mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #12382 from owncloud/enc_reorganize_folders2 

[encryption] reorganize folder structure (second try to make Jenkins happy)
This commit is contained in:
Morris Jobke 2014-12-03 16:08:40 +01:00
parent e91dddd1a0 9ca9acf3f8
commit 3fdb1937a3
25 changed files with 1187 additions and 1689 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
apps/files_encryption/ajax/changeRecoveryPassword.php
View File

@ -55,16 +55,15 @@ $proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$keyId = $util->getRecoveryKeyId();
$keyPath = '/owncloud_private_key/' . $keyId . '.private.key';
$encryptedRecoveryKey = $view->file_get_contents($keyPath);
$decryptedRecoveryKey = \OCA\Encryption\Crypt::decryptPrivateKey($encryptedRecoveryKey, $oldPassword);
$encryptedRecoveryKey = Encryption\Keymanager::getPrivateSystemKey($keyId);
$decryptedRecoveryKey = $encryptedRecoveryKey ? \OCA\Encryption\Crypt::decryptPrivateKey($encryptedRecoveryKey, $oldPassword) : false;
if ($decryptedRecoveryKey) {
$cipher = \OCA\Encryption\Helper::getCipher();
$encryptedKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($decryptedRecoveryKey, $newPassword, $cipher);
if ($encryptedKey) {
\OCA\Encryption\Keymanager::setPrivateSystemKey($encryptedKey, $keyId . '.private.key');
\OCA\Encryption\Keymanager::setPrivateSystemKey($encryptedKey, $keyId);
$return = true;
}
}

6
apps/files_encryption/ajax/updatePrivateKeyPassword.php
View File

@ -36,10 +36,8 @@ if ($passwordCorrect !== false) {
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$keyPath = '/' . $user . '/files_encryption/' . $user . '.private.key';
$encryptedKey = $view->file_get_contents($keyPath);
$decryptedKey = \OCA\Encryption\Crypt::decryptPrivateKey($encryptedKey, $oldPassword);
$encryptedKey = Encryption\Keymanager::getPrivateKey($view, $user);
$decryptedKey = $encryptedKey ? \OCA\Encryption\Crypt::decryptPrivateKey($encryptedKey, $oldPassword) : false;
if ($decryptedKey) {
$cipher = \OCA\Encryption\Helper::getCipher();

5
apps/files_encryption/appinfo/update.php
View File

@ -4,7 +4,8 @@ use OCA\Files_Encryption\Migration;
$installedVersion=OCP\Config::getAppValue('files_encryption', 'installed_version');
if (version_compare($installedVersion, '0.6', '<')) {
// Migration OC7 -> OC8
if (version_compare($installedVersion, '0.7', '<')) {
$m = new Migration();
$m->dropTableEncryption();
$m->reorganizeFolderStructure();
}

2
apps/files_encryption/appinfo/version
View File

@ -1 +1 @@
0.6.1
0.7.0

4
apps/files_encryption/exception/encryptionException.php
View File

@ -27,7 +27,7 @@ namespace OCA\Encryption\Exception;
* Base class for all encryption exception
*
* Possible Error Codes:
* 10 - unknown error
* 10 - generic error
* 20 - unexpected end of encryption header
* 30 - unexpected blog size
* 40 - encryption header to large
@ -38,7 +38,7 @@ namespace OCA\Encryption\Exception;
* 90 - private key missing
*/
class EncryptionException extends \Exception {
const UNKNOWN = 10;
const GENERIC = 10;
const UNEXPECTED_END_OF_ENCRYPTION_HEADER = 20;
const UNEXPECTED_BLOG_SIZE = 30;
const ENCRYPTION_HEADER_TO_LARGE = 40;

224
apps/files_encryption/hooks/hooks.php
View File

@ -3,8 +3,10 @@
/**
* ownCloud
*
* @author Sam Tuke
* @copyright 2012 Sam Tuke samtuke@owncloud.org
* @copyright (C) 2014 ownCloud, Inc.
*
* @author Sam Tuke <samtuke@owncloud.org>
* @author Bjoern Schiessle <schiessle@owncloud.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
@ -35,7 +37,7 @@ class Hooks {
// file for which we want to delete the keys after the delete operation was successful
private static $deleteFiles = array();
// file for which we want to delete the keys after the delete operation was successful
private static $umountedFiles = array();
private static $unmountedFiles = array();
/**
* Startup encryption backend upon user login
@ -150,18 +152,7 @@ class Hooks {
public static function postDeleteUser($params) {
if (\OCP\App::isEnabled('files_encryption')) {
$view = new \OC\Files\View('/');
// cleanup public key
$publicKey = '/public-keys/' . $params['uid'] . '.public.key';
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$view->unlink($publicKey);
\OC_FileProxy::$enabled = $proxyStatus;
Keymanager::deletePublicKey(new \OC\Files\View(), $params['uid']);
}
}
@ -242,7 +233,7 @@ class Hooks {
\OC_FileProxy::$enabled = false;
// Save public key
$view->file_put_contents('/public-keys/' . $user . '.public.key', $keypair['publicKey']);
Keymanager::setPublicKey($keypair['publicKey'], $user);
// Encrypt private key with new password
$encryptedKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($keypair['privateKey'], $newUserPassword, Helper::getCipher());
@ -290,7 +281,7 @@ class Hooks {
$l = new \OC_L10N('files_encryption');
$users = array();
$view = new \OC\Files\View('/public-keys/');
$view = new \OC\Files\View('/');
switch ($params['shareType']) {
case \OCP\Share::SHARE_TYPE_USER:
@ -303,7 +294,7 @@ class Hooks {
$notConfigured = array();
foreach ($users as $user) {
if (!$view->file_exists($user . '.public.key')) {
if (!Keymanager::publicKeyExists($view, $user)) {
$notConfigured[] = $user;
}
}
@ -328,7 +319,7 @@ class Hooks {
$path = \OC\Files\Filesystem::getPath($params['fileSource']);
self::updateKeyfiles($path, $params['itemType']);
self::updateKeyfiles($path);
}
}
@ -336,9 +327,8 @@ class Hooks {
* update keyfiles and share keys recursively
*
* @param string $path to the file/folder
* @param string $type 'file' or 'folder'
*/
private static function updateKeyfiles($path, $type) {
private static function updateKeyfiles($path) {
$view = new \OC\Files\View('/');
$userId = \OCP\User::getUser();
$session = new \OCA\Encryption\Session($view);
@ -350,7 +340,7 @@ class Hooks {
$mountPoint = $mount->getMountPoint();
// if a folder was shared, get a list of all (sub-)folders
if ($type === 'folder') {
if ($view->is_dir('/' . $userId . '/files' . $path)) {
$allFiles = $util->getAllFiles($path, $mountPoint);
} else {
$allFiles = array($path);
@ -407,11 +397,10 @@ class Hooks {
// Unshare every user who no longer has access to the file
$delUsers = array_diff($userIds, $sharingUsers);
list($owner, $ownerPath) = $util->getUidAndFilename($path);
$keyPath = Keymanager::getKeyPath($view, $util, $path);
// delete share key
Keymanager::delShareKey($view, $delUsers, $ownerPath, $owner);
Keymanager::delShareKey($view, $delUsers, $keyPath, $userId, $path);
}
}
@ -437,37 +426,24 @@ class Hooks {
$user = \OCP\User::getUser();
$view = new \OC\Files\View('/');
$util = new Util($view, $user);
list($ownerOld, $pathOld) = $util->getUidAndFilename($params['oldpath']);
// we only need to rename the keys if the rename happens on the same mountpoint
// otherwise we perform a stream copy, so we get a new set of keys
$mp1 = $view->getMountPoint('/' . $user . '/files/' . $params['oldpath']);
$mp2 = $view->getMountPoint('/' . $user . '/files/' . $params['newpath']);
$type = $view->is_dir('/' . $user . '/files/' . $params['oldpath']) ? 'folder' : 'file';
$oldKeysPath = Keymanager::getKeyPath($view, $util, $params['oldpath']);
if ($mp1 === $mp2) {
if ($util->isSystemWideMountPoint($pathOld)) {
$oldShareKeyPath = 'files_encryption/share-keys/' . $pathOld;
} else {
$oldShareKeyPath = $ownerOld . '/' . 'files_encryption/share-keys/' . $pathOld;
}
// gather share keys here because in postRename() the file will be moved already
$oldShareKeys = Helper::findShareKeys($pathOld, $oldShareKeyPath, $view);
if (count($oldShareKeys) === 0) {
\OC_Log::write(
'Encryption library', 'No share keys found for "' . $pathOld . '"',
\OC_Log::WARN
);
}
self::$renamedFiles[$params['oldpath']] = array(
'uid' => $ownerOld,
'path' => $pathOld,
'type' => $type,
'operation' => $operation,
'sharekeys' => $oldShareKeys
'oldKeysPath' => $oldKeysPath,
);
} else {
self::$renamedFiles[$params['oldpath']] = array(
'operation' => 'cleanup',
'oldKeysPath' => $oldKeysPath,
);
}
}
@ -482,81 +458,40 @@ class Hooks {
return true;
}
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$view = new \OC\Files\View('/');
$userId = \OCP\User::getUser();
$util = new Util($view, $userId);
$oldShareKeys = null;
if (isset(self::$renamedFiles[$params['oldpath']]['uid']) &&
isset(self::$renamedFiles[$params['oldpath']]['path'])) {
$ownerOld = self::$renamedFiles[$params['oldpath']]['uid'];
$pathOld = self::$renamedFiles[$params['oldpath']]['path'];
$type = self::$renamedFiles[$params['oldpath']]['type'];
if (isset(self::$renamedFiles[$params['oldpath']]['operation']) &&
isset(self::$renamedFiles[$params['oldpath']]['oldKeysPath'])) {
$operation = self::$renamedFiles[$params['oldpath']]['operation'];
$oldShareKeys = self::$renamedFiles[$params['oldpath']]['sharekeys'];
$oldKeysPath = self::$renamedFiles[$params['oldpath']]['oldKeysPath'];
unset(self::$renamedFiles[$params['oldpath']]);
if ($operation === 'cleanup') {
return $view->unlink($oldKeysPath);
}
} else {
\OCP\Util::writeLog('Encryption library', "can't get path and owner from the file before it was renamed", \OCP\Util::DEBUG);
\OC_FileProxy::$enabled = $proxyStatus;
return false;
}
list($ownerNew, $pathNew) = $util->getUidAndFilename($params['newpath']);
// Format paths to be relative to user files dir
if ($util->isSystemWideMountPoint($pathOld)) {
$oldKeyfilePath = 'files_encryption/keyfiles/' . $pathOld;
$oldShareKeyPath = 'files_encryption/share-keys/' . $pathOld;
} else {
$oldKeyfilePath = $ownerOld . '/' . 'files_encryption/keyfiles/' . $pathOld;
$oldShareKeyPath = $ownerOld . '/' . 'files_encryption/share-keys/' . $pathOld;
}
if ($util->isSystemWideMountPoint($pathNew)) {
$newKeyfilePath = 'files_encryption/keyfiles/' . $pathNew;
$newShareKeyPath = 'files_encryption/share-keys/' . $pathNew;
$newKeysPath = 'files_encryption/keys/' . $pathNew;
} else {
$newKeyfilePath = $ownerNew . '/files_encryption/keyfiles/' . $pathNew;
$newShareKeyPath = $ownerNew . '/files_encryption/share-keys/' . $pathNew;
$newKeysPath = $ownerNew . '/files_encryption/keys/' . $pathNew;
}
// create new key folders if it doesn't exists
if (!$view->file_exists(dirname($newShareKeyPath))) {
$view->mkdir(dirname($newShareKeyPath));
}
if (!$view->file_exists(dirname($newKeyfilePath))) {
$view->mkdir(dirname($newKeyfilePath));
}
// handle share keys
if ($type === 'file') {
$oldKeyfilePath .= '.key';
$newKeyfilePath .= '.key';
foreach ($oldShareKeys as $src) {
$dst = \OC\Files\Filesystem::normalizePath(str_replace($pathOld, $pathNew, $src));
$view->$operation($src, $dst);
}
} else {
// handle share-keys folders
$view->$operation($oldShareKeyPath, $newShareKeyPath);
}
// Rename keyfile so it isn't orphaned
if ($view->file_exists($oldKeyfilePath)) {
$view->$operation($oldKeyfilePath, $newKeyfilePath);
// create key folders if it doesn't exists
if (!$view->file_exists(dirname($newKeysPath))) {
$view->mkdir(dirname($newKeysPath));
}
$view->$operation($oldKeysPath, $newKeysPath);
// update sharing-keys
self::updateKeyfiles($params['newpath'], $type);
\OC_FileProxy::$enabled = $proxyStatus;
self::updateKeyfiles($params['newpath']);
}
/**
@ -592,37 +527,28 @@ class Hooks {
*/
public static function postDelete($params) {
if (!isset(self::$deleteFiles[$params[\OC\Files\Filesystem::signal_param_path]])) {
$path = $params[\OC\Files\Filesystem::signal_param_path];
if (!isset(self::$deleteFiles[$path])) {
return true;
}
$deletedFile = self::$deleteFiles[$params[\OC\Files\Filesystem::signal_param_path]];
$path = $deletedFile['path'];
$user = $deletedFile['uid'];
$deletedFile = self::$deleteFiles[$path];
$keyPath = $deletedFile['keyPath'];
// we don't need to remember the file any longer
unset(self::$deleteFiles[$params[\OC\Files\Filesystem::signal_param_path]]);
unset(self::$deleteFiles[$path]);
$view = new \OC\Files\View('/');
// return if the file still exists and wasn't deleted correctly
if ($view->file_exists('/' . $user . '/files/' . $path)) {
if ($view->file_exists('/' . \OCP\User::getUser() . '/files/' . $path)) {
return true;
}
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Delete keyfile & shareKey so it isn't orphaned
if (!Keymanager::deleteFileKey($view, $path, $user)) {
\OCP\Util::writeLog('Encryption library',
'Keyfile or shareKey could not be deleted for file "' . $user.'/files/'.$path . '"', \OCP\Util::ERROR);
}
$view->unlink($keyPath);
Keymanager::delAllShareKeys($view, $user, $path);
\OC_FileProxy::$enabled = $proxyStatus;
}
/**
@ -631,6 +557,7 @@ class Hooks {
* @return boolean|null
*/
public static function preDelete($params) {
$view = new \OC\Files\View('/');
$path = $params[\OC\Files\Filesystem::signal_param_path];
// skip this method if the trash bin is enabled or if we delete a file
@ -639,68 +566,61 @@ class Hooks {
return true;
}
$util = new Util(new \OC\Files\View('/'), \OCP\USER::getUser());
list($owner, $ownerPath) = $util->getUidAndFilename($path);
$util = new Util($view, \OCP\USER::getUser());
self::$deleteFiles[$params[\OC\Files\Filesystem::signal_param_path]] = array(
'uid' => $owner,
'path' => $ownerPath);
$keysPath = Keymanager::getKeyPath($view, $util, $path);
self::$deleteFiles[$path] = array(
'keyPath' => $keysPath);
}
/**
* unmount file from yourself
* remember files/folders which get unmounted
*/
public static function preUmount($params) {
public static function preUnmount($params) {
$view = new \OC\Files\View('/');
$user = \OCP\User::getUser();
$path = $params[\OC\Files\Filesystem::signal_param_path];
$user = \OCP\USER::getUser();
$view = new \OC\Files\View();
$itemType = $view->is_dir('/' . $user . '/files' . $path) ? 'folder' : 'file';
$util = new Util($view, $user);
list($owner, $ownerPath) = $util->getUidAndFilename($path);
self::$umountedFiles[$params[\OC\Files\Filesystem::signal_param_path]] = array(
'uid' => $owner,
'path' => $ownerPath,
'itemType' => $itemType);
$keysPath = Keymanager::getKeyPath($view, $util, $path);
self::$unmountedFiles[$path] = array(
'keyPath' => $keysPath,
'owner' => $owner,
'ownerPath' => $ownerPath
);
}
/**
* unmount file from yourself
*/
public static function postUmount($params) {
public static function postUnmount($params) {
if (!isset(self::$umountedFiles[$params[\OC\Files\Filesystem::signal_param_path]])) {
$path = $params[\OC\Files\Filesystem::signal_param_path];
$user = \OCP\User::getUser();
if (!isset(self::$unmountedFiles[$path])) {
return true;
}
$umountedFile = self::$umountedFiles[$params[\OC\Files\Filesystem::signal_param_path]];
$path = $umountedFile['path'];
$user = $umountedFile['uid'];
$itemType = $umountedFile['itemType'];
$umountedFile = self::$unmountedFiles[$path];
$keyPath = $umountedFile['keyPath'];
$owner = $umountedFile['owner'];
$ownerPath = $umountedFile['ownerPath'];
$view = new \OC\Files\View();
$util = new Util($view, $user);
// we don't need to remember the file any longer
unset(self::$umountedFiles[$params[\OC\Files\Filesystem::signal_param_path]]);
unset(self::$unmountedFiles[$path]);
// if we unshare a folder we need a list of all (sub-)files
if ($itemType === 'folder') {
$allFiles = $util->getAllFiles($path);
} else {
$allFiles = array($path);
}
foreach ($allFiles as $path) {
// check if the user still has access to the file, otherwise delete share key
$sharingUsers = \OCP\Share::getUsersSharingFile($path, $user);
if (!in_array(\OCP\User::getUser(), $sharingUsers['users'])) {
Keymanager::delShareKey($view, array(\OCP\User::getUser()), $path, $user);
}
// check if the user still has access to the file, otherwise delete share key
$sharingUsers = \OCP\Share::getUsersSharingFile($path, $user);
if (!in_array(\OCP\User::getUser(), $sharingUsers['users'])) {
Keymanager::delShareKey($view, array(\OCP\User::getUser()), $keyPath, $owner, $ownerPath);
}
}

