sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

all unit files_encryption crypt unit tests now passing after merge

remotes/origin/stable5
Sam Tuke 2012-10-17 16:35:19 +07:00
parent 8b01286a5d
commit 265f3654af
16 changed files with 248 additions and 218 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/files_encryption/ajax/mode.php
Unescape Escape View File

@ -5,7 +5,7 @@
* See the COPYING-README file.
*/
use OCA_Encryption\Keymanager;
use OCA\Encryption\Keymanager;
OCP\JSON::checkAppEnabled('files_encryption');
OCP\JSON::checkLoggedIn();

22
apps/files_encryption/appinfo/app.php
Unescape Escape View File

@ -1,20 +1,20 @@
<?php
OC::$CLASSPATH['OCA_Encryption\Crypt'] = 'apps/files_encryption/lib/crypt.php';
OC::$CLASSPATH['OCA_Encryption\Hooks'] = 'apps/files_encryption/hooks/hooks.php';
OC::$CLASSPATH['OCA_Encryption\Util'] = 'apps/files_encryption/lib/util.php';
OC::$CLASSPATH['OCA_Encryption\Keymanager'] = 'apps/files_encryption/lib/keymanager.php';
OC::$CLASSPATH['OCA_Encryption\Stream'] = 'apps/files_encryption/lib/stream.php';
OC::$CLASSPATH['OCA_Encryption\Proxy'] = 'apps/files_encryption/lib/proxy.php';
OC::$CLASSPATH['OCA\Encryption\Crypt'] = 'apps/files_encryption/lib/crypt.php';
OC::$CLASSPATH['OCA\Encryption\Hooks'] = 'apps/files_encryption/hooks/hooks.php';
OC::$CLASSPATH['OCA\Encryption\Util'] = 'apps/files_encryption/lib/util.php';
OC::$CLASSPATH['OCA\Encryption\Keymanager'] = 'apps/files_encryption/lib/keymanager.php';
OC::$CLASSPATH['OCA\Encryption\Stream'] = 'apps/files_encryption/lib/stream.php';
OC::$CLASSPATH['OCA\Encryption\Proxy'] = 'apps/files_encryption/lib/proxy.php';
OC_FileProxy::register(new OCA_Encryption\Proxy());
OC_FileProxy::register(new OCA\Encryption\Proxy());
OCP\Util::connectHook('OC_User','post_login','OCA_Encryption\Hooks','login');
OCP\Util::connectHook('OC_Webdav_Properties', 'update', 'OCA_Encryption\Hooks', 'updateKeyfile');
OCP\Util::connectHook('OC_User','post_login','OCA\Encryption\Hooks','login');
OCP\Util::connectHook('OC_Webdav_Properties', 'update', 'OCA\Encryption\Hooks', 'updateKeyfile');
stream_wrapper_register( 'crypt', 'OCA_Encryption\Stream');
stream_wrapper_register( 'crypt', 'OCA\Encryption\Stream');
if( !isset( $_SESSION['enckey'] ) && OCP\User::isLoggedIn() && OCA_Encryption\Crypt::mode() == 'server' ) {
if( !isset( $_SESSION['enckey'] ) && OCP\User::isLoggedIn() && OCA\Encryption\Crypt::mode() == 'server' ) {
// Force the user to re-log in if the encryption key isn't unlocked (happens when a user is logged in before the encryption app is enabled)
OCP\User::logout();

6
apps/files_encryption/appinfo/info.xml
Unescape Escape View File

@ -2,10 +2,10 @@
<info>
<id>files_encryption</id>
<name>Encryption</name>
<description>Server side encryption of files. DEPRECATED. This app is no longer supported and will be replaced with an improved version in ownCloud 5. Only enable this features if you want to read old encrypted data. Warning: You will lose your data if you enable this App and forget your password. Encryption is not yet compatible with LDAP.</description>
<description>Server side encryption of files. Warning: You will lose your data if you enable this App and forget your password. Encryption is not yet compatible with LDAP.</description>
<licence>AGPL</licence>
<author>Robin Appelman</author>
<require>4.9</require>
<author>Sam Tuke</author>
<require>4</require>
<shipped>true</shipped>
<types>
<filesystem/>

