/** * start receiving chunks from a file. This is the place where you can * perform some initial step before starting encrypting/decrypting the * chunks * * @param string $path to the file * @param string $user who read/write the file * @param string $mode php stream open mode * @param array $header contains the header data read from the file * @param array $accessList who has access to the file contains the key 'users' and 'public' * * @return array $header contain data as key-value pairs which should be * written to the header, in case of a write operation * or if no additional data is needed return a empty array */ public function begin($path, $user, $mode, array $header, array $accessList) { $this->path = $this->getPathToRealFile($path); $this->accessList = $accessList; $this->user = $user; $this->isWriteOperation = false; $this->writeCache = ''; if ($this->session->decryptAllModeActivated()) { $encryptedFileKey = $this->keyManager->getEncryptedFileKey($this->path); $shareKey = $this->keyManager->getShareKey($this->path, $this->session->getDecryptAllUid()); $this->fileKey = $this->crypt->multiKeyDecrypt($encryptedFileKey, $shareKey, $this->session->getDecryptAllKey()); } else { $this->fileKey = $this->keyManager->getFileKey($this->path, $this->user); } if ($mode === 'w' || $mode === 'w+' || $mode === 'wb' || $mode === 'wb+') { $this->isWriteOperation = true; if (empty($this->fileKey)) { $this->fileKey = $this->crypt->generateFileKey(); } } if (isset($header['cipher'])) { $this->cipher = $header['cipher']; } elseif ($this->isWriteOperation) { $this->cipher = $this->crypt->getCipher(); } else { // if we read a file without a header we fall-back to the legacy cipher // which was used in <=oC6 $this->cipher = $this->crypt->getLegacyCipher(); } return array('cipher' => $this->cipher); }
/** * recover file * * @param string $path * @param string $privateKey * @param string $uid */ private function recoverFile($path, $privateKey, $uid) { $encryptedFileKey = $this->keyManager->getEncryptedFileKey($path); $shareKey = $this->keyManager->getShareKey($path, $this->keyManager->getRecoveryKeyId()); if ($encryptedFileKey && $shareKey && $privateKey) { $fileKey = $this->crypt->multiKeyDecrypt($encryptedFileKey, $shareKey, $privateKey); } if (!empty($fileKey)) { $accessList = $this->file->getAccessList($path); $publicKeys = array(); foreach ($accessList['users'] as $user) { $publicKeys[$user] = $this->keyManager->getPublicKey($user); } $publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys, $uid); $encryptedKeyfiles = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys); $this->keyManager->setAllFileKeys($path, $encryptedKeyfiles); } }
/** * start receiving chunks from a file. This is the place where you can * perform some initial step before starting encrypting/decrypting the * chunks * * @param string $path to the file * @param string $user who read/write the file * @param string $mode php stream open mode * @param array $header contains the header data read from the file * @param array $accessList who has access to the file contains the key 'users' and 'public' * * @return array $header contain data as key-value pairs which should be * written to the header, in case of a write operation * or if no additional data is needed return a empty array */ public function begin($path, $user, $mode, array $header, array $accessList) { $this->path = $this->getPathToRealFile($path); $this->accessList = $accessList; $this->user = $user; $this->isWriteOperation = false; $this->writeCache = ''; if ($this->session->decryptAllModeActivated()) { $encryptedFileKey = $this->keyManager->getEncryptedFileKey($this->path); $shareKey = $this->keyManager->getShareKey($this->path, $this->session->getDecryptAllUid()); $this->fileKey = $this->crypt->multiKeyDecrypt($encryptedFileKey, $shareKey, $this->session->getDecryptAllKey()); } else { $this->fileKey = $this->keyManager->getFileKey($this->path, $this->user); } // always use the version from the original file, also part files // need to have a correct version number if they get moved over to the // final location $this->version = (int) $this->keyManager->getVersion($this->stripPartFileExtension($path), new View()); if ($mode === 'w' || $mode === 'w+' || $mode === 'wb' || $mode === 'wb+') { $this->isWriteOperation = true; if (empty($this->fileKey)) { $this->fileKey = $this->crypt->generateFileKey(); } } else { // if we read a part file we need to increase the version by 1 // because the version number was also increased by writing // the part file if (Scanner::isPartialFile($path)) { $this->version = $this->version + 1; } } if ($this->isWriteOperation) { $this->cipher = $this->crypt->getCipher(); } elseif (isset($header['cipher'])) { $this->cipher = $header['cipher']; } else { // if we read a file without a header we fall-back to the legacy cipher // which was used in <=oC6 $this->cipher = $this->crypt->getLegacyCipher(); } return array('cipher' => $this->cipher, 'signed' => 'true'); }
public function testGetEncryptedFileKey() { $this->keyStorageMock->expects($this->once())->method('getFileKey')->with('/', 'fileKey')->willReturn(true); $this->assertTrue($this->instance->getEncryptedFileKey('/')); }