wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' into doctrine

Browse source
This commit is contained in:
Bart Visscher 2013-06-24 08:27:25 +02:00
commit 377e9a8677
1522 changed files with 39031 additions and 49206 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.gitignore vendored
View file

@ -6,7 +6,7 @@ config/mount.php
apps/inc.php
# ignore all apps except core ones
apps/*
apps*
!apps/files
!apps/files_encryption
!apps/files_external
@ -76,4 +76,4 @@ nbproject
data-autotest
/tests/coverage*
/tests/autoconfig*
/tests/autotest*
/tests/autotest*

2
3rdparty

@ -1 +1 @@
Subproject commit 40be157ee23753c02481c02e1b60ae699202bf78
Subproject commit 691791a4f743aaa83546736928e3ce18574f3c03

20
CONTRIBUTING.md
View file

@ -1,11 +1,15 @@
## Submitting issues
If you have questions about how to use ownCloud, please direct these to the [mailing list][mailinglist] or our [forum][forum]. We are also available on [IRC][irc].
If you have questions about how to install or use ownCloud, please direct these to the [mailing list][mailinglist] or our [forum][forum]. We are also available on [IRC][irc].
### TL;DR
* The [issue template can be found here][template] but be aware of the different repositories! See list below.
### Guidelines
* Please search the existing issues first, it's likely that your issue was already reported.
* [Report the issue](https://github.com/owncloud/core/issues/new) using our [template][template], it includes all the informations we need to track down the issue.
* This repository is *only* for issues within the ownCloud core code. Issues in other compontents should be reported in their own repositores:
* Please search the existing issues first, it's likely that your issue was already reported or even fixed.
* This repository is *only* for issues within the ownCloud core code. This also includes the apps: files, encryption, external storage, sharing, deleted files, versions, LDAP, and WebDAV Auth
* The issues in other components should be reported in their respective repositories:
- [Android client](https://github.com/owncloud/android/issues)
- [iOS client](https://github.com/owncloud/ios-issues/issues)
- [Desktop client](https://github.com/owncloud/mirall/issues)
@ -14,12 +18,12 @@ If you have questions about how to use ownCloud, please direct these to the [mai
- [Calendar](https://github.com/owncloud/calendar/issues)
- [Contacts](https://github.com/owncloud/contacts/issues)
- [Mail](https://github.com/owncloud/mail/issues)
- [Media/Music](https://github.com/owncloud/media/issues)
- [News](https://github.com/owncloud/news/issues)
- [Notes](https://github.com/owncloud/notes/issues)
- [Shorty](https://github.com/owncloud/shorty/issues)
- [other apps](https://github.com/owncloud/apps/issues) (e.g. Pictures, Music, Tasks, ...)
If your issue appears to be a bug, and hasn't been reported, open a new issue.
- [All other apps](https://github.com/owncloud/apps/issues) (e.g. Pictures, Tasks, ...)
* Report the issue using our [template][template], it includes all the information we need to track down the issue.
Help us to maximize the effort we can spend fixing issues and adding new features, by not reporting duplicate issues.
@ -34,7 +38,7 @@ Thanks for wanting to contribute source code to ownCloud. That's great!
Before we're able to merge your code into the ownCloud core, you need to sign our [Contributor Agreement][agreement].
Please read the [Developer Manuals][devmanual] to get useful infos like how to create your first application or how to test the ownCloud code with phpunit.
Please read the [Developer Manuals][devmanual] to learn how to create your first application or how to test the ownCloud code with PHPUnit.
[agreement]: http://owncloud.org/about/contributor-agreement/
[devmanual]: http://owncloud.org/dev/

42
apps/files/ajax/scan.php
View file

@ -4,6 +4,16 @@ session_write_close();
$force = (isset($_GET['force']) and ($_GET['force'] === 'true'));
$dir = isset($_GET['dir']) ? $_GET['dir'] : '';
if (isset($_GET['users'])) {
OC_JSON::checkAdminUser();
if ($_GET['users'] === 'all') {
$users = OC_User::getUsers();
} else {
$users = json_decode($_GET['users']);
}
} else {
$users = array(OC_User::getUser());
}
$eventSource = new OC_EventSource();
ScanListener::$eventSource = $eventSource;
@ -12,21 +22,27 @@ ScanListener::$view = \OC\Files\Filesystem::getView();
OC_Hook::connect('\OC\Files\Cache\Scanner', 'scan_folder', 'ScanListener', 'folder');
OC_Hook::connect('\OC\Files\Cache\Scanner', 'scan_file', 'ScanListener', 'file');
$absolutePath = \OC\Files\Filesystem::getView()->getAbsolutePath($dir);
foreach ($users as $user) {
$eventSource->send('user', $user);
OC_Util::tearDownFS();
OC_Util::setupFS($user);
$mountPoints = \OC\Files\Filesystem::getMountPoints($absolutePath);
$mountPoints[] = \OC\Files\Filesystem::getMountPoint($absolutePath);
$mountPoints = array_reverse($mountPoints); //start with the mount point of $dir
$absolutePath = \OC\Files\Filesystem::getView()->getAbsolutePath($dir);
foreach ($mountPoints as $mountPoint) {
$storage = \OC\Files\Filesystem::getStorage($mountPoint);
if ($storage) {
ScanListener::$mountPoints[$storage->getId()] = $mountPoint;
$scanner = $storage->getScanner();
if ($force) {
$scanner->scan('');
} else {
$scanner->backgroundScan();
$mountPoints = \OC\Files\Filesystem::getMountPoints($absolutePath);
$mountPoints[] = \OC\Files\Filesystem::getMountPoint($absolutePath);
$mountPoints = array_reverse($mountPoints); //start with the mount point of $dir
foreach ($mountPoints as $mountPoint) {
$storage = \OC\Files\Filesystem::getStorage($mountPoint);
if ($storage) {
ScanListener::$mountPoints[$storage->getId()] = $mountPoint;
$scanner = $storage->getScanner();
if ($force) {
$scanner->scan('', \OC\Files\Cache\Scanner::SCAN_RECURSIVE, \OC\Files\Cache\Scanner::REUSE_ETAG);
} else {
$scanner->backgroundScan();
}
}
}
}

2
apps/files/appinfo/app.php
View file

@ -20,4 +20,4 @@ OC_Search::registerProvider('OC_Search_Provider_File');
\OC_Hook::connect('OC_Filesystem', 'post_delete', '\OC\Files\Cache\Updater', 'deleteHook');
\OC_Hook::connect('OC_Filesystem', 'post_rename', '\OC\Files\Cache\Updater', 'renameHook');
\OC_BackgroundJob_RegularTask::register('\OC\Files\Cache\BackgroundWatcher', 'checkNext');
\OCP\BackgroundJob::addRegularTask('\OC\Files\Cache\BackgroundWatcher', 'checkNext');

21
apps/files/css/files.css
View file

@ -63,8 +63,12 @@
}
#filestable { position: relative; top:37px; width:100%; }
tbody tr { background-color:#fff; height:2.5em; }
tbody tr:hover, tbody tr:active, tbody tr.selected { background-color:#f8f8f8; }
tbody tr.selected { background-color:#eee; }
tbody tr:hover, tbody tr:active {
background-color: rgb(240,240,240);
}
tbody tr.selected {
background-color: rgb(230,230,230);
}
tbody a { color:#000; }
span.extension, span.uploading, td.date { color:#999; }
span.extension { text-transform:lowercase; -ms-filter:"progid:DXImageTransform.Microsoft.Alpha(Opacity=70)"; filter:alpha(opacity=70); opacity:.7; -webkit-transition:opacity 300ms; -moz-transition:opacity 300ms; -o-transition:opacity 300ms; transition:opacity 300ms; }
@ -81,7 +85,12 @@ table th#headerDate, table td.date { min-width:11em; padding:0 .1em 0 1em; text-
/* Multiselect bar */
#filestable.multiselect { top:63px; }
table.multiselect thead { position:fixed; top:82px; z-index:1; -moz-box-sizing: border-box; box-sizing: border-box; left: 0; padding-left: 64px; width:100%; }
table.multiselect thead th { background:rgba(230,230,230,.8); color:#000; font-weight:bold; border-bottom:0; }
table.multiselect thead th {
background-color: rgba(210,210,210,.7);
color: #000;
font-weight: bold;
border-bottom: 0;
}
table.multiselect #headerName { width: 100%; }
table td.selection, table th.selection, table td.fileaction { width:2em; text-align:center; }
table td.filename a.name { display:block; height:1.5em; vertical-align:middle; margin-left:3em; }
@ -115,10 +124,12 @@ table td.filename form { font-size:.85em; margin-left:3em; margin-right:3em; }
}
#fileList .name { position:relative; /* Firefox needs to explicitly have this default set … */ }
#fileList tr:hover .fileactions { /* background to distinguish when overlaying with file names */
background:rgba(248,248,248,.9); box-shadow:-5px 0 7px rgba(248,248,248,.9);
background-color: rgba(240,240,240,0.898);
box-shadow: -5px 0 7px rgba(240,240,240,0.898);
}
#fileList tr.selected:hover .fileactions, #fileList tr.mouseOver .fileactions { /* slightly darker color for selected rows */
background:rgba(238,238,238,.9); box-shadow:-5px 0 7px rgba(238,238,238,.9);
background-color: rgba(230,230,230,.9);
box-shadow: -5px 0 7px rgba(230,230,230,.9);
}
#fileList .fileactions a.action img { position:relative; top:.2em; }
#fileList a.action { display:inline; margin:-.5em 0; padding:1em .5em 1em .5em !important; }

2
apps/files/js/filelist.js
View file

@ -51,7 +51,7 @@ var FileList={
}else{
simpleSize=t('files', 'Pending');
}
var sizeColor = Math.round(200-Math.pow((size/(1024*1024)),2));
var sizeColor = Math.round(160-Math.pow((size/(1024*1024)),2));
var lastModifiedTime = Math.round(lastModified.getTime() / 1000);
td = $('<td></td>').attr({
"class": "filesize",

22
apps/files/js/files.js
View file

@ -695,7 +695,7 @@ $(document).ready(function() {
}
});
function scanFiles(force, dir){
function scanFiles(force, dir, users){
if (!OC.currentUser) {
return;
}
@ -705,17 +705,31 @@ function scanFiles(force, dir){
}
force = !!force; //cast to bool
scanFiles.scanning = true;
var scannerEventSource = new OC.EventSource(OC.filePath('files','ajax','scan.php'),{force:force,dir:dir});
var scannerEventSource;
if (users) {
var usersString;
if (users === 'all') {
usersString = users;
} else {
usersString = JSON.stringify(users);
}
scannerEventSource = new OC.EventSource(OC.filePath('files','ajax','scan.php'),{force: force,dir: dir, users: usersString});
} else {
scannerEventSource = new OC.EventSource(OC.filePath('files','ajax','scan.php'),{force: force,dir: dir});
}
scanFiles.cancel = scannerEventSource.close.bind(scannerEventSource);
scannerEventSource.listen('count',function(count){
console.log(count + 'files scanned')
console.log(count + ' files scanned')
});
scannerEventSource.listen('folder',function(path){
console.log('now scanning ' + path)
});
scannerEventSource.listen('done',function(count){
scanFiles.scanning=false;
console.log('done after ' + count + 'files');
console.log('done after ' + count + ' files');
});
scannerEventSource.listen('user',function(user){
console.log('scanning files for ' + user);
});
}
scanFiles.scanning=false;

2
apps/files/l10n/ca.php
View file

@ -57,7 +57,7 @@
"0 is unlimited" => "0 és sense límit",
"Maximum input size for ZIP files" => "Mida màxima d'entrada per fitxers ZIP",
"Save" => "Desa",
"New" => "Nova",
"New" => "Nou",
"Text file" => "Fitxer de text",
"Folder" => "Carpeta",
"From link" => "Des d'enllaç",

1
apps/files/l10n/cs_CZ.php
View file

@ -46,6 +46,7 @@
"{count} folders" => "{count} složky",
"1 file" => "1 soubor",
"{count} files" => "{count} soubory",
"Invalid folder name. Usage of 'Shared' is reserved by ownCloud" => "Název složky nelze použít. Použití názvu 'Shared' je ownCloudem rezervováno",
"Unable to rename file" => "Nelze přejmenovat soubor",
"Upload" => "Odeslat",
"File handling" => "Zacházení se soubory",

1
apps/files/l10n/da.php
View file

@ -46,6 +46,7 @@
"{count} folders" => "{count} mapper",
"1 file" => "1 fil",
"{count} files" => "{count} filer",
"Invalid folder name. Usage of 'Shared' is reserved by ownCloud" => "Ugyldigt mappenavn. Brug af 'Shared' er forbeholdt af ownCloud",
"Unable to rename file" => "Kunne ikke omdøbe fil",
"Upload" => "Upload",
"File handling" => "Filhåndtering",

1
apps/files/l10n/de.php
View file

@ -46,6 +46,7 @@
"{count} folders" => "{count} Ordner",
"1 file" => "1 Datei",
"{count} files" => "{count} Dateien",
"Invalid folder name. Usage of 'Shared' is reserved by ownCloud" => "Der Ordnername ist ungültig. Nur ownCloud kann den Ordner \"Shared\" anlegen",
"Unable to rename file" => "Konnte Datei nicht umbenennen",
"Upload" => "Hochladen",
"File handling" => "Dateibehandlung",

7
apps/files/l10n/he.php
View file

@ -1,4 +1,6 @@
<?php $TRANSLATIONS = array(
"Could not move %s - File with this name already exists" => "לא ניתן להעביר את %s - קובץ בשם הזה כבר קיים",
"Could not move %s" => "לא ניתן להעביר את %s",
"No file was uploaded. Unknown error" => "לא הועלה קובץ. טעות בלתי מזוהה.",
"There is no error, the file uploaded with success" => "לא התרחשה שגיאה, הקובץ הועלה בהצלחה",
"The uploaded file exceeds the upload_max_filesize directive in php.ini: " => "הקבצים שנשלחו חורגים מהגודל שצוין בהגדרה upload_max_filesize שבקובץ php.ini:",
@ -7,6 +9,8 @@
"No file was uploaded" => "שום קובץ לא הועלה",
"Missing a temporary folder" => "תקיה זמנית חסרה",
"Failed to write to disk" => "הכתיבה לכונן נכשלה",
"Not enough storage available" => "אין די שטח פנוי באחסון",
"Invalid directory." => "תיקייה שגויה.",
"Files" => "קבצים",
"Share" => "שתף",
"Delete permanently" => "מחק לצמיתות",
@ -19,7 +23,9 @@
"cancel" => "ביטול",
"replaced {new_name} with {old_name}" => "{new_name} הוחלף ב־{old_name}",
"undo" => "ביטול",
"perform delete operation" => "ביצוע פעולת מחיקה",
"1 file uploading" => "קובץ אחד נשלח",
"files uploading" => "קבצים בהעלאה",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "השם שגוי, אסור להשתמש בתווים '\\', '/', '<', '>', ':', '\"', '|', '?' ו־'*'.",
"Unable to upload your file as it is a directory or has 0 bytes" => "לא יכול להעלות את הקובץ מכיוון שזו תקיה או שמשקל הקובץ 0 בתים",
"Upload cancelled." => "ההעלאה בוטלה.",
@ -33,6 +39,7 @@
"{count} folders" => "{count} תיקיות",
"1 file" => "קובץ אחד",
"{count} files" => "{count} קבצים",
"Unable to rename file" => "לא ניתן לשנות את שם הקובץ",
"Upload" => "העלאה",
"File handling" => "טיפול בקבצים",
"Maximum upload size" => "גודל העלאה מקסימלי",

4
apps/files/l10n/hi.php Normal file
View file

@ -0,0 +1,4 @@
<?php $TRANSLATIONS = array(
"Share" => "साझा करें",
"Save" => "सहेजें"
);

1
apps/files/l10n/hu_HU.php
View file

@ -46,6 +46,7 @@
"{count} folders" => "{count} mappa",
"1 file" => "1 fájl",
"{count} files" => "{count} fájl",
"Invalid folder name. Usage of 'Shared' is reserved by ownCloud" => "Érvénytelen mappanév. A 'Shared' az ownCloud számára fenntartott elnevezés",
"Unable to rename file" => "Nem lehet átnevezni a fájlt",
"Upload" => "Feltöltés",
"File handling" => "Fájlkezelés",

26
apps/files/l10n/lt_LT.php
View file

@ -1,12 +1,19 @@
<?php $TRANSLATIONS = array(
"Could not move %s - File with this name already exists" => "Nepavyko perkelti %s - failas su tokiu pavadinimu jau egzistuoja",
"Could not move %s" => "Nepavyko perkelti %s",
"No file was uploaded. Unknown error" => "Failai nebuvo įkelti dėl nežinomos priežasties",
"There is no error, the file uploaded with success" => "Failas įkeltas sėkmingai, be klaidų",
"The uploaded file exceeds the upload_max_filesize directive in php.ini: " => "Įkeliamas failas yra didesnis nei leidžia upload_max_filesize php.ini faile:",
"The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form" => "Įkeliamo failo dydis viršija MAX_FILE_SIZE nustatymą, kuris naudojamas HTML formoje.",
"The uploaded file was only partially uploaded" => "Failas buvo įkeltas tik dalinai",
"No file was uploaded" => "Nebuvo įkeltas joks failas",
"Missing a temporary folder" => "Nėra laikinojo katalogo",
"Failed to write to disk" => "Nepavyko įrašyti į diską",
"Not enough storage available" => "Nepakanka vietos serveryje",
"Invalid directory." => "Neteisingas aplankas",
"Files" => "Failai",
"Share" => "Dalintis",
"Delete permanently" => "Ištrinti negrįžtamai",
"Delete" => "Ištrinti",
"Rename" => "Pervadinti",
"Pending" => "Laukiantis",
@ -16,10 +23,21 @@
"cancel" => "atšaukti",
"replaced {new_name} with {old_name}" => "pakeiskite {new_name} į {old_name}",
"undo" => "anuliuoti",
"perform delete operation" => "ištrinti",
"1 file uploading" => "įkeliamas 1 failas",
"files uploading" => "įkeliami failai",
"'.' is an invalid file name." => "'.' yra neleidžiamas failo pavadinime.",
"File name cannot be empty." => "Failo pavadinimas negali būti tuščias.",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "Neleistinas pavadinimas, '\\', '/', '<', '>', ':', '\"', '|', '?' ir '*' yra neleidžiami.",
"Your storage is full, files can not be updated or synced anymore!" => "Jūsų visa vieta serveryje užimta",
"Your storage is almost full ({usedSpacePercent}%)" => "Jūsų vieta serveryje beveik visa užimta ({usedSpacePercent}%)",
"Your download is being prepared. This might take some time if the files are big." => "Jūsų atsisiuntimas yra paruošiamas. tai gali užtrukti jei atsisiunčiamas didelis failas.",
"Unable to upload your file as it is a directory or has 0 bytes" => "Neįmanoma įkelti failo - jo dydis gali būti 0 bitų arba tai katalogas",
"Not enough space available" => "Nepakanka vietos",
"Upload cancelled." => "Įkėlimas atšauktas.",
"File upload is in progress. Leaving the page now will cancel the upload." => "Failo įkėlimas pradėtas. Jei paliksite šį puslapį, įkėlimas nutrūks.",
"URL cannot be empty." => "URL negali būti tuščias.",
"Invalid folder name. Usage of 'Shared' is reserved by Owncloud" => "Negalimas aplanko pavadinimas. 'Shared' pavadinimas yra rezervuotas ownCloud",
"Error" => "Klaida",
"Name" => "Pavadinimas",
"Size" => "Dydis",
@ -28,6 +46,8 @@
"{count} folders" => "{count} aplankalai",
"1 file" => "1 failas",
"{count} files" => "{count} failai",
"Invalid folder name. Usage of 'Shared' is reserved by ownCloud" => "Negalimas aplanko pavadinimas. 'Shared' pavadinimas yra rezervuotas ownCloud",
"Unable to rename file" => "Nepavyko pervadinti failo",
"Upload" => "Įkelti",
"File handling" => "Failų tvarkymas",
"Maximum upload size" => "Maksimalus įkeliamo failo dydis",
@ -40,12 +60,16 @@
"New" => "Naujas",
"Text file" => "Teksto failas",
"Folder" => "Katalogas",
"From link" => "Iš nuorodos",
"Deleted files" => "Ištrinti failai",
"Cancel upload" => "Atšaukti siuntimą",
"You dont have write permissions here." => "Jūs neturite rašymo leidimo.",
"Nothing in here. Upload something!" => "Čia tuščia. Įkelkite ką nors!",
"Download" => "Atsisiųsti",
"Unshare" => "Nebesidalinti",
"Upload too large" => "Įkėlimui failas per didelis",
"The files you are trying to upload exceed the maximum size for file uploads on this server." => "Bandomų įkelti failų dydis viršija maksimalų, kuris leidžiamas šiame serveryje",
"Files are being scanned, please wait." => "Skenuojami failai, prašome palaukti.",
"Current scanning" => "Šiuo metu skenuojama"
"Current scanning" => "Šiuo metu skenuojama",
"Upgrading filesystem cache..." => "Atnaujinamas sistemos kešavimas..."
);

1
apps/files/l10n/pt_PT.php
View file

@ -46,6 +46,7 @@
"{count} folders" => "{count} pastas",
"1 file" => "1 ficheiro",
"{count} files" => "{count} ficheiros",
"Invalid folder name. Usage of 'Shared' is reserved by ownCloud" => "Nome da pasta inválido. Palavra 'Shared' é reservado pela ownCloud",
"Unable to rename file" => "Não foi possível renomear o ficheiro",
"Upload" => "Carregar",
"File handling" => "Manuseamento de ficheiros",

1
apps/files/l10n/ru.php
View file

@ -46,6 +46,7 @@
"{count} folders" => "{count} папок",
"1 file" => "1 файл",
"{count} files" => "{count} файлов",
"Invalid folder name. Usage of 'Shared' is reserved by ownCloud" => "Неправильное имя каталога. Имя 'Shared' зарезервировано.",
"Unable to rename file" => "Невозможно переименовать файл",
"Upload" => "Загрузка",
"File handling" => "Управление файлами",

3
apps/files/l10n/sv.php
View file

@ -29,7 +29,7 @@
"'.' is an invalid file name." => "'.' är ett ogiltigt filnamn.",
"File name cannot be empty." => "Filnamn kan inte vara tomt.",
"Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed." => "Ogiltigt namn, '\\', '/', '<', '>', ':', '\"', '|', '?' och '*' är inte tillåtet.",
"Your storage is full, files can not be updated or synced anymore!" => "Ditt lagringsutrymme är fullt, filer kan ej längre laddas upp eller synkas!",
"Your storage is full, files can not be updated or synced anymore!" => "Ditt lagringsutrymme är fullt, filer kan inte längre uppdateras eller synkroniseras!",
"Your storage is almost full ({usedSpacePercent}%)" => "Ditt lagringsutrymme är nästan fullt ({usedSpacePercent}%)",
"Your download is being prepared. This might take some time if the files are big." => "Din nedladdning förbereds. Det kan ta tid om det är stora filer.",
"Unable to upload your file as it is a directory or has 0 bytes" => "Kan inte ladda upp din fil eftersom det är en katalog eller har 0 bytes",
@ -46,6 +46,7 @@
"{count} folders" => "{count} mappar",
"1 file" => "1 fil",
"{count} files" => "{count} filer",
"Invalid folder name. Usage of 'Shared' is reserved by ownCloud" => "Ogiltigt mappnamn. Användning av 'Shared' är reserverad av ownCloud",
"Unable to rename file" => "Kan inte byta namn på filen",
"Upload" => "Ladda upp",
"File handling" => "Filhantering",

1
apps/files/l10n/zh_TW.php
View file

@ -46,6 +46,7 @@
"{count} folders" => "{count} 個資料夾",
"1 file" => "1 個檔案",
"{count} files" => "{count} 個檔案",
"Invalid folder name. Usage of 'Shared' is reserved by ownCloud" => "無效的資料夾名稱,'Shared' 的使用被 ownCloud 保留",
"Unable to rename file" => "無法重新命名檔案",
"Upload" => "上傳",
"File handling" => "檔案處理",

4
apps/files/templates/part.list.php
View file

@ -3,12 +3,12 @@
<?php foreach($_['files'] as $file):
$simple_file_size = OCP\simple_file_size($file['size']);
// the bigger the file, the darker the shade of grey; megabytes*2
$simple_size_color = intval(200-$file['size']/(1024*1024)*2);
$simple_size_color = intval(160-$file['size']/(1024*1024)*2);
if($simple_size_color<0) $simple_size_color = 0;
$relative_modified_date = OCP\relative_modified_date($file['mtime']);
// the older the file, the brighter the shade of grey; days*14
$relative_date_color = round((time()-$file['mtime'])/60/60/24*14);
if($relative_date_color>200) $relative_date_color = 200;
if($relative_date_color>160) $relative_date_color = 160;
$name = rawurlencode($file['name']);
$name = str_replace('%2F', '/', $name);
$directory = rawurlencode($file['directory']);