2
apps/files_encryption/hooks/hooks.php
Unescape Escape View File

@ -20,7 +20,7 @@
*
*/
namespace OCA_Encryption;
namespace OCA\Encryption;
/**
* Class for hook specific logic

89
apps/files_encryption/lib/crypt.php
Unescape Escape View File

@ -22,7 +22,15 @@
*
*/
namespace OCA_Encryption;
namespace OCA\Encryption;
// Todo:
// - Crypt/decrypt button in the userinterface
// - Setting if crypto should be on by default
// - Add a setting "Don´t encrypt files larger than xx because of performance reasons"
// - Transparent decrypt/encrypt in filesystem.php. Autodetect if a file is encrypted (.encrypted extension)
// - Don't use a password directly as encryption key. but a key which is stored on the server and encrypted with the user password. -> password change faster
// - IMPORTANT! Check if the block lenght of the encrypted data stays the same
/**
* Class for common cryptography functionality
@ -52,7 +60,7 @@ class Crypt {
}
}
}
return $mode;
}
@ -61,7 +69,7 @@ class Crypt {
* @return array publicKey, privatekey
*/
public static function createKeypair() {
$res = openssl_pkey_new();
// Get private key
@ -76,9 +84,46 @@ class Crypt {
}
/**
* @brief Add arbitrary padding to encrypted data
* @param string $data data to be padded
* @return padded data
* @note In order to end up with data exactly 8192 bytes long we must add two letters. Something about the encryption process always results in 8190 or 8194 byte length, hence the letters must be added manually after encryption takes place
*/
public static function addPadding( $data ) {
$padded = $data . 'xx';
return $padded;
}
/**
* @brief Remove arbitrary padding to encrypted data
* @param string $padded padded data to remove padding from
* @return padded data on success, false on error
*/
public static function removePadding( $padded ) {
if ( substr( $padded, -2 ) == 'xx' ) {
$data = substr( $padded, 0, -2 );
return $data;
} else {
# TODO: log the fact that unpadded data was submitted for removal of padding
return false;
}
}
/**
* @brief Check if a file's contents contains an IV and is symmetrically encrypted
* @return true / false
* @note see also OCA\Encryption\Util->isEncryptedPath()
*/
public static function isEncryptedContent( $content ) {
@ -88,12 +133,18 @@ class Crypt {
}
$noPadding = self::removePadding( $content );
// Fetch encryption metadata from end of file
$meta = substr( $content, -22 );
$meta = substr( $noPadding, -22 );
// Fetch IV from end of file
$iv = substr( $meta, -16 );
// $msg = "\$content = ".var_dump($content, 1).", \$noPadding = ".var_dump($noPadding, 1).", \$meta = ".var_dump($meta, 1).", \$iv = ".var_dump($iv, 1);
//
// file_put_contents('/home/samtuke/newtmp.txt', $msg );
// Fetch identifier from start of metadata
$identifier = substr( $meta, 0, 6 );
@ -207,7 +258,9 @@ class Crypt {
// Combine content to encrypt with IV identifier and actual IV
$combinedKeyfile = self::concatIv( $encryptedContent, $iv );
return $combinedKeyfile;
$padded = self::addPadding( $combinedKeyfile );
return $padded;
} else {
@ -237,11 +290,14 @@ class Crypt {
}
// Remove padding
$noPadding = self::removePadding( $keyfileContent );
// Fetch IV from end of file
$iv = substr( $keyfileContent, -16 );
$iv = substr( $noPadding, -16 );
// Remove IV and IV identifier text to expose encrypted content
$encryptedContent = substr( $keyfileContent, 0, -22 );
$encryptedContent = substr( $noPadding, 0, -22 );
if ( $plainContent = self::decrypt( $encryptedContent, $iv, $passphrase ) ) {
@ -412,17 +468,19 @@ class Crypt {
while( strlen( $remaining ) ) {
//echo "\n\n\$block = ".substr( $remaining, 0, 8192 );
//echo "\n\n\$block = ".substr( $remaining, 0, 6126 );
// Encrypt a chunk of unencrypted data and add it to the rest
$block = self::symmetricEncryptFileContent( substr( $remaining, 0, 8192 ), $key );
$block = self::symmetricEncryptFileContent( substr( $remaining, 0, 6126 ), $key );
$padded = self::addPadding( $block );
$crypted .= $block;
$testarray[] = $block;
// Remove the data already encrypted from remaining unencrypted data
$remaining = substr( $remaining, 8192 );
$remaining = substr( $remaining, 6126 );
}
@ -450,18 +508,17 @@ class Crypt {
while( strlen( $remaining ) ) {
$testarray[] = substr( $remaining, 0, 10946 );
$testarray[] = substr( $remaining, 0, 8192 );
// Encrypt a chunk of unencrypted data and add it to the rest
// 10946 is the length of a 8192 string once it has been encrypted
$decrypted .= self::symmetricDecryptFileContent( substr( $remaining, 0, 10946 ), $key );
// Decrypt a chunk of unencrypted data and add it to the rest
$decrypted .= self::symmetricDecryptFileContent( $remaining, $key );
// Remove the data already encrypted from remaining unencrypted data
$remaining = substr( $remaining, 10946 );
$remaining = substr( $remaining, 8192 );
}
//print_r($testarray);
//echo "\n\n\$testarray = "; print_r($testarray);
return $decrypted;

