2011-10-21 15:02:11 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
/**
|
|
|
|
* ownCloud
|
|
|
|
*
|
|
|
|
* @author Robin Appelman
|
|
|
|
* @copyright 2011 Robin Appelman icewind1991@gmail.com
|
|
|
|
*
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
* version 3 of the License, or any later version.
|
|
|
|
*
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Affero General Public
|
|
|
|
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* transparent encryption
|
|
|
|
*/
|
|
|
|
|
|
|
|
class OC_FileProxy_Encryption extends OC_FileProxy{
|
2011-11-24 00:44:54 +00:00
|
|
|
private static $blackList=null; //mimetypes blacklisted from encryption
|
2012-04-18 14:02:35 +00:00
|
|
|
private static $enableEncryption=null;
|
2012-08-29 06:42:49 +00:00
|
|
|
|
2011-11-24 00:44:54 +00:00
|
|
|
/**
|
|
|
|
* check if a file should be encrypted during write
|
|
|
|
* @param string $path
|
|
|
|
* @return bool
|
|
|
|
*/
|
2012-09-07 13:22:01 +00:00
|
|
|
private static function shouldEncrypt($path) {
|
2012-11-29 17:41:32 +00:00
|
|
|
if (is_null(self::$enableEncryption)) {
|
2012-11-04 10:10:46 +00:00
|
|
|
self::$enableEncryption=(OCP\Config::getAppValue('files_encryption', 'enable_encryption', 'true')=='true');
|
2012-04-18 14:02:35 +00:00
|
|
|
}
|
2012-11-29 17:41:32 +00:00
|
|
|
if ( ! self::$enableEncryption) {
|
2012-04-18 14:02:35 +00:00
|
|
|
return false;
|
|
|
|
}
|
2012-11-29 17:41:32 +00:00
|
|
|
if (is_null(self::$blackList)) {
|
|
|
|
self::$blackList=explode(',', OCP\Config::getAppValue('files_encryption',
|
|
|
|
'type_blacklist',
|
|
|
|
'jpg,png,jpeg,avi,mpg,mpeg,mkv,mp3,oga,ogv,ogg'));
|
2011-11-24 00:44:54 +00:00
|
|
|
}
|
2012-11-29 17:41:32 +00:00
|
|
|
if (self::isEncrypted($path)) {
|
2011-11-24 00:44:54 +00:00
|
|
|
return true;
|
|
|
|
}
|
2012-10-23 21:01:10 +00:00
|
|
|
$extension=substr($path, strrpos($path, '.')+1);
|
2012-11-29 17:41:32 +00:00
|
|
|
if (array_search($extension, self::$blackList)===false) {
|
2011-11-24 00:44:54 +00:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* check if a file is encrypted
|
|
|
|
* @param string $path
|
|
|
|
* @return bool
|
|
|
|
*/
|
2012-09-07 13:22:01 +00:00
|
|
|
private static function isEncrypted($path) {
|
2012-11-04 10:10:46 +00:00
|
|
|
$metadata=OC_FileCache_Cached::get($path, '');
|
2012-04-24 22:10:29 +00:00
|
|
|
return isset($metadata['encrypted']) and (bool)$metadata['encrypted'];
|
2011-11-24 00:44:54 +00:00
|
|
|
}
|
2012-08-29 06:42:49 +00:00
|
|
|
|
2012-09-07 13:22:01 +00:00
|
|
|
public function preFile_put_contents($path,&$data) {
|
2012-11-29 17:41:32 +00:00
|
|
|
if (self::shouldEncrypt($path)) {
|
|
|
|
if ( ! is_resource($data)) {//stream put contents should have been converter to fopen
|
2012-06-21 15:37:53 +00:00
|
|
|
$size=strlen($data);
|
2012-02-12 14:56:32 +00:00
|
|
|
$data=OC_Crypt::blockEncrypt($data);
|
2012-11-04 10:10:46 +00:00
|
|
|
OC_FileCache::put($path, array('encrypted'=>true,'size'=>$size), '');
|
2011-10-21 15:02:11 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2012-08-29 06:42:49 +00:00
|
|
|
|
2012-11-04 10:10:46 +00:00
