1');
     // create some dummy share keys for the existing file
     $this->view->file_put_contents('/' . Test_Encryption_Keymanager::TEST_USER . '/files_encryption/share-keys/folder1/existingFile.txt.user1.shareKey', 'data');
     $this->view->file_put_contents('/' . Test_Encryption_Keymanager::TEST_USER . '/files_encryption/share-keys/folder1/existingFile.txt.user2.shareKey', 'data');
     $this->view->file_put_contents('/' . Test_Encryption_Keymanager::TEST_USER . '/files_encryption/share-keys/folder1/existingFile.txt.user3.shareKey', 'data');
     $this->view->file_put_contents('/' . Test_Encryption_Keymanager::TEST_USER . '/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data');
     // create some dummy share keys for a non-existing file
     $this->view->file_put_contents('/' . Test_Encryption_Keymanager::TEST_USER . '/files_encryption/share-keys/folder1/nonexistingFile.txt.user1.shareKey', 'data');
     $this->view->file_put_contents('/' . Test_Encryption_Keymanager::TEST_USER . '/files_encryption/share-keys/folder1/nonexistingFile.txt.user2.shareKey', 'data');
     $this->view->file_put_contents('/' . Test_Encryption_Keymanager::TEST_USER . '/files_encryption/share-keys/folder1/nonexistingFile.txt.user3.shareKey', 'data');
     $this->view->file_put_contents('/' . Test_Encryption_Keymanager::TEST_USER . '/files_encryption/share-keys/folder1/nonexistingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data');
     // try to del all share keys from a existing file, should fail because the file still exists
     $result = Encryption\Keymanager::delAllShareKeys($this->view, Test_Encryption_Keymanager::TEST_USER, 'folder1/existingFile.txt');
     $this->assertFalse($result);
     // check if share keys still exists
     $this->assertTrue($this->view->file_exists('/' . Test_Encryption_Keymanager::TEST_USER . '/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey'));
     $this->assertTrue($this->view->file_exists('/' . Test_Encryption_Keymanager::TEST_USER . '/files_encryption/share-keys/folder1/existingFile.txt.user1.shareKey'));
     $this->assertTrue($this->view->file_exists('/' . Test_Encryption_Keymanager::TEST_USER . '/files_encryption/share-keys/folder1/existingFile.txt.user2.shareKey'));
     $this->assertTrue($this->view->file_exists('/' . Test_Encryption_Keymanager::TEST_USER . '/files_encryption/share-keys/folder1/existingFile.txt.user3.shareKey'));
     // try to del all share keys from file, should succeed because the does not exist any more
     $result2 = Encryption\Keymanager::delAllShareKeys($this->view, Test_Encryption_Keymanager::TEST_USER, 'folder1/nonexistingFile.txt');
     $this->assertTrue($result2);
     // check if share keys are really gone
     $this->assertFalse($this->view->file_exists('/' . Test_Encryption_Keymanager::TEST_USER . '/files_encryption/share-keys/folder1/nonexistingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey'));
     // check that it only deleted keys or users who had access, others remain
     $this->assertTrue($this->view->file_exists('/' . Test_Encryption_Keymanager::TEST_USER . '/files_encryption/share-keys/folder1/nonexistingFile.txt.user1.shareKey'));
     $this->assertTrue($this->view->file_exists('/' . Test_Encryption_Keymanager::TEST_USER . '/files_encryption/share-keys/folder1/nonexistingFile.txt.user2.shareKey'));
     $this->assertTrue($this->view->file_exists('/' . Test_Encryption_Keymanager::TEST_USER . '/files_encryption/share-keys/folder1/nonexistingFile.txt.user3.shareKey'));
     // cleanup
     $this->view->deleteAll('/' . Test_Encryption_Keymanager::TEST_USER . '/files/folder1');
 }
예제 #12
0
파일: app.php 프로젝트: CDN-Sparks/owncloud
    OCA\Encryption\Helper::registerAppHooks();
    stream_wrapper_register('crypt', 'OCA\\Encryption\\Stream');
    // check if we are logged in
    if (OCP\User::isLoggedIn()) {
        // ensure filesystem is loaded
        if (!\OC\Files\Filesystem::$loaded) {