94
apps/files_encryption/lib/helper.php
View File

@ -3,8 +3,10 @@
/**
* ownCloud
*
* @author Florin Peter
* @copyright 2013 Florin Peter <owncloud@florin-peter.de>
* @copyright (C) 2014 ownCloud, Inc.
*
* @author Florin Peter <owncloud@florin-peter.de>
* @author Bjoern Schiessle <schiessle@owncloud.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
@ -17,7 +19,7 @@
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
* License alon with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
@ -68,9 +70,9 @@ class Helper {
\OCP\Util::connectHook('OC_Filesystem', 'post_copy', 'OCA\Encryption\Hooks', 'postRenameOrCopy');
\OCP\Util::connectHook('OC_Filesystem', 'post_delete', 'OCA\Encryption\Hooks', 'postDelete');
\OCP\Util::connectHook('OC_Filesystem', 'delete', 'OCA\Encryption\Hooks', 'preDelete');
\OCP\Util::connectHook('OC_Filesystem', 'post_umount', 'OCA\Encryption\Hooks', 'postUmount');
\OCP\Util::connectHook('OC_Filesystem', 'umount', 'OCA\Encryption\Hooks', 'preUmount');
\OCP\Util::connectHook('\OC\Core\LostPassword\Controller\LostController', 'post_passwordReset', 'OCA\Encryption\Hooks', 'postPasswordReset');
\OCP\Util::connectHook('OC_Filesystem', 'post_umount', 'OCA\Encryption\Hooks', 'postUnmount');
\OCP\Util::connectHook('OC_Filesystem', 'umount', 'OCA\Encryption\Hooks', 'preUnmount');
}
/**
@ -105,6 +107,25 @@ class Helper {
return true;
}
/**
* get recovery key id
*
* @return string|bool recovery key ID or false
*/
public static function getRecoveryKeyId() {
$appConfig = \OC::$server->getAppConfig();
$key = $appConfig->getValue('files_encryption', 'recoveryKeyId');
return ($key === null) ? false : $key;
}
public static function getPublicShareKeyId() {
$appConfig = \OC::$server->getAppConfig();
$key = $appConfig->getValue('files_encryption', 'publicShareKeyId');
return ($key === null) ? false : $key;
}
/**
* enable recovery
*
@ -124,38 +145,22 @@ class Helper {
$appConfig->setValue('files_encryption', 'recoveryKeyId', $recoveryKeyId);
}
if (!$view->is_dir('/owncloud_private_key')) {
$view->mkdir('/owncloud_private_key');
}
if (
(!$view->file_exists("/public-keys/" . $recoveryKeyId . ".public.key")
|| !$view->file_exists("/owncloud_private_key/" . $recoveryKeyId . ".private.key"))
) {
if (!Keymanager::recoveryKeyExists($view)) {
$keypair = \OCA\Encryption\Crypt::createKeypair();
\OC_FileProxy::$enabled = false;
// Save public key
if (!$view->is_dir('/public-keys')) {
$view->mkdir('/public-keys');
}
$view->file_put_contents('/public-keys/' . $recoveryKeyId . '.public.key', $keypair['publicKey']);
Keymanager::setPublicKey($keypair['publicKey'], $recoveryKeyId);
$cipher = \OCA\Encryption\Helper::getCipher();
$encryptedKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($keypair['privateKey'], $recoveryPassword, $cipher);
if ($encryptedKey) {
Keymanager::setPrivateSystemKey($encryptedKey, $recoveryKeyId . '.private.key');
Keymanager::setPrivateSystemKey($encryptedKey, $recoveryKeyId);
// Set recoveryAdmin as enabled
$appConfig->setValue('files_encryption', 'recoveryAdminEnabled', 1);
$return = true;
}
\OC_FileProxy::$enabled = true;
} else { // get recovery key and check the password
$util = new \OCA\Encryption\Util(new \OC\Files\View('/'), \OCP\User::getUser());
$return = $util->checkRecoveryPassword($recoveryPassword);
@ -432,47 +437,6 @@ class Helper {
return $config;
}
/**
* find all share keys for a given file
*
* @param string $filePath path to the file name relative to the user's files dir
* for example "subdir/filename.txt"
* @param string $shareKeyPath share key prefix path relative to the user's data dir
* for example "user1/files_encryption/share-keys/subdir/filename.txt"
* @param \OC\Files\View $rootView root view, relative to data/
* @return array list of share key files, path relative to data/$user
*/
public static function findShareKeys($filePath, $shareKeyPath, \OC\Files\View $rootView) {
$result = array();
$user = \OCP\User::getUser();
$util = new Util($rootView, $user);
// get current sharing state
$sharingEnabled = \OCP\Share::isEnabled();
// get users sharing this file
$usersSharing = $util->getSharingUsersArray($sharingEnabled, $filePath);
$pathinfo = pathinfo($shareKeyPath);
$baseDir = $pathinfo['dirname'] . '/';
$fileName = $pathinfo['basename'];
foreach ($usersSharing as $user) {
$keyName = $fileName . '.' . $user . '.shareKey';
if ($rootView->file_exists($baseDir . $keyName)) {
$result[] = $baseDir . $keyName;
} else {
\OC_Log::write(
'Encryption library',
'No share key found for user "' . $user . '" for file "' . $fileName . '"',
\OC_Log::WARN
);
}
}
return $result;
}
/**
* remember from which file the tmp file (getLocalFile() call) was created
* @param string $tmpFile path of tmp file

