2012-07-25 15:38:40 +04:00
|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* Copyright (c) 2012 Sam Tuke <samtuke@owncloud.com>
|
|
|
|
* This file is licensed under the Affero General Public License version 3 or
|
|
|
|
* later.
|
|
|
|
* See the COPYING-README file.
|
|
|
|
*/
|
|
|
|
|
2013-08-21 12:59:31 +04:00
|
|
|
require_once __DIR__ . '/../../../lib/base.php';
|
|
|
|
require_once __DIR__ . '/../lib/crypt.php';
|
|
|
|
require_once __DIR__ . '/../lib/keymanager.php';
|
|
|
|
require_once __DIR__ . '/../lib/proxy.php';
|
|
|
|
require_once __DIR__ . '/../lib/stream.php';
|
|
|
|
require_once __DIR__ . '/../lib/util.php';
|
|
|
|
require_once __DIR__ . '/../appinfo/app.php';
|
2013-01-02 23:29:22 +04:00
|
|
|
|
2012-11-16 22:30:00 +04:00
|
|
|
use OCA\Encryption;
|
2012-11-14 20:39:35 +04:00
|
|
|
|
2013-05-20 00:28:48 +04:00
|
|
|
/**
|
|
|
|
* Class Test_Encryption_Util
|
|
|
|
*/
|
2013-05-26 22:44:15 +04:00
|
|
|
class Test_Encryption_Util extends \PHPUnit_Framework_TestCase {
|
|
|
|
|
|
|
|
const TEST_ENCRYPTION_UTIL_USER1 = "test-util-user1";
|
|
|
|
const TEST_ENCRYPTION_UTIL_LEGACY_USER = "test-legacy-user";
|
2013-05-20 00:28:48 +04:00
|
|
|
|
|
|
|
public $userId;
|
|
|
|
public $encryptionDir;
|
|
|
|
public $publicKeyDir;
|
|
|
|
public $pass;
|
|
|
|
/**
|
|
|
|
* @var OC_FilesystemView
|
|
|
|
*/
|
|
|
|
public $view;
|
|
|
|
public $keyfilesPath;
|
|
|
|
public $publicKeyPath;
|
|
|
|
public $privateKeyPath;
|
|
|
|
/**
|
|
|
|
* @var \OCA\Encryption\Util
|
|
|
|
*/
|
|
|
|
public $util;
|
|
|
|
public $dataShort;
|
2013-05-20 23:19:28 +04:00
|
|
|
public $legacyEncryptedData;
|
|
|
|
public $legacyEncryptedDataKey;
|
2013-05-26 22:44:15 +04:00
|
|
|
public $legacyKey;
|
|
|
|
public $stateFilesTrashbin;
|
2013-05-20 00:28:48 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
public static function setUpBeforeClass() {
|
2013-05-20 03:24:36 +04:00
|
|
|
// reset backend
|
2013-05-26 22:44:15 +04:00
|
|
|
\OC_User::clearBackends();
|
|
|
|
\OC_User::useBackend('database');
|
2013-04-30 03:35:46 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
// Filesystem related hooks
|
|
|
|
\OCA\Encryption\Helper::registerFilesystemHooks();
|
|
|
|
|
|
|
|
// clear and register hooks
|
|
|
|
\OC_FileProxy::clearProxies();
|
|
|
|
\OC_FileProxy::register(new OCA\Encryption\Proxy());
|
|
|
|
|
|
|
|
// create test user
|
|
|
|
\Test_Encryption_Util::loginHelper(\Test_Encryption_Util::TEST_ENCRYPTION_UTIL_USER1, true);
|
|
|
|
\Test_Encryption_Util::loginHelper(\Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER, true);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function setUp() {
|
2014-02-10 20:23:54 +04:00
|
|
|
// login user
|
|
|
|
\Test_Encryption_Util::loginHelper(\Test_Encryption_Util::TEST_ENCRYPTION_UTIL_USER1);
|
2013-05-26 22:44:15 +04:00
|
|
|
\OC_User::setUserId(\Test_Encryption_Util::TEST_ENCRYPTION_UTIL_USER1);
|
|
|
|
$this->userId = \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_USER1;
|
|
|
|
$this->pass = \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_USER1;
|
2013-04-30 03:35:46 +04:00
|
|
|
|
2013-05-20 03:24:36 +04:00
|
|
|
// set content for encrypting / decrypting in tests
|
2013-08-21 12:59:31 +04:00
|
|
|
$this->dataUrl = __DIR__ . '/../lib/crypt.php';
|
2012-11-20 23:10:10 +04:00
|
|
|
$this->dataShort = 'hats';
|
2013-08-21 12:59:31 +04:00
|
|
|
$this->dataLong = file_get_contents(__DIR__ . '/../lib/crypt.php');
|
|
|
|
$this->legacyData = __DIR__ . '/legacy-text.txt';
|
|
|
|
$this->legacyEncryptedData = __DIR__ . '/legacy-encrypted-text.txt';
|
|
|
|
$this->legacyEncryptedDataKey = __DIR__ . '/encryption.key';
|
2013-05-31 03:55:48 +04:00
|
|
|
$this->legacyKey = "30943623843030686906\0\0\0\0";
|
2013-04-30 03:35:46 +04:00
|
|
|
|
2012-11-20 23:10:10 +04:00
