From cea9208ceccda86a33ec294926d39adecb962ed2 Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Fri, 17 May 2013 21:59:53 +0200 Subject: [PATCH 1/4] fix broken legacy tests --- apps/files_encryption/lib/crypt.php | 4 ++-- apps/files_encryption/tests/crypt.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php index 56dacc94b0..046b4601b0 100755 --- a/apps/files_encryption/lib/crypt.php +++ b/apps/files_encryption/lib/crypt.php @@ -652,7 +652,7 @@ class Crypt { return $legacyEncKey; } - + /** * @brief encrypts content using legacy blowfish system * @param $content the cleartext message you want to encrypt @@ -683,7 +683,7 @@ class Crypt { $decrypted = $bf->decrypt( $content ); - return $decrypted; + return rtrim($decrypted, "\0");; } diff --git a/apps/files_encryption/tests/crypt.php b/apps/files_encryption/tests/crypt.php index 69fd99d9a8..9737eefb96 100755 --- a/apps/files_encryption/tests/crypt.php +++ b/apps/files_encryption/tests/crypt.php @@ -595,7 +595,7 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase { */ function testLegacyKeyRecryptKeyfileEncrypt( $crypted ) { - $recrypted = Encryption\Crypt::LegacyKeyRecryptKeyfile( $crypted, $this->pass, $this->genPublicKey, $this->pass ); + $recrypted = Encryption\Crypt::LegacyKeyRecryptKeyfile( $crypted, $this->pass, array($this->genPublicKey), $this->pass, ''); $this->assertNotEquals( $this->dataLong, $recrypted['data'] ); From b6572cedac8aa26d75ae09062b9e5500b00e845a Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Fri, 17 May 2013 22:16:56 +0200 Subject: [PATCH 2/4] added folder move test --- apps/files_encryption/tests/crypt.php | 35 ++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) diff --git a/apps/files_encryption/tests/crypt.php b/apps/files_encryption/tests/crypt.php index 9737eefb96..16cdc88f1c 100755 --- a/apps/files_encryption/tests/crypt.php +++ b/apps/files_encryption/tests/crypt.php @@ -649,7 +649,7 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase { $this->assertEquals( $this->dataLong, $decrypt ); - $newFolder = '/newfolder1'; + $newFolder = '/newfolder'.time(); $newFilename = 'tmp-new-'.time(); $view = new \OC\Files\View('/' . $this->userId . '/files'); $view->mkdir($newFolder); @@ -664,6 +664,39 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase { $view->unlink( $newFolder ); } + function testMoveFolder() { + + $view = new \OC\Files\View('/' . $this->userId . '/files'); + + $filename = '/tmp-'.time(); + $folder = '/folder'.time(); + + $view->mkdir($folder); + + // Save long data as encrypted file using stream wrapper + $cryptedFile = file_put_contents( 'crypt://' . $folder . $filename, $this->dataLong ); + + // Test that data was successfully written + $this->assertTrue( is_int( $cryptedFile ) ); + + // Get file decrypted contents + $decrypt = file_get_contents( 'crypt://' . $folder . $filename ); + + $this->assertEquals( $this->dataLong, $decrypt ); + + $newFolder = '/newfolder'.time(); + + $view->rename( $folder, $newFolder ); + + // Get file decrypted contents + $newDecrypt = file_get_contents( 'crypt://' . $newFolder . $filename ); + + $this->assertEquals( $this->dataLong, $newDecrypt ); + + // tear down + $view->unlink( $newFolder ); + } + function testRenameFolder() { $filename = '/tmp-'.time(); From 3aa48616a6cc960896d8a17e7854a71ee6f308a7 Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Fri, 17 May 2013 22:44:45 +0200 Subject: [PATCH 3/4] remove unused code --- apps/files_encryption/lib/crypt.php | 123 ++-------------------------- 1 file changed, 9 insertions(+), 114 deletions(-) diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php index 046b4601b0..ba588819d0 100755 --- a/apps/files_encryption/lib/crypt.php +++ b/apps/files_encryption/lib/crypt.php @@ -155,7 +155,7 @@ class Crypt { // TODO: Use DI to get \OC\Files\Filesystem out of here // Fetch all file metadata from DB - $metadata = \OC\Files\Filesystem::getFileInfo( $path, '' ); + $metadata = \OC\Files\Filesystem::getFileInfo( $path); // Return encryption status return isset( $metadata['encrypted'] ) and ( bool )$metadata['encrypted']; @@ -474,78 +474,9 @@ class Crypt { } /** - * @brief Symmetrically encrypt a file by combining encrypted component data blocks - */ - public static function symmetricBlockEncryptFileContent( $plainContent, $key ) { - - $crypted = ''; - - $remaining = $plainContent; - - $testarray = array(); - - while( strlen( $remaining ) ) { - - //echo "\n\n\$block = ".substr( $remaining, 0, 6126 ); - - // Encrypt a chunk of unencrypted data and add it to the rest - $block = self::symmetricEncryptFileContent( substr( $remaining, 0, 6126 ), $key ); - - $padded = self::addPadding( $block ); - - $crypted .