563
apps/files_encryption/lib/keymanager.php
View File

@ -3,8 +3,9 @@
/**
* ownCloud
*
* @author Bjoern Schiessle
* @copyright 2012 Bjoern Schiessle <schiessle@owncloud.com>
* @copyright (C) 2014 ownCloud, Inc.
*
* @author Bjoern Schiessle <schiessle@owncloud.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
@ -29,22 +30,22 @@ namespace OCA\Encryption;
*/
class Keymanager {
// base dir where all the file related keys are stored
private static $keys_base_dir = '/files_encryption/keys/';
private static $encryption_base_dir = '/files_encryption';
private static $public_key_dir = '/files_encryption/public_keys';
/**
* retrieve the ENCRYPTED private key from a user
* read key from hard disk
*
* @param \OC\Files\View $view
* @param string $user
* @return string private key or false (hopefully)
* @note the key returned by this method must be decrypted before use
* @param string $path to key
* @return string|bool either the key or false
*/
public static function getPrivateKey(\OC\Files\View $view, $user) {
$path = '/' . $user . '/' . 'files_encryption' . '/' . $user . '.private.key';
$key = false;
private static function getKey($path, $view) {
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$key = false;
if ($view->file_exists($path)) {
$key = $view->file_get_contents($path);
}
@ -54,6 +55,41 @@ class Keymanager {
return $key;
}
/**
* write key to disk
*
*
* @param string $path path to key directory
* @param string $name key name
* @param string $key key
* @param \OC\Files\View $view
* @return bool
*/
private static function setKey($path, $name, $key, $view) {
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
self::keySetPreparation($view, $path);
$result = $view->file_put_contents($path . '/' . $name, $key);
\OC_FileProxy::$enabled = $proxyStatus;
return (is_int($result) && $result > 0) ? true : false;
}
/**
* retrieve the ENCRYPTED private key from a user
*
* @param \OC\Files\View $view
* @param string $user
* @return string private key or false (hopefully)
* @note the key returned by this method must be decrypted before use
*/
public static function getPrivateKey(\OC\Files\View $view, $user) {
$path = '/' . $user . '/' . 'files_encryption' . '/' . $user . '.privateKey';
return self::getKey($path, $view);
}
/**
* retrieve public key for a specified user
* @param \OC\Files\View $view
@ -61,16 +97,12 @@ class Keymanager {
* @return string public key or false
*/
public static function getPublicKey(\OC\Files\View $view, $userId) {
$path = self::$public_key_dir . '/' . $userId . '.publicKey';
return self::getKey($path, $view);
}
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$result = $view->file_get_contents('/public-keys/' . $userId . '.public.key');
\OC_FileProxy::$enabled = $proxyStatus;
return $result;
public static function getPublicKeyPath() {
return self::$public_key_dir;
}
/**
@ -97,11 +129,8 @@ class Keymanager {
public static function getPublicKeys(\OC\Files\View $view, array $userIds) {
$keys = array();
foreach ($userIds as $userId) {
$keys[$userId] = self::getPublicKey($view, $userId);
}
return $keys;
@ -120,39 +149,97 @@ class Keymanager {
* asymmetrically encrypt the keyfile before passing it to this method
*/
public static function setFileKey(\OC\Files\View $view, $util, $path, $catfile) {
$path = self::getKeyPath($view, $util, $path);
return self::setKey($path, 'fileKey', $catfile, $view);
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
}
/**
* get path to key folder for a given file
*
* @param \OC\Files\View $view relative to data directory
* @param \OCA\Encryption\Util $util
* @param string $path path to the file, relative to the users file directory
* @return string
*/
public static function getKeyPath($view, $util, $path) {
if ($view->is_dir('/' . \OCP\User::getUser() . '/' . $path)) {
throw new Exception\EncryptionException('file was expected but directoy was given', Exception\EncryptionException::GENERIC);
}
list($owner, $filename) = $util->getUidAndFilename($path);
$filename = Helper::stripPartialFileExtension($filename);
$filePath_f = ltrim($filename, '/');
// in case of system wide mount points the keys are stored directly in the data directory
if ($util->isSystemWideMountPoint($filename)) {
$basePath = '/files_encryption/keyfiles';
$keyPath = self::$keys_base_dir . $filePath_f . '/';
} else {
$basePath = '/' . $owner . '/files_encryption/keyfiles';
$keyPath = '/' . $owner . self::$keys_base_dir . $filePath_f . '/';
}
$targetPath = self::keySetPreparation($view, $filename, $basePath);
return $keyPath;
}
// try reusing key file if part file
if (Helper::isPartialFilePath($targetPath)) {
/**
* get path to file key for a given file
*
* @param \OC\Files\View $view relative to data directory
* @param \OCA\Encryption\Util $util
* @param string $path path to the file, relative to the users file directory
* @return string
*/
public static function getFileKeyPath($view, $util, $path) {
$keyDir = self::getKeyPath($view, $util, $path);
return $keyDir . 'fileKey';
}
$result = $view->file_put_contents(
$basePath . '/' . Helper::stripPartialFileExtension($targetPath) . '.key', $catfile);
/**
* get path to share key for a given user
*
* @param \OC\Files\View $view relateive to data directory
* @param \OCA\Encryption\Util $util
* @param string $path path to file relative to the users files directoy
* @param string $uid user for whom we want the share-key path
* @retrun string
*/
public static function getShareKeyPath($view, $util, $path, $uid) {
$keyDir = self::getKeyPath($view, $util, $path);
return $keyDir . $uid . '.shareKey';
}
} else {
/**
* delete public key from a given user
*
* @param \OC\Files\View $view
* @param string $uid user
* @return bool
*/
public static function deletePublicKey($view, $uid) {
$result = $view->file_put_contents($basePath . '/' . $targetPath . '.key', $catfile);
$result = false;
if (!\OCP\User::userExists($uid)) {
$publicKey = self::$public_key_dir . '/' . $uid . '.publicKey';
$result = $view->unlink($publicKey);
}
\OC_FileProxy::$enabled = $proxyStatus;
return $result;
}
/**
* check if public key for user exists
*
* @param \OC\Files\View $view
* @param string $uid
*/
public static function publicKeyExists($view, $uid) {
return $view->file_exists(self::$public_key_dir . '/'. $uid . '.publicKey');
}
/**
* retrieve keyfile for an encrypted file
* @param \OC\Files\View $view
@ -164,91 +251,8 @@ class Keymanager {
* of the keyfile must be performed by client code
*/
public static function getFileKey($view, $util, $filePath) {
list($owner, $filename) = $util->getUidAndFilename($filePath);
$filename = Helper::stripPartialFileExtension($filename);
$filePath_f = ltrim($filename, '/');
// in case of system wide mount points the keys are stored directly in the data directory
if ($util->isSystemWideMountPoint($filename)) {
$keyfilePath = '/files_encryption/keyfiles/' . $filePath_f . '.key';
} else {
$keyfilePath = '/' . $owner . '/files_encryption/keyfiles/' . $filePath_f . '.key';
}
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
if ($view->file_exists($keyfilePath)) {
$result = $view->file_get_contents($keyfilePath);
} else {
$result = false;
}
\OC_FileProxy::$enabled = $proxyStatus;
return $result;
}
/**
* Delete a keyfile
*
* @param \OC\Files\View $view
* @param string $path path of the file the key belongs to
* @param string $userId the user to whom the file belongs
* @return bool Outcome of unlink operation
* @note $path must be relative to data/user/files. e.g. mydoc.txt NOT
* /data/admin/files/mydoc.txt
*/
public static function deleteFileKey($view, $path, $userId=null) {
$trimmed = ltrim($path, '/');
if ($trimmed === '') {
\OCP\Util::writeLog('Encryption library',
'Can\'t delete file-key empty path given!', \OCP\Util::ERROR);
return false;
}
if ($userId === null) {
$userId = Helper::getUser($path);
}
$util = new Util($view, $userId);
if($util->isSystemWideMountPoint($path)) {
$keyPath = '/files_encryption/keyfiles/' . $trimmed;
} else {
$keyPath = '/' . $userId . '/files_encryption/keyfiles/' . $trimmed;
}
$result = false;
$fileExists = $view->file_exists('/' . $userId . '/files/' . $trimmed);
if ($view->is_dir($keyPath) && !$fileExists) {
\OCP\Util::writeLog('files_encryption', 'deleteFileKey: delete file key: ' . $keyPath, \OCP\Util::DEBUG);
$result = $view->unlink($keyPath);
} elseif ($view->file_exists($keyPath . '.key') && !$fileExists) {
\OCP\Util::writeLog('files_encryption', 'deleteFileKey: delete file key: ' . $keyPath, \OCP\Util::DEBUG);
$result = $view->unlink($keyPath . '.key');
}
if ($fileExists) {
\OCP\Util::writeLog('Encryption library',
'Did not delete the file key, file still exists: ' . '/' . $userId . '/files/' . $trimmed, \OCP\Util::ERROR);
} elseif (!$result) {
\OCP\Util::writeLog('Encryption library',
'Could not delete keyfile; does not exist: "' . $keyPath, \OCP\Util::ERROR);
}
return $result;
$path = self::getFileKeyPath($view, $util, $filePath);
return self::getKey($path, $view);
}
/**
@ -260,80 +264,84 @@ class Keymanager {
*/
public static function setPrivateKey($key, $user = '') {
if ($user === '') {
$user = \OCP\User::getUser();
}
$user = $user === '' ? \OCP\User::getUser() : $user;
$path = '/' . $user . '/files_encryption';
$header = Crypt::generateHeader();
$view = new \OC\Files\View('/' . $user . '/files_encryption');
return self::setKey($path, $user . '.privateKey', $header . $key, new \OC\Files\View());
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
}
if (!$view->file_exists('')) {
$view->mkdir('');
/**
* check if recovery key exists
*
* @param \OC\Files\View $view
* @return bool
*/
public static function recoveryKeyExists($view) {
$result = false;
$recoveryKeyId = Helper::getRecoveryKeyId();
if ($recoveryKeyId) {
$result = ($view->file_exists(self::$public_key_dir . '/' . $recoveryKeyId . ".publicKey")
&& $view->file_exists(self::$encryption_base_dir . '/' . $recoveryKeyId . ".privateKey"));
}
$result = $view->file_put_contents($user . '.private.key', $header . $key);
return $result;
}
\OC_FileProxy::$enabled = $proxyStatus;
public static function publicShareKeyExists($view) {
$result = false;
$publicShareKeyId = Helper::getPublicShareKeyId();
if ($publicShareKeyId) {
$result = ($view->file_exists(self::$public_key_dir . '/' . $publicShareKeyId . ".publicKey")
&& $view->file_exists(self::$encryption_base_dir . '/' . $publicShareKeyId . ".privateKey"));
}
return $result;
}
/**
* store public key from the user
* @param string $key
* @param string $user
*
* @return bool
*/
public static function setPublicKey($key, $user = '') {
$user = $user === '' ? \OCP\User::getUser() : $user;
return self::setKey(self::$public_key_dir, $user . '.publicKey', $key, new \OC\Files\View('/'));
}
/**
* write private system key (recovery and public share key) to disk
*
* @param string $key encrypted key
* @param string $keyName name of the key file
* @param string $keyName name of the key
* @return boolean
*/
public static function setPrivateSystemKey($key, $keyName) {
$keyName = $keyName . '.privateKey';
$header = Crypt::generateHeader();
$view = new \OC\Files\View('/owncloud_private_key');
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
if (!$view->file_exists('')) {
$view->mkdir('');
}
$result = $view->file_put_contents($keyName, $header . $key);
\OC_FileProxy::$enabled = $proxyStatus;
return $result;
return self::setKey(self::$encryption_base_dir, $keyName,$header . $key, new \OC\Files\View());
}
/**
* store share key
* read private system key (recovery and public share key) from disk
*
* @param \OC\Files\View $view
* @param string $path where the share key is stored
* @param string $shareKey
* @return bool true/false
* @note The keyfile is not encrypted here. Client code must
* asymmetrically encrypt the keyfile before passing it to this method
* @param string $keyName name of the key
* @return string|boolean private system key or false
*/
private static function setShareKey(\OC\Files\View $view, $path, $shareKey) {
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$result = $view->file_put_contents($path, $shareKey);
\OC_FileProxy::$enabled = $proxyStatus;
if (is_int($result) && $result > 0) {
return true;
} else {
return false;
}
public static function getPrivateSystemKey($keyName) {
$path = $keyName . '.privateKey';
return self::getKey($path, new \OC\Files\View(self::$encryption_base_dir));
}
/**
@ -344,35 +352,17 @@ class Keymanager {
* @param array $shareKeys
* @return bool
*/
public static function setShareKeys(\OC\Files\View $view, $util, $path, array $shareKeys) {
// $shareKeys must be an array with the following format:
// [userId] => [encrypted key]
list($owner, $filename) = $util->getUidAndFilename($path);
public static function setShareKeys($view, $util, $path, array $shareKeys) {
// in case of system wide mount points the keys are stored directly in the data directory
if ($util->isSystemWideMountPoint($filename)) {
$basePath = '/files_encryption/share-keys';
} else {
$basePath = '/' . $owner . '/files_encryption/share-keys';
}
$basePath = Keymanager::getKeyPath($view, $util, $path);
$shareKeyPath = self::keySetPreparation($view, $filename, $basePath);
self::keySetPreparation($view, $basePath);
$result = true;
foreach ($shareKeys as $userId => $shareKey) {
// try reusing key file if part file
if (Helper::isPartialFilePath($shareKeyPath)) {
$writePath = $basePath . '/' . Helper::stripPartialFileExtension($shareKeyPath) . '.' . $userId . '.shareKey';
} else {
$writePath = $basePath . '/' . $shareKeyPath . '.' . $userId . '.shareKey';
}
if (!self::setShareKey($view, $writePath, $shareKey)) {
if (!self::setKey($basePath, $userId . '.shareKey', $shareKey, $view)) {
// If any of the keys are not set, flag false
$result = false;
}
@ -392,89 +382,9 @@ class Keymanager {
* @note The sharekey returned is encrypted. Decryption
* of the keyfile must be performed by client code
*/
public static function getShareKey(\OC\Files\View $view, $userId, $util, $filePath) {
// try reusing key file if part file
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
list($owner, $filename) = $util->getUidAndFilename($filePath);
$filename = Helper::stripPartialFileExtension($filename);
// in case of system wide mount points the keys are stored directly in the data directory
if ($util->isSystemWideMountPoint($filename)) {
$shareKeyPath = '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey';
} else {
$shareKeyPath = '/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey';
}
if ($view->file_exists($shareKeyPath)) {
$result = $view->file_get_contents($shareKeyPath);
} else {
$result = false;
}
\OC_FileProxy::$enabled = $proxyStatus;
return $result;
}
/**
* delete all share keys of a given file
* @param \OC\Files\View $view
* @param string $userId owner of the file
* @param string $filePath path to the file, relative to the owners file dir
*/
public static function delAllShareKeys($view, $userId, $filePath) {
$filePath = ltrim($filePath, '/');
if ($view->file_exists('/' . $userId . '/files/' . $filePath)) {
\OCP\Util::writeLog('Encryption library',
'File still exists, stop deleting share keys!', \OCP\Util::ERROR);
return false;
}
if ($filePath === '') {
\OCP\Util::writeLog('Encryption library',
'Can\'t delete share-keys empty path given!', \OCP\Util::ERROR);
return false;
}
$util = new util($view, $userId);
if ($util->isSystemWideMountPoint($filePath)) {
$baseDir = '/files_encryption/share-keys/';
} else {
$baseDir = $userId . '/files_encryption/share-keys/';
}
$result = true;
if ($view->is_dir($baseDir . $filePath)) {
\OCP\Util::writeLog('files_encryption', 'delAllShareKeys: delete share keys: ' . $baseDir . $filePath, \OCP\Util::DEBUG);
$result = $view->unlink($baseDir . $filePath);
} else {
$sharingEnabled = \OCP\Share::isEnabled();
$users = $util->getSharingUsersArray($sharingEnabled, $filePath);
foreach($users as $user) {
$keyName = $baseDir . $filePath . '.' . $user . '.shareKey';
if ($view->file_exists($keyName)) {
\OCP\Util::writeLog(
'files_encryption',
'dellAllShareKeys: delete share keys: "' . $keyName . '"',
\OCP\Util::DEBUG
);
$result &= $view->unlink($keyName);
}
}
}
return (bool)$result;
public static function getShareKey($view, $userId, $util, $filePath) {
$path = self::getShareKeyPath($view, $util, $filePath, $userId);
return self::getKey($path, $view);
}
/**
@ -482,45 +392,19 @@ class Keymanager {
*
* @param \OC\Files\View $view relative to data/
* @param array $userIds list of users we want to remove
* @param string $filename the owners name of the file for which we want to remove the users relative to data/user/files
* @param string $owner owner of the file
* @param string $keyPath
* @param string $owner the owner of the file
* @param string $ownerPath the owners name of the file for which we want to remove the users relative to data/user/files
*/
public static function delShareKey($view, $userIds, $filename, $owner) {
public static function delShareKey($view, $userIds, $keysPath, $owner, $ownerPath) {
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$util = new Util($view, $owner);
if ($util->isSystemWideMountPoint($filename)) {
$shareKeyPath = \OC\Files\Filesystem::normalizePath('/files_encryption/share-keys/' . $filename);
} else {
$shareKeyPath = \OC\Files\Filesystem::normalizePath('/' . $owner . '/files_encryption/share-keys/' . $filename);
$key = array_search($owner, $userIds, true);
if ($key !== false && $view->file_exists('/' . $owner . '/files/' . $ownerPath)) {
unset($userIds[$key]);
}
if ($view->is_dir($shareKeyPath)) {
self::recursiveDelShareKeys($keysPath, $userIds, $view);
self::recursiveDelShareKeys($shareKeyPath, $userIds, $owner, $view);
} else {
foreach ($userIds as $userId) {
if ($userId === $owner && $view->file_exists('/' . $owner . '/files/' . $filename)) {
\OCP\Util::writeLog('files_encryption', 'Tried to delete owner key, but the file still exists!', \OCP\Util::FATAL);
continue;
}
$result = $view->unlink($shareKeyPath . '.' . $userId . '.shareKey');
\OCP\Util::writeLog('files_encryption', 'delShareKey: delete share key: ' . $shareKeyPath . '.' . $userId . '.shareKey' , \OCP\Util::DEBUG);
if (!$result) {
\OCP\Util::writeLog('Encryption library',
'Could not delete shareKey; does not exist: "' . $shareKeyPath . '.' . $userId
. '.shareKey"', \OCP\Util::ERROR);
}
}
}
\OC_FileProxy::$enabled = $proxyStatus;
}
/**
@ -528,35 +412,23 @@ class Keymanager {
*
* @param string $dir directory
* @param array $userIds user ids for which the share keys should be deleted
* @param string $owner owner of the file
* @param \OC\Files\View $view view relative to data/
*/
private static function recursiveDelShareKeys($dir, $userIds, $owner, $view) {
private static function recursiveDelShareKeys($dir, $userIds, $view) {
$dirContent = $view->opendir($dir);
$dirSlices = explode('/', ltrim($dir, '/'));
$realFileDir = '/' . $owner . '/files/' . implode('/', array_slice($dirSlices, 3)) . '/';
if (is_resource($dirContent)) {
while (($file = readdir($dirContent)) !== false) {
if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
if ($view->is_dir($dir . '/' . $file)) {
self::recursiveDelShareKeys($dir . '/' . $file, $userIds, $owner, $view);
self::recursiveDelShareKeys($dir . '/' . $file, $userIds, $view);
} else {
foreach ($userIds as $userId) {
$fileNameFromShareKey = self::getFilenameFromShareKey($file, $userId);
if (!$fileNameFromShareKey) {
continue;
if ($userId . '.shareKey' === $file) {
\OCP\Util::writeLog('files_encryption', 'recursiveDelShareKey: delete share key: ' . $file, \OCP\Util::DEBUG);
$view->unlink($dir . '/' . $file);
}
$realFile = $realFileDir . $fileNameFromShareKey;
if ($userId === $owner &&
$view->file_exists($realFile)) {
\OCP\Util::writeLog('files_encryption', 'original file still exists, keep owners share key!', \OCP\Util::ERROR);
continue;
}
\OCP\Util::writeLog('files_encryption', 'recursiveDelShareKey: delete share key: ' . $file, \OCP\Util::DEBUG);
$view->unlink($dir . '/' . $file);
}
}
}
@ -567,21 +439,15 @@ class Keymanager {
/**
* Make preparations to vars and filesystem for saving a keyfile
* @param string|boolean $path
*
* @param \OC\Files\View $view
* @param string $path relatvie to the views root
* @param string $basePath
*/
protected static function keySetPreparation(\OC\Files\View $view, $path, $basePath) {
$targetPath = ltrim($path, '/');
$path_parts = pathinfo($targetPath);
protected static function keySetPreparation($view, $path) {
// If the file resides within a subdirectory, create it
if (
isset($path_parts['dirname'])
&& !$view->file_exists($basePath . '/' . $path_parts['dirname'])
) {
$sub_dirs = explode('/', $basePath . '/' . $path_parts['dirname']);
if (!$view->file_exists($path)) {
$sub_dirs = explode('/', $path);
$dir = '';
foreach ($sub_dirs as $sub_dir) {
$dir .= '/' . $sub_dir;
@ -590,27 +456,6 @@ class Keymanager {
}
}
}
return $targetPath;
}
/**
* extract filename from share key name
* @param string $shareKey (filename.userid.sharekey)
* @param string $userId
* @return string|false filename or false
*/
protected static function getFilenameFromShareKey($shareKey, $userId) {
$expectedSuffix = '.' . $userId . '.' . 'shareKey';
$suffixLen = strlen($expectedSuffix);
$suffix = substr($shareKey, -$suffixLen);
if ($suffix !== $expectedSuffix) {
return false;
}
return substr($shareKey, 0, -$suffixLen);
}
}

