Example 1 with MissingKeysResponse
use of ch.cyberduck.core.sds.io.swagger.client.model.MissingKeysResponse in project cyberduck by iterate-ch.
the class SDSMissingFileKeysSchedulerFeature method deleteDeprecatedKeyPair.
private void deleteDeprecatedKeyPair(final SDSSession session) throws ApiException, BackgroundException {
if (new HostPreferences(session.getHost()).getBoolean("sds.encryption.missingkeys.delete.deprecated")) {
if (session.keyPairDeprecated() != null && !session.keyPairDeprecated().equals(session.keyPair())) {
final MissingKeysResponse missingKeys = new NodesApi(session.getClient()).requestMissingFileKeys(null, 1, null, null, session.userAccount().getId(), "previous_user_key", null);
if (missingKeys.getItems().isEmpty()) {
log.debug("No more deprecated fileKeys to migrate - deleting deprecated key pair");
new UserApi(session.getClient()).removeUserKeyPair(session.keyPairDeprecated().getPublicKeyContainer().getVersion(), null);
session.resetUserKeyPairs();
}
}
}
}
Also used :
NodesApi(ch.cyberduck.core.sds.io.swagger.client.api.NodesApi)
MissingKeysResponse(ch.cyberduck.core.sds.io.swagger.client.model.MissingKeysResponse)
UserApi(ch.cyberduck.core.sds.io.swagger.client.api.UserApi)
HostPreferences(ch.cyberduck.core.preferences.HostPreferences)
Example 2 with MissingKeysResponse
use of ch.cyberduck.core.sds.io.swagger.client.model.MissingKeysResponse in project cyberduck by iterate-ch.
the class SDSMissingFileKeysSchedulerFeature method operate.
@Override
public List<UserFileKeySetRequest> operate(final Session<?> client, final PasswordCallback callback, final Path file) throws BackgroundException {
final SDSSession session = (SDSSession) client;
final SDSNodeIdProvider nodeid = (SDSNodeIdProvider) session._getFeature(VersionIdProvider.class);
try {
final UserAccountWrapper account = session.userAccount();
if (!account.isEncryptionEnabled()) {
log.warn(String.format("No key pair found in user account %s", account));
return Collections.emptyList();
}
final List<UserFileKeySetRequest> processed = new ArrayList<>();
final UserKeyPairContainer userKeyPairContainer = session.keyPair();
final UserKeyPair keyPair = TripleCryptConverter.toCryptoUserKeyPair(userKeyPairContainer);
final TripleCryptKeyPair triplecrypt = new TripleCryptKeyPair();
final Credentials passphrase = triplecrypt.unlock(callback, session.getHost(), keyPair);
final UserKeyPairContainer userKeyPairContainerDeprecated = session.keyPairDeprecated();
Credentials passphraseDeprecated = passphrase;
if (userKeyPairContainerDeprecated != null) {
passphraseDeprecated = triplecrypt.unlock(callback, session.getHost(), TripleCryptConverter.toCryptoUserKeyPair(userKeyPairContainerDeprecated));
}
// Null when operating from scheduler. File reference is set for post upload.
final Long fileId = file != null ? Long.parseLong(nodeid.getVersionId(file, new DisabledListProgressListener())) : null;
UserFileKeySetBatchRequest request;
do {
if (log.isDebugEnabled()) {
log.debug(String.format("Request a list of missing file keys for file %s", file));
}
request = new UserFileKeySetBatchRequest();
final MissingKeysResponse missingKeys = new NodesApi(session.getClient()).requestMissingFileKeys(null, null, null, fileId, null, null, null);
final Map<Long, List<UserUserPublicKey>> userPublicKeys = missingKeys.getUsers().stream().collect(groupingBy(UserUserPublicKey::getId));
final Map<Long, List<FileFileKeys>> files = missingKeys.getFiles().stream().collect(groupingBy(FileFileKeys::getId));
for (UserIdFileIdItem item : missingKeys.getItems()) {
for (FileFileKeys fileKey : files.get(item.getFileId())) {
final EncryptedFileKey encryptedFileKey = TripleCryptConverter.toCryptoEncryptedFileKey(fileKey.getFileKeyContainer());
final UserKeyPairContainer keyPairForDecryption = session.getKeyPairForFileKey(encryptedFileKey.getVersion());
for (UserUserPublicKey userPublicKey : userPublicKeys.get(item.getUserId())) {
