diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php
index 53afefc721b..2066300a163 100644
--- a/apps/files_encryption/hooks/hooks.php
+++ b/apps/files_encryption/hooks/hooks.php
@@ -189,7 +189,7 @@ class Hooks {
// Save public key
$view->file_put_contents( '/public-keys/'.$user.'.public.key', $keypair['publicKey'] );
- // Encrypt private key empthy passphrase
+ // Encrypt private key empty passphrase
$encryptedPrivateKey = Crypt::symmetricEncryptFileContent( $keypair['privateKey'], $newUserPassword );
// Save private key
diff --git a/apps/files_encryption/js/settings-admin.js b/apps/files_encryption/js/settings-admin.js
index c58d75341df..7c1866445ee 100644
--- a/apps/files_encryption/js/settings-admin.js
+++ b/apps/files_encryption/js/settings-admin.js
@@ -99,4 +99,4 @@ $(document).ready(function(){
);
});
-})
\ No newline at end of file
+});
\ No newline at end of file
diff --git a/apps/files_encryption/js/settings-personal.js b/apps/files_encryption/js/settings-personal.js
index 3b9b00dc797..312b672ad46 100644
--- a/apps/files_encryption/js/settings-personal.js
+++ b/apps/files_encryption/js/settings-personal.js
@@ -57,4 +57,4 @@ $(document).ready(function(){
}
);
-})
\ No newline at end of file
+});
\ No newline at end of file
diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php
index 1a5c9300a27..f5b7a8a0a40 100755
--- a/apps/files_encryption/lib/crypt.php
+++ b/apps/files_encryption/lib/crypt.php
@@ -26,7 +26,7 @@
namespace OCA\Encryption;
//require_once '../3rdparty/Crypt_Blowfish/Blowfish.php';
-require_once realpath(dirname(__FILE__) . '/../3rdparty/Crypt_Blowfish/Blowfish.php');
+require_once realpath( dirname( __FILE__ ) . '/../3rdparty/Crypt_Blowfish/Blowfish.php' );
/**
* Class for common cryptography functionality
@@ -40,8 +40,7 @@ class Crypt
* @param string $user name (use system wide setting if name=null)
* @return string 'client' or 'server'
*/
- public static function mode($user = null)
- {
+ public static function mode( $user = null ) {
return 'server';
@@ -51,20 +50,19 @@ class Crypt
* @brief Create a new encryption keypair
* @return array publicKey, privatekey
*/
- public static function createKeypair()
- {
+ public static function createKeypair() {
- $res = openssl_pkey_new(array('private_key_bits' => 4096));
+ $res = openssl_pkey_new( array( 'private_key_bits' => 4096 ) );
// Get private key
- openssl_pkey_export($res, $privateKey);
+ openssl_pkey_export( $res, $privateKey );
// Get public key
- $publicKey = openssl_pkey_get_details($res);
+ $publicKey = openssl_pkey_get_details( $res );
$publicKey = $publicKey['key'];
- return (array('publicKey' => $publicKey, 'privateKey' => $privateKey));
+ return ( array( 'publicKey' => $publicKey, 'privateKey' => $privateKey ) );
}
@@ -77,8 +75,7 @@ class Crypt
* blocks with encryption alone, hence padding is added to achieve the
* required length.
*/
- public static function addPadding($data)
- {
+ public static function addPadding( $data ) {
$padded = $data . 'xx';
@@ -91,12 +88,11 @@ class Crypt
* @param string $padded padded data to remove padding from
* @return string unpadded data on success, false on error
*/
- public static function removePadding($padded)
- {
+ public static function removePadding( $padded ) {
- if (substr($padded, -2) == 'xx') {
+ if ( substr( $padded, -2 ) == 'xx' ) {
- $data = substr($padded, 0, -2);
+ $data = substr( $padded, 0, -2 );
return $data;
@@ -115,27 +111,26 @@ class Crypt
* @return boolean
* @note see also OCA\Encryption\Util->isEncryptedPath()
*/
- public static function isCatfileContent($content)
- {
+ public static function isCatfileContent( $content ) {
- if (!$content) {
+ if ( !$content ) {
return false;
}
- $noPadding = self::removePadding($content);
+ $noPadding = self::removePadding( $content );
// Fetch encryption metadata from end of file
- $meta = substr($noPadding, -22);
+ $meta = substr( $noPadding, -22 );
// Fetch IV from end of file
- $iv = substr($meta, -16);
+ $iv = substr( $meta, -16 );
// Fetch identifier from start of metadata
- $identifier = substr($meta, 0, 6);
+ $identifier = substr( $meta, 0, 6 );
- if ($identifier == '00iv00') {
+ if ( $identifier == '00iv00' ) {
return true;
@@ -152,16 +147,15 @@ class Crypt
* @param string $path
* @return bool
*/
- public static function isEncryptedMeta($path)
- {
+ public static function isEncryptedMeta( $path ) {
// TODO: Use DI to get \OC\Files\Filesystem out of here
// Fetch all file metadata from DB
- $metadata = \OC\Files\Filesystem::getFileInfo($path);
+ $metadata = \OC\Files\Filesystem::getFileInfo( $path );
// Return encryption status
- return isset($metadata['encrypted']) and ( bool )$metadata['encrypted'];
+ return isset( $metadata['encrypted'] ) and ( bool )$metadata['encrypted'];
}
@@ -172,19 +166,18 @@ class Crypt
* e.g. filename or /Docs/filename, NOT admin/files/filename
* @return boolean
*/
- public static function isLegacyEncryptedContent($data, $relPath)
- {
+ public static function isLegacyEncryptedContent( $data, $relPath ) {
// Fetch all file metadata from DB
- $metadata = \OC\Files\Filesystem::getFileInfo($relPath, '');
+ $metadata = \OC\Files\Filesystem::getFileInfo( $relPath, '' );
// If a file is flagged with encryption in DB, but isn't a
// valid content + IV combination, it's probably using the
// legacy encryption system
if (
- isset($metadata['encrypted'])
+ isset( $metadata['encrypted'] )
and $metadata['encrypted'] === true
- and !self::isCatfileContent($data)
+ and !self::isCatfileContent( $data )
) {
return true;
@@ -199,18 +192,20 @@ class Crypt
/**
* @brief Symmetrically encrypt a string
+ * @param $plainContent
+ * @param $iv
+ * @param string $passphrase
* @return string encrypted file content
*/
- public static function encrypt($plainContent, $iv, $passphrase = '')
- {
+ public static function encrypt( $plainContent, $iv, $passphrase = '' ) {
- if ($encryptedContent = openssl_encrypt($plainContent, 'AES-128-CFB', $passphrase, false, $iv)) {
+ if ( $encryptedContent = openssl_encrypt( $plainContent, 'AES-128-CFB', $passphrase, false, $iv ) ) {
return $encryptedContent;
} else {
- \OC_Log::write('Encryption library', 'Encryption (symmetric) of content failed', \OC_Log::ERROR);
+ \OC_Log::write( 'Encryption library', 'Encryption (symmetric) of content failed', \OC_Log::ERROR );
return false;
@@ -220,21 +215,21 @@ class Crypt
/**
* @brief Symmetrically decrypt a string
+ * @param $encryptedContent
+ * @param $iv
+ * @param $passphrase
+ * @throws \Exception
* @return string decrypted file content
*/
- public static function decrypt($encryptedContent, $iv, $passphrase)
- {
+ public static function decrypt( $encryptedContent, $iv, $passphrase ) {
- if ($plainContent = openssl_decrypt($encryptedContent, 'AES-128-CFB', $passphrase, false, $iv)) {
+ if ( $plainContent = openssl_decrypt( $encryptedContent, 'AES-128-CFB', $passphrase, false, $iv ) ) {
return $plainContent;
-
} else {
- throw new \Exception('Encryption library: Decryption (symmetric) of content failed');
-
- return false;
+ throw new \Exception( 'Encryption library: Decryption (symmetric) of content failed' );
}
@@ -246,8 +241,7 @@ class Crypt
* @param string $iv IV to be concatenated
* @returns string concatenated content
*/
- public static function concatIv($content, $iv)
- {
+ public static function concatIv( $content, $iv ) {
$combined = $content . '00iv00' . $iv;
@@ -260,17 +254,16 @@ class Crypt
* @param string $catFile concatenated data to be split
* @returns array keys: encrypted, iv
*/
- public static function splitIv($catFile)
- {
+ public static function splitIv( $catFile ) {
// Fetch encryption metadata from end of file
- $meta = substr($catFile, -22);
+ $meta = substr( $catFile, -22 );
// Fetch IV from end of file
- $iv = substr($meta, -16);
+ $iv = substr( $meta, -16 );
// Remove IV and IV identifier text to expose encrypted content
- $encrypted = substr($catFile, 0, -22);
+ $encrypted = substr( $catFile, 0, -22 );
$split = array(
'encrypted' => $encrypted
@@ -290,10 +283,9 @@ class Crypt
* @note IV need not be specified, as it will be stored in the returned keyfile
* and remain accessible therein.