268
apps/files_encryption/lib/migration.php
View File

@ -2,8 +2,9 @@
/**
* ownCloud
*
* @author Thomas Müller
* @copyright 2014 Thomas Müller deepdiver@owncloud.com
* @copyright (C) 2014 ownCloud, Inc.
*
* @author Bjoern Schiessle <schiessle@owncloud.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
@ -25,26 +26,257 @@ namespace OCA\Files_Encryption;
class Migration {
public function __construct($tableName = 'encryption') {
$this->tableName = $tableName;
/**
* @var \OC\Files\View
*/
private $view;
private $public_share_key_id;
private $recovery_key_id;
public function __construct() {
$this->view = new \OC\Files\View();
$this->public_share_key_id = \OCA\Encryption\Helper::getPublicShareKeyId();
$this->recovery_key_id = \OCA\Encryption\Helper::getRecoveryKeyId();
}
// migrate settings from oc_encryption to oc_preferences
public function dropTableEncryption() {
$tableName = $this->tableName;
if (!\OC_DB::tableExists($tableName)) {
return;
}
$sql = "select `uid`, max(`recovery_enabled`) as `recovery_enabled`, min(`migration_status`) as `migration_status` from `*PREFIX*$tableName` group by `uid`";
$query = \OCP\DB::prepare($sql);
$result = $query->execute(array())->fetchAll();
public function reorganizeFolderStructure() {
foreach ($result as $row) {
\OC_Preferences::setValue($row['uid'], 'files_encryption', 'recovery_enabled', $row['recovery_enabled']);
\OC_Preferences::setValue($row['uid'], 'files_encryption', 'migration_status', $row['migration_status']);
}
$this->createPathForKeys('/files_encryption');
\OC_DB::dropTable($tableName);
// backup system wide folders
$this->backupSystemWideKeys();
// rename public keys
$this->renamePublicKeys();
// rename system wide mount point
$this->renameFileKeys('', '/files_encryption/keyfiles');
// rename system private keys
$this->renameSystemPrivateKeys();
// delete old system wide folders
$this->view->deleteAll('/public-keys');
$this->view->deleteAll('/owncloud_private_key');
$this->view->deleteAll('/files_encryption/share-keys');
$this->view->deleteAll('/files_encryption/keyfiles');
$users = \OCP\User::getUsers();
foreach ($users as $user) {
// backup all keys
if ($this->backupUserKeys($user)) {
// create new 'key' folder
$this->view->mkdir($user . '/files_encryption/keys');
// rename users private key
$this->renameUsersPrivateKey($user);
// rename file keys
$path = $user . '/files_encryption/keyfiles';
$this->renameFileKeys($user, $path);
$trashPath = $user . '/files_trashbin/keyfiles';
if (\OC_App::isEnabled('files_trashbin') && $this->view->is_dir($trashPath)) {
$this->renameFileKeys($user, $trashPath, true);
$this->view->deleteAll($trashPath);
$this->view->deleteAll($user . '/files_trashbin/share-keys');
}
// delete old folders
$this->deleteOldKeys($user);
}
}
}
private function backupSystemWideKeys() {
$backupDir = 'encryption_migration_backup_' . date("Y-m-d_H-i-s");
$this->view->mkdir($backupDir);
$this->view->copy('owncloud_private_key', $backupDir . '/owncloud_private_key');
$this->view->copy('public-keys', $backupDir . '/public-keys');
$this->view->copy('files_encryption', $backupDir . '/files_encryption');
}
private function backupUserKeys($user) {
$encryptionDir = $user . '/files_encryption';
if ($this->view->is_dir($encryptionDir)) {
$backupDir = $user . '/encryption_migration_backup_' . date("Y-m-d_H-i-s");
$this->view->mkdir($backupDir);
$this->view->copy($encryptionDir, $backupDir);
return true;
}
return false;
}
private function renamePublicKeys() {
$dh = $this->view->opendir('public-keys');
$this->createPathForKeys('files_encryption/public_keys');
if (is_resource($dh)) {
while (($oldPublicKey = readdir($dh)) !== false) {
if (!\OC\Files\Filesystem::isIgnoredDir($oldPublicKey)) {
$newPublicKey = substr($oldPublicKey, 0, strlen($oldPublicKey) - strlen('.public.key')) . '.publicKey';
$this->view->rename('public-keys/' . $oldPublicKey , 'files_encryption/public_keys/' . $newPublicKey);
}
}
closedir($dh);
}
}
private function renameSystemPrivateKeys() {
$dh = $this->view->opendir('owncloud_private_key');
if (is_resource($dh)) {
while (($oldPrivateKey = readdir($dh)) !== false) {
if (!\OC\Files\Filesystem::isIgnoredDir($oldPrivateKey)) {
$newPrivateKey = substr($oldPrivateKey, 0, strlen($oldPrivateKey) - strlen('.private.key')) . '.privateKey';
$this->view->rename('owncloud_private_key/' . $oldPrivateKey , 'files_encryption/' . $newPrivateKey);
}
}
closedir($dh);
}
}
private function renameUsersPrivateKey($user) {
$oldPrivateKey = $user . '/files_encryption/' . $user . '.private.key';
$newPrivateKey = substr($oldPrivateKey, 0, strlen($oldPrivateKey) - strlen('.private.key')) . '.privateKey';
$this->view->rename($oldPrivateKey, $newPrivateKey);
}
private function getFileName($file, $trash) {
$extLength = strlen('.key');
if ($trash) {
$parts = explode('.', $file);
if ($parts[count($parts) - 1] !== 'key') {
$extLength = $extLength + strlen('.' . $parts[count($parts) - 1]);
}
}
$filename = substr($file, 0, strlen($file) - $extLength);
return $filename;
}
private function getExtension($file, $trash) {
$extension = '';
if ($trash) {
$parts = explode('.', $file);
if ($parts[count($parts) - 1] !== 'key') {
$extension = '.' . $parts[count($parts) - 1];
}
}
return $extension;
}
private function getFilePath($path, $user, $trash) {
$offset = $trash ? strlen($user . '/files_trashbin/keyfiles') : strlen($user . '/files_encryption/keyfiles');
return substr($path, $offset);
}
private function getTargetDir($user, $filePath, $filename, $extension, $trash) {
if ($trash) {
$targetDir = $user . '/files_trashbin/keys/' . $filePath . '/' . $filename . $extension;
} else {
$targetDir = $user . '/files_encryption/keys/' . $filePath . '/' . $filename . $extension;
}
return $targetDir;
}
private function renameFileKeys($user, $path, $trash = false) {
$dh = $this->view->opendir($path);
if (is_resource($dh)) {
while (($file = readdir($dh)) !== false) {
if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
if ($this->view->is_dir($path . '/' . $file)) {
$this->renameFileKeys($user, $path . '/' . $file, $trash);
} else {
$filename = $this->getFileName($file, $trash);
$filePath = $this->getFilePath($path, $user, $trash);
$extension = $this->getExtension($file, $trash);
$targetDir = $this->getTargetDir($user, $filePath, $filename, $extension, $trash);
$this->createPathForKeys($targetDir);
$this->view->copy($path . '/' . $file, $targetDir . '/fileKey');
$this->renameShareKeys($user, $filePath, $filename, $targetDir, $trash);
}
}
}
closedir($dh);
}
}
private function getOldShareKeyPath($user, $filePath, $trash) {
if ($trash) {
$oldShareKeyPath = $user . '/files_trashbin/share-keys/' . $filePath;
} else {
$oldShareKeyPath = $user . '/files_encryption/share-keys/' . $filePath;
}
return $oldShareKeyPath;
}
private function getUidFromShareKey($file, $filename, $trash) {
$extLength = strlen('.shareKey');
if ($trash) {
$parts = explode('.', $file);
if ($parts[count($parts) - 1] !== 'shareKey') {
$extLength = $extLength + strlen('.' . $parts[count($parts) - 1]);
}
}
$uid = substr($file, strlen($filename) + 1, $extLength * -1);
return $uid;
}
private function renameShareKeys($user, $filePath, $filename, $target, $trash) {
$oldShareKeyPath = $this->getOldShareKeyPath($user, $filePath, $trash);
$dh = $this->view->opendir($oldShareKeyPath);
if (is_resource($dh)) {
while (($file = readdir($dh)) !== false) {
if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
if ($this->view->is_dir($oldShareKeyPath . '/' . $file)) {
continue;
} else {
if (substr($file, 0, strlen($filename) +1) === $filename . '.') {
$uid = $this->getUidFromShareKey($file, $filename, $trash);
if ($uid === $this->public_share_key_id ||
$uid === $this->recovery_key_id ||
\OCP\User::userExists($uid)) {
$this->view->copy($oldShareKeyPath . '/' . $file, $target . '/' . $uid . '.shareKey');
}
}
}
}
}
closedir($dh);
}
}
private function deleteOldKeys($user) {
$this->view->deleteAll($user . '/files_encryption/keyfiles');
$this->view->deleteAll($user . '/files_encryption/share-keys');
}
private function createPathForKeys($path) {
if (!$this->view->file_exists($path)) {
$sub_dirs = explode('/', $path);
$dir = '';
foreach ($sub_dirs as $sub_dir) {
$dir .= '/' . $sub_dir;
if (!$this->view->is_dir($dir)) {
$this->view->mkdir($dir);
}
}
}
}
}

11
apps/files_encryption/lib/proxy.php
View File

@ -3,10 +3,11 @@
/**
* ownCloud
*
* @author Bjoern Schiessle, Sam Tuke, Robin Appelman
* @copyright 2012 Sam Tuke <samtuke@owncloud.com>
* 2012 Robin Appelman <icewind1991@gmail.com>
* 2014 Bjoern Schiessle <schiessle@owncloud.com>
* @copyright (C) 2014 ownCloud, Inc.
*
* @author Bjoern Schiessle <schiessle@owncloud.com>
* @author Sam Tuke <samtuke@owncloud.com>
* @author Robin Appelman <icewind1991@gmail.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
@ -204,11 +205,11 @@ class Proxy extends \OC_FileProxy {
public function postFile_get_contents($path, $data) {
$plainData = null;
$view = new \OC\Files\View('/');
// If data is a catfile
if (
Crypt::mode() === 'server'
&& $this->shouldEncrypt($path)
&& Crypt::isCatfileContent($data)
) {

36
apps/files_encryption/lib/session.php
View File

@ -2,8 +2,10 @@
/**
* ownCloud
*
* @author Sam Tuke
* @copyright 2012 Sam Tuke samtuke@owncloud.com
* @copyright (C) 2014 ownCloud, Inc.
*
* @author Sam Tuke <samtuke@owncloud.com>
* @author Bjoern Schiessle <schiessle@owncloud.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
@ -46,51 +48,38 @@ class Session {
$this->view = $view;
if (!$this->view->is_dir('owncloud_private_key')) {
if (!$this->view->is_dir('files_encryption')) {
$this->view->mkdir('owncloud_private_key');
$this->view->mkdir('files_encryption');
}
$appConfig = \OC::$server->getAppConfig();
$publicShareKeyId = $appConfig->getValue('files_encryption', 'publicShareKeyId');
$publicShareKeyId = Helper::getPublicShareKeyId();
if ($publicShareKeyId === null) {
if ($publicShareKeyId === false) {
$publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8);
$appConfig->setValue('files_encryption', 'publicShareKeyId', $publicShareKeyId);
}
if (
!$this->view->file_exists("/public-keys/" . $publicShareKeyId . ".public.key")
|| !$this->view->file_exists("/owncloud_private_key/" . $publicShareKeyId . ".private.key")
) {
if (!Keymanager::publicShareKeyExists($view)) {
$keypair = Crypt::createKeypair();
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
// Save public key
if (!$view->is_dir('/public-keys')) {
$view->mkdir('/public-keys');
}
$this->view->file_put_contents('/public-keys/' . $publicShareKeyId . '.public.key', $keypair['publicKey']);
Keymanager::setPublicKey($keypair['publicKey'], $publicShareKeyId);
// Encrypt private key empty passphrase
$cipher = \OCA\Encryption\Helper::getCipher();
$encryptedKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($keypair['privateKey'], '', $cipher);
if ($encryptedKey) {
Keymanager::setPrivateSystemKey($encryptedKey, $publicShareKeyId . '.private.key');
Keymanager::setPrivateSystemKey($encryptedKey, $publicShareKeyId);
} else {
\OCP\Util::writeLog('files_encryption', 'Could not create public share keys', \OCP\Util::ERROR);
}
\OC_FileProxy::$enabled = $proxyStatus;
}
if (\OCA\Encryption\Helper::isPublicAccess() && !self::getPublicSharePrivateKey()) {
@ -98,8 +87,7 @@ class Session {
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$encryptedKey = $this->view->file_get_contents(
'/owncloud_private_key/' . $publicShareKeyId . '.private.key');
$encryptedKey = Keymanager::getPrivateSystemKey($publicShareKeyId);
$privateKey = Crypt::decryptPrivateKey($encryptedKey, '');
self::setPublicSharePrivateKey($privateKey);

117
apps/files_encryption/lib/util.php
View File

@ -2,10 +2,11 @@
/**
* ownCloud
*
* @author Sam Tuke, Frank Karlitschek, Bjoern Schiessle
* @copyright 2012 Sam Tuke <samtuke@owncloud.com>,
* Frank Karlitschek <frank@owncloud.org>,
* Bjoern Schiessle <schiessle@owncloud.com>
* @copyright (C) 2014 ownCloud, Inc.
*
* @author Sam Tuke <samtuke@owncloud.com>,
* @author Frank Karlitschek <frank@owncloud.org>,
* @author Bjoern Schiessle <schiessle@owncloud.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
@ -44,10 +45,10 @@ class Util {
private $client; // Client side encryption mode flag
private $publicKeyDir; // Dir containing all public user keys
private $encryptionDir; // Dir containing user's files_encryption
private $keyfilesPath; // Dir containing user's keyfiles
private $shareKeysPath; // Dir containing env keys for shared files
private $keysPath; // Dir containing all file related encryption keys
private $publicKeyPath; // Path to user's public key
private $privateKeyPath; // Path to user's private key
private $userFilesDir;
private $publicShareKeyId;
private $recoveryKeyId;
private $isPublic;
@ -72,14 +73,13 @@ class Util {
$this->fileFolderName = 'files';
$this->userFilesDir =
'/' . $userId . '/' . $this->fileFolderName; // TODO: Does this need to be user configurable?
$this->publicKeyDir = '/' . 'public-keys';
$this->publicKeyDir = Keymanager::getPublicKeyPath();
$this->encryptionDir = '/' . $this->userId . '/' . 'files_encryption';
$this->keyfilesPath = $this->encryptionDir . '/' . 'keyfiles';
$this->shareKeysPath = $this->encryptionDir . '/' . 'share-keys';
$this->keysPath = $this->encryptionDir . '/' . 'keys';
$this->publicKeyPath =
$this->publicKeyDir . '/' . $this->userId . '.public.key'; // e.g. data/public-keys/admin.public.key
$this->publicKeyDir . '/' . $this->userId . '.publicKey'; // e.g. data/public-keys/admin.publicKey
$this->privateKeyPath =
$this->encryptionDir . '/' . $this->userId . '.private.key'; // e.g. data/admin/admin.private.key
$this->encryptionDir . '/' . $this->userId . '.privateKey'; // e.g. data/admin/admin.privateKey
// make sure that the owners home is mounted
\OC\Files\Filesystem::initMountPoints($userId);
@ -99,8 +99,7 @@ class Util {
if (
!$this->view->file_exists($this->encryptionDir)
or !$this->view->file_exists($this->keyfilesPath)
or !$this->view->file_exists($this->shareKeysPath)
or !$this->view->file_exists($this->keysPath)
or !$this->view->file_exists($this->publicKeyPath)
or !$this->view->file_exists($this->privateKeyPath)
) {
@ -149,8 +148,7 @@ class Util {
$this->userDir,
$this->publicKeyDir,
$this->encryptionDir,
$this->keyfilesPath,
$this->shareKeysPath
$this->keysPath
);
// Check / create all necessary dirs
@ -727,8 +725,8 @@ class Util {
}
if ($successful) {
$this->view->rename($this->keyfilesPath, $this->keyfilesPath . '.backup');
$this->view->rename($this->shareKeysPath, $this->shareKeysPath . '.backup');
$this->backupAllKeys('decryptAll');
$this->view->deleteAll($this->keysPath);
}
\OC_FileProxy::$enabled = true;
@ -845,9 +843,9 @@ class Util {
break;
case 'keyfilesPath':
case 'keysPath':
return $this->keyfilesPath;
return $this->keysPath;
break;
@ -1365,22 +1363,14 @@ class Util {
public function checkRecoveryPassword($password) {
$result = false;
$pathKey = '/owncloud_private_key/' . $this->recoveryKeyId . ".private.key";
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$recoveryKey = $this->view->file_get_contents($pathKey);
$recoveryKey = Keymanager::getPrivateSystemKey($this->recoveryKeyId);
$decryptedRecoveryKey = Crypt::decryptPrivateKey($recoveryKey, $password);
if ($decryptedRecoveryKey) {
$result = true;
}
\OC_FileProxy::$enabled = $proxyStatus;
return $result;
}
@ -1395,19 +1385,17 @@ class Util {
* add recovery key to all encrypted files
*/
public function addRecoveryKeys($path = '/') {
$dirContent = $this->view->getDirectoryContent($this->keyfilesPath . $path);
$dirContent = $this->view->getDirectoryContent($this->keysPath . '/' . $path);
foreach ($dirContent as $item) {
// get relative path from files_encryption/keyfiles/
$filePath = substr($item['path'], strlen('files_encryption/keyfiles'));
if ($item['type'] === 'dir') {
$filePath = substr($item['path'], strlen('files_encryption/keys'));
if ($this->view->is_dir($this->userFilesDir . '/' . $filePath)) {
$this->addRecoveryKeys($filePath . '/');
} else {
$session = new \OCA\Encryption\Session(new \OC\Files\View('/'));
$sharingEnabled = \OCP\Share::isEnabled();
// remove '.key' extension from path e.g. 'file.txt.key' to 'file.txt'
$file = substr($filePath, 0, -4);
$usersSharing = $this->getSharingUsersArray($sharingEnabled, $file);
$this->setSharedFileKeyfiles($session, $usersSharing, $file);
$usersSharing = $this->getSharingUsersArray($sharingEnabled, $filePath);
$this->setSharedFileKeyfiles($session, $usersSharing, $filePath);
}
}
}
@ -1416,16 +1404,14 @@ class Util {
* remove recovery key to all encrypted files
*/
public function removeRecoveryKeys($path = '/') {
$dirContent = $this->view->getDirectoryContent($this->keyfilesPath . $path);
$dirContent = $this->view->getDirectoryContent($this->keysPath . '/' . $path);
foreach ($dirContent as $item) {
// get relative path from files_encryption/keyfiles
$filePath = substr($item['path'], strlen('files_encryption/keyfiles'));
if ($item['type'] === 'dir') {
$filePath = substr($item['path'], strlen('files_encryption/keys'));
if ($this->view->is_dir($this->userFilesDir . '/' . $filePath)) {
$this->removeRecoveryKeys($filePath . '/');
} else {
// remove '.key' extension from path e.g. 'file.txt.key' to 'file.txt'
$file = substr($filePath, 0, -4);
$this->view->unlink($this->shareKeysPath . '/' . $file . '.' . $this->recoveryKeyId . '.shareKey');
$this->view->unlink($this->keysPath . '/' . $filePath . '/' . $this->recoveryKeyId . '.shareKey');
}
}
}
@ -1455,27 +1441,17 @@ class Util {
}
$filteredUids = $this->filterShareReadyUsers($userIds);
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
//decrypt file key
$encKeyfile = $this->view->file_get_contents($this->keyfilesPath . $file . ".key");
$shareKey = $this->view->file_get_contents(
$this->shareKeysPath . $file . "." . $this->recoveryKeyId . ".shareKey");
$encKeyfile = Keymanager::getFileKey($this->view, $this, $file);
$shareKey = Keymanager::getShareKey($this->view, $this->recoveryKeyId, $this, $file);
$plainKeyfile = Crypt::multiKeyDecrypt($encKeyfile, $shareKey, $privateKey);
// encrypt file key again to all users, this time with the new public key for the recovered use
$userPubKeys = Keymanager::getPublicKeys($this->view, $filteredUids['ready']);
$multiEncKey = Crypt::multiKeyEncrypt($plainKeyfile, $userPubKeys);
// write new keys to filesystem TDOO!
$this->view->file_put_contents($this->keyfilesPath . $file . '.key', $multiEncKey['data']);
foreach ($multiEncKey['keys'] as $userId => $shareKey) {
$shareKeyPath = $this->shareKeysPath . $file . '.' . $userId . '.shareKey';
$this->view->file_put_contents($shareKeyPath, $shareKey);
}
Keymanager::setFileKey($this->view, $this, $file, $multiEncKey['data']);
Keymanager::setShareKeys($this->view, $this, $file, $multiEncKey['keys']);
// Return proxy to original status
\OC_FileProxy::$enabled = $proxyStatus;
}
/**
@ -1484,16 +1460,14 @@ class Util {
* @param string $privateKey private recovery key which is used to decrypt the files
*/
private function recoverAllFiles($path, $privateKey) {
$dirContent = $this->view->getDirectoryContent($this->keyfilesPath . $path);
$dirContent = $this->view->getDirectoryContent($this->keysPath . '/' . $path);
foreach ($dirContent as $item) {
// get relative path from files_encryption/keyfiles
$filePath = substr($item['path'], strlen('files_encryption/keyfiles'));
if ($item['type'] === 'dir') {
$filePath = substr($item['path'], strlen('files_encryption/keys'));
if ($this->view->is_dir($this->userFilesDir . '/' . $filePath)) {
$this->recoverAllFiles($filePath . '/', $privateKey);
} else {
// remove '.key' extension from path e.g. 'file.txt.key' to 'file.txt'
$file = substr($filePath, 0, -4);
$this->recoverFile($file, $privateKey);
$this->recoverFile($filePath, $privateKey);
}
}
}
@ -1504,16 +1478,9 @@ class Util {
*/
public function recoverUsersFiles($recoveryPassword) {
// Disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$encryptedKey = $this->view->file_get_contents(
'/owncloud_private_key/' . $this->recoveryKeyId . '.private.key');
$encryptedKey = Keymanager::getPrivateSystemKey( $this->recoveryKeyId);
$privateKey = Crypt::decryptPrivateKey($encryptedKey, $recoveryPassword);
\OC_FileProxy::$enabled = $proxyStatus;
$this->recoverAllFiles('/', $privateKey);
}
@ -1527,10 +1494,9 @@ class Util {
$backupDir = $this->encryptionDir . '/backup.';
$backupDir .= ($purpose === '') ? date("Y-m-d_H-i-s") . '/' : $purpose . '.' . date("Y-m-d_H-i-s") . '/';
$this->view->mkdir($backupDir);
$this->view->copy($this->shareKeysPath, $backupDir . 'share-keys/');
$this->view->copy($this->keyfilesPath, $backupDir . 'keyfiles/');
$this->view->copy($this->privateKeyPath, $backupDir . $this->userId . '.private.key');
$this->view->copy($this->publicKeyPath, $backupDir . $this->userId . '.public.key');
$this->view->copy($this->keysPath, $backupDir . 'keys/');
$this->view->copy($this->privateKeyPath, $backupDir . $this->userId . '.privateKey');
$this->view->copy($this->publicKeyPath, $backupDir . $this->userId . '.publicKey');
}
/**
@ -1590,7 +1556,10 @@ class Util {
$encryptedKey = Keymanager::getPrivateKey($this->view, $params['uid']);
$privateKey = Crypt::decryptPrivateKey($encryptedKey, $params['password']);
$privateKey = false;
if ($encryptedKey) {
$privateKey = Crypt::decryptPrivateKey($encryptedKey, $params['password']);
}
if ($privateKey === false) {
\OCP\Util::writeLog('Encryption library', 'Private key for user "' . $params['uid']