2
apps/files_encryption/lib/keymanager.php
Unescape Escape View File

@ -20,7 +20,7 @@
*
*/
namespace OCA_Encryption;
namespace OCA\Encryption;
/**
* This class provides basic operations to read/write encryption keys from/to the filesystem

46
apps/files_encryption/lib/proxy.php
Unescape Escape View File

@ -27,7 +27,7 @@
* transparent encryption
*/
namespace OCA_Encryption;
namespace OCA\Encryption;
class Proxy extends \OC_FileProxy {
@ -43,7 +43,7 @@ class Proxy extends \OC_FileProxy {
* Tests if server side encryption is enabled, and file is allowed by blacklists
*/
private static function shouldEncrypt( $path ) {
if ( is_null( self::$enableEncryption ) ) {
self::$enableEncryption = ( \OCP\Config::getAppValue( 'files_encryption', 'enable_encryption', 'true' ) == 'true' && Crypt::mode() == 'server' );
@ -127,6 +127,7 @@ class Proxy extends \OC_FileProxy {
// Update the file cache with file info
\OC_FileCache::put( $path, array( 'encrypted'=>true, 'size' => $size ), '' );
// Re-enable proxy - our work is done
\OC_FileProxy::$enabled = true;
}
@ -170,22 +171,45 @@ class Proxy extends \OC_FileProxy {
}
// Disable encryption proxy to prevent recursive calls
\OC_FileProxy::$enabled = false;
$meta = stream_get_meta_data( $result );
$view = new \OC_FilesystemView();
$util = new Util( $view, \OCP\USER::getUser());
// If file is encrypted, decrypt using crypto protocol
if ( Crypt::mode() == 'server' && Crypt::isEncryptedContent( $path ) ) {
if ( Crypt::mode() == 'server' && $util->isEncryptedPath( $path ) ) {
$keyFile = Keymanager::getFileKey( $filePath );
file_put_contents('/home/samtuke/newtmp.txt', "bar" );
$tmp = tmpfile();
$tmp = fopen( 'php://temp' );
file_put_contents( $tmp, Crypt::keyDecryptKeyfile( $result, $keyFile, $_SESSION['enckey'] ) );
fclose ( $result );
\OCP\Files::streamCopy( $result, $tmp );
$result = fopen( $tmp );
fclose( $result );
} elseif (
\OC_Filesystem::file_put_contents( $path, $tmp );
fclose( $tmp );
$result = fopen( 'crypt://' . $path, $meta['mode'] );
// file_put_contents('/home/samtuke/newtmp.txt', "mode= server" );
// $keyFile = Keymanager::getFileKey( $filePath );
//
// $tmp = tmpfile();
//
// file_put_contents( $tmp, Crypt::keyDecryptKeyfile( $result, $keyFile, $_SESSION['enckey'] ) );
//
// fclose ( $result );
//
// $result = fopen( $tmp );
} /*elseif (
self::shouldEncrypt( $path )
and $meta ['mode'] != 'r'
and $meta['mode'] != 'rb'
@ -216,7 +240,7 @@ class Proxy extends \OC_FileProxy {
$result = fopen( 'crypt://'.$path, $meta['mode'] );
}
}*/
return $result;

