2012-08-15 17:01:43 +04:00
|
|
|
<?php
|
|
|
|
|
/**
|
|
|
|
|
* Copyright (c) 2012 Sam Tuke <samtuke@owncloud.com>
|
|
|
|
|
* This file is licensed under the Affero General Public License version 3 or
|
|
|
|
|
* later.
|
|
|
|
|
* See the COPYING-README file.
|
|
|
|
|
*/
|
2013-05-18 23:37:00 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
require_once realpath( dirname( __FILE__ ) . '/../../../lib/base.php' );
|
|
|
|
|
require_once realpath( dirname( __FILE__ ) . '/../lib/crypt.php' );
|
|
|
|
|
require_once realpath( dirname( __FILE__ ) . '/../lib/keymanager.php' );
|
|
|
|
|
require_once realpath( dirname( __FILE__ ) . '/../lib/proxy.php' );
|
|
|
|
|
require_once realpath( dirname( __FILE__ ) . '/../lib/stream.php' );
|
|
|
|
|
require_once realpath( dirname( __FILE__ ) . '/../lib/util.php' );
|
|
|
|
|
require_once realpath( dirname( __FILE__ ) . '/../lib/helper.php' );
|
|
|
|
|
require_once realpath( dirname( __FILE__ ) . '/../appinfo/app.php' );
|
2012-08-15 17:01:43 +04:00
|
|
|
|
2012-11-16 22:31:37 +04:00
|
|
|
use OCA\Encryption;
|
|
|
|
|
|
2013-05-20 00:28:48 +04:00
|
|
|
/**
|
|
|
|
|
* Class Test_Encryption_Keymanager
|
|
|
|
|
*/
|
2013-05-20 03:24:36 +04:00
|
|
|
class Test_Encryption_Keymanager extends \PHPUnit_Framework_TestCase
|
|
|
|
|
{
|
2013-05-20 00:28:48 +04:00
|
|
|
|
|
|
|
|
public $userId;
|
|
|
|
|
public $pass;
|
|
|
|
|
public $stateFilesTrashbin;
|
|
|
|
|
/**
|
|
|
|
|
* @var OC_FilesystemView
|
|
|
|
|
*/
|
|
|
|
|
public $view;
|
|
|
|
|
public $randomKey;
|
2013-05-22 02:55:16 +04:00
|
|
|
public $dataShort;
|
2013-05-20 00:28:48 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
public static function setUpBeforeClass() {
|
2013-05-20 03:24:36 +04:00
|
|
|
// reset backend
|
|
|
|
|
\OC_User::clearBackends();
|
2013-05-26 05:22:16 +04:00
|
|
|
\OC_User::useBackend( 'database' );
|
2013-04-30 01:41:49 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
// Filesystem related hooks
|
|
|
|
|
\OCA\Encryption\Helper::registerFilesystemHooks();
|
|
|
|
|
|
|
|
|
|
// clear and register hooks
|
|
|
|
|
\OC_FileProxy::clearProxies();
|
|
|
|
|
\OC_FileProxy::register( new OCA\Encryption\Proxy() );
|
|
|
|
|
|
|
|
|
|
// disable file proxy by default
|
2012-08-15 17:01:43 +04:00
|
|
|
\OC_FileProxy::$enabled = false;
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
// setup filesystem
|
|
|
|
|
\OC_Util::tearDownFS();
|
|
|
|
|
\OC_User::setUserId( '' );
|
|
|
|
|
\OC\Files\Filesystem::tearDown();
|
|
|
|
|
\OC_Util::setupFS( 'admin' );
|
|
|
|
|
\OC_User::setUserId( 'admin' );
|
|
|
|
|
|
|
|
|
|
// login admin
|
|
|
|
|
$params['uid'] = 'admin';
|
|
|
|
|
$params['password'] = 'admin';
|
|
|
|
|
OCA\Encryption\Hooks::login( $params );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function setUp() {
|
2013-01-06 22:38:35 +04:00
|
|
|
// set content for encrypting / decrypting in tests
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->dataLong = file_get_contents( realpath( dirname( __FILE__ ) . '/../lib/crypt.php' ) );
|
2013-01-06 22:38:35 +04:00
|
|
|
$this->dataShort = 'hats';
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->dataUrl = realpath( dirname( __FILE__ ) . '/../lib/crypt.php' );
|
|
|
|
|
$this->legacyData = realpath( dirname( __FILE__ ) . '/legacy-text.txt' );
|
|
|
|
|