40
apps/files_encryption/ajax/adminrecovery.php
View file

@ -13,31 +13,47 @@ use OCA\Encryption;
\OCP\JSON::checkAppEnabled('files_encryption');
\OCP\JSON::callCheck();
$l=OC_L10N::get('files_encryption');
$l = OC_L10N::get('files_encryption');
$return = false;
// Enable recoveryAdmin
$recoveryKeyId = OC_Appconfig::getValue('files_encryption', 'recoveryKeyId');
if (isset($_POST['adminEnableRecovery']) && $_POST['adminEnableRecovery'] == 1){
if (isset($_POST['adminEnableRecovery']) && $_POST['adminEnableRecovery'] === '1') {
$return = \OCA\Encryption\Helper::adminEnableRecovery($recoveryKeyId, $_POST['recoveryPassword']);
$action = "enable";
// Return success or failure
if ($return) {
\OCP\JSON::success(array('data' => array('message' => $l->t('Recovery key successfully enabled'))));
} else {
\OCP\JSON::error(array(
'data' => array(
'message' => $l->t(
'Could not enable recovery key. Please check your recovery key password!')
)
));
}
// Disable recoveryAdmin
} elseif (
isset($_POST['adminEnableRecovery'])
&& 0 == $_POST['adminEnableRecovery']
&& '0' === $_POST['adminEnableRecovery']
) {
$return = \OCA\Encryption\Helper::adminDisableRecovery($_POST['recoveryPassword']);
$action = "disable";
// Return success or failure
if ($return) {
\OCP\JSON::success(array('data' => array('message' => $l->t('Recovery key successfully disabled'))));
} else {
\OCP\JSON::error(array(
'data' => array(
'message' => $l->t(
'Could not disable recovery key. Please check your recovery key password!')
)
));
}
}
// Return success or failure
if ($return) {
\OCP\JSON::success(array("data" => array( "message" => $l->t('Recovery key successfully ' . $action.'d'))));
} else {
\OCP\JSON::error(array("data" => array( "message" => $l->t('Could not '.$action.' recovery key. Please check your recovery key password!'))));
}

30
apps/files_encryption/ajax/changeRecoveryPassword.php
View file

@ -6,7 +6,7 @@
* See the COPYING-README file.
*
* @brief Script to change recovery key password
*
*
*/
use OCA\Encryption;
@ -15,38 +15,38 @@ use OCA\Encryption;
\OCP\JSON::checkAppEnabled('files_encryption');
\OCP\JSON::callCheck();
$l=OC_L10N::get('core');
$l = OC_L10N::get('core');
$return = false;
$oldPassword = $_POST['oldPassword'];
$newPassword = $_POST['newPassword'];
$view = new \OC\Files\View('/');
$util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), \OCP\User::getUser());
$result = $util->checkRecoveryPassword($oldPassword);
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
if ($result) {
$keyId = $util->getRecoveryKeyId();
$keyPath = '/owncloud_private_key/' . $keyId . ".private.key";
$view = new \OC\Files\View('/');
$keyId = $util->getRecoveryKeyId();
$keyPath = '/owncloud_private_key/' . $keyId . '.private.key';
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$encryptedRecoveryKey = $view->file_get_contents($keyPath);
$decryptedRecoveryKey = \OCA\Encryption\Crypt::decryptPrivateKey($encryptedRecoveryKey, $oldPassword);
if ($decryptedRecoveryKey) {
$encryptedRecoveryKey = $view->file_get_contents($keyPath);
$decryptedRecoveryKey = \OCA\Encryption\Crypt::symmetricDecryptFileContent($encryptedRecoveryKey, $oldPassword);
$encryptedRecoveryKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($decryptedRecoveryKey, $newPassword);
$view->file_put_contents($keyPath, $encryptedRecoveryKey);
\OC_FileProxy::$enabled = $proxyStatus;
$return = true;
}
\OC_FileProxy::$enabled = $proxyStatus;
// success or failure
if ($return) {
\OCP\JSON::success(array("data" => array( "message" => $l->t('Password successfully changed.'))));
\OCP\JSON::success(array('data' => array('message' => $l->t('Password successfully changed.'))));
} else {
\OCP\JSON::error(array("data" => array( "message" => $l->t('Could not change the password. Maybe the old password was not correct.'))));
\OCP\JSON::error(array('data' => array('message' => $l->t('Could not change the password. Maybe the old password was not correct.'))));
}

54
apps/files_encryption/ajax/updatePrivateKeyPassword.php Normal file
View file

@ -0,0 +1,54 @@
<?php
/**
* Copyright (c) 2013, Bjoern Schiessle <schiessle@owncloud.com>
* This file is licensed under the Affero General Public License version 3 or later.
* See the COPYING-README file.
*
* @brief Script to change recovery key password
*
*/
use OCA\Encryption;
\OCP\JSON::checkLoggedIn();
\OCP\JSON::checkAppEnabled('files_encryption');
\OCP\JSON::callCheck();
$l = OC_L10N::get('core');
$return = false;
$oldPassword = $_POST['oldPassword'];
$newPassword = $_POST['newPassword'];
$view = new \OC\Files\View('/');
$session = new \OCA\Encryption\Session($view);
$user = \OCP\User::getUser();
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$keyPath = '/' . $user . '/files_encryption/' . $user . '.private.key';
$encryptedKey = $view->file_get_contents($keyPath);
$decryptedKey = \OCA\Encryption\Crypt::decryptPrivateKey($encryptedKey, $oldPassword);
if ($decryptedKey) {
$encryptedKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($decryptedKey, $newPassword);
$view->file_put_contents($keyPath, $encryptedKey);
$session->setPrivateKey($decryptedKey);
$return = true;
}
\OC_FileProxy::$enabled = $proxyStatus;
// success or failure
if ($return) {
\OCP\JSON::success(array('data' => array('message' => $l->t('Private key password successfully updated.'))));
} else {
\OCP\JSON::error(array('data' => array('message' => $l->t('Could not update the private key password. Maybe the old password was not correct.'))));
}

26
apps/files_encryption/ajax/userrecovery.php
View file

@ -10,32 +10,32 @@
use OCA\Encryption;
\OCP\JSON::checkLoggedIn();
\OCP\JSON::checkAppEnabled( 'files_encryption' );
\OCP\JSON::checkAppEnabled('files_encryption');
\OCP\JSON::callCheck();
if (
isset( $_POST['userEnableRecovery'] )
&& ( 0 == $_POST['userEnableRecovery'] || 1 == $_POST['userEnableRecovery'] )
if (
isset($_POST['userEnableRecovery'])
&& (0 == $_POST['userEnableRecovery'] || '1' === $_POST['userEnableRecovery'])
) {
$userId = \OCP\USER::getUser();
$view = new \OC_FilesystemView( '/' );
$util = new \OCA\Encryption\Util( $view, $userId );
// Save recovery preference to DB
$return = $util->setRecoveryForUser( $_POST['userEnableRecovery'] );
$view = new \OC_FilesystemView('/');
$util = new \OCA\Encryption\Util($view, $userId);
if ($_POST['userEnableRecovery'] == "1") {
// Save recovery preference to DB
$return = $util->setRecoveryForUser($_POST['userEnableRecovery']);
if ($_POST['userEnableRecovery'] === '1') {
$util->addRecoveryKeys();
} else {
$util->removeRecoveryKeys();
}
} else {
$return = false;
}
// Return success or failure
( $return ) ? \OCP\JSON::success() : \OCP\JSON::error();
($return) ? \OCP\JSON::success() : \OCP\JSON::error();

67
apps/files_encryption/appinfo/app.php
View file

@ -10,42 +10,59 @@ OC::$CLASSPATH['OCA\Encryption\Session'] = 'files_encryption/lib/session.php';
OC::$CLASSPATH['OCA\Encryption\Capabilities'] = 'files_encryption/lib/capabilities.php';
OC::$CLASSPATH['OCA\Encryption\Helper'] = 'files_encryption/lib/helper.php';
OC_FileProxy::register( new OCA\Encryption\Proxy() );
if (!OC_Config::getValue('maintenance', false)) {
OC_FileProxy::register(new OCA\Encryption\Proxy());
// User related hooks
OCA\Encryption\Helper::registerUserHooks();
// User related hooks
OCA\Encryption\Helper::registerUserHooks();
// Sharing related hooks
OCA\Encryption\Helper::registerShareHooks();
// Sharing related hooks
OCA\Encryption\Helper::registerShareHooks();
// Filesystem related hooks
OCA\Encryption\Helper::registerFilesystemHooks();
// Filesystem related hooks
OCA\Encryption\Helper::registerFilesystemHooks();
stream_wrapper_register( 'crypt', 'OCA\Encryption\Stream' );
stream_wrapper_register('crypt', 'OCA\Encryption\Stream');
// check if we are logged in
if (OCP\User::isLoggedIn()) {
$view = new OC_FilesystemView('/');
$session = new \OCA\Encryption\Session($view);
// check if we are logged in
if (OCP\User::isLoggedIn()) {
// check if user has a private key
if (
!$session->getPrivateKey(\OCP\USER::getUser())
&& OCA\Encryption\Crypt::mode() === 'server'
) {
// ensure filesystem is loaded
if (!\OC\Files\Filesystem::$loaded) {
\OC_Util::setupFS();
}
// Force the user to log-in again if the encryption key isn't unlocked
// (happens when a user is logged in before the encryption app is
// enabled)
OCP\User::logout();
$view = new OC_FilesystemView('/');
header("Location: " . OC::$WEBROOT . '/');
$sessionReady = false;
if(extension_loaded("openssl")) {
$session = new \OCA\Encryption\Session($view);
$sessionReady = true;
}
exit();
$user = \OCP\USER::getUser();
// check if user has a private key
if ($sessionReady === false
|| (!$view->file_exists('/' . $user . '/files_encryption/' . $user . '.private.key')
&& OCA\Encryption\Crypt::mode() === 'server')
) {
// Force the user to log-in again if the encryption key isn't unlocked
// (happens when a user is logged in before the encryption app is
// enabled)
OCP\User::logout();
header("Location: " . OC::$WEBROOT . '/');
exit();
}
}
} else {
// logout user if we are in maintenance to force re-login
OCP\User::logout();
}
// Register settings scripts
OCP\App::registerAdmin( 'files_encryption', 'settings-admin' );
OCP\App::registerPersonal( 'files_encryption', 'settings-personal' );
OCP\App::registerAdmin('files_encryption', 'settings-admin');
OCP\App::registerPersonal('files_encryption', 'settings-personal');

2
apps/files_encryption/appinfo/info.xml
View file

@ -2,7 +2,7 @@
<info>
<id>files_encryption</id>
<name>Encryption</name>
<description>Server side encryption of files. Warning: You will lose your data if you enable this App and forget your password. Encryption is not yet compatible with LDAP.</description>
<description>WARNING: This is a preview release of the new ownCloud 5 encryption system. Testing and feedback is very welcome but don't use this in production yet. After the app was enabled you need to re-login to initialize your encryption keys</description>
<licence>AGPL</licence>
<author>Sam Tuke, Bjoern Schiessle, Florin Peter</author>
<require>4</require>

2
apps/files_encryption/appinfo/version
View file

@ -1 +1 @@
0.3
0.4

24
apps/files_encryption/files/error.php Normal file
View file

@ -0,0 +1,24 @@
<?php
if (!isset($_)) { //also provide standalone error page
require_once '../../../lib/base.php';
$l = OC_L10N::get('files_encryption');
$errorMsg = $l->t('Your private key is not valid! Maybe your password was changed from outside. You can update your private key password in your personal settings to regain access to your files');
if(isset($_GET['p']) && $_GET['p'] === '1') {
header('HTTP/1.0 404 ' . $errorMsg);
}
// check if ajax request
if(!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
\OCP\JSON::error(array('data' => array('message' => $errorMsg)));
} else {
header('HTTP/1.0 404 ' . $errorMsg);
$tmpl = new OC_Template('files_encryption', 'invalid_private_key', 'guest');
$tmpl->printPage();
}
exit;
}
?>

403
apps/files_encryption/hooks/hooks.php
View file

@ -37,123 +37,147 @@ class Hooks {
* @brief Startup encryption backend upon user login
* @note This method should never be called for users using client side encryption
*/
public static function login( $params ) {
// Manually initialise Filesystem{} singleton with correct
// fake root path, in order to avoid fatal webdav errors
// NOTE: disabled because this give errors on webdav!
//\OC\Files\Filesystem::init( $params['uid'], '/' . 'files' . '/' );
$view = new \OC_FilesystemView( '/' );
public static function login($params) {
$l = new \OC_L10N('files_encryption');
//check if openssl is available
if(!extension_loaded("openssl") ) {
$error_msg = $l->t("PHP module OpenSSL is not installed.");
$hint = $l->t('Please ask your server administrator to install the module. For now the encryption app was disabled.');
\OC_App::disable('files_encryption');
\OCP\Util::writeLog('Encryption library', $error_msg . ' ' . $hint, \OCP\Util::ERROR);
\OCP\Template::printErrorPage($error_msg, $hint);
}
$util = new Util( $view, $params['uid'] );
$view = new \OC_FilesystemView('/');
// setup user, if user not ready force relogin
if(Helper::setupUser($util, $params['password']) === false) {
return false;
}
// ensure filesystem is loaded
if(!\OC\Files\Filesystem::$loaded) {
\OC_Util::setupFS($params['uid']);
}
$encryptedKey = Keymanager::getPrivateKey( $view, $params['uid'] );
$privateKey = Crypt::symmetricDecryptFileContent( $encryptedKey, $params['password'] );
$util = new Util($view, $params['uid']);
// setup user, if user not ready force relogin
if (Helper::setupUser($util, $params['password']) === false) {
return false;
}
$encryptedKey = Keymanager::getPrivateKey($view, $params['uid']);
$privateKey = Crypt::decryptPrivateKey($encryptedKey, $params['password']);
if ($privateKey === false) {
\OCP\Util::writeLog('Encryption library', 'Private key for user "' . $params['uid']
. '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access', \OCP\Util::ERROR);
}
$session = new \OCA\Encryption\Session($view);
$session->setPrivateKey($privateKey);
$session = new Session( $view );
$session->setPrivateKey( $privateKey, $params['uid'] );
// Check if first-run file migration has already been performed
$migrationCompleted = $util->getMigrationStatus();
$ready = false;
if ($util->getMigrationStatus() === Util::MIGRATION_OPEN) {
$ready = $util->beginMigration();
}
// If migration not yet done
if ( ! $migrationCompleted ) {
$userView = new \OC_FilesystemView( '/' . $params['uid'] );
if ($ready) {
$userView = new \OC_FilesystemView('/' . $params['uid']);
// Set legacy encryption key if it exists, to support
// depreciated encryption system
if (
$userView->file_exists( 'encryption.key' )
&& $encLegacyKey = $userView->file_get_contents( 'encryption.key' )
$userView->file_exists('encryption.key')
&& $encLegacyKey = $userView->file_get_contents('encryption.key')
) {
$plainLegacyKey = Crypt::legacyDecrypt( $encLegacyKey, $params['password'] );
$session->setLegacyKey( $plainLegacyKey );
$plainLegacyKey = Crypt::legacyDecrypt($encLegacyKey, $params['password']);
$session->setLegacyKey($plainLegacyKey);
}
$publicKey = Keymanager::getPublicKey( $view, $params['uid'] );
// Encrypt existing user files:
// This serves to upgrade old versions of the encryption
// app (see appinfo/spec.txt)
if (
$util->encryptAll( '/' . $params['uid'] . '/' . 'files', $session->getLegacyKey(), $params['password'] )
$util->encryptAll('/' . $params['uid'] . '/' . 'files', $session->getLegacyKey(), $params['password'])
) {
\OC_Log::write(
\OC_Log::write(
'Encryption library', 'Encryption of existing files belonging to "' . $params['uid'] . '" completed'
, \OC_Log::INFO
, \OC_Log::INFO
);
}
// Register successful migration in DB
$util->setMigrationStatus( 1 );
$util->finishMigration();
}
return true;
}
/**
* @brief setup encryption backend upon user created
* @note This method should never be called for users using client side encryption
*/
public static function postCreateUser( $params ) {
$view = new \OC_FilesystemView( '/' );
/**
* @brief setup encryption backend upon user created
* @note This method should never be called for users using client side encryption
*/
public static function postCreateUser($params) {
$view = new \OC_FilesystemView('/');
$util = new Util( $view, $params['uid'] );
$util = new Util($view, $params['uid']);
Helper::setupUser($util, $params['password']);
}
Helper::setupUser($util, $params['password']);
}
/**
* @brief cleanup encryption backend upon user deleted
* @note This method should never be called for users using client side encryption
*/
public static function postDeleteUser( $params ) {
$view = new \OC_FilesystemView( '/' );
/**
* @brief cleanup encryption backend upon user deleted
* @note This method should never be called for users using client side encryption
*/
public static function postDeleteUser($params) {
$view = new \OC_FilesystemView('/');
// cleanup public key
$publicKey = '/public-keys/' . $params['uid'] . '.public.key';
// cleanup public key
$publicKey = '/public-keys/' . $params['uid'] . '.public.key';
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$view->unlink($publicKey);
$view->unlink($publicKey);
\OC_FileProxy::$enabled = $proxyStatus;
}
\OC_FileProxy::$enabled = $proxyStatus;
}
/**
/**
* @brief If the password can't be changed within ownCloud, than update the key password in advance.
*/
public static function preSetPassphrase($params) {
if ( ! \OC_User::canUserChangePassword($params['uid']) ) {
self::setPassphrase($params);
}
}
/**
* @brief Change a user's encryption passphrase
* @param array $params keys: uid, password
*/
public static function setPassphrase($params) {
// Only attempt to change passphrase if server-side encryption
// is in use (client-side encryption does not have access to
// is in use (client-side encryption does not have access to
// the necessary keys)
if (Crypt::mode() == 'server') {
if (Crypt::mode() === 'server') {
if ($params['uid'] == \OCP\User::getUser()) {
if ($params['uid'] === \OCP\User::getUser()) {
$view = new \OC_FilesystemView('/');
$session = new Session($view);
$session = new \OCA\Encryption\Session($view);
// Get existing decrypted private key
$privateKey = $session->getPrivateKey();
@ -167,10 +191,10 @@ class Hooks {
// NOTE: Session does not need to be updated as the
// private key has not changed, only the passphrase
// used to decrypt it has changed
} else { // admin changed the password for a different user, create new keys and reencrypt file keys
$user = $params['uid'];
$recoveryPassword = $params['recoveryPassword'];
$newUserPassword = $params['password'];
@ -181,21 +205,22 @@ class Hooks {
\OC\Files\Filesystem::initMountPoints($user);
$keypair = Crypt::createKeypair();
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Save public key
$view->file_put_contents( '/public-keys/'.$user.'.public.key', $keypair['publicKey'] );
$view->file_put_contents('/public-keys/' . $user . '.public.key', $keypair['publicKey']);
// Encrypt private key empty passphrase
$encryptedPrivateKey = Crypt::symmetricEncryptFileContent( $keypair['privateKey'], $newUserPassword );
$encryptedPrivateKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], $newUserPassword);
// Save private key
$view->file_put_contents( '/'.$user.'/files_encryption/'.$user.'.private.key', $encryptedPrivateKey );
$view->file_put_contents(
'/' . $user . '/files_encryption/' . $user . '.private.key', $encryptedPrivateKey);
if ( $recoveryPassword ) { // if recovery key is set we can re-encrypt the key files
if ($recoveryPassword) { // if recovery key is set we can re-encrypt the key files
$util = new Util($view, $user);
$util->recoverUsersFiles($recoveryPassword);
}
@ -233,16 +258,17 @@ class Hooks {
}
}
if($error)
// Set flag var 'run' to notify emitting
if ($error) // Set flag var 'run' to notify emitting
// script that hook execution failed
{
$params['run']->run = false;
// TODO: Make sure files_sharing provides user
// feedback on failed share
}
// TODO: Make sure files_sharing provides user
// feedback on failed share
}
/**
* @brief
* @brief
*/
public static function postShared($params) {
@ -268,14 +294,14 @@ class Hooks {
if ($params['itemType'] === 'file' || $params['itemType'] === 'folder') {
$view = new \OC_FilesystemView('/');
$session = new Session($view);
$session = new \OCA\Encryption\Session($view);
$userId = \OCP\User::getUser();
$util = new Util($view, $userId);
$path = $util->fileIdToPath($params['itemSource']);
$share = $util->getParentFromShare($params['id']);
//if parent is set, then this is a re-share action
if ($share['parent'] != null) {
if ($share['parent'] !== null) {
// get the parent from current share
$parent = $util->getShareParent($params['parent']);
@ -327,6 +353,12 @@ class Hooks {
$sharingEnabled = \OCP\Share::isEnabled();
// get the path including mount point only if not a shared folder
if (strncmp($path, '/Shared', strlen('/Shared') !== 0)) {
// get path including the the storage mount point
$path = $util->getPathWithMountPoint($params['itemSource']);
}
// if a folder was shared, get a list of all (sub-)folders
if ($params['itemType'] === 'folder') {
$allFiles = $util->getAllFiles($path);
@ -336,15 +368,15 @@ class Hooks {
foreach ($allFiles as $path) {
$usersSharing = $util->getSharingUsersArray($sharingEnabled, $path);
$util->setSharedFileKeyfiles( $session, $usersSharing, $path );
$util->setSharedFileKeyfiles($session, $usersSharing, $path);
}
}
}
/**
* @brief
* @brief
*/
public static function postUnshare( $params ) {
public static function postUnshare($params) {
// NOTE: $params has keys:
// [itemType] => file
@ -353,40 +385,34 @@ class Hooks {
// [shareWith] => test1
// [itemParent] =>
if ( $params['itemType'] === 'file' || $params['itemType'] === 'folder' ) {
if ($params['itemType'] === 'file' || $params['itemType'] === 'folder') {
$view = new \OC_FilesystemView( '/' );
$view = new \OC_FilesystemView('/');
$userId = \OCP\User::getUser();
$util = new Util( $view, $userId);
$path = $util->fileIdToPath( $params['itemSource'] );
$util = new Util($view, $userId);
$path = $util->fileIdToPath($params['itemSource']);
// check if this is a re-share
if ( $params['itemParent'] ) {
if ($params['itemParent']) {
// get the parent from current share
$parent = $util->getShareParent( $params['itemParent'] );
$parent = $util->getShareParent($params['itemParent']);
// get target path
$targetPath = $util->fileIdToPath( $params['itemSource'] );
$targetPathSplit = array_reverse( explode( '/', $targetPath ) );
$targetPath = $util->fileIdToPath($params['itemSource']);
$targetPathSplit = array_reverse(explode('/', $targetPath));
// init values
$path = '';
$sharedPart = ltrim( $parent['file_target'], '/' );
$sharedPart = ltrim($parent['file_target'], '/');
// rebuild path
foreach ( $targetPathSplit as $pathPart ) {
if ( $pathPart !== $sharedPart ) {
foreach ($targetPathSplit as $pathPart) {
if ($pathPart !== $sharedPart) {
$path = '/' . $pathPart . $path;
} else {
break;
}
}
// prefix path with Shared
@ -394,118 +420,127 @@ class Hooks {
}
// for group shares get a list of the group members
if ( $params['shareType'] == \OCP\Share::SHARE_TYPE_GROUP ) {
if ($params['shareType'] === \OCP\Share::SHARE_TYPE_GROUP) {
$userIds = \OC_Group::usersInGroup($params['shareWith']);
} else if ( $params['shareType'] == \OCP\Share::SHARE_TYPE_LINK ){
$userIds = array( $util->getPublicShareKeyId() );
} else {
$userIds = array( $params['shareWith'] );
if ($params['shareType'] === \OCP\Share::SHARE_TYPE_LINK) {
$userIds = array($util->getPublicShareKeyId());
} else {
$userIds = array($params['shareWith']);
}
}
// get the path including mount point only if not a shared folder
if (strncmp($path, '/Shared', strlen('/Shared') !== 0)) {
// get path including the the storage mount point
$path = $util->getPathWithMountPoint($params['itemSource']);
}
// if we unshare a folder we need a list of all (sub-)files
if ( $params['itemType'] === 'folder' ) {
$allFiles = $util->getAllFiles( $path );
if ($params['itemType'] === 'folder') {
$allFiles = $util->getAllFiles($path);
} else {
$allFiles = array( $path );
$allFiles = array($path);
}
foreach ( $allFiles as $path ) {
foreach ($allFiles as $path) {
// check if the user still has access to the file, otherwise delete share key
$sharingUsers = $util->getSharingUsersArray( true, $path );
$sharingUsers = $util->getSharingUsersArray(true, $path);
// Unshare every user who no longer has access to the file
$delUsers = array_diff( $userIds, $sharingUsers);
$delUsers = array_diff($userIds, $sharingUsers);
// delete share key
Keymanager::delShareKey( $view, $delUsers, $path );
Keymanager::delShareKey($view, $delUsers, $path);
}
}
}
/**
* @brief after a file is renamed, rename its keyfile and share-keys also fix the file size and fix also the sharing
* @param array with oldpath and newpath
*
* This function is connected to the rename signal of OC_Filesystem and adjust the name and location
* of the stored versions along the actual file
*/
public static function postRename($params) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
* @brief after a file is renamed, rename its keyfile and share-keys also fix the file size and fix also the sharing
* @param array with oldpath and newpath
*
* This function is connected to the rename signal of OC_Filesystem and adjust the name and location
* of the stored versions along the actual file
*/
public static function postRename($params) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$view = new \OC_FilesystemView('/');
$session = new Session($view);
$userId = \OCP\User::getUser();
$util = new Util( $view, $userId );
$view = new \OC_FilesystemView('/');
$session = new \OCA\Encryption\Session($view);
$userId = \OCP\User::getUser();
$util = new Util($view, $userId);
// Format paths to be relative to user files dir
$oldKeyfilePath = \OC\Files\Filesystem::normalizePath($userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $params['oldpath']);
$newKeyfilePath = \OC\Files\Filesystem::normalizePath($userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $params['newpath']);
// Format paths to be relative to user files dir
$oldKeyfilePath = \OC\Files\Filesystem::normalizePath(
$userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $params['oldpath']);
$newKeyfilePath = \OC\Files\Filesystem::normalizePath(
$userId . '/' . 'files_encryption' . '/' . 'keyfiles' . '/' . $params['newpath']);
// add key ext if this is not an folder
if (!$view->is_dir($oldKeyfilePath)) {
$oldKeyfilePath .= '.key';
$newKeyfilePath .= '.key';
// add key ext if this is not an folder
if (!$view->is_dir($oldKeyfilePath)) {
$oldKeyfilePath .= '.key';
$newKeyfilePath .= '.key';
// handle share-keys
$localKeyPath = $view->getLocalFile($userId.'/files_encryption/share-keys/'.$params['oldpath']);
$matches = glob(preg_quote($localKeyPath).'*.shareKey');
foreach ($matches as $src) {
$dst = \OC\Files\Filesystem::normalizePath(str_replace($params['oldpath'], $params['newpath'], $src));
// handle share-keys
$localKeyPath = $view->getLocalFile($userId . '/files_encryption/share-keys/' . $params['oldpath']);
$matches = glob(preg_quote($localKeyPath) . '*.shareKey');
foreach ($matches as $src) {
$dst = \OC\Files\Filesystem::normalizePath(str_replace($params['oldpath'], $params['newpath'], $src));
// create destination folder if not exists
if(!file_exists(dirname($dst))) {
mkdir(dirname($dst), 0750, true);
}
// create destination folder if not exists
if (!file_exists(dirname($dst))) {
mkdir(dirname($dst), 0750, true);
}
rename($src, $dst);
}
rename($src, $dst);
}
} else {
// handle share-keys folders
$oldShareKeyfilePath = \OC\Files\Filesystem::normalizePath($userId . '/' . 'files_encryption' . '/' . 'share-keys' . '/' . $params['oldpath']);
$newShareKeyfilePath = \OC\Files\Filesystem::normalizePath($userId . '/' . 'files_encryption' . '/' . 'share-keys' . '/' . $params['newpath']);
} else {
// handle share-keys folders
$oldShareKeyfilePath = \OC\Files\Filesystem::normalizePath(
$userId . '/' . 'files_encryption' . '/' . 'share-keys' . '/' . $params['oldpath']);
$newShareKeyfilePath = \OC\Files\Filesystem::normalizePath(
$userId . '/' . 'files_encryption' . '/' . 'share-keys' . '/' . $params['newpath']);
// create destination folder if not exists
if(!$view->file_exists(dirname($newShareKeyfilePath))) {
$view->mkdir(dirname($newShareKeyfilePath), 0750, true);
}
// create destination folder if not exists
if (!$view->file_exists(dirname($newShareKeyfilePath))) {
$view->mkdir(dirname($newShareKeyfilePath), 0750, true);
}
$view->rename($oldShareKeyfilePath, $newShareKeyfilePath);
}
$view->rename($oldShareKeyfilePath, $newShareKeyfilePath);
}
// Rename keyfile so it isn't orphaned
if($view->file_exists($oldKeyfilePath)) {
// Rename keyfile so it isn't orphaned
if ($view->file_exists($oldKeyfilePath)) {
// create destination folder if not exists
if(!$view->file_exists(dirname($newKeyfilePath))) {
$view->mkdir(dirname($newKeyfilePath), 0750, true);
}
// create destination folder if not exists
if (!$view->file_exists(dirname($newKeyfilePath))) {
$view->mkdir(dirname($newKeyfilePath), 0750, true);
}
$view->rename($oldKeyfilePath, $newKeyfilePath);
}
$view->rename($oldKeyfilePath, $newKeyfilePath);
}
// build the path to the file
$newPath = '/' . $userId . '/files' .$params['newpath'];
$newPathRelative = $params['newpath'];
// build the path to the file
$newPath = '/' . $userId . '/files' . $params['newpath'];
$newPathRelative = $params['newpath'];
if($util->fixFileSize($newPath)) {
// get sharing app state
$sharingEnabled = \OCP\Share::isEnabled();
if ($util->fixFileSize($newPath)) {
// get sharing app state
$sharingEnabled = \OCP\Share::isEnabled();
// get users
$usersSharing = $util->getSharingUsersArray($sharingEnabled, $newPathRelative);
// get users
$usersSharing = $util->getSharingUsersArray($sharingEnabled, $newPathRelative);
// update sharing-keys
$util->setSharedFileKeyfiles($session, $usersSharing, $newPathRelative);
}
// update sharing-keys
$util->setSharedFileKeyfiles($session, $usersSharing, $newPathRelative);
}
\OC_FileProxy::$enabled = $proxyStatus;
}
\OC_FileProxy::$enabled = $proxyStatus;
}
}