*/
- public static function symmetricEncryptFileContent($plainContent, $passphrase = '')
- {
+ public static function symmetricEncryptFileContent( $plainContent, $passphrase = '' ) {
- if (!$plainContent) {
+ if ( !$plainContent ) {
return false;
@@ -301,18 +293,18 @@ class Crypt
$iv = self::generateIv();
- if ($encryptedContent = self::encrypt($plainContent, $iv, $passphrase)) {
+ if ( $encryptedContent = self::encrypt( $plainContent, $iv, $passphrase ) ) {
// Combine content to encrypt with IV identifier and actual IV
- $catfile = self::concatIv($encryptedContent, $iv);
+ $catfile = self::concatIv( $encryptedContent, $iv );
- $padded = self::addPadding($catfile);
+ $padded = self::addPadding( $catfile );
return $padded;
} else {
- \OC_Log::write('Encryption library', 'Encryption (symmetric) of keyfile content failed', \OC_Log::ERROR);
+ \OC_Log::write( 'Encryption library', 'Encryption (symmetric) of keyfile content failed', \OC_Log::ERROR );
return false;
@@ -334,25 +326,26 @@ class Crypt
*
* This function decrypts a file
*/
- public static function symmetricDecryptFileContent($keyfileContent, $passphrase = '')
- {
+ public static function symmetricDecryptFileContent( $keyfileContent, $passphrase = '' ) {
- if (!$keyfileContent) {
+ if ( !$keyfileContent ) {
- throw new \Exception('Encryption library: no data provided for decryption');
+ throw new \Exception( 'Encryption library: no data provided for decryption' );
}
// Remove padding
- $noPadding = self::removePadding($keyfileContent);
+ $noPadding = self::removePadding( $keyfileContent );
// Split into enc data and catfile
- $catfile = self::splitIv($noPadding);
+ $catfile = self::splitIv( $noPadding );
- if ($plainContent = self::decrypt($catfile['encrypted'], $catfile['iv'], $passphrase)) {
+ if ( $plainContent = self::decrypt( $catfile['encrypted'], $catfile['iv'], $passphrase ) ) {
return $plainContent;
+ } else {
+ return false;
}
}
@@ -365,16 +358,15 @@ class Crypt
*
* This function decrypts a file
*/
- public static function symmetricEncryptFileContentKeyfile($plainContent)
- {
+ public static function symmetricEncryptFileContentKeyfile( $plainContent ) {
$key = self::generateKey();
- if ($encryptedContent = self::symmetricEncryptFileContent($plainContent, $key)) {
+ if ( $encryptedContent = self::symmetricEncryptFileContent( $plainContent, $key ) ) {
return array(
- 'key' => $key
- , 'encrypted' => $encryptedContent
+ 'key' => $key,
+ 'encrypted' => $encryptedContent
);
} else {
@@ -392,29 +384,28 @@ class Crypt
* @returns array keys: keys (array, key = userId), data
* @note symmetricDecryptFileContent() can decrypt files created using this method
*/
- public static function multiKeyEncrypt($plainContent, array $publicKeys)
- {
+ public static function multiKeyEncrypt( $plainContent, array $publicKeys ) {
// openssl_seal returns false without errors if $plainContent
// is empty, so trigger our own error
- if (empty($plainContent)) {
+ if ( empty( $plainContent ) ) {
- trigger_error("Cannot mutliKeyEncrypt empty plain content");
- throw new \Exception('Cannot mutliKeyEncrypt empty plain content');
+ throw new \Exception( 'Cannot mutliKeyEncrypt empty plain content' );
}
// Set empty vars to be set by openssl by reference
$sealed = '';
$shareKeys = array();
+ $mappedShareKeys = array();
- if (openssl_seal($plainContent, $sealed, $shareKeys, $publicKeys)) {
+ if ( openssl_seal( $plainContent, $sealed, $shareKeys, $publicKeys ) ) {
$i = 0;
// Ensure each shareKey is labelled with its
// corresponding userId
- foreach ($publicKeys as $userId => $publicKey) {
+ foreach ( $publicKeys as $userId => $publicKey ) {
$mappedShareKeys[$userId] = $shareKeys[$i];
$i++;
@@ -422,8 +413,8 @@ class Crypt
}
return array(
- 'keys' => $mappedShareKeys
- , 'data' => $sealed
+ 'keys' => $mappedShareKeys,
+ 'data' => $sealed
);
} else {
@@ -446,22 +437,21 @@ class Crypt
*
* This function decrypts a file
*/
- public static function multiKeyDecrypt($encryptedContent, $shareKey, $privateKey)
- {
+ public static function multiKeyDecrypt( $encryptedContent, $shareKey, $privateKey ) {
- if (!$encryptedContent) {
+ if ( !$encryptedContent ) {
return false;
}
- if (openssl_open($encryptedContent, $plainContent, $shareKey, $privateKey)) {
+ if ( openssl_open( $encryptedContent, $plainContent, $shareKey, $privateKey ) ) {
return $plainContent;
} else {
- \OC_Log::write('Encryption library', 'Decryption (asymmetric) of sealed content failed', \OC_Log::ERROR);
+ \OC_Log::write( 'Encryption library', 'Decryption (asymmetric) of sealed content failed', \OC_Log::ERROR );
return false;
@@ -473,10 +463,9 @@ class Crypt
* @brief Asymetrically encrypt a string using a public key
* @return string encrypted file
*/
- public static function keyEncrypt($plainContent, $publicKey)
- {
+ public static function keyEncrypt( $plainContent, $publicKey ) {
- openssl_public_encrypt($plainContent, $encryptedContent, $publicKey);
+ openssl_public_encrypt( $plainContent, $encryptedContent, $publicKey );
return $encryptedContent;
@@ -486,12 +475,11 @@ class Crypt
* @brief Asymetrically decrypt a file using a private key
* @return string decrypted file
*/
- public static function keyDecrypt($encryptedContent, $privatekey)
- {
+ public static function keyDecrypt( $encryptedContent, $privatekey ) {
- $result = @openssl_private_decrypt($encryptedContent, $plainContent, $privatekey);
+ $result = @openssl_private_decrypt( $encryptedContent, $plainContent, $privatekey );
- if ($result) {
+ if ( $result ) {
return $plainContent;
}
@@ -503,27 +491,26 @@ class Crypt
* @brief Generates a pseudo random initialisation vector
* @return String $iv generated IV
*/
- public static function generateIv()
- {
+ public static function generateIv() {
- if ($random = openssl_random_pseudo_bytes(12, $strong)) {
+ if ( $random = openssl_random_pseudo_bytes( 12, $strong ) ) {
- if (!$strong) {
+ if ( !$strong ) {
// If OpenSSL indicates randomness is insecure, log error
- \OC_Log::write('Encryption library', 'Insecure symmetric key was generated using openssl_random_pseudo_bytes()', \OC_Log::WARN);
+ \OC_Log::write( 'Encryption library', 'Insecure symmetric key was generated using openssl_random_pseudo_bytes()', \OC_Log::WARN );
}
// We encode the iv purely for string manipulation
// purposes - it gets decoded before use
- $iv = base64_encode($random);
+ $iv = base64_encode( $random );
return $iv;
} else {
- throw new \Exception('Generating IV failed');
+ throw new \Exception( 'Generating IV failed' );
}
@@ -533,16 +520,15 @@ class Crypt
* @brief Generate a pseudo random 1024kb ASCII key
* @returns $key Generated key
*/
- public static function generateKey()
- {
+ public static function generateKey() {
// Generate key
- if ($key = base64_encode(openssl_random_pseudo_bytes(183, $strong))) {
+ if ( $key = base64_encode( openssl_random_pseudo_bytes( 183, $strong ) ) ) {
- if (!$strong) {
+ if ( !$strong ) {
// If OpenSSL indicates randomness is insecure, log error
- throw new \Exception('Encryption library, Insecure symmetric key was generated using openssl_random_pseudo_bytes()');
+ throw new \Exception( 'Encryption library, Insecure symmetric key was generated using openssl_random_pseudo_bytes()' );
}
@@ -563,12 +549,11 @@ class Crypt
*
* if the key is left out, the default handeler will be used
*/
- public static function getBlowfish($key = '')
- {
+ public static function getBlowfish( $key = '' ) {
- if ($key) {
+ if ( $key ) {
- return new \Crypt_Blowfish($key);
+ return new \Crypt_Blowfish( $key );
} else {
@@ -582,14 +567,13 @@ class Crypt
* @param $passphrase
* @return mixed
*/
- public static function legacyCreateKey($passphrase)
- {
+ public static function legacyCreateKey( $passphrase ) {
// Generate a random integer
- $key = mt_rand(10000, 99999) . mt_rand(10000, 99999) . mt_rand(10000, 99999) . mt_rand(10000, 99999);
+ $key = mt_rand( 10000, 99999 ) . mt_rand( 10000, 99999 ) . mt_rand( 10000, 99999 ) . mt_rand( 10000, 99999 );
// Encrypt the key with the passphrase