|
|
|
public function postFile_get_contents($path, $data) {
|
2012-11-29 17:41:32 +00:00
|
|
|
if (self::isEncrypted($path)) {
|
2012-11-04 10:10:46 +00:00
|
|
|
$cached=OC_FileCache_Cached::get($path, '');
|
2012-11-02 18:53:02 +00:00
|
|
|
$data=OC_Crypt::blockDecrypt($data, '', $cached['size']);
|
2011-10-21 15:02:11 +00:00
|
|
|
}
|
2011-11-24 00:44:54 +00:00
|
|
|
return $data;
|
2011-10-21 15:02:11 +00:00
|
|
|
}
|
2012-08-29 06:42:49 +00:00
|
|
|
|
2012-09-07 13:22:01 +00:00
|
|
|
public function postFopen($path,&$result) {
|
2012-11-29 17:41:32 +00:00
|
|
|
if ( ! $result) {
|
2011-11-24 00:44:54 +00:00
|
|
|
return $result;
|
|
|
|
}
|
|
|
|
$meta=stream_get_meta_data($result);
|
2012-11-29 17:41:32 +00:00
|
|
|
if (self::isEncrypted($path)) {
|
2011-10-21 15:02:11 +00:00
|
|
|
fclose($result);
|
2012-11-02 18:53:02 +00:00
|
|
|
$result=fopen('crypt://'.$path, $meta['mode']);
|
2012-11-29 17:41:32 +00:00
|
|
|
} elseif (self::shouldEncrypt($path) and $meta['mode']!='r' and $meta['mode']!='rb') {
|
|
|
|
if (OC_Filesystem::file_exists($path) and OC_Filesystem::filesize($path)>0) {
|
2011-11-24 00:44:54 +00:00
|
|
|
//first encrypt the target file so we don't end up with a half encrypted file
|
2012-11-04 17:28:29 +00:00
|
|
|
OCP\Util::writeLog('files_encryption', 'Decrypting '.$path.' before writing', OCP\Util::DEBUG);
|
2012-02-21 19:48:14 +00:00
|
|
|
$tmp=fopen('php://temp');
|
2012-11-02 18:53:02 +00:00
|
|
|
OCP\Files::streamCopy($result, $tmp);
|
2012-02-21 19:48:14 +00:00
|
|
|
fclose($result);
|
2012-11-02 18:53:02 +00:00
|
|
|
OC_Filesystem::file_put_contents($path, $tmp);
|
2012-02-21 19:48:14 +00:00
|
|
|
fclose($tmp);
|
2011-11-24 00:44:54 +00:00
|
|
|
}
|
2012-11-02 18:53:02 +00:00
|
|
|
$result=fopen('crypt://'.$path, $meta['mode']);
|
2011-10-21 15:02:11 +00:00
|
|
|
}
|
2011-11-24 00:44:54 +00:00
|
|
|
return $result;
|
2011-10-21 15:02:11 +00:00
|
|
|
}
|
2012-02-15 20:44:58 +00:00
|
|
|
|
2012-11-02 18:53:02 +00:00
|
|
|
public function postGetMimeType($path, $mime) {
|
2012-11-29 17:41:32 +00:00
|
|
|
if (self::isEncrypted($path)) {
|
2012-11-04 10:10:46 +00:00
|
|
|
$mime=OCP\Files::getMimeType('crypt://'.$path, 'w');
|
2012-02-21 19:48:14 +00:00
|
|
|
}
|
2012-02-26 14:56:47 +00:00
|
|
|
return $mime;
|
2012-02-15 20:44:58 +00:00
|
|
|
}
|
2012-06-21 15:37:53 +00:00
|
|
|
|
2012-11-02 18:53:02 +00:00
|
|
|
public function postStat($path, $data) {
|
2012-11-29 17:41:32 +00:00
|
|
|
if (self::isEncrypted($path)) {
|
2012-11-04 10:10:46 +00:00
|
|
|
$cached=OC_FileCache_Cached::get($path, '');
|
2012-06-21 15:37:53 +00:00
|
|
|
$data['size']=$cached['size'];
|
|
|
|
}
|
|
|
|
return $data;
|
|
|
|
}
|
|
|
|
|
2012-11-02 18:53:02 +00:00
|
|
|
public function postFileSize($path, $size) {
|
2012-11-29 17:41:32 +00:00
|
|
|
if (self::isEncrypted($path)) {
|
2012-11-04 10:10:46 +00:00
|
|
|
$cached=OC_FileCache_Cached::get($path, '');
|
2012-06-21 15:37:53 +00:00
|
|
|
return $cached['size'];
|
2012-11-29 17:41:32 +00:00
|
|
|
} else {
|
2012-06-21 15:37:53 +00:00
|
|
|
return $size;
|
|
|
|
}
|
|
|
|
}
|
2011-10-21 15:02:11 +00:00
|
|
|
}
|