38
apps/files_encryption/tests/crypt.php
View File

@ -33,20 +33,6 @@ class Test_Encryption_Crypt extends \OCA\Files_Encryption\Tests\TestCase {
public static function setUpBeforeClass() {
parent::setUpBeforeClass();
// reset backend
\OC_User::clearBackends();
\OC_User::useBackend('database');
// Filesystem related hooks
\OCA\Encryption\Helper::registerFilesystemHooks();
// Filesystem related hooks
\OCA\Encryption\Helper::registerUserHooks();
// clear and register hooks
\OC_FileProxy::clearProxies();
\OC_FileProxy::register(new OCA\Encryption\Proxy());
// create test user
self::loginHelper(\Test_Encryption_Crypt::TEST_ENCRYPTION_CRYPT_USER1, true);
}
@ -99,14 +85,6 @@ class Test_Encryption_Crypt extends \OCA\Files_Encryption\Tests\TestCase {
// cleanup test user
\OC_User::deleteUser(\Test_Encryption_Crypt::TEST_ENCRYPTION_CRYPT_USER1);
\OC_Hook::clear();
\OC_FileProxy::clearProxies();
// Delete keys in /data/
$view = new \OC\Files\View('/');
$view->rmdir('public-keys');
$view->rmdir('owncloud_private_key');
parent::tearDownAfterClass();
}
@ -211,8 +189,6 @@ class Test_Encryption_Crypt extends \OCA\Files_Encryption\Tests\TestCase {
// Teardown
$this->view->unlink($this->userId . '/files/' . $filename);
Encryption\Keymanager::deleteFileKey($this->view, $filename);
}
/**
@ -252,8 +228,6 @@ class Test_Encryption_Crypt extends \OCA\Files_Encryption\Tests\TestCase {
// Teardown
$this->view->unlink($this->userId . '/files/' . $filename);
Encryption\Keymanager::deleteFileKey($this->view, $filename);
}
/**
@ -293,11 +267,7 @@ class Test_Encryption_Crypt extends \OCA\Files_Encryption\Tests\TestCase {
$this->assertEquals($this->dataLong . $this->dataLong, $decrypted);
// Teardown
$this->view->unlink($this->userId . '/files/' . $filename);
Encryption\Keymanager::deleteFileKey($this->view, $filename);
}
/**
@ -341,11 +311,7 @@ class Test_Encryption_Crypt extends \OCA\Files_Encryption\Tests\TestCase {
$this->assertEquals($this->dataLong . $this->dataLong, $decrypted);
// Teardown
$this->view->unlink($this->userId . '/files/' . $filename);
Encryption\Keymanager::deleteFileKey($this->view, $filename);
}
/**
@ -393,11 +359,7 @@ class Test_Encryption_Crypt extends \OCA\Files_Encryption\Tests\TestCase {
$this->assertEquals($this->dataLong . $this->dataLong, $decrypted);
// Teardown
$this->view->unlink($this->userId . '/files/' . $filename);
Encryption\Keymanager::deleteFileKey($this->view, $filename);
}
/**

60
apps/files_encryption/tests/helper.php
View File

@ -38,14 +38,6 @@ class Test_Encryption_Helper extends \OCA\Files_Encryption\Tests\TestCase {
}
public static function tearDownAfterClass() {
\OC_Hook::clear();
\OC_FileProxy::clearProxies();
// Delete keys in /data/
$view = new \OC\Files\View('/');
$view->rmdir('public-keys');
$view->rmdir('owncloud_private_key');
parent::tearDownAfterClass();
}
@ -125,56 +117,4 @@ class Test_Encryption_Helper extends \OCA\Files_Encryption\Tests\TestCase {
self::cleanUpUsers();
}
function userNamesProvider() {
return array(
array('testuser' . $this->getUniqueID()),
array('user.name.with.dots'),
);
}
/**
* Tests whether share keys can be found
*
* @dataProvider userNamesProvider
*/
function testFindShareKeys($userName) {
self::setUpUsers();
// note: not using dataProvider as we want to make
// sure that the correct keys are match and not any
// other ones that might happen to have similar names
self::setupHooks();
self::loginHelper($userName, true);
$testDir = 'testFindShareKeys' . $this->getUniqueID() . '/';
$baseDir = $userName . '/files/' . $testDir;
$fileList = array(
't est.txt',
't est_.txt',
't est.doc.txt',
't est(.*).txt', // make sure the regexp is escaped
'multiple.dots.can.happen.too.txt',
't est.' . $userName . '.txt',
't est_.' . $userName . '.shareKey.txt',
'who would upload their.shareKey',
'user ones file.txt',
'user ones file.txt.backup',
'.t est.txt'
);
$rootView = new \OC\Files\View('/');
$rootView->mkdir($baseDir);
foreach ($fileList as $fileName) {
$rootView->file_put_contents($baseDir . $fileName, 'dummy');
}
$shareKeysDir = $userName . '/files_encryption/share-keys/' . $testDir;
foreach ($fileList as $fileName) {
// make sure that every file only gets its correct respective keys
$result = Encryption\Helper::findShareKeys($baseDir . $fileName, $shareKeysDir . $fileName, $rootView);
$this->assertEquals(
array($shareKeysDir . $fileName . '.' . $userName . '.shareKey'),
$result
);
}
self::cleanUpUsers();
}
}

138
apps/files_encryption/tests/hooks.php
View File

@ -63,28 +63,6 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase {
'.t est.txt'
);
// reset backend
\OC_User::clearBackends();
\OC_User::useBackend('database');
\OC_Hook::clear('OC_Filesystem');
\OC_Hook::clear('OC_User');
// clear share hooks
\OC_Hook::clear('OCP\\Share');
\OC::registerShareHooks();
\OCP\Util::connectHook('OC_Filesystem', 'setup', '\OC\Files\Storage\Shared', 'setup');
// Filesystem related hooks
\OCA\Encryption\Helper::registerFilesystemHooks();
// Sharing related hooks
\OCA\Encryption\Helper::registerShareHooks();
// clear and register proxies
\OC_FileProxy::clearProxies();
\OC_FileProxy::register(new OCA\Encryption\Proxy());
// create test user
self::loginHelper(\Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1, true);
self::loginHelper(\Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2, true);
@ -114,14 +92,6 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase {
\OC_User::deleteUser(\Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1);
\OC_User::deleteUser(\Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2);
\OC_Hook::clear();
\OC_FileProxy::clearProxies();
// Delete keys in /data/
$view = new \OC\Files\View('/');
$view->rmdir('public-keys');
$view->rmdir('owncloud_private_key');
parent::tearDownAfterClass();
}
@ -163,10 +133,10 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase {
// check if all keys are generated
$this->assertTrue($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
$this->assertTrue($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' . $this->filename . '.key'));
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->filename . '/fileKey'));
self::logoutHelper();
@ -178,10 +148,10 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase {
// check if all keys are generated
$this->assertTrue($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey'));
self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey'));
$this->assertTrue($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keyfiles/' . $this->filename . '.key'));
self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' . $this->filename . '/fileKey'));
// create a dummy file that we can delete something outside of data/user/files
@ -193,10 +163,10 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase {
// all keys should still exist
$this->assertTrue($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey'));
self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey'));
$this->assertTrue($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keyfiles/' . $this->filename . '.key'));
self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' . $this->filename . '/fileKey'));
// delete the file in data/user/files
@ -205,17 +175,17 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase {
// check if keys from user2 are really deleted
$this->assertFalse($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey'));
self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey'));
$this->assertFalse($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keyfiles/' . $this->filename . '.key'));
self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' . $this->filename . '/fileKey'));
// but user1 keys should still exist
$this->assertTrue($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
$this->assertTrue($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' . $this->filename . '.key'));
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->filename . '/fileKey'));
if ($stateFilesTrashbin) {
OC_App::enable('files_trashbin');
@ -244,10 +214,10 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase {
// check if all keys are generated
$this->assertTrue($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
$this->assertTrue($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' . $this->filename . '.key'));
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->filename . '/fileKey'));
// get the file info from previous created file
$fileInfo = $this->user1View->getFileInfo($this->filename);
@ -260,8 +230,8 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase {
// check if new share key exists
$this->assertTrue($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey'));
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey'));
self::logoutHelper();
self::loginHelper(\Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2);
@ -272,10 +242,10 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase {
// keys should be stored at user1s dir, not in user2s
$this->assertFalse($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey'));
self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey'));
$this->assertFalse($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keyfiles/' . $this->filename . '.key'));
self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' . $this->filename . '/fileKey'));
// delete the Shared file from user1 in data/user2/files/Shared
$result = $this->user2View->unlink($this->filename);
@ -284,13 +254,13 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase {
// share key for user2 from user1s home should be gone, all other keys should still exists
$this->assertTrue($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
$this->assertFalse($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey'));
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey'));
$this->assertTrue($this->rootView->file_exists(
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' . $this->filename . '.key'));
self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->filename . '/fileKey'));
// cleanup
@ -327,12 +297,12 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase {
function doTestRenameHook($filename) {
// check if keys exists
$this->assertTrue($this->rootView->file_exists(
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/'
. $filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/'
. $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
$this->assertTrue($this->rootView->file_exists(
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/'
. $filename . '.key'));
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/'
. $filename . '/fileKey'));
// make subfolder and sub-subfolder
$this->rootView->mkdir('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder);
@ -351,18 +321,18 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase {
// keys should be renamed too
$this->assertFalse($this->rootView->file_exists(
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/'
. $filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/'
. $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
$this->assertFalse($this->rootView->file_exists(
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/'
. $filename . '.key'));
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/'
. $filename . '/fileKey'));
$this->assertTrue($this->rootView->file_exists(
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' . $this->folder . '/' . $this->folder . '/'
. $filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->folder . '/' . $this->folder . '/'
. $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
$this->assertTrue($this->rootView->file_exists(
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' . $this->folder . '/' . $this->folder . '/'
. $filename . '.key'));
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->folder . '/' . $this->folder . '/'
. $filename . '/fileKey'));
// cleanup
$this->rootView->unlink('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder);
@ -389,12 +359,12 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase {
function doTestCopyHook($filename) {
// check if keys exists
$this->assertTrue($this->rootView->file_exists(
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/'
. $filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/'
. $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
$this->assertTrue($this->rootView->file_exists(
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/'
. $filename . '.key'));
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/'
. $filename . '/fileKey'));
// make subfolder and sub-subfolder
$this->rootView->mkdir('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder);
@ -410,18 +380,18 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase {
// keys should be copied too
$this->assertTrue($this->rootView->file_exists(
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/'
. $filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/'
. $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
$this->assertTrue($this->rootView->file_exists(
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/'
. $filename . '.key'));
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/'
. $filename . '/fileKey'));
$this->assertTrue($this->rootView->file_exists(
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' . $this->folder . '/' . $this->folder . '/'
. $filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->folder . '/' . $this->folder . '/'
. $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey'));
$this->assertTrue($this->rootView->file_exists(
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' . $this->folder . '/' . $this->folder . '/'
. $filename . '.key'));
'/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->folder . '/' . $this->folder . '/'
. $filename . '/fileKey'));
// cleanup
$this->rootView->unlink('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder);
@ -439,8 +409,8 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase {
// set user password for the first time
\OCA\Encryption\Hooks::postCreateUser(array('uid' => 'newUser', 'password' => 'newUserPassword'));
$this->assertTrue($view->file_exists('public-keys/newUser.public.key'));
$this->assertTrue($view->file_exists('newUser/files_encryption/newUser.private.key'));
$this->assertTrue($view->file_exists(\OCA\Encryption\Keymanager::getPublicKeyPath() . '/newUser.publicKey'));
$this->assertTrue($view->file_exists('newUser/files_encryption/newUser.privateKey'));
// check if we are able to decrypt the private key
$encryptedKey = \OCA\Encryption\Keymanager::getPrivateKey($view, 'newUser');