            \OC_Util::setupFS();
        }
        $view = new OC_FilesystemView('/');
        $sessionReady = OCA\Encryption\Helper::checkRequirements();
        if ($sessionReady) {
            $session = new \OCA\Encryption\Session($view);
        }
        $user = \OCP\USER::getUser();
        // check if user has a private key
        if ($sessionReady === false || !$view->file_exists('/' . $user . '/files_encryption/' . $user . '.private.key') && OCA\Encryption\Crypt::mode() === 'server') {
            // Force the user to log-in again if the encryption key isn't unlocked
            // (happens when a user is logged in before the encryption app is
            // enabled)
            OCP\User::logout();
            header("Location: " . OC::$WEBROOT . '/');
            exit;
        }
    }
} else {
    // logout user if we are in maintenance to force re-login
    OCP\User::logout();
}
// Register settings scripts
OCP\App::registerAdmin('files_encryption', 'settings-admin');
OCP\App::registerPersonal('files_encryption', 'settings-personal');
예제 #13
0
<?php

OCP\JSON::checkAppEnabled('files_external');
if (!($filename = $_FILES['rootcert_import']['name'])) {
    header("Location: settings/personal.php");
    exit;
}
$fh = fopen($_FILES['rootcert_import']['tmp_name'], 'r');
$data = fread($fh, filesize($_FILES['rootcert_import']['tmp_name']));
fclose($fh);
$filename = $_FILES['rootcert_import']['name'];
$view = new \OC_FilesystemView('/' . \OCP\User::getUser() . '/files_external/uploads');
if (!$view->file_exists('')) {
    $view->mkdir('');
}
$isValid = openssl_pkey_get_public($data);
//maybe it was just the wrong file format, try to convert it...
if ($isValid == false) {
    $data = chunk_split(base64_encode($data), 64, "\n");
    $data = "-----BEGIN CERTIFICATE-----\n" . $data . "-----END CERTIFICATE-----\n";
    $isValid = openssl_pkey_get_public($data);
}
// add the certificate if it could be verified
if ($isValid) {
    $view->file_put_contents($filename, $data);
    OC_Mount_Config::createCertificateBundle();
} else {
    OCP\Util::writeLog("files_external", "Couldn't import SSL root certificate ({$filename}), allowed formats: PEM and DER", OCP\Util::WARN);
}
header("Location: settings/personal.php");
exit;
예제 #14
0
 /**
  * @brief Make preparations to vars and filesystem for saving a keyfile
  */
 public static function keySetPreparation(\OC_FilesystemView $view, $path, $basePath, $userId)
 {
     $targetPath = ltrim($path, '/');
     $path_parts = pathinfo($targetPath);
     // If the file resides within a subdirectory, create it
     if (isset($path_parts['dirname']) && !$view->file_exists($basePath . '/' . $path_parts['dirname'])) {
         $sub_dirs = explode(DIRECTORY_SEPARATOR, $basePath . '/' . $path_parts['dirname']);
         $dir = '';
         foreach ($sub_dirs as $sub_dir) {
             $dir .= '/' . $sub_dir;
             if (!$view->is_dir($dir)) {
                 $view->mkdir($dir);
             }
         }
     }
     return $targetPath;
 }
예제 #15
0
파일: app.php 프로젝트: ryanshoover/core
 /**
  * @param string $appid
  * @return OC_FilesystemView
  */
 public static function getStorage($appid)
 {
     if (OC_App::isEnabled($appid)) {
         //sanity check
         if (OC_User::isLoggedIn()) {
             $view = new OC_FilesystemView('/' . OC_User::getUser());
             if (!$view->file_exists($appid)) {
                 $view->mkdir($appid);
             }
             return new OC_FilesystemView('/' . OC_User::getUser() . '/' . $appid);
         } else {
             OC_Log::write('core', 'Can\'t get app storage, app, user not logged in', OC_Log::ERROR);
             return false;
         }
     } else {
         OC_Log::write('core', 'Can\'t get app storage, app ' . $appid . ' not enabled', OC_Log::ERROR);
         return false;
     }
 }
예제 #16
0
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library.  If not, see <http://www.gnu.org/licenses/>.