$this->legacyEncryptedData = realpath( dirname( __FILE__ ) . '/legacy-encrypted-text.txt' );
|
2013-01-06 22:38:35 +04:00
|
|
|
$this->randomKey = Encryption\Crypt::generateKey();
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-01-06 22:38:35 +04:00
|
|
|
$keypair = Encryption\Crypt::createKeypair();
|
2013-05-20 03:24:36 +04:00
|
|
|
$this->genPublicKey = $keypair['publicKey'];
|
2013-01-06 22:38:35 +04:00
|
|
|
$this->genPrivateKey = $keypair['privateKey'];
|
2013-05-15 04:38:08 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->view = new \OC_FilesystemView( '/' );
|
2013-05-15 04:38:08 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
\OC_User::setUserId( 'admin' );
|
2013-05-20 03:24:36 +04:00
|
|
|
$this->userId = 'admin';
|
|
|
|
|
$this->pass = 'admin';
|
2013-04-30 01:41:49 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$userHome = \OC_User::getHome( $this->userId );
|
|
|
|
|
$this->dataDir = str_replace( '/' . $this->userId, '', $userHome );
|
2013-05-15 04:38:08 +04:00
|
|
|
|
2013-05-17 03:07:26 +04:00
|
|
|
// remember files_trashbin state
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->stateFilesTrashbin = OC_App::isEnabled( 'files_trashbin' );
|
2013-05-17 03:07:26 +04:00
|
|
|
|
|
|
|
|
// we don't want to tests with app files_trashbin enabled
|
2013-05-26 05:22:16 +04:00
|
|
|
\OC_App::disable( 'files_trashbin' );
|
2012-08-15 17:01:43 +04:00
|
|
|
}
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
function tearDown() {
|
2013-05-17 03:07:26 +04:00
|
|
|
// reset app files_trashbin
|
2013-05-26 05:22:16 +04:00
|
|
|
if ( $this->stateFilesTrashbin ) {
|
|
|
|
|
OC_App::enable( 'files_trashbin' );
|
2013-05-17 03:07:26 +04:00
|
|
|
} else {
|
2013-05-26 05:22:16 +04:00
|
|
|
OC_App::disable( 'files_trashbin' );
|
2013-05-17 03:07:26 +04:00
|
|
|
}
|
2012-08-15 17:01:43 +04:00
|
|
|
}
|
|
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
public static function tearDownAfterClass() {
|
|
|
|
|
\OC_FileProxy::$enabled = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function testGetPrivateKey() {
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$key = Encryption\Keymanager::getPrivateKey( $this->view, $this->userId );
|
2013-04-30 03:54:19 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$privateKey = Encryption\Crypt::symmetricDecryptFileContent( $key, $this->pass );
|
2013-04-30 03:54:19 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$res = openssl_pkey_get_private( $privateKey );
|
2013-04-30 03:54:19 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->assertTrue( is_resource( $res ) );
|
2013-05-19 00:00:35 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$sslInfo = openssl_pkey_get_details( $res );
|
2013-05-19 00:00:35 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->assertArrayHasKey( 'key', $sslInfo );
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2012-08-15 17:13:03 +04:00
|
|
|
}
|
2013-01-05 21:12:23 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
function testGetPublicKey() {
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$publiceKey = Encryption\Keymanager::getPublicKey( $this->view, $this->userId );
|
2013-05-19 00:00:35 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$res = openssl_pkey_get_public( $publiceKey );
|
2013-05-19 00:00:35 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->assertTrue( is_resource( $res ) );
