sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upgrade from old encryption to the new one needs to generate share keys too

remotes/origin/stable6
Björn Schießle 2013-05-17 11:15:36 +07:00
parent 95297c2469
commit ca6a77d39b
3 changed files with 37 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apps/files_encryption/hooks/hooks.php
Unescape Escape View File

@ -97,9 +97,10 @@ class Hooks {
);
}
// DISABLED JUST FOR TESTING PURPOSE, ACTIVATE AGAIN!
// Register successful migration in DB
$util->setMigrationStatus( 1 );
//$util->setMigrationStatus( 1 );
}

32
apps/files_encryption/lib/crypt.php
Unescape Escape View File

@ -479,15 +479,33 @@ class Crypt {
* keys: data, key
* @note this method is a wrapper for combining other crypt class methods
*/
public static function keyEncryptKeyfile( $plainContent, $publicKey ) {
public static function keyEncryptKeyfile( $plainContent, $publicKey, $path ) {
$user = \OCP\User::getUser();
$view = new \OC_FilesystemView('/');
$util = new Util($view, $user);
// Encrypt plain data, generate keyfile & encrypted file
$cryptedData = self::symmetricEncryptFileContentKeyfile( $plainContent );
// Encrypt keyfile
$cryptedKey = self::keyEncrypt( $cryptedData['key'], $publicKey );
return array( 'data' => $cryptedData['encrypted'], 'key' => $cryptedKey );
$sharingEnabled = \OCP\Share::isEnabled();
// if file exists try to get sharing users
if($view->file_exists($path)) {
$uniqueUserIds = $util->getSharingUsersArray( $sharingEnabled, $path, $user );
} else {
$uniqueUserIds[] = $user;
}
// Fetch public keys for all users who will share the file
$publicKeys = Keymanager::getPublicKeys( $view, $uniqueUserIds );
// Encrypt plain keyfile to multiple sharefiles
$multiEncrypted = Crypt::multiKeyEncrypt( $cryptedData['key'], $publicKeys );
return array( 'data' => $cryptedData['encrypted'], 'filekey' => $multiEncrypted['data'], 'sharekeys' => $multiEncrypted['keys'] );
}
@ -725,11 +743,11 @@ class Crypt {
}
public static function legacyKeyRecryptKeyfile( $legacyEncryptedContent, $legacyPassphrase, $publicKey, $newPassphrase ) {
public static function legacyKeyRecryptKeyfile( $legacyEncryptedContent, $legacyPassphrase, $publicKey, $newPassphrase, $path ) {
$decrypted = self::legacyDecrypt( $legacyEncryptedContent, $legacyPassphrase );
$recrypted = self::keyEncryptKeyfile( $decrypted, $publicKey );
$recrypted = self::keyEncryptKeyfile( $decrypted, $publicKey, $path );
return $recrypted;

15
apps/files_encryption/lib/util.php
Unescape Escape View File

@ -714,16 +714,19 @@ class Util {
// Fetch data from file
$legacyData = $this->view->file_get_contents( $legacyFile['path'] );
// Recrypt data, generate catfile
$recrypted = Crypt::legacyKeyRecryptKeyfile( $legacyData, $legacyPassphrase, $publicKey, $newPassphrase );
$recrypted = Crypt::legacyKeyRecryptKeyfile( $legacyData, $legacyPassphrase, $publicKey, $newPassphrase, $legacyFile['path'] );
$relPath = $legacyFile['path'];
$rawPath = $this->userId . '/files/' . $plainFile['path'];
$rawPath = $legacyFile['path'];
$relPath = $this->stripUserFilesPath($rawPath);
// Save keyfile
Keymanager::setFileKey( $this->view, $relPath, $this->userId, $recrypted['key'] );
Keymanager::setFileKey( $this->view, $relPath, $this->userId, $recrypted['filekey'] );
// Save sharekeys to user folders
Keymanager::setShareKeys( $this->view, $relPath, $recrypted['sharekeys'] );
// Overwrite the existing file with the encrypted one
$this->view->file_put_contents( $rawPath, $recrypted['data'] );