38
apps/files_encryption/js/settings-personal.js
View file

@ -4,7 +4,25 @@
* See the COPYING-README file.
*/
function updatePrivateKeyPasswd() {
var oldPrivateKeyPassword = $('input:password[id="oldPrivateKeyPassword"]').val();
var newPrivateKeyPassword = $('input:password[id="newPrivateKeyPassword"]').val();
OC.msg.startSaving('#encryption .msg');
$.post(
OC.filePath( 'files_encryption', 'ajax', 'updatePrivateKeyPassword.php' )
, { oldPassword: oldPrivateKeyPassword, newPassword: newPrivateKeyPassword }
, function( data ) {
if (data.status === "error") {
OC.msg.finishedSaving('#encryption .msg', data);
} else {
OC.msg.finishedSaving('#encryption .msg', data);
}
}
);
}
$(document).ready(function(){
// Trigger ajax on recoveryAdmin status change
$( 'input:radio[name="userEnableRecovery"]' ).change(
function() {
@ -57,4 +75,24 @@ $(document).ready(function(){
}
);
// update private key password
$('input:password[name="changePrivateKeyPassword"]').keyup(function(event) {
var oldPrivateKeyPassword = $('input:password[id="oldPrivateKeyPassword"]').val();
var newPrivateKeyPassword = $('input:password[id="newPrivateKeyPassword"]').val();
if (newPrivateKeyPassword !== '' && oldPrivateKeyPassword !== '' ) {
$('button:button[name="submitChangePrivateKeyPassword"]').removeAttr("disabled");
if(event.which === 13) {
updatePrivateKeyPasswd();
}
} else {
$('button:button[name="submitChangePrivateKeyPassword"]').attr("disabled", "true");
}
});
$('button:button[name="submitChangePrivateKeyPassword"]').click(function() {
updatePrivateKeyPasswd();
});
});

7
apps/files_encryption/l10n/ar.php
View file

@ -1,7 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "التشفير",
"File encryption is enabled." => "تشفير الملفات فعال.",
"The following file types will not be encrypted:" => "الملفات الاتية لن يتم تشفيرها:",
"Exclude the following file types from encryption:" => "إستثناء أنواع الملفات الاتية من التشفير: ",
"None" => "لا شيء"
"Saving..." => "جاري الحفظ...",
"Encryption" => "التشفير"
);

4
apps/files_encryption/l10n/bg_BG.php
View file

@ -1,4 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Криптиране",
"None" => "Няма"
"Saving..." => "Записване...",
"Encryption" => "Криптиране"
);

4
apps/files_encryption/l10n/bn_BD.php
View file

@ -1,4 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "সংকেতায়ন",
"None" => "কোনটিই নয়"
"Saving..." => "সংরক্ষণ করা হচ্ছে..",
"Encryption" => "সংকেতায়ন"
);

30
apps/files_encryption/l10n/ca.php
View file

@ -1,7 +1,29 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "La clau de recuperació s'ha activat",
"Could not enable recovery key. Please check your recovery key password!" => "No s'ha pogut activar la clau de recuperació. Comproveu contrasenya de la clau de recuperació!",
"Recovery key successfully disabled" => "La clau de recuperació s'ha descativat",
"Could not disable recovery key. Please check your recovery key password!" => "No s'ha pogut desactivar la calu de recuperació. Comproveu la contrasenya de la clau de recuperació!",
"Password successfully changed." => "La contrasenya s'ha canviat.",
"Could not change the password. Maybe the old password was not correct." => "No s'ha pogut canviar la contrasenya. Potser la contrasenya anterior no era correcta.",
"Private key password successfully updated." => "La contrasenya de la clau privada s'ha actualitzat.",
"Could not update the private key password. Maybe the old password was not correct." => "No s'ha pogut actualitzar la contrasenya de la clau privada. Potser la contrasenya anterior no era correcta.",
"Your private key is not valid! Maybe your password was changed from outside. You can update your private key password in your personal settings to regain access to your files" => "La clau privada no és vàlida! Potser la contrasenya ha canviat des de fora. Podeu actualitzar la contrasenya de la clau privada a l'arranjament personal per obtenir de nou accés als vostres fitxers",
"Saving..." => "Desant...",
"Your private key is not valid! Maybe the your password was changed from outside." => "La vostra clau privada no és vàlida! Potser la vostra contrasenya ha canviat des de fora.",
"You can unlock your private key in your " => "Podeu desbloquejar la clau privada en el vostre",
"personal settings" => "arranjament personal",
"Encryption" => "Xifrat",
"File encryption is enabled." => "El xifrat de fitxers està activat.",
"The following file types will not be encrypted:" => "Els tipus de fitxers següents no es xifraran:",
"Exclude the following file types from encryption:" => "Exclou els tipus de fitxers següents del xifratge:",
"None" => "Cap"
"Enabled" => "Activat",
"Disabled" => "Desactivat",
"Change Password" => "Canvia la contrasenya",
"Your private key password no longer match your log-in password:" => "La clau privada ja no es correspon amb la contrasenya d'accés:",
"Set your old private key password to your current log-in password." => "Establiu la vostra contrasenya clau en funció de la contrasenya actual d'accés.",
" If you don't remember your old password you can ask your administrator to recover your files." => "Si no recordeu la contrasenya anterior podeu demanar a l'administrador que recuperi els vostres fitxers.",
"Old log-in password" => "Contrasenya anterior d'accés",
"Current log-in password" => "Contrasenya d'accés actual",
"Update Private Key Password" => "Actualitza la contrasenya de clau privada",
"Enable password recovery:" => "Habilita la recuperació de contrasenya:",
"Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" => "Activar aquesta opció us permetrà obtenir de nou accés als vostres fitxers encriptats en cas de perdre la contrasenya",
"File recovery settings updated" => "S'han actualitzat els arranjaments de recuperació de fitxers",
"Could not update file recovery" => "No s'ha pogut actualitzar la recuperació de fitxers"
);

21
apps/files_encryption/l10n/cs_CZ.php
View file

@ -1,7 +1,20 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Záchranný klíč byl úspěšně povolen",
"Could not enable recovery key. Please check your recovery key password!" => "Nepodařilo se povolit záchranný klíč. Zkontrolujte prosím vaše heslo záchranného klíče!",
"Recovery key successfully disabled" => "Záchranný klíč byl úspěšně zakázán",
"Could not disable recovery key. Please check your recovery key password!" => "Nelze zakázat záchranný klíč. Zkontrolujte prosím heslo vašeho záchranného klíče.",
"Password successfully changed." => "Heslo bylo úspěšně změněno.",
"Could not change the password. Maybe the old password was not correct." => "Nelze změnit heslo. Pravděpodobně nebylo stávající heslo zadáno správně.",
"Private key password successfully updated." => "Heslo soukromého klíče úspěšně aktualizováno.",
"Could not update the private key password. Maybe the old password was not correct." => "Nelze aktualizovat heslo soukromého klíče. Možná nebylo staré heslo správně.",
"Your private key is not valid! Maybe your password was changed from outside. You can update your private key password in your personal settings to regain access to your files" => "Váš soukromý klíč není platný. Možná bylo vaše heslo změněno z venku. Můžete aktualizovat heslo soukromého klíče v osobním nastavení pro opětovné získání přístupu k souborům",
"Saving..." => "Ukládám...",
"Encryption" => "Šifrování",
"File encryption is enabled." => "Šifrování je povoleno.",
"The following file types will not be encrypted:" => "Následující typy souborů nebudou šifrovány:",
"Exclude the following file types from encryption:" => "Vyjmout následující typy souborů ze šifrování:",
"None" => "Žádné"
"Enabled" => "Povoleno",
"Disabled" => "Zakázáno",
"Change Password" => "Změnit heslo",
"Enable password recovery:" => "Povolit obnovu hesla:",
"Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" => "Povolení vám umožní znovu získat přístup k vašim zašifrovaným souborům pokud ztratíte heslo",
"File recovery settings updated" => "Možnosti obnovy souborů aktualizovány",
"Could not update file recovery" => "Nelze aktualizovat obnovu souborů"
);

7
apps/files_encryption/l10n/cy_GB.php
View file

@ -1,7 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Amgryptiad",
"File encryption is enabled." => "Galluogwyd amgryptio ffeiliau.",
"The following file types will not be encrypted:" => "Ni fydd ffeiliau o'r math yma'n cael eu hamgryptio:",
"Exclude the following file types from encryption:" => "Eithrio'r mathau canlynol o ffeiliau rhag cael eu hamgryptio:",
"None" => "Dim"
"Saving..." => "Yn cadw...",
"Encryption" => "Amgryptiad"
);

7
apps/files_encryption/l10n/da.php
View file

@ -1,7 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Kryptering",
"File encryption is enabled." => "Fil kryptering aktiveret.",
"The following file types will not be encrypted:" => "De følgende filtyper vil ikke blive krypteret:",
"Exclude the following file types from encryption:" => "Ekskluder de følgende fil typer fra kryptering:",
"None" => "Ingen"
"Saving..." => "Gemmer...",
"Encryption" => "Kryptering"
);

19
apps/files_encryption/l10n/de.php
View file

@ -1,7 +1,18 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Wiederherstellungsschlüssel wurde erfolgreich aktiviert",
"Could not enable recovery key. Please check your recovery key password!" => "Der Wiederherstellungsschlüssel konnte nicht aktiviert werden. Überprüfen Sie Ihr Wiederherstellungspasswort!",
"Recovery key successfully disabled" => "Wiederherstellungsschlüssel deaktiviert.",
"Could not disable recovery key. Please check your recovery key password!" => "Der Wiederherstellungsschlüssel konnte nicht deaktiviert werden. Überprüfen Sie Ihr Wiederherstellungspasswort!",
"Password successfully changed." => "Dein Passwort wurde geändert.",
"Could not change the password. Maybe the old password was not correct." => "Das Passwort konnte nicht geändert werden. Vielleicht war das alte Passwort falsch.",
"Private key password successfully updated." => "Passwort des privaten Schlüssels erfolgreich aktualisiert",
"Saving..." => "Speichern...",
"personal settings" => "Private Einstellungen",
"Encryption" => "Verschlüsselung",
"File encryption is enabled." => "Dateiverschlüsselung ist aktiviert",
"The following file types will not be encrypted:" => "Die folgenden Dateitypen werden nicht verschlüsselt:",
"Exclude the following file types from encryption:" => "Schließe die folgenden Dateitypen von der Verschlüsselung aus:",
"None" => "Keine"
"Enabled" => "Aktiviert",
"Disabled" => "Deaktiviert",
"Change Password" => "Passwort ändern",
"Old log-in password" => "Altes login Passwort",
"Current log-in password" => "Aktuelles Passwort",
"File recovery settings updated" => "Einstellungen zur Wiederherstellung von Dateien wurden aktualisiert"
);

22
apps/files_encryption/l10n/de_DE.php
View file

@ -1,7 +1,21 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Der Wiederherstellungsschlüssel wurde erfolgreich aktiviert.",
"Could not enable recovery key. Please check your recovery key password!" => "Der Wiederherstellungsschlüssel konnte nicht aktiviert werden. Bitte überprüfen Sie das Passwort für den Wiederherstellungsschlüssel!",
"Recovery key successfully disabled" => "Der Wiederherstellungsschlüssel wurde erfolgreich deaktiviert.",
"Could not disable recovery key. Please check your recovery key password!" => "Der Wiederherstellungsschlüssel konnte nicht deaktiviert werden. Bitte überprüfen Sie das Passwort für den Wiederherstellungsschlüssel!",
"Password successfully changed." => "Das Passwort wurde erfolgreich geändert.",
"Could not change the password. Maybe the old password was not correct." => "Das Passwort konnte nicht geändert werden. Vielleicht war das alte Passwort nicht richtig.",
"Saving..." => "Speichern...",
"Your private key is not valid! Maybe the your password was changed from outside." => "Ihr privater Schlüssel ist ungültig! Vielleicht wurde Ihr Passwort von außerhalb geändert.",
"personal settings" => "Persönliche Einstellungen",
"Encryption" => "Verschlüsselung",
"File encryption is enabled." => "Datei-Verschlüsselung ist aktiviert",
"The following file types will not be encrypted:" => "Die folgenden Dateitypen werden nicht verschlüsselt:",
"Exclude the following file types from encryption:" => "Die folgenden Dateitypen von der Verschlüsselung ausnehmen:",
"None" => "Keine"
"Enabled" => "Aktiviert",
"Disabled" => "Deaktiviert",
"Change Password" => "Passwort ändern",
" If you don't remember your old password you can ask your administrator to recover your files." => "Falls Sie sich nicht an Ihr altes Passwort erinnern können, fragen Sie bitte Ihren Administrator, um Ihre Dateien wiederherzustellen.",
"Old log-in password" => "Altes Login-Passwort",
"Current log-in password" => "Momentanes Login-Passwort",
"Enable password recovery:" => "Passwort-Wiederherstellung aktivieren:",
"File recovery settings updated" => "Die Einstellungen für die Dateiwiederherstellung wurden aktualisiert.",
"Could not update file recovery" => "Die Dateiwiederherstellung konnte nicht aktualisiert werden."
);

11
apps/files_encryption/l10n/el.php
View file

@ -1,7 +1,10 @@
<?php $TRANSLATIONS = array(
"Password successfully changed." => "Ο κωδικός αλλάχτηκε επιτυχώς.",
"Could not change the password. Maybe the old password was not correct." => "Αποτυχία αλλαγής κωδικού ίσως ο παλιός κωδικός να μην ήταν σωστός.",
"Saving..." => "Γίνεται αποθήκευση...",
"Encryption" => "Κρυπτογράφηση",
"File encryption is enabled." => "Η κρυπτογράφηση αρχείων είναι ενεργή.",
"The following file types will not be encrypted:" => "Οι παρακάτω τύποι αρχείων δεν θα κρυπτογραφηθούν:",
"Exclude the following file types from encryption:" => "Εξαίρεση των παρακάτω τύπων αρχείων από την κρυπτογράφηση:",
"None" => "Καμία"
"Enabled" => "Ενεργοποιημένο",
"Disabled" => "Απενεργοποιημένο",
"Change Password" => "Αλλαγή Κωδικού Πρόσβασης",
"File recovery settings updated" => "Οι ρυθμίσεις επαναφοράς αρχείων ανανεώθηκαν"
);

4
apps/files_encryption/l10n/eo.php
View file

@ -1,4 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Ĉifrado",
"None" => "Nenio"
"Saving..." => "Konservante...",
"Encryption" => "Ĉifrado"
);

17
apps/files_encryption/l10n/es.php
View file

@ -1,7 +1,16 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Se ha habilitado la recuperación de archivos",
"Could not enable recovery key. Please check your recovery key password!" => "No se pudo habilitar la clave de recuperación. Por favor compruebe su contraseña.",
"Recovery key successfully disabled" => "Clave de recuperación deshabilitada",
"Could not disable recovery key. Please check your recovery key password!" => "No se pudo deshabilitar la clave de recuperación. Por favor compruebe su contraseña!",
"Password successfully changed." => "Su contraseña ha sido cambiada",
"Could not change the password. Maybe the old password was not correct." => "No se pudo cambiar la contraseña. Compruebe que la contraseña actual sea correcta.",
"Private key password successfully updated." => "Contraseña de clave privada actualizada con éxito.",
"Saving..." => "Guardando...",
"Encryption" => "Cifrado",
"File encryption is enabled." => "La encriptacion de archivo esta activada.",
"The following file types will not be encrypted:" => "Los siguientes tipos de archivo no seran encriptados:",
"Exclude the following file types from encryption:" => "Excluir los siguientes tipos de archivo de la encriptacion:",
"None" => "Ninguno"
"Enabled" => "Habilitar",
"Disabled" => "Deshabilitado",
"Change Password" => "Cambiar contraseña",
"File recovery settings updated" => "Opciones de recuperación de archivos actualizada",
"Could not update file recovery" => "No se pudo actualizar la recuperación de archivos"
);

9
apps/files_encryption/l10n/es_AR.php
View file

@ -1,7 +1,6 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Encriptación",
"File encryption is enabled." => "La encriptación de archivos no está habilitada",
"The following file types will not be encrypted:" => "Los siguientes tipos de archivos no serán encriptados",
"Exclude the following file types from encryption:" => "Excluir los siguientes tipos de archivos de encriptación:",
"None" => "Ninguno"
"Password successfully changed." => "Tu contraseña fue cambiada",
"Could not change the password. Maybe the old password was not correct." => "No se pudo cambiar la contraseña. Comprobá que la contraseña actual sea correcta.",
"Saving..." => "Guardando...",
"Encryption" => "Encriptación"
);

16
apps/files_encryption/l10n/et_EE.php
View file

@ -1,7 +1,15 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Taastevõtme lubamine õnnestus",
"Could not enable recovery key. Please check your recovery key password!" => "Ei suutnud lubada taastevõtit. Palun kontrolli oma taastevõtme parooli!",
"Recovery key successfully disabled" => "Taastevõtme keelamine õnnestus",
"Could not disable recovery key. Please check your recovery key password!" => "Ei suuda keelata taastevõtit. Palun kontrolli oma taastevõtme parooli!",
"Password successfully changed." => "Parool edukalt vahetatud.",
"Could not change the password. Maybe the old password was not correct." => "Ei suutnud vahetada parooli. Võib-olla on vana parool valesti sisestatud.",
"Saving..." => "Salvestamine...",
"Encryption" => "Krüpteerimine",
"File encryption is enabled." => "Faili krüpteerimine on sisse lülitatud.",
"The following file types will not be encrypted:" => "Järgnevaid failitüüpe ei krüpteerita:",
"Exclude the following file types from encryption:" => "Järgnevaid failitüüpe ei krüpteerita:",
"None" => "Pole"
"Enabled" => "Sisse lülitatud",
"Disabled" => "Väljalülitatud",
"Change Password" => "Muuda parooli",
"File recovery settings updated" => "Faili taaste seaded uuendatud",
"Could not update file recovery" => "Ei suuda uuendada taastefaili"
);

7
apps/files_encryption/l10n/eu.php
View file

@ -1,7 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Enkriptazioa",
"File encryption is enabled." => "Fitxategien enkriptazioa gaituta dago.",
"The following file types will not be encrypted:" => "Hurrengo fitxategi motak ez dira enkriptatuko:",
"Exclude the following file types from encryption:" => "Baztertu hurrengo fitxategi motak enkriptatzetik:",
"None" => "Bat ere ez"
"Saving..." => "Gordetzen...",
"Encryption" => "Enkriptazioa"
);

7
apps/files_encryption/l10n/fa.php
View file

@ -1,7 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "رمزگذاری",
"File encryption is enabled." => "رمزنگاری فایلها فعال شد.",
"The following file types will not be encrypted:" => "فایلهای زیر رمزنگاری نخواهند شد:",
"Exclude the following file types from encryption:" => "فایلهای زیر از رمزنگاری نادیده گرفته می شوند:",
"None" => "هیچ‌کدام"
"Saving..." => "در حال ذخیره سازی...",
"Encryption" => "رمزگذاری"
);

10
apps/files_encryption/l10n/fi_FI.php
View file

@ -1,7 +1,9 @@
<?php $TRANSLATIONS = array(
"Password successfully changed." => "Salasana vaihdettiin onnistuneesti.",
"Could not change the password. Maybe the old password was not correct." => "Salasanan vaihto epäonnistui. Kenties vanha salasana oli väärin.",
"Saving..." => "Tallennetaan...",
"Encryption" => "Salaus",
"File encryption is enabled." => "Tiedostojen salaus on käytössä.",
"The following file types will not be encrypted:" => "Seuraavia tiedostotyyppejä ei salata:",
"Exclude the following file types from encryption:" => "Älä salaa seuravia tiedostotyyppejä:",
"None" => "Ei mitään"
"Enabled" => "Käytössä",
"Disabled" => "Ei käytössä",
"Change Password" => "Vaihda salasana"
);

30
apps/files_encryption/l10n/fr.php
View file

@ -1,7 +1,29 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Clé de récupération activée avec succès",
"Could not enable recovery key. Please check your recovery key password!" => "Ne peut pas activer la clé de récupération. s'il vous plait vérifiez votre mot de passe de clé de récupération!",
"Recovery key successfully disabled" => "Clé de récupération désactivée avc succès",
"Could not disable recovery key. Please check your recovery key password!" => "Ne peut pas désactiver la clé de récupération. S'il vous plait vérifiez votre mot de passe de clé de récupération!",
"Password successfully changed." => "Mot de passe changé avec succès ",
"Could not change the password. Maybe the old password was not correct." => "Ne peut pas changer le mot de passe. L'ancien mot de passe est peut-être incorrect.",
"Private key password successfully updated." => "Mot de passe de la clé privé mis à jour avec succès.",
"Could not update the private key password. Maybe the old password was not correct." => "Impossible de mettre à jour le mot de passe de la clé privé. Peut-être que l'ancien mot de passe n'était pas correcte.",
"Your private key is not valid! Maybe your password was changed from outside. You can update your private key password in your personal settings to regain access to your files" => "Votre clef privée est invalide ! Votre mot de passe a peut-être été modifié depuis l'extérieur. Vous pouvez mettre à jour le mot de passe de votre clef privée dans vos paramètres personnels pour récupérer l'accès à vos fichiers",
"Saving..." => "Enregistrement...",
"Your private key is not valid! Maybe the your password was changed from outside." => "Votre clef privée est invalide ! Votre mot de passe a peut-être été modifié depuis l'extérieur.",
"You can unlock your private key in your " => "Vous pouvez déverrouiller votre clé privée dans votre",
"personal settings" => "paramètres personnel",
"Encryption" => "Chiffrement",
"File encryption is enabled." => "Le chiffrement des fichiers est activé",
"The following file types will not be encrypted:" => "Les fichiers de types suivants ne seront pas chiffrés :",
"Exclude the following file types from encryption:" => "Ne pas chiffrer les fichiers dont les types sont les suivants :",
"None" => "Aucun"
"Enabled" => "Activer",
"Disabled" => "Désactiver",
"Change Password" => "Changer de mot de passe",
"Your private key password no longer match your log-in password:" => "Le mot de passe de votre clef privée ne correspond plus à votre mot de passe de connexion :",
"Set your old private key password to your current log-in password." => "Configurez le mot de passe de votre ancienne clef privée avec votre mot de passe courant de connexion. ",
" If you don't remember your old password you can ask your administrator to recover your files." => "Si vous ne vous souvenez plus de votre ancien mot de passe, vous pouvez demander à votre administrateur de récupérer vos fichiers.",
"Old log-in password" => "Ancien mot de passe de connexion",
"Current log-in password" => "Actuel mot de passe de connexion",
"Update Private Key Password" => "Mettre à jour le mot de passe de votre clé privée",
"Enable password recovery:" => "Activer la récupération du mot de passe:",
"Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" => "Activer cette option vous permettra d'obtenir à nouveau l'accès à vos fichiers chiffrés en cas de perte de mot de passe",
"File recovery settings updated" => "Mise à jour des paramètres de récupération de fichiers ",
"Could not update file recovery" => "Ne peut pas remettre à jour les fichiers de récupération"
);