|
2013-05-19 00:00:35 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$sslInfo = openssl_pkey_get_details( $res );
|
2013-05-19 00:00:35 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->assertArrayHasKey( 'key', $sslInfo );
|
2013-01-05 21:12:23 +04:00
|
|
|
}
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
function testSetFileKey() {
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-01-05 21:12:23 +04:00
|
|
|
# NOTE: This cannot be tested until we are able to break out
|
|
|
|
|
# of the FileSystemView data directory root
|
2013-04-30 01:41:49 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$key = Encryption\Crypt::symmetricEncryptFileContentKeyfile( $this->randomKey, 'hat' );
|
2013-05-20 03:24:36 +04:00
|
|
|
|
|
|
|
|
$file = 'unittest-' . time() . '.txt';
|
2013-04-30 01:41:49 +04:00
|
|
|
|
2013-05-20 03:24:36 +04:00
|
|
|
// Disable encryption proxy to prevent recursive calls
|
|
|
|
|
$proxyStatus = \OC_FileProxy::$enabled;
|
|
|
|
|
\OC_FileProxy::$enabled = false;
|
2013-04-30 01:41:49 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->view->file_put_contents( $this->userId . '/files/' . $file, $key['encrypted'] );
|
2013-05-20 03:24:36 +04:00
|
|
|
|
|
|
|
|
// Re-enable proxy - our work is done
|
|
|
|
|
\OC_FileProxy::$enabled = $proxyStatus;
|
2013-04-30 01:41:49 +04:00
|
|
|
|
2013-01-14 23:07:28 +04:00
|
|
|
//$view = new \OC_FilesystemView( '/' . $this->userId . '/files_encryption/keyfiles' );
|
2013-05-26 05:22:16 +04:00
|
|
|
Encryption\Keymanager::setFileKey( $this->view, $file, $this->userId, $key['key'] );
|
2013-05-17 03:07:26 +04:00
|
|
|
|
2013-05-22 02:55:16 +04:00
|
|
|
// enable encryption proxy
|
2013-05-17 03:07:26 +04:00
|
|
|
$proxyStatus = \OC_FileProxy::$enabled;
|
|
|
|
|
\OC_FileProxy::$enabled = true;
|
|
|
|
|
|
|
|
|
|
// cleanup
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->view->unlink( '/' . $this->userId . '/files/' . $file );
|
2013-05-17 03:07:26 +04:00
|
|
|
|
2013-05-22 02:55:16 +04:00
|
|
|
// change encryption proxy to previous state
|
2013-05-17 03:07:26 +04:00
|
|
|
\OC_FileProxy::$enabled = $proxyStatus;
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2012-08-23 19:43:10 +04:00
|
|
|
}
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
function testGetUserKeys() {
|
2013-05-20 03:24:36 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$keys = Encryption\Keymanager::getUserKeys( $this->view, $this->userId );
|
2013-04-30 03:54:19 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$resPublic = openssl_pkey_get_public( $keys['publicKey'] );
|
2013-04-30 03:54:19 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->assertTrue( is_resource( $resPublic ) );
|
2013-04-30 03:54:19 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$sslInfoPublic = openssl_pkey_get_details( $resPublic );
|
2013-04-30 03:54:19 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->assertArrayHasKey( 'key', $sslInfoPublic );
|
2013-05-19 00:25:47 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$privateKey = Encryption\Crypt::symmetricDecryptFileContent( $keys['privateKey'], $this->pass );
|
2013-05-19 00:25:47 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$resPrivate = openssl_pkey_get_private( $privateKey );
|
