Commit graph

418 commits

Author SHA1 Message Date
Bjoern Schiessle
43ed86313c use the version of the original file if we write the part file to have a proper version if we move the file over to the original location 2016-02-10 11:08:03 +01:00
Lukas Reschke
ca350294a6 Add tests for setVersion 2016-02-09 23:43:28 +01:00
Vincent Petry
45c78476f5 Use cache update instead of put for encryption version
Saves a call to fetch the file id which didn't even work for a reason.

This fix properly sets the version in the database.
2016-02-09 23:43:28 +01:00
Lukas Reschke
6724f76573 Use cache and add tests 2016-02-09 23:43:27 +01:00
Bjoern Schiessle
377d7fb8a8 don't decrease ->version for part files but only a local variable, otherwise it can happen that we decrease it twice and end up with the wrong value 2016-02-09 23:43:27 +01:00
Bjoern Schiessle
966eb4b084 realPath should contain the path to the file we want to read, e.g. the version and not the original file 2016-02-09 23:43:27 +01:00
Lukas Reschke
5ccb9dfa7e Use database for keeping track of the version 2016-02-09 23:43:27 +01:00
Lukas Reschke
3badf5caf5 Use number of chunk for HMAC as well
Prevents switching single blocks within the encrypted file.
2016-02-09 23:43:26 +01:00
Lukas Reschke
b5824f024a Keep track of file version
This way it is not possible anymore for an external storage admin to put up old versions of the file.
2016-02-09 23:43:26 +01:00
Lukas Reschke
d5c1596887 Clarify documentation 2016-02-09 23:43:26 +01:00
Lukas Reschke
3b62459c41 Use hash with appended "a" of the original password for the authentication 2016-02-09 23:43:26 +01:00
Björn Schießle
9bb97c714b fixing unit tests 2016-02-09 23:43:26 +01:00
Lukas Reschke
b9ff16498b Use random_bytes instead OpenSSL 2016-02-09 23:43:26 +01:00
Björn Schießle
61dd191253 meta data are at the end of the file 2016-02-09 23:43:25 +01:00
Björn Schießle
e7ff84df5c always use default cipher for write operations, no matter how the file was encrypted before 2016-02-09 23:43:25 +01:00
Björn Schießle
cf3a8f274f make it backward compatible to work with signed and un-signed files 2016-02-09 23:43:25 +01:00
Björn Schießle
40a5ba72fc sign all encrypted blocks and check signature on decrypt 2016-02-09 23:43:25 +01:00
Lukas Reschke
db8f267647 Add note about the addPadding function 2016-02-09 23:43:25 +01:00
Lukas Reschke
59ebad0b53 Use an actual 16 byte long IV
The previous IV was actually 12 byte extended to 16 byte using base64. As the encrypted file should be fine with containing binary data as well we can simply remove the encoding like that here.
2016-02-09 23:43:24 +01:00
Lukas Reschke
d25b8dacb3 Use AES-256-CTR as default
CTR is recommended over CFB mode.
2016-02-09 23:43:24 +01:00
Joas Schilling
78d5c89e86 Make sure encryption has a valid licence tag 2016-02-03 12:57:03 +01:00
Jenkins for ownCloud
ecf2d178b1 [tx-robot] updated from transifex 2016-01-26 01:56:06 -05:00
Jenkins for ownCloud
f92119e02f [tx-robot] updated from transifex 2016-01-23 01:55:35 -05:00
Jenkins for ownCloud
f076bfac32 [tx-robot] updated from transifex 2016-01-20 01:54:54 -05:00
Jenkins for ownCloud
cd840f01ae [tx-robot] updated from transifex 2016-01-15 01:54:57 -05:00
Thomas Müller
e0aa6e01ab Merge pull request #21612 from owncloud/fix_21598
fix public link sharing if the master key is enabled
2016-01-13 10:34:48 +01:00
Thomas Müller
682821c71e Happy new year! 2016-01-12 15:02:18 +01:00
Roeland Jago Douma
876fb83ddc getMediumStrengthGenerator is deprecated and does not do anything anymore 2016-01-11 20:06:30 +01:00
Björn Schießle
46f6c289ca only use master key ID if a user is logged in. Otherwise keep the public link share key 2016-01-11 13:09:06 +01:00
Jenkins for ownCloud
72b34575df [tx-robot] updated from transifex 2016-01-09 01:55:50 -05:00
Lukas Reschke
0654d37da8 Remove undefined variable 2016-01-07 21:30:44 +01:00
Lukas Reschke
00a01a8de2 Fix PHPDoc + Add handling for error cases
Makes static code analyzers happier.