54
apps/files_encryption/lib/stream.php
Unescape Escape View File

@ -27,7 +27,7 @@
* and then fopen('crypt://streams/foo');
*/
namespace OCA_Encryption;
namespace OCA\Encryption;
/**
* @brief Provides 'crypt://' stream wrapper protocol.
@ -89,8 +89,10 @@ class Stream {
$this->size = 0;
} else {
$this->size = self::$view->filesize( \OCP\USER::getUser() . '/' . 'files' . '/' . $path, $mode );
$this->size = self::$view->filesize( $path, $mode );
//$this->size = filesize( $path );
@ -101,13 +103,15 @@ class Stream {
//$this->handle = fopen( $path, $mode );
$this->handle = self::$view->fopen( \OCP\USER::getUser() . '/' . 'files' . '/' . $path, $mode );
$this->handle = self::$view->fopen( $path, $mode );
//file_put_contents('/home/samtuke/newtmp.txt', 'fucking hopeless = '.$path );
\OC_FileProxy::$enabled = true;
if ( !is_resource( $this->handle ) ) {
\OCP\Util::writeLog( 'files_encryption','failed to open '.$path,OCP\Util::ERROR );
\OCP\Util::writeLog( 'files_encryption', 'failed to open '.$path, \OCP\Util::ERROR );
}
@ -137,6 +141,10 @@ class Stream {
public function stream_read( $count ) {
trigger_error("\$count = $count");
file_put_contents('/home/samtuke/newtmp.txt', "\$count = $count" );
$this->writeCache = '';
if ( $count != 8192 ) {
@ -151,11 +159,8 @@ class Stream {
// $pos = ftell( $this->handle );
//
// Get the data from the file handle, including IV and padding
$padded = fread( $this->handle, 8192 );
// Remove padding, leaving data and IV
$data = substr( $padded, 0, -2 );
// Get the data from the file handle
$data = fread( $this->handle, 8192 );
//echo "\n\nPRE DECRYPTION = $data\n\n";
//
@ -167,15 +172,17 @@ class Stream {
$result = Crypt::symmetricDecryptFileContent( $data, $this->keyfile );
echo "\n\n\n\n-----------------------------\n\nNEWS";
// file_put_contents('/home/samtuke/newtmp.txt', '$result = '.$result );
echo "\n\n\$data = $data";
echo "\n\n\$key = {$this->keyfile}";
echo "\n\n\$result = $result";
echo "\n\n\n\n-----------------------------\n\n";
// echo "\n\n\n\n-----------------------------\n\nNEWS";
//
// echo "\n\n\$data = $data";
//
// echo "\n\n\$key = {$this->keyfile}";
//
// echo "\n\n\$result = $result";
//
// echo "\n\n\n\n-----------------------------\n\n";
//trigger_error("CAT $result");
@ -208,12 +215,9 @@ class Stream {
public function preWriteEncrypt( $plainData, $key ) {
// Encrypt data to 'catfile', which includes IV
if ( $encrypted = Crypt::symmetricBlockEncryptFileContent( $plainData, $key ) ) {
if ( $encrypted = Crypt::symmetricEncryptFileContent( $plainData, $key ) ) {
// Add padding. In order to end up with data exactly 8192 bytes long we must add two letters. Something about the encryption process always results in 8190 or 8194 byte length, hence the letters must be added manually after encryption takes place. They get removed in the stream read process
$padded = $encrypted . 'xx';
return $padded;
return $encrypted;
} else {
@ -271,6 +275,8 @@ class Stream {
*/
public function stream_write( $data ) {
//file_put_contents('/home/samtuke/newtmp.txt', 'stream_write('.$data.')' );
// Disable the file proxies so that encryption is not automatically attempted when the file is written to disk - we are handling that separately here and we don't want to get into an infinite loop
\OC_FileProxy::$enabled = false;