|
|
|
$keypair = Encryption\Crypt::createKeypair();
|
2013-05-20 03:24:36 +04:00
|
|
|
|
|
|
|
$this->genPublicKey = $keypair['publicKey'];
|
2012-11-20 23:10:10 +04:00
|
|
|
$this->genPrivateKey = $keypair['privateKey'];
|
2013-05-20 03:24:36 +04:00
|
|
|
|
|
|
|
$this->publicKeyDir = '/' . 'public-keys';
|
|
|
|
$this->encryptionDir = '/' . $this->userId . '/' . 'files_encryption';
|
2012-11-16 22:30:00 +04:00
|
|
|
$this->keyfilesPath = $this->encryptionDir . '/' . 'keyfiles';
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->publicKeyPath =
|
|
|
|
$this->publicKeyDir . '/' . $this->userId . '.public.key'; // e.g. data/public-keys/admin.public.key
|
|
|
|
$this->privateKeyPath =
|
|
|
|
$this->encryptionDir . '/' . $this->userId . '.private.key'; // e.g. data/admin/admin.private.key
|
2013-05-15 04:38:08 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->view = new \OC_FilesystemView('/');
|
2013-05-15 04:38:08 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->util = new Encryption\Util($this->view, $this->userId);
|
2013-04-30 03:35:46 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
// remember files_trashbin state
|
|
|
|
$this->stateFilesTrashbin = OC_App::isEnabled('files_trashbin');
|
2013-05-01 03:43:56 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
// we don't want to tests with app files_trashbin enabled
|
|
|
|
\OC_App::disable('files_trashbin');
|
2012-07-25 15:38:40 +04:00
|
|
|
}
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
function tearDown() {
|
2013-05-26 22:44:15 +04:00
|
|
|
// reset app files_trashbin
|
|
|
|
if ($this->stateFilesTrashbin) {
|
|
|
|
OC_App::enable('files_trashbin');
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
OC_App::disable('files_trashbin');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public static function tearDownAfterClass() {
|
|
|
|
// cleanup test user
|
|
|
|
\OC_User::deleteUser(\Test_Encryption_Util::TEST_ENCRYPTION_UTIL_USER1);
|
|
|
|
\OC_User::deleteUser(\Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER);
|
2012-11-16 22:30:00 +04:00
|
|
|
}
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2012-11-16 22:30:00 +04:00
|
|
|
/**
|
2013-06-10 11:31:22 +04:00
|
|
|
* @medium
|
2012-11-16 22:30:00 +04:00
|
|
|
* @brief test that paths set during User construction are correct
|
|
|
|
*/
|
2013-05-26 05:22:16 +04:00
|
|
|
function testKeyPaths() {
|
2013-05-26 22:44:15 +04:00
|
|
|
$util = new Encryption\Util($this->view, $this->userId);
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->assertEquals($this->publicKeyDir, $util->getPath('publicKeyDir'));
|
|
|
|
$this->assertEquals($this->encryptionDir, $util->getPath('encryptionDir'));
|
|
|
|
$this->assertEquals($this->keyfilesPath, $util->getPath('keyfilesPath'));
|
|
|
|
$this->assertEquals($this->publicKeyPath, $util->getPath('publicKeyPath'));
|
|
|
|
$this->assertEquals($this->privateKeyPath, $util->getPath('privateKeyPath'));
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2012-11-16 22:30:00 +04:00
|
|
|
}
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-12-18 19:39:34 +04:00
|
|
|
/**
|
|
|
|
* @medium
|
|
|
|
* @brief test detection of encrypted files
|
|
|
|
*/
|
|
|
|
function testIsEncryptedPath() {
|
|
|
|
|
|
|
|
$util = new Encryption\Util($this->view, $this->userId);
|
|
|
|
|
|
|
|
self::loginHelper($this->userId);
|
|
|
|
|
2014-01-21 19:19:26 +04:00
|
|
|
$unencryptedFile = '/tmpUnencrypted-' . uniqid() . '.txt';
|
|
|
|
$encryptedFile = '/tmpEncrypted-' . uniqid() . '.txt';
|
2013-12-18 19:39:34 +04:00
|
|
|
|
|
|
|
// Disable encryption proxy to write a unencrypted file
|
|
|
|
$proxyStatus = \OC_FileProxy::$enabled;
|
|
|
|
\OC_FileProxy::$enabled = false;
|
|
|
|
|
|
|
|
$this->view->file_put_contents($this->userId . '/files/' . $unencryptedFile, $this->dataShort);