final EncryptedFileKey fk = this.encryptFileKey(TripleCryptConverter.toCryptoUserPrivateKey(keyPairForDecryption.getPrivateKeyContainer()), encryptedFileKey.getVersion() == EncryptedFileKey.Version.RSA2048_AES256GCM ? passphraseDeprecated : passphrase, userPublicKey, fileKey);
final UserFileKeySetRequest keySetRequest = new UserFileKeySetRequest().fileId(item.getFileId()).userId(item.getUserId()).fileKey(TripleCryptConverter.toSwaggerFileKey(fk));
if (log.isDebugEnabled()) {
log.debug(String.format("Missing file key processed for file %d and user %d", item.getFileId(), item.getUserId()));
}
request.addItemsItem(keySetRequest);
}
}
}
if (!request.getItems().isEmpty()) {
if (log.isDebugEnabled()) {
log.debug(String.format("Set file keys with %s", request));
}
new NodesApi(session.getClient()).setUserFileKeys(request, StringUtils.EMPTY);
processed.addAll(request.getItems());
}
} while (!request.getItems().isEmpty());
this.deleteDeprecatedKeyPair(session);
return processed;
} catch (ApiException e) {
throw new SDSExceptionMappingService(nodeid).map(e);
} catch (CryptoException e) {
throw new TripleCryptExceptionMappingService().map(e);
}
}
Also used :
MissingKeysResponse(ch.cyberduck.core.sds.io.swagger.client.model.MissingKeysResponse)
DisabledListProgressListener(ch.cyberduck.core.DisabledListProgressListener)
EncryptedFileKey(com.dracoon.sdk.crypto.model.EncryptedFileKey)
ArrayList(java.util.ArrayList)
TripleCryptKeyPair(ch.cyberduck.core.sds.triplecrypt.TripleCryptKeyPair)
NodesApi(ch.cyberduck.core.sds.io.swagger.client.api.NodesApi)
FileFileKeys(ch.cyberduck.core.sds.io.swagger.client.model.FileFileKeys)
ArrayList(java.util.ArrayList)
List(java.util.List)
UserKeyPair(com.dracoon.sdk.crypto.model.UserKeyPair)
UserKeyPairContainer(ch.cyberduck.core.sds.io.swagger.client.model.UserKeyPairContainer)
VersionIdProvider(ch.cyberduck.core.features.VersionIdProvider)
UserUserPublicKey(ch.cyberduck.core.sds.io.swagger.client.model.UserUserPublicKey)
UserFileKeySetRequest(ch.cyberduck.core.sds.io.swagger.client.model.UserFileKeySetRequest)
UserIdFileIdItem(ch.cyberduck.core.sds.io.swagger.client.model.UserIdFileIdItem)
UserFileKeySetBatchRequest(ch.cyberduck.core.sds.io.swagger.client.model.UserFileKeySetBatchRequest)
TripleCryptExceptionMappingService(ch.cyberduck.core.sds.triplecrypt.TripleCryptExceptionMappingService)
CryptoException(com.dracoon.sdk.crypto.error.CryptoException)
Credentials(ch.cyberduck.core.Credentials)
ApiException(ch.cyberduck.core.sds.io.swagger.client.ApiException)
Aggregations
NodesApi (ch.cyberduck.core.sds.io.swagger.client.api.NodesApi)2
MissingKeysResponse (ch.cyberduck.core.sds.io.swagger.client.model.MissingKeysResponse)2
Credentials (ch.cyberduck.core.Credentials)1
DisabledListProgressListener (ch.cyberduck.core.DisabledListProgressListener)1
VersionIdProvider (ch.cyberduck.core.features.VersionIdProvider)1
HostPreferences (ch.cyberduck.core.preferences.HostPreferences)1
ApiException (ch.cyberduck.core.sds.io.swagger.client.ApiException)1
UserApi (ch.cyberduck.core.sds.io.swagger.client.api.UserApi)1
FileFileKeys (ch.cyberduck.core.sds.io.swagger.client.model.FileFileKeys)1
UserFileKeySetBatchRequest (ch.cyberduck.core.sds.io.swagger.client.model.UserFileKeySetBatchRequest)1
UserFileKeySetRequest (ch.cyberduck.core.sds.io.swagger.client.model.UserFileKeySetRequest)1
UserIdFileIdItem (ch.cyberduck.core.sds.io.swagger.client.model.UserIdFileIdItem)1
UserKeyPairContainer (ch.cyberduck.core.sds.io.swagger.client.model.UserKeyPairContainer)1
UserUserPublicKey (ch.cyberduck.core.sds.io.swagger.client.model.UserUserPublicKey)1
TripleCryptExceptionMappingService (ch.cyberduck.core.sds.triplecrypt.TripleCryptExceptionMappingService)1
TripleCryptKeyPair (ch.cyberduck.core.sds.triplecrypt.TripleCryptKeyPair)1
CryptoException (com.dracoon.sdk.crypto.error.CryptoException)1
EncryptedFileKey (com.dracoon.sdk.crypto.model.EncryptedFileKey)1
UserKeyPair (com.dracoon.sdk.crypto.model.UserKeyPair)1
ArrayList (java.util.ArrayList)1