- $legacyEncKey = self::legacyEncrypt($key, $passphrase);
+ $legacyEncKey = self::legacyEncrypt( $key, $passphrase );
return $legacyEncKey;
@@ -605,12 +589,11 @@ class Crypt
*
* This function encrypts an content
*/
- public static function legacyEncrypt($content, $passphrase = '')
- {
+ public static function legacyEncrypt( $content, $passphrase = '' ) {
- $bf = self::getBlowfish($passphrase);
+ $bf = self::getBlowfish( $passphrase );
- return $bf->encrypt($content);
+ return $bf->encrypt( $content );
}
@@ -624,14 +607,13 @@ class Crypt
*
* This function decrypts an content
*/
- public static function legacyDecrypt($content, $passphrase = '')
- {
+ public static function legacyDecrypt( $content, $passphrase = '' ) {
- $bf = self::getBlowfish($passphrase);
+ $bf = self::getBlowfish( $passphrase );
- $decrypted = $bf->decrypt($content);
+ $decrypted = $bf->decrypt( $content );
- return rtrim($decrypted, "\0");;
+ return rtrim( $decrypted, "\0" );;
}
@@ -641,17 +623,16 @@ class Crypt
* @param int $maxLength
* @return string
*/
- private static function legacyBlockDecrypt($data, $key = '', $maxLength = 0)
- {
+ private static function legacyBlockDecrypt( $data, $key = '', $maxLength = 0 ) {
$result = '';
- while (strlen($data)) {
- $result .= self::legacyDecrypt(substr($data, 0, 8192), $key);
- $data = substr($data, 8192);
+ while ( strlen( $data ) ) {
+ $result .= self::legacyDecrypt( substr( $data, 0, 8192 ), $key );
+ $data = substr( $data, 8192 );
}
- if ($maxLength > 0) {
- return substr($result, 0, $maxLength);
+ if ( $maxLength > 0 ) {
+ return substr( $result, 0, $maxLength );
} else {
- return rtrim($result, "\0");
+ return rtrim( $result, "\0" );
}
}
@@ -663,18 +644,17 @@ class Crypt
* @param $path
* @return array
*/
- public static function legacyKeyRecryptKeyfile($legacyEncryptedContent, $legacyPassphrase, $publicKeys, $newPassphrase, $path)
- {
+ public static function legacyKeyRecryptKeyfile( $legacyEncryptedContent, $legacyPassphrase, $publicKeys, $newPassphrase, $path ) {
- $decrypted = self::legacyBlockDecrypt($legacyEncryptedContent, $legacyPassphrase);
+ $decrypted = self::legacyBlockDecrypt( $legacyEncryptedContent, $legacyPassphrase );
// Encrypt plain data, generate keyfile & encrypted file
- $cryptedData = self::symmetricEncryptFileContentKeyfile($decrypted);
+ $cryptedData = self::symmetricEncryptFileContentKeyfile( $decrypted );
// Encrypt plain keyfile to multiple sharefiles
- $multiEncrypted = Crypt::multiKeyEncrypt($cryptedData['key'], $publicKeys);
+ $multiEncrypted = Crypt::multiKeyEncrypt( $cryptedData['key'], $publicKeys );
- return array('data' => $cryptedData['encrypted'], 'filekey' => $multiEncrypted['data'], 'sharekeys' => $multiEncrypted['keys']);
+ return array( 'data' => $cryptedData['encrypted'], 'filekey' => $multiEncrypted['data'], 'sharekeys' => $multiEncrypted['keys'] );
}
diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php
index e4bf2c1226a..43f573c16b9 100755
--- a/apps/files_encryption/lib/helper.php
+++ b/apps/files_encryption/lib/helper.php
@@ -37,35 +37,32 @@ class Helper
* @brief register share related hooks
*
*/
- public static function registerShareHooks()
- {
+ public static function registerShareHooks() {
- \OCP\Util::connectHook('OCP\Share', 'pre_shared', 'OCA\Encryption\Hooks', 'preShared');
- \OCP\Util::connectHook('OCP\Share', 'post_shared', 'OCA\Encryption\Hooks', 'postShared');
- \OCP\Util::connectHook('OCP\Share', 'post_unshare', 'OCA\Encryption\Hooks', 'postUnshare');
+ \OCP\Util::connectHook( 'OCP\Share', 'pre_shared', 'OCA\Encryption\Hooks', 'preShared' );
+ \OCP\Util::connectHook( 'OCP\Share', 'post_shared', 'OCA\Encryption\Hooks', 'postShared' );
+ \OCP\Util::connectHook( 'OCP\Share', 'post_unshare', 'OCA\Encryption\Hooks', 'postUnshare' );
}
/**
* @brief register user related hooks
*
*/
- public static function registerUserHooks()
- {
+ public static function registerUserHooks() {
- \OCP\Util::connectHook('OC_User', 'post_login', 'OCA\Encryption\Hooks', 'login');
- \OCP\Util::connectHook('OC_User', 'post_setPassword', 'OCA\Encryption\Hooks', 'setPassphrase');
- \OCP\Util::connectHook('OC_User', 'post_createUser', 'OCA\Encryption\Hooks', 'postCreateUser');
- \OCP\Util::connectHook('OC_User', 'post_deleteUser', 'OCA\Encryption\Hooks', 'postDeleteUser');
+ \OCP\Util::connectHook( 'OC_User', 'post_login', 'OCA\Encryption\Hooks', 'login' );
+ \OCP\Util::connectHook( 'OC_User', 'post_setPassword', 'OCA\Encryption\Hooks', 'setPassphrase' );
+ \OCP\Util::connectHook( 'OC_User', 'post_createUser', 'OCA\Encryption\Hooks', 'postCreateUser' );
+ \OCP\Util::connectHook( 'OC_User', 'post_deleteUser', 'OCA\Encryption\Hooks', 'postDeleteUser' );
}
/**
* @brief register filesystem related hooks
*
*/
- public static function registerFilesystemHooks()
- {
+ public static function registerFilesystemHooks() {
- \OCP\Util::connectHook('OC_Filesystem', 'post_rename', 'OCA\Encryption\Hooks', 'postRename');
+ \OCP\Util::connectHook( 'OC_Filesystem', 'post_rename', 'OCA\Encryption\Hooks', 'postRename' );
}
/**
@@ -75,14 +72,13 @@ class Helper
* @param string $password
* @return bool
*/
- public static function setupUser($util, $password)
- {
+ public static function setupUser( $util, $password ) {
// Check files_encryption infrastructure is ready for action
- if (!$util->ready()) {
+ if ( !$util->ready() ) {
- \OC_Log::write('Encryption library', 'User account "' . $util->getUserId() . '" is not ready for encryption; configuration started', \OC_Log::DEBUG);
+ \OC_Log::write( 'Encryption library', 'User account "' . $util->getUserId() . '" is not ready for encryption; configuration started', \OC_Log::DEBUG );
- if (!$util->setupServerSide($password)) {
+ if ( !$util->setupServerSide( $password ) ) {
return false;
}
}
@@ -99,22 +95,21 @@ class Helper
* @internal param string $password
* @return bool
*/
- public static function adminEnableRecovery($recoveryKeyId, $recoveryPassword)
- {
- $view = new \OC\Files\View('/');
+ public static function adminEnableRecovery( $recoveryKeyId, $recoveryPassword ) {
+ $view = new \OC\Files\View( '/' );
- if ($recoveryKeyId === null) {
- $recoveryKeyId = 'recovery_' . substr(md5(time()), 0, 8);
- \OC_Appconfig::setValue('files_encryption', 'recoveryKeyId', $recoveryKeyId);
+ if ( $recoveryKeyId === null ) {
+ $recoveryKeyId = 'recovery_' . substr( md5( time() ), 0, 8 );
+ \OC_Appconfig::setValue( 'files_encryption', 'recoveryKeyId', $recoveryKeyId );
}
- if (!$view->is_dir('/owncloud_private_key')) {
- $view->mkdir('/owncloud_private_key');
+ if ( !$view->is_dir( '/owncloud_private_key' ) ) {
+ $view->mkdir( '/owncloud_private_key' );
}
if (
- (!$view->file_exists("/public-keys/" . $recoveryKeyId . ".public.key")
- || !$view->file_exists("/owncloud_private_key/" . $recoveryKeyId . ".private.key"))
+ ( !$view->file_exists( "/public-keys/" . $recoveryKeyId . ".public.key" )
+ || !$view->file_exists( "/owncloud_private_key/" . $recoveryKeyId . ".private.key" ) )
) {
$keypair = \OCA\Encryption\Crypt::createKeypair();
@@ -123,37 +118,37 @@ class Helper
// Save public key
- if (!$view->is_dir('/public-keys')) {
- $view->mkdir('/public-keys');
+ if ( !$view->is_dir( '/public-keys' ) ) {
+ $view->mkdir( '/public-keys' );
}
- $view->file_put_contents('/public-keys/' . $recoveryKeyId . '.public.key', $keypair['publicKey']);
+ $view->file_put_contents( '/public-keys/' . $recoveryKeyId . '.public.key', $keypair['publicKey'] );
// Encrypt private key empthy passphrase
- $encryptedPrivateKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($keypair['privateKey'], $recoveryPassword);
+ $encryptedPrivateKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent( $keypair['privateKey'], $recoveryPassword );
// Save private key
- $view->file_put_contents('/owncloud_private_key/' . $recoveryKeyId . '.private.key', $encryptedPrivateKey);
+ $view->file_put_contents( '/owncloud_private_key/' . $recoveryKeyId . '.private.key', $encryptedPrivateKey );
// create control file which let us check later on if the entered password was correct.