|
|
|
|
|
|
|
|
// Re-enable proxy - our work is done
|
|
|
|
\OC_FileProxy::$enabled = $proxyStatus;
|
|
|
|
|
|
|
|
// write a encrypted file
|
|
|
|
$this->view->file_put_contents($this->userId . '/files/' . $encryptedFile, $this->dataShort);
|
|
|
|
|
|
|
|
// test if both files are detected correctly
|
|
|
|
$this->assertFalse($util->isEncryptedPath($this->userId . '/files/' . $unencryptedFile));
|
|
|
|
$this->assertTrue($util->isEncryptedPath($this->userId . '/files/' . $encryptedFile));
|
|
|
|
|
|
|
|
// cleanup
|
|
|
|
$this->view->unlink($this->userId . '/files/' . $unencryptedFile, $this->dataShort);
|
|
|
|
$this->view->unlink($this->userId . '/files/' . $encryptedFile, $this->dataShort);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2012-11-16 22:30:00 +04:00
|
|
|
/**
|
2013-06-10 11:31:22 +04:00
|
|
|
* @medium
|
2013-05-18 23:37:00 +04:00
|
|
|
* @brief test setup of encryption directories
|
2012-11-16 22:30:00 +04:00
|
|
|
*/
|
2013-05-26 05:22:16 +04:00
|
|
|
function testSetupServerSide() {
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->assertEquals(true, $this->util->setupServerSide($this->pass));
|
2012-11-16 22:30:00 +04:00
|
|
|
}
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2012-11-16 22:30:00 +04:00
|
|
|
/**
|
2013-06-10 11:31:22 +04:00
|
|
|
* @medium
|
2013-05-18 23:37:00 +04:00
|
|
|
* @brief test checking whether account is ready for encryption,
|
2012-11-16 22:30:00 +04:00
|
|
|
*/
|
2013-05-26 05:22:16 +04:00
|
|
|
function testUserIsReady() {
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->assertEquals(true, $this->util->ready());
|
2013-01-23 23:24:26 +04:00
|
|
|
}
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-05-20 23:19:28 +04:00
|
|
|
/**
|
|
|
|
* @brief test checking whether account is not ready for encryption,
|
|
|
|
*/
|
2013-05-26 22:44:15 +04:00
|
|
|
// function testUserIsNotReady() {
|
|
|
|
// $this->view->unlink($this->publicKeyDir);
|
|
|
|
//
|
|
|
|
// $params['uid'] = $this->userId;
|
|
|
|
// $params['password'] = $this->pass;
|
|
|
|
// $this->assertFalse(OCA\Encryption\Hooks::login($params));
|
|
|
|
//
|
|
|
|
// $this->view->unlink($this->privateKeyPath);
|
|
|
|
// }
|
2013-05-20 23:19:28 +04:00
|
|
|
|
|
|
|
/**
|
2013-06-10 11:31:22 +04:00
|
|
|
* @medium
|
2013-05-20 23:19:28 +04:00
|
|
|
* @brief test checking whether account is not ready for encryption,
|
|
|
|
*/
|
2013-05-26 22:44:15 +04:00
|
|
|
function testIsLegacyUser() {
|
|
|
|
\Test_Encryption_Util::loginHelper(\Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER);
|
|
|
|
|
|
|
|
$userView = new \OC_FilesystemView('/' . \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER);
|
2013-05-20 23:19:28 +04:00
|
|
|
|
|
|
|
// Disable encryption proxy to prevent recursive calls
|
|
|
|
$proxyStatus = \OC_FileProxy::$enabled;
|
|
|
|
\OC_FileProxy::$enabled = false;
|
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$encryptionKeyContent = file_get_contents($this->legacyEncryptedDataKey);
|
|
|
|
$userView->file_put_contents('/encryption.key', $encryptionKeyContent);
|
2013-05-20 23:19:28 +04:00
|
|
|
|
|
|
|
\OC_FileProxy::$enabled = $proxyStatus;
|
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$params['uid'] = \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER;
|
|
|
|
$params['password'] = \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER;
|
2013-05-20 23:19:28 +04:00
|
|
|
|
2013-06-12 16:00:53 +04:00
|
|
|
$this->setMigrationStatus(0, \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER);
|
2013-05-20 23:19:28 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->assertTrue(OCA\Encryption\Hooks::login($params));
|
2013-05-20 23:19:28 +04:00
|
|
|
|
2013-05-28 03:04:09 +04:00
|
|
|