37
apps/files_encryption/l10n/gl.php
View file

@ -1,7 +1,36 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Activada satisfactoriamente a chave de recuperación",
"Could not enable recovery key. Please check your recovery key password!" => "Non foi posíbel activar a chave de recuperación. Comprobe o contrasinal da chave de recuperación!",
"Recovery key successfully disabled" => "Desactivada satisfactoriamente a chave de recuperación",
"Could not disable recovery key. Please check your recovery key password!" => "Non foi posíbel desactivar a chave de recuperación. Comprobe o contrasinal da chave de recuperación!",
"Password successfully changed." => "O contrasinal foi cambiado satisfactoriamente",
"Could not change the password. Maybe the old password was not correct." => "Non foi posíbel cambiar o contrasinal. Probabelmente o contrasinal antigo non é o correcto.",
"Private key password successfully updated." => "A chave privada foi actualizada correctamente.",
"Could not update the private key password. Maybe the old password was not correct." => "Non foi posíbel actualizar o contrasinal da chave privada. É probábel que o contrasinal antigo non sexa correcto.",
"Your private key is not valid! Maybe your password was changed from outside. You can update your private key password in your personal settings to regain access to your files" => "A chave privada non é correcta! É probábel que o seu contrasinal teña sido cambiado desde o exterior. Vostede pode actualizar o contrasinal da súa chave privada nos seus axustes persoais para recuperar o acceso aos seus ficheiros",
"PHP module OpenSSL is not installed." => "O módulo PHP OpenSSL non está instalado.",
"Please ask your server administrator to install the module. For now the encryption app was disabled." => "Pregúntelle ao administrador do servidor pola instalación do módulo. Polo de agora o aplicativo de cifrado foi desactivado.",
"Saving..." => "Gardando...",
"Your private key is not valid! Maybe the your password was changed from outside." => "A chave privada non é correcta! É probábel que o seu contrasinal teña sido cambiado desde o exterior. ",
"You can unlock your private key in your " => "Pode desbloquear a chave privada nos seus",
"personal settings" => "axustes persoais",
"Encryption" => "Cifrado",
"File encryption is enabled." => "O cifrado de ficheiros está activado",
"The following file types will not be encrypted:" => "Os seguintes tipos de ficheiros non van seren cifrados:",
"Exclude the following file types from encryption:" => "Excluír os seguintes tipos de ficheiros do cifrado:",
"None" => "Ningún"
"Enable recovery key (allow to recover users files in case of password loss):" => "Activar a chave de recuperación (permitirá recuperar os ficheiros dos usuarios no caso de perda do contrasinal):",
"Recovery key password" => "Contrasinal da chave de recuperación",
"Enabled" => "Activado",
"Disabled" => "Desactivado",
"Change recovery key password:" => "Cambiar o contrasinal da chave de la recuperación:",
"Old Recovery key password" => "Antigo contrasinal da chave de recuperación",
"New Recovery key password" => "Novo contrasinal da chave de recuperación",
"Change Password" => "Cambiar o contrasinal",
"Your private key password no longer match your log-in password:" => "O seu contrasinal da chave privada non coincide co seu contrasinal de acceso.",
"Set your old private key password to your current log-in password." => "Estabeleza o seu contrasinal antigo da chave de recuperación ao seu contrasinal de acceso actual",
" If you don't remember your old password you can ask your administrator to recover your files." => " Se non lembra o seu antigo contrasinal pode pedírllelo ao seu administrador para recuperar os seus ficheiros.",
"Old log-in password" => "Contrasinal de acceso antigo",
"Current log-in password" => "Contrasinal de acceso actual",
"Update Private Key Password" => "Actualizar o contrasinal da chave privada",
"Enable password recovery:" => "Activar o contrasinal de recuperación:",
"Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" => "Ao activar esta opción permitiráselle volver a obter acceso aos ficheiros cifrados no caso de perda do contrasinal",
"File recovery settings updated" => "Actualizouse o ficheiro de axustes de recuperación",
"Could not update file recovery" => "Non foi posíbel actualizar o ficheiro de recuperación"
);

4
apps/files_encryption/l10n/he.php
View file

@ -1,4 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "הצפנה",
"None" => "כלום"
"Saving..." => "שמירה…",
"Encryption" => "הצפנה"
);

3
apps/files_encryption/l10n/hr.php Normal file
View file

@ -0,0 +1,3 @@
<?php $TRANSLATIONS = array(
"Saving..." => "Spremanje..."
);

7
apps/files_encryption/l10n/hu_HU.php
View file

@ -1,7 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Titkosítás",
"File encryption is enabled." => "Az állományok titkosítása be van kapcsolva.",
"The following file types will not be encrypted:" => "A következő fájltípusok nem kerülnek titkosításra:",
"Exclude the following file types from encryption:" => "Zárjuk ki a titkosításból a következő fájltípusokat:",
"None" => "Egyik sem"
"Saving..." => "Mentés...",
"Encryption" => "Titkosítás"
);

7
apps/files_encryption/l10n/id.php
View file

@ -1,7 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Enkripsi",
"File encryption is enabled." => "Enkripsi berkas aktif.",
"The following file types will not be encrypted:" => "Tipe berkas berikut tidak akan dienkripsi:",
"Exclude the following file types from encryption:" => "Kecualikan tipe berkas berikut dari enkripsi:",
"None" => "Tidak ada"
"Saving..." => "Menyimpan...",
"Encryption" => "Enkripsi"
);

4
apps/files_encryption/l10n/is.php
View file

@ -1,4 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Dulkóðun",
"None" => "Ekkert"
"Saving..." => "Er að vista ...",
"Encryption" => "Dulkóðun"
);

37
apps/files_encryption/l10n/it.php
View file

@ -1,7 +1,36 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Chiave di ripristino abilitata correttamente",
"Could not enable recovery key. Please check your recovery key password!" => "Impossibile abilitare la chiave di ripristino. Verifica la password della chiave di ripristino.",
"Recovery key successfully disabled" => "Chiave di ripristinata disabilitata correttamente",
"Could not disable recovery key. Please check your recovery key password!" => "Impossibile disabilitare la chiave di ripristino. Verifica la password della chiave di ripristino.",
"Password successfully changed." => "Password modificata correttamente.",
"Could not change the password. Maybe the old password was not correct." => "Impossibile cambiare la password. Forse la vecchia password non era corretta.",
"Private key password successfully updated." => "Password della chiave privata aggiornata correttamente.",
"Could not update the private key password. Maybe the old password was not correct." => "Impossibile aggiornare la password della chiave privata. Forse la vecchia password non era corretta.",
"Your private key is not valid! Maybe your password was changed from outside. You can update your private key password in your personal settings to regain access to your files" => "La chiave privata non è valida! Forse la password è stata cambiata dall'esterno. Puoi aggiornare la password della chiave privata nelle impostazioni personali per ottenere nuovamente l'accesso ai file.",
"PHP module OpenSSL is not installed." => "Il modulo PHP OpenSSL non è installato.",
"Please ask your server administrator to install the module. For now the encryption app was disabled." => "Chiedi all'amministratore del server di installare il modulo. Per ora la crittografia è disabilitata.",
"Saving..." => "Salvataggio in corso...",
"Your private key is not valid! Maybe the your password was changed from outside." => "La tua chiave privata non è valida! Forse è stata modifica dall'esterno.",
"You can unlock your private key in your " => "Puoi sbloccare la chiave privata nelle tue",
"personal settings" => "impostazioni personali",
"Encryption" => "Cifratura",
"File encryption is enabled." => "La cifratura dei file è abilitata.",
"The following file types will not be encrypted:" => "I seguenti tipi di file non saranno cifrati:",
"Exclude the following file types from encryption:" => "Escludi i seguenti tipi di file dalla cifratura:",
"None" => "Nessuna"
"Enable recovery key (allow to recover users files in case of password loss):" => "Abilita la chiave di recupero (permette di recuperare i file utenti in caso di perdita della password):",
"Recovery key password" => "Password della chiave di recupero",
"Enabled" => "Abilitata",
"Disabled" => "Disabilitata",
"Change recovery key password:" => "Cambia la password della chiave di recupero:",
"Old Recovery key password" => "Vecchia password della chiave di recupero",
"New Recovery key password" => "Nuova password della chiave di recupero",
"Change Password" => "Modifica password",
"Your private key password no longer match your log-in password:" => "La password della chiave privata non corrisponde più alla password di accesso:",
"Set your old private key password to your current log-in password." => "Imposta la vecchia password della chiave privata sull'attuale password di accesso.",
" If you don't remember your old password you can ask your administrator to recover your files." => "Se non ricordi la vecchia password puoi chiedere al tuo amministratore di recuperare i file.",
"Old log-in password" => "Vecchia password di accesso",
"Current log-in password" => "Password di accesso attuale",
"Update Private Key Password" => "Aggiorna la password della chiave privata",
"Enable password recovery:" => "Abilita il ripristino della password:",
"Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" => "L'abilitazione di questa opzione ti consentirà di accedere nuovamente ai file cifrati in caso di perdita della password",
"File recovery settings updated" => "Impostazioni di ripristino dei file aggiornate",
"Could not update file recovery" => "Impossibile aggiornare il ripristino dei file"
);

37
apps/files_encryption/l10n/ja_JP.php
View file

@ -1,7 +1,36 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "リカバリ用のキーは正常に有効化されました",
"Could not enable recovery key. Please check your recovery key password!" => "リカバリ用のキーを有効にできませんでした。リカバリ用のキーのパスワードを確認して下さい!",
"Recovery key successfully disabled" => "リカバリ用のキーを正常に無効化しました",
"Could not disable recovery key. Please check your recovery key password!" => "リカバリ用のキーを無効化できませんでした。リカバリ用のキーのパスワードを確認して下さい!",
"Password successfully changed." => "パスワードを変更できました。",
"Could not change the password. Maybe the old password was not correct." => "パスワードを変更できませんでした。古いパスワードが間違っているかもしれません。",
"Private key password successfully updated." => "秘密鍵のパスワードが正常に更新されました。",
"Could not update the private key password. Maybe the old password was not correct." => "秘密鍵のパスワードを更新できませんでした。古いパスワードが正確でない場合があります。",
"Your private key is not valid! Maybe your password was changed from outside. You can update your private key password in your personal settings to regain access to your files" => "秘密鍵が有効ではありません。パスワードが外部から変更された恐れがあります。。個人設定で秘密鍵のパスワードを更新して、ファイルへのアクセス権を奪還できます。",
"PHP module OpenSSL is not installed." => "PHPのモジュール OpenSSLがインストールされていません。",
"Please ask your server administrator to install the module. For now the encryption app was disabled." => "サーバーの管理者にモジュールのインストールを頼んでください。さしあたり暗号化アプリは無効化されました。",
"Saving..." => "保存中...",
"Your private key is not valid! Maybe the your password was changed from outside." => "秘密鍵が有効ではありません。パスワードが外部から変更された恐れがあります。",
"You can unlock your private key in your " => "個人設定で",
"personal settings" => "秘密鍵をアンロックできます",
"Encryption" => "暗号化",
"File encryption is enabled." => "ファイルの暗号化は有効です。",
"The following file types will not be encrypted:" => "次のファイルタイプは暗号化されません:",
"Exclude the following file types from encryption:" => "次のファイルタイプを暗号化から除外:",
"None" => "なし"
"Enable recovery key (allow to recover users files in case of password loss):" => "復旧キーを有効化 (万一パスワードを亡くした場合もユーザーのファイルを回復できる):",
"Recovery key password" => "復旧キーのパスワード",
"Enabled" => "有効",
"Disabled" => "無効",
"Change recovery key password:" => "復旧キーのパスワードを変更:",
"Old Recovery key password" => "古い復旧キーのパスワード",
"New Recovery key password" => "新しい復旧キーのパスワード",
"Change Password" => "パスワードを変更",
"Your private key password no longer match your log-in password:" => "もはや秘密鍵はログインパスワードと一致しません:",
"Set your old private key password to your current log-in password." => "古い秘密鍵のパスワードを現在のログインパスワードに設定する。",
" If you don't remember your old password you can ask your administrator to recover your files." => "古いパスワードを覚えていない場合、管理者に尋ねてファイルを回復することができます。",
"Old log-in password" => "古いログインパスワード",
"Current log-in password" => "現在のログインパスワード",
"Update Private Key Password" => "秘密鍵のパスワードを更新",
"Enable password recovery:" => "パスワード復旧を有効化:",
"Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" => "このオプションを有効にすると、パスワードを紛失した場合も、暗号化されたファイルに再度アクセスすることができるようになります。",
"File recovery settings updated" => "ファイル復旧設定が更新されました",
"Could not update file recovery" => "ファイル復旧を更新できませんでした"
);

7
apps/files_encryption/l10n/ka_GE.php
View file

@ -1,7 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "ენკრიპცია",
"File encryption is enabled." => "ფაილის ენკრიპცია ჩართულია.",
"The following file types will not be encrypted:" => "შემდეგი ფაილური ტიპების ენკრიპცია არ მოხდება:",
"Exclude the following file types from encryption:" => "ამოიღე შემდეგი ფაილის ტიპები ენკრიპციიდან:",
"None" => "არა"
"Saving..." => "შენახვა...",
"Encryption" => "ენკრიპცია"
);

4
apps/files_encryption/l10n/ko.php
View file

@ -1,4 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "암호화",
"None" => "없음"
"Saving..." => "저장 중...",
"Encryption" => "암호화"
);

4
apps/files_encryption/l10n/ku_IQ.php
View file

@ -1,4 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "نهێنیکردن",
"None" => "هیچ"
"Saving..." => "پاشکه‌وتده‌کات...",
"Encryption" => "نهێنیکردن"
);

3
apps/files_encryption/l10n/lb.php Normal file
View file

@ -0,0 +1,3 @@
<?php $TRANSLATIONS = array(
"Saving..." => "Speicheren..."
);

13
apps/files_encryption/l10n/lt_LT.php
View file

@ -1,4 +1,15 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Atkūrimo raktas sėkmingai įjungtas",
"Could not enable recovery key. Please check your recovery key password!" => "Neišėjo įjungti jūsų atkūrimo rakto. Prašome jį patikrinti!",
"Recovery key successfully disabled" => "Atkūrimo raktas sėkmingai išjungtas",
"Could not disable recovery key. Please check your recovery key password!" => "Neišėjo išjungti jūsų atkūrimo rakto. Prašome jį patikrinti!",
"Password successfully changed." => "Slaptažodis sėkmingai pakeistas",
"Could not change the password. Maybe the old password was not correct." => "Slaptažodis nebuvo pakeistas. Gali būti, kad buvo neteisingai suvestas senasis.",
"Saving..." => "Saugoma...",
"Encryption" => "Šifravimas",
"None" => "Nieko"
"Enabled" => "Įjungta",
"Disabled" => "Išjungta",
"Change Password" => "Pakeisti slaptažodį",
"File recovery settings updated" => "Failų atstatymo nustatymai pakeisti",
"Could not update file recovery" => "Neišėjo atnaujinti failų atkūrimo"
);

7
apps/files_encryption/l10n/lv.php
View file

@ -1,7 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Šifrēšana",
"File encryption is enabled." => "Datņu šifrēšana ir aktivēta.",
"The following file types will not be encrypted:" => "Sekojošās datnes netiks šifrētas:",
"Exclude the following file types from encryption:" => "Sekojošos datņu tipus izslēgt no šifrēšanas:",
"None" => "Nav"
"Saving..." => "Saglabā...",
"Encryption" => "Šifrēšana"
);

4
apps/files_encryption/l10n/mk.php
View file

@ -1,4 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Енкрипција",
"None" => "Ништо"
"Saving..." => "Снимам...",
"Encryption" => "Енкрипција"
);

3
apps/files_encryption/l10n/ms_MY.php Normal file
View file

@ -0,0 +1,3 @@
<?php $TRANSLATIONS = array(
"Saving..." => "Simpan..."
);

7
apps/files_encryption/l10n/nb_NO.php
View file

@ -1,7 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Kryptering",
"File encryption is enabled." => "Fil-kryptering er aktivert.",
"The following file types will not be encrypted:" => "Følgende filtyper vil ikke bli kryptert:",
"Exclude the following file types from encryption:" => "Ekskluder følgende filtyper fra kryptering:",
"None" => "Ingen"
"Saving..." => "Lagrer...",
"Encryption" => "Kryptering"
);

25
apps/files_encryption/l10n/nl.php
View file

@ -1,7 +1,24 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Herstelsleutel succesvol geactiveerd",
"Could not enable recovery key. Please check your recovery key password!" => "Kon herstelsleutel niet activeren. Controleer het wachtwoord van uw herstelsleutel!",
"Recovery key successfully disabled" => "Herstelsleutel succesvol gedeactiveerd",
"Could not disable recovery key. Please check your recovery key password!" => "Kon herstelsleutel niet deactiveren. Controleer het wachtwoord van uw herstelsleutel!",
"Password successfully changed." => "Wachtwoord succesvol gewijzigd.",
"Could not change the password. Maybe the old password was not correct." => "Kon wachtwoord niet wijzigen. Wellicht oude wachtwoord niet juist ingevoerd.",
"Saving..." => "Opslaan",
"Your private key is not valid! Maybe the your password was changed from outside." => "Uw privésleutel is niet geldig. Misschien was uw wachtwoord van buitenaf gewijzigd.",
"You can unlock your private key in your " => "U kunt uw privésleutel deblokkeren in uw",
"personal settings" => "persoonlijke instellingen",
"Encryption" => "Versleuteling",
"File encryption is enabled." => "Bestandsversleuteling geactiveerd.",
"The following file types will not be encrypted:" => "De volgende bestandstypen zullen niet worden versleuteld:",
"Exclude the following file types from encryption:" => "Sluit de volgende bestandstypen uit van versleuteling:",
"None" => "Geen"
"Enabled" => "Geactiveerd",
"Disabled" => "Gedeactiveerd",
"Change Password" => "Wijzigen wachtwoord",
" If you don't remember your old password you can ask your administrator to recover your files." => "Als u uw oude wachtwoord niet meer weet, kunt u uw beheerder vragen uw bestanden terug te halen.",
"Old log-in password" => "Oude wachtwoord",
"Current log-in password" => "Huidige wachtwoord",
"Update Private Key Password" => "Bijwerken wachtwoord Privésleutel",
"Enable password recovery:" => "Activeren wachtwoord herstel:",
"Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" => "Het activeren van deze optie maakt het mogelijk om uw versleutelde bestanden te benaderen als uw wachtwoord kwijt is",
"File recovery settings updated" => "Bestandsherstel instellingen bijgewerkt",
"Could not update file recovery" => "Kon bestandsherstel niet bijwerken"
);

3
apps/files_encryption/l10n/nn_NO.php Normal file
View file

@ -0,0 +1,3 @@
<?php $TRANSLATIONS = array(
"Saving..." => "Lagrar …"
);

3
apps/files_encryption/l10n/oc.php Normal file
View file

@ -0,0 +1,3 @@
<?php $TRANSLATIONS = array(
"Saving..." => "Enregistra..."
);

30
apps/files_encryption/l10n/pl.php
View file

@ -1,7 +1,29 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Klucz odzyskiwania włączony",
"Could not enable recovery key. Please check your recovery key password!" => "Nie można włączyć klucza odzyskiwania. Proszę sprawdzić swoje hasło odzyskiwania!",
"Recovery key successfully disabled" => "Klucz odzyskiwania wyłączony",
"Could not disable recovery key. Please check your recovery key password!" => "Nie można wyłączyć klucza odzyskiwania. Proszę sprawdzić swoje hasło odzyskiwania!",
"Password successfully changed." => "Zmiana hasła udana.",
"Could not change the password. Maybe the old password was not correct." => "Nie można zmienić hasła. Może stare hasło nie było poprawne.",
"Private key password successfully updated." => "Pomyślnie zaktualizowano hasło klucza prywatnego.",
"Could not update the private key password. Maybe the old password was not correct." => "Nie można zmienić prywatnego hasła. Może stare hasło nie było poprawne.",
"Your private key is not valid! Maybe your password was changed from outside. You can update your private key password in your personal settings to regain access to your files" => "Klucz prywatny nie jest poprawny! Może Twoje hasło zostało zmienione z zewnątrz. Można zaktualizować hasło klucza prywatnego w ustawieniach osobistych w celu odzyskania dostępu do plików",
"Saving..." => "Zapisywanie...",
"Your private key is not valid! Maybe the your password was changed from outside." => "Klucz prywatny nie jest poprawny! Może Twoje hasło zostało zmienione z zewnątrz.",
"You can unlock your private key in your " => "Możesz odblokować swój klucz prywatny w swojej",
"personal settings" => "Ustawienia osobiste",
"Encryption" => "Szyfrowanie",
"File encryption is enabled." => "Szyfrowanie plików jest włączone",
"The following file types will not be encrypted:" => "Poniższe typy plików nie będą szyfrowane:",
"Exclude the following file types from encryption:" => "Wyłącz poniższe typy plików z szyfrowania:",
"None" => "Brak"
"Enabled" => "Włączone",
"Disabled" => "Wyłączone",
"Change Password" => "Zmień hasło",
"Your private key password no longer match your log-in password:" => "Hasło klucza prywatnego nie pasuje do hasła logowania:",
"Set your old private key password to your current log-in password." => "Podaj swoje stare prywatne hasło aby ustawić nowe",
" If you don't remember your old password you can ask your administrator to recover your files." => "Jeśli nie pamiętasz swojego starego hasła, poproś swojego administratora, aby odzyskać pliki.",
"Old log-in password" => "Stare hasło logowania",
"Current log-in password" => "Bieżące hasło logowania",
"Update Private Key Password" => "Aktualizacja hasła klucza prywatnego",
"Enable password recovery:" => "Włącz hasło odzyskiwania:",
"Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" => "Włączenie tej opcji umożliwia otrzymać dostęp do zaszyfrowanych plików w przypadku utraty hasła",
"File recovery settings updated" => "Ustawienia odzyskiwania plików zmienione",
"Could not update file recovery" => "Nie można zmienić pliku odzyskiwania"
);

30
apps/files_encryption/l10n/pt_BR.php
View file

@ -1,7 +1,29 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Recuperação de chave habilitada com sucesso",
"Could not enable recovery key. Please check your recovery key password!" => "Impossível habilitar recuperação de chave. Por favor verifique sua senha para recuperação de chave!",
"Recovery key successfully disabled" => "Recuperação de chave desabilitada com sucesso",
"Could not disable recovery key. Please check your recovery key password!" => "Impossível desabilitar recuperação de chave. Por favor verifique sua senha para recuperação de chave!",
"Password successfully changed." => "Senha alterada com sucesso.",
"Could not change the password. Maybe the old password was not correct." => "Não foi possível alterar a senha. Talvez a senha antiga não estava correta.",
"Private key password successfully updated." => "Senha de chave privada atualizada com sucesso.",
"Could not update the private key password. Maybe the old password was not correct." => "Não foi possível atualizar a senha de chave privada. Talvez a senha antiga esteja incorreta.",
"Your private key is not valid! Maybe your password was changed from outside. You can update your private key password in your personal settings to regain access to your files" => "Sua chave privada não é válida! Talvez sua senha tenha sido mudada. Você pode atualizar sua senha de chave privada nas suas configurações pessoais para obter novamente acesso aos seus arquivos.",
"Saving..." => "Salvando...",
"Your private key is not valid! Maybe the your password was changed from outside." => "Sua chave privada não é válida! Talvez sua senha tenha sido mudada.",
"You can unlock your private key in your " => "Você pode desbloquear sua chave privada nas suas",
"personal settings" => "configurações pessoais.",
"Encryption" => "Criptografia",
"File encryption is enabled." => "A criptografia de arquivos está ativada.",
"The following file types will not be encrypted:" => "Os seguintes tipos de arquivo não serão criptografados:",
"Exclude the following file types from encryption:" => "Excluir os seguintes tipos de arquivo da criptografia:",
"None" => "Nenhuma"
"Enabled" => "Habilidado",
"Disabled" => "Desabilitado",
"Change Password" => "Trocar Senha",
"Your private key password no longer match your log-in password:" => "Sua senha de chave privada não coincide mais com sua senha de login:",
"Set your old private key password to your current log-in password." => "Configure sua antiga senha de chave privada para sua atual senha de login.",
" If you don't remember your old password you can ask your administrator to recover your files." => "Se você não se lembra de sua antiga senha você pode pedir ao administrador que recupere seus arquivos.",
"Old log-in password" => "Senha antiga de login",
"Current log-in password" => "Atual senha de login",
"Update Private Key Password" => "Atualizar senha de chave privada",
"Enable password recovery:" => "Habilitar recuperação de senha:",
"Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" => "Habilitar essa opção vai permitir que você obtenha novamente acesso aos seus arquivos encriptados em caso de perda de senha",
"File recovery settings updated" => "Configurações de recuperação de arquivo atualizado",
"Could not update file recovery" => "Não foi possível atualizar a recuperação de arquivos"
);