16
apps/files_encryption/lib/util.php
Unescape Escape View File

@ -29,7 +29,7 @@
// - Don't use a password directly as encryption key. but a key which is stored on the server and encrypted with the user password. -> password change faster
// - IMPORTANT! Check if the block lenght of the encrypted data stays the same
namespace OCA_Encryption;
namespace OCA\Encryption;
/**
* @brief Class for utilities relating to encrypted file storage system
@ -45,8 +45,8 @@ class Util {
# DONE: add method to fetch legacy key
# DONE: add method to decrypt legacy encrypted data
# DONE: fix / test the crypt stream proxy class
# DONE: replace cryptstream wrapper new AES based system
# TODO: replace cryptstream wrapper new AES based system
# TODO: add support for optional recovery user in case of lost passphrase / keys
# TODO: add admin optional required long passphrase for users
# TODO: implement flag system to allow user to specify encryption by folder, subfolder, etc.
@ -222,6 +222,18 @@ class Util {
}
/**
* @brief Check if a given path identifies an encrypted file
* @return true / false
*/
public function isEncryptedPath( $path ) {
$data = $this->view->file_get_contents( $path );
return Crypt::isEncryptedContent( $data );
}
public function encryptAll( $directory ) {
$plainFiles = $this->findFiles( $this->view, 'plain' );

