/**
* enable recovery
*
* @param string $recoveryKeyId
* @param string $recoveryPassword
* @return bool
*/
public static function adminEnableRecovery($recoveryKeyId, $recoveryPassword)
{
$view = new \OC\Files\View('/');
$appConfig = \OC::$server->getAppConfig();
if ($recoveryKeyId === null) {
$recoveryKeyId = 'recovery_' . substr(md5(time()), 0, 8);
$appConfig->setValue('files_encryption', 'recoveryKeyId', $recoveryKeyId);
}
if (!Keymanager::recoveryKeyExists($view)) {
$keypair = Crypt::createKeypair();
// Save public key
Keymanager::setPublicKey($keypair['publicKey'], $recoveryKeyId);
$cipher = Helper::getCipher();
$encryptedKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], $recoveryPassword, $cipher);
if ($encryptedKey) {
Keymanager::setPrivateSystemKey($encryptedKey, $recoveryKeyId);
// Set recoveryAdmin as enabled
$appConfig->setValue('files_encryption', 'recoveryAdminEnabled', 1);
$return = true;
}
} else {
// get recovery key and check the password
$util = new Util(new \OC\Files\View('/'), \OCP\User::getUser());
$return = $util->checkRecoveryPassword($recoveryPassword);
if ($return) {
$appConfig->setValue('files_encryption', 'recoveryAdminEnabled', 1);
}
}
return $return;
}