- $encryptedControlData = \OCA\Encryption\Crypt::keyEncrypt("ownCloud", $keypair['publicKey']);
- if (!$view->is_dir('/control-file')) {
- $view->mkdir('/control-file');
+ $encryptedControlData = \OCA\Encryption\Crypt::keyEncrypt( "ownCloud", $keypair['publicKey'] );
+ if ( !$view->is_dir( '/control-file' ) ) {
+ $view->mkdir( '/control-file' );
}
- $view->file_put_contents('/control-file/controlfile.enc', $encryptedControlData);
+ $view->file_put_contents( '/control-file/controlfile.enc', $encryptedControlData );
\OC_FileProxy::$enabled = true;
// Set recoveryAdmin as enabled
- \OC_Appconfig::setValue('files_encryption', 'recoveryAdminEnabled', 1);
+ \OC_Appconfig::setValue( 'files_encryption', 'recoveryAdminEnabled', 1 );
$return = true;
} else { // get recovery key and check the password
- $util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), \OCP\User::getUser());
- $return = $util->checkRecoveryPassword($_POST['recoveryPassword']);
- if ($return) {
- \OC_Appconfig::setValue('files_encryption', 'recoveryAdminEnabled', 1);
+ $util = new \OCA\Encryption\Util( new \OC_FilesystemView( '/' ), \OCP\User::getUser() );
+ $return = $util->checkRecoveryPassword( $_POST['recoveryPassword'] );
+ if ( $return ) {
+ \OC_Appconfig::setValue( 'files_encryption', 'recoveryAdminEnabled', 1 );
}
}
@@ -167,14 +162,13 @@ class Helper
* @param $recoveryPassword
* @return bool
*/
- public static function adminDisableRecovery($recoveryPassword)
- {
- $util = new Util(new \OC_FilesystemView('/'), \OCP\User::getUser());
- $return = $util->checkRecoveryPassword($recoveryPassword);
+ public static function adminDisableRecovery( $recoveryPassword ) {
+ $util = new Util( new \OC_FilesystemView( '/' ), \OCP\User::getUser() );
+ $return = $util->checkRecoveryPassword( $recoveryPassword );
- if ($return) {
+ if ( $return ) {
// Set recoveryAdmin as disabled
- \OC_Appconfig::setValue('files_encryption', 'recoveryAdminEnabled', 0);
+ \OC_Appconfig::setValue( 'files_encryption', 'recoveryAdminEnabled', 0 );
}
return $return;
diff --git a/apps/files_encryption/lib/keymanager.php b/apps/files_encryption/lib/keymanager.php
index a8cbc19d401..aaa2e4ba1b5 100755
--- a/apps/files_encryption/lib/keymanager.php
+++ b/apps/files_encryption/lib/keymanager.php
@@ -38,15 +38,14 @@ class Keymanager
* @return string private key or false (hopefully)
* @note the key returned by this method must be decrypted before use
*/
- public static function getPrivateKey(\OC_FilesystemView $view, $user)
- {
+ public static function getPrivateKey( \OC_FilesystemView $view, $user ) {
$path = '/' . $user . '/' . 'files_encryption' . '/' . $user . '.private.key';
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
- $key = $view->file_get_contents($path);
+ $key = $view->file_get_contents( $path );
\OC_FileProxy::$enabled = $proxyStatus;
@@ -59,13 +58,12 @@ class Keymanager
* @param $userId
* @return string public key or false
*/
- public static function getPublicKey(\OC_FilesystemView $view, $userId)
- {
+ public static function getPublicKey( \OC_FilesystemView $view, $userId ) {
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
- $result = $view->file_get_contents('/public-keys/' . $userId . '.public.key');
+ $result = $view->file_get_contents( '/public-keys/' . $userId . '.public.key' );
\OC_FileProxy::$enabled = $proxyStatus;
@@ -79,12 +77,11 @@ class Keymanager
* @param $userId
* @return array keys: privateKey, publicKey
*/
- public static function getUserKeys(\OC_FilesystemView $view, $userId)
- {
+ public static function getUserKeys( \OC_FilesystemView $view, $userId ) {
return array(
- 'publicKey' => self::getPublicKey($view, $userId)
- , 'privateKey' => self::getPrivateKey($view, $userId)
+ 'publicKey' => self::getPublicKey( $view, $userId )
+ , 'privateKey' => self::getPrivateKey( $view, $userId )
);
}
@@ -95,14 +92,13 @@ class Keymanager
* @param array $userIds
* @return array of public keys for the specified users
*/
- public static function getPublicKeys(\OC_FilesystemView $view, array $userIds)
- {
+ public static function getPublicKeys( \OC_FilesystemView $view, array $userIds ) {
$keys = array();
- foreach ($userIds as $userId) {
+ foreach ( $userIds as $userId ) {
- $keys[$userId] = self::getPublicKey($view, $userId);
+ $keys[$userId] = self::getPublicKey( $view, $userId );
}
@@ -122,41 +118,40 @@ class Keymanager
* @note The keyfile is not encrypted here. Client code must
* asymmetrically encrypt the keyfile before passing it to this method
*/
- public static function setFileKey(\OC_FilesystemView $view, $path, $userId, $catfile)
- {
+ public static function setFileKey( \OC_FilesystemView $view, $path, $userId, $catfile ) {
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
//here we need the currently logged in user, while userId can be a different user
- $util = new Util($view, \OCP\User::getUser());
- list($owner, $filename) = $util->getUidAndFilename($path);
+ $util = new Util( $view, \OCP\User::getUser() );
+ list( $owner, $filename ) = $util->getUidAndFilename( $path );
$basePath = '/' . $owner . '/files_encryption/keyfiles';
- $targetPath = self::keySetPreparation($view, $filename, $basePath, $owner);
+ $targetPath = self::keySetPreparation( $view, $filename, $basePath, $owner );
- if (!$view->is_dir($basePath . '/' . $targetPath)) {
+ if ( !$view->is_dir( $basePath . '/' . $targetPath ) ) {
// create all parent folders
- $info = pathinfo($basePath . '/' . $targetPath);
- $keyfileFolderName = $view->getLocalFolder($info['dirname']);
+ $info = pathinfo( $basePath . '/' . $targetPath );
+ $keyfileFolderName = $view->getLocalFolder( $info['dirname'] );
- if (!file_exists($keyfileFolderName)) {
+ if ( !file_exists( $keyfileFolderName ) ) {
- mkdir($keyfileFolderName, 0750, true);
+ mkdir( $keyfileFolderName, 0750, true );
}
}
// try reusing key file if part file
- if (self::isPartialFilePath($targetPath)) {
+ if ( self::isPartialFilePath( $targetPath ) ) {
- $result = $view->file_put_contents($basePath . '/' . self::fixPartialFilePath($targetPath) . '.key', $catfile);
+ $result = $view->file_put_contents( $basePath . '/' . self::fixPartialFilePath( $targetPath ) . '.key', $catfile );
} else {
- $result = $view->file_put_contents($basePath . '/' . $targetPath . '.key', $catfile);
+ $result = $view->file_put_contents( $basePath . '/' . $targetPath . '.key', $catfile );
}
@@ -172,13 +167,12 @@ class Keymanager
* @return string File path without .part extension
* @note this is needed for reusing keys
*/
- public static function fixPartialFilePath($path)
- {
+ public static function fixPartialFilePath( $path ) {
- if (preg_match('/\.part$/', $path)) {
+ if ( preg_match( '/\.part$/', $path ) ) {
- $newLength = strlen($path) - 5;
- $fPath = substr($path, 0, $newLength);
+ $newLength = strlen( $path ) - 5;
+ $fPath = substr( $path, 0, $newLength );
return $fPath;
@@ -195,10 +189,9 @@ class Keymanager
* @param string $path Path that may identify a .part file
* @return bool
*/
- public static function isPartialFilePath($path)
- {
+ public static function isPartialFilePath( $path ) {
- if (preg_match('/\.part$/', $path)) {
+ if ( preg_match( '/\.part$/', $path ) ) {
return true;
@@ -220,15 +213,14 @@ class Keymanager
* @note The keyfile returned is asymmetrically encrypted. Decryption
* of the keyfile must be performed by client code
*/
- public static function getFileKey(\OC_FilesystemView $view, $userId, $filePath)
- {
+ public static function getFileKey( \OC_FilesystemView $view, $userId, $filePath ) {
// try reusing key file if part file
- if (self::isPartialFilePath($filePath)) {
+ if ( self::isPartialFilePath( $filePath ) ) {
- $result = self::getFileKey($view, $userId, self::fixPartialFilePath($filePath));
+ $result = self::getFileKey( $view, $userId, self::fixPartialFilePath( $filePath ) );
- if ($result) {
+ if ( $result ) {
