[Pkg-owncloud-commits] [owncloud] 25/239: better distinction between userID and keyId
David Prévot
taffit at moszumanska.debian.org
Fri Nov 29 01:32:13 UTC 2013
This is an automated email from the git hooks/post-receive script.
taffit pushed a commit to branch master
in repository owncloud.
commit 2b361ea085812a7b97102d026c421905549b5142
Author: Bjoern Schiessle <schiessle at owncloud.com>
Date: Thu Nov 21 10:09:07 2013 +0100
better distinction between userID and keyId
---
apps/files_encryption/lib/stream.php | 28 +++++++++++++---------------
apps/files_encryption/lib/util.php | 32 +++++++++++++++++++-------------
2 files changed, 32 insertions(+), 28 deletions(-)
diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php
index 2497e56..409c6ff 100644
--- a/apps/files_encryption/lib/stream.php
+++ b/apps/files_encryption/lib/stream.php
@@ -55,6 +55,7 @@ class Stream {
private $rawPath; // The raw path relative to the data dir
private $relPath; // rel path to users file dir
private $userId;
+ private $keyId;
private $handle; // Resource returned by fopen
private $meta = array(); // Header / meta for source stream
private $writeCache;
@@ -94,16 +95,16 @@ class Stream {
$this->privateKey = $this->session->getPrivateKey();
- $userId = Helper::getUser($path);
+ // rawPath is relative to the data directory
+ $this->rawPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path));
- $util = new Util($this->rootView, $userId);
+ $this->userId = Helper::getUser($this->rawPath);
- // need to get the userId once more from util, because now this can be the
- // public share key ID
- $this->userId = $util->getUserId();
+ $util = new Util($this->rootView, $this->userId);
- // rawPath is relative to the data directory
- $this->rawPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path));
+ // get the key ID which we want to use, canm be the users key or the
+ // public share key
+ $this->keyId = $util->getKeyId();
// Strip identifier text from path, this gives us the path relative to data/<user>/files
$this->relPath = Helper::stripUserFilesPath($this->rawPath);
@@ -254,14 +255,13 @@ class Stream {
// Fetch and decrypt keyfile
// Fetch existing keyfile
- $userId = Helper::getUser($this->rawPath);
- $util = new \OCA\Encryption\Util($this->rootView, $userId);
+ $util = new \OCA\Encryption\Util($this->rootView, $this->userId);
$this->encKeyfile = Keymanager::getFileKey($this->rootView, $util, $this->relPath);
// If a keyfile already exists
if ($this->encKeyfile) {
- $shareKey = Keymanager::getShareKey($this->rootView, $this->userId, $util, $this->relPath);
+ $shareKey = Keymanager::getShareKey($this->rootView, $this->keyId, $util, $this->relPath);
// if there is no valid private key return false
if ($this->privateKey === false) {
@@ -508,14 +508,12 @@ class Stream {
\OC_FileProxy::$enabled = false;
// Fetch user's public key
- $this->publicKey = Keymanager::getPublicKey($this->rootView, $this->userId);
+ $this->publicKey = Keymanager::getPublicKey($this->rootView, $this->keyId);
// Check if OC sharing api is enabled
$sharingEnabled = \OCP\Share::isEnabled();
- $userId = Helper::getUser($this->rawPath);
-
- $util = new Util($this->rootView, $userId);
+ $util = new Util($this->rootView, $this->userId);
// Get all users sharing the file includes current user
$uniqueUserIds = $util->getSharingUsersArray($sharingEnabled, $this->relPath, $this->userId);
@@ -528,7 +526,7 @@ class Stream {
$this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
// Save the new encrypted file key
- Keymanager::setFileKey($this->rootView, $this->relPath, $this->userId, $this->encKeyfiles['data']);
+ Keymanager::setFileKey($this->rootView, $this->relPath, $this->keyId, $this->encKeyfiles['data']);
// Save the sharekeys
Keymanager::setShareKeys($this->rootView, $this->relPath, $this->encKeyfiles['keys']);
diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php
index 1e8b852..2dd4fd9 100644
--- a/apps/files_encryption/lib/util.php
+++ b/apps/files_encryption/lib/util.php
@@ -39,7 +39,7 @@ class Util {
private $view; // OC_FilesystemView object for filesystem operations
private $userId; // ID of the user we use to encrypt/decrypt files
- private $ownerId; // ID of the user who accesses the file/folder
+ private $keyId; // ID of the key we want to manipulate
private $client; // Client side encryption mode flag
private $publicKeyDir; // Dir containing all public user keys
private $encryptionDir; // Dir containing user's files_encryption
@@ -60,32 +60,31 @@ class Util {
$this->view = $view;
$this->client = $client;
+ $this->userId = $userId;
$this->publicShareKeyId = \OC_Appconfig::getValue('files_encryption', 'publicShareKeyId');
$this->recoveryKeyId = \OC_Appconfig::getValue('files_encryption', 'recoveryKeyId');
- $this->userDir = '/' . $userId;
+ $this->userDir = '/' . $this->userId;
$this->fileFolderName = 'files';
$this->userFilesDir =
'/' . $userId . '/' . $this->fileFolderName; // TODO: Does this need to be user configurable?
