Storage.php 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Bjoern Schiessle <bjoern@schiessle.org>
  6. * @author Björn Schießle <bjoern@schiessle.org>
  7. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  8. * @author Joas Schilling <coding@schilljs.com>
  9. * @author Roeland Jago Douma <roeland@famdouma.nl>
  10. * @author Thomas Müller <thomas.mueller@tmit.eu>
  11. * @author Vincent Petry <vincent@nextcloud.com>
  12. *
  13. * @license AGPL-3.0
  14. *
  15. * This code is free software: you can redistribute it and/or modify
  16. * it under the terms of the GNU Affero General Public License, version 3,
  17. * as published by the Free Software Foundation.
  18. *
  19. * This program is distributed in the hope that it will be useful,
  20. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  21. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  22. * GNU Affero General Public License for more details.
  23. *
  24. * You should have received a copy of the GNU Affero General Public License, version 3,
  25. * along with this program. If not, see <http://www.gnu.org/licenses/>
  26. *
  27. */
  28. namespace OC\Encryption\Keys;
  29. use OC\Encryption\Util;
  30. use OC\Files\Filesystem;
  31. use OC\Files\View;
  32. use OC\ServerNotAvailableException;
  33. use OC\User\NoUserException;
  34. use OCP\Encryption\Keys\IStorage;
  35. use OCP\IConfig;
  36. use OCP\Security\ICrypto;
  37. class Storage implements IStorage {
  38. // hidden file which indicate that the folder is a valid key storage
  39. public const KEY_STORAGE_MARKER = '.oc_key_storage';
  40. /** @var View */
  41. private $view;
  42. /** @var Util */
  43. private $util;
  44. // base dir where all the file related keys are stored
  45. /** @var string */
  46. private $keys_base_dir;
  47. // root of the key storage default is empty which means that we use the data folder
  48. /** @var string */
  49. private $root_dir;
  50. /** @var string */
  51. private $encryption_base_dir;
  52. /** @var string */
  53. private $backup_base_dir;
  54. /** @var array */
  55. private $keyCache = [];
  56. /** @var ICrypto */
  57. private $crypto;
  58. /** @var IConfig */
  59. private $config;
  60. /**
  61. * @param View $view
  62. * @param Util $util
  63. */
  64. public function __construct(View $view, Util $util, ICrypto $crypto, IConfig $config) {
  65. $this->view = $view;
  66. $this->util = $util;
  67. $this->encryption_base_dir = '/files_encryption';
  68. $this->keys_base_dir = $this->encryption_base_dir .'/keys';
  69. $this->backup_base_dir = $this->encryption_base_dir .'/backup';
  70. $this->root_dir = $this->util->getKeyStorageRoot();
  71. $this->crypto = $crypto;
  72. $this->config = $config;
  73. }
  74. /**
  75. * @inheritdoc
  76. */
  77. public function getUserKey($uid, $keyId, $encryptionModuleId) {
  78. $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
  79. return base64_decode($this->getKeyWithUid($path, $uid));
  80. }
  81. /**
  82. * @inheritdoc
  83. */
  84. public function getFileKey($path, $keyId, $encryptionModuleId) {
  85. $realFile = $this->util->stripPartialFileExtension($path);
  86. $keyDir = $this->util->getFileKeyDir($encryptionModuleId, $realFile);
  87. $key = $this->getKey($keyDir . $keyId)['key'];
  88. if ($key === '' && $realFile !== $path) {
  89. // Check if the part file has keys and use them, if no normal keys
  90. // exist. This is required to fix copyBetweenStorage() when we
  91. // rename a .part file over storage borders.
  92. $keyDir = $this->util->getFileKeyDir($encryptionModuleId, $path);
  93. $key = $this->getKey($keyDir . $keyId)['key'];
  94. }
  95. return base64_decode($key);
  96. }
  97. /**
  98. * @inheritdoc
  99. */
  100. public function getSystemUserKey($keyId, $encryptionModuleId) {
  101. $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
  102. return base64_decode($this->getKeyWithUid($path, null));
  103. }
  104. /**
  105. * @inheritdoc
  106. */
  107. public function setUserKey($uid, $keyId, $key, $encryptionModuleId) {
  108. $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
  109. return $this->setKey($path, [
  110. 'key' => base64_encode($key),
  111. 'uid' => $uid,
  112. ]);
  113. }
  114. /**
  115. * @inheritdoc
  116. */
  117. public function setFileKey($path, $keyId, $key, $encryptionModuleId) {
  118. $keyDir = $this->util->getFileKeyDir($encryptionModuleId, $path);
  119. return $this->setKey($keyDir . $keyId, [
  120. 'key' => base64_encode($key),
  121. ]);
  122. }
  123. /**
  124. * @inheritdoc
  125. */
  126. public function setSystemUserKey($keyId, $key, $encryptionModuleId) {
  127. $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
  128. return $this->setKey($path, [
  129. 'key' => base64_encode($key),
  130. 'uid' => null,
  131. ]);
  132. }
  133. /**
  134. * @inheritdoc
  135. */
  136. public function deleteUserKey($uid, $keyId, $encryptionModuleId) {
  137. try {
  138. $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, $uid);
  139. return !$this->view->file_exists($path) || $this->view->unlink($path);
  140. } catch (NoUserException $e) {
  141. // this exception can come from initMountPoints() from setupUserMounts()
  142. // for a deleted user.