return $result;
@@ -236,19 +228,19 @@ class Keymanager
}
- $util = new Util($view, \OCP\User::getUser());
+ $util = new Util( $view, \OCP\User::getUser() );
- list($owner, $filename) = $util->getUidAndFilename($filePath);
- $filePath_f = ltrim($filename, '/');
+ list( $owner, $filename ) = $util->getUidAndFilename( $filePath );
+ $filePath_f = ltrim( $filename, '/' );
$keyfilePath = '/' . $owner . '/files_encryption/keyfiles/' . $filePath_f . '.key';
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
- if ($view->file_exists($keyfilePath)) {
+ if ( $view->file_exists( $keyfilePath ) ) {
- $result = $view->file_get_contents($keyfilePath);
+ $result = $view->file_get_contents( $keyfilePath );
} else {
@@ -272,27 +264,26 @@ class Keymanager
* @note $path must be relative to data/user/files. e.g. mydoc.txt NOT
* /data/admin/files/mydoc.txt
*/
- public static function deleteFileKey(\OC_FilesystemView $view, $userId, $path)
- {
+ public static function deleteFileKey( \OC_FilesystemView $view, $userId, $path ) {
- $trimmed = ltrim($path, '/');
+ $trimmed = ltrim( $path, '/' );
$keyPath = '/' . $userId . '/files_encryption/keyfiles/' . $trimmed;
$result = false;
- if ($view->is_dir($keyPath)) {
+ if ( $view->is_dir( $keyPath ) ) {
- $result = $view->unlink($keyPath);
+ $result = $view->unlink( $keyPath );
- } else if ($view->file_exists($keyPath . '.key')) {
+ } else if ( $view->file_exists( $keyPath . '.key' ) ) {
- $result = $view->unlink($keyPath . '.key');
+ $result = $view->unlink( $keyPath . '.key' );
}
- if (!$result) {
+ if ( !$result ) {
- \OC_Log::write('Encryption library', 'Could not delete keyfile; does not exist: "' . $keyPath, \OC_Log::ERROR);
+ \OC_Log::write( 'Encryption library', 'Could not delete keyfile; does not exist: "' . $keyPath, \OC_Log::ERROR );
}
@@ -307,19 +298,19 @@ class Keymanager
* @note Encryption of the private key must be performed by client code
* as no encryption takes place here
*/
- public static function setPrivateKey($key)
- {
+ public static function setPrivateKey( $key ) {
$user = \OCP\User::getUser();
- $view = new \OC_FilesystemView('/' . $user . '/files_encryption');
+ $view = new \OC_FilesystemView( '/' . $user . '/files_encryption' );
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
- if (!$view->file_exists('')) $view->mkdir('');
+ if ( !$view->file_exists( '' ) )
+ $view->mkdir( '' );
- $result = $view->file_put_contents($user . '.private.key', $key);
+ $result = $view->file_put_contents( $user . '.private.key', $key );
\OC_FileProxy::$enabled = $proxyStatus;
@@ -340,22 +331,21 @@ class Keymanager
* @note The keyfile is not encrypted here. Client code must
* asymmetrically encrypt the keyfile before passing it to this method
*/
- public static function setShareKey(\OC_FilesystemView $view, $path, $userId, $shareKey)
- {
+ public static function setShareKey( \OC_FilesystemView $view, $path, $userId, $shareKey ) {
// Here we need the currently logged in user, while userId can be a different user
- $util = new Util($view, \OCP\User::getUser());
+ $util = new Util( $view, \OCP\User::getUser() );
- list($owner, $filename) = $util->getUidAndFilename($path);
+ list( $owner, $filename ) = $util->getUidAndFilename( $path );
$basePath = '/' . $owner . '/files_encryption/share-keys';
- $shareKeyPath = self::keySetPreparation($view, $filename, $basePath, $owner);
+ $shareKeyPath = self::keySetPreparation( $view, $filename, $basePath, $owner );
// try reusing key file if part file
- if (self::isPartialFilePath($shareKeyPath)) {
+ if ( self::isPartialFilePath( $shareKeyPath ) ) {
- $writePath = $basePath . '/' . self::fixPartialFilePath($shareKeyPath) . '.' . $userId . '.shareKey';
+ $writePath = $basePath . '/' . self::fixPartialFilePath( $shareKeyPath ) . '.' . $userId . '.shareKey';
} else {
@@ -366,12 +356,12 @@ class Keymanager
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
- $result = $view->file_put_contents($writePath, $shareKey);
+ $result = $view->file_put_contents( $writePath, $shareKey );
\OC_FileProxy::$enabled = $proxyStatus;
if (
- is_int($result)
+ is_int( $result )
&& $result > 0
) {
@@ -392,17 +382,16 @@ class Keymanager
* @param array $shareKeys
* @return bool
*/
- public static function setShareKeys(\OC_FilesystemView $view, $path, array $shareKeys)
- {
+ public static function setShareKeys( \OC_FilesystemView $view, $path, array $shareKeys ) {
// $shareKeys must be an array with the following format:
// [userId] => [encrypted key]
$result = true;
- foreach ($shareKeys as $userId => $shareKey) {
+ foreach ( $shareKeys as $userId => $shareKey ) {
- if (!self::setShareKey($view, $path, $userId, $shareKey)) {
+ if ( !self::setShareKey( $view, $path, $userId, $shareKey ) ) {
// If any of the keys are not set, flag false
$result = false;
@@ -426,15 +415,14 @@ class Keymanager
* @note The sharekey returned is encrypted. Decryption
* of the keyfile must be performed by client code
*/
- public static function getShareKey(\OC_FilesystemView $view, $userId, $filePath)
- {
+ public static function getShareKey( \OC_FilesystemView $view, $userId, $filePath ) {
// try reusing key file if part file
- if (self::isPartialFilePath($filePath)) {
+ if ( self::isPartialFilePath( $filePath ) ) {
- $result = self::getShareKey($view, $userId, self::fixPartialFilePath($filePath));
+ $result = self::getShareKey( $view, $userId, self::fixPartialFilePath( $filePath ) );
- if ($result) {
+ if ( $result ) {
return $result;
@@ -446,14 +434,14 @@ class Keymanager
\OC_FileProxy::$enabled = false;
//here we need the currently logged in user, while userId can be a different user
- $util = new Util($view, \OCP\User::getUser());
+ $util = new Util( $view, \OCP\User::getUser() );
- list($owner, $filename) = $util->getUidAndFilename($filePath);
- $shareKeyPath = \OC\Files\Filesystem::normalizePath('/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey');
+ list( $owner, $filename ) = $util->getUidAndFilename( $filePath );
+ $shareKeyPath = \OC\Files\Filesystem::normalizePath( '/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey' );
- if ($view->file_exists($shareKeyPath)) {
+ if ( $view->file_exists( $shareKeyPath ) ) {
- $result = $view->file_get_contents($shareKeyPath);
+ $result = $view->file_get_contents( $shareKeyPath );
} else {
@@ -473,16 +461,18 @@ class Keymanager
* @param string $userId owner of the file
* @param string $filePath path to the file, relative to the owners file dir
*/
- public static function delAllShareKeys(\OC_FilesystemView $view, $userId, $filePath)
- {
+ public static function delAllShareKeys( \OC_FilesystemView $view, $userId, $filePath ) {
- if ($view->is_dir($userId . '/files/' . $filePath)) {
- $view->unlink($userId . '/files_encryption/share-keys/' . $filePath);
+ if ( $view->is_dir( $userId . '/files/' . $filePath ) ) {
+ $view->unlink( $userId . '/files_encryption/share-keys/' . $filePath );
} else {
- $localKeyPath = $view->getLocalFile($userId . '/files_encryption/share-keys/' . $filePath);
- $matches = glob(preg_quote($localKeyPath) . '*.shareKey');
- foreach ($matches as $ma) {
- unlink($ma);
+ $localKeyPath = $view->getLocalFile( $userId . '/files_encryption/share-keys/' . $filePath );
+ $matches = glob( preg_quote( $localKeyPath ) . '*.shareKey' );
+ foreach ( $matches as $ma ) {
+ $result = unlink( $ma );
+ if ( !$result ) {
+ \OC_Log::write( 'Encryption library', 'Keyfile or shareKey could not be deleted for file "' . $filePath . '"', \OC_Log::ERROR );
+ }
}
}
}
@@ -490,30 +480,29 @@ class Keymanager
/**
* @brief Delete a single user's shareKey for a single file
*/
- public static function delShareKey(\OC_FilesystemView $view, $userIds, $filePath)
- {
+ public static function delShareKey( \OC_FilesystemView $view, $userIds, $filePath ) {
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
//here we need the currently logged in user, while userId can be a different user
