Exemplo n.º 1
0
 /**
  * if session is started, check if ownCloud key pair is set up, if not create it
  * @param \OC\Files\View $view
  *
  * @note The ownCloud key pair is used to allow public link sharing even if encryption is enabled
  */
 public function __construct($view)
 {
     $this->view = $view;
     if (!$this->view->is_dir('files_encryption')) {
         $this->view->mkdir('files_encryption');
     }
     $appConfig = \OC::$server->getAppConfig();
     $publicShareKeyId = Helper::getPublicShareKeyId();
     if ($publicShareKeyId === false) {
         $publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8);
         $appConfig->setValue('files_encryption', 'publicShareKeyId', $publicShareKeyId);
     }
     if (!Keymanager::publicShareKeyExists($view)) {
         $keypair = Crypt::createKeypair();
         // Save public key
         Keymanager::setPublicKey($keypair['publicKey'], $publicShareKeyId);
         // Encrypt private key empty passphrase
         $cipher = Helper::getCipher();
         $encryptedKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], '', $cipher);
         if ($encryptedKey) {
             Keymanager::setPrivateSystemKey($encryptedKey, $publicShareKeyId);
         } else {
             \OCP\Util::writeLog('files_encryption', 'Could not create public share keys', \OCP\Util::ERROR);
         }
     }
     if (Helper::isPublicAccess() && !self::getPublicSharePrivateKey()) {
         // Disable encryption proxy to prevent recursive calls
         $proxyStatus = \OC_FileProxy::$enabled;
         \OC_FileProxy::$enabled = false;
         $encryptedKey = Keymanager::getPrivateSystemKey($publicShareKeyId);
         $privateKey = Crypt::decryptPrivateKey($encryptedKey, '');
         self::setPublicSharePrivateKey($privateKey);
         \OC_FileProxy::$enabled = $proxyStatus;
     }
 }
Exemplo n.º 2
0
 /**
  * if session is started, check if ownCloud key pair is set up, if not create it
  * @param \OC\Files\View $view
  *
  * @note The ownCloud key pair is used to allow public link sharing even if encryption is enabled
  */
 public function __construct($view)
 {
     $this->view = $view;
     if (!$this->view->is_dir('owncloud_private_key')) {
         $this->view->mkdir('owncloud_private_key');
     }
     $appConfig = \OC::$server->getAppConfig();
     $publicShareKeyId = $appConfig->getValue('files_encryption', 'publicShareKeyId');
     if ($publicShareKeyId === null) {
         $publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8);
         $appConfig->setValue('files_encryption', 'publicShareKeyId', $publicShareKeyId);
     }
     if (!$this->view->file_exists("/public-keys/" . $publicShareKeyId . ".public.key") || !$this->view->file_exists("/owncloud_private_key/" . $publicShareKeyId . ".private.key")) {
         $keypair = Crypt::createKeypair();
         // Disable encryption proxy to prevent recursive calls
         $proxyStatus = \OC_FileProxy::$enabled;
         \OC_FileProxy::$enabled = false;
         // Save public key
         if (!$view->is_dir('/public-keys')) {
             $view->mkdir('/public-keys');
         }
         $this->view->file_put_contents('/public-keys/' . $publicShareKeyId . '.public.key', $keypair['publicKey']);
         // Encrypt private key empty passphrase
         $cipher = \OCA\Encryption\Helper::getCipher();
         $encryptedKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($keypair['privateKey'], '', $cipher);
         if ($encryptedKey) {
             Keymanager::setPrivateSystemKey($encryptedKey, $publicShareKeyId . '.private.key');
         } else {
             \OCP\Util::writeLog('files_encryption', 'Could not create public share keys', \OCP\Util::ERROR);
         }
         \OC_FileProxy::$enabled = $proxyStatus;
     }
     if (\OCA\Encryption\Helper::isPublicAccess()) {
         // Disable encryption proxy to prevent recursive calls
         $proxyStatus = \OC_FileProxy::$enabled;
