123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112 |
- <?php
- /**
- * ownCloud
- *
- * @author Robin Appelman
- * @copyright 2011 Robin Appelman icewind1991@gmail.com
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
- *
- * You should have received a copy of the GNU Affero General Public
- * License along with this library. If not, see <http://www.gnu.org/licenses/>.
- *
- */
- /**
- * transparent encryption
- */
- class OC_FileProxy_Encryption extends OC_FileProxy{
- private static $blackList=null; //mimetypes blacklisted from encryption
- private static $enableEncryption=null;
-
- /**
- * check if a file should be encrypted during write
- * @param string $path
- * @return bool
- */
- private static function shouldEncrypt($path){
- if(is_null(self::$enableEncryption)){
- self::$enableEncryption=(OCP\Config::getAppValue('files_encryption','enable_encryption','true')=='true');
- }
- if(!self::$enableEncryption){
- return false;
- }
- if(is_null(self::$blackList)){
- self::$blackList=explode(',',OCP\Config::getAppValue('files_encryption','type_blacklist','jpg,png,jpeg,avi,mpg,mpeg,mkv,mp3,oga,ogv,ogg'));
- }
- if(self::isEncrypted($path)){
- return true;
- }
- $extension=substr($path,strrpos($path,'.')+1);
- if(array_search($extension,self::$blackList)===false){
- return true;
- }
- }
- /**
- * check if a file is encrypted
- * @param string $path
- * @return bool
- */
- private static function isEncrypted($path){
- $metadata=OC_FileCache_Cached::get($path,'');
- return isset($metadata['encrypted']) and (bool)$metadata['encrypted'];
- }
-
- public function preFile_put_contents($path,&$data){
- if(self::shouldEncrypt($path)){
- if (!is_resource($data)) {//stream put contents should have been converter to fopen
- $data=OC_Crypt::blockEncrypt($data);
- OC_FileCache::put($path,array('encrypted'=>true),'');
- }
- }
- }
-
- public function postFile_get_contents($path,$data){
- if(self::isEncrypted($path)){
- $data=OC_Crypt::blockDecrypt($data);
- }
- return $data;
- }
-
- public function postFopen($path,&$result){
- if(!$result){
- return $result;
- }
- $meta=stream_get_meta_data($result);
- if(self::isEncrypted($path)){
- fclose($result);
- $result=fopen('crypt://'.$path,$meta['mode']);
- }elseif(self::shouldEncrypt($path) and $meta['mode']!='r' and $meta['mode']!='rb'){
- if(OC_Filesystem::file_exists($path) and OC_Filesystem::filesize($path)>0){
- //first encrypt the target file so we don't end up with a half encrypted file
- OCP\Util::writeLog('files_encryption','Decrypting '.$path.' before writing',OCP\Util::DEBUG);
- $tmp=fopen('php://temp');
- OCP\Files::streamCopy($result,$tmp);
- fclose($result);
- OC_Filesystem::file_put_contents($path,$tmp);
- fclose($tmp);
- }
- $result=fopen('crypt://'.$path,$meta['mode']);
- }
- return $result;
- }
- public function postGetMimeType($path,$mime){
- if(self::isEncrypted($path)){
- $mime=OCP\Files::getMimeType('crypt://'.$path,'w');
- }
- return $mime;
- }
- }
|