*
*/
// Check if we are a user
OCP\User::checkLoggedIn();
$filename = $_GET["file"];
$view = new OC_FilesystemView('/' . \OCP\User::getUser() . '/files_trashbin/files');
if (!$view->file_exists($filename)) {
    header("HTTP/1.0 404 Not Found");
    $tmpl = new OCP\Template('', '404', 'guest');
    $tmpl->assign('file', $filename);
    $tmpl->printPage();
    exit;
}
$ftype = $view->getMimeType($filename);
header('Content-Type:' . $ftype);
if (preg_match("/MSIE/", $_SERVER["HTTP_USER_AGENT"])) {
    header('Content-Disposition: attachment; filename="' . rawurlencode(basename($filename)) . '"');
} else {
    header('Content-Disposition: attachment; filename*=UTF-8\'\'' . rawurlencode(basename($filename)) . '; filename="' . rawurlencode(basename($filename)) . '"');
}
OCP\Response::disableCaching();
header('Content-Length: ' . $view->filesize($filename));
예제 #17
0
 /**
  * delete non existing files from the cache
  */
 private static function cleanFolder($path, $root = '')
 {
     if (!$root) {
         $view = OC_Filesystem::getView();
     } else {
         $view = new OC_FilesystemView($root == '/' ? '' : $root);
     }
     //check for removed files, not using getFolderContent to prevent loops
     $parent = self::getFileId($view->getRoot() . $path);
     $query = OC_DB::prepare('SELECT name FROM *PREFIX*fscache WHERE parent=?');
     $result = $query->execute(array($parent));
     while ($row = $result->fetchRow()) {
         $file = $path . '/' . $row['name'];
         if (!$view->file_exists($file)) {
             if (!$root) {
                 //filesystem hooks are only valid for the default root
                 OC_Hook::emit('OC_Filesystem', 'post_delete', array('path' => $file));
             } else {
                 self::fileSystemWatcherDelete(array('path' => $file), $root);
             }
         }
     }
 }
예제 #18
0
파일: hooks.php 프로젝트: hjimmy/owncloud
 /**
  * @brief Change a user's encryption passphrase
  * @param array $params keys: uid, password
  */
 public static function setPassphrase($params)
 {
     if (\OCP\App::isEnabled('files_encryption') === false) {
         return true;
     }
     // Only attempt to change passphrase if server-side encryption
     // is in use (client-side encryption does not have access to
     // the necessary keys)
     if (Crypt::mode() === 'server') {
         $view = new \OC_FilesystemView('/');
         $session = new \OCA\Encryption\Session($view);
         // Get existing decrypted private key
         $privateKey = $session->getPrivateKey();
         if ($params['uid'] === \OCP\User::getUser() && $privateKey) {
             // Encrypt private key with new user pwd as passphrase
             $encryptedPrivateKey = Crypt::symmetricEncryptFileContent($privateKey, $params['password']);
             // Save private key
             if ($encryptedPrivateKey) {
                 Keymanager::setPrivateKey($encryptedPrivateKey);
             } else {
                 \OCP\Util::writeLog('files_encryption', 'Could not update users encryption password', \OCP\Util::ERROR);
             }
             // NOTE: Session does not need to be updated as the
             // private key has not changed, only the passphrase
             // used to decrypt it has changed
         } else {
             // admin changed the password for a different user, create new keys and reencrypt file keys
             $user = $params['uid'];
             $util = new Util($view, $user);
             $recoveryPassword = isset($params['recoveryPassword']) ? $params['recoveryPassword'] : null;
             // we generate new keys if...
