/**
* update encrypted file, e.g. give additional users access to the file
*
* @param string $path path to the file which should be updated
* @param string $uid of the user who performs the operation
* @param array $accessList who has access to the file contains the key 'users' and 'public'
* @return boolean
*/
public function update($path, $uid, array $accessList)
{
if (empty($accessList)) {
if (isset(self::$rememberVersion[$path])) {
$this->keyManager->setVersion($path, self::$rememberVersion[$path], new View());
unset(self::$rememberVersion[$path]);
}
return;
}
$fileKey = $this->keyManager->getFileKey($path, $uid);
if (!empty($fileKey)) {
$publicKeys = array();
if ($this->useMasterPassword === true) {
$publicKeys[$this->keyManager->getMasterKeyId()] = $this->keyManager->getPublicMasterKey();
} else {
foreach ($accessList['users'] as $user) {
try {
$publicKeys[$user] = $this->keyManager->getPublicKey($user);
} catch (PublicKeyMissingException $e) {
$this->logger->warning('Could not encrypt file for ' . $user . ': ' . $e->getMessage());
}
}
}
$publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys, $uid);
$encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys);
$this->keyManager->deleteAllFileKeys($path);
$this->keyManager->setAllFileKeys($path, $encryptedFileKey);
} else {
$this->logger->debug('no file key found, we assume that the file "{file}" is not encrypted', array('file' => $path, 'app' => 'encryption'));
return false;
}
return true;
}
/**
* update encrypted file, e.g. give additional users access to the file
*
* @param string $path path to the file which should be updated
* @param string $uid of the user who performs the operation
* @param array $accessList who has access to the file contains the key 'users' and 'public'
* @return boolean
*/
public function update($path, $uid, array $accessList)
{
$fileKey = $this->keyManager->getFileKey($path, $uid);
$publicKeys = array();
foreach ($accessList['users'] as $user) {
$publicKeys[$user] = $this->keyManager->getPublicKey($user);
}
$publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys);
$encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys);
$this->keyManager->deleteAllFileKeys($path);
$this->keyManager->setAllFileKeys($path, $encryptedFileKey);
return true;
}
/**
* update encrypted file, e.g. give additional users access to the file
*
* @param string $path path to the file which should be updated
* @param string $uid of the user who performs the operation
* @param array $accessList who has access to the file contains the key 'users' and 'public'
* @return boolean
*/
public function update($path, $uid, array $accessList)
{
$fileKey = $this->keyManager->getFileKey($path, $uid);
if (!empty($fileKey)) {
$publicKeys = array();
foreach ($accessList['users'] as $user) {
$publicKeys[$user] = $this->keyManager->getPublicKey($user);
}
$publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys, $uid);
$encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys);
$this->keyManager->deleteAllFileKeys($path);
$this->keyManager->setAllFileKeys($path, $encryptedFileKey);
} else {
$this->logger->debug('no file key found, we assume that the file "{file}" is not encrypted', array('file' => $path, 'app' => 'encryption'));
return false;
}
return true;
}
/**
* recover file
*
* @param string $path
* @param string $privateKey
* @param string $uid
*/
private function recoverFile($path, $privateKey, $uid)
{
$encryptedFileKey = $this->keyManager->getEncryptedFileKey($path);
$shareKey = $this->keyManager->getShareKey($path, $this->keyManager->getRecoveryKeyId());
if ($encryptedFileKey && $shareKey && $privateKey) {
$fileKey = $this->crypt->multiKeyDecrypt($encryptedFileKey, $shareKey, $privateKey);
}
if (!empty($fileKey)) {
$accessList = $this->file->getAccessList($path);
$publicKeys = array();
foreach ($accessList['users'] as $user) {
$publicKeys[$user] = $this->keyManager->getPublicKey($user);
}
$publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys, $uid);
$encryptedKeyfiles = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys);
$this->keyManager->setAllFileKeys($path, $encryptedKeyfiles);
}
}
/**
* test add public share key and or recovery key to the list of public keys
*
* @dataProvider dataTestAddSystemKeys
*
* @param array $accessList
* @param array $publicKeys
* @param string $uid
* @param array $expectedKeys
*/
public function testAddSystemKeys($accessList, $publicKeys, $uid, $expectedKeys)
{
$publicShareKeyId = 'publicShareKey';
$recoveryKeyId = 'recoveryKey';
$this->keyStorageMock->expects($this->any())->method('getSystemUserKey')->willReturnCallback(function ($keyId, $encryptionModuleId) {
return $keyId;
});
$this->utilMock->expects($this->any())->method('isRecoveryEnabledForUser')->willReturnCallback(function ($uid) {
if ($uid === 'user1') {
return true;
}
return false;
});
// set key IDs
self::invokePrivate($this->instance, 'publicShareKeyId', [$publicShareKeyId]);
self::invokePrivate($this->instance, 'recoveryKeyId', [$recoveryKeyId]);
$result = $this->instance->addSystemKeys($accessList, $publicKeys, $uid);
foreach ($expectedKeys as $expected) {
$this->assertArrayHasKey($expected, $result);
}
$this->assertSameSize($expectedKeys, $result);
}