= $block; - - $testarray[] = $block; - - // Remove the data already encrypted from remaining unencrypted data - $remaining = substr( $remaining, 6126 ); - - } - - //echo "hags "; - - //echo "\n\n\n\$crypted = $crypted\n\n\n"; - - //print_r($testarray); - - return $crypted; - - } - - - /** - * @brief Symmetrically decrypt a file by combining encrypted component data blocks - */ - public static function symmetricBlockDecryptFileContent( $crypted, $key ) { - - $decrypted = ''; - - $remaining = $crypted; - - $testarray = array(); - - while( strlen( $remaining ) ) { - - $testarray[] = substr( $remaining, 0, 8192 ); - - // Decrypt a chunk of unencrypted data and add it to the rest - $decrypted .= self::symmetricDecryptFileContent( $remaining, $key ); - - // Remove the data already encrypted from remaining unencrypted data - $remaining = substr( $remaining, 8192 ); - - } - - //echo "\n\n\$testarray = "; print_r($testarray); - - return $decrypted; - - } - - /** - * @brief Generates a pseudo random initialisation vector - * @return String $iv generated IV - */ + * @brief Generates a pseudo random initialisation vector + * @return String $iv generated IV + */ public static function generateIv() { if ( $random = openssl_random_pseudo_bytes( 12, $strong ) ) { @@ -571,10 +502,10 @@ class Crypt { } - /** - * @brief Generate a pseudo random 1024kb ASCII key - * @returns $key Generated key - */ + /** + * @brief Generate a pseudo random 1024kb ASCII key + * @returns $key Generated key + */ public static function generateKey() { // Generate key @@ -597,29 +528,6 @@ class Crypt { } - public static function changekeypasscode( $oldPassword, $newPassword ) { - - if ( \OCP\User::isLoggedIn() ) { - - $key = Keymanager::getPrivateKey( $user, $view ); - - if ( ( $key = Crypt::symmetricDecryptFileContent($key,$oldpasswd) ) ) { - - if ( ( $key = Crypt::symmetricEncryptFileContent( $key, $newpasswd ) ) ) { - - Keymanager::setPrivateKey( $key ); - - return true; - } - - } - - } - - return false; - - } - /** * @brief Get the blowfish encryption handeler for a key * @param $key string (optional) @@ -713,18 +621,5 @@ class Crypt { return array( 'data' => $cryptedData['encrypted'], 'filekey' => $multiEncrypted['data'], 'sharekeys' => $multiEncrypted['keys'] ); } - - /** - * @brief Re-encryptes a legacy blowfish encrypted file using AES with integrated IV - * @param $legacyContent the legacy encrypted content to re-encrypt - * @returns cleartext content - * - * This function decrypts an content - */ - public static function legacyRecrypt( $legacyContent, $legacyPassphrase, $newPassphrase ) { - - // TODO: write me - - } - + } \ No newline at end of file From 41165afa598e828f86c07440350a5b2453dd5ddc Mon Sep 17 00:00:00 2001 From: Florin Peter Date: Fri, 17 May 2013 22:45:09 +0200 Subject: [PATCH 4/4] improved tests --- apps/files_encryption/tests/crypt.php | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/apps/files_encryption/tests/crypt.php b/apps/files_encryption/tests/crypt.php index 16cdc88f1c..2dd644e07b 100755 --- a/apps/files_encryption/tests/crypt.php +++ b/apps/files_encryption/tests/crypt.php @@ -340,7 +340,7 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase { //print_r($r); // Join IVs and their respective data chunks - $e = array( $r[0].$r[1], $r[2].$r[3], $r[4].$r[5], $r[6].$r[7], $r[8].$r[9], $r[10].$r[11], $r[12].$r[13] );//.$r[11], $r[12].$r[13], $r[14] ); + $e = array( $r[0].$r[1], $r[2].$r[3], $r[4].$r[5], $r[6].$r[7], $r[8].$r[9], $r[10].$r[11]);//.$r[11], $r[12].$r[13], $r[14] ); //print_r($e); @@ -395,6 +395,14 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase { // Test that data was successfully written $this->assertTrue( is_int( $cryptedFile ) ); + // Disable encryption proxy to prevent recursive calls + $proxyStatus = \OC_FileProxy::$enabled; + \OC_FileProxy::$enabled = false; + + $this->assertTrue(Encryption\Crypt::isEncryptedMeta($filename)); + + \OC_FileProxy::$enabled = $proxyStatus; + // Get file decrypted contents $decrypt = file_get_contents( 'crypt://' . $filename ); @@ -616,7 +624,7 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase { // Test that data was successfully written $this->assertTrue( is_int( $cryptedFile ) ); - // Get file decrypted contents + // Get file decrypted contents $decrypt = file_get_contents( 'crypt://' . $filename ); $this->assertEquals( $this->dataLong, $decrypt );