  143. //
  144. // It means, that:
  145. // - we are not running in alternative storage mode because we don't call
  146. // initMountPoints() in that mode
  147. // - the keys were in the user's home but since the user was deleted, the
  148. // user's home is gone and so are the keys
  149. //
  150. // So there is nothing to do, just ignore.
  151. }
  152. }
  153. /**
  154. * @inheritdoc
  155. */
  156. public function deleteFileKey($path, $keyId, $encryptionModuleId) {
  157. $keyDir = $this->util->getFileKeyDir($encryptionModuleId, $path);
  158. return !$this->view->file_exists($keyDir . $keyId) || $this->view->unlink($keyDir . $keyId);
  159. }
  160. /**
  161. * @inheritdoc
  162. */
  163. public function deleteAllFileKeys($path) {
  164. $keyDir = $this->util->getFileKeyDir('', $path);
  165. return !$this->view->file_exists($keyDir) || $this->view->deleteAll($keyDir);
  166. }
  167. /**
  168. * @inheritdoc
  169. */
  170. public function deleteSystemUserKey($keyId, $encryptionModuleId) {
  171. $path = $this->constructUserKeyPath($encryptionModuleId, $keyId, null);
  172. return !$this->view->file_exists($path) || $this->view->unlink($path);
  173. }
  174. /**
  175. * construct path to users key
  176. *
  177. * @param string $encryptionModuleId
  178. * @param string $keyId
  179. * @param string $uid
  180. * @return string
  181. */
  182. protected function constructUserKeyPath($encryptionModuleId, $keyId, $uid) {
  183. if ($uid === null) {
  184. $path = $this->root_dir . '/' . $this->encryption_base_dir . '/' . $encryptionModuleId . '/' . $keyId;
  185. } else {
  186. $path = $this->root_dir . '/' . $uid . $this->encryption_base_dir . '/'
  187. . $encryptionModuleId . '/' . $uid . '.' . $keyId;
  188. }
  189. return \OC\Files\Filesystem::normalizePath($path);
  190. }
  191. /**
  192. * @param string $path
  193. * @param string|null $uid
  194. * @return string
  195. * @throws ServerNotAvailableException
  196. *
  197. * Small helper function to fetch the key and verify the value for user and system keys
  198. */
  199. private function getKeyWithUid(string $path, ?string $uid): string {
  200. $data = $this->getKey($path);
  201. if (!isset($data['key'])) {
  202. throw new ServerNotAvailableException('Key is invalid');
  203. }
  204. if ($data['key'] === '') {
  205. return '';
  206. }
  207. if (!array_key_exists('uid', $data) || $data['uid'] !== $uid) {
  208. // If the migration is done we error out
  209. $versionFromBeforeUpdate = $this->config->getSystemValueString('version', '0.0.0.0');
  210. if (version_compare($versionFromBeforeUpdate, '20.0.0.1', '<=')) {
  211. return $data['key'];
  212. }
  213. if ($this->config->getSystemValueBool('encryption.key_storage_migrated', true)) {
  214. throw new ServerNotAvailableException('Key has been modified');
  215. } else {
  216. //Otherwise we migrate
  217. $data['uid'] = $uid;
  218. $this->setKey($path, $data);
  219. }
  220. }
  221. return $data['key'];
  222. }
  223. /**
  224. * read key from hard disk
  225. *
  226. * @param string $path to key
  227. * @return array containing key as base64encoded key, and possible the uid
  228. */
  229. private function getKey($path): array {
  230. $key = [
  231. 'key' => '',
  232. ];
  233. if ($this->view->file_exists($path)) {
  234. if (isset($this->keyCache[$path])) {
  235. $key = $this->keyCache[$path];
  236. } else {
  237. $data = $this->view->file_get_contents($path);
  238. // Version <20.0.0.1 doesn't have this
  239. $versionFromBeforeUpdate = $this->config->getSystemValueString('version', '0.0.0.0');
  240. if (version_compare($versionFromBeforeUpdate, '20.0.0.1', '<=')) {
  241. $key = [
  242. 'key' => base64_encode($data),
  243. ];
  244. } else {
  245. if ($this->config->getSystemValueBool('encryption.key_storage_migrated', true)) {
  246. try {
  247. $clearData = $this->crypto->decrypt($data);
  248. } catch (\Exception $e) {
  249. throw new ServerNotAvailableException('Could not decrypt key', 0, $e);
  250. }
  251. $dataArray = json_decode($clearData, true);
  252. if ($dataArray === null) {
  253. throw new ServerNotAvailableException('Invalid encryption key');
  254. }
  255. $key = $dataArray;
  256. } else {
  257. /*
  258. * Even if not all keys are migrated we should still try to decrypt it (in case some have moved).
