/**
* Sets up user folders and keys for serverside encryption
*
* @param string $passphrase to encrypt server-stored private key with
* @return bool
*/
public function setupServerSide($passphrase = null)
{
// Set directories to check / create
$setUpDirs = array($this->userDir, $this->publicKeyDir, $this->encryptionDir, $this->keysPath);
// Check / create all necessary dirs
foreach ($setUpDirs as $dirPath) {
if (!$this->view->file_exists($dirPath)) {
$this->view->mkdir($dirPath);
}
}
// Create user keypair
// we should never override a keyfile
if (!$this->view->file_exists($this->publicKeyPath) && !$this->view->file_exists($this->privateKeyPath)) {
// Generate keypair
$keypair = Crypt::createKeypair();
if ($keypair) {
\OC_FileProxy::$enabled = false;
// Encrypt private key with user pwd as passphrase
$encryptedPrivateKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], $passphrase, Helper::getCipher());
// Save key-pair
if ($encryptedPrivateKey) {
$header = crypt::generateHeader();
$this->view->file_put_contents($this->privateKeyPath, $header . $encryptedPrivateKey);
$this->view->file_put_contents($this->publicKeyPath, $keypair['publicKey']);
}
\OC_FileProxy::$enabled = true;
}
} else {
// check if public-key exists but private-key is missing
if ($this->view->file_exists($this->publicKeyPath) && !$this->view->file_exists($this->privateKeyPath)) {
\OCP\Util::writeLog('Encryption library', 'public key exists but private key is missing for "' . $this->keyId . '"', \OCP\Util::FATAL);
return false;
} else {
if (!$this->view->file_exists($this->publicKeyPath) && $this->view->file_exists($this->privateKeyPath)) {
\OCP\Util::writeLog('Encryption library', 'private key exists but public key is missing for "' . $this->keyId . '"', \OCP\Util::FATAL);
return false;
}
}
}
return true;
}