96
apps/files_encryption/tests/crypt.php
Unescape Escape View File

@ -7,11 +7,11 @@
* See the COPYING-README file.
*/
namespace OCA_Encryption;
namespace OCA\Encryption;
require_once "PHPUnit/Framework/TestCase.php";
require_once realpath( dirname(__FILE__).'/../../../lib/base.php' );
require_once realpath( dirname(__FILE__).'/../lib/crypt.php' );
//require_once realpath( dirname(__FILE__).'/../lib/crypt.php' );
class Test_Crypt extends \PHPUnit_Framework_TestCase {
@ -92,33 +92,34 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase {
}
function testSymmetricBlockEncryptShortFileContent() {
$crypted = Crypt::symmetricBlockEncryptFileContent( $this->dataShort, $this->randomKey );
$this->assertNotEquals( $this->dataShort, $crypted );
$decrypt = Crypt::symmetricBlockDecryptFileContent( $crypted, $this->randomKey );
$this->assertEquals( $this->dataShort, $decrypt );
}
function testSymmetricBlockEncryptLongFileContent() {
$crypted = Crypt::symmetricBlockEncryptFileContent( $this->dataLong, $this->randomKey );
$this->assertNotEquals( $this->dataLong, $crypted );
$decrypt = Crypt::symmetricBlockDecryptFileContent( $crypted, $this->randomKey );
$this->assertEquals( $this->dataLong, $decrypt );
}
// These aren't used for now
// function testSymmetricBlockEncryptShortFileContent() {
//
// $crypted = Crypt::symmetricBlockEncryptFileContent( $this->dataShort, $this->randomKey );
//
// $this->assertNotEquals( $this->dataShort, $crypted );
//
//
// $decrypt = Crypt::symmetricBlockDecryptFileContent( $crypted, $this->randomKey );
//
// $this->assertEquals( $this->dataShort, $decrypt );
//
// }
//
// function testSymmetricBlockEncryptLongFileContent() {
//
// $crypted = Crypt::symmetricBlockEncryptFileContent( $this->dataLong, $this->randomKey );
//
// $this->assertNotEquals( $this->dataLong, $crypted );
//
//
// $decrypt = Crypt::symmetricBlockDecryptFileContent( $crypted, $this->randomKey );
//
// $this->assertEquals( $this->dataLong, $decrypt );
//
// }
function testSymmetricStreamEncryptShortFileContent() {
function testSymmetricStreamEncryptShortFileContent() {
$filename = 'tmp-'.time();
@ -129,10 +130,9 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase {
// Get file contents without using any wrapper to get it's actual contents on disk
$retreivedCryptedFile = $this->view->file_get_contents( '/admin/files/' . $filename );
$retreivedCryptedFile = $this->view->file_get_contents( $filename );
// Manually remove padding from end of each chunk
$retreivedCryptedFile = substr( $retreivedCryptedFile, 0, -2 );
//echo "\n\n\$retreivedCryptedFile = $retreivedCryptedFile";
// Check that the file was encrypted before being written to disk
$this->assertNotEquals( $this->dataShort, $retreivedCryptedFile );
@ -164,37 +164,23 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase {
$this->assertTrue( is_int( $cryptedFile ) );
// Get file contents without using any wrapper to get it's actual contents on disk
$retreivedCryptedFile = $this->view->file_get_contents( '/admin/files/' . $filename );
$retreivedCryptedFile = $this->view->file_get_contents( $filename );
// echo "\n\n\$retreivedCryptedFile = $retreivedCryptedFile\n\n";
// Check that the file was encrypted before being written to disk
$this->assertNotEquals( $this->dataLong.$this->dataLong, $retreivedCryptedFile );
// Get file contents without using any wrapper to get it's actual contents on disk
$undecrypted = file_get_contents( '/home/samtuke/owncloud/git/oc3/data/admin/files/' . $filename );
//echo "\n\n\$undecrypted = $undecrypted\n\n";
// Manuallly split saved file into separate IVs and encrypted chunks
$r = preg_split('/(00iv00.{16,18})/', $undecrypted, NULL, PREG_SPLIT_DELIM_CAPTURE);
$r = preg_split('/(00iv00.{16,18})/', $retreivedCryptedFile, NULL, PREG_SPLIT_DELIM_CAPTURE);
print_r($r);
//print_r($r);
// Join IVs and their respective data chunks
$e = array( $r[0].$r[1], $r[2].$r[3], $r[4].$r[5], $r[6].$r[7], $r[8].$r[9], $r[10] );//.$r[11], $r[12].$r[13], $r[14] );
$e = array( $r[0].$r[1], $r[2].$r[3], $r[4].$r[5], $r[6].$r[7], $r[8].$r[9], $r[10].$r[11] );//.$r[11], $r[12].$r[13], $r[14] );
//print_r($e);
$f = array();
// Manually remove padding from end of each chunk
foreach ( $e as $e ) {
$f[] = substr( $e, 0, -2 );
}
// print_r($f);
// Manually fetch keyfile
$keyfile = Keymanager::getFileKey( $filename );
@ -202,11 +188,11 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase {
$decrypt = '';
// Manually decrypt chunk
foreach ($f as $f) {
foreach ($e as $e) {
// echo "\n\$encryptMe = $f";
$chunkDecrypt = Crypt::symmetricDecryptFileContent( $f, $keyfile );
$chunkDecrypt = Crypt::symmetricDecryptFileContent( $e, $keyfile );
// Assemble decrypted chunks
$decrypt .= $chunkDecrypt;
@ -219,7 +205,7 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase {
// Teadown
$this->view->unlink( '/admin/files/' . $filename );
$this->view->unlink( $filename );
Keymanager::deleteFileKey( $filename );
@ -241,7 +227,7 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase {
// Get file contents without using any wrapper to get it's actual contents on disk
$retreivedCryptedFile = $this->view->file_get_contents( '/admin/files/' . $filename );
$retreivedCryptedFile = $this->view->file_get_contents( $filename );
$decrypt = file_get_contents( 'crypt://' . $filename );

2
apps/files_encryption/tests/keymanager.php
Unescape Escape View File

@ -6,7 +6,7 @@
* See the COPYING-README file.
*/
namespace OCA_Encryption;
namespace OCA\Encryption;
require_once "PHPUnit/Framework/TestCase.php";
require_once realpath( dirname(__FILE__).'/../../../lib/base.php' );

79
apps/files_encryption/tests/out.txt
View File

File diff suppressed because one or more lines are too long

2
apps/files_encryption/tests/stream.php
Unescape Escape View File

@ -6,7 +6,7 @@
* See the COPYING-README file.
*/
namespace OCA_Encryption;
namespace OCA\Encryption;
require_once "PHPUnit/Framework/TestCase.php";
require_once realpath( dirname(__FILE__).'/../../../lib/base.php' );