             // ...we have a recovery password and the user enabled the recovery key
             // ...encryption was activated for the first time (no keys exists)
             // ...the user doesn't have any files
             if ($util->recoveryEnabledForUser() && $recoveryPassword || !$util->userKeysExists() || !$view->file_exists($user . '/files')) {
                 // backup old keys
                 $util->backupAllKeys('recovery');
                 $newUserPassword = $params['password'];
                 // make sure that the users home is mounted
                 \OC\Files\Filesystem::initMountPoints($user);
                 $keypair = Crypt::createKeypair();
                 // Disable encryption proxy to prevent recursive calls
                 $proxyStatus = \OC_FileProxy::$enabled;
                 \OC_FileProxy::$enabled = false;
                 // Save public key
                 $view->file_put_contents('/public-keys/' . $user . '.public.key', $keypair['publicKey']);
                 // Encrypt private key empty passphrase
                 $encryptedPrivateKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], $newUserPassword);
                 // Save private key
                 $view->file_put_contents('/' . $user . '/files_encryption/' . $user . '.private.key', $encryptedPrivateKey);
                 if ($recoveryPassword) {
                     // if recovery key is set we can re-encrypt the key files
                     $util = new Util($view, $user);
                     $util->recoverUsersFiles($recoveryPassword);
                 }
                 \OC_FileProxy::$enabled = $proxyStatus;
             }
         }
     }
 }
예제 #19
0
 /**
  * @brief after a file is renamed, rename its keyfile and share-keys also fix the file size and fix also the sharing
  * @param array with oldpath and newpath
  *
  * This function is connected to the rename signal of OC_Filesystem and adjust the name and location
  * of the stored versions along the actual file
  */
 public static function postRename($params)
 {
     if (\OCP\App::isEnabled('files_encryption') === false) {
         return true;
     }
     // Disable encryption proxy to prevent recursive calls
     $proxyStatus = \OC_FileProxy::$enabled;
     \OC_FileProxy::$enabled = false;
     $view = new \OC_FilesystemView('/');
     $session = new \OCA\Encryption\Session($view);
     $userId = \OCP\User::getUser();
     $util = new Util($view, $userId);
     // Format paths to be relative to user files dir
     if ($util->isSystemWideMountPoint($params['oldpath'])) {
         $baseDir = 'files_encryption/';
         $oldKeyfilePath = $baseDir . 'keyfiles/' . $params['oldpath'];
     } else {
         $baseDir = $userId . '/' . 'files_encryption/';
         $oldKeyfilePath = $baseDir . 'keyfiles/' . $params['oldpath'];
     }
     if ($util->isSystemWideMountPoint($params['newpath'])) {
         $newKeyfilePath = $baseDir . 'keyfiles/' . $params['newpath'];
     } else {
         $newKeyfilePath = $baseDir . 'keyfiles/' . $params['newpath'];
     }
     // add key ext if this is not an folder
     if (!$view->is_dir($oldKeyfilePath)) {
         $oldKeyfilePath .= '.key';
         $newKeyfilePath .= '.key';
         // handle share-keys
         $localKeyPath = $view->getLocalFile($baseDir . 'share-keys/' . $params['oldpath']);
         $escapedPath = Helper::escapeGlobPattern($localKeyPath);
         $matches = glob($escapedPath . '*.shareKey');
         foreach ($matches as $src) {
             $dst = \OC\Files\Filesystem::normalizePath(str_replace($params['oldpath'], $params['newpath'], $src));
             // create destination folder if not exists
             if (!file_exists(dirname($dst))) {
                 mkdir(dirname($dst), 0750, true);
             }
             rename($src, $dst);
         }
     } else {
         // handle share-keys folders
         $oldShareKeyfilePath = $baseDir . 'share-keys/' . $params['oldpath'];
         $newShareKeyfilePath = $baseDir . 'share-keys/' . $params['newpath'];
         // create destination folder if not exists
         if (!$view->file_exists(dirname($newShareKeyfilePath))) {
             $view->mkdir(dirname($newShareKeyfilePath), 0750, true);
         }
         $view->rename($oldShareKeyfilePath, $newShareKeyfilePath);
     }
     // Rename keyfile so it isn't orphaned
     if ($view->file_exists($oldKeyfilePath)) {
         // create destination folder if not exists
         if (!$view->file_exists(dirname($newKeyfilePath))) {
             $view->mkdir(dirname($newKeyfilePath), 0750, true);
         }
         $view->rename($oldKeyfilePath, $newKeyfilePath);
     }
     // build the path to the file
     $newPath = '/' . $userId . '/files' . $params['newpath'];
     $newPathRelative = $params['newpath'];
     if ($util->fixFileSize($newPath)) {
         // get sharing app state
         $sharingEnabled = \OCP\Share::isEnabled();
         // get users
         $usersSharing = $util->getSharingUsersArray($sharingEnabled, $newPathRelative);
         // update sharing-keys
         $util->setSharedFileKeyfiles($session, $usersSharing, $newPathRelative);
     }
     \OC_FileProxy::$enabled = $proxyStatus;
 }