2013-05-19 00:25:47 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->assertTrue( is_resource( $resPrivate ) );
|
2013-05-19 00:25:47 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$sslInfoPrivate = openssl_pkey_get_details( $resPrivate );
|
2013-05-19 00:25:47 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->assertArrayHasKey( 'key', $sslInfoPrivate );
|
2013-01-05 21:12:23 +04:00
|
|
|
}
|
2013-05-22 02:55:16 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
function testFixPartialFilePath() {
|
2013-05-22 02:55:16 +04:00
|
|
|
|
|
|
|
|
$partFilename = 'testfile.txt.part';
|
|
|
|
|
$filename = 'testfile.txt';
|
|
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->assertTrue( Encryption\Keymanager::isPartialFilePath( $partFilename ) );
|
2013-05-22 02:55:16 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->assertEquals( 'testfile.txt', Encryption\Keymanager::fixPartialFilePath( $partFilename ) );
|
2013-05-22 02:55:16 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->assertFalse( Encryption\Keymanager::isPartialFilePath( $filename ) );
|
2013-05-22 02:55:16 +04:00
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->assertEquals( 'testfile.txt', Encryption\Keymanager::fixPartialFilePath( $filename ) );
|
2013-05-22 02:55:16 +04:00
|
|
|
}
|
|
|
|
|
|
2013-05-26 05:22:16 +04:00
|
|
|
function testRecursiveDelShareKeys() {
|
2013-05-22 02:55:16 +04:00
|
|
|
|
|
|
|
|
// generate filename
|
|
|
|
|
$filename = '/tmp-' . time() . '.txt';
|
|
|
|
|
|
|
|
|
|
// create folder structure
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->view->mkdir( '/admin/files/folder1' );
|
|
|
|
|
$this->view->mkdir( '/admin/files/folder1/subfolder' );
|
|
|
|
|
$this->view->mkdir( '/admin/files/folder1/subfolder/subsubfolder' );
|
2013-05-22 02:55:16 +04:00
|
|
|
|
|
|
|
|
// enable encryption proxy
|
|
|
|
|
$proxyStatus = \OC_FileProxy::$enabled;
|
|
|
|
|
\OC_FileProxy::$enabled = true;
|
|
|
|
|
|
|
|
|
|
// save file with content
|
2013-05-26 05:22:16 +04:00
|
|
|
$cryptedFile = file_put_contents( 'crypt:///folder1/subfolder/subsubfolder/' . $filename, $this->dataShort );
|
2013-05-22 02:55:16 +04:00
|
|
|
|
|
|
|
|
// test that data was successfully written
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->assertTrue( is_int( $cryptedFile ) );
|
2013-05-22 02:55:16 +04:00
|
|
|
|
|
|
|
|
// change encryption proxy to previous state
|
|
|
|
|
\OC_FileProxy::$enabled = $proxyStatus;
|
|
|
|
|
|
|
|
|
|
// recursive delete keys
|
2013-05-26 05:22:16 +04:00
|
|
|
Encryption\Keymanager::delShareKey( $this->view, array( 'admin' ), '/folder1/' );
|
2013-05-22 02:55:16 +04:00
|
|
|
|
|
|
|
|
// check if share key not exists
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->assertFalse( $this->view->file_exists( '/admin/files_encryption/share-keys/folder1/subfolder/subsubfolder/' . $filename . '.admin.shareKey' ) );
|
2013-05-22 02:55:16 +04:00
|
|
|
|
|
|
|
|
// enable encryption proxy
|
|
|
|
|
$proxyStatus = \OC_FileProxy::$enabled;
|
|
|
|
|
\OC_FileProxy::$enabled = true;
|
|
|
|
|
|
|
|
|
|
// cleanup
|
2013-05-26 05:22:16 +04:00
|
|
|
$this->view->unlink( '/admin/files/folder1' );
|
2013-05-22 02:55:16 +04:00
|
|
|
|
|
|
|
|
// change encryption proxy to previous state
|
|
|
|
|
\OC_FileProxy::$enabled = $proxyStatus;
|
|
|
|
|
}
|
2012-08-15 17:01:43 +04:00
|
|
|
}
|