$this->publicKeyDir = '/' . 'public-keys';
- $this->encryptionDir = '/' . $userId . '/' . 'files_encryption';
+ $this->encryptionDir = '/' . $this->userId . '/' . 'files_encryption';
$this->keyfilesPath = $this->encryptionDir . '/' . 'keyfiles';
$this->shareKeysPath = $this->encryptionDir . '/' . 'share-keys';
$this->publicKeyPath =
- $this->publicKeyDir . '/' . $userId . '.public.key'; // e.g. data/public-keys/admin.public.key
+ $this->publicKeyDir . '/' . $this->userId . '.public.key'; // e.g. data/public-keys/admin.public.key
$this->privateKeyPath =
- $this->encryptionDir . '/' . $userId . '.private.key'; // e.g. data/admin/admin.private.key
+ $this->encryptionDir . '/' . $this->userId . '.private.key'; // e.g. data/admin/admin.private.key
// make sure that the owners home is mounted
\OC\Files\Filesystem::initMountPoints($userId);
if (\OCA\Encryption\Helper::isPublicAccess()) {
- $this->userId = $this->publicShareKeyId;
- $this->ownerId = $userId;
+ $this->keyId = $this->publicShareKeyId;
$this->isPublic = true;
} else {
- $this->userId = $userId;
- $this->ownerId = $userId;
+ $this->keyId = $this->userId;
$this->isPublic = false;
}
}
@@ -172,13 +171,13 @@ class Util {
// check if public-key exists but private-key is missing
if ($this->view->file_exists($this->publicKeyPath) && !$this->view->file_exists($this->privateKeyPath)) {
\OCP\Util::writeLog('Encryption library',
- 'public key exists but private key is missing for "' . $this->userId . '"', \OCP\Util::FATAL);
+ 'public key exists but private key is missing for "' . $this->keyId . '"', \OCP\Util::FATAL);
return false;
} else {
if (!$this->view->file_exists($this->publicKeyPath) && $this->view->file_exists($this->privateKeyPath)
) {
\OCP\Util::writeLog('Encryption library',
- 'private key exists but public key is missing for "' . $this->userId . '"', \OCP\Util::FATAL);
+ 'private key exists but public key is missing for "' . $this->keyId . '"', \OCP\Util::FATAL);
return false;
}
}
@@ -1046,7 +1045,7 @@ class Util {
$encKeyfile = Keymanager::getFileKey($this->view, $this, $filePath);
// The file has a shareKey and must use it for decryption
- $shareKey = Keymanager::getShareKey($this->view, $this->userId, $this, $filePath);
+ $shareKey = Keymanager::getShareKey($this->view, $this->keyId, $this, $filePath);
$plainKeyfile = Crypt::multiKeyDecrypt($encKeyfile, $shareKey, $privateKey);
@@ -1322,7 +1321,7 @@ class Util {
// handle public access
if ($this->isPublic) {
$filename = $path;
- $fileOwnerUid = $this->ownerId;
+ $fileOwnerUid = $this->userId;
return array(
$fileOwnerUid,
@@ -1550,6 +1549,13 @@ class Util {
/**
* @return string
*/
+ public function getKeyId() {
+ return $this->keyId;
+ }
+
+ /**
+ * @return string
+ */
public function getUserFilesDir() {
return $this->userFilesDir;
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git
More information about the Pkg-owncloud-commits
mailing list