16
apps/files_encryption/l10n/pt_PT.php
View file

@ -1,7 +1,15 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Chave de recuperação activada com sucesso",
"Could not enable recovery key. Please check your recovery key password!" => "Não foi possível activar a chave de recuperação. Por favor verifique a password da chave de recuperação!",
"Recovery key successfully disabled" => "Chave de recuperação descativada com sucesso",
"Could not disable recovery key. Please check your recovery key password!" => "Não foi possível desactivar a chave de recuperação. Por favor verifique a password da chave de recuperação.",
"Password successfully changed." => "Password alterada com sucesso.",
"Could not change the password. Maybe the old password was not correct." => "Não foi possivel alterar a password. Possivelmente a password antiga não está correcta.",
"Saving..." => "A guardar...",
"Encryption" => "Encriptação",
"File encryption is enabled." => "A encriptação de ficheiros está ligada",
"The following file types will not be encrypted:" => "Os seguintes ficheiros não serão encriptados:",
"Exclude the following file types from encryption:" => "Excluir da encriptação os seguintes tipos de ficheiro:",
"None" => "Nenhum"
"Enabled" => "Activado",
"Disabled" => "Desactivado",
"Change Password" => "Mudar a Password",
"File recovery settings updated" => "Actualizadas as definições de recuperação de ficheiros",
"Could not update file recovery" => "Não foi possível actualizar a recuperação de ficheiros"
);

4
apps/files_encryption/l10n/ro.php
View file

@ -1,4 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Încriptare",
"None" => "Niciuna"
"Saving..." => "Se salvează...",
"Encryption" => "Încriptare"
);

17
apps/files_encryption/l10n/ru.php
View file

@ -1,7 +1,16 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Ключ восстановления успешно установлен",
"Recovery key successfully disabled" => "Ключ восстановления успешно отключен",
"Password successfully changed." => "Пароль изменен удачно.",
"Could not change the password. Maybe the old password was not correct." => "Невозможно изменить пароль. Возможно старый пароль не был верен.",
"Saving..." => "Сохранение...",
"personal settings" => "персональные настройки",
"Encryption" => "Шифрование",
"File encryption is enabled." => "Шифрование файла включено.",
"The following file types will not be encrypted:" => "Следующие типы файлов не будут зашифрованы:",
"Exclude the following file types from encryption:" => "Исключить следующие типы файлов из шифрованных:",
"None" => "Ничего"
"Enabled" => "Включено",
"Disabled" => "Отключено",
"Change Password" => "Изменить пароль",
" If you don't remember your old password you can ask your administrator to recover your files." => "Если вы не помните свой старый пароль, вы можете попросить своего администратора восстановить ваши файлы",
"Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" => "Включение этой опции позволит вам получить доступ к своим зашифрованным файлам в случае утери пароля",
"File recovery settings updated" => "Настройки файла восстановления обновлены",
"Could not update file recovery" => "Невозможно обновить файл восстановления"
);

3
apps/files_encryption/l10n/ru_RU.php
View file

@ -1,4 +1,3 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Шифрование",
"None" => "Ни один"
"Saving..." => "Сохранение"
);

4
apps/files_encryption/l10n/si_LK.php
View file

@ -1,4 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "ගුප්ත කේතනය",
"None" => "කිසිවක් නැත"
"Saving..." => "සුරැකෙමින් පවතී...",
"Encryption" => "ගුප්ත කේතනය"
);

29
apps/files_encryption/l10n/sk_SK.php
View file

@ -1,7 +1,28 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Záchranný kľúč bol úspešne povolený",
"Could not enable recovery key. Please check your recovery key password!" => "Nepodarilo sa povoliť záchranný kľúč. Skontrolujte prosím Vaše heslo záchranného kľúča!",
"Recovery key successfully disabled" => "Záchranný kľúč bol úspešne zakázaný",
"Could not disable recovery key. Please check your recovery key password!" => "Nepodarilo sa zakázať záchranný kľúč. Skontrolujte prosím Vaše heslo záchranného kľúča!",
"Password successfully changed." => "Heslo úspešne zmenené.",
"Could not change the password. Maybe the old password was not correct." => "Nemožno zmeniť heslo. Pravdepodobne nebolo staré heslo zadané správne.",
"Private key password successfully updated." => "Heslo súkromného kľúča je úspešne aktualizované.",
"Could not update the private key password. Maybe the old password was not correct." => "Nemožno aktualizovať heslo súkromného kľúča. Možno nebolo staré heslo správne.",
"Your private key is not valid! Maybe your password was changed from outside. You can update your private key password in your personal settings to regain access to your files" => "Váš súkromný kľúč je neplatný. Možno bolo Vaše heslo zmenené z vonku. Môžete aktualizovať heslo súkromného kľúča v osobnom nastavení na opätovné získanie prístupu k súborom",
"Saving..." => "Ukladám...",
"Your private key is not valid! Maybe the your password was changed from outside." => "Váš súkromný kľúč je neplatný. Možno bolo Vaše heslo zmenené z vonku.",
"personal settings" => "osobné nastavenia",
"Encryption" => "Šifrovanie",
"File encryption is enabled." => "Šifrovanie súborov nastavené.",
"The following file types will not be encrypted:" => "Uvedené typy súborov nebudú šifrované:",
"Exclude the following file types from encryption:" => "Nešifrovať uvedené typy súborov",
"None" => "Žiadne"
"Enabled" => "Povolené",
"Disabled" => "Zakázané",
"Change Password" => "Zmeniť heslo",
"Your private key password no longer match your log-in password:" => "Vaše heslo súkromného kľúča je rovnaké ako Vaše prihlasovacie heslo:",
"Set your old private key password to your current log-in password." => "Nastavte si staré heslo súkromného kľúča k Vášmu súčasnému prihlasovaciemu heslu.",
" If you don't remember your old password you can ask your administrator to recover your files." => "Ak si nepamätáte svoje staré heslo, môžete požiadať správcu o obnovenie svojich súborov.",
"Old log-in password" => "Staré prihlasovacie heslo",
"Current log-in password" => "Súčasné prihlasovacie heslo",
"Update Private Key Password" => "Aktualizovať heslo súkromného kľúča",
"Enable password recovery:" => "Povoliť obnovu hesla:",
"Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" => "Povolenie Vám umožní znovu získať prístup k Vašim zašifrovaným súborom, ak stratíte heslo",
"File recovery settings updated" => "Nastavenie obnovy súborov aktualizované",
"Could not update file recovery" => "Nemožno aktualizovať obnovenie súborov"
);

7
apps/files_encryption/l10n/sl.php
View file

@ -1,7 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Šifriranje",
"File encryption is enabled." => "Šifriranje datotek je omogočeno.",
"The following file types will not be encrypted:" => "Navedene vrste datotek ne bodo šifrirane:",
"Exclude the following file types from encryption:" => "Ne šifriraj navedenih vrst datotek:",
"None" => "Brez"
"Saving..." => "Poteka shranjevanje ...",
"Encryption" => "Šifriranje"
);

4
apps/files_encryption/l10n/sr.php
View file

@ -1,4 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Шифровање",
"None" => "Ништа"
"Saving..." => "Чување у току...",
"Encryption" => "Шифровање"
);

30
apps/files_encryption/l10n/sv.php
View file

@ -1,7 +1,29 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Återställningsnyckeln har framgångsrikt aktiverats",
"Could not enable recovery key. Please check your recovery key password!" => "Kunde inte aktivera återställningsnyckeln. Vänligen kontrollera ditt lösenord för återställningsnyckeln!",
"Recovery key successfully disabled" => "Återställningsnyckeln har framgångsrikt inaktiverats",
"Could not disable recovery key. Please check your recovery key password!" => "Kunde inte inaktivera återställningsnyckeln. Vänligen kontrollera ditt lösenord för återställningsnyckeln!",
"Password successfully changed." => "Ändringen av lösenordet lyckades.",
"Could not change the password. Maybe the old password was not correct." => "Kunde inte ändra lösenordet. Kanske det gamla lösenordet inte var rätt.",
"Private key password successfully updated." => "Den privata lösenordsnyckeln uppdaterades utan problem.",
"Could not update the private key password. Maybe the old password was not correct." => "Kunde inte uppdatera den privata lösenordsnyckeln. Kanske var det gamla lösenordet fel.",
"Your private key is not valid! Maybe your password was changed from outside. You can update your private key password in your personal settings to regain access to your files" => "Din privata lösenordsnyckel är inte giltig! Kanske byttes ditt lösenord från utsidan. Du kan uppdatera din privata lösenordsnyckel under dina personliga inställningar för att återfå tillgång till dina filer",
"Saving..." => "Sparar...",
"Your private key is not valid! Maybe the your password was changed from outside." => "Din privata lösenordsnyckel är inte giltig! Kanske byttes ditt lösenord från utsidan.",
"You can unlock your private key in your " => "Du kan låsa upp din privata nyckel i dina",
"personal settings" => "personliga inställningar",
"Encryption" => "Kryptering",
"File encryption is enabled." => "Filkryptering är aktiverat.",
"The following file types will not be encrypted:" => "Följande filtyper kommer inte att krypteras:",
"Exclude the following file types from encryption:" => "Exkludera följande filtyper från kryptering:",
"None" => "Ingen"
"Enabled" => "Aktiverad",
"Disabled" => "Inaktiverad",
"Change Password" => "Byt lösenord",
"Your private key password no longer match your log-in password:" => "Din privata lösenordsnyckel stämmer inte längre överrens med ditt inloggningslösenord:",
"Set your old private key password to your current log-in password." => "Ställ in din gamla privata lösenordsnyckel till ditt aktuella inloggningslösenord.",
" If you don't remember your old password you can ask your administrator to recover your files." => "Om du inte kommer ihåg ditt gamla lösenord kan du be din administratör att återställa dina filer.",
"Old log-in password" => "Gammalt inloggningslösenord",
"Current log-in password" => "Nuvarande inloggningslösenord",
"Update Private Key Password" => "Uppdatera den privata lösenordsnyckeln",
"Enable password recovery:" => "Aktivera lösenordsåterställning",
"Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" => "Genom att aktivera detta alternativ kommer du kunna återfå tillgång till dina krypterade filer om du skulle förlora/glömma ditt lösenord",
"File recovery settings updated" => "Inställningarna för filåterställning har uppdaterats",
"Could not update file recovery" => "Kunde inte uppdatera filåterställning"
);

4
apps/files_encryption/l10n/ta_LK.php
View file

@ -1,4 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "மறைக்குறியீடு",
"None" => "ஒன்றுமில்லை"
"Saving..." => "சேமிக்கப்படுகிறது...",
"Encryption" => "மறைக்குறியீடு"
);

4
apps/files_encryption/l10n/th_TH.php
View file

@ -1,4 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "การเข้ารหัส",
"None" => "ไม่ต้อง"
"Saving..." => "กำลังบันทึกข้อมูล...",
"Encryption" => "การเข้ารหัส"
);

16
apps/files_encryption/l10n/tr.php
View file

@ -1,7 +1,15 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "Kurtarma anahtarı başarıyla etkinleştirildi",
"Could not enable recovery key. Please check your recovery key password!" => "Kurtarma anahtarı etkinleştirilemedi. Lütfen kurtarma anahtarı parolanızı kontrol edin!",
"Recovery key successfully disabled" => "Kurtarma anahtarı başarıyla devre dışı bırakıldı",
"Could not disable recovery key. Please check your recovery key password!" => "Kurtarma anahtarı devre dışı bırakılamadı. Lütfen kurtarma anahtarı parolanızı kontrol edin!",
"Password successfully changed." => "Şifreniz başarıyla değiştirildi.",
"Could not change the password. Maybe the old password was not correct." => "Parola değiştirilemedi. Eski parolanız doğru olmayabilir",
"Saving..." => "Kaydediliyor...",
"Encryption" => "Şifreleme",
"File encryption is enabled." => "Dosya şifreleme aktif.",
"The following file types will not be encrypted:" => "Belirtilen dosya tipleri şifrelenmeyecek:",
"Exclude the following file types from encryption:" => "Seçilen dosya tiplerini şifreleme:",
"None" => "Hiçbiri"
"Enabled" => "Etkinleştirildi",
"Disabled" => "Devre dışı",
"Change Password" => "Parola değiştir",
"File recovery settings updated" => "Dosya kurtarma ayarları güncellendi",
"Could not update file recovery" => "Dosya kurtarma güncellenemedi"
);

7
apps/files_encryption/l10n/ug.php
View file

@ -1,7 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "شىفىرلاش",
"File encryption is enabled." => "ھۆججەت شىفىرلاش قوزغىتىلدى.",
"The following file types will not be encrypted:" => "تۆۋەندىكى ھۆججەت تىپلىرى شىفىرلانمايدۇ:",
"Exclude the following file types from encryption:" => "تۆۋەندىكى ھۆججەت تىپلىرى شىفىرلاشنىڭ سىرتىدا:",
"None" => "يوق"
"Saving..." => "ساقلاۋاتىدۇ…",
"Encryption" => "شىفىرلاش"
);

7
apps/files_encryption/l10n/uk.php
View file

@ -1,7 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "Шифрування",
"File encryption is enabled." => "Увімкнуто шифрування файлів.",
"The following file types will not be encrypted:" => "Такі типи файлів шифруватись не будуть:",
"Exclude the following file types from encryption:" => "Виключити наступні типи файлів з ​​шифрування:",
"None" => "Жоден"
"Saving..." => "Зберігаю...",
"Encryption" => "Шифрування"
);

10
apps/files_encryption/l10n/vi.php
View file

@ -1,7 +1,9 @@
<?php $TRANSLATIONS = array(
"Password successfully changed." => "Đã đổi mật khẩu.",
"Could not change the password. Maybe the old password was not correct." => "Không thể đổi mật khẩu. Có lẽ do mật khẩu cũ không đúng.",
"Saving..." => "Đang lưu...",
"Encryption" => "Mã hóa",
"File encryption is enabled." => "Mã hóa file đã mở",
"The following file types will not be encrypted:" => "Loại file sau sẽ không được mã hóa",
"Exclude the following file types from encryption:" => "Việc mã hóa không bao gồm loại file sau",
"None" => "Không có gì hết"
"Enabled" => "Bật",
"Disabled" => "Tắt",
"Change Password" => "Đổi Mật khẩu"
);

4
apps/files_encryption/l10n/zh_CN.GB2312.php
View file

@ -1,4 +1,4 @@
<?php $TRANSLATIONS = array(
"Encryption" => "加密",
"None" => ""
"Saving..." => "保存中...",
"Encryption" => "加密"
);

16
apps/files_encryption/l10n/zh_CN.php
View file

@ -1,7 +1,15 @@
<?php $TRANSLATIONS = array(
"Recovery key successfully enabled" => "恢复密钥成功启用",
"Could not enable recovery key. Please check your recovery key password!" => "不能启用恢复密钥。请检查恢复密钥密码!",
"Recovery key successfully disabled" => "恢复密钥成功禁用",
"Could not disable recovery key. Please check your recovery key password!" => "不能禁用恢复密钥。请检查恢复密钥密码!",
"Password successfully changed." => "密码修改成功。",
"Could not change the password. Maybe the old password was not correct." => "不能修改密码。旧密码可能不正确。",
"Saving..." => "保存中",
"Encryption" => "加密",
"File encryption is enabled." => "文件加密已启用.",
"The following file types will not be encrypted:" => "如下的文件类型将不会被加密:",
"Exclude the following file types from encryption:" => "从加密中排除如下的文件类型:",
"None" => ""
"Enabled" => "开启",
"Disabled" => "禁用",
"Change Password" => "修改密码",
"File recovery settings updated" => "文件恢复设置已更新",
"Could not update file recovery" => "不能更新文件恢复"
);

5
apps/files_encryption/l10n/zh_HK.php
View file

@ -1,6 +1,3 @@
<?php $TRANSLATIONS = array(
"Encryption" => "加密",
"File encryption is enabled." => "檔案加密已開啟",
"The following file types will not be encrypted:" => "以下文件類別將不會被加密",
"None" => ""
"Encryption" => "加密"
);

12
apps/files_encryption/l10n/zh_TW.php
View file

@ -1,7 +1,11 @@
<?php $TRANSLATIONS = array(
"Password successfully changed." => "成功變更密碼。",
"Could not change the password. Maybe the old password was not correct." => "無法變更密碼,或許是輸入的舊密碼不正確。",
"Saving..." => "儲存中...",
"Encryption" => "加密",
"File encryption is enabled." => "檔案加密已被啟用",
"The following file types will not be encrypted:" => "以下的文件類型不會被加密:",
"Exclude the following file types from encryption:" => "從加密中排除的檔案類型:",
"None" => ""
"Enabled" => "已啓用",
"Disabled" => "已停用",
"Change Password" => "變更密碼",
"File recovery settings updated" => "檔案還原設定已更新",
"Could not update file recovery" => "無法更新檔案還原設定"
);