- $util = new Util($view, \OCP\User::getUser());
+ $util = new Util( $view, \OCP\User::getUser() );
- list($owner, $filename) = $util->getUidAndFilename($filePath);
+ list( $owner, $filename ) = $util->getUidAndFilename( $filePath );
- $shareKeyPath = \OC\Files\Filesystem::normalizePath('/' . $owner . '/files_encryption/share-keys/' . $filename);
+ $shareKeyPath = \OC\Files\Filesystem::normalizePath( '/' . $owner . '/files_encryption/share-keys/' . $filename );
- if ($view->is_dir($shareKeyPath)) {
+ if ( $view->is_dir( $shareKeyPath ) ) {
- $localPath = \OC\Files\Filesystem::normalizePath($view->getLocalFolder($shareKeyPath));
- self::recursiveDelShareKeys($localPath, $userIds);
+ $localPath = \OC\Files\Filesystem::normalizePath( $view->getLocalFolder( $shareKeyPath ) );
+ self::recursiveDelShareKeys( $localPath, $userIds );
} else {
- foreach ($userIds as $userId) {
+ foreach ( $userIds as $userId ) {
- if (!$view->unlink($shareKeyPath . '.' . $userId . '.shareKey')) {
- \OC_Log::write('Encryption library', 'Could not delete shareKey; does not exist: "' . $shareKeyPath . '.' . $userId . '.shareKey"', \OC_Log::ERROR);
+ if ( !$view->unlink( $shareKeyPath . '.' . $userId . '.shareKey' ) ) {
+ \OC_Log::write( 'Encryption library', 'Could not delete shareKey; does not exist: "' . $shareKeyPath . '.' . $userId . '.shareKey"', \OC_Log::ERROR );
}
}
@@ -528,45 +517,42 @@ class Keymanager
* @param string $dir directory
* @param array $userIds user ids for which the share keys should be deleted
*/
- private static function recursiveDelShareKeys($dir, $userIds)
- {
- foreach ($userIds as $userId) {
- $completePath = $dir . '/.*' . '.' . $userId . '.shareKey';
- $matches = glob(preg_quote($dir) . '/*' . preg_quote('.' . $userId . '.shareKey'));
+ private static function recursiveDelShareKeys( $dir, $userIds ) {
+ foreach ( $userIds as $userId ) {
+ $matches = glob( preg_quote( $dir ) . '/*' . preg_quote( '.' . $userId . '.shareKey' ) );
}
/** @var $matches array */
- foreach ($matches as $ma) {
- if (!unlink($ma)) {
- \OC_Log::write('Encryption library', 'Could not delete shareKey; does not exist: "' . $ma . '"', \OC_Log::ERROR);
+ foreach ( $matches as $ma ) {
+ if ( !unlink( $ma ) ) {
+ \OC_Log::write( 'Encryption library', 'Could not delete shareKey; does not exist: "' . $ma . '"', \OC_Log::ERROR );
}
}
- $subdirs = $directories = glob(preg_quote($dir) . '/*', GLOB_ONLYDIR);
- foreach ($subdirs as $subdir) {
- self::recursiveDelShareKeys($subdir, $userIds);
+ $subdirs = $directories = glob( preg_quote( $dir ) . '/*', GLOB_ONLYDIR );
+ foreach ( $subdirs as $subdir ) {
+ self::recursiveDelShareKeys( $subdir, $userIds );
}
}
/**
* @brief Make preparations to vars and filesystem for saving a keyfile
*/
- public static function keySetPreparation(\OC_FilesystemView $view, $path, $basePath, $userId)
- {
+ public static function keySetPreparation( \OC_FilesystemView $view, $path, $basePath, $userId ) {
- $targetPath = ltrim($path, '/');
+ $targetPath = ltrim( $path, '/' );
- $path_parts = pathinfo($targetPath);
+ $path_parts = pathinfo( $targetPath );
// If the file resides within a subdirectory, create it
if (
- isset($path_parts['dirname'])
- && !$view->file_exists($basePath . '/' . $path_parts['dirname'])
+ isset( $path_parts['dirname'] )
+ && !$view->file_exists( $basePath . '/' . $path_parts['dirname'] )
) {
- $sub_dirs = explode(DIRECTORY_SEPARATOR, $basePath . '/' . $path_parts['dirname']);
+ $sub_dirs = explode( DIRECTORY_SEPARATOR, $basePath . '/' . $path_parts['dirname'] );
$dir = '';
- foreach ($sub_dirs as $sub_dir) {
+ foreach ( $sub_dirs as $sub_dir ) {
$dir .= '/' . $sub_dir;
- if (!$view->is_dir($dir)) {
- $view->mkdir($dir);
+ if ( !$view->is_dir( $dir ) ) {
+ $view->mkdir( $dir );
}
}
}
diff --git a/apps/files_encryption/lib/proxy.php b/apps/files_encryption/lib/proxy.php
index cc9d239b256..eaaeae9b619 100644
--- a/apps/files_encryption/lib/proxy.php
+++ b/apps/files_encryption/lib/proxy.php
@@ -48,13 +48,12 @@ class Proxy extends \OC_FileProxy
*
* Tests if server side encryption is enabled, and file is allowed by blacklists
*/
- private static function shouldEncrypt($path)
- {
+ private static function shouldEncrypt( $path ) {
- if (is_null(self::$enableEncryption)) {
+ if ( is_null( self::$enableEncryption ) ) {
if (
- \OCP\Config::getAppValue('files_encryption', 'enable_encryption', 'true') == 'true'
+ \OCP\Config::getAppValue( 'files_encryption', 'enable_encryption', 'true' ) == 'true'
&& Crypt::mode() == 'server'
) {
@@ -68,27 +67,27 @@ class Proxy extends \OC_FileProxy
}
- if (!self::$enableEncryption) {
+ if ( !self::$enableEncryption ) {
return false;
}
- if (is_null(self::$blackList)) {
+ if ( is_null( self::$blackList ) ) {
- self::$blackList = explode(',', \OCP\Config::getAppValue('files_encryption', 'type_blacklist', ''));
+ self::$blackList = explode( ',', \OCP\Config::getAppValue( 'files_encryption', 'type_blacklist', '' ) );
}
- if (Crypt::isCatfileContent($path)) {
+ if ( Crypt::isCatfileContent( $path ) ) {
return true;
}
- $extension = substr($path, strrpos($path, '.') + 1);
+ $extension = substr( $path, strrpos( $path, '.' ) + 1 );
- if (array_search($extension, self::$blackList) === false) {
+ if ( array_search( $extension, self::$blackList ) === false ) {
return true;
@@ -102,35 +101,34 @@ class Proxy extends \OC_FileProxy
* @param $data
* @return bool
*/
- public function preFile_put_contents($path, &$data)
- {
+ public function preFile_put_contents( $path, &$data ) {
- if (self::shouldEncrypt($path)) {
+ if ( self::shouldEncrypt( $path ) ) {
// Stream put contents should have been converted to fopen
- if (!is_resource($data)) {
+ if ( !is_resource( $data ) ) {
$userId = \OCP\USER::getUser();
- $view = new \OC_FilesystemView('/');
- $util = new Util($view, $userId);
- $session = new Session($view);
+ $view = new \OC_FilesystemView( '/' );
+ $util = new Util( $view, $userId );
+ $session = new Session( $view );
$privateKey = $session->getPrivateKey();
- $filePath = $util->stripUserFilesPath($path);
+ $filePath = $util->stripUserFilesPath( $path );
// Set the filesize for userland, before encrypting
- $size = strlen($data);
+ $size = strlen( $data );
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Check if there is an existing key we can reuse
- if ($encKeyfile = Keymanager::getFileKey($view, $userId, $filePath)) {
+ if ( $encKeyfile = Keymanager::getFileKey( $view, $userId, $filePath ) ) {
// Fetch shareKey
- $shareKey = Keymanager::getShareKey($view, $userId, $filePath);
+ $shareKey = Keymanager::getShareKey( $view, $userId, $filePath );
// Decrypt the keyfile
- $plainKey = Crypt::multiKeyDecrypt($encKeyfile, $shareKey, $privateKey);
+ $plainKey = Crypt::multiKeyDecrypt( $encKeyfile, $shareKey, $privateKey );
} else {
@@ -140,37 +138,37 @@ class Proxy extends \OC_FileProxy
}
// Encrypt data
- $encData = Crypt::symmetricEncryptFileContent($data, $plainKey);
+ $encData = Crypt::symmetricEncryptFileContent( $data, $plainKey );
$sharingEnabled = \OCP\Share::isEnabled();
// if file exists try to get sharing users
- if ($view->file_exists($path)) {
- $uniqueUserIds = $util->getSharingUsersArray($sharingEnabled, $filePath, $userId);
+ if ( $view->file_exists( $path ) ) {
+ $uniqueUserIds = $util->getSharingUsersArray( $sharingEnabled, $filePath, $userId );
} else {
$uniqueUserIds[] = $userId;
}
// Fetch public keys for all users who will share the file
- $publicKeys = Keymanager::getPublicKeys($view, $uniqueUserIds);
+ $publicKeys = Keymanager::getPublicKeys( $view, $uniqueUserIds );
// Encrypt plain keyfile to multiple sharefiles
- $multiEncrypted = Crypt::multiKeyEncrypt($plainKey, $publicKeys);
+ $multiEncrypted = Crypt::multiKeyEncrypt( $plainKey, $publicKeys );
// Save sharekeys to user folders
- Keymanager::setShareKeys($view, $filePath, $multiEncrypted['keys']);