$this->assertEquals($this->legacyKey, \OC::$session->get('legacyKey'));
|
2013-05-20 23:19:28 +04:00
|
|
|
}
|
|
|
|
|
2013-06-10 11:31:22 +04:00
|
|
|
/**
|
|
|
|
* @medium
|
|
|
|
*/
|
2013-05-26 05:22:16 +04:00
|
|
|
function testRecoveryEnabledForUser() {
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$util = new Encryption\Util($this->view, $this->userId);
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-03-20 22:26:59 +04:00
|
|
|
// Record the value so we can return it to it's original state later
|
2013-05-01 21:18:31 +04:00
|
|
|
$enabled = $util->recoveryEnabledForUser();
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->assertTrue($util->setRecoveryForUser(1));
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->assertEquals(1, $util->recoveryEnabledForUser());
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->assertTrue($util->setRecoveryForUser(0));
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->assertEquals(0, $util->recoveryEnabledForUser());
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-03-20 22:26:59 +04:00
|
|
|
// Return the setting to it's previous state
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->assertTrue($util->setRecoveryForUser($enabled));
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-03-20 22:26:59 +04:00
|
|
|
}
|
2013-04-30 03:35:46 +04:00
|
|
|
|
2013-06-10 11:31:22 +04:00
|
|
|
/**
|
|
|
|
* @medium
|
|
|
|
*/
|
2013-05-26 05:22:16 +04:00
|
|
|
function testGetUidAndFilename() {
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
\OC_User::setUserId(\Test_Encryption_Util::TEST_ENCRYPTION_UTIL_USER1);
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2014-01-21 19:19:26 +04:00
|
|
|
$filename = '/tmp-' . uniqid() . '.test';
|
2013-04-30 03:35:46 +04:00
|
|
|
|
2013-05-20 03:24:36 +04:00
|
|
|
// Disable encryption proxy to prevent recursive calls
|
|
|
|
$proxyStatus = \OC_FileProxy::$enabled;
|
|
|
|
\OC_FileProxy::$enabled = false;
|
2013-04-30 03:35:46 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->view->file_put_contents($this->userId . '/files/' . $filename, $this->dataShort);
|
2013-04-30 03:35:46 +04:00
|
|
|
|
2013-05-20 03:24:36 +04:00
|
|
|
// Re-enable proxy - our work is done
|
|
|
|
\OC_FileProxy::$enabled = $proxyStatus;
|
2013-04-30 03:35:46 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$util = new Encryption\Util($this->view, $this->userId);
|
2013-04-30 03:35:46 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
list($fileOwnerUid, $file) = $util->getUidAndFilename($filename);
|
2013-04-30 03:35:46 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->assertEquals(\Test_Encryption_Util::TEST_ENCRYPTION_UTIL_USER1, $fileOwnerUid);
|
2013-04-30 03:35:46 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->assertEquals($file, $filename);
|
2013-05-26 05:22:16 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->view->unlink($this->userId . '/files/' . $filename);
|
2013-04-10 19:37:03 +04:00
|
|
|
}
|
2013-05-22 02:55:16 +04:00
|
|
|
|
2013-10-05 20:00:46 +04:00
|
|
|
/**
|
|
|
|
< * @brief Test that data that is read by the crypto stream wrapper
|
|
|
|
*/
|
|
|
|
function testGetFileSize() {
|
|
|
|
\Test_Encryption_Util::loginHelper(\Test_Encryption_Util::TEST_ENCRYPTION_UTIL_USER1);
|
|
|
|
|
2014-01-21 19:19:26 +04:00
|
|
|
$filename = 'tmp-' . uniqid();
|
2013-10-05 20:00:46 +04:00
|
|
|
$externalFilename = '/' . $this->userId . '/files/' . $filename;
|
|
|
|
|
|
|
|
// Test for 0 byte files
|
|
|
|
$problematicFileSizeData = "";
|
|
|
|
$cryptedFile = $this->view->file_put_contents($externalFilename, $problematicFileSizeData);
|
|
|
|
$this->assertTrue(is_int($cryptedFile));
|
|
|
|
$this->assertEquals($this->util->getFileSize($externalFilename), 0);
|
|
|
|
$decrypt = $this->view->file_get_contents($externalFilename);