278
apps/files_encryption/lib/crypt.php
View file

@ -26,21 +26,20 @@
namespace OCA\Encryption;
//require_once '../3rdparty/Crypt_Blowfish/Blowfish.php';
require_once realpath( dirname( __FILE__ ) . '/../3rdparty/Crypt_Blowfish/Blowfish.php' );
require_once realpath(dirname(__FILE__) . '/../3rdparty/Crypt_Blowfish/Blowfish.php');
/**
* Class for common cryptography functionality
*/
class Crypt
{
class Crypt {
/**
* @brief return encryption mode client or server side encryption
* @param string $user name (use system wide setting if name=null)
* @return string 'client' or 'server'
*/
public static function mode( $user = null ) {
public static function mode($user = null) {
return 'server';
@ -52,18 +51,26 @@ class Crypt
*/
public static function createKeypair() {
$res = openssl_pkey_new( array( 'private_key_bits' => 4096 ) );
$return = false;
// Get private key
openssl_pkey_export( $res, $privateKey );
$res = openssl_pkey_new(array('private_key_bits' => 4096));
// Get public key
$publicKey = openssl_pkey_get_details( $res );
if ($res === false) {
\OCP\Util::writeLog('Encryption library', 'couldn\'t generate users key-pair for ' . \OCP\User::getUser(), \OCP\Util::ERROR);
} elseif (openssl_pkey_export($res, $privateKey)) {
// Get public key
$publicKey = openssl_pkey_get_details($res);
$publicKey = $publicKey['key'];
$publicKey = $publicKey['key'];
return ( array( 'publicKey' => $publicKey, 'privateKey' => $privateKey ) );
$return = array(
'publicKey' => $publicKey,
'privateKey' => $privateKey
);
} else {
\OCP\Util::writeLog('Encryption library', 'couldn\'t export users private key, please check your servers openSSL configuration.' . \OCP\User::getUser(), \OCP\Util::ERROR);
}
return $return;
}
/**
@ -75,7 +82,7 @@ class Crypt
* blocks with encryption alone, hence padding is added to achieve the
* required length.
*/
public static function addPadding( $data ) {
public static function addPadding($data) {
$padded = $data . 'xx';
@ -88,11 +95,11 @@ class Crypt
* @param string $padded padded data to remove padding from
* @return string unpadded data on success, false on error
*/
public static function removePadding( $padded ) {
public static function removePadding($padded) {
if ( substr( $padded, -2 ) == 'xx' ) {
if (substr($padded, -2) === 'xx') {
$data = substr( $padded, 0, -2 );
$data = substr($padded, 0, -2);
return $data;
@ -111,26 +118,26 @@ class Crypt
* @return boolean
* @note see also OCA\Encryption\Util->isEncryptedPath()
*/
public static function isCatfileContent( $content ) {
public static function isCatfileContent($content) {
if ( !$content ) {
if (!$content) {
return false;
}
$noPadding = self::removePadding( $content );
$noPadding = self::removePadding($content);
// Fetch encryption metadata from end of file
$meta = substr( $noPadding, -22 );
$meta = substr($noPadding, -22);
// Fetch IV from end of file
$iv = substr( $meta, -16 );
$iv = substr($meta, -16);
// Fetch identifier from start of metadata
$identifier = substr( $meta, 0, 6 );
$identifier = substr($meta, 0, 6);
if ( $identifier == '00iv00' ) {
if ($identifier === '00iv00') {
return true;
@ -147,15 +154,15 @@ class Crypt
* @param string $path
* @return bool
*/
public static function isEncryptedMeta( $path ) {
public static function isEncryptedMeta($path) {
// TODO: Use DI to get \OC\Files\Filesystem out of here
// Fetch all file metadata from DB
$metadata = \OC\Files\Filesystem::getFileInfo( $path );
$metadata = \OC\Files\Filesystem::getFileInfo($path);
// Return encryption status
return isset( $metadata['encrypted'] ) and ( bool )$metadata['encrypted'];
return isset($metadata['encrypted']) && ( bool )$metadata['encrypted'];
}
@ -166,18 +173,17 @@ class Crypt
* e.g. filename or /Docs/filename, NOT admin/files/filename
* @return boolean
*/
public static function isLegacyEncryptedContent( $data, $relPath ) {
public static function isLegacyEncryptedContent($isCatFileContent, $relPath) {
// Fetch all file metadata from DB
$metadata = \OC\Files\Filesystem::getFileInfo( $relPath, '' );
$metadata = \OC\Files\Filesystem::getFileInfo($relPath, '');
// If a file is flagged with encryption in DB, but isn't a
// valid content + IV combination, it's probably using the
// legacy encryption system
if (
isset( $metadata['encrypted'] )
and $metadata['encrypted'] === true
and !self::isCatfileContent( $data )
if (isset($metadata['encrypted'])
&& $metadata['encrypted'] === true
&& $isCatFileContent === false
) {
return true;
@ -197,15 +203,15 @@ class Crypt
* @param string $passphrase
* @return string encrypted file content
*/
public static function encrypt( $plainContent, $iv, $passphrase = '' ) {
public static function encrypt($plainContent, $iv, $passphrase = '') {
if ( $encryptedContent = openssl_encrypt( $plainContent, 'AES-128-CFB', $passphrase, false, $iv ) ) {
if ($encryptedContent = openssl_encrypt($plainContent, 'AES-128-CFB', $passphrase, false, $iv)) {
return $encryptedContent;
} else {
\OC_Log::write( 'Encryption library', 'Encryption (symmetric) of content failed', \OC_Log::ERROR );
\OCP\Util::writeLog('Encryption library', 'Encryption (symmetric) of content failed', \OCP\Util::ERROR);
return false;
@ -221,15 +227,15 @@ class Crypt
* @throws \Exception
* @return string decrypted file content
*/
public static function decrypt( $encryptedContent, $iv, $passphrase ) {
public static function decrypt($encryptedContent, $iv, $passphrase) {
if ( $plainContent = openssl_decrypt( $encryptedContent, 'AES-128-CFB', $passphrase, false, $iv ) ) {
if ($plainContent = openssl_decrypt($encryptedContent, 'AES-128-CFB', $passphrase, false, $iv)) {
return $plainContent;
} else {
throw new \Exception( 'Encryption library: Decryption (symmetric) of content failed' );
throw new \Exception('Encryption library: Decryption (symmetric) of content failed');
}
@ -241,7 +247,7 @@ class Crypt
* @param string $iv IV to be concatenated
* @returns string concatenated content
*/
public static function concatIv( $content, $iv ) {
public static function concatIv($content, $iv) {
$combined = $content . '00iv00' . $iv;
@ -254,20 +260,20 @@ class Crypt
* @param string $catFile concatenated data to be split
* @returns array keys: encrypted, iv
*/
public static function splitIv( $catFile ) {
public static function splitIv($catFile) {
// Fetch encryption metadata from end of file
$meta = substr( $catFile, -22 );
$meta = substr($catFile, -22);
// Fetch IV from end of file
$iv = substr( $meta, -16 );
$iv = substr($meta, -16);
// Remove IV and IV identifier text to expose encrypted content
$encrypted = substr( $catFile, 0, -22 );
$encrypted = substr($catFile, 0, -22);
$split = array(
'encrypted' => $encrypted
, 'iv' => $iv
'encrypted' => $encrypted,
'iv' => $iv
);
return $split;
@ -283,31 +289,25 @@ class Crypt
* @note IV need not be specified, as it will be stored in the returned keyfile
* and remain accessible therein.
*/
public static function symmetricEncryptFileContent( $plainContent, $passphrase = '' ) {
if ( !$plainContent ) {
public static function symmetricEncryptFileContent($plainContent, $passphrase = '') {
if (!$plainContent) {
\OCP\Util::writeLog('Encryption library', 'symmetrically encryption failed, no content given.', \OCP\Util::ERROR);
return false;
}
$iv = self::generateIv();
if ( $encryptedContent = self::encrypt( $plainContent, $iv, $passphrase ) ) {
if ($encryptedContent = self::encrypt($plainContent, $iv, $passphrase)) {
// Combine content to encrypt with IV identifier and actual IV
$catfile = self::concatIv( $encryptedContent, $iv );
$padded = self::addPadding( $catfile );
$catfile = self::concatIv($encryptedContent, $iv);
$padded = self::addPadding($catfile);
return $padded;
} else {
\OC_Log::write( 'Encryption library', 'Encryption (symmetric) of keyfile content failed', \OC_Log::ERROR );
\OCP\Util::writeLog('Encryption library', 'Encryption (symmetric) of keyfile content failed', \OCP\Util::ERROR);
return false;
}
}
@ -326,21 +326,21 @@ class Crypt
*
* This function decrypts a file
*/
public static function symmetricDecryptFileContent( $keyfileContent, $passphrase = '' ) {
public static function symmetricDecryptFileContent($keyfileContent, $passphrase = '') {
if ( !$keyfileContent ) {
if (!$keyfileContent) {
throw new \Exception( 'Encryption library: no data provided for decryption' );
throw new \Exception('Encryption library: no data provided for decryption');
}
// Remove padding
$noPadding = self::removePadding( $keyfileContent );
$noPadding = self::removePadding($keyfileContent);
// Split into enc data and catfile
$catfile = self::splitIv( $noPadding );
$catfile = self::splitIv($noPadding);
if ( $plainContent = self::decrypt( $catfile['encrypted'], $catfile['iv'], $passphrase ) ) {
if ($plainContent = self::decrypt($catfile['encrypted'], $catfile['iv'], $passphrase)) {
return $plainContent;
@ -350,6 +350,34 @@ class Crypt
}
/**
* @brief Decrypt private key and check if the result is a valid keyfile
* @param string $encryptedKey encrypted keyfile
* @param string $passphrase to decrypt keyfile
* @returns encrypted private key or false
*
* This function decrypts a file
*/
public static function decryptPrivateKey($encryptedKey, $passphrase) {
$plainKey = self::symmetricDecryptFileContent($encryptedKey, $passphrase);
// check if this a valid private key
$res = openssl_pkey_get_private($plainKey);
if (is_resource($res)) {
$sslInfo = openssl_pkey_get_details($res);
if (!isset($sslInfo['key'])) {
$plainKey = false;
}
} else {
$plainKey = false;
}
return $plainKey;
}
/**
* @brief Creates symmetric keyfile content using a generated key
* @param string $plainContent content to be encrypted
@ -358,11 +386,11 @@ class Crypt
*
* This function decrypts a file
*/
public static function symmetricEncryptFileContentKeyfile( $plainContent ) {
public static function symmetricEncryptFileContentKeyfile($plainContent) {
$key = self::generateKey();
if ( $encryptedContent = self::symmetricEncryptFileContent( $plainContent, $key ) ) {
if ($encryptedContent = self::symmetricEncryptFileContent($plainContent, $key)) {
return array(
'key' => $key,
@ -384,13 +412,13 @@ class Crypt
* @returns array keys: keys (array, key = userId), data
* @note symmetricDecryptFileContent() can decrypt files created using this method
*/
public static function multiKeyEncrypt( $plainContent, array $publicKeys ) {
public static function multiKeyEncrypt($plainContent, array $publicKeys) {
// openssl_seal returns false without errors if $plainContent
// is empty, so trigger our own error
if ( empty( $plainContent ) ) {
if (empty($plainContent)) {
throw new \Exception( 'Cannot mutliKeyEncrypt empty plain content' );
throw new \Exception('Cannot mutliKeyEncrypt empty plain content');
}
@ -399,13 +427,13 @@ class Crypt
$shareKeys = array();
$mappedShareKeys = array();
if ( openssl_seal( $plainContent, $sealed, $shareKeys, $publicKeys ) ) {
if (openssl_seal($plainContent, $sealed, $shareKeys, $publicKeys)) {
$i = 0;
// Ensure each shareKey is labelled with its
// corresponding userId
foreach ( $publicKeys as $userId => $publicKey ) {
foreach ($publicKeys as $userId => $publicKey) {
$mappedShareKeys[$userId] = $shareKeys[$i];
$i++;
@ -437,21 +465,21 @@ class Crypt
*
* This function decrypts a file
*/
public static function multiKeyDecrypt( $encryptedContent, $shareKey, $privateKey ) {
public static function multiKeyDecrypt($encryptedContent, $shareKey, $privateKey) {
if ( !$encryptedContent ) {
if (!$encryptedContent) {
return false;
}
if ( openssl_open( $encryptedContent, $plainContent, $shareKey, $privateKey ) ) {
if (openssl_open($encryptedContent, $plainContent, $shareKey, $privateKey)) {
return $plainContent;
} else {
\OC_Log::write( 'Encryption library', 'Decryption (asymmetric) of sealed content failed', \OC_Log::ERROR );
\OCP\Util::writeLog('Encryption library', 'Decryption (asymmetric) of sealed content with share-key "'.$shareKey.'" failed', \OCP\Util::ERROR);
return false;
@ -461,11 +489,13 @@ class Crypt
/**
* @brief Asymetrically encrypt a string using a public key
* @param $plainContent
* @param $publicKey
* @return string encrypted file
*/
public static function keyEncrypt( $plainContent, $publicKey ) {
public static function keyEncrypt($plainContent, $publicKey) {
openssl_public_encrypt( $plainContent, $encryptedContent, $publicKey );
openssl_public_encrypt($plainContent, $encryptedContent, $publicKey);
return $encryptedContent;
@ -473,13 +503,15 @@ class Crypt
/**
* @brief Asymetrically decrypt a file using a private key
* @param $encryptedContent
* @param $privatekey
* @return string decrypted file
*/
public static function keyDecrypt( $encryptedContent, $privatekey ) {
public static function keyDecrypt($encryptedContent, $privatekey) {
$result = @openssl_private_decrypt( $encryptedContent, $plainContent, $privatekey );
$result = @openssl_private_decrypt($encryptedContent, $plainContent, $privatekey);
if ( $result ) {
if ($result) {
return $plainContent;
}
@ -493,24 +525,24 @@ class Crypt
*/
public static function generateIv() {
if ( $random = openssl_random_pseudo_bytes( 12, $strong ) ) {
if ($random = openssl_random_pseudo_bytes(12, $strong)) {
if ( !$strong ) {
if (!$strong) {
// If OpenSSL indicates randomness is insecure, log error
\OC_Log::write( 'Encryption library', 'Insecure symmetric key was generated using openssl_random_pseudo_bytes()', \OC_Log::WARN );
\OCP\Util::writeLog('Encryption library', 'Insecure symmetric key was generated using openssl_random_pseudo_bytes()', \OCP\Util::WARN);
}
// We encode the iv purely for string manipulation
// purposes - it gets decoded before use
$iv = base64_encode( $random );
$iv = base64_encode($random);
return $iv;
} else {
throw new \Exception( 'Generating IV failed' );
throw new \Exception('Generating IV failed');
}
@ -523,12 +555,12 @@ class Crypt
public static function generateKey() {
// Generate key
if ( $key = base64_encode( openssl_random_pseudo_bytes( 183, $strong ) ) ) {
if ($key = base64_encode(openssl_random_pseudo_bytes(183, $strong))) {
if ( !$strong ) {
if (!$strong) {
// If OpenSSL indicates randomness is insecure, log error
throw new \Exception( 'Encryption library, Insecure symmetric key was generated using openssl_random_pseudo_bytes()' );
throw new \Exception('Encryption library, Insecure symmetric key was generated using openssl_random_pseudo_bytes()');
}
@ -545,15 +577,15 @@ class Crypt
/**
* @brief Get the blowfish encryption handeler for a key
* @param $key string (optional)
* @return Crypt_Blowfish blowfish object
* @return \Crypt_Blowfish blowfish object
*
* if the key is left out, the default handeler will be used
*/
public static function getBlowfish( $key = '' ) {
public static function getBlowfish($key = '') {
if ( $key ) {
if ($key) {
return new \Crypt_Blowfish( $key );
return new \Crypt_Blowfish($key);
} else {
@ -567,13 +599,13 @@ class Crypt
* @param $passphrase
* @return mixed
*/
public static function legacyCreateKey( $passphrase ) {
public static function legacyCreateKey($passphrase) {
// Generate a random integer
$key = mt_rand( 10000, 99999 ) . mt_rand( 10000, 99999 ) . mt_rand( 10000, 99999 ) . mt_rand( 10000, 99999 );
$key = mt_rand(10000, 99999) . mt_rand(10000, 99999) . mt_rand(10000, 99999) . mt_rand(10000, 99999);
// Encrypt the key with the passphrase
$legacyEncKey = self::legacyEncrypt( $key, $passphrase );
$legacyEncKey = self::legacyEncrypt($key, $passphrase);
return $legacyEncKey;
@ -583,17 +615,15 @@ class Crypt
* @brief encrypts content using legacy blowfish system
* @param string $content the cleartext message you want to encrypt
* @param string $passphrase
* @return
* @internal param \OCA\Encryption\the $key encryption key (optional)
* @returns string encrypted content
*
* This function encrypts an content
*/
public static function legacyEncrypt( $content, $passphrase = '' ) {
public static function legacyEncrypt($content, $passphrase = '') {
$bf = self::getBlowfish( $passphrase );
$bf = self::getBlowfish($passphrase);
return $bf->encrypt( $content );
return $bf->encrypt($content);
}
@ -601,20 +631,17 @@ class Crypt
* @brief decrypts content using legacy blowfish system
* @param string $content the cleartext message you want to decrypt
* @param string $passphrase
* @return string
* @internal param \OCA\Encryption\the $key encryption key (optional)
* @return string cleartext content
*
* This function decrypts an content
*/
public static function legacyDecrypt( $content, $passphrase = '' ) {
public static function legacyDecrypt($content, $passphrase = '') {
$bf = self::getBlowfish( $passphrase );
$bf = self::getBlowfish($passphrase);
$decrypted = $bf->decrypt( $content );
return rtrim( $decrypted, "\0" );;
$decrypted = $bf->decrypt($content);
return $decrypted;
}
/**
@ -623,39 +650,18 @@ class Crypt
* @param int $maxLength
* @return string
*/
private static function legacyBlockDecrypt( $data, $key = '', $maxLength = 0 ) {
public static function legacyBlockDecrypt($data, $key = '', $maxLength = 0) {
$result = '';
while ( strlen( $data ) ) {
$result .= self::legacyDecrypt( substr( $data, 0, 8192 ), $key );
$data = substr( $data, 8192 );
while (strlen($data)) {
$result .= self::legacyDecrypt(substr($data, 0, 8192), $key);
$data = substr($data, 8192);
}
if ( $maxLength > 0 ) {
return substr( $result, 0, $maxLength );
if ($maxLength > 0) {
return substr($result, 0, $maxLength);
} else {
return rtrim( $result, "\0" );
return rtrim($result, "\0");
}
}
/**
* @param $legacyEncryptedContent
* @param $legacyPassphrase
* @param $publicKeys
* @param $newPassphrase
* @param $path
* @return array
*/
public static function legacyKeyRecryptKeyfile( $legacyEncryptedContent, $legacyPassphrase, $publicKeys, $newPassphrase, $path ) {
$decrypted = self::legacyBlockDecrypt( $legacyEncryptedContent, $legacyPassphrase );
// Encrypt plain data, generate keyfile & encrypted file
$cryptedData = self::symmetricEncryptFileContentKeyfile( $decrypted );
// Encrypt plain keyfile to multiple sharefiles
$multiEncrypted = Crypt::multiKeyEncrypt( $cryptedData['key'], $publicKeys );
return array( 'data' => $cryptedData['encrypted'], 'filekey' => $multiEncrypted['data'], 'sharekeys' => $multiEncrypted['keys'] );
}
}

133
apps/files_encryption/lib/helper.php
View file

@ -23,15 +23,11 @@
namespace OCA\Encryption;
/**
* @brief Class to manage registration of hooks an various helper methods
*/
/**
* Class Helper
* @brief Class to manage registration of hooks an various helper methods
* @package OCA\Encryption
*/
class Helper
{
class Helper {
/**
* @brief register share related hooks
@ -39,9 +35,9 @@ class Helper
*/
public static function registerShareHooks() {
\OCP\Util::connectHook( 'OCP\Share', 'pre_shared', 'OCA\Encryption\Hooks', 'preShared' );
\OCP\Util::connectHook( 'OCP\Share', 'post_shared', 'OCA\Encryption\Hooks', 'postShared' );
\OCP\Util::connectHook( 'OCP\Share', 'post_unshare', 'OCA\Encryption\Hooks', 'postUnshare' );
\OCP\Util::connectHook('OCP\Share', 'pre_shared', 'OCA\Encryption\Hooks', 'preShared');
\OCP\Util::connectHook('OCP\Share', 'post_shared', 'OCA\Encryption\Hooks', 'postShared');
\OCP\Util::connectHook('OCP\Share', 'post_unshare', 'OCA\Encryption\Hooks', 'postUnshare');
}
/**
@ -50,10 +46,11 @@ class Helper
*/
public static function registerUserHooks() {
\OCP\Util::connectHook( 'OC_User', 'post_login', 'OCA\Encryption\Hooks', 'login' );
\OCP\Util::connectHook( 'OC_User', 'post_setPassword', 'OCA\Encryption\Hooks', 'setPassphrase' );
\OCP\Util::connectHook( 'OC_User', 'post_createUser', 'OCA\Encryption\Hooks', 'postCreateUser' );
\OCP\Util::connectHook( 'OC_User', 'post_deleteUser', 'OCA\Encryption\Hooks', 'postDeleteUser' );
\OCP\Util::connectHook('OC_User', 'post_login', 'OCA\Encryption\Hooks', 'login');
\OCP\Util::connectHook('OC_User', 'post_setPassword', 'OCA\Encryption\Hooks', 'setPassphrase');
\OCP\Util::connectHook('OC_User', 'pre_setPassword', 'OCA\Encryption\Hooks', 'preSetPassphrase');
\OCP\Util::connectHook('OC_User', 'post_createUser', 'OCA\Encryption\Hooks', 'postCreateUser');
\OCP\Util::connectHook('OC_User', 'post_deleteUser', 'OCA\Encryption\Hooks', 'postDeleteUser');
}
/**
@ -62,7 +59,7 @@ class Helper
*/
public static function registerFilesystemHooks() {
\OCP\Util::connectHook( 'OC_Filesystem', 'post_rename', 'OCA\Encryption\Hooks', 'postRename' );
\OCP\Util::connectHook('OC_Filesystem', 'post_rename', 'OCA\Encryption\Hooks', 'postRename');
}
/**
@ -72,13 +69,14 @@ class Helper
* @param string $password
* @return bool
*/
public static function setupUser( $util, $password ) {
public static function setupUser($util, $password) {
// Check files_encryption infrastructure is ready for action
if ( !$util->ready() ) {
if (!$util->ready()) {
\OC_Log::write( 'Encryption library', 'User account "' . $util->getUserId() . '" is not ready for encryption; configuration started', \OC_Log::DEBUG );
\OCP\Util::writeLog('Encryption library', 'User account "' . $util->getUserId()
. '" is not ready for encryption; configuration started', \OCP\Util::DEBUG);
if ( !$util->setupServerSide( $password ) ) {
if (!$util->setupServerSide($password)) {
return false;
}
}
@ -95,21 +93,22 @@ class Helper
* @internal param string $password
* @return bool
*/
public static function adminEnableRecovery( $recoveryKeyId, $recoveryPassword ) {
$view = new \OC\Files\View( '/' );
public static function adminEnableRecovery($recoveryKeyId, $recoveryPassword) {
if ( $recoveryKeyId === null ) {
$recoveryKeyId = 'recovery_' . substr( md5( time() ), 0, 8 );
\OC_Appconfig::setValue( 'files_encryption', 'recoveryKeyId', $recoveryKeyId );
$view = new \OC\Files\View('/');
if ($recoveryKeyId === null) {
$recoveryKeyId = 'recovery_' . substr(md5(time()), 0, 8);
\OC_Appconfig::setValue('files_encryption', 'recoveryKeyId', $recoveryKeyId);
}
if ( !$view->is_dir( '/owncloud_private_key' ) ) {
$view->mkdir( '/owncloud_private_key' );
if (!$view->is_dir('/owncloud_private_key')) {
$view->mkdir('/owncloud_private_key');
}
if (
( !$view->file_exists( "/public-keys/" . $recoveryKeyId . ".public.key" )
|| !$view->file_exists( "/owncloud_private_key/" . $recoveryKeyId . ".private.key" ) )
(!$view->file_exists("/public-keys/" . $recoveryKeyId . ".public.key")
|| !$view->file_exists("/owncloud_private_key/" . $recoveryKeyId . ".private.key"))
) {
$keypair = \OCA\Encryption\Crypt::createKeypair();
@ -118,37 +117,30 @@ class Helper
// Save public key
if ( !$view->is_dir( '/public-keys' ) ) {
$view->mkdir( '/public-keys' );
if (!$view->is_dir('/public-keys')) {
$view->mkdir('/public-keys');
}
$view->file_put_contents( '/public-keys/' . $recoveryKeyId . '.public.key', $keypair['publicKey'] );
$view->file_put_contents('/public-keys/' . $recoveryKeyId . '.public.key', $keypair['publicKey']);
// Encrypt private key empthy passphrase
$encryptedPrivateKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent( $keypair['privateKey'], $recoveryPassword );
$encryptedPrivateKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($keypair['privateKey'], $recoveryPassword);
// Save private key
$view->file_put_contents( '/owncloud_private_key/' . $recoveryKeyId . '.private.key', $encryptedPrivateKey );
// create control file which let us check later on if the entered password was correct.
$encryptedControlData = \OCA\Encryption\Crypt::keyEncrypt( "ownCloud", $keypair['publicKey'] );
if ( !$view->is_dir( '/control-file' ) ) {
$view->mkdir( '/control-file' );
}
$view->file_put_contents( '/control-file/controlfile.enc', $encryptedControlData );
$view->file_put_contents('/owncloud_private_key/' . $recoveryKeyId . '.private.key', $encryptedPrivateKey);
\OC_FileProxy::$enabled = true;
// Set recoveryAdmin as enabled
\OC_Appconfig::setValue( 'files_encryption', 'recoveryAdminEnabled', 1 );
\OC_Appconfig::setValue('files_encryption', 'recoveryAdminEnabled', 1);
$return = true;
} else { // get recovery key and check the password
$util = new \OCA\Encryption\Util( new \OC_FilesystemView( '/' ), \OCP\User::getUser() );
$return = $util->checkRecoveryPassword( $_POST['recoveryPassword'] );
if ( $return ) {
\OC_Appconfig::setValue( 'files_encryption', 'recoveryAdminEnabled', 1 );
$util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), \OCP\User::getUser());
$return = $util->checkRecoveryPassword($recoveryPassword);
if ($return) {
\OC_Appconfig::setValue('files_encryption', 'recoveryAdminEnabled', 1);
}
}
@ -162,15 +154,58 @@ class Helper
* @param $recoveryPassword
* @return bool
*/
public static function adminDisableRecovery( $recoveryPassword ) {
$util = new Util( new \OC_FilesystemView( '/' ), \OCP\User::getUser() );
$return = $util->checkRecoveryPassword( $recoveryPassword );
public static function adminDisableRecovery($recoveryPassword) {
$util = new Util(new \OC_FilesystemView('/'), \OCP\User::getUser());
$return = $util->checkRecoveryPassword($recoveryPassword);
if ( $return ) {
if ($return) {
// Set recoveryAdmin as disabled
\OC_Appconfig::setValue( 'files_encryption', 'recoveryAdminEnabled', 0 );
\OC_Appconfig::setValue('files_encryption', 'recoveryAdminEnabled', 0);
}
return $return;
}
/**
* @brief checks if access is public/anonymous user
* @return bool
*/
public static function isPublicAccess() {
if (\OCP\USER::getUser() === false
|| (isset($_GET['service']) && $_GET['service'] == 'files'
&& isset($_GET['t']))
) {
return true;
} else {
return false;
}
}
/**
* @brief Format a path to be relative to the /user/files/ directory
* @param string $path the absolute path
* @return string e.g. turns '/admin/files/test.txt' into 'test.txt'
*/
public static function stripUserFilesPath($path) {
$trimmed = ltrim($path, '/');
$split = explode('/', $trimmed);
$sliced = array_slice($split, 2);
$relPath = implode('/', $sliced);
return $relPath;
}
/**
* @brief redirect to a error page
*/
public static function redirectToErrorPage() {
$location = \OC_Helper::linkToAbsolute('apps/files_encryption/files', 'error.php');
$post = 0;
if(count($_POST) > 0) {
$post = 1;
}
header('Location: ' . $location . '?p=' . $post);
exit();
}
}

