fix checkstyle for files_encryption app, add whitespace for readability
This commit is contained in:
Jörn Friedrich Dreyer
parent
3b83fe1530
commit
df21ebeaf7
8 changed files with 76 additions and 64 deletions
|
|
@ -10,10 +10,12 @@ OCP\Util::connectHook('OC_User', 'post_login', 'OC_Crypt', 'loginListener');
|
|||
|
||||
stream_wrapper_register('crypt', 'OC_CryptStream');
|
||||
|
||||
if(!isset($_SESSION['enckey']) and OCP\User::isLoggedIn()) {//force the user to re-loggin if the encryption key isn't unlocked (happens when a user is logged in before the encryption app is enabled)
|
||||
// force the user to re-loggin if the encryption key isn't unlocked
|
||||
// (happens when a user is logged in before the encryption app is enabled)
|
||||
if ( ! isset($_SESSION['enckey']) and OCP\User::isLoggedIn()) {
|
||||
OCP\User::logout();
|
||||
header("Location: ".OC::$WEBROOT.'/');
|
||||
exit();
|
||||
}
|
||||
|
||||
OCP\App::registerAdmin('files_encryption', 'settings');
|
||||
OCP\App::registerAdmin('files_encryption', 'settings');
|
||||
|
|
@ -27,7 +27,8 @@
|
|||
// - Setting if crypto should be on by default
|
||||
// - Add a setting "Don´t encrypt files larger than xx because of performance reasons"
|
||||
// - Transparent decrypt/encrypt in filesystem.php. Autodetect if a file is encrypted (.encrypted extension)
|
||||
// - Don't use a password directly as encryption key. but a key which is stored on the server and encrypted with the user password. -> password change faster
|
||||
// - Don't use a password directly as encryption key, but a key which is stored on the server and encrypted with the
|
||||
// user password. -> password change faster
|
||||
// - IMPORTANT! Check if the block lenght of the encrypted data stays the same
|
||||
|
||||
|
||||
|
|
@ -45,12 +46,12 @@ class OC_Crypt {
|
|||
|
||||
public static function init($login, $password) {
|
||||
$view=new OC_FilesystemView('/');
|
||||
if(!$view->file_exists('/'.$login)) {
|
||||
if ( ! $view->file_exists('/'.$login)) {
|
||||
$view->mkdir('/'.$login);
|
||||
}
|
||||
|
||||
OC_FileProxy::$enabled=false;
|
||||
if(!$view->file_exists('/'.$login.'/encryption.key')) {// does key exist?
|
||||
if ( ! $view->file_exists('/'.$login.'/encryption.key')) {// does key exist?
|
||||
OC_Crypt::createkey($login, $password);
|
||||
}
|
||||
$key=$view->file_get_contents('/'.$login.'/encryption.key');
|
||||
|
|
@ -67,13 +68,13 @@ class OC_Crypt {
|
|||
* if the key is left out, the default handeler will be used
|
||||
*/
|
||||
public static function getBlowfish($key='') {
|
||||
if($key) {
|
||||
if ($key) {
|
||||
return new Crypt_Blowfish($key);
|
||||
}else{
|
||||
if(!isset($_SESSION['enckey'])) {
|
||||
} else {
|
||||
if ( ! isset($_SESSION['enckey'])) {
|
||||
return false;
|
||||
}
|
||||
if(!self::$bf) {
|
||||
if ( ! self::$bf) {
|
||||
self::$bf=new Crypt_Blowfish($_SESSION['enckey']);
|
||||
}
|
||||
return self::$bf;
|
||||
|
|
@ -96,7 +97,7 @@ class OC_Crypt {
|
|||
}
|
||||
|
||||
public static function changekeypasscode($oldPassword, $newPassword) {
|
||||
if(OCP\User::isLoggedIn()) {
|
||||
if (OCP\User::isLoggedIn()) {
|
||||
$username=OCP\USER::getUser();
|
||||
$view=new OC_FilesystemView('/'.$username);
|
||||
|
||||
|
|
@ -151,7 +152,7 @@ class OC_Crypt {
|
|||
*/
|
||||
public static function encryptFile( $source, $target, $key='') {
|
||||