|
|
|
|
$this->assertEquals($problematicFileSizeData, $decrypt);
|
|
|
|
$this->view->unlink($this->userId . '/files/' . $filename);
|
|
|
|
|
|
|
|
// Test a file with 18377 bytes as in https://github.com/owncloud/mirall/issues/1009
|
|
|
|
$problematicFileSizeData = str_pad("", 18377, "abc");
|
|
|
|
$cryptedFile = $this->view->file_put_contents($externalFilename, $problematicFileSizeData);
|
|
|
|
$this->assertTrue(is_int($cryptedFile));
|
|
|
|
$this->assertEquals($this->util->getFileSize($externalFilename), 18377);
|
|
|
|
$decrypt = $this->view->file_get_contents($externalFilename);
|
|
|
|
$this->assertEquals($problematicFileSizeData, $decrypt);
|
|
|
|
$this->view->unlink($this->userId . '/files/' . $filename);
|
|
|
|
}
|
|
|
|
|
2013-06-10 11:31:22 +04:00
|
|
|
/**
|
|
|
|
* @medium
|
|
|
|
*/
|
2013-05-22 02:55:16 +04:00
|
|
|
function testIsSharedPath() {
|
|
|
|
$sharedPath = '/user1/files/Shared/test';
|
|
|
|
$path = '/user1/files/test';
|
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->assertTrue($this->util->isSharedPath($sharedPath));
|
2013-05-22 02:55:16 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->assertFalse($this->util->isSharedPath($path));
|
2013-05-22 02:55:16 +04:00
|
|
|
}
|
|
|
|
|
2013-11-14 15:11:21 +04:00
|
|
|
function testEncryptAll() {
|
|
|
|
|
2014-01-21 19:19:26 +04:00
|
|
|
$filename = "/encryptAll" . uniqid() . ".txt";
|
2013-11-14 15:11:21 +04:00
|
|
|
$util = new Encryption\Util($this->view, $this->userId);
|
|
|
|
|
|
|
|
// disable encryption to upload a unencrypted file
|
|
|
|
\OC_App::disable('files_encryption');
|
|
|
|
|
|
|
|
$this->view->file_put_contents($this->userId . '/files/' . $filename, $this->dataShort);
|
|
|
|
|
|
|
|
$fileInfoUnencrypted = $this->view->getFileInfo($this->userId . '/files/' . $filename);
|
|
|
|
|
2014-01-17 17:38:14 +04:00
|
|
|
$this->assertTrue($fileInfoUnencrypted instanceof \OC\Files\FileInfo);
|
2013-11-14 15:11:21 +04:00
|
|
|
|
|
|
|
// enable file encryption again
|
|
|
|
\OC_App::enable('files_encryption');
|
|
|
|
|
|
|
|
// encrypt all unencrypted files
|
|
|
|
$util->encryptAll('/' . $this->userId . '/' . 'files');
|
|
|
|
|
|
|
|
$fileInfoEncrypted = $this->view->getFileInfo($this->userId . '/files/' . $filename);
|
|
|
|
|
2014-01-17 17:38:14 +04:00
|
|
|
$this->assertTrue($fileInfoEncrypted instanceof \OC\Files\FileInfo);
|
2013-11-14 15:11:21 +04:00
|
|
|
|
|
|
|
// check if mtime and etags unchanged
|
|
|
|
$this->assertEquals($fileInfoEncrypted['mtime'], $fileInfoUnencrypted['mtime']);
|
2014-02-27 12:39:34 +04:00
|
|
|
$this->assertSame($fileInfoEncrypted['etag'], $fileInfoUnencrypted['etag']);
|
2013-11-14 15:11:21 +04:00
|
|
|
|
|
|
|
$this->view->unlink($this->userId . '/files/' . $filename);
|
|
|
|
}
|
|
|
|
|
|
|
|
function testDecryptAll() {
|
|
|
|
|
2014-01-21 19:19:26 +04:00
|
|
|
$filename = "/decryptAll" . uniqid() . ".txt";
|
2014-04-28 16:40:10 +04:00
|
|
|
$datadir = \OC_Config::getValue('datadirectory', \OC::$SERVERROOT . '/data/');
|
|
|
|
$userdir = $datadir . '/' . $this->userId . '/files/';
|
|
|
|
|
2013-11-14 15:11:21 +04:00
|
|
|
$util = new Encryption\Util($this->view, $this->userId);
|
|
|
|
|
|
|
|
$this->view->file_put_contents($this->userId . '/files/' . $filename, $this->dataShort);
|
|
|
|
|
|
|
|
$fileInfoEncrypted = $this->view->getFileInfo($this->userId . '/files/' . $filename);
|
|
|
|
|
2014-01-17 17:38:14 +04:00
|
|
|
$this->assertTrue($fileInfoEncrypted instanceof \OC\Files\FileInfo);
|
2014-02-10 20:23:54 +04:00
|
|
|
$this->assertEquals($fileInfoEncrypted['encrypted'], 1);
|
2013-11-14 15:11:21 +04:00
|
|
|
|
2014-04-28 16:40:10 +04:00
|
|
|
$encContent = file_get_contents($userdir . $filename);
|
2014-02-10 20:23:54 +04:00
|
|
|
|
2014-04-28 16:40:10 +04:00
|
|
|
