session.php 4.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193
  1. <?php
  2. /**
  3. * ownCloud
  4. *
  5. * @author Sam Tuke
  6. * @copyright 2012 Sam Tuke samtuke@owncloud.com
  7. *
  8. * This library is free software; you can redistribute it and/or
  9. * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
  10. * License as published by the Free Software Foundation; either
  11. * version 3 of the License, or any later version.
  12. *
  13. * This library is distributed in the hope that it will be useful,
  14. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  16. * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
  17. *
  18. * You should have received a copy of the GNU Affero General Public
  19. * License along with this library. If not, see <http://www.gnu.org/licenses/>.
  20. *
  21. */
  22. namespace OCA\Encryption;
  23. /**
  24. * Class for handling encryption related session data
  25. */
  26. class Session {
  27. private $view;
  28. /**
  29. * @brief if session is started, check if ownCloud key pair is set up, if not create it
  30. * @param \OC_FilesystemView $view
  31. *
  32. * @note The ownCloud key pair is used to allow public link sharing even if encryption is enabled
  33. */
  34. public function __construct($view) {
  35. $this->view = $view;
  36. if (!$this->view->is_dir('owncloud_private_key')) {
  37. $this->view->mkdir('owncloud_private_key');
  38. }
  39. $publicShareKeyId = \OC_Appconfig::getValue('files_encryption', 'publicShareKeyId');
  40. if ($publicShareKeyId === null) {
  41. $publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8);
  42. \OC_Appconfig::setValue('files_encryption', 'publicShareKeyId', $publicShareKeyId);
  43. }
  44. if (
  45. !$this->view->file_exists("/public-keys/" . $publicShareKeyId . ".public.key")
  46. || !$this->view->file_exists("/owncloud_private_key/" . $publicShareKeyId . ".private.key")
  47. ) {
  48. $keypair = Crypt::createKeypair();
  49. // Disable encryption proxy to prevent recursive calls
  50. $proxyStatus = \OC_FileProxy::$enabled;
  51. \OC_FileProxy::$enabled = false;
  52. // Save public key
  53. if (!$view->is_dir('/public-keys')) {
  54. $view->mkdir('/public-keys');
  55. }
  56. $this->view->file_put_contents('/public-keys/' . $publicShareKeyId . '.public.key', $keypair['publicKey']);
  57. // Encrypt private key empty passphrase
  58. $encryptedPrivateKey = Crypt::symmetricEncryptFileContent($keypair['privateKey'], '');
  59. // Save private key
  60. $this->view->file_put_contents(
  61. '/owncloud_private_key/' . $publicShareKeyId . '.private.key', $encryptedPrivateKey);
  62. \OC_FileProxy::$enabled = $proxyStatus;
  63. }
  64. if (\OCA\Encryption\Helper::isPublicAccess()) {
  65. // Disable encryption proxy to prevent recursive calls
  66. $proxyStatus = \OC_FileProxy::$enabled;
  67. \OC_FileProxy::$enabled = false;
  68. $encryptedKey = $this->view->file_get_contents(
  69. '/owncloud_private_key/' . $publicShareKeyId . '.private.key');
  70. $privateKey = Crypt::decryptPrivateKey($encryptedKey, '');
  71. $this->setPublicSharePrivateKey($privateKey);
  72. \OC_FileProxy::$enabled = $proxyStatus;
  73. }
  74. }
  75. /**
  76. * @brief Sets user private key to session
  77. * @param string $privateKey
  78. * @return bool
  79. *
  80. * @note this should only be set on login
  81. */
  82. public function setPrivateKey($privateKey) {
  83. \OC::$session->set('privateKey', $privateKey);
  84. return true;
  85. }
  86. /**
  87. * @brief Gets user or public share private key from session
  88. * @returns string $privateKey The user's plaintext private key
  89. *
  90. */
  91. public function getPrivateKey() {
  92. // return the public share private key if this is a public access
  93. if (\OCA\Encryption\Helper::isPublicAccess()) {
  94. return $this->getPublicSharePrivateKey();
  95. } else {
  96. if (!is_null(\OC::$session->get('privateKey'))) {
  97. return \OC::$session->get('privateKey');
  98. } else {
  99. return false;
  100. }
  101. }
  102. }
  103. /**
  104. * @brief Sets public user private key to session
  105. * @param string $privateKey
  106. * @return bool
  107. */
  108. public function setPublicSharePrivateKey($privateKey) {
  109. \OC::$session->set('publicSharePrivateKey', $privateKey);
  110. return true;
  111. }
  112. /**
  113. * @brief Gets public share private key from session
  114. * @returns string $privateKey
  115. *
  116. */
  117. public function getPublicSharePrivateKey() {
  118. if (!is_null(\OC::$session->get('publicSharePrivateKey'))) {
  119. return \OC::$session->get('publicSharePrivateKey');
  120. } else {
  121. return false;
  122. }
  123. }
  124. /**
  125. * @brief Sets user legacy key to session
  126. * @param $legacyKey
  127. * @return bool
  128. */
  129. public function setLegacyKey($legacyKey) {
  130. \OC::$session->set('legacyKey', $legacyKey);
  131. return true;
  132. }
  133. /**
  134. * @brief Gets user legacy key from session
  135. * @returns string $legacyKey The user's plaintext legacy key
  136. *
  137. */
  138. public function getLegacyKey() {
  139. if (!is_null(\OC::$session->get('legacyKey'))) {
  140. return \OC::$session->get('legacyKey');
  141. } else {
  142. return false;
  143. }
  144. }
  145. }