$handleread = fopen($source, "rb");
|
||||
if($handleread!=false) {
|
||||
if ($handleread!=false) {
|
||||
$handlewrite = fopen($target, "wb");
|
||||
while (!feof($handleread)) {
|
||||
$content = fread($handleread, 8192);
|
||||
|
|
@ -174,12 +175,12 @@ class OC_Crypt {
|
|||
*/
|
||||
public static function decryptFile( $source, $target, $key='') {
|
||||
$handleread = fopen($source, "rb");
|
||||
if($handleread!=false) {
|
||||
if ($handleread!=false) {
|
||||
$handlewrite = fopen($target, "wb");
|
||||
while (!feof($handleread)) {
|
||||
$content = fread($handleread, 8192);
|
||||
$enccontent=OC_CRYPT::decrypt( $content, $key);
|
||||
if(feof($handleread)) {
|
||||
if (feof($handleread)) {
|
||||
$enccontent=rtrim($enccontent, "\0");
|
||||
}
|
||||
fwrite($handlewrite, $enccontent);
|
||||
|
|
@ -194,7 +195,7 @@ class OC_Crypt {
|
|||
*/
|
||||
public static function blockEncrypt($data, $key='') {
|
||||
$result='';
|
||||
while(strlen($data)) {
|
||||
while (strlen($data)) {
|
||||
$result.=self::encrypt(substr($data, 0, 8192), $key);
|
||||
$data=substr($data, 8192);
|
||||
}
|
||||
|
|
@ -206,13 +207,13 @@ class OC_Crypt {
|
|||
*/
|
||||
public static function blockDecrypt($data, $key='', $maxLength=0) {
|
||||
$result='';
|
||||
while(strlen($data)) {
|
||||
while (strlen($data)) {
|
||||
$result.=self::decrypt(substr($data, 0, 8192), $key);
|
||||
$data=substr($data, 8192);
|
||||
}
|
||||
if($maxLength>0) {
|
||||
if ($maxLength>0) {
|
||||
return substr($result, 0, $maxLength);
|
||||
}else{
|
||||
} else {
|
||||
return rtrim($result, "\0");
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,8 +23,9 @@
|
|||
/**
|
||||
* transparently encrypted filestream
|
||||
*
|
||||
* you can use it as wrapper around an existing stream by setting OC_CryptStream::$sourceStreams['foo']=array('path'=>$path, 'stream'=>$stream)
|
||||
* and then fopen('crypt://streams/foo');
|
||||
* you can use it as wrapper around an existing stream by setting
|
||||
* OC_CryptStream::$sourceStreams['foo']=array('path'=>$path, 'stream'=>$stream)
|
||||
* and then fopen('crypt://streams/foo');
|
||||
*/
|
||||
|
||||
class OC_CryptStream{
|
||||
|
|
@ -37,29 +38,29 @@ class OC_CryptStream{
|
|||
private static $rootView;
|
||||
|
||||
public function stream_open($path, $mode, $options, &$opened_path) {
|
||||
if(!self::$rootView) {
|
||||
if ( ! self::$rootView) {
|
||||
self::$rootView=new OC_FilesystemView('');
|
||||
}
|
||||
$path=str_replace('crypt://', '', $path);
|
||||
if(dirname($path)=='streams' and isset(self::$sourceStreams[basename($path)])) {
|
||||
if (dirname($path)=='streams' and isset(self::$sourceStreams[basename($path)])) {
|
||||
$this->source=self::$sourceStreams[basename($path)]['stream'];
|
||||
$this->path=self::$sourceStreams[basename($path)]['path'];
|
||||
$this->size=self::$sourceStreams[basename($path)]['size'];
|
||||
}else{
|
||||
} else {
|
||||
$this->path=$path;
|
||||
if($mode=='w' or $mode=='w+' or $mode=='wb' or $mode=='wb+') {
|
||||
if ($mode=='w' or $mode=='w+' or $mode=='wb' or $mode=='wb+') {
|
||||
$this->size=0;
|
||||
}else{
|
||||
} else {
|
||||
$this->size=self::$rootView->filesize($path, $mode);
|
||||
}
|
||||
OC_FileProxy::$enabled=false;//disable fileproxies so we can open the source file
|
||||
$this->source=self::$rootView->fopen($path, $mode);
|
||||
OC_FileProxy::$enabled=true;
|
||||