\OC_App::disable('files_encryption');
|
2013-11-14 15:11:21 +04:00
|
|
|
|
2014-04-28 16:40:10 +04:00
|
|
|
$user = \OCP\User::getUser();
|
|
|
|
$this->logoutHelper();
|
|
|
|
$this->loginHelper($user, false, false, false);
|
|
|
|
|
|
|
|
$content = file_get_contents($userdir . $filename);
|
|
|
|
|
|
|
|
//content should be encrypted
|
|
|
|
$this->assertSame($encContent, $content);
|
|
|
|
|
|
|
|
// now we load the encryption app again
|
|
|
|
OC_App::loadApp('files_encryption');
|
|
|
|
|
|
|
|
// init encryption app
|
|
|
|
$params = array('uid' => \OCP\User::getUser(),
|
|
|
|
'password' => \OCP\User::getUser());
|
|
|
|
|
|
|
|
$view = new OC_FilesystemView('/');
|
|
|
|
$util = new \OCA\Encryption\Util($view, \OCP\User::getUser());
|
2013-11-14 15:11:21 +04:00
|
|
|
|
2014-04-28 16:40:10 +04:00
|
|
|
$result = $util->initEncryption($params);
|
|
|
|
|
|
|
|
$this->assertTrue($result instanceof \OCA\Encryption\Session);
|
|
|
|
|
|
|
|
$successful = $util->decryptAll();
|
|
|
|
|
|
|
|
$this->assertTrue($successful);
|
|
|
|
|
|
|
|
$this->logoutHelper();
|
|
|
|
$this->loginHelper($user, false, false, false);
|
|
|
|
|
|
|
|
// file should be unencrypted and fileInfo should contain the correct values
|
|
|
|
$content = file_get_contents($userdir . $filename);
|
|
|
|
|
|
|
|
// now we should get the plain data
|
|
|
|
$this->assertSame($this->dataShort, $content);
|
|
|
|
|
|
|
|
$fileInfoUnencrypted = $this->view->getFileInfo($this->userId . '/files/' . $filename);
|
2014-01-17 17:38:14 +04:00
|
|
|
$this->assertTrue($fileInfoUnencrypted instanceof \OC\Files\FileInfo);
|
2013-11-14 15:11:21 +04:00
|
|
|
|
|
|
|
// check if mtime and etags unchanged
|
|
|
|
$this->assertEquals($fileInfoEncrypted['mtime'], $fileInfoUnencrypted['mtime']);
|
2014-02-27 12:39:34 +04:00
|
|
|
$this->assertSame($fileInfoEncrypted['etag'], $fileInfoUnencrypted['etag']);
|
2014-02-10 20:23:54 +04:00
|
|
|
// file should no longer be encrypted
|
|
|
|
$this->assertEquals(0, $fileInfoUnencrypted['encrypted']);
|
2013-11-14 15:11:21 +04:00
|
|
|
|
2014-04-28 16:40:10 +04:00
|
|
|
// cleanup
|
2013-11-14 15:11:21 +04:00
|
|
|
$this->view->unlink($this->userId . '/files/' . $filename);
|
2014-04-28 16:40:10 +04:00
|
|
|
OC_App::enable('files_encryption');
|
2013-11-14 15:11:21 +04:00
|
|
|
|
|
|
|
}
|
|
|
|
|
2014-04-28 16:40:10 +04:00
|
|
|
|
2014-02-10 20:23:54 +04:00
|
|
|
function testDescryptAllWithBrokenFiles() {
|
|
|
|
|
|
|
|
$file1 = "/decryptAll1" . uniqid() . ".txt";
|
|
|
|
$file2 = "/decryptAll2" . uniqid() . ".txt";
|
|
|
|
|
|
|
|
$util = new Encryption\Util($this->view, $this->userId);
|
|
|
|
|
|
|
|
$this->view->file_put_contents($this->userId . '/files/' . $file1, $this->dataShort);
|
|
|
|
$this->view->file_put_contents($this->userId . '/files/' . $file2, $this->dataShort);
|
|
|
|
|
|
|
|
$fileInfoEncrypted1 = $this->view->getFileInfo($this->userId . '/files/' . $file1);
|
|
|
|
$fileInfoEncrypted2 = $this->view->getFileInfo($this->userId . '/files/' . $file2);
|
|
|
|
|
|
|
|
$this->assertTrue($fileInfoEncrypted1 instanceof \OC\Files\FileInfo);
|
|
|
|
$this->assertTrue($fileInfoEncrypted2 instanceof \OC\Files\FileInfo);
|
|
|
|
$this->assertEquals($fileInfoEncrypted1['encrypted'], 1);
|
|
|
|
$this->assertEquals($fileInfoEncrypted2['encrypted'], 1);
|
|
|
|
|
|
|
|
// rename keyfile for file1 so that the decryption for file1 fails
|
|
|
|
// Expected behaviour: decryptAll() returns false, file2 gets decrypted anyway
|
|
|
|
$this->view->rename($this->userId . '/files_encryption/keyfiles/' . $file1 . '.key',
|
|
|
|
$this->userId . '/files_encryption/keyfiles/' . $file1 . '.key.moved');
|
|
|
|
|
|
|
|
// decrypt all encrypted files
|
|
|
|
$result = $util->decryptAll('/' . $this->userId . '/' . 'files');
|
|
|
|
|
|
|
|