294
apps/files_encryption/tests/keymanager.php
View File

@ -28,17 +28,6 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase {
public static function setUpBeforeClass() {
parent::setUpBeforeClass();
// reset backend
\OC_User::clearBackends();
\OC_User::useBackend('database');
// Filesystem related hooks
\OCA\Encryption\Helper::registerFilesystemHooks();
// clear and register hooks
\OC_FileProxy::clearProxies();
\OC_FileProxy::register(new OCA\Encryption\Proxy());
// disable file proxy by default
\OC_FileProxy::$enabled = false;
@ -78,9 +67,7 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase {
}
function tearDown() {
$this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys');
$this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles');
$this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys');
parent::tearDown();
}
@ -94,14 +81,6 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase {
OC_App::enable('files_trashbin');
}
\OC_Hook::clear();
\OC_FileProxy::clearProxies();
// Delete keys in /data/
$view = new \OC\Files\View('/');
$view->rmdir('public-keys');
$view->rmdir('owncloud_private_key');
parent::tearDownAfterClass();
}
@ -140,27 +119,6 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase {
$this->assertArrayHasKey('key', $sslInfo);
}
function fileNameFromShareKeyProvider() {
return array(
array('file.user.shareKey', 'user', 'file'),
array('file.name.with.dots.user.shareKey', 'user', 'file.name.with.dots'),
array('file.name.user.with.dots.shareKey', 'user.with.dots', 'file.name'),
array('file.txt', 'user', false),
array('user.shareKey', 'user', false),
);
}
/**
* @small
*
* @dataProvider fileNameFromShareKeyProvider
*/
function testGetFilenameFromShareKey($fileName, $user, $expectedFileName) {
$this->assertEquals($expectedFileName,
\TestProtectedKeymanagerMethods::testGetFilenameFromShareKey($fileName, $user)
);
}
/**
* @medium
*/
@ -180,7 +138,7 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase {
Encryption\Keymanager::setFileKey($this->view, $util, $file, $key);
$this->assertTrue($this->view->file_exists('/' . $this->userId . '/files_encryption/keyfiles/' . $file . '.key'));
$this->assertTrue($this->view->file_exists('/' . $this->userId . '/files_encryption/keys/' . $file . '/fileKey'));
// cleanup
$this->view->unlink('/' . $this->userId . '/files/' . $file);
@ -198,7 +156,7 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase {
Encryption\Keymanager::setPrivateKey($key, 'dummyUser');
$this->assertTrue($this->view->file_exists('/dummyUser/files_encryption/dummyUser.private.key'));
$this->assertTrue($this->view->file_exists('/dummyUser/files_encryption/dummyUser.privateKey'));
//clean up
$this->view->deleteAll('/dummyUser');
@ -210,14 +168,19 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase {
function testSetPrivateSystemKey() {
$key = "dummy key";
$keyName = "myDummyKey.private.key";
$keyName = "myDummyKey";
$encHeader = Encryption\Crypt::generateHeader();
Encryption\Keymanager::setPrivateSystemKey($key, $keyName);
$this->assertTrue($this->view->file_exists('/owncloud_private_key/' . $keyName));
$this->assertTrue($this->view->file_exists('/files_encryption/' . $keyName . '.privateKey'));
$result = Encryption\Keymanager::getPrivateSystemKey($keyName);
$this->assertSame($encHeader . $key, $result);
// clean up
$this->view->unlink('/owncloud_private_key/' . $keyName);
$this->view->unlink('/files_encryption/' . $keyName.'.privateKey');
}
@ -256,70 +219,78 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase {
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1/existingFile.txt', 'data');
// create folder structure for some dummy share key files
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1');
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder');
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder');
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1');
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/existingFile.txt');
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1');
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file2');
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder');
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/file2');
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/subsubfolder');
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/subsubfolder/file1');
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/subsubfolder/file2');
// create some dummy share keys
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user1.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.user1.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.user1.test.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.test-keymanager-userxdot.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.userx.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.' . Test_Encryption_Keymanager::TEST_USER . '.userx.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.user1.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.' . Test_Encryption_Keymanager::TEST_USER . '.user1.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file2.user2.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file2.user3.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/file2.user3.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder/file1.user1.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder/file2.user2.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder/file2.user3.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/existingFile.txt/user1.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/existingFile.txt/' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/user1.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/user1.test.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/test-keymanager-userxdot.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/userx.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/' . Test_Encryption_Keymanager::TEST_USER . '.userx.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/user1.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/' . Test_Encryption_Keymanager::TEST_USER . '.user1.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file2/user2.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file2/user3.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/file2/user3.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/subsubfolder/file1/user1.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/subsubfolder/file2/user2.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/subsubfolder/file2/user3.shareKey', 'data');
// recursive delete share keys from user1 and user2
Encryption\Keymanager::delShareKey($this->view, array('user1', 'user2', Test_Encryption_Keymanager::TEST_USER), '/folder1/', Test_Encryption_Keymanager::TEST_USER);
Encryption\Keymanager::delShareKey($this->view,
array('user1', 'user2', Test_Encryption_Keymanager::TEST_USER),
Encryption\Keymanager::getKeyPath($this->view, new Encryption\Util($this->view, Test_Encryption_Keymanager::TEST_USER), '/folder1'),
Test_Encryption_Keymanager::TEST_USER,
'/folder1');
// check if share keys from user1 and user2 are deleted
$this->assertFalse($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.user1.shareKey'));
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/existingFile.txt/user1.shareKey'));
$this->assertFalse($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.user1.shareKey'));
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1/user1.shareKey'));
$this->assertFalse($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file2.user2.shareKey'));
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file2/user2.shareKey'));
$this->assertFalse($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder/file1.user1.shareKey'));
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder/file1/user1.shareKey'));
$this->assertFalse($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder/file2.user2.shareKey'));
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder/file2/user2.shareKey'));
// check if share keys from user3 still exists
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file2.user3.shareKey'));
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file2/user3.shareKey'));
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder/file2.user3.shareKey'));
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/subsubfolder/file2/user3.shareKey'));
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/file2.user3.shareKey'));
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/file2/user3.shareKey'));
// check if share keys for user or file with similar name
// check if share keys for user or file with similar name
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.user1.test.shareKey'));
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/user1.test.shareKey'));
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.test-keymanager-userxdot.shareKey'));
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/test-keymanager-userxdot.shareKey'));
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.' . Test_Encryption_Keymanager::TEST_USER . '.userx.shareKey'));
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/' . Test_Encryption_Keymanager::TEST_USER . '.userx.shareKey'));
// FIXME: this case currently cannot be distinguished, needs further fixing
/*
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.userx.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey'));
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/userx.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey'));
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.user1.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey'));
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/user1.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey'));
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.' . Test_Encryption_Keymanager::TEST_USER . '.user1.shareKey'));
*/
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/' . Test_Encryption_Keymanager::TEST_USER . '.user1.shareKey'));
// owner key from existing file should still exists because the file is still there
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey'));
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/existingFile.txt/' . Test_Encryption_Keymanager::TEST_USER . '.shareKey'));
// cleanup
$this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
@ -344,7 +315,12 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase {
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data');
// recursive delete share keys from user1 and user2
Encryption\Keymanager::delShareKey($this->view, array('user1', 'user2', Test_Encryption_Keymanager::TEST_USER), '/folder1/existingFile.txt', Test_Encryption_Keymanager::TEST_USER);
Encryption\Keymanager::delShareKey($this->view,
array('user1', 'user2', Test_Encryption_Keymanager::TEST_USER),
Encryption\Keymanager::getKeyPath($this->view, new Encryption\Util($this->view, Test_Encryption_Keymanager::TEST_USER), '/folder1/existingFile.txt'),
Test_Encryption_Keymanager::TEST_USER,
'/folder1/existingFile.txt');
// check if share keys from user1 and user2 are deleted
$this->assertFalse($this->view->file_exists(
@ -362,147 +338,16 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase {
}
/**
* @medium
*/
function testDeleteFileKey() {
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1/existingFile.txt', 'data');
// create folder structure for some dummy file key files
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1');
// create dummy keyfile
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/dummyFile.txt.key', 'data');
// recursive delete share keys from user1 and user2
$result = Encryption\Keymanager::deleteFileKey($this->view, '/folder1/existingFile.txt');
$this->assertFalse($result);
$result2 = Encryption\Keymanager::deleteFileKey($this->view, '/folder1/dummyFile.txt');
$this->assertTrue($result2);
// check if file key from dummyFile was deleted
$this->assertFalse($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/dummyFile.txt.key'));
// check if file key from existing file still exists
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/existingFile.txt.key'));
// cleanup
$this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
}
/**
* @medium
*/
function testDeleteFileKeyFolder() {
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1/existingFile.txt', 'data');
// create folder structure for some dummy file key files
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1');
// create dummy keyfile
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/dummyFile.txt.key', 'data');
// recursive delete share keys from user1 and user2
$result = Encryption\Keymanager::deleteFileKey($this->view, '/folder1');
$this->assertFalse($result);
// all file keys should still exists if we try to delete a folder with keys for which some files still exists
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/dummyFile.txt.key'));
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/existingFile.txt.key'));
// delete folder
$this->view->unlink('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
// create dummy keyfile
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/dummyFile.txt.key', 'data');
// now file keys should be deleted since the folder no longer exists
$result = Encryption\Keymanager::deleteFileKey($this->view, '/folder1');
$this->assertTrue($result);
$this->assertFalse($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1'));
// cleanup
$this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
}
function testDelAllShareKeysFile() {
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1/existingFile.txt', 'data');
// create folder structure for some dummy share key files
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1');
// create some dummy share keys for the existing file
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user1.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user2.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user3.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data');
// create some dummy share keys for a non-existing file
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user1.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user2.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user3.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data');
// try to del all share keys from a existing file, should fail because the file still exists
$result = Encryption\Keymanager::delAllShareKeys($this->view, Test_Encryption_Keymanager::TEST_USER, 'folder1/existingFile.txt');
$this->assertFalse($result);
// check if share keys still exists
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey'));
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user1.shareKey'));
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user2.shareKey'));
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user3.shareKey'));
// try to del all share keys from file, should succeed because the does not exist any more
$result2 = Encryption\Keymanager::delAllShareKeys($this->view, Test_Encryption_Keymanager::TEST_USER, 'folder1/nonexistingFile.txt');
$this->assertTrue($result2);
// check if share keys are really gone
$this->assertFalse($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey'));
// check that it only deleted keys or users who had access, others remain
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user1.shareKey'));
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user2.shareKey'));
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user3.shareKey'));
// cleanup
$this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
}
function testKeySetPreperation() {
$basePath = '/'.Test_Encryption_Keymanager::TEST_USER.'/files';
$path = '/folder1/subfolder/subsubfolder/file.txt';
$this->assertFalse($this->view->is_dir($basePath . '/testKeySetPreperation'));
$result = TestProtectedKeymanagerMethods::testKeySetPreperation($this->view, $path, $basePath);
// return path without leading slash
$this->assertSame('folder1/subfolder/subsubfolder/file.txt', $result);
TestProtectedKeymanagerMethods::testKeySetPreperation($this->view, $basePath . $path);
// check if directory structure was created
$this->assertTrue($this->view->is_dir($basePath . '/folder1/subfolder/subsubfolder'));
$this->assertTrue($this->view->is_dir($basePath . $path));
// cleanup
$this->view->deleteAll($basePath . '/folder1');
@ -515,19 +360,12 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase {
*/
class TestProtectedKeymanagerMethods extends \OCA\Encryption\Keymanager {
/**
* @param string $sharekey
*/
public static function testGetFilenameFromShareKey($sharekey, $user) {
return self::getFilenameFromShareKey($sharekey, $user);
}
/**
* @param \OC\Files\View $view relative to data/
* @param string $path
* @param string $basePath
*/
public static function testKeySetPreperation($view, $path, $basePath) {
return self::keySetPreparation($view, $path, $basePath);
public static function testKeySetPreperation($view, $path) {
return self::keySetPreparation($view, $path);
}
}