226
apps/files_encryption/lib/keymanager.php
View file

@ -27,8 +27,7 @@ namespace OCA\Encryption;
* @brief Class to manage storage and retrieval of encryption keys
* @note Where a method requires a view object, it's root must be '/'
*/
class Keymanager
{
class Keymanager {
/**
* @brief retrieve the ENCRYPTED private key from a user
@ -38,14 +37,14 @@ class Keymanager
* @return string private key or false (hopefully)
* @note the key returned by this method must be decrypted before use
*/
public static function getPrivateKey( \OC_FilesystemView $view, $user ) {
public static function getPrivateKey(\OC_FilesystemView $view, $user) {
$path = '/' . $user . '/' . 'files_encryption' . '/' . $user . '.private.key';
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$key = $view->file_get_contents( $path );
$key = $view->file_get_contents($path);
\OC_FileProxy::$enabled = $proxyStatus;
@ -58,12 +57,12 @@ class Keymanager
* @param $userId
* @return string public key or false
*/
public static function getPublicKey( \OC_FilesystemView $view, $userId ) {
public static function getPublicKey(\OC_FilesystemView $view, $userId) {
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$result = $view->file_get_contents( '/public-keys/' . $userId . '.public.key' );
$result = $view->file_get_contents('/public-keys/' . $userId . '.public.key');
\OC_FileProxy::$enabled = $proxyStatus;
@ -77,11 +76,11 @@ class Keymanager
* @param $userId
* @return array keys: privateKey, publicKey
*/
public static function getUserKeys( \OC_FilesystemView $view, $userId ) {
public static function getUserKeys(\OC_FilesystemView $view, $userId) {
return array(
'publicKey' => self::getPublicKey( $view, $userId )
, 'privateKey' => self::getPrivateKey( $view, $userId )
'publicKey' => self::getPublicKey($view, $userId),
'privateKey' => self::getPrivateKey($view, $userId)
);
}
@ -92,13 +91,13 @@ class Keymanager
* @param array $userIds
* @return array of public keys for the specified users
*/
public static function getPublicKeys( \OC_FilesystemView $view, array $userIds ) {
public static function getPublicKeys(\OC_FilesystemView $view, array $userIds) {
$keys = array();
foreach ( $userIds as $userId ) {
foreach ($userIds as $userId) {
$keys[$userId] = self::getPublicKey( $view, $userId );
$keys[$userId] = self::getPublicKey($view, $userId);
}
@ -118,40 +117,41 @@ class Keymanager
* @note The keyfile is not encrypted here. Client code must
* asymmetrically encrypt the keyfile before passing it to this method
*/
public static function setFileKey( \OC_FilesystemView $view, $path, $userId, $catfile ) {
public static function setFileKey(\OC_FilesystemView $view, $path, $userId, $catfile) {
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
//here we need the currently logged in user, while userId can be a different user
$util = new Util( $view, \OCP\User::getUser() );
list( $owner, $filename ) = $util->getUidAndFilename( $path );
$util = new Util($view, \OCP\User::getUser());
list($owner, $filename) = $util->getUidAndFilename($path);
$basePath = '/' . $owner . '/files_encryption/keyfiles';
$targetPath = self::keySetPreparation( $view, $filename, $basePath, $owner );
$targetPath = self::keySetPreparation($view, $filename, $basePath, $owner);
if ( !$view->is_dir( $basePath . '/' . $targetPath ) ) {
if (!$view->is_dir($basePath . '/' . $targetPath)) {
// create all parent folders
$info = pathinfo( $basePath . '/' . $targetPath );
$keyfileFolderName = $view->getLocalFolder( $info['dirname'] );
$info = pathinfo($basePath . '/' . $targetPath);
$keyfileFolderName = $view->getLocalFolder($info['dirname']);
if ( !file_exists( $keyfileFolderName ) ) {
if (!file_exists($keyfileFolderName)) {
mkdir( $keyfileFolderName, 0750, true );
mkdir($keyfileFolderName, 0750, true);
}
}
// try reusing key file if part file
if ( self::isPartialFilePath( $targetPath ) ) {
if (self::isPartialFilePath($targetPath)) {
$result = $view->file_put_contents( $basePath . '/' . self::fixPartialFilePath( $targetPath ) . '.key', $catfile );
$result = $view->file_put_contents(
$basePath . '/' . self::fixPartialFilePath($targetPath) . '.key', $catfile);
} else {
$result = $view->file_put_contents( $basePath . '/' . $targetPath . '.key', $catfile );
$result = $view->file_put_contents($basePath . '/' . $targetPath . '.key', $catfile);
}
@ -167,12 +167,12 @@ class Keymanager
* @return string File path without .part extension
* @note this is needed for reusing keys
*/
public static function fixPartialFilePath( $path ) {
public static function fixPartialFilePath($path) {
if ( preg_match( '/\.part$/', $path ) ) {
if (preg_match('/\.part$/', $path) || preg_match('/\.etmp$/', $path)) {
$newLength = strlen( $path ) - 5;
$fPath = substr( $path, 0, $newLength );
$newLength = strlen($path) - 5;
$fPath = substr($path, 0, $newLength);
return $fPath;
@ -189,9 +189,9 @@ class Keymanager
* @param string $path Path that may identify a .part file
* @return bool
*/
public static function isPartialFilePath( $path ) {
public static function isPartialFilePath($path) {
if ( preg_match( '/\.part$/', $path ) ) {
if (preg_match('/\.part$/', $path) || preg_match('/\.etmp$/', $path)) {
return true;
@ -213,14 +213,14 @@ class Keymanager
* @note The keyfile returned is asymmetrically encrypted. Decryption
* of the keyfile must be performed by client code
*/
public static function getFileKey( \OC_FilesystemView $view, $userId, $filePath ) {
public static function getFileKey(\OC_FilesystemView $view, $userId, $filePath) {
// try reusing key file if part file
if ( self::isPartialFilePath( $filePath ) ) {
if (self::isPartialFilePath($filePath)) {
$result = self::getFileKey( $view, $userId, self::fixPartialFilePath( $filePath ) );
$result = self::getFileKey($view, $userId, self::fixPartialFilePath($filePath));
if ( $result ) {
if ($result) {
return $result;
@ -228,19 +228,19 @@ class Keymanager
}
$util = new Util( $view, \OCP\User::getUser() );
$util = new Util($view, \OCP\User::getUser());
list( $owner, $filename ) = $util->getUidAndFilename( $filePath );
$filePath_f = ltrim( $filename, '/' );
list($owner, $filename) = $util->getUidAndFilename($filePath);
$filePath_f = ltrim($filename, '/');
$keyfilePath = '/' . $owner . '/files_encryption/keyfiles/' . $filePath_f . '.key';
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
if ( $view->file_exists( $keyfilePath ) ) {
if ($view->file_exists($keyfilePath)) {
$result = $view->file_get_contents( $keyfilePath );
$result = $view->file_get_contents($keyfilePath);
} else {
@ -264,26 +264,29 @@ class Keymanager
* @note $path must be relative to data/user/files. e.g. mydoc.txt NOT
* /data/admin/files/mydoc.txt
*/
public static function deleteFileKey( \OC_FilesystemView $view, $userId, $path ) {
public static function deleteFileKey(\OC_FilesystemView $view, $userId, $path) {
$trimmed = ltrim( $path, '/' );
$trimmed = ltrim($path, '/');
$keyPath = '/' . $userId . '/files_encryption/keyfiles/' . $trimmed;
$result = false;
if ( $view->is_dir( $keyPath ) ) {
if ($view->is_dir($keyPath)) {
$result = $view->unlink( $keyPath );
$result = $view->unlink($keyPath);
} else if ( $view->file_exists( $keyPath . '.key' ) ) {
} else {
if ($view->file_exists($keyPath . '.key')) {
$result = $view->unlink( $keyPath . '.key' );
$result = $view->unlink($keyPath . '.key');
}
}
if ( !$result ) {
if (!$result) {
\OC_Log::write( 'Encryption library', 'Could not delete keyfile; does not exist: "' . $keyPath, \OC_Log::ERROR );
\OCP\Util::writeLog('Encryption library',
'Could not delete keyfile; does not exist: "' . $keyPath, \OCP\Util::ERROR);
}
@ -298,19 +301,19 @@ class Keymanager
* @note Encryption of the private key must be performed by client code
* as no encryption takes place here
*/
public static function setPrivateKey( $key ) {
public static function setPrivateKey($key) {
$user = \OCP\User::getUser();
$view = new \OC_FilesystemView( '/' . $user . '/files_encryption' );
$view = new \OC_FilesystemView('/' . $user . '/files_encryption');
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
if ( !$view->file_exists( '' ) )
$view->mkdir( '' );
if (!$view->file_exists(''))
$view->mkdir('');
$result = $view->file_put_contents( $user . '.private.key', $key );
$result = $view->file_put_contents($user . '.private.key', $key);
\OC_FileProxy::$enabled = $proxyStatus;
@ -331,21 +334,21 @@ class Keymanager
* @note The keyfile is not encrypted here. Client code must
* asymmetrically encrypt the keyfile before passing it to this method
*/
public static function setShareKey( \OC_FilesystemView $view, $path, $userId, $shareKey ) {
public static function setShareKey(\OC_FilesystemView $view, $path, $userId, $shareKey) {
// Here we need the currently logged in user, while userId can be a different user
$util = new Util( $view, \OCP\User::getUser() );
$util = new Util($view, \OCP\User::getUser());
list( $owner, $filename ) = $util->getUidAndFilename( $path );
list($owner, $filename) = $util->getUidAndFilename($path);
$basePath = '/' . $owner . '/files_encryption/share-keys';
$shareKeyPath = self::keySetPreparation( $view, $filename, $basePath, $owner );
$shareKeyPath = self::keySetPreparation($view, $filename, $basePath, $owner);
// try reusing key file if part file
if ( self::isPartialFilePath( $shareKeyPath ) ) {
if (self::isPartialFilePath($shareKeyPath)) {
$writePath = $basePath . '/' . self::fixPartialFilePath( $shareKeyPath ) . '.' . $userId . '.shareKey';
$writePath = $basePath . '/' . self::fixPartialFilePath($shareKeyPath) . '.' . $userId . '.shareKey';
} else {
@ -356,12 +359,12 @@ class Keymanager
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$result = $view->file_put_contents( $writePath, $shareKey );
$result = $view->file_put_contents($writePath, $shareKey);
\OC_FileProxy::$enabled = $proxyStatus;
if (
is_int( $result )
is_int($result)
&& $result > 0
) {
@ -382,16 +385,16 @@ class Keymanager
* @param array $shareKeys
* @return bool
*/
public static function setShareKeys( \OC_FilesystemView $view, $path, array $shareKeys ) {
public static function setShareKeys(\OC_FilesystemView $view, $path, array $shareKeys) {
// $shareKeys must be an array with the following format:
// [userId] => [encrypted key]
$result = true;
foreach ( $shareKeys as $userId => $shareKey ) {
foreach ($shareKeys as $userId => $shareKey) {
if ( !self::setShareKey( $view, $path, $userId, $shareKey ) ) {
if (!self::setShareKey($view, $path, $userId, $shareKey)) {
// If any of the keys are not set, flag false
$result = false;
@ -415,14 +418,14 @@ class Keymanager
* @note The sharekey returned is encrypted. Decryption
* of the keyfile must be performed by client code
*/
public static function getShareKey( \OC_FilesystemView $view, $userId, $filePath ) {
public static function getShareKey(\OC_FilesystemView $view, $userId, $filePath) {
// try reusing key file if part file
if ( self::isPartialFilePath( $filePath ) ) {
if (self::isPartialFilePath($filePath)) {
$result = self::getShareKey( $view, $userId, self::fixPartialFilePath( $filePath ) );
$result = self::getShareKey($view, $userId, self::fixPartialFilePath($filePath));
if ( $result ) {
if ($result) {
return $result;
@ -434,14 +437,15 @@ class Keymanager
\OC_FileProxy::$enabled = false;
//here we need the currently logged in user, while userId can be a different user
$util = new Util( $view, \OCP\User::getUser() );
$util = new Util($view, \OCP\User::getUser());
list( $owner, $filename ) = $util->getUidAndFilename( $filePath );
$shareKeyPath = \OC\Files\Filesystem::normalizePath( '/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey' );
list($owner, $filename) = $util->getUidAndFilename($filePath);
$shareKeyPath = \OC\Files\Filesystem::normalizePath(
'/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey');
if ( $view->file_exists( $shareKeyPath ) ) {
if ($view->file_exists($shareKeyPath)) {
$result = $view->file_get_contents( $shareKeyPath );
$result = $view->file_get_contents($shareKeyPath);
} else {
@ -461,17 +465,18 @@ class Keymanager
* @param string $userId owner of the file
* @param string $filePath path to the file, relative to the owners file dir
*/
public static function delAllShareKeys( \OC_FilesystemView $view, $userId, $filePath ) {
public static function delAllShareKeys(\OC_FilesystemView $view, $userId, $filePath) {
if ( $view->is_dir( $userId . '/files/' . $filePath ) ) {
$view->unlink( $userId . '/files_encryption/share-keys/' . $filePath );
if ($view->is_dir($userId . '/files/' . $filePath)) {
$view->unlink($userId . '/files_encryption/share-keys/' . $filePath);
} else {
$localKeyPath = $view->getLocalFile( $userId . '/files_encryption/share-keys/' . $filePath );
$matches = glob( preg_quote( $localKeyPath ) . '*.shareKey' );
foreach ( $matches as $ma ) {
$result = unlink( $ma );
if ( !$result ) {
\OC_Log::write( 'Encryption library', 'Keyfile or shareKey could not be deleted for file "' . $filePath . '"', \OC_Log::ERROR );
$localKeyPath = $view->getLocalFile($userId . '/files_encryption/share-keys/' . $filePath);
$matches = glob(preg_quote($localKeyPath) . '*.shareKey');
foreach ($matches as $ma) {
$result = unlink($ma);
if (!$result) {
\OCP\Util::writeLog('Encryption library',
'Keyfile or shareKey could not be deleted for file "' . $filePath . '"', \OCP\Util::ERROR);
}
}
}
@ -480,29 +485,31 @@ class Keymanager
/**
* @brief Delete a single user's shareKey for a single file
*/
public static function delShareKey( \OC_FilesystemView $view, $userIds, $filePath ) {
public static function delShareKey(\OC_FilesystemView $view, $userIds, $filePath) {
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
//here we need the currently logged in user, while userId can be a different user
$util = new Util( $view, \OCP\User::getUser() );
$util = new Util($view, \OCP\User::getUser());
list( $owner, $filename ) = $util->getUidAndFilename( $filePath );
list($owner, $filename) = $util->getUidAndFilename($filePath);
$shareKeyPath = \OC\Files\Filesystem::normalizePath( '/' . $owner . '/files_encryption/share-keys/' . $filename );
$shareKeyPath = \OC\Files\Filesystem::normalizePath('/' . $owner . '/files_encryption/share-keys/' . $filename);
if ( $view->is_dir( $shareKeyPath ) ) {
if ($view->is_dir($shareKeyPath)) {
$localPath = \OC\Files\Filesystem::normalizePath( $view->getLocalFolder( $shareKeyPath ) );
self::recursiveDelShareKeys( $localPath, $userIds );
$localPath = \OC\Files\Filesystem::normalizePath($view->getLocalFolder($shareKeyPath));
self::recursiveDelShareKeys($localPath, $userIds);
} else {
foreach ( $userIds as $userId ) {
foreach ($userIds as $userId) {
if ( !$view->unlink( $shareKeyPath . '.' . $userId . '.shareKey' ) ) {
\OC_Log::write( 'Encryption library', 'Could not delete shareKey; does not exist: "' . $shareKeyPath . '.' . $userId . '.shareKey"', \OC_Log::ERROR );
if (!$view->unlink($shareKeyPath . '.' . $userId . '.shareKey')) {
\OCP\Util::writeLog('Encryption library',
'Could not delete shareKey; does not exist: "' . $shareKeyPath . '.' . $userId
. '.shareKey"', \OCP\Util::ERROR);
}
}
@ -517,42 +524,43 @@ class Keymanager
* @param string $dir directory
* @param array $userIds user ids for which the share keys should be deleted
*/
private static function recursiveDelShareKeys( $dir, $userIds ) {
foreach ( $userIds as $userId ) {
$matches = glob( preg_quote( $dir ) . '/*' . preg_quote( '.' . $userId . '.shareKey' ) );
private static function recursiveDelShareKeys($dir, $userIds) {
foreach ($userIds as $userId) {
$matches = glob(preg_quote($dir) . '/*' . preg_quote('.' . $userId . '.shareKey'));
}
/** @var $matches array */
foreach ( $matches as $ma ) {
if ( !unlink( $ma ) ) {
\OC_Log::write( 'Encryption library', 'Could not delete shareKey; does not exist: "' . $ma . '"', \OC_Log::ERROR );
foreach ($matches as $ma) {
if (!unlink($ma)) {
\OCP\Util::writeLog('Encryption library',
'Could not delete shareKey; does not exist: "' . $ma . '"', \OCP\Util::ERROR);
}
}
$subdirs = $directories = glob( preg_quote( $dir ) . '/*', GLOB_ONLYDIR );
foreach ( $subdirs as $subdir ) {
self::recursiveDelShareKeys( $subdir, $userIds );
$subdirs = $directories = glob(preg_quote($dir) . '/*', GLOB_ONLYDIR);
foreach ($subdirs as $subdir) {
self::recursiveDelShareKeys($subdir, $userIds);
}
}
/**
* @brief Make preparations to vars and filesystem for saving a keyfile
*/
public static function keySetPreparation( \OC_FilesystemView $view, $path, $basePath, $userId ) {
public static function keySetPreparation(\OC_FilesystemView $view, $path, $basePath, $userId) {
$targetPath = ltrim( $path, '/' );
$targetPath = ltrim($path, '/');
$path_parts = pathinfo( $targetPath );
$path_parts = pathinfo($targetPath);
// If the file resides within a subdirectory, create it
if (
isset( $path_parts['dirname'] )
&& !$view->file_exists( $basePath . '/' . $path_parts['dirname'] )
isset($path_parts['dirname'])
&& !$view->file_exists($basePath . '/' . $path_parts['dirname'])
) {
$sub_dirs = explode( DIRECTORY_SEPARATOR, $basePath . '/' . $path_parts['dirname'] );
$sub_dirs = explode(DIRECTORY_SEPARATOR, $basePath . '/' . $path_parts['dirname']);
$dir = '';
foreach ( $sub_dirs as $sub_dir ) {
foreach ($sub_dirs as $sub_dir) {
$dir .= '/' . $sub_dir;
if ( !$view->is_dir( $dir ) ) {
$view->mkdir( $dir );
if (!$view->is_dir($dir)) {
$view->mkdir($dir);
}
}
}

288
apps/files_encryption/lib/proxy.php
View file

@ -34,8 +34,7 @@ namespace OCA\Encryption;
* Class Proxy
* @package OCA\Encryption
*/
class Proxy extends \OC_FileProxy
{
class Proxy extends \OC_FileProxy {
private static $blackList = null; //mimetypes blacklisted from encryption
@ -48,13 +47,13 @@ class Proxy extends \OC_FileProxy
*
* Tests if server side encryption is enabled, and file is allowed by blacklists
*/
private static function shouldEncrypt( $path ) {
private static function shouldEncrypt($path) {
if ( is_null( self::$enableEncryption ) ) {
if (is_null(self::$enableEncryption)) {
if (
\OCP\Config::getAppValue( 'files_encryption', 'enable_encryption', 'true' ) == 'true'
&& Crypt::mode() == 'server'
\OCP\Config::getAppValue('files_encryption', 'enable_encryption', 'true') === 'true'
&& Crypt::mode() === 'server'
) {
self::$enableEncryption = true;
@ -67,27 +66,27 @@ class Proxy extends \OC_FileProxy
}
if ( !self::$enableEncryption ) {
if (!self::$enableEncryption) {
return false;
}
if ( is_null( self::$blackList ) ) {
if (is_null(self::$blackList)) {
self::$blackList = explode( ',', \OCP\Config::getAppValue( 'files_encryption', 'type_blacklist', '' ) );
self::$blackList = explode(',', \OCP\Config::getAppValue('files_encryption', 'type_blacklist', ''));
}
if ( Crypt::isCatfileContent( $path ) ) {
if (Crypt::isCatfileContent($path)) {
return true;
}
$extension = substr( $path, strrpos( $path, '.' ) + 1 );
$extension = substr($path, strrpos($path, '.') + 1);
if ( array_search( $extension, self::$blackList ) === false ) {
if (array_search($extension, self::$blackList) === false) {
return true;
@ -101,78 +100,44 @@ class Proxy extends \OC_FileProxy
* @param $data
* @return bool
*/
public function preFile_put_contents( $path, &$data ) {
public function preFile_put_contents($path, &$data) {
if ( self::shouldEncrypt( $path ) ) {
if (self::shouldEncrypt($path)) {
// Stream put contents should have been converted to fopen
if ( !is_resource( $data ) ) {
if (!is_resource($data)) {
$userId = \OCP\USER::getUser();
$view = new \OC_FilesystemView( '/' );
$util = new Util( $view, $userId );
$session = new Session( $view );
$privateKey = $session->getPrivateKey();
$filePath = $util->stripUserFilesPath( $path );
// Set the filesize for userland, before encrypting
$size = strlen( $data );
// get root view
$view = new \OC_FilesystemView('/');
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Check if there is an existing key we can reuse
if ( $encKeyfile = Keymanager::getFileKey( $view, $userId, $filePath ) ) {
// Fetch shareKey
$shareKey = Keymanager::getShareKey( $view, $userId, $filePath );
// Decrypt the keyfile
$plainKey = Crypt::multiKeyDecrypt( $encKeyfile, $shareKey, $privateKey );
} else {
// Make a new key
$plainKey = Crypt::generateKey();
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
if (!isset($relativePath)) {
return true;
}
// Encrypt data
$encData = Crypt::symmetricEncryptFileContent( $data, $plainKey );
$handle = fopen('crypt://' . $relativePath . '.etmp', 'w');
if (is_resource($handle)) {
$sharingEnabled = \OCP\Share::isEnabled();
// write data to stream
fwrite($handle, $data);
// if file exists try to get sharing users
if ( $view->file_exists( $path ) ) {
$uniqueUserIds = $util->getSharingUsersArray( $sharingEnabled, $filePath, $userId );
} else {
$uniqueUserIds[] = $userId;
// close stream
fclose($handle);
// disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// get encrypted content
$data = $view->file_get_contents($path . '.etmp');
// remove our temp file
$view->unlink($path . '.etmp');
// re-enable proxy - our work is done
\OC_FileProxy::$enabled = $proxyStatus;
}
// Fetch public keys for all users who will share the file
$publicKeys = Keymanager::getPublicKeys( $view, $uniqueUserIds );
// Encrypt plain keyfile to multiple sharefiles
$multiEncrypted = Crypt::multiKeyEncrypt( $plainKey, $publicKeys );
// Save sharekeys to user folders
Keymanager::setShareKeys( $view, $filePath, $multiEncrypted['keys'] );
// Set encrypted keyfile as common varname
$encKey = $multiEncrypted['data'];
// Save keyfile for newly encrypted file in parallel directory tree
Keymanager::setFileKey( $view, $filePath, $userId, $encKey );
// Replace plain content with encrypted content by reference
$data = $encData;
// Update the file cache with file info
\OC\Files\Filesystem::putFileInfo( $filePath, array( 'encrypted' => true, 'size' => strlen( $data ), 'unencrypted_size' => $size ), '' );
// Re-enable proxy - our work is done
\OC_FileProxy::$enabled = $proxyStatus;
}
}
@ -184,51 +149,46 @@ class Proxy extends \OC_FileProxy
* @param string $path Path of file from which has been read
* @param string $data Data that has been read from file
*/
public function postFile_get_contents( $path, $data ) {
public function postFile_get_contents($path, $data) {
$userId = \OCP\USER::getUser();
$view = new \OC_FilesystemView( '/' );
$util = new Util( $view, $userId );
$plainData = null;
$view = new \OC_FilesystemView('/');
$relPath = $util->stripUserFilesPath( $path );
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
// init session
$session = new Session( $view );
$session = new \OCA\Encryption\Session($view);
// If data is a catfile
if (
Crypt::mode() == 'server'
&& Crypt::isCatfileContent( $data )
Crypt::mode() === 'server'
&& Crypt::isCatfileContent($data)
) {
$privateKey = $session->getPrivateKey( $userId );
$handle = fopen('crypt://' . $relativePath, 'r');
// Get the encrypted keyfile
$encKeyfile = Keymanager::getFileKey( $view, $userId, $relPath );
// Attempt to fetch the user's shareKey
$shareKey = Keymanager::getShareKey( $view, $userId, $relPath );
// Decrypt keyfile with shareKey
$plainKeyfile = Crypt::multiKeyDecrypt( $encKeyfile, $shareKey, $privateKey );
$plainData = Crypt::symmetricDecryptFileContent( $data, $plainKeyfile );
if (is_resource($handle)) {
while (($plainDataChunk = fgets($handle, 8192)) !== false) {
$plainData .= $plainDataChunk;
}
}
} elseif (
Crypt::mode() == 'server'
&& isset( $_SESSION['legacyenckey'] )
&& Crypt::isEncryptedMeta( $path )
&& \OC::$session->exists('legacyenckey')
&& Crypt::isEncryptedMeta($path)
) {
$plainData = Crypt::legacyDecrypt( $data, $session->getLegacyKey() );
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$plainData = Crypt::legacyBlockDecrypt($data, $session->getLegacyKey());
\OC_FileProxy::$enabled = $proxyStatus;
}
\OC_FileProxy::$enabled = $proxyStatus;
if ( !isset( $plainData ) ) {
if (!isset($plainData)) {
$plainData = $data;
@ -241,10 +201,10 @@ class Proxy extends \OC_FileProxy
/**
* @brief When a file is deleted, remove its keyfile also
*/
public function preUnlink( $path ) {
public function preUnlink($path) {
// let the trashbin handle this
if ( \OCP\App::isEnabled( 'files_trashbin' ) ) {
if (\OCP\App::isEnabled('files_trashbin')) {
return true;
}
@ -252,23 +212,24 @@ class Proxy extends \OC_FileProxy
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$view = new \OC_FilesystemView( '/' );
$view = new \OC_FilesystemView('/');
$userId = \OCP\USER::getUser();
$util = new Util( $view, $userId );
$util = new Util($view, $userId);
// Format path to be relative to user files dir
$relPath = $util->stripUserFilesPath( $path );
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
list( $owner, $ownerPath ) = $util->getUidAndFilename( $relPath );
list($owner, $ownerPath) = $util->getUidAndFilename($relativePath);
// Delete keyfile & shareKey so it isn't orphaned
if ( !Keymanager::deleteFileKey( $view, $owner, $ownerPath ) ) {
\OC_Log::write( 'Encryption library', 'Keyfile or shareKey could not be deleted for file "' . $ownerPath . '"', \OC_Log::ERROR );
if (!Keymanager::deleteFileKey($view, $owner, $ownerPath)) {
\OCP\Util::writeLog('Encryption library',
'Keyfile or shareKey could not be deleted for file "' . $ownerPath . '"', \OCP\Util::ERROR);
}
Keymanager::delAllShareKeys( $view, $owner, $ownerPath );
Keymanager::delAllShareKeys($view, $owner, $ownerPath);
\OC_FileProxy::$enabled = $proxyStatus;
@ -282,8 +243,8 @@ class Proxy extends \OC_FileProxy
* @param $path
* @return bool
*/
public function postTouch( $path ) {
$this->handleFile( $path );
public function postTouch($path) {
$this->handleFile($path);
return true;
}
@ -293,20 +254,24 @@ class Proxy extends \OC_FileProxy
* @param $result
* @return resource
*/
public function postFopen( $path, &$result ) {
public function postFopen($path, &$result) {
if ( !$result ) {
$path = \OC\Files\Filesystem::normalizePath($path);
if (!$result) {
return $result;
}
// Reformat path for use with OC_FSV
$path_split = explode( '/', $path );
$path_f = implode( '/', array_slice( $path_split, 3 ) );
// split the path parts
$pathParts = explode('/', $path);
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
// FIXME: handling for /userId/cache used by webdav for chunking. The cache chunks are NOT encrypted
if ( count($path_split) >= 2 && $path_split[2] == 'cache' ) {
if (isset($pathParts[2]) && $pathParts[2] === 'cache') {
return $result;
}
@ -314,31 +279,31 @@ class Proxy extends \OC_FileProxy
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$meta = stream_get_meta_data( $result );
$meta = stream_get_meta_data($result);
$view = new \OC_FilesystemView( '' );
$view = new \OC_FilesystemView('');
$util = new Util( $view, \OCP\USER::getUser() );
$util = new Util($view, \OCP\USER::getUser());
// If file is already encrypted, decrypt using crypto protocol
if (
Crypt::mode() == 'server'
&& $util->isEncryptedPath( $path )
Crypt::mode() === 'server'
&& $util->isEncryptedPath($path)
) {
// Close the original encrypted file
fclose( $result );
fclose($result);
// Open the file using the crypto stream wrapper
// protocol and let it do the decryption work instead
$result = fopen( 'crypt://' . $path_f, $meta['mode'] );
$result = fopen('crypt://' . $relativePath, $meta['mode']);
} elseif (
self::shouldEncrypt( $path )
and $meta ['mode'] != 'r'
and $meta['mode'] != 'rb'
self::shouldEncrypt($path)
and $meta ['mode'] !== 'r'
and $meta['mode'] !== 'rb'
) {
$result = fopen( 'crypt://' . $path_f, $meta['mode'] );
$result = fopen('crypt://' . $relativePath, $meta['mode']);
}
// Re-enable the proxy
@ -353,17 +318,17 @@ class Proxy extends \OC_FileProxy
* @param $data
* @return array
*/
public function postGetFileInfo( $path, $data ) {
public function postGetFileInfo($path, $data) {
// if path is a folder do nothing
if ( is_array( $data ) && array_key_exists( 'size', $data ) ) {
if (is_array($data) && array_key_exists('size', $data)) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// get file size
$data['size'] = self::postFileSize( $path, $data['size'] );
$data['size'] = self::postFileSize($path, $data['size']);
// Re-enable the proxy
\OC_FileProxy::$enabled = $proxyStatus;
@ -377,51 +342,50 @@ class Proxy extends \OC_FileProxy
* @param $size
* @return bool
*/
public function postFileSize( $path, $size ) {
public function postFileSize($path, $size) {
$view = new \OC_FilesystemView( '/' );
$view = new \OC_FilesystemView('/');
// if path is a folder do nothing
if ( $view->is_dir( $path ) ) {
if ($view->is_dir($path)) {
return $size;
}
// Reformat path for use with OC_FSV
$path_split = explode( '/', $path );
$path_f = implode( '/', array_slice( $path_split, 3 ) );
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
// if path is empty we cannot resolve anything
if ( empty( $path_f ) ) {
if (empty($relativePath)) {
return $size;
}
$fileInfo = false;
// get file info from database/cache if not .part file
if ( !Keymanager::isPartialFilePath( $path ) ) {
$fileInfo = $view->getFileInfo( $path );
if (!Keymanager::isPartialFilePath($path)) {
$fileInfo = $view->getFileInfo($path);
}
// if file is encrypted return real file size
if ( is_array( $fileInfo ) && $fileInfo['encrypted'] === true ) {
if (is_array($fileInfo) && $fileInfo['encrypted'] === true) {
$size = $fileInfo['unencrypted_size'];
} else {
// self healing if file was removed from file cache
if ( !is_array( $fileInfo ) ) {
if (!is_array($fileInfo)) {
$fileInfo = array();
}
$userId = \OCP\User::getUser();
$util = new Util( $view, $userId );
$fixSize = $util->getFileSize( $path );
if ( $fixSize > 0 ) {
$util = new Util($view, $userId);
$fixSize = $util->getFileSize($path);
if ($fixSize > 0) {
$size = $fixSize;
$fileInfo['encrypted'] = true;
$fileInfo['unencrypted_size'] = $size;
// put file info if not .part file
if ( !Keymanager::isPartialFilePath( $path_f ) ) {
$view->putFileInfo( $path, $fileInfo );
if (!Keymanager::isPartialFilePath($relativePath)) {
$view->putFileInfo($path, $fileInfo);
}
}
@ -432,32 +396,34 @@ class Proxy extends \OC_FileProxy
/**
* @param $path
*/
public function handleFile( $path ) {
public function handleFile($path) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$view = new \OC_FilesystemView( '/' );
$session = new Session( $view );
$view = new \OC_FilesystemView('/');
$session = new \OCA\Encryption\Session($view);
$userId = \OCP\User::getUser();
$util = new Util( $view, $userId );
$util = new Util($view, $userId);
// Reformat path for use with OC_FSV
$path_split = explode( '/', $path );
$path_f = implode( '/', array_slice( $path_split, 3 ) );
// split the path parts
$pathParts = explode('/', $path);
// get relative path
$relativePath = \OCA\Encryption\Helper::stripUserFilesPath($path);
// only if file is on 'files' folder fix file size and sharing
if ( count($path_split) >= 2 && $path_split[2] == 'files' && $util->fixFileSize( $path ) ) {
if (isset($pathParts[2]) && $pathParts[2] === 'files' && $util->fixFileSize($path)) {
// get sharing app state
$sharingEnabled = \OCP\Share::isEnabled();
// get users
$usersSharing = $util->getSharingUsersArray( $sharingEnabled, $path_f );
$usersSharing = $util->getSharingUsersArray($sharingEnabled, $relativePath);
// update sharing-keys
$util->setSharedFileKeyfiles( $session, $usersSharing, $path_f );
$util->setSharedFileKeyfiles($session, $usersSharing, $relativePath);
}
\OC_FileProxy::$enabled = $proxyStatus;