$this->assertFalse($result);
|
|
|
|
|
|
|
|
$fileInfoUnencrypted1 = $this->view->getFileInfo($this->userId . '/files/' . $file1);
|
|
|
|
$fileInfoUnencrypted2 = $this->view->getFileInfo($this->userId . '/files/' . $file2);
|
|
|
|
|
|
|
|
$this->assertTrue($fileInfoUnencrypted1 instanceof \OC\Files\FileInfo);
|
|
|
|
$this->assertTrue($fileInfoUnencrypted2 instanceof \OC\Files\FileInfo);
|
|
|
|
|
|
|
|
// file1 should be still encrypted; file2 should be decrypted
|
|
|
|
$this->assertEquals(1, $fileInfoUnencrypted1['encrypted']);
|
|
|
|
$this->assertEquals(0, $fileInfoUnencrypted2['encrypted']);
|
|
|
|
|
|
|
|
// keyfiles and share keys should still exist
|
|
|
|
$this->assertTrue($this->view->is_dir($this->userId . '/files_encryption/keyfiles/'));
|
|
|
|
$this->assertTrue($this->view->is_dir($this->userId . '/files_encryption/share-keys/'));
|
|
|
|
|
|
|
|
// rename the keyfile for file1 back
|
|
|
|
$this->view->rename($this->userId . '/files_encryption/keyfiles/' . $file1 . '.key.moved',
|
|
|
|
$this->userId . '/files_encryption/keyfiles/' . $file1 . '.key');
|
|
|
|
|
|
|
|
// try again to decrypt all encrypted files
|
|
|
|
$result = $util->decryptAll('/' . $this->userId . '/' . 'files');
|
|
|
|
|
|
|
|
$this->assertTrue($result);
|
|
|
|
|
|
|
|
$fileInfoUnencrypted1 = $this->view->getFileInfo($this->userId . '/files/' . $file1);
|
|
|
|
$fileInfoUnencrypted2 = $this->view->getFileInfo($this->userId . '/files/' . $file2);
|
|
|
|
|
|
|
|
$this->assertTrue($fileInfoUnencrypted1 instanceof \OC\Files\FileInfo);
|
|
|
|
$this->assertTrue($fileInfoUnencrypted2 instanceof \OC\Files\FileInfo);
|
|
|
|
|
|
|
|
// now both files should be decrypted
|
|
|
|
$this->assertEquals(0, $fileInfoUnencrypted1['encrypted']);
|
|
|
|
$this->assertEquals(0, $fileInfoUnencrypted2['encrypted']);
|
|
|
|
|
|
|
|
// keyfiles and share keys should be deleted
|
|
|
|
$this->assertFalse($this->view->is_dir($this->userId . '/files_encryption/keyfiles/'));
|
|
|
|
$this->assertFalse($this->view->is_dir($this->userId . '/files_encryption/share-keys/'));
|
|
|
|
|
|
|
|
$this->view->unlink($this->userId . '/files/' . $file1);
|
|
|
|
$this->view->unlink($this->userId . '/files/' . $file2);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2013-06-10 11:31:22 +04:00
|
|
|
/**
|
|
|
|
* @large
|
|
|
|
*/
|
2013-05-26 22:44:15 +04:00
|
|
|
function testEncryptLegacyFiles() {
|
|
|
|
\Test_Encryption_Util::loginHelper(\Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER);
|
2013-05-26 05:22:16 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$userView = new \OC_FilesystemView('/' . \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER);
|
|
|
|
$view = new \OC_FilesystemView('/' . \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER . '/files');
|
2013-05-22 02:55:16 +04:00
|
|
|
|
|
|
|
// Disable encryption proxy to prevent recursive calls
|
|
|
|
$proxyStatus = \OC_FileProxy::$enabled;
|
|
|
|
\OC_FileProxy::$enabled = false;
|
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$encryptionKeyContent = file_get_contents($this->legacyEncryptedDataKey);
|
|
|
|
$userView->file_put_contents('/encryption.key', $encryptionKeyContent);
|
2013-05-22 02:55:16 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$legacyEncryptedData = file_get_contents($this->legacyEncryptedData);
|
|
|
|
$view->mkdir('/test/');
|
|
|
|
$view->mkdir('/test/subtest/');
|
|
|
|
$view->file_put_contents('/test/subtest/legacy-encrypted-text.txt', $legacyEncryptedData);
|
2013-05-22 02:55:16 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$fileInfo = $view->getFileInfo('/test/subtest/legacy-encrypted-text.txt');
|
2013-05-22 02:55:16 +04:00
|
|
|
$fileInfo['encrypted'] = true;
|
2013-05-26 22:44:15 +04:00
|
|
|
$view->putFileInfo('/test/subtest/legacy-encrypted-text.txt', $fileInfo);