if(!is_resource($this->source)) {
|
||||
if ( ! is_resource($this->source)) {
|
||||
OCP\Util::writeLog('files_encryption', 'failed to open '.$path, OCP\Util::ERROR);
|
||||
}
|
||||
}
|
||||
if(is_resource($this->source)) {
|
||||
if (is_resource($this->source)) {
|
||||
$this->meta=stream_get_meta_data($this->source);
|
||||
}
|
||||
return is_resource($this->source);
|
||||
|
|
@ -78,19 +79,21 @@ class OC_CryptStream{
|
|||
//$count will always be 8192 https://bugs.php.net/bug.php?id=21641
|
||||
//This makes this function a lot simpler but will breake everything the moment it's fixed
|
||||
$this->writeCache='';
|
||||
if($count!=8192) {
|
||||
OCP\Util::writeLog('files_encryption', 'php bug 21641 no longer holds, decryption will not work', OCP\Util::FATAL);
|
||||
if ($count!=8192) {
|
||||
OCP\Util::writeLog('files_encryption',
|
||||
'php bug 21641 no longer holds, decryption will not work',
|
||||
OCP\Util::FATAL);
|
||||
die();
|
||||
}
|
||||
$pos=ftell($this->source);
|
||||
$data=fread($this->source, 8192);
|
||||
if(strlen($data)) {
|
||||
if (strlen($data)) {
|
||||
$result=OC_Crypt::decrypt($data);
|
||||
}else{
|
||||
} else {
|
||||
$result='';
|
||||
}
|
||||
$length=$this->size-$pos;
|
||||
if($length<8192) {
|
||||
if ($length<8192) {
|
||||
$result=substr($result, 0, $length);
|
||||
}
|
||||
return $result;
|
||||
|
|
@ -99,11 +102,11 @@ class OC_CryptStream{
|
|||
public function stream_write($data) {
|
||||
$length=strlen($data);
|
||||
$currentPos=ftell($this->source);
|
||||
if($this->writeCache) {
|
||||
if ($this->writeCache) {
|
||||
$data=$this->writeCache.$data;
|
||||
$this->writeCache='';
|
||||
}
|
||||
if($currentPos%8192!=0) {
|
||||
if ($currentPos%8192!=0) {
|
||||
//make sure we always start on a block start
|
||||
fseek($this->source, -($currentPos%8192), SEEK_CUR);
|
||||
$encryptedBlock=fread($this->source, 8192);
|
||||
|
|
@ -113,11 +116,11 @@ class OC_CryptStream{
|
|||
fseek($this->source, -($currentPos%8192), SEEK_CUR);
|
||||
}
|
||||
$currentPos=ftell($this->source);
|
||||
while($remainingLength=strlen($data)>0) {
|
||||
if($remainingLength<8192) {
|
||||
while ($remainingLength=strlen($data)>0) {
|
||||
if ($remainingLength<8192) {
|
||||
$this->writeCache=$data;
|
||||
$data='';
|
||||
}else{
|
||||
} else {
|
||||
$encrypted=OC_Crypt::encrypt(substr($data, 0, 8192));
|
||||
fwrite($this->source, $encrypted);
|
||||
$data=substr($data, 8192);
|
||||
|
|
@ -157,7 +160,7 @@ class OC_CryptStream{
|
|||
}
|
||||
|
||||
private function flush() {
|
||||
if($this->writeCache) {
|
||||
if ($this->writeCache) {
|
||||
$encrypted=OC_Crypt::encrypt($this->writeCache);
|
||||
fwrite($this->source, $encrypted);
|
||||
$this->writeCache='';
|
||||
|
|
@ -166,7 +169,7 @@ class OC_CryptStream{
|
|||
|
||||
public function stream_close() {
|
||||
$this->flush();
|
||||
if($this->meta['mode']!='r' and $this->meta['mode']!='rb') {
|
||||
if ($this->meta['mode']!='r' and $this->meta['mode']!='rb') {
|
||||
OC_FileCache::put($this->path, array('encrypted'=>true, 'size'=>$this->size), '');
|
||||
}
|
||||
return fclose($this->source);
|
||||
|
|
|
|||
|
|
@ -35,20 +35,22 @@ class OC_FileProxy_Encryption extends OC_FileProxy{
|
|||
* @return bool
|
||||
*/
|
||||
private static function shouldEncrypt($path) {
|
||||
if(is_null(self::$enableEncryption)) {
|
||||
if (is_null(self::$enableEncryption)) {
|
||||
