Secure filedrop

[tobiasKaminsky]

• create an encrypted folder
• share it as "file drop only"
• any user can drop a file into this folder via web ui
• it will be encrypted with public key, so that only owner can decrypt it

Clients will re-encrypt metadata once they sync folder.

Details:

Web UI

Link creation

• can be created in clients exclusively, not in web UI

Upload process in the files drop page

• for each file to be uploaded:
• lock folder using OCS endpoint (see docs)
• encrypt file with asymmetric AES (https://github.com/nextcloud/end_to_end_encryption_rfc/blob/master/RFC.md#uploading-new-files)
• upload the encrypted file: Webdav PUT to the files drop endpoint, use the string from the previous bullet point as file name
• get the metadata file from the folder, or create if not exists (the file itself is not encrypted)
• update metadata (currently https://github.com/nextcloud/end_to_end_encryption_rfc/blob/master/RFC.md#create-metadata-file)
  • "filesdrop" as array with each encrypted entry per file (we use a separate entry because in the future there will be different keys)
  • add to "filesdrop" new entry with (just like now)
  • use encryption RSA/ECB/OAEPWithSHA-256AndMGF1Padding algo
  • encrypted file name as index
  • key
  • filename
  • mimetype
  • version
  • "initializationVector"
  • "authenticationTag"
  • no need for other fields
  • retrieves public key
  • encrypt entry of "filesdrop" with public key
• upload+overwrite metadata file (OCS specific endpoint)
• unlock folder

Clients will do:

• create secure fileshare link
  • this requires a new endpoint, please add (@CarlSchwan)
  • will be shown on any encrypted folder, also non-empty ones
• upon refresh of encrypted folder
  • check for entries in "filesdrop"
  • if there is one
  • lock folder
  • update metadata: move all "filesdrop" entries to "files" entry
  • upload metadata file
  • unlock folder

ToDo:

• write possible attack vector
  • rogue admin can remove entries

Server

• [ ] https://github.com/nextcloud/server/pull/35736
• [ ] https://github.com/nextcloud/end_to_end_encryption/pull/367
• [x] https://github.com/nextcloud/server/pull/35213

Until 8.12: App: @CarlSchwan

From 8.12 to 22.12: Android: @tobiasKaminsky iOS: @marinofaggiana Desktop: @allexzander

[PVince81]

seems there might be browser native support: https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/encrypt#aes-gcm

it takes an ArrayBuffer and it seems you can get one from a local file: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer

[PVince81]

Development phases:

Phase 1: timeline December 8th

• add hook on server for injecting the files drop JS code
• research encrypting on JS for file payload: "AES/GCM/NoPadding" (see https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/encrypt#aes-gcm)
• implement file encryption in JS, then encrypt a test file, send to @tobiasKaminsky to confirm that it can be decrypted
• research encrypting on JS with "RSA/ECB/OAEPWithSHA-256AndMGF1Padding", encrypt some payload and check with @tobiasKaminsky if it can be decrypted properly

Phase 2: timeline ~December 22nd

• implement the actual upload (no chunking needed if not possible)
  • if too complicated with file-upload.js (the ugly old upload code), a workaround would be to first encrypt the file into a Blob object and then upload that one
• metadata file

Phase 3: ~December 22nd

• adjust clients to post-process the upload
• adjust clients to also allow creating files-drop link shares only

[tobiasKaminsky]

@CarlSchwan do you have any working prototype that we can put on our e2e ltd test instance?

[tobiasKaminsky]

Client need to directly create a filedrop share, which is currently not possible due to https://github.com/nextcloud/server/issues/32611. But there is already a fix for it: https://github.com/nextcloud/server/pull/35213 It would then needed to be backported.

[tobiasKaminsky]

Client:

• only on encrypted folder: create secure filedrop via:

  curl --request POST \
  --url 'http://localhost/nc/ocs/v2.php/apps/files_sharing/api/v1/shares?format=json&path=%2FEncryptedFiledrop&shareType=3&permissions=4' \
  --header 'OCS-APIRequest: true'

• basically like every other public share link, but with permission 4 (only "create" https://docs.nextcloud.com/server/latest/developer_manual/client_apis/OCS/ocs-share-api.html)

[allexzander]

draft PR for desktop https://github.com/nextcloud/desktop/pull/5327 (only able to create links now)