2016-01-07 21:30:44 +01:00
Thomas Müller
46107f82d4 Merge pull request #21506 from owncloud/issue-20218-min-max-owncloud-version-warning
Issue 20218 min max owncloud version warning
2016-01-07 16:51:00 +01:00
Joas Schilling
ae285c0654 Remove deprecated shipped flag from info.xml which has no use anymore 2016-01-07 15:15:58 +01:00
Joas Schilling
40f786060e Add ownCloud min and max version for shipped apps 2016-01-07 15:11:49 +01:00
Lukas Reschke
fb12063ae5 Fix method call + undefined variable
1. Variable is not defined
2. Method does not expect any parameters

```
Undefined variable: user at /Users/lukasreschke/Documents/Programming/master/apps/encryption/settings/settings-admin.php#45
```
2016-01-07 13:22:06 +01:00
Jenkins for ownCloud
27dfa74d89 [tx-robot] updated from transifex 2016-01-07 01:55:48 -05:00
Jenkins for ownCloud
157bb50a39 [tx-robot] updated from transifex 2016-01-04 01:55:05 -05:00
Jenkins for ownCloud
89584716f8 [tx-robot] updated from transifex 2015-12-28 01:55:10 -05:00
Roeland Jago Douma
1f715289bf Removed deprecated function OC_User::deleteUser
Replaced with proper OCP calls
2015-12-17 16:18:40 +01:00
Roeland Jago Douma
835911bce5 Removed deprecated private OC_User::createUser
All function calls are replaced with the recommended (which was already
the body of the function).
2015-12-17 16:18:40 +01:00
Jenkins for ownCloud
a7cd8103b5 [tx-robot] updated from transifex 2015-12-17 01:55:09 -05:00
Jenkins for ownCloud
74de12c698 [tx-robot] updated from transifex 2015-12-13 01:54:51 -05:00
Lukas Reschke
f3360d51c6 Use PHP polyfills 2015-12-11 08:47:36 +01:00
Thomas Müller
eebe2b9c23 User IUser::getEMailAddress() all over the place 2015-12-02 21:25:05 +01:00
Scrutinizer Auto-Fixer
be4c3a8b56 Scrutinizer Auto-Fixes
This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com
2015-11-27 15:32:44 +00:00
Robin Appelman
b025f07fb7 Make Cache\Updater per storage 2015-11-25 14:16:00 +01:00
Jenkins for ownCloud
cb69e6c201 [tx-robot] updated from transifex 2015-11-24 01:56:32 -05:00
Jenkins for ownCloud
56e05a90af [tx-robot] updated from transifex 2015-11-23 01:54:53 -05:00
Jenkins for ownCloud
5dd59b4bd2 [tx-robot] updated from transifex 2015-11-11 01:55:47 -05:00
Thomas Müller
ed0da94d3b Merge pull request #20272 from owncloud/phil-davis-setEncryptHomeStorage
Correct the description of function setEncryptHomeStorage
2015-11-04 10:27:54 +01:00
Jenkins for ownCloud
7fe047425f [tx-robot] updated from transifex 2015-11-04 01:55:44 -05:00
Phil Davis
46261b5ff1 Correct the description of function setEncryptHomeStorage 2015-11-03 22:47:55 +05:45
Jenkins for ownCloud
82f3590fd0 [tx-robot] updated from transifex 2015-11-03 01:58:43 -05:00
Jenkins for ownCloud
2afc14e195 [tx-robot] updated from transifex 2015-11-02 01:55:05 -05:00
Jenkins for ownCloud
2374a0df5d [tx-robot] updated from transifex 2015-11-01 01:54:58 -04:00
Jenkins for ownCloud
d7ed353814 [tx-robot] updated from transifex 2015-10-31 01:55:07 -04:00
Jenkins for ownCloud