263
apps/files_encryption/tests/migration.php
View File

@ -2,8 +2,9 @@
/**
* ownCloud
*
* @author Thomas Müller
* @copyright 2014 Thomas Müller deepdiver@owncloud.com
* @copyright (C) 2014 ownCloud, Inc.
*
* @author Bjoern Schiessle <schiessle@owncloud.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
@ -23,7 +24,29 @@
use OCA\Encryption;
use OCA\Files_Encryption\Migration;
class Test_Migration extends \Test\TestCase {
class Test_Migration extends \OCA\Files_Encryption\Tests\TestCase {
const TEST_ENCRYPTION_MIGRATION_USER1='test_encryption_user1';
const TEST_ENCRYPTION_MIGRATION_USER2='test_encryption_user2';
const TEST_ENCRYPTION_MIGRATION_USER3='test_encryption_user3';
private $view;
private $public_share_key_id;
private $recovery_key_id;
public static function setUpBeforeClass() {
parent::setUpBeforeClass();
self::loginHelper(self::TEST_ENCRYPTION_MIGRATION_USER1, true);
self::loginHelper(self::TEST_ENCRYPTION_MIGRATION_USER2, true);
self::loginHelper(self::TEST_ENCRYPTION_MIGRATION_USER3, true);
}
public static function tearDownAfterClass() {
\OC_User::deleteUser(self::TEST_ENCRYPTION_MIGRATION_USER1);
\OC_User::deleteUser(self::TEST_ENCRYPTION_MIGRATION_USER2);
\OC_User::deleteUser(self::TEST_ENCRYPTION_MIGRATION_USER3);
parent::tearDownAfterClass();
}
protected function tearDown() {
if (OC_DB::tableExists('encryption_test')) {
@ -34,26 +57,17 @@ class Test_Migration extends \Test\TestCase {
parent::tearDown();
}
protected function setUp() {
parent::setUp();
public function setUp() {
$this->loginHelper(self::TEST_ENCRYPTION_MIGRATION_USER1);
$this->view = new \OC\Files\View();
$this->public_share_key_id = Encryption\Helper::getPublicShareKeyId();
$this->recovery_key_id = Encryption\Helper::getRecoveryKeyId();
if (OC_DB::tableExists('encryption_test')) {
OC_DB::dropTable('encryption_test');
}
$this->assertTableNotExist('encryption_test');
}
public function testEncryptionTableDoesNotExist() {
$this->assertTableNotExist('encryption_test');
$migration = new Migration('encryption_test');
$migration->dropTableEncryption();
$this->assertTableNotExist('encryption_test');
}
public function checkLastIndexId() {
$query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` ('
.' `item_type`, `item_source`, `item_target`, `share_type`,'
@ -91,78 +105,6 @@ class Test_Migration extends \Test\TestCase {
$this->checkLastIndexId();
}
public function testDataMigration() {
// TODO travis
if (getenv('TRAVIS')) {
$this->markTestSkipped('Fails on travis');
}
$this->assertTableNotExist('encryption_test');
// create test table
OC_DB::createDbFromStructure(__DIR__ . '/encryption_table.xml');
$this->assertTableExist('encryption_test');
OC_DB::executeAudited('INSERT INTO `*PREFIX*encryption_test` values(?, ?, ?, ?)',
array('user1', 'server-side', 1, 1));
// preform migration
$migration = new Migration('encryption_test');
$migration->dropTableEncryption();
// assert
$this->assertTableNotExist('encryption_test');
$rec = \OC_Preferences::getValue('user1', 'files_encryption', 'recovery_enabled');
$mig = \OC_Preferences::getValue('user1', 'files_encryption', 'migration_status');
$this->assertEquals(1, $rec);
$this->assertEquals(1, $mig);
}
public function testDuplicateDataMigration() {
// TODO travis
if (getenv('TRAVIS')) {
$this->markTestSkipped('Fails on travis');
}
// create test table
OC_DB::createDbFromStructure(__DIR__ . '/encryption_table.xml');
// in case of duplicate entries we want to preserve 0 on migration status and 1 on recovery
$data = array(
array('user1', 'server-side', 1, 1),
array('user1', 'server-side', 1, 0),
array('user1', 'server-side', 0, 1),
array('user1', 'server-side', 0, 0),
);
foreach ($data as $d) {
OC_DB::executeAudited(
'INSERT INTO `*PREFIX*encryption_test` values(?, ?, ?, ?)',
$d);
}
// preform migration
$migration = new Migration('encryption_test');
$migration->dropTableEncryption();
// assert
$this->assertTableNotExist('encryption_test');
$rec = \OC_Preferences::getValue('user1', 'files_encryption', 'recovery_enabled');
$mig = \OC_Preferences::getValue('user1', 'files_encryption', 'migration_status');
$this->assertEquals(1, $rec);
$this->assertEquals(0, $mig);
}
/**
* @param string $table
*/
public function assertTableExist($table) {
$this->assertTrue(OC_DB::tableExists($table), 'Table ' . $table . ' does not exist');
}
/**
* @param string $table
*/
@ -176,4 +118,147 @@ class Test_Migration extends \Test\TestCase {
}
}
protected function createDummyShareKeys($uid) {
$this->view->mkdir($uid . '/files_encryption/share-keys/folder1/folder2/folder3');
$this->view->mkdir($uid . '/files_encryption/share-keys/folder2/');
$this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/folder3/file3.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data');
$this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/folder3/file3.' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey' , 'data');
$this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/folder3/file3.' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey' , 'data');
$this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/file2.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data');
$this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/file2.' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey' , 'data');
$this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/file2.' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey' , 'data');
$this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/file.1.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data');
$this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/file.1.' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey' , 'data');
$this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/file.1.' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey' , 'data');
$this->view->file_put_contents($uid . '/files_encryption/share-keys/folder2/file.2.1.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data');
$this->view->file_put_contents($uid . '/files_encryption/share-keys/folder2/file.2.1.' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey' , 'data');
$this->view->file_put_contents($uid . '/files_encryption/share-keys/folder2/file.2.1.' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey' , 'data');
if ($this->public_share_key_id) {
$this->view->file_put_contents($uid . '/files_encryption/share-keys/folder2/file.2.1.' . $this->public_share_key_id . '.shareKey' , 'data');
}
if ($this->recovery_key_id) {
$this->view->file_put_contents($uid . '/files_encryption/share-keys/folder2/file.2.1.' . $this->recovery_key_id . '.shareKey' , 'data');
}
}
protected function createDummyFileKeys($uid) {
$this->view->mkdir($uid . '/files_encryption/keyfiles/folder1/folder2/folder3');
$this->view->mkdir($uid . '/files_encryption/keyfiles/folder2/');
$this->view->file_put_contents($uid . '/files_encryption/keyfiles/folder1/folder2/folder3/file3.key' , 'data');
$this->view->file_put_contents($uid . '/files_encryption/keyfiles/folder1/folder2/file2.key' , 'data');
$this->view->file_put_contents($uid . '/files_encryption/keyfiles/folder1/file.1.key' , 'data');
$this->view->file_put_contents($uid . '/files_encryption/keyfiles/folder2/file.2.1.key' , 'data');
}
protected function createDummyFilesInTrash($uid) {
$this->view->mkdir($uid . '/files_trashbin/share-keys');
$this->view->mkdir($uid . '/files_trashbin/share-keys/folder1.d7437648723');
$this->view->file_put_contents($uid . '/files_trashbin/share-keys/file1.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey.d5457864' , 'data');
$this->view->file_put_contents($uid . '/files_trashbin/share-keys/file1.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey.d5457864' , 'data');
$this->view->file_put_contents($uid . '/files_trashbin/share-keys/folder1.d7437648723/file2.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data');
$this->view->mkdir($uid . '/files_trashbin/keyfiles');
$this->view->mkdir($uid . '/files_trashbin/keyfiles/folder1.d7437648723');
$this->view->file_put_contents($uid . '/files_trashbin/keyfiles/file1.key.d5457864' , 'data');
$this->view->file_put_contents($uid . '/files_trashbin/keyfiles/folder1.d7437648723/file2.key' , 'data');
}
protected function createDummySystemWideKeys() {
$this->view->mkdir('owncloud_private_key');
$this->view->file_put_contents('owncloud_private_key/systemwide_1.private.key', 'data');
$this->view->file_put_contents('owncloud_private_key/systemwide_2.private.key', 'data');
}
public function testMigrateToNewFolderStructure() {
// go back to the state before migration
$this->view->rename('/files_encryption/public_keys', '/public-keys');
$this->view->rename('/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.publicKey', '/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.public.key');
$this->view->rename('/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.publicKey', '/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.public.key');
$this->view->rename('/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.publicKey', '/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.public.key');
$this->view->deleteAll(self::TEST_ENCRYPTION_MIGRATION_USER1 . '/files_encryption/keys');
$this->view->deleteAll(self::TEST_ENCRYPTION_MIGRATION_USER2 . '/files_encryption/keys');
$this->view->deleteAll(self::TEST_ENCRYPTION_MIGRATION_USER3 . '/files_encryption/keys');
$this->view->rename(self::TEST_ENCRYPTION_MIGRATION_USER1 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.privateKey',
self::TEST_ENCRYPTION_MIGRATION_USER1 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.private.key');
$this->view->rename(self::TEST_ENCRYPTION_MIGRATION_USER2 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.privateKey',
self::TEST_ENCRYPTION_MIGRATION_USER2 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.private.key');
$this->view->rename(self::TEST_ENCRYPTION_MIGRATION_USER3 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.privateKey',
self::TEST_ENCRYPTION_MIGRATION_USER3 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.private.key');
$this->createDummyShareKeys(self::TEST_ENCRYPTION_MIGRATION_USER1);
$this->createDummyShareKeys(self::TEST_ENCRYPTION_MIGRATION_USER2);
$this->createDummyShareKeys(self::TEST_ENCRYPTION_MIGRATION_USER3);
$this->createDummyFileKeys(self::TEST_ENCRYPTION_MIGRATION_USER1);
$this->createDummyFileKeys(self::TEST_ENCRYPTION_MIGRATION_USER2);
$this->createDummyFileKeys(self::TEST_ENCRYPTION_MIGRATION_USER3);
$this->createDummyFilesInTrash(self::TEST_ENCRYPTION_MIGRATION_USER2);
// no user for system wide mount points
$this->createDummyFileKeys('');
$this->createDummyShareKeys('');
$this->createDummySystemWideKeys();
$m = new \OCA\Files_Encryption\Migration();
$m->reorganizeFolderStructure();
// TODO Verify that all files at the right place
$this->assertTrue($this->view->file_exists('/files_encryption/public_keys/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.publicKey'));
$this->assertTrue($this->view->file_exists('/files_encryption/public_keys/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.publicKey'));
$this->assertTrue($this->view->file_exists('/files_encryption/public_keys/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.publicKey'));
$this->verifyNewKeyPath(self::TEST_ENCRYPTION_MIGRATION_USER1);
$this->verifyNewKeyPath(self::TEST_ENCRYPTION_MIGRATION_USER2);
$this->verifyNewKeyPath(self::TEST_ENCRYPTION_MIGRATION_USER3);
// system wide keys
$this->verifyNewKeyPath('');
// trash
$this->verifyFilesInTrash(self::TEST_ENCRYPTION_MIGRATION_USER2);
}
protected function verifyFilesInTrash($uid) {
// share keys
$this->view->file_exists($uid . '/files_trashbin/keys/file1.d5457864/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey.d5457864' , 'data');
$this->view->file_exists($uid . '/files_trashbin/keys/file1.d5457864/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey.d5457864' , 'data');
$this->view->file_exists($uid . '/files_trashbin/keys/folder1.d7437648723/file2/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data');
// file keys
$this->view->file_exists($uid . '/files_trashbin/keys/file1.d5457864/fileKey.d5457864' , 'data');
$this->view->file_exists($uid . '/files_trashbin/keyfiles/file1.d5457864/fileKey.d5457864' , 'data');
$this->view->file_exists($uid . '/files_trashbin/keyfiles/folder1.d7437648723/file2/fileKey' , 'data');
}
protected function verifyNewKeyPath($uid) {
// private key
if ($uid !== '') {
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/' . $uid . '.privateKey'));
}
// file keys
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/folder3/file3/fileKey'));
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/file2/fileKey'));
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/file.1/fileKey'));
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/fileKey'));
// share keys
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/folder3/file3/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey'));
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/folder3/file3/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey'));
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/folder3/file3/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey'));
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/file2/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey'));
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/file2/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey'));
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/file2/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey'));
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/file.1/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey'));
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/file.1/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey'));
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/file.1/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey'));
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey'));
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey'));
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey'));
if ($this->public_share_key_id) {
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/' . $this->public_share_key_id . '.shareKey'));
}
if ($this->recovery_key_id) {
$this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/' . $this->recovery_key_id . '.shareKey'));
}
}
}

22
apps/files_encryption/tests/proxy.php
View File

@ -44,20 +44,6 @@ class Test_Encryption_Proxy extends \OCA\Files_Encryption\Tests\TestCase {
public static function setUpBeforeClass() {
parent::setUpBeforeClass();
// reset backend
\OC_User::clearBackends();
\OC_User::useBackend('database');
\OC_Hook::clear('OC_Filesystem');
\OC_Hook::clear('OC_User');
// Filesystem related hooks
\OCA\Encryption\Helper::registerFilesystemHooks();
// clear and register hooks
\OC_FileProxy::clearProxies();
\OC_FileProxy::register(new OCA\Encryption\Proxy());
// create test user
self::loginHelper(\Test_Encryption_Proxy::TEST_ENCRYPTION_PROXY_USER1, true);
}
@ -85,14 +71,6 @@ class Test_Encryption_Proxy extends \OCA\Files_Encryption\Tests\TestCase {
// cleanup test user
\OC_User::deleteUser(\Test_Encryption_Proxy::TEST_ENCRYPTION_PROXY_USER1);
\OC_Hook::clear();
\OC_FileProxy::clearProxies();
// Delete keys in /data/
$view = new \OC\Files\View('/');
$view->rmdir('public-keys');
$view->rmdir('owncloud_private_key');
parent::tearDownAfterClass();
}

231
apps/files_encryption/tests/share.php
View File

@ -47,30 +47,15 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
public static function setUpBeforeClass() {
parent::setUpBeforeClass();
// reset backend
\OC_User::clearBackends();
\OC_User::useBackend('database');
// enable resharing
\OC::$server->getAppConfig()->setValue('core', 'shareapi_allow_resharing', 'yes');
// clear share hooks
\OC_Hook::clear('OCP\\Share');
// register share hooks
\OC::registerShareHooks();
\OCA\Files_Sharing\Helper::registerHooks();
// Sharing related hooks
\OCA\Encryption\Helper::registerShareHooks();
// Filesystem related hooks
\OCA\Encryption\Helper::registerFilesystemHooks();
// clear and register hooks
\OC_FileProxy::clearProxies();
\OC_FileProxy::register(new OCA\Files\Share\Proxy());
\OC_FileProxy::register(new OCA\Encryption\Proxy());
// create users
self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1, true);
@ -127,14 +112,6 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
\OC_User::deleteUser(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3);
\OC_User::deleteUser(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4);
\OC_Hook::clear();
\OC_FileProxy::clearProxies();
// Delete keys in /data/
$view = new \OC\Files\View('/');
$view->rmdir('public-keys');
$view->rmdir('owncloud_private_key');
parent::tearDownAfterClass();
}
@ -178,8 +155,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key for user1 exists
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
// login as user1
self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2);
@ -202,8 +179,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
// cleanup
$this->view->chroot('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/');
@ -212,8 +189,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
}
}
@ -239,8 +216,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key for user2 exists
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
// login as user2
self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3);
@ -266,16 +243,16 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
// unshare the file with user1
\OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2);
// check if share key not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
// cleanup
$this->view->chroot('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/');
@ -284,8 +261,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
}
}
@ -335,9 +312,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key for user1 exists
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys' . $this->folder1
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' . $this->folder1
. $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
// login as user1
self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2);
@ -361,9 +338,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys'
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys'
. $this->folder1 . $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
// cleanup
$this->view->chroot('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files');
@ -372,9 +349,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys'
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys'
. $this->folder1 . $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
}
return $fileInfo;
@ -413,9 +390,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key for user3 exists
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys' . $this->folder1
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' . $this->folder1
. $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
// login as user3
self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3);
@ -444,9 +421,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key for user3 exists
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys' . $this->folder1
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' . $this->folder1
. $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey'));
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey'));
// login as user3
self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4);
@ -469,9 +446,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys'
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys'
. $this->folder1 . $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey'));
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey'));
// login as user1
self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2);
@ -481,9 +458,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys'
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys'
. $this->folder1 . $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
// login as admin
self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1);
@ -493,9 +470,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys'
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys'
. $this->folder1 . $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
// cleanup
$this->view->chroot('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files');
@ -504,9 +481,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys'
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys'
. $this->folder1 . $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
}
}
@ -548,8 +525,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key for public exists
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . $publicShareKeyId . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . $publicShareKeyId . '.shareKey'));
// some hacking to simulate public link
//$GLOBALS['app'] = 'files_sharing';
@ -572,8 +549,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . $publicShareKeyId . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . $publicShareKeyId . '.shareKey'));
// cleanup
$this->view->chroot('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/');
@ -582,8 +559,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
}
/**
@ -624,11 +601,11 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key for user2 and user3 exists
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey'));
// login as user1
self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3);
@ -648,11 +625,11 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey'));
// cleanup
$this->view->chroot('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/');
@ -661,8 +638,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
}
@ -708,19 +685,19 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key for admin and recovery exists
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . $recoveryKeyId . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . $recoveryKeyId . '.shareKey'));
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' . $this->folder1
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->folder1
. $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' . $this->folder1
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->folder1
. $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . $recoveryKeyId . '.shareKey'));
. $this->filename . '/' . $recoveryKeyId . '.shareKey'));
// disable recovery for admin
$this->assertTrue($util->setRecoveryForUser(0));
@ -730,12 +707,12 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key for recovery not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . $recoveryKeyId . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . $recoveryKeyId . '.shareKey'));
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' . $this->folder1
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->folder1
. $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . $recoveryKeyId . '.shareKey'));
. $this->filename . '/' . $recoveryKeyId . '.shareKey'));
// enable recovery for admin
$this->assertTrue($util->setRecoveryForUser(1));
@ -745,12 +722,12 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key for admin and recovery exists
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . $recoveryKeyId . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . $recoveryKeyId . '.shareKey'));
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' . $this->folder1
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->folder1
. $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . $recoveryKeyId . '.shareKey'));
. $this->filename . '/' . $recoveryKeyId . '.shareKey'));
// cleanup
$this->view->chroot('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/');
@ -760,12 +737,12 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key for recovery not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . $recoveryKeyId . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . $recoveryKeyId . '.shareKey'));
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' . $this->folder1
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->folder1
. $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . $recoveryKeyId . '.shareKey'));
. $this->filename . '/' . $recoveryKeyId . '.shareKey'));
$this->assertTrue(\OCA\Encryption\Helper::adminEnableRecovery(null, 'test123'));
$this->assertTrue(\OCA\Encryption\Helper::adminDisableRecovery('test123'));
@ -815,19 +792,19 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key for user and recovery exists
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/share-keys/'
. $this->filename . '.' . $recoveryKeyId . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/'
. $this->filename . '/' . $recoveryKeyId . '.shareKey'));
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/share-keys/' . $this->folder1
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' . $this->folder1
. $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/share-keys/' . $this->folder1
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' . $this->folder1
. $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . $recoveryKeyId . '.shareKey'));
. $this->filename . '/' . $recoveryKeyId . '.shareKey'));
// login as admin
self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1);
@ -859,19 +836,19 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key for user and recovery exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/share-keys/'
. $this->filename . '.' . $recoveryKeyId . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/'
. $this->filename . '/' . $recoveryKeyId . '.shareKey'));
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/share-keys/' . $this->folder1
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' . $this->folder1
. $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/share-keys/' . $this->folder1
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' . $this->folder1
. $this->subfolder . $this->subsubfolder . '/'
. $this->filename . '.' . $recoveryKeyId . '.shareKey'));
. $this->filename . '/' . $recoveryKeyId . '.shareKey'));
// enable recovery for admin
$this->assertTrue($util->setRecoveryForUser(0));
@ -915,8 +892,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
$this->assertGreaterThan(0, $fileInfo['unencrypted_size']);
// break users public key
$this->view->rename('/public-keys/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.public.key',
'/public-keys/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.public.key_backup');
$this->view->rename(\OCA\Encryption\Keymanager::getPublicKeyPath() . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.publicKey',
\OCA\Encryption\Keymanager::getPublicKeyPath() . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.publicKey_backup');
// re-enable the file proxy
\OC_FileProxy::$enabled = $proxyStatus;
@ -934,8 +911,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key for user1 not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
// disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
@ -943,12 +920,12 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// break user1 public key
$this->view->rename(
'/public-keys/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.public.key_backup',
'/public-keys/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.public.key');
\OCA\Encryption\Keymanager::getPublicKeyPath() . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.publicKey_backup',
\OCA\Encryption\Keymanager::getPublicKeyPath() . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.publicKey');
// remove share file
$this->view->unlink('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3
$this->view->unlink('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3
. '.shareKey');
// re-enable the file proxy
@ -959,8 +936,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key not exists
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'));
// cleanup
$this->view->chroot('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/');
@ -995,8 +972,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
// check if share key for user2 exists
$this->assertTrue($this->view->file_exists(
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/'
. $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
'/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/'
. $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
// login as user2
@ -1068,10 +1045,10 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
$this->assertEquals($this->dataShort, $newDecrypt);
// check if additional share key for user2 exists
$this->assertTrue($view->file_exists('files_encryption/share-keys' . $newFolder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
$this->assertTrue($view->file_exists('files_encryption/keys' . $newFolder . '/' . $filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
// check that old keys were removed/moved properly
$this->assertFalse($view->file_exists('files_encryption/share-keys' . $folder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
$this->assertFalse($view->file_exists('files_encryption/keys' . $folder . '/' . $filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
// tear down
\OC\Files\Filesystem::unlink($newFolder);
@ -1120,8 +1097,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
\OCP\Share::shareItem('folder', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2, \OCP\Constants::PERMISSION_ALL);
// check that the share keys exist
$this->assertTrue($view->file_exists('files_encryption/share-keys' . $folder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
$this->assertTrue($view->file_exists('files_encryption/share-keys' . $folder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
$this->assertTrue($view->file_exists('files_encryption/keys' . $folder . '/' . $filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
$this->assertTrue($view->file_exists('files_encryption/keys' . $folder . '/' . $filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
// move the file into the subfolder as the test user
self::loginHelper($userId);
@ -1133,12 +1110,12 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase {
$this->assertEquals($this->dataShort, $newDecrypt);
// check if additional share key for user2 exists
$this->assertTrue($view->file_exists('files_encryption/share-keys' . $subFolder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
$this->assertTrue($view->file_exists('files_encryption/share-keys' . $subFolder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
$this->assertTrue($view->file_exists('files_encryption/keys' . $subFolder . '/' . $filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
$this->assertTrue($view->file_exists('files_encryption/keys' . $subFolder . '/' . $filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
// check that old keys were removed/moved properly
$this->assertFalse($view->file_exists('files_encryption/share-keys' . $folder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
$this->assertFalse($view->file_exists('files_encryption/share-keys' . $folder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
$this->assertFalse($view->file_exists('files_encryption/keys' . $folder . '/' . $filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey'));
$this->assertFalse($view->file_exists('files_encryption/keys' . $folder . '/' . $filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey'));
// tear down
\OC\Files\Filesystem::unlink($subFolder);