         \OC_FileProxy::$enabled = false;
         $encryptedKey = $this->view->file_get_contents('/owncloud_private_key/' . $publicShareKeyId . '.private.key');
         $privateKey = Crypt::decryptPrivateKey($encryptedKey, '');
         $this->setPublicSharePrivateKey($privateKey);
         $this->setInitialized(\OCA\Encryption\Session::INIT_SUCCESSFUL);
         \OC_FileProxy::$enabled = $proxyStatus;
     }
 }
Exemplo n.º 3
0
 /**
  * enable recovery
  *
  * @param string $recoveryKeyId
  * @param string $recoveryPassword
  * @internal param \OCA\Encryption\Util $util
  * @internal param string $password
  * @return bool
  */
 public static function adminEnableRecovery($recoveryKeyId, $recoveryPassword)
 {
     $view = new \OC\Files\View('/');
     $appConfig = \OC::$server->getAppConfig();
     if ($recoveryKeyId === null) {
         $recoveryKeyId = 'recovery_' . substr(md5(time()), 0, 8);
         $appConfig->setValue('files_encryption', 'recoveryKeyId', $recoveryKeyId);
     }
     if (!$view->is_dir('/owncloud_private_key')) {
         $view->mkdir('/owncloud_private_key');
     }
     if (!$view->file_exists("/public-keys/" . $recoveryKeyId . ".public.key") || !$view->file_exists("/owncloud_private_key/" . $recoveryKeyId . ".private.key")) {
         $keypair = \OCA\Encryption\Crypt::createKeypair();
         \OC_FileProxy::$enabled = false;
         // Save public key
         if (!$view->is_dir('/public-keys')) {
             $view->mkdir('/public-keys');
         }
         $view->file_put_contents('/public-keys/' . $recoveryKeyId . '.public.key', $keypair['publicKey']);
         $cipher = \OCA\Encryption\Helper::getCipher();
         $encryptedKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($keypair['privateKey'], $recoveryPassword, $cipher);
         if ($encryptedKey) {
             Keymanager::setPrivateSystemKey($encryptedKey, $recoveryKeyId . '.private.key');
             // Set recoveryAdmin as enabled
             $appConfig->setValue('files_encryption', 'recoveryAdminEnabled', 1);
             $return = true;
         }
         \OC_FileProxy::$enabled = true;
     } else {
         // get recovery key and check the password
         $util = new \OCA\Encryption\Util(new \OC\Files\View('/'), \OCP\User::getUser());
         $return = $util->checkRecoveryPassword($recoveryPassword);
         if ($return) {
             $appConfig->setValue('files_encryption', 'recoveryAdminEnabled', 1);
         }
     }
     return $return;
 }
Exemplo n.º 4
0
 /**
  * enable recovery
  *
  * @param string $recoveryKeyId
  * @param string $recoveryPassword
  * @return bool
  */
 public static function adminEnableRecovery($recoveryKeyId, $recoveryPassword)
 {
     $view = new \OC\Files\View('/');
     $appConfig = \OC::$server->getAppConfig();
     if ($recoveryKeyId === null) {
         $recoveryKeyId = 'recovery_' . substr(md5(time()), 0, 8);
         $appConfig->setValue('files_encryption', 'recoveryKeyId', $recoveryKeyId);
     }
     if (!Keymanager::recoveryKeyExists($view)) {
         $keypair = Crypt::createKeypair();
         // Save public key
         Keymanager::setPublicKey($keypair['publicKey'], $recoveryKeyId);
         $cipher = Helper::getCipher();
         $encryptedKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], $recoveryPassword, $cipher);
         if ($encryptedKey) {
             Keymanager::setPrivateSystemKey($encryptedKey, $recoveryKeyId);
             // Set recoveryAdmin as enabled
             $appConfig->setValue('files_encryption', 'recoveryAdminEnabled', 1);
             $return = true;
         }
     } else {
         // get recovery key and check the password
         $util = new Util(new \OC\Files\View('/'), \OCP\User::getUser());
         $return = $util->checkRecoveryPassword($recoveryPassword);
         if ($return) {
             $appConfig->setValue('files_encryption', 'recoveryAdminEnabled', 1);
         }
     }
     return $return;
 }