91b2cdc62b [tx-robot] updated from transifex 2015-10-30 01:55:52 -04:00
Jenkins for ownCloud
527ef76dd6 [tx-robot] updated from transifex 2015-10-29 01:55:45 -04:00
Bjoern Schiessle
5fad45b230 make encryption configurable for home storage 2015-10-27 14:24:20 +01:00
Lukas Reschke
8f09d5b67c Update license headers 2015-10-26 14:04:01 +01:00
Jenkins for ownCloud
e6d64783a0 [tx-robot] updated from transifex 2015-10-26 01:55:04 -04:00
Jenkins for ownCloud
eb10e3abc2 [tx-robot] updated from transifex 2015-10-25 01:55:04 -04:00
Joas Schilling
e0a56317fa Fix "Call to a member function getUID() on boolean" in Crypt 2015-10-22 11:46:37 +02:00
Jörn Friedrich Dreyer
2895c91291 Merge pull request #17641 from owncloud/fix_objectstore_rename
don't move files in cache twice, fixes renaming for objectstores
2015-10-19 17:18:57 +02:00
Jenkins for ownCloud
8d25528c49 [tx-robot] updated from transifex 2015-10-18 01:55:07 -04:00
Joas Schilling
0d3d75b3b3 Increase the 2nd digit of shipped apps 2015-10-17 08:47:11 +02:00
Robin Appelman
d636bce8a4 fix encryption migration test 2015-10-16 21:41:51 +02:00
Robin Appelman
8efd037eb8 Make shared folder size propagation test work with object home storage 2015-10-16 21:41:51 +02:00
Jenkins for ownCloud
5bee7007dd [tx-robot] updated from transifex 2015-10-15 01:55:32 -04:00
Jenkins for ownCloud
f9dd750ed7 [tx-robot] updated from transifex 2015-10-14 01:55:36 -04:00
Jenkins for ownCloud
d29d018cc7 [tx-robot] updated from transifex 2015-10-11 01:54:58 -04:00
Jenkins for ownCloud
c5649a634f [tx-robot] updated from transifex 2015-10-08 01:54:58 -04:00
Jenkins for ownCloud
cd818e7419 [tx-robot] updated from transifex 2015-10-07 01:55:56 -04:00
Thomas Müller
0385a62363 Merge pull request #19597 from owncloud/update-license-headers
update licence headers via script
2015-10-06 11:18:35 +02:00
Jenkins for ownCloud
3ff60cc2e3 [tx-robot] updated from transifex 2015-10-06 01:55:00 -04:00
Morris Jobke
b945d71384 update licence headers via script 2015-10-05 21:15:52 +02:00
Bjoern Schiessle
bf82015254 add some output to explain the pre-conditions for decrypt-all 2015-10-05 12:41:05 +02:00
Jenkins for ownCloud
e0084059b9 [tx-robot] updated from transifex 2015-10-03 01:56:20 -04:00
Jenkins for ownCloud
60f123193b [tx-robot] updated from transifex 2015-09-28 05:07:18 -04:00
Bjoern Schiessle
90f1e3dc94 no need to list users if all users already had a key-pair 2015-09-24 12:47:46 +02:00
Bjoern Schiessle
daf5d1ff2e fix small typo 2015-09-21 16:48:15 +02:00
Jenkins for ownCloud
7b483dfcbe [tx-robot] updated from transifex 2015-09-21 01:54:41 -04:00
Thomas Müller
b59c42e5df Merge pull request #18983 from owncloud/fix_18926
check for the right user if we can change his password
2015-09-18 11:59:57 +02:00
Bjoern Schiessle
9bd4f2d41e occ script to disable encryption and to decrypt all files again 2015-09-15 22:39:44 +02:00
Lukas Reschke
7953cc9494 Function does return void
This function does return void and not a bool.