10
apps/files_encryption/tests/util.php
Unescape Escape View File

@ -27,20 +27,20 @@ class Test_Encryption extends UnitTestCase {
// // Cannot use this test for now due to hidden dependencies in OC_FileCache
// function testIsLegacyEncryptedContent() {
//
// $keyfileContent = OCA_Encryption\Crypt::symmetricEncryptFileContent( $this->legacyEncryptedData, 'hat' );
// $keyfileContent = OCA\Encryption\Crypt::symmetricEncryptFileContent( $this->legacyEncryptedData, 'hat' );
//
// $this->assertFalse( OCA_Encryption\Crypt::isLegacyEncryptedContent( $keyfileContent, '/files/admin/test.txt' ) );
// $this->assertFalse( OCA\Encryption\Crypt::isLegacyEncryptedContent( $keyfileContent, '/files/admin/test.txt' ) );
//
// OC_FileCache::put( '/admin/files/legacy-encrypted-test.txt', $this->legacyEncryptedData );
//
// $this->assertTrue( OCA_Encryption\Crypt::isLegacyEncryptedContent( $this->legacyEncryptedData, '/files/admin/test.txt' ) );
// $this->assertTrue( OCA\Encryption\Crypt::isLegacyEncryptedContent( $this->legacyEncryptedData, '/files/admin/test.txt' ) );
//
// }
// // Cannot use this test for now due to need for different root in OC_Filesystem_view class
// function testGetLegacyKey() {
//
// $c = new \OCA_Encryption\Util( $view, false );
// $c = new \OCA\Encryption\Util( $view, false );
//
// $bool = $c->getLegacyKey( 'admin' );
//
@ -57,7 +57,7 @@ class Test_Encryption extends UnitTestCase {
// // Cannot use this test for now due to need for different root in OC_Filesystem_view class
// function testLegacyDecrypt() {
//
// $c = new OCA_Encryption\Util( $this->view, false );
// $c = new OCA\Encryption\Util( $this->view, false );
//
// $bool = $c->getLegacyKey( 'admin' );
//

6
lib/base.php
Unescape Escape View File

@ -71,6 +71,11 @@ class OC{
* SPL autoload
*/
public static function autoload($className) {
//trigger_error('seth', E_ERROR);
//debug_print_backtrace();
if(array_key_exists($className, OC::$CLASSPATH)) {
$path = OC::$CLASSPATH[$className];
/** @TODO: Remove this when necessary
@ -106,6 +111,7 @@ class OC{
}
public static function initPaths() {
// calculate the root directories
OC::$SERVERROOT=str_replace("\\", '/', substr(__DIR__, 0, -4));
OC::$SUBURI= str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT)));