|
2013-05-22 02:55:16 +04:00
|
|
|
|
|
|
|
\OC_FileProxy::$enabled = $proxyStatus;
|
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$params['uid'] = \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER;
|
|
|
|
$params['password'] = \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER;
|
2013-05-22 02:55:16 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$util = new Encryption\Util($this->view, \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER);
|
2013-06-12 16:00:53 +04:00
|
|
|
$this->setMigrationStatus(0, \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER);
|
2013-05-22 02:55:16 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->assertTrue(OCA\Encryption\Hooks::login($params));
|
2013-05-22 02:55:16 +04:00
|
|
|
|
2013-05-28 03:04:09 +04:00
|
|
|
$this->assertEquals($this->legacyKey, \OC::$session->get('legacyKey'));
|
2013-05-22 02:55:16 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$files = $util->findEncFiles('/' . \Test_Encryption_Util::TEST_ENCRYPTION_UTIL_LEGACY_USER . '/files/');
|
2013-05-22 02:55:16 +04:00
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->assertTrue(is_array($files));
|
2013-05-22 02:55:16 +04:00
|
|
|
|
|
|
|
$found = false;
|
2013-05-26 22:44:15 +04:00
|
|
|
foreach ($files['encrypted'] as $encryptedFile) {
|
|
|
|
if ($encryptedFile['name'] === 'legacy-encrypted-text.txt') {
|
2013-05-22 02:55:16 +04:00
|
|
|
$found = true;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-05-26 22:44:15 +04:00
|
|
|
$this->assertTrue($found);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param $user
|
|
|
|
* @param bool $create
|
|
|
|
* @param bool $password
|
|
|
|
*/
|
2014-04-28 16:40:10 +04:00
|
|
|
public static function loginHelper($user, $create = false, $password = false, $loadEncryption = true) {
|
2013-05-26 22:44:15 +04:00
|
|
|
if ($create) {
|
2014-03-05 16:19:08 +04:00
|
|
|
try {
|
|
|
|
\OC_User::createUser($user, $user);
|
|
|
|
} catch(\Exception $e) { // catch username is already being used from previous aborted runs
|
|
|
|
|
|
|
|
}
|
2013-05-26 22:44:15 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
if ($password === false) {
|
|
|
|
$password = $user;
|
|
|
|
}
|
|
|
|
|
|
|
|
\OC_Util::tearDownFS();
|
|
|
|
\OC_User::setUserId('');
|
|
|
|
\OC\Files\Filesystem::tearDown();
|
|
|
|
\OC_User::setUserId($user);
|
2014-04-09 19:52:24 +04:00
|
|
|
\OC_Util::setupFS($user);
|
2013-05-26 22:44:15 +04:00
|
|
|
|
2014-04-28 16:40:10 +04:00
|
|
|
if ($loadEncryption) {
|
|
|
|
$params['uid'] = $user;
|
|
|
|
$params['password'] = $password;
|
|
|
|
OCA\Encryption\Hooks::login($params);
|
|
|
|
}
|
2013-05-22 02:55:16 +04:00
|
|
|
}
|
2013-06-12 16:00:53 +04:00
|
|
|
|
2013-12-19 14:15:59 +04:00
|
|
|
public static function logoutHelper() {
|
|
|
|
\OC_Util::tearDownFS();
|
|
|
|
\OC_User::setUserId('');
|
|
|
|
\OC\Files\Filesystem::tearDown();
|
|
|
|
}
|
|
|
|
|
2013-06-13 12:35:30 +04:00
|
|
|
/**
|
|
|
|
* helper function to set migration status to the right value
|
|
|
|
* to be able to test the migration path
|
2013-10-05 20:00:46 +04:00
|
|
|
*
|
2014-02-06 19:30:58 +04:00
|
|
|
* @param integer $status needed migration status for test
|
2013-06-13 12:35:30 +04:00
|
|
|
* @param $user for which user the status should be set
|
|
|
|
* @return boolean
|
|
|
|
*/
|
2013-06-12 16:00:53 +04:00
|
|
|
private function setMigrationStatus($status, $user) {
|
|
|
|
$sql = 'UPDATE `*PREFIX*encryption` SET `migration_status` = ? WHERE `uid` = ?';
|
|
|
|
$args = array(
|
|
|
|
$status,
|
|
|
|
$user
|
|
|
|
);
|
|
|
|
|
|
|
|
$query = \OCP\DB::prepare($sql);
|
|
|
|
if ($query->execute($args)) {
|
|
|
|
return true;
|
|
|
|
} else {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-05-28 03:04:09 +04:00
|
|
|
}
|