2015-09-15 14:02:10 +02:00
Bjoern Schiessle
7f459c64cb check for the right user if we can change his password 2015-09-14 11:49:16 +02:00
Jenkins for ownCloud
211a243784 [tx-robot] updated from transifex 2015-09-14 01:55:35 -04:00
Jenkins for ownCloud
9860a79441 [tx-robot] updated from transifex 2015-09-12 01:55:35 -04:00
Jenkins for ownCloud
0ef7b84d77 [tx-robot] updated from transifex 2015-09-10 01:54:52 -04:00
Lukas Reschke
46a328a75a Merge pull request #18873 from owncloud/enc_use_master_password
Allow admin to use a master key for all files
2015-09-09 17:05:53 +02:00
Bjoern Schiessle
b2e6d7b5f4 occ command to enable master key 2015-09-08 14:58:42 +02:00
Bjoern Schiessle
acfc7d7c4d enable usage of a master key 2015-09-07 16:08:41 +02:00
Jenkins for ownCloud
3642fb701a [tx-robot] updated from transifex 2015-09-06 01:54:56 -04:00
Jenkins for ownCloud
f3b8634058 [tx-robot] updated from transifex 2015-09-05 01:55:18 -04:00
Jenkins for ownCloud
4100b151cc [tx-robot] updated from transifex 2015-09-04 01:55:31 -04:00
Jenkins for ownCloud
310084cc25 [tx-robot] updated from transifex 2015-09-01 14:03:19 -04:00
Jenkins for ownCloud
65784227d6 [tx-robot] updated from transifex 2015-08-31 01:54:45 -04:00
Bjoern Schiessle
166e57cf61 return false if private key is not valid 2015-08-30 15:31:19 +02:00
Bjoern Schiessle
f893de4136 use login name for password reset 2015-08-30 15:31:19 +02:00
Jenkins for ownCloud
114d1acd2c [tx-robot] updated from transifex 2015-08-30 01:54:51 -04:00
Jenkins for ownCloud
64652b3000 [tx-robot] updated from transifex 2015-08-29 01:55:05 -04:00
Björn Schießle
6e210d960c Merge pull request #18423 from owncloud/occ_encrypt_all
occ command line tool to encrypt all files
2015-08-28 20:44:55 +02:00
Bjoern Schiessle
8c08dd0ac2 occ tool to encrypt all files 2015-08-26 14:58:22 +02:00
Jenkins for ownCloud
2171cc02c3 [tx-robot] updated from transifex 2015-08-25 12:39:10 -04:00
Lukas Reschke
cca35f0c3e Merge pull request #18121 from owncloud/enc_improve_privkey_encryption
use password hash to encrypt private key
2015-08-24 12:03:27 +02:00
Joas Schilling
e6eb74958f Remove unnecessary DB prefixes from existing query builder usages 2015-08-10 16:21:41 +02:00
Bjoern Schiessle
854fd63ea9 use uid as additional information for salt 2015-08-07 15:51:43 +02:00
Bjoern Schiessle
62bc0e5264 use password hash instead of the plain password to encrypt the private key 2015-08-07 15:21:08 +02:00
Vincent Petry
a594b41fb0 Fix namespace conflict in OC.Encryption JS code 2015-08-06 15:53:38 +02:00
Björn Schießle
4105d17133 Merge pull request #17989 from owncloud/enc_only_update_file_cache_once
only update database on the first run
2015-08-03 11:33:46 +02:00
Bjoern Schiessle
2f4bebb045 only update database on the first run (first run = we have a version number from the old encryption app) 2015-07-31 10:47:02 +02:00
Jenkins for ownCloud
de01951da3 [tx-robot] updated from transifex 2015-07-31 01:56:30 -04:00
Jenkins for ownCloud
c683b1d3c9 [tx-robot] updated from transifex 2015-07-28 01:55:00 -04:00
Morris Jobke
296ed4c276 Merge pull request #17413 from owncloud/public-api-querybuilder
Add public api for Doctrine QueryBuilder and ExpressionBuilder
2015-07-22 17:29:08 +02:00
Robin McCorkell
145ab3a28d Merge pull request #17806 from owncloud/enc_improved_app_description
improved app description for the default encryption module
2015-07-22 15:06:08 +01:00
Bjoern Schiessle