111
apps/files_encryption/lib/session.php
View file

@ -26,8 +26,7 @@ namespace OCA\Encryption;
* Class for handling encryption related session data
*/
class Session
{
class Session {
private $view;
@ -37,26 +36,26 @@ class Session
*
* @note The ownCloud key pair is used to allow public link sharing even if encryption is enabled
*/
public function __construct( $view ) {
public function __construct($view) {
$this->view = $view;
if ( !$this->view->is_dir( 'owncloud_private_key' ) ) {
if (!$this->view->is_dir('owncloud_private_key')) {
$this->view->mkdir( 'owncloud_private_key' );
$this->view->mkdir('owncloud_private_key');
}
$publicShareKeyId = \OC_Appconfig::getValue( 'files_encryption', 'publicShareKeyId' );
$publicShareKeyId = \OC_Appconfig::getValue('files_encryption', 'publicShareKeyId');
if ( $publicShareKeyId === null ) {
$publicShareKeyId = 'pubShare_' . substr( md5( time() ), 0, 8 );
\OC_Appconfig::setValue( 'files_encryption', 'publicShareKeyId', $publicShareKeyId );
if ($publicShareKeyId === null) {
$publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8);
\OC_Appconfig::setValue('files_encryption', 'publicShareKeyId', $publicShareKeyId);
}
if (
!$this->view->file_exists( "/public-keys/" . $publicShareKeyId . ".public.key" )
|| !$this->view->file_exists( "/owncloud_private_key/" . $publicShareKeyId . ".private.key" )
!$this->view->file_exists("/public-keys/" . $publicShareKeyId . ".public.key")
|| !$this->view->file_exists("/owncloud_private_key/" . $publicShareKeyId . ".private.key")
) {
$keypair = Crypt::createKeypair();
@ -67,33 +66,32 @@ class Session
// Save public key
if ( !$view->is_dir( '/public-keys' ) ) {
$view->mkdir( '/public-keys' );
if (!$view->is_dir('/public-keys')) {
$view->mkdir('/public-keys');
}
$this->view->file_put_contents( '/public-keys/' . $publicShareKeyId . '.public.key', $keypair['publicKey'] );
$this->view->file_put_contents('/public-keys/' . $publicShareKeyId . '.public.key', $keypair['publicKey']);
// Encrypt private key empty passphrase
$encryptedPrivateKey = Crypt::symmetricEncryptFileContent( $keypair['privateKey'], '' );
$encryptedPrivateKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], '');
// Save private key
$this->view->file_put_contents( '/owncloud_private_key/' . $publicShareKeyId . '.private.key', $encryptedPrivateKey );
$this->view->file_put_contents(
'/owncloud_private_key/' . $publicShareKeyId . '.private.key', $encryptedPrivateKey);
\OC_FileProxy::$enabled = $proxyStatus;
}
if ( \OCP\USER::getUser() === false ||
( isset( $_GET['service'] ) && $_GET['service'] == 'files' &&
isset( $_GET['t'] ) )
) {
if (\OCA\Encryption\Helper::isPublicAccess()) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$encryptedKey = $this->view->file_get_contents( '/owncloud_private_key/' . $publicShareKeyId . '.private.key' );
$privateKey = Crypt::symmetricDecryptFileContent( $encryptedKey, '' );
$this->setPrivateKey( $privateKey );
$encryptedKey = $this->view->file_get_contents(
'/owncloud_private_key/' . $publicShareKeyId . '.private.key');
$privateKey = Crypt::decryptPrivateKey($encryptedKey, '');
$this->setPublicSharePrivateKey($privateKey);
\OC_FileProxy::$enabled = $proxyStatus;
}
@ -103,45 +101,71 @@ class Session
* @brief Sets user private key to session
* @param string $privateKey
* @return bool
*
* @note this should only be set on login
*/
public function setPrivateKey( $privateKey ) {
public function setPrivateKey($privateKey) {
$_SESSION['privateKey'] = $privateKey;
\OC::$session->set('privateKey', $privateKey);
return true;
}
/**
* @brief Gets user private key from session
* @brief Gets user or public share private key from session
* @returns string $privateKey The user's plaintext private key
*
*/
public function getPrivateKey() {
if (
isset( $_SESSION['privateKey'] )
&& !empty( $_SESSION['privateKey'] )
) {
return $_SESSION['privateKey'];
// return the public share private key if this is a public access
if (\OCA\Encryption\Helper::isPublicAccess()) {
return $this->getPublicSharePrivateKey();
} else {
return false;
if (!is_null(\OC::$session->get('privateKey'))) {
return \OC::$session->get('privateKey');
} else {
return false;
}
}
}
/**
* @brief Sets public user private key to session
* @param string $privateKey
* @return bool
*/
public function setPublicSharePrivateKey($privateKey) {
\OC::$session->set('publicSharePrivateKey', $privateKey);
return true;
}
/**
* @brief Gets public share private key from session
* @returns string $privateKey
*
*/
public function getPublicSharePrivateKey() {
if (!is_null(\OC::$session->get('publicSharePrivateKey'))) {
return \OC::$session->get('publicSharePrivateKey');
} else {
return false;
}
}
/**
* @brief Sets user legacy key to session
* @param $legacyKey
* @return bool
*/
public function setLegacyKey( $legacyKey ) {
public function setLegacyKey($legacyKey) {
$_SESSION['legacyKey'] = $legacyKey;
\OC::$session->set('legacyKey', $legacyKey);
return true;
}
@ -153,12 +177,9 @@ class Session
*/
public function getLegacyKey() {
if (
isset( $_SESSION['legacyKey'] )
&& !empty( $_SESSION['legacyKey'] )
) {
if (!is_null(\OC::$session->get('legacyKey'))) {
return $_SESSION['legacyKey'];
return \OC::$session->get('legacyKey');
} else {
@ -168,4 +189,4 @@ class Session
}
}
}

216
apps/files_encryption/lib/stream.php
View file

@ -48,8 +48,7 @@ namespace OCA\Encryption;
* previous version deleted, this is handled by OC\Files\View, and thus the
* encryption proxies are used and keyfiles deleted.
*/
class Stream
{
class Stream {
private $plainKey;
private $encKeyfiles;
@ -57,18 +56,21 @@ class Stream
private $relPath; // rel path to users file dir
private $userId;
private $handle; // Resource returned by fopen
private $path;
private $readBuffer; // For streams that dont support seeking
private $meta = array(); // Header / meta for source stream
private $count;
private $writeCache;
private $size;
private $unencryptedSize;
private $publicKey;
private $keyfile;
private $encKeyfile;
private static $view; // a fsview object set to user dir
/**
* @var \OC\Files\View
*/
private $rootView; // a fsview object set to '/'
/**
* @var \OCA\Encryption\Session
*/
private $session;
private $privateKey;
/**
* @param $path
@ -77,18 +79,22 @@ class Stream
* @param $opened_path
* @return bool
*/
public function stream_open( $path, $mode, $options, &$opened_path ) {
public function stream_open($path, $mode, $options, &$opened_path) {
if ( !isset( $this->rootView ) ) {
$this->rootView = new \OC_FilesystemView( '/' );
if (!isset($this->rootView)) {
$this->rootView = new \OC_FilesystemView('/');
}
$util = new Util( $this->rootView, \OCP\USER::getUser() );
$this->session = new \OCA\Encryption\Session($this->rootView);
$this->privateKey = $this->session->getPrivateKey($this->userId);
$util = new Util($this->rootView, \OCP\USER::getUser());
$this->userId = $util->getUserId();
// Strip identifier text from path, this gives us the path relative to data/<user>/files
$this->relPath = \OC\Files\Filesystem::normalizePath( str_replace( 'crypt://', '', $path ) );
$this->relPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path));
// rawPath is relative to the data directory
$this->rawPath = $util->getUserFilesDir() . $this->relPath;
@ -98,10 +104,10 @@ class Stream
\OC_FileProxy::$enabled = false;
if (
$mode == 'w'
or $mode == 'w+'
or $mode == 'wb'
or $mode == 'wb+'
$mode === 'w'
or $mode === 'w+'
or $mode === 'wb'
or $mode === 'wb+'
) {
// We're writing a new file so start write counter with 0 bytes
@ -110,25 +116,30 @@ class Stream
} else {
$this->size = $this->rootView->filesize( $this->rawPath, $mode );
if($this->privateKey === false) {
// if private key is not valid redirect user to a error page
\OCA\Encryption\Helper::redirectToErrorPage();
}
$this->size = $this->rootView->filesize($this->rawPath, $mode);
}
$this->handle = $this->rootView->fopen( $this->rawPath, $mode );
$this->handle = $this->rootView->fopen($this->rawPath, $mode);
\OC_FileProxy::$enabled = $proxyStatus;
if ( !is_resource( $this->handle ) ) {
if (!is_resource($this->handle)) {
\OCP\Util::writeLog( 'files_encryption', 'failed to open file "' . $this->rawPath . '"', \OCP\Util::ERROR );
\OCP\Util::writeLog('Encryption library', 'failed to open file "' . $this->rawPath . '"', \OCP\Util::ERROR);
} else {
$this->meta = stream_get_meta_data( $this->handle );
$this->meta = stream_get_meta_data($this->handle);
}
return is_resource( $this->handle );
return is_resource($this->handle);
}
@ -136,11 +147,11 @@ class Stream
* @param $offset
* @param int $whence
*/
public function stream_seek( $offset, $whence = SEEK_SET ) {
public function stream_seek($offset, $whence = SEEK_SET) {
$this->flush();
fseek( $this->handle, $offset, $whence );
fseek($this->handle, $offset, $whence);
}
@ -149,37 +160,39 @@ class Stream
* @return bool|string
* @throws \Exception
*/
public function stream_read( $count ) {
public function stream_read($count) {
$this->writeCache = '';
if ( $count != 8192 ) {
if ($count !== 8192) {
// $count will always be 8192 https://bugs.php.net/bug.php?id=21641
// This makes this function a lot simpler, but will break this class if the above 'bug' gets 'fixed'
\OCP\Util::writeLog( 'files_encryption', 'PHP "bug" 21641 no longer holds, decryption system requires refactoring', \OCP\Util::FATAL );
\OCP\Util::writeLog('Encryption library', 'PHP "bug" 21641 no longer holds, decryption system requires refactoring', \OCP\Util::FATAL);
die();
}
// Get the data from the file handle
$data = fread( $this->handle, 8192 );
$data = fread($this->handle, 8192);
$result = '';
$result = null;
if ( strlen( $data ) ) {
if (strlen($data)) {
if ( !$this->getKey() ) {
if (!$this->getKey()) {
// Error! We don't have a key to decrypt the file with
throw new \Exception( 'Encryption key not found for "' . $this->rawPath . '" during attempted read via stream' );
throw new \Exception(
'Encryption key not found for "' . $this->rawPath . '" during attempted read via stream');
} else {
// Decrypt data
$result = Crypt::symmetricDecryptFileContent($data, $this->plainKey);
}
// Decrypt data
$result = Crypt::symmetricDecryptFileContent( $data, $this->plainKey );
}
return $result;
@ -192,10 +205,10 @@ class Stream
* @param string $key key to use for encryption
* @return string encrypted data on success, false on failure
*/
public function preWriteEncrypt( $plainData, $key ) {
public function preWriteEncrypt($plainData, $key) {
// Encrypt data to 'catfile', which includes IV
if ( $encrypted = Crypt::symmetricEncryptFileContent( $plainData, $key ) ) {
if ($encrypted = Crypt::symmetricEncryptFileContent($plainData, $key)) {
return $encrypted;
@ -215,7 +228,7 @@ class Stream
public function getKey() {
// Check if key is already set
if ( isset( $this->plainKey ) && isset( $this->encKeyfile ) ) {
if (isset($this->plainKey) && isset($this->encKeyfile)) {
return true;
@ -223,18 +236,23 @@ class Stream
// Fetch and decrypt keyfile
// Fetch existing keyfile
$this->encKeyfile = Keymanager::getFileKey( $this->rootView, $this->userId, $this->relPath );
$this->encKeyfile = Keymanager::getFileKey($this->rootView, $this->userId, $this->relPath);
// If a keyfile already exists
if ( $this->encKeyfile ) {
if ($this->encKeyfile) {
$session = new Session( $this->rootView );
// if there is no valid private key return false
if ($this->privateKey === false) {
$privateKey = $session->getPrivateKey( $this->userId );
// if private key is not valid redirect user to a error page
\OCA\Encryption\Helper::redirectToErrorPage();
$shareKey = Keymanager::getShareKey( $this->rootView, $this->userId, $this->relPath );
return false;
}
$this->plainKey = Crypt::multiKeyDecrypt( $this->encKeyfile, $shareKey, $privateKey );
$shareKey = Keymanager::getShareKey($this->rootView, $this->userId, $this->relPath);
$this->plainKey = Crypt::multiKeyDecrypt($this->encKeyfile, $shareKey, $this->privateKey);
return true;
@ -255,7 +273,13 @@ class Stream
* @note Padding is added to each encrypted block to ensure that the resulting block is exactly 8192 bytes. This is removed during stream_read
* @note PHP automatically updates the file pointer after writing data to reflect it's length. There is generally no need to update the poitner manually using fseek
*/
public function stream_write( $data ) {
public function stream_write($data) {
// if there is no valid private key return false
if ($this->privateKey === false) {
$this->size = 0;
return strlen($data);
}
// Disable the file proxies so that encryption is not
// automatically attempted when the file is written to disk -
@ -265,16 +289,16 @@ class Stream
\OC_FileProxy::$enabled = false;
// Get the length of the unencrypted data that we are handling
$length = strlen( $data );
$length = strlen($data);
// Find out where we are up to in the writing of data to the
// file
$pointer = ftell( $this->handle );
$pointer = ftell($this->handle);
// Get / generate the keyfile for the file we're handling
// If we're writing a new file (not overwriting an existing
// one), save the newly generated keyfile
if ( !$this->getKey() ) {
if (!$this->getKey()) {
$this->plainKey = Crypt::generateKey();
@ -282,7 +306,7 @@ class Stream
// If extra data is left over from the last round, make sure it
// is integrated into the next 6126 / 8192 block
if ( $this->writeCache ) {
if ($this->writeCache) {
// Concat writeCache to start of $data
$data = $this->writeCache . $data;
@ -294,15 +318,15 @@ class Stream
}
// While there still remains some data to be processed & written
while ( strlen( $data ) > 0 ) {
while (strlen($data) > 0) {
// Remaining length for this iteration, not of the
// entire file (may be greater than 8192 bytes)
$remainingLength = strlen( $data );
$remainingLength = strlen($data);
// If data remaining to be written is less than the
// size of 1 6126 byte block
if ( $remainingLength < 6126 ) {
if ($remainingLength < 6126) {
// Set writeCache to contents of $data
// The writeCache will be carried over to the
@ -320,25 +344,25 @@ class Stream
} else {
// Read the chunk from the start of $data
$chunk = substr( $data, 0, 6126 );
$chunk = substr($data, 0, 6126);
$encrypted = $this->preWriteEncrypt( $chunk, $this->plainKey );
$encrypted = $this->preWriteEncrypt($chunk, $this->plainKey);
// Write the data chunk to disk. This will be
// attended to the last data chunk if the file
// being handled totals more than 6126 bytes
fwrite( $this->handle, $encrypted );
fwrite($this->handle, $encrypted);
// Remove the chunk we just processed from
// $data, leaving only unprocessed data in $data
// var, for handling on the next round
$data = substr( $data, 6126 );
$data = substr($data, 6126);
}
}
$this->size = max( $this->size, $pointer + $length );
$this->size = max($this->size, $pointer + $length);
$this->unencryptedSize += $length;
\OC_FileProxy::$enabled = $proxyStatus;
@ -353,17 +377,17 @@ class Stream
* @param $arg1
* @param $arg2
*/
public function stream_set_option( $option, $arg1, $arg2 ) {
public function stream_set_option($option, $arg1, $arg2) {
$return = false;
switch ( $option ) {
switch ($option) {
case STREAM_OPTION_BLOCKING:
$return = stream_set_blocking( $this->handle, $arg1 );
$return = stream_set_blocking($this->handle, $arg1);
break;
case STREAM_OPTION_READ_TIMEOUT:
$return = stream_set_timeout( $this->handle, $arg1, $arg2 );
$return = stream_set_timeout($this->handle, $arg1, $arg2);
break;
case STREAM_OPTION_WRITE_BUFFER:
$return = stream_set_write_buffer( $this->handle, $arg1 );
$return = stream_set_write_buffer($this->handle, $arg1);
}
return $return;
@ -373,14 +397,14 @@ class Stream
* @return array
*/
public function stream_stat() {
return fstat( $this->handle );
return fstat($this->handle);
}
/**
* @param $mode
*/
public function stream_lock( $mode ) {
return flock( $this->handle, $mode );
public function stream_lock($mode) {
return flock($this->handle, $mode);
}
/**
@ -388,7 +412,7 @@ class Stream
*/
public function stream_flush() {
return fflush( $this->handle );
return fflush($this->handle);
// Not a typo: http://php.net/manual/en/function.fflush.php
}
@ -397,19 +421,19 @@ class Stream
* @return bool
*/
public function stream_eof() {
return feof( $this->handle );
return feof($this->handle);
}
private function flush() {
if ( $this->writeCache ) {
if ($this->writeCache) {
// Set keyfile property for file in question
$this->getKey();
$encrypted = $this->preWriteEncrypt( $this->writeCache, $this->plainKey );
$encrypted = $this->preWriteEncrypt($this->writeCache, $this->plainKey);
fwrite( $this->handle, $encrypted );
fwrite($this->handle, $encrypted);
$this->writeCache = '';
@ -424,43 +448,63 @@ class Stream
$this->flush();
// if there is no valid private key return false
if ($this->privateKey === false) {
// cleanup
if ($this->meta['mode'] !== 'r' && $this->meta['mode'] !== 'rb') {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
if ($this->rootView->file_exists($this->rawPath) && $this->size === 0) {
$this->rootView->unlink($this->rawPath);
}
// Re-enable proxy - our work is done
\OC_FileProxy::$enabled = $proxyStatus;
}
// if private key is not valid redirect user to a error page
\OCA\Encryption\Helper::redirectToErrorPage();
}
if (
$this->meta['mode'] != 'r'
and $this->meta['mode'] != 'rb'
and $this->size > 0
$this->meta['mode'] !== 'r'
and $this->meta['mode'] !== 'rb'
and $this->size > 0
) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Fetch user's public key
$this->publicKey = Keymanager::getPublicKey( $this->rootView, $this->userId );
$this->publicKey = Keymanager::getPublicKey($this->rootView, $this->userId);
// Check if OC sharing api is enabled
$sharingEnabled = \OCP\Share::isEnabled();
$util = new Util( $this->rootView, $this->userId );
$util = new Util($this->rootView, $this->userId);
// Get all users sharing the file includes current user
$uniqueUserIds = $util->getSharingUsersArray( $sharingEnabled, $this->relPath, $this->userId );
$uniqueUserIds = $util->getSharingUsersArray($sharingEnabled, $this->relPath, $this->userId);
// Fetch public keys for all sharing users
$publicKeys = Keymanager::getPublicKeys( $this->rootView, $uniqueUserIds );
$publicKeys = Keymanager::getPublicKeys($this->rootView, $uniqueUserIds);
// Encrypt enc key for all sharing users
$this->encKeyfiles = Crypt::multiKeyEncrypt( $this->plainKey, $publicKeys );
$view = new \OC_FilesystemView( '/' );
$this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
// Save the new encrypted file key
Keymanager::setFileKey( $this->rootView, $this->relPath, $this->userId, $this->encKeyfiles['data'] );
Keymanager::setFileKey($this->rootView, $this->relPath, $this->userId, $this->encKeyfiles['data']);
// Save the sharekeys
Keymanager::setShareKeys( $view, $this->relPath, $this->encKeyfiles['keys'] );
Keymanager::setShareKeys($this->rootView, $this->relPath, $this->encKeyfiles['keys']);
// get file info
$fileInfo = $view->getFileInfo( $this->rawPath );
if ( !is_array( $fileInfo ) ) {
$fileInfo = $this->rootView->getFileInfo($this->rawPath);
if (!is_array($fileInfo)) {
$fileInfo = array();
}
@ -473,10 +517,10 @@ class Stream
$fileInfo['unencrypted_size'] = $this->unencryptedSize;
// set fileinfo
$view->putFileInfo( $this->rawPath, $fileInfo );
$this->rootView->putFileInfo($this->rawPath, $fileInfo);
}
return fclose( $this->handle );
return fclose($this->handle);
}

892
apps/files_encryption/lib/util.php
View file

File diff suppressed because it is too large Load diff

12
apps/files_encryption/settings-admin.php
View file

@ -8,16 +8,16 @@
\OC_Util::checkAdminUser();
$tmpl = new OCP\Template( 'files_encryption', 'settings-admin' );
$tmpl = new OCP\Template('files_encryption', 'settings-admin');
// Check if an adminRecovery account is enabled for recovering files after lost pwd
$view = new OC_FilesystemView( '' );
$view = new OC_FilesystemView('');
$recoveryAdminEnabled = OC_Appconfig::getValue( 'files_encryption', 'recoveryAdminEnabled' );
$recoveryAdminEnabled = OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled');
$tmpl->assign( 'recoveryEnabled', $recoveryAdminEnabled );
$tmpl->assign('recoveryEnabled', $recoveryAdminEnabled);
\OCP\Util::addscript( 'files_encryption', 'settings-admin' );
\OCP\Util::addscript( 'core', 'multiselect' );
\OCP\Util::addscript('files_encryption', 'settings-admin');
\OCP\Util::addscript('core', 'multiselect');
return $tmpl->fetchPage();

33
apps/files_encryption/settings-personal.php
View file

@ -7,22 +7,33 @@
*/
// Add CSS stylesheet
\OC_Util::addStyle( 'files_encryption', 'settings-personal' );
$tmpl = new OCP\Template( 'files_encryption', 'settings-personal');
\OC_Util::addStyle('files_encryption', 'settings-personal');
$tmpl = new OCP\Template('files_encryption', 'settings-personal');
$user = \OCP\USER::getUser();
$view = new \OC_FilesystemView( '/' );
$util = new \OCA\Encryption\Util( $view, $user );
$view = new \OC_FilesystemView('/');
$util = new \OCA\Encryption\Util($view, $user);
$session = new \OCA\Encryption\Session($view);
$recoveryAdminEnabled = OC_Appconfig::getValue( 'files_encryption', 'recoveryAdminEnabled' );
$privateKeySet = ($session->getPrivateKey() !== false) ? true : false;
$recoveryAdminEnabled = OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled');
$recoveryEnabledForUser = $util->recoveryEnabledForUser();
\OCP\Util::addscript( 'files_encryption', 'settings-personal' );
\OCP\Util::addScript( 'settings', 'personal' );
$result = false;
$tmpl->assign( 'recoveryEnabled', $recoveryAdminEnabled );
$tmpl->assign( 'recoveryEnabledForUser', $recoveryEnabledForUser );
if ($recoveryAdminEnabled || !$privateKeySet) {
return $tmpl->fetchPage();
\OCP\Util::addscript('files_encryption', 'settings-personal');
\OCP\Util::addScript('settings', 'personal');
$tmpl->assign('recoveryEnabled', $recoveryAdminEnabled);
$tmpl->assign('recoveryEnabledForUser', $recoveryEnabledForUser);
$tmpl->assign('privateKeySet', $privateKeySet);
$result = $tmpl->fetchPage();
}
return $result;

10
apps/files_encryption/templates/invalid_private_key.php Normal file
View file

@ -0,0 +1,10 @@
<ul>
<li class='error'>
<?php $location = \OC_Helper::linkToRoute( "settings_personal" ).'#changePKPasswd' ?>
<?php p($l->t('Your private key is not valid! Maybe the your password was changed from outside.')); ?>
<br/>
<?php p($l->t('You can unlock your private key in your ')); ?> <a href="<?php echo $location?>"><?php p($l->t('personal settings')); ?>.</a>
<br/>
</li>
</ul>

Some files were not shown because too many files have changed in this diff Show more