+ Keymanager::setShareKeys( $view, $filePath, $multiEncrypted['keys'] );
// Set encrypted keyfile as common varname
$encKey = $multiEncrypted['data'];
// Save keyfile for newly encrypted file in parallel directory tree
- Keymanager::setFileKey($view, $filePath, $userId, $encKey);
+ Keymanager::setFileKey( $view, $filePath, $userId, $encKey );
// Replace plain content with encrypted content by reference
$data = $encData;
// Update the file cache with file info
- \OC\Files\Filesystem::putFileInfo($filePath, array('encrypted' => true, 'size' => strlen($data), 'unencrypted_size' => $size), '');
+ \OC\Files\Filesystem::putFileInfo( $filePath, array( 'encrypted' => true, 'size' => strlen( $data ), 'unencrypted_size' => $size ), '' );
// Re-enable proxy - our work is done
\OC_FileProxy::$enabled = $proxyStatus;
@@ -186,52 +184,51 @@ class Proxy extends \OC_FileProxy
* @param string $path Path of file from which has been read
* @param string $data Data that has been read from file
*/
- public function postFile_get_contents($path, $data)
- {
+ public function postFile_get_contents( $path, $data ) {
$userId = \OCP\USER::getUser();
- $view = new \OC_FilesystemView('/');
- $util = new Util($view, $userId);
+ $view = new \OC_FilesystemView( '/' );
+ $util = new Util( $view, $userId );
- $relPath = $util->stripUserFilesPath($path);
+ $relPath = $util->stripUserFilesPath( $path );
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// init session
- $session = new Session($view);
+ $session = new Session( $view );
// If data is a catfile
if (
Crypt::mode() == 'server'
- && Crypt::isCatfileContent($data)
+ && Crypt::isCatfileContent( $data )
) {
- $privateKey = $session->getPrivateKey($userId);
+ $privateKey = $session->getPrivateKey( $userId );
// Get the encrypted keyfile
- $encKeyfile = Keymanager::getFileKey($view, $userId, $relPath);
+ $encKeyfile = Keymanager::getFileKey( $view, $userId, $relPath );
// Attempt to fetch the user's shareKey
- $shareKey = Keymanager::getShareKey($view, $userId, $relPath);
+ $shareKey = Keymanager::getShareKey( $view, $userId, $relPath );
// Decrypt keyfile with shareKey
- $plainKeyfile = Crypt::multiKeyDecrypt($encKeyfile, $shareKey, $privateKey);
+ $plainKeyfile = Crypt::multiKeyDecrypt( $encKeyfile, $shareKey, $privateKey );
- $plainData = Crypt::symmetricDecryptFileContent($data, $plainKeyfile);
+ $plainData = Crypt::symmetricDecryptFileContent( $data, $plainKeyfile );
} elseif (
Crypt::mode() == 'server'
- && isset($_SESSION['legacyenckey'])
- && Crypt::isEncryptedMeta($path)
+ && isset( $_SESSION['legacyenckey'] )
+ && Crypt::isEncryptedMeta( $path )
) {
- $plainData = Crypt::legacyDecrypt($data, $session->getLegacyKey());
+ $plainData = Crypt::legacyDecrypt( $data, $session->getLegacyKey() );
}
\OC_FileProxy::$enabled = $proxyStatus;
- if (!isset($plainData)) {
+ if ( !isset( $plainData ) ) {
$plainData = $data;
@@ -244,11 +241,10 @@ class Proxy extends \OC_FileProxy
/**
* @brief When a file is deleted, remove its keyfile also
*/
- public function preUnlink($path)
- {
+ public function preUnlink( $path ) {
// let the trashbin handle this
- if (\OCP\App::isEnabled('files_trashbin')) {
+ if ( \OCP\App::isEnabled( 'files_trashbin' ) ) {
return true;
}
@@ -256,29 +252,24 @@ class Proxy extends \OC_FileProxy
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
- $view = new \OC_FilesystemView('/');
+ $view = new \OC_FilesystemView( '/' );
$userId = \OCP\USER::getUser();
- $util = new Util($view, $userId);
+ $util = new Util( $view, $userId );
// Format path to be relative to user files dir
- $relPath = $util->stripUserFilesPath($path);
+ $relPath = $util->stripUserFilesPath( $path );
- list($owner, $ownerPath) = $util->getUidAndFilename($relPath);
+ list( $owner, $ownerPath ) = $util->getUidAndFilename( $relPath );
// Delete keyfile & shareKey so it isn't orphaned
- if (
- !(
- Keymanager::deleteFileKey($view, $owner, $ownerPath)
- && Keymanager::delAllShareKeys($view, $owner, $ownerPath)
- )
- ) {
-
- \OC_Log::write('Encryption library', 'Keyfile or shareKey could not be deleted for file "' . $ownerPath . '"', \OC_Log::ERROR);
-
+ if ( !Keymanager::deleteFileKey( $view, $owner, $ownerPath ) ) {
+ \OC_Log::write( 'Encryption library', 'Keyfile or shareKey could not be deleted for file "' . $ownerPath . '"', \OC_Log::ERROR );
}
+ Keymanager::delAllShareKeys( $view, $owner, $ownerPath );
+
\OC_FileProxy::$enabled = $proxyStatus;
// If we don't return true then file delete will fail; better
@@ -291,9 +282,8 @@ class Proxy extends \OC_FileProxy
* @param $path
* @return bool
*/
- public function postTouch($path)
- {
- $this->handleFile($path);
+ public function postTouch( $path ) {
+ $this->handleFile( $path );
return true;
}
@@ -303,21 +293,20 @@ class Proxy extends \OC_FileProxy
* @param $result
* @return resource
*/
- public function postFopen($path, &$result)
- {
+ public function postFopen( $path, &$result ) {
- if (!$result) {
+ if ( !$result ) {
return $result;
}
// Reformat path for use with OC_FSV
- $path_split = explode('/', $path);
- $path_f = implode('/', array_slice($path_split, 3));
+ $path_split = explode( '/', $path );
+ $path_f = implode( '/', array_slice( $path_split, 3 ) );
// FIXME: handling for /userId/cache used by webdav for chunking. The cache chunks are NOT encrypted
- if ($path_split[2] == 'cache') {
+ if ( count($path_split) >= 2 && $path_split[2] == 'cache' ) {
return $result;
}
@@ -325,31 +314,31 @@ class Proxy extends \OC_FileProxy
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
- $meta = stream_get_meta_data($result);
+ $meta = stream_get_meta_data( $result );
- $view = new \OC_FilesystemView('');
+ $view = new \OC_FilesystemView( '' );
- $util = new Util($view, \OCP\USER::getUser());
+ $util = new Util( $view, \OCP\USER::getUser() );
// If file is already encrypted, decrypt using crypto protocol
if (
Crypt::mode() == 'server'
- && $util->isEncryptedPath($path)
+ && $util->isEncryptedPath( $path )
) {
// Close the original encrypted file
- fclose($result);
+ fclose( $result );
// Open the file using the crypto stream wrapper
// protocol and let it do the decryption work instead
- $result = fopen('crypt://' . $path_f, $meta['mode']);
+ $result = fopen( 'crypt://' . $path_f, $meta['mode'] );
} elseif (
- self::shouldEncrypt($path)
+ self::shouldEncrypt( $path )
and $meta ['mode'] != 'r'
and $meta['mode'] != 'rb'
) {
- $result = fopen('crypt://' . $path_f, $meta['mode']);
+ $result = fopen( 'crypt://' . $path_f, $meta['mode'] );
}
// Re-enable the proxy
@@ -364,18 +353,17 @@ class Proxy extends \OC_FileProxy
* @param $data
* @return array
*/
- public function postGetFileInfo($path, $data)
- {
+ public function postGetFileInfo( $path, $data ) {
// if path is a folder do nothing
- if (is_array($data) && array_key_exists('size', $data)) {
+ if ( is_array( $data ) && array_key_exists( 'size', $data ) ) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// get file size
- $data['size'] = self::postFileSize($path, $data['size']);
+ $data['size'] = self::postFileSize( $path, $data['size'] );
// Re-enable the proxy
\OC_FileProxy::$enabled = $proxyStatus;
@@ -389,52 +377,51 @@ class Proxy extends \OC_FileProxy
* @param $size
* @return bool
*/
- public function postFileSize($path, $size)
- {
+ public function postFileSize( $path, $size ) {
- $view = new \OC_FilesystemView('/');
+ $view = new \OC_FilesystemView( '/' );
// if path is a folder do nothing
- if ($view->is_dir($path)) {
+ if ( $view->is_dir( $path ) ) {
return $size;
}
// Reformat path for use with OC_FSV
- $path_split = explode('/', $path);
- $path_f = implode('/', array_slice($path_split, 3));
+ $path_split = explode( '/', $path );
+ $path_f = implode( '/', array_slice( $path_split, 3 ) );
// if path is empty we cannot resolve anything
- if (empty($path_f)) {