e97c1db728 improved app description and adjust it to the way the new encryption module works 2015-07-22 13:43:46 +02:00
Joas Schilling
f77e5f411d Fix existing usages by removing the quotes 2015-07-21 15:25:47 +02:00
Joas Schilling
de348180ae Use the public interface and our method instead of the doctrine thing 2015-07-21 15:25:47 +02:00
Bjoern Schiessle
570dd17d4f fix mount point detection 2015-07-20 16:00:33 +02:00
Bjoern Schiessle
4dba920fdd unit tests 2015-07-17 15:19:10 +02:00
Bjoern Schiessle
3000f0125f don't move keys if the key where already moved in a previous migration run 2015-07-17 15:19:10 +02:00
Thomas Müller
d6f02eb703 Merge pull request #17500 from owncloud/encryption_migration_improvements
Only clean up if migration finished succesfully
2015-07-16 14:03:21 +02:00
Jenkins for ownCloud
176dabd976 [tx-robot] updated from transifex 2015-07-10 01:54:55 -04:00
Morris Jobke
42eb18c747 Merge pull request #17473 from owncloud/enc_fix_migration
more secure way to update the database
2015-07-09 22:41:56 +02:00
Jenkins for ownCloud
6d9bb17360 [tx-robot] updated from transifex 2015-07-09 01:54:53 -04:00
Bjoern Schiessle
1e284b15ff only create new key pair if both keys are missing 2015-07-08 19:08:41 +02:00
Bjoern Schiessle
85c3b9d5cf only cleanUp the remaining keys if the migration really finished succesfully 2015-07-08 18:23:18 +02:00
Bjoern Schiessle
876d7c160d more secure way to update the database 2015-07-08 13:26:53 +02:00
Jenkins for ownCloud
b8f5b2c47a [tx-robot] updated from transifex 2015-07-03 01:54:57 -04:00
Jenkins for ownCloud
733d59ed44 [tx-robot] updated from transifex 2015-06-29 01:54:44 -04:00
Morris Jobke
f63915d0c8 update license headers and authors 2015-06-25 14:13:49 +02:00
Jenkins for ownCloud
dddbfb903f [tx-robot] updated from transifex 2015-06-25 01:55:15 -04:00
Björn Schießle
cce841c665 Merge pull request #17045 from owncloud/enc_improvements
encryption improvements
2015-06-23 14:30:21 +02:00
Jenkins for ownCloud
183bd6dd49 [tx-robot] updated from transifex 2015-06-20 01:55:10 -04:00
Bjoern Schiessle
ed3dc199ae remove files_encryption from database at the end of the migration process 2015-06-19 14:15:56 +02:00
Jenkins for ownCloud
c4cb34da9d [tx-robot] updated from transifex 2015-06-18 01:55:14 -04:00
Jenkins for ownCloud
3898b8c9b8 [tx-robot] updated from transifex 2015-06-17 01:55:34 -04:00
Jenkins for ownCloud
0a5d73b874 [tx-robot] updated from transifex 2015-06-16 01:55:41 -04:00
Jenkins for ownCloud
fe9b28a800 [tx-robot] updated from transifex 2015-06-14 01:54:49 -04:00
Jenkins for ownCloud
88d3c9ad40 [tx-robot] updated from transifex 2015-06-11 01:55:05 -04:00
Jenkins for ownCloud
4d88302b3a [tx-robot] updated from transifex 2015-06-10 01:54:55 -04:00
Bjoern Schiessle
d743d6d356 add hint to exception 2015-06-08 21:16:23 +02:00
Jenkins for ownCloud
2fb1b0864a [tx-robot] updated from transifex 2015-06-08 01:55:01 -04:00
Jenkins for ownCloud
3542148761 [tx-robot] updated from transifex 2015-06-07 01:55:03 -04:00
Jenkins for ownCloud
e544d5b2c6 [tx-robot] updated from transifex 2015-06-05 01:55:04 -04:00
Jenkins for ownCloud
66a24ff479 [tx-robot] updated from transifex 2015-06-04 01:56:24 -04:00
Joas Schilling
d3e3a84cae Move the helpful method to the TestCase class 2015-06-03 12:33:29 +02:00
Jenkins for ownCloud
410a836702 [tx-robot] updated from transifex 2015-06-03 01:55:29 -04:00
Jenkins for ownCloud
baca5c60c0 [tx-robot] updated from transifex 2015-06-02 01:56:23 -04:00