32
lib/ocs.php
Unescape Escape View File

@ -681,8 +681,8 @@ class OC_OCS {
*/
private static function publicKeyGet($format, $file) {
$login=OC_OCS::checkpassword();
if(OC_App::isEnabled('files_encryption') && OCA_Encryption\Crypt::mode() === 'client') {
if (($keys = OCA_Encryption\Keymanager::getPublicKeys($file))) {
if(OC_App::isEnabled('files_encryption') && OCA\Encryption\Crypt::mode() === 'client') {
if (($keys = OCA\Encryption\Keymanager::getPublicKeys($file))) {
$xml=$keys;
$txt=OC_OCS::generatexml($format, 'ok', 100, '', $xml, 'cloud', '', 1, 0, 0);
echo($txt);
@ -703,8 +703,8 @@ class OC_OCS {
*/
private static function publicKeySet($format, $key) {
$login=OC_OCS::checkpassword();
if(OC_App::isEnabled('files_encryption') && OCA_Encryption\Crypt::mode() === 'client') {
if (OCA_Encryption\Keymanager::setPublicKey($key)) {
if(OC_App::isEnabled('files_encryption') && OCA\Encryption\Crypt::mode() === 'client') {
if (OCA\Encryption\Keymanager::setPublicKey($key)) {
echo self::generateXml('', 'ok', 100, '');
} else {
echo self::generateXml('', 'fail', 404, 'could not add your public key to the key storage');
@ -721,8 +721,8 @@ class OC_OCS {
*/
private static function privateKeyGet($format) {
$login=OC_OCS::checkpassword();
if(OC_App::isEnabled('files_encryption') && OCA_Encryption\Crypt::mode() === 'client') {
if (($key = OCA_Encryption\Keymanager::getPrivateKey())) {
if(OC_App::isEnabled('files_encryption') && OCA\Encryption\Crypt::mode() === 'client') {
if (($key = OCA\Encryption\Keymanager::getPrivateKey())) {
$xml=array();
$xml['key']=$key;
$txt=OC_OCS::generatexml($format, 'ok', 100, '', $xml, 'cloud', '', 1, 0, 0);
@ -743,8 +743,8 @@ class OC_OCS {
*/
private static function privateKeySet($format, $key) {
$login=OC_OCS::checkpassword();
if(OC_App::isEnabled('files_encryption') && OCA_Encryption\Crypt::mode() === 'client') {
if (($key = OCA_Encryption\Keymanager::setPrivateKey($key))) {
if(OC_App::isEnabled('files_encryption') && OCA\Encryption\Crypt::mode() === 'client') {
if (($key = OCA\Encryption\Keymanager::setPrivateKey($key))) {
echo self::generateXml('', 'ok', 100, '');
} else {
echo self::generateXml('', 'fail', 404, 'could not add your private key to the key storage');
@ -761,8 +761,8 @@ class OC_OCS {
*/
private static function userKeysGet($format) {
$login=OC_OCS::checkpassword();
if(OC_App::isEnabled('files_encryption') && OCA_Encryption\Crypt::mode() === 'client') {
$keys = OCA_Encryption\Keymanager::getUserKeys();
if(OC_App::isEnabled('files_encryption') && OCA\Encryption\Crypt::mode() === 'client') {
$keys = OCA\Encryption\Keymanager::getUserKeys();
if ($keys['privatekey'] && $keys['publickey']) {
$xml=array();
$xml['privatekey']=$keys['privatekey'];
@ -786,8 +786,8 @@ class OC_OCS {
*/
private static function userKeysSet($format, $privatekey, $publickey) {
$login=OC_OCS::checkpassword();
if(OC_App::isEnabled('files_encryption') && OCA_Encryption\Crypt::mode() === 'client') {
if (($key = OCA_Encryption\Keymanager::setUserKeys($privatekey, $publickey))) {
if(OC_App::isEnabled('files_encryption') && OCA\Encryption\Crypt::mode() === 'client') {
if (($key = OCA\Encryption\Keymanager::setUserKeys($privatekey, $publickey))) {
echo self::generateXml('', 'ok', 100, '');
} else {
echo self::generateXml('', 'fail', 404, 'could not add your keys to the key storage');
@ -805,8 +805,8 @@ class OC_OCS {
*/
private static function fileKeyGet($format, $file) {
$login=OC_OCS::checkpassword();
if(OC_App::isEnabled('files_encryption') && OCA_Encryption\Crypt::mode() === 'client') {
if (($key = OCA_Encryption\Keymanager::getFileKey($file))) {
if(OC_App::isEnabled('files_encryption') && OCA\Encryption\Crypt::mode() === 'client') {
if (($key = OCA\Encryption\Keymanager::getFileKey($file))) {
$xml=array();
$xml['key']=$key;
$txt=OC_OCS::generatexml($format, 'ok', 100, '', $xml, 'cloud', '', 1, 0, 0);
@ -828,8 +828,8 @@ class OC_OCS {
*/
private static function fileKeySet($format, $file, $key) {
$login=OC_OCS::checkpassword();
if(OC_App::isEnabled('files_encryption') && OCA_Encryption\Crypt::mode() === 'client') {
if (($key = OCA_Encryption\Keymanager::setFileKey($file, $key))) {
if(OC_App::isEnabled('files_encryption') && OCA\Encryption\Crypt::mode() === 'client') {
if (($key = OCA\Encryption\Keymanager::setFileKey($file, $key))) {
echo self::generateXml('', 'ok', 100, '');
} else {
echo self::generateXml('', 'fail', 404, 'could not write key file');