+ if ( empty( $path_f ) ) {
return $size;
}
$fileInfo = false;
// get file info from database/cache if not .part file
- if(!Keymanager::isPartialFilePath($path)) {
- $fileInfo = $view->getFileInfo($path);
+ if ( !Keymanager::isPartialFilePath( $path ) ) {
+ $fileInfo = $view->getFileInfo( $path );
}
// if file is encrypted return real file size
- if (is_array($fileInfo) && $fileInfo['encrypted'] === true) {
+ if ( is_array( $fileInfo ) && $fileInfo['encrypted'] === true ) {
$size = $fileInfo['unencrypted_size'];
} else {
// self healing if file was removed from file cache
- if (!is_array($fileInfo)) {
+ if ( !is_array( $fileInfo ) ) {
$fileInfo = array();
}
$userId = \OCP\User::getUser();
- $util = new Util($view, $userId);
- $fixSize = $util->getFileSize($path);
- if ($fixSize > 0) {
+ $util = new Util( $view, $userId );
+ $fixSize = $util->getFileSize( $path );
+ if ( $fixSize > 0 ) {
$size = $fixSize;
$fileInfo['encrypted'] = true;
$fileInfo['unencrypted_size'] = $size;
// put file info if not .part file
- if(!Keymanager::isPartialFilePath($path_f)) {
- $view->putFileInfo($path, $fileInfo);
+ if ( !Keymanager::isPartialFilePath( $path_f ) ) {
+ $view->putFileInfo( $path, $fileInfo );
}
}
@@ -445,33 +432,32 @@ class Proxy extends \OC_FileProxy
/**
* @param $path
*/
- public function handleFile($path)
- {
+ public function handleFile( $path ) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
- $view = new \OC_FilesystemView('/');
- $session = new Session($view);
+ $view = new \OC_FilesystemView( '/' );
+ $session = new Session( $view );
$userId = \OCP\User::getUser();
- $util = new Util($view, $userId);
+ $util = new Util( $view, $userId );
// Reformat path for use with OC_FSV
- $path_split = explode('/', $path);
- $path_f = implode('/', array_slice($path_split, 3));
+ $path_split = explode( '/', $path );
+ $path_f = implode( '/', array_slice( $path_split, 3 ) );
// only if file is on 'files' folder fix file size and sharing
- if ($path_split[2] == 'files' && $util->fixFileSize($path)) {
+ if ( count($path_split) >= 2 && $path_split[2] == 'files' && $util->fixFileSize( $path ) ) {
// get sharing app state
$sharingEnabled = \OCP\Share::isEnabled();
// get users
- $usersSharing = $util->getSharingUsersArray($sharingEnabled, $path_f);
+ $usersSharing = $util->getSharingUsersArray( $sharingEnabled, $path_f );
// update sharing-keys
- $util->setSharedFileKeyfiles($session, $usersSharing, $path_f);
+ $util->setSharedFileKeyfiles( $session, $usersSharing, $path_f );
}
\OC_FileProxy::$enabled = $proxyStatus;
diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php
index 86f56e56766..2ddad0a15da 100644
--- a/apps/files_encryption/lib/session.php
+++ b/apps/files_encryption/lib/session.php
@@ -37,27 +37,26 @@ class Session
*
* @note The ownCloud key pair is used to allow public link sharing even if encryption is enabled
*/
- public function __construct($view)
- {
+ public function __construct( $view ) {
$this->view = $view;
- if (!$this->view->is_dir('owncloud_private_key')) {
+ if ( !$this->view->is_dir( 'owncloud_private_key' ) ) {
- $this->view->mkdir('owncloud_private_key');
+ $this->view->mkdir( 'owncloud_private_key' );
}
- $publicShareKeyId = \OC_Appconfig::getValue('files_encryption', 'publicShareKeyId');
+ $publicShareKeyId = \OC_Appconfig::getValue( 'files_encryption', 'publicShareKeyId' );
- if ($publicShareKeyId === null) {
- $publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8);
- \OC_Appconfig::setValue('files_encryption', 'publicShareKeyId', $publicShareKeyId);
+ if ( $publicShareKeyId === null ) {
+ $publicShareKeyId = 'pubShare_' . substr( md5( time() ), 0, 8 );
+ \OC_Appconfig::setValue( 'files_encryption', 'publicShareKeyId', $publicShareKeyId );
}
if (
- !$this->view->file_exists("/public-keys/" . $publicShareKeyId . ".public.key")
- || !$this->view->file_exists("/owncloud_private_key/" . $publicShareKeyId . ".private.key")
+ !$this->view->file_exists( "/public-keys/" . $publicShareKeyId . ".public.key" )
+ || !$this->view->file_exists( "/owncloud_private_key/" . $publicShareKeyId . ".private.key" )
) {
$keypair = Crypt::createKeypair();
@@ -68,32 +67,33 @@ class Session
// Save public key
- if (!$view->is_dir('/public-keys')) {
- $view->mkdir('/public-keys');
+ if ( !$view->is_dir( '/public-keys' ) ) {
+ $view->mkdir( '/public-keys' );
}
- $this->view->file_put_contents('/public-keys/' . $publicShareKeyId . '.public.key', $keypair['publicKey']);
+ $this->view->file_put_contents( '/public-keys/' . $publicShareKeyId . '.public.key', $keypair['publicKey'] );
- // Encrypt private key empthy passphrase
- $encryptedPrivateKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], '');
+ // Encrypt private key empty passphrase
+ $encryptedPrivateKey = Crypt::symmetricEncryptFileContent( $keypair['privateKey'], '' );
// Save private key
- $this->view->file_put_contents('/owncloud_private_key/' . $publicShareKeyId . '.private.key', $encryptedPrivateKey);
+ $this->view->file_put_contents( '/owncloud_private_key/' . $publicShareKeyId . '.private.key', $encryptedPrivateKey );
\OC_FileProxy::$enabled = $proxyStatus;
}
- if (\OCP\USER::getUser() === false ||
- (isset($_GET['service']) && $_GET['service'] == 'files' &&
- isset($_GET['t']))) {
+ if ( \OCP\USER::getUser() === false ||
+ ( isset( $_GET['service'] ) && $_GET['service'] == 'files' &&
+ isset( $_GET['t'] ) )
+ ) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
- $encryptedKey = $this->view->file_get_contents('/owncloud_private_key/' . $publicShareKeyId . '.private.key');
- $privateKey = Crypt::symmetricDecryptFileContent($encryptedKey, '');
- $this->setPrivateKey($privateKey);
+ $encryptedKey = $this->view->file_get_contents( '/owncloud_private_key/' . $publicShareKeyId . '.private.key' );
+ $privateKey = Crypt::symmetricDecryptFileContent( $encryptedKey, '' );
+ $this->setPrivateKey( $privateKey );
\OC_FileProxy::$enabled = $proxyStatus;
}
@@ -104,8 +104,7 @@ class Session
* @param string $privateKey
* @return bool
*/
- public function setPrivateKey($privateKey)
- {
+ public function setPrivateKey( $privateKey ) {
$_SESSION['privateKey'] = $privateKey;
@@ -118,12 +117,11 @@ class Session
* @returns string $privateKey The user's plaintext private key
*
*/
- public function getPrivateKey()
- {
+ public function getPrivateKey() {
if (
- isset($_SESSION['privateKey'])
- && !empty($_SESSION['privateKey'])
+ isset( $_SESSION['privateKey'] )
+ && !empty( $_SESSION['privateKey'] )
) {
return $_SESSION['privateKey'];
@@ -141,8 +139,7 @@ class Session
* @param $legacyKey
* @return bool
*/
- public function setLegacyKey($legacyKey)
- {
+ public function setLegacyKey( $legacyKey ) {
$_SESSION['legacyKey'] = $legacyKey;
@@ -154,12 +151,11 @@ class Session
* @returns string $legacyKey The user's plaintext legacy key
*
*/
- public function getLegacyKey()
- {
+ public function getLegacyKey() {
if (
- isset($_SESSION['legacyKey'])
- && !empty($_SESSION['legacyKey'])
+ isset( $_SESSION['legacyKey'] )
+ && !empty( $_SESSION['legacyKey'] )
) {
return $_SESSION['legacyKey'];
diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php
index b143b62827f..fa9df02f085 100644
--- a/apps/files_encryption/lib/stream.php
+++ b/apps/files_encryption/lib/stream.php
@@ -77,19 +77,18 @@ class Stream
* @param $opened_path
* @return bool
*/
- public function stream_open($path, $mode, $options, &$opened_path)
- {
+ public function stream_open( $path, $mode, $options, &$opened_path ) {
- if (!isset($this->rootView)) {
- $this->rootView = new \OC_FilesystemView('/');
+ if ( !isset( $this->rootView ) ) {
+ $this->rootView = new \OC_FilesystemView( '/' );
}
- $util = new Util($this->rootView, \OCP\USER::getUser());
+ $util = new Util( $this->rootView, \OCP\USER::getUser() );
$this->userId = $util->getUserId();
// Strip identifier text from path, this gives us the path relative to data/