self::$enableEncryption=(OCP\Config::getAppValue('files_encryption', 'enable_encryption', 'true')=='true');
|
||||
}
|
||||
if(!self::$enableEncryption) {
|
||||
if ( ! self::$enableEncryption) {
|
||||
return false;
|
||||
}
|
||||
if(is_null(self::$blackList)) {
|
||||
self::$blackList=explode(',', OCP\Config::getAppValue('files_encryption', 'type_blacklist', 'jpg,png,jpeg,avi,mpg,mpeg,mkv,mp3,oga,ogv,ogg'));
|
||||
if (is_null(self::$blackList)) {
|
||||
self::$blackList=explode(',', OCP\Config::getAppValue('files_encryption',
|
||||
'type_blacklist',
|
||||
'jpg,png,jpeg,avi,mpg,mpeg,mkv,mp3,oga,ogv,ogg'));
|
||||
}
|
||||
if(self::isEncrypted($path)) {
|
||||
if (self::isEncrypted($path)) {
|
||||
return true;
|
||||
}
|
||||
$extension=substr($path, strrpos($path, '.')+1);
|
||||
if(array_search($extension, self::$blackList)===false) {
|
||||
if (array_search($extension, self::$blackList)===false) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
|
@ -64,8 +66,8 @@ class OC_FileProxy_Encryption extends OC_FileProxy{
|
|||
}
|
||||
|
||||
public function preFile_put_contents($path,&$data) {
|
||||
if(self::shouldEncrypt($path)) {
|
||||
if (!is_resource($data)) {//stream put contents should have been converter to fopen
|
||||
if (self::shouldEncrypt($path)) {
|
||||
if ( ! is_resource($data)) {//stream put contents should have been converter to fopen
|
||||
$size=strlen($data);
|
||||
$data=OC_Crypt::blockEncrypt($data);
|
||||
OC_FileCache::put($path, array('encrypted'=>true,'size'=>$size), '');
|
||||
|
|
@ -74,7 +76,7 @@ class OC_FileProxy_Encryption extends OC_FileProxy{
|
|||
}
|
||||
|
||||
public function postFile_get_contents($path, $data) {
|
||||
if(self::isEncrypted($path)) {
|
||||
if (self::isEncrypted($path)) {
|
||||
$cached=OC_FileCache_Cached::get($path, '');
|
||||
$data=OC_Crypt::blockDecrypt($data, '', $cached['size']);
|
||||
}
|
||||
|
|
@ -82,15 +84,15 @@ class OC_FileProxy_Encryption extends OC_FileProxy{
|
|||
}
|
||||
|
||||
public function postFopen($path,&$result) {
|
||||
if(!$result) {
|
||||
if ( ! $result) {
|
||||
return $result;
|
||||
}
|
||||
$meta=stream_get_meta_data($result);
|
||||
if(self::isEncrypted($path)) {
|
||||
if (self::isEncrypted($path)) {
|
||||
fclose($result);
|
||||
$result=fopen('crypt://'.$path, $meta['mode']);
|
||||
}elseif(self::shouldEncrypt($path) and $meta['mode']!='r' and $meta['mode']!='rb') {
|
||||
if(OC_Filesystem::file_exists($path) and OC_Filesystem::filesize($path)>0) {
|
||||
} elseif (self::shouldEncrypt($path) and $meta['mode']!='r' and $meta['mode']!='rb') {
|
||||
if (OC_Filesystem::file_exists($path) and OC_Filesystem::filesize($path)>0) {
|
||||
//first encrypt the target file so we don't end up with a half encrypted file
|
||||
OCP\Util::writeLog('files_encryption', 'Decrypting '.$path.' before writing', OCP\Util::DEBUG);
|
||||
$tmp=fopen('php://temp');
|
||||
|
|
@ -105,14 +107,14 @@ class OC_FileProxy_Encryption extends OC_FileProxy{
|
|||
}
|
||||
|
||||
public function postGetMimeType($path, $mime) {
|
||||
if(self::isEncrypted($path)) {
|
||||
if (self::isEncrypted($path)) {
|
||||
$mime=OCP\Files::getMimeType('crypt://'.$path, 'w');
|
||||
}
|
||||
return $mime;
|
||||
}
|
||||
|
||||
public function postStat($path, $data) {
|
||||
if(self::isEncrypted($path)) {
|
||||
if (self::isEncrypted($path)) {
|
||||
$cached=OC_FileCache_Cached::get($path, '');