  259. * However it is only a failure now if it is an array and decryption fails
  260. */
  261. $fallback = false;
  262. try {
  263. $clearData = $this->crypto->decrypt($data);
  264. } catch (\Throwable $e) {
  265. $fallback = true;
  266. }
  267. if (!$fallback) {
  268. $dataArray = json_decode($clearData, true);
  269. if ($dataArray === null) {
  270. throw new ServerNotAvailableException('Invalid encryption key');
  271. }
  272. $key = $dataArray;
  273. } else {
  274. $key = [
  275. 'key' => base64_encode($data),
  276. ];
  277. }
  278. }
  279. }
  280. $this->keyCache[$path] = $key;
  281. }
  282. }
  283. return $key;
  284. }
  285. /**
  286. * write key to disk
  287. *
  288. *
  289. * @param string $path path to key directory
  290. * @param array $key key
  291. * @return bool
  292. */
  293. private function setKey($path, $key) {
  294. $this->keySetPreparation(dirname($path));
  295. $versionFromBeforeUpdate = $this->config->getSystemValueString('version', '0.0.0.0');
  296. if (version_compare($versionFromBeforeUpdate, '20.0.0.1', '<=')) {
  297. // Only store old format if this happens during the migration.
  298. // TODO: Remove for 21
  299. $data = base64_decode($key['key']);
  300. } else {
  301. // Wrap the data
  302. $data = $this->crypto->encrypt(json_encode($key));
  303. }
  304. $result = $this->view->file_put_contents($path, $data);
  305. if (is_int($result) && $result > 0) {
  306. $this->keyCache[$path] = $key;
  307. return true;
  308. }
  309. return false;
  310. }
  311. /**
  312. * move keys if a file was renamed
  313. *
  314. * @param string $source
  315. * @param string $target
  316. * @return boolean
  317. */
  318. public function renameKeys($source, $target) {
  319. $sourcePath = $this->getPathToKeys($source);
  320. $targetPath = $this->getPathToKeys($target);
  321. if ($this->view->file_exists($sourcePath)) {
  322. $this->keySetPreparation(dirname($targetPath));
  323. $this->view->rename($sourcePath, $targetPath);
  324. return true;
  325. }
  326. return false;
  327. }
  328. /**
  329. * copy keys if a file was renamed
  330. *
  331. * @param string $source
  332. * @param string $target
  333. * @return boolean
  334. */
  335. public function copyKeys($source, $target) {
  336. $sourcePath = $this->getPathToKeys($source);
  337. $targetPath = $this->getPathToKeys($target);
  338. if ($this->view->file_exists($sourcePath)) {
  339. $this->keySetPreparation(dirname($targetPath));
  340. $this->view->copy($sourcePath, $targetPath);
  341. return true;
  342. }
  343. return false;
  344. }
  345. /**
  346. * backup keys of a given encryption module
  347. *
  348. * @param string $encryptionModuleId
  349. * @param string $purpose
  350. * @param string $uid
  351. * @return bool
  352. * @since 12.0.0
  353. */
  354. public function backupUserKeys($encryptionModuleId, $purpose, $uid) {
  355. $source = $uid . $this->encryption_base_dir . '/' . $encryptionModuleId;
  356. $backupDir = $uid . $this->backup_base_dir;
  357. if (!$this->view->file_exists($backupDir)) {
  358. $this->view->mkdir($backupDir);
  359. }
  360. $backupDir = $backupDir . '/' . $purpose . '.' . $encryptionModuleId . '.' . $this->getTimestamp();
  361. $this->view->mkdir($backupDir);
  362. return $this->view->copy($source, $backupDir);
  363. }
  364. /**
  365. * get the current timestamp
  366. *
  367. * @return int
  368. */
  369. protected function getTimestamp() {
  370. return time();
  371. }
  372. /**
  373. * get system wide path and detect mount points
  374. *
  375. * @param string $path
  376. * @return string
  377. */
  378. protected function getPathToKeys($path) {
  379. [$owner, $relativePath] = $this->util->getUidAndFilename($path);
  380. $systemWideMountPoint = $this->util->isSystemWideMountPoint($relativePath, $owner);
  381. if ($systemWideMountPoint) {
  382. $systemPath = $this->root_dir . '/' . $this->keys_base_dir . $relativePath . '/';
  383. } else {
  384. $systemPath = $this->root_dir . '/' . $owner . $this->keys_base_dir . $relativePath . '/';
  385. }
  386. return Filesystem::normalizePath($systemPath, false);
  387. }
  388. /**
  389. * Make preparations to filesystem for saving a key file
  390. *
  391. * @param string $path relative to the views root
  392. */
  393. protected function keySetPreparation($path) {
  394. // If the file resides within a subdirectory, create it
  395. if (!$this->view->file_exists($path)) {
  396. $sub_dirs = explode('/', ltrim($path, '/'));
  397. $dir = '';
  398. foreach ($sub_dirs as $sub_dir) {
  399. $dir .= '/' . $sub_dir;
  400. if (!$this->view->is_dir($dir)) {
  401. $this->view->mkdir($dir);
  402. }
  403. }
  404. }
  405. }
  406. }