|
||||
$data['size']=$cached['size'];
|
||||
}
|
||||
|
|
@ -120,10 +122,10 @@ class OC_FileProxy_Encryption extends OC_FileProxy{
|
|||
}
|
||||
|
||||
public function postFileSize($path, $size) {
|
||||
if(self::isEncrypted($path)) {
|
||||
if (self::isEncrypted($path)) {
|
||||
$cached=OC_FileCache_Cached::get($path, '');
|
||||
return $cached['size'];
|
||||
}else{
|
||||
} else {
|
||||
return $size;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,7 +7,9 @@
|
|||
*/
|
||||
|
||||
$tmpl = new OCP\Template( 'files_encryption', 'settings');
|
||||
$blackList=explode(',', OCP\Config::getAppValue('files_encryption', 'type_blacklist', 'jpg,png,jpeg,avi,mpg,mpeg,mkv,mp3,oga,ogv,ogg'));
|
||||
$blackList=explode(',', OCP\Config::getAppValue('files_encryption',
|
||||
'type_blacklist',
|
||||
'jpg,png,jpeg,avi,mpg,mpeg,mkv,mp3,oga,ogv,ogg'));
|
||||
$enabled=(OCP\Config::getAppValue('files_encryption', 'enable_encryption', 'true')=='true');
|
||||
$tmpl->assign('blacklist', $blackList);
|
||||
$tmpl->assign('encryption_enabled', $enabled);
|
||||
|
|
@ -15,4 +17,4 @@ $tmpl->assign('encryption_enabled', $enabled);
|
|||
OCP\Util::addscript('files_encryption', 'settings');
|
||||
OCP\Util::addscript('core', 'multiselect');
|
||||
|
||||
return $tmpl->fetchPage();
|
||||
return $tmpl->fetchPage();
|
||||
|
|
@ -1,12 +1,14 @@
|
|||
<form id="calendar">
|
||||
<fieldset class="personalblock">
|
||||
<strong><?php echo $l->t('Encryption'); ?></strong>
|
||||
<?php echo $l->t("Exclude the following file types from encryption"); ?>
|
||||
<?php echo $l->t('Exclude the following file types from encryption'); ?>
|
||||
<select id='encryption_blacklist' title="<?php echo $l->t('None')?>" multiple="multiple">
|
||||
<?php foreach($_["blacklist"] as $type): ?>
|
||||
<?php foreach ($_['blacklist'] as $type): ?>
|
||||
<option selected="selected" value="<?php echo $type;?>"><?php echo $type;?></option>
|
||||
<?php endforeach;?>
|
||||
</select>
|
||||
<input type='checkbox' id='enable_encryption' <?php if($_['encryption_enabled']) {echo 'checked="checked"';} ?>></input><label for='enable_encryption'><?php echo $l->t('Enable Encryption')?></label>
|
||||
<input type='checkbox'<?php if ($_['encryption_enabled']): ?> checked="checked"<?php endif; ?>
|
||||
id='enable_encryption' ></input>
|
||||
<label for='enable_encryption'><?php echo $l->t('Enable Encryption')?></label>
|
||||
</fieldset>
|
||||
</form>
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ class Test_CryptProxy extends UnitTestCase {
|
|||
|
||||
public function tearDown() {
|
||||
OCP\Config::setAppValue('files_encryption', 'enable_encryption', $this->oldConfig);
|
||||
if(!is_null($this->oldKey)) {
|
||||
if ( ! is_null($this->oldKey)) {
|
||||
$_SESSION['enckey']=$this->oldKey;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -41,13 +41,13 @@ class Test_CryptStream extends UnitTestCase {
|
|||
* @return resource
|
||||
*/
|
||||
function getStream($id, $mode, $size) {
|
||||
if($id==='') {
|
||||
if ($id==='') {
|
||||
$id=uniqid();
|
||||
}
|
||||
if(!isset($this->tmpFiles[$id])) {
|
||||
if ( ! isset($this->tmpFiles[$id])) {
|
||||
$file=OCP\Files::tmpFile();
|
||||
$this->tmpFiles[$id]=$file;
|
||||
}else{
|
||||
} else {
|
||||
$file=$this->tmpFiles[$id];
|
||||
}
|
||||
$stream=fopen($file, $mode);
|
||||
|
|
|
|||
Loading…
Reference in a new issue