19
apps/files_encryption/tests/stream.php
View File

@ -42,17 +42,6 @@ class Test_Encryption_Stream extends \OCA\Files_Encryption\Tests\TestCase {
public static function setUpBeforeClass() {
parent::setUpBeforeClass();
// reset backend
\OC_User::clearBackends();
\OC_User::useBackend('database');
// Filesystem related hooks
\OCA\Encryption\Helper::registerFilesystemHooks();
// clear and register hooks
\OC_FileProxy::clearProxies();
\OC_FileProxy::register(new OCA\Encryption\Proxy());
// create test user
self::loginHelper(\Test_Encryption_Stream::TEST_ENCRYPTION_STREAM_USER1, true);
}
@ -94,14 +83,6 @@ class Test_Encryption_Stream extends \OCA\Files_Encryption\Tests\TestCase {
// cleanup test user
\OC_User::deleteUser(\Test_Encryption_Stream::TEST_ENCRYPTION_STREAM_USER1);
\OC_Hook::clear();
\OC_FileProxy::clearProxies();
// Delete keys in /data/
$view = new \OC\Files\View('/');
$view->rmdir('public-keys');
$view->rmdir('owncloud_private_key');
parent::tearDownAfterClass();
}

31
apps/files_encryption/tests/testcase.php
View File

@ -14,6 +14,7 @@ use OCA\Encryption;
* Class Test_Encryption_TestCase
*/
abstract class TestCase extends \Test\TestCase {
/**
* @param string $user
* @param bool $create
@ -50,4 +51,34 @@ abstract class TestCase extends \Test\TestCase {
\OC_User::setUserId(false);
\OC\Files\Filesystem::tearDown();
}
public static function setUpBeforeClass() {
parent::setUpBeforeClass();
// reset backend
\OC_User::clearBackends();
\OC_User::useBackend('database');
\OCA\Encryption\Helper::registerFilesystemHooks();
\OCA\Encryption\Helper::registerUserHooks();
\OCA\Encryption\Helper::registerShareHooks();
\OC::registerShareHooks();
\OCP\Util::connectHook('OC_Filesystem', 'setup', '\OC\Files\Storage\Shared', 'setup');
// clear and register hooks
\OC_FileProxy::clearProxies();
\OC_FileProxy::register(new \OCA\Encryption\Proxy());
}
public static function tearDownAfterClass() {
\OC_Hook::clear();
\OC_FileProxy::clearProxies();
// Delete keys in /data/
$view = new \OC\Files\View('/');
$view->deleteAll('files_encryption');
parent::tearDownAfterClass();
}
}

113
apps/files_encryption/tests/trashbin.php
View File

@ -45,23 +45,9 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase {
public static function setUpBeforeClass() {
parent::setUpBeforeClass();
// reset backend
\OC_User::clearBackends();
\OC_User::useBackend('database');
\OC_Hook::clear('OC_Filesystem');
\OC_Hook::clear('OC_User');
// trashbin hooks
\OCA\Files_Trashbin\Trashbin::registerHooks();
// Filesystem related hooks
\OCA\Encryption\Helper::registerFilesystemHooks();
// clear and register hooks
\OC_FileProxy::clearProxies();
\OC_FileProxy::register(new OCA\Encryption\Proxy());
// create test user
self::loginHelper(self::TEST_ENCRYPTION_TRASHBIN_USER1, true);
}
@ -107,14 +93,6 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase {
// cleanup test user
\OC_User::deleteUser(self::TEST_ENCRYPTION_TRASHBIN_USER1);
\OC_Hook::clear();
\OC_FileProxy::clearProxies();
// Delete keys in /data/
$view = new \OC\Files\View('/');
$view->rmdir('public-keys');
$view->rmdir('owncloud_private_key');
parent::tearDownAfterClass();
}
@ -138,22 +116,20 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase {
// check if key for admin exists
$this->assertTrue($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/' . $filename
. '.key'));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/fileKey'));
$this->assertTrue($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/' . $filename2
. '.key'));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename2 . '/fileKey'));
// check if share key for admin exists
$this->assertTrue($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/'
. $filename . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/'
. $filename . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
$this->assertTrue($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/'
. $filename2 . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/'
. $filename2 . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
// delete first file
\OC\FIles\Filesystem::unlink($filename);
\OC\Files\Filesystem::unlink($filename);
// check if file not exists
$this->assertFalse($this->view->file_exists(
@ -161,13 +137,12 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase {
// check if key for admin not exists
$this->assertFalse($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/' . $filename
. '.key'));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/fileKey'));
// check if share key for admin not exists
$this->assertFalse($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/'
. $filename . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/'
. $filename . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
// check that second file still exists
$this->assertTrue($this->view->file_exists(
@ -175,13 +150,12 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase {
// check that key for second file still exists
$this->assertTrue($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/' . $filename2
. '.key'));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename2 . '/fileKey'));
// check that share key for second file still exists
$this->assertTrue($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/'
. $filename2 . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/'
. $filename2 . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
// get files
$trashFiles = $this->view->getDirectoryContent(
@ -199,15 +173,16 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase {
// check if we found the file we created
$this->assertNotNull($trashFileSuffix);
$this->assertTrue($this->view->is_dir('/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename . '.' . $trashFileSuffix));
// check if key for admin not exists
$this->assertTrue($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keyfiles/' . $filename
. '.key.' . $trashFileSuffix));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename . '.' . $trashFileSuffix . '/fileKey'));
// check if share key for admin not exists
$this->assertTrue($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/share-keys/' . $filename
. '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey.' . $trashFileSuffix));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename
. '.' . $trashFileSuffix . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
}
/**
@ -242,6 +217,13 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase {
// prepare file information
$timestamp = str_replace('d', '', $trashFileSuffix);
// before calling the restore operation the keys shouldn't be there
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/fileKey'));
$this->assertFalse($this->view->file_exists(
'/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/'
. $filename . '/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
// restore first file
$this->assertTrue(\OCA\Files_Trashbin\Trashbin::restore($filename . '.' . $trashFileSuffix, $filename, $timestamp));
@ -251,13 +233,12 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase {
// check if key for admin exists
$this->assertTrue($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/'
. $filename . '.key'));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/fileKey'));
// check if share key for admin exists
$this->assertTrue($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/'
. $filename . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/'
. $filename . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
// check that second file was NOT restored
$this->assertFalse($this->view->file_exists(
@ -265,13 +246,12 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase {
// check if key for admin exists
$this->assertFalse($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/'
. $filename2 . '.key'));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename2 . '/fileKey'));
// check if share key for admin exists
$this->assertFalse($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/'
. $filename2 . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/'
. $filename2 . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
}
/**
@ -291,13 +271,12 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase {
// check if key for admin exists
$this->assertTrue($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/' . $filename
. '.key'));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/fileKey'));
// check if share key for admin exists
$this->assertTrue($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/'
. $filename . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/'
. $filename . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
// delete file
\OC\Files\Filesystem::unlink($filename);
@ -308,13 +287,13 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase {
// check if key for admin not exists
$this->assertFalse($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/' . $filename
. '.key'));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/'
. $filename . '.key'));
// check if share key for admin not exists
$this->assertFalse($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/'
. $filename . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/'
. $filename . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
// find created file with timestamp
$query = \OC_DB::prepare('SELECT `timestamp`,`type` FROM `*PREFIX*files_trash`'
@ -328,13 +307,13 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase {
// check if key for admin exists
$this->assertTrue($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keyfiles/' . $filename
. '.key.' . $trashFileSuffix));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename
. '.' . $trashFileSuffix . '/fileKey'));
// check if share key for admin exists
$this->assertTrue($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/share-keys/' . $filename
. '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey.' . $trashFileSuffix));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/'
. $filename . '.' . $trashFileSuffix . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
// get timestamp from file
$timestamp = str_replace('d', '', $trashFileSuffix);
@ -349,13 +328,13 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase {
// check if key for admin not exists
$this->assertFalse($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keyfiles/' . $filename
. '.key.' . $trashFileSuffix));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename
. '.' . $trashFileSuffix . '/fileKey'));
// check if share key for admin not exists
$this->assertFalse($this->view->file_exists(
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/share-keys/' . $filename
. '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey.' . $trashFileSuffix));
'/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename
. '.' . $trashFileSuffix . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey'));
}
}

119
apps/files_encryption/tests/util.php
View File

@ -43,12 +43,6 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase {
public static function setUpBeforeClass() {
parent::setUpBeforeClass();
// reset backend
\OC_User::clearBackends();
\OC_User::useBackend('database');
self::setupHooks();
// create test user
self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1, true);
self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER2, true);
@ -85,13 +79,13 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase {
$this->genPublicKey = $keypair['publicKey'];
$this->genPrivateKey = $keypair['privateKey'];
$this->publicKeyDir = '/' . 'public-keys';
$this->publicKeyDir = \OCA\Encryption\Keymanager::getPublicKeyPath();
$this->encryptionDir = '/' . $this->userId . '/' . 'files_encryption';
$this->keyfilesPath = $this->encryptionDir . '/' . 'keyfiles';
$this->keysPath = $this->encryptionDir . '/' . 'keys';
$this->publicKeyPath =
$this->publicKeyDir . '/' . $this->userId . '.public.key'; // e.g. data/public-keys/admin.public.key
$this->publicKeyDir . '/' . $this->userId . '.publicKey'; // e.g. data/public-keys/admin.publicKey
$this->privateKeyPath =
$this->encryptionDir . '/' . $this->userId . '.private.key'; // e.g. data/admin/admin.private.key
$this->encryptionDir . '/' . $this->userId . '.privateKey'; // e.g. data/admin/admin.privateKey
$this->view = new \OC\Files\View('/');
@ -126,26 +120,9 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase {
\OC_Group::deleteGroup(self::TEST_ENCRYPTION_UTIL_GROUP1);
\OC_Group::deleteGroup(self::TEST_ENCRYPTION_UTIL_GROUP2);
\OC_Hook::clear();
\OC_FileProxy::clearProxies();
// Delete keys in /data/
$view = new \OC\Files\View('/');
$view->rmdir('public-keys');
$view->rmdir('owncloud_private_key');
parent::tearDownAfterClass();
}
public static function setupHooks() {
// Filesystem related hooks
\OCA\Encryption\Helper::registerFilesystemHooks();
// clear and register hooks
\OC_FileProxy::clearProxies();
\OC_FileProxy::register(new OCA\Encryption\Proxy());
}
/**
* @medium
* test that paths set during User construction are correct
@ -155,7 +132,7 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase {
$this->assertEquals($this->publicKeyDir, $util->getPath('publicKeyDir'));
$this->assertEquals($this->encryptionDir, $util->getPath('encryptionDir'));
$this->assertEquals($this->keyfilesPath, $util->getPath('keyfilesPath'));
$this->assertEquals($this->keysPath, $util->getPath('keysPath'));
$this->assertEquals($this->publicKeyPath, $util->getPath('publicKeyPath'));
$this->assertEquals($this->privateKeyPath, $util->getPath('privateKeyPath'));
@ -396,16 +373,18 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase {
// file should no longer be encrypted
$this->assertEquals(0, $fileInfoUnencrypted['encrypted']);
$backupPath = $this->getBackupPath('decryptAll');
// check if the keys where moved to the backup location
$this->assertTrue($this->view->is_dir($this->userId . '/files_encryption/keyfiles.backup'));
$this->assertTrue($this->view->file_exists($this->userId . '/files_encryption/keyfiles.backup/' . $filename . '.key'));
$this->assertTrue($this->view->is_dir($this->userId . '/files_encryption/share-keys.backup'));
$this->assertTrue($this->view->file_exists($this->userId . '/files_encryption/share-keys.backup/' . $filename . '.' . $user . '.shareKey'));
$this->assertTrue($this->view->is_dir($backupPath . '/keys'));
$this->assertTrue($this->view->file_exists($backupPath . '/keys/' . $filename . '/fileKey'));
$this->assertTrue($this->view->file_exists($backupPath . '/keys/' . $filename . '/' . $user . '.shareKey'));
$this->assertTrue($this->view->file_exists($backupPath . '/' . $user . '.privateKey'));
$this->assertTrue($this->view->file_exists($backupPath . '/' . $user . '.publicKey'));
// cleanup
$this->view->unlink($this->userId . '/files/' . $filename);
$this->view->deleteAll($this->userId . '/files_encryption/keyfiles.backup');
$this->view->deleteAll($this->userId . '/files_encryption/share-keys.backup');
$this->view->deleteAll($backupPath);
OC_App::enable('files_encryption');
}
@ -418,38 +397,28 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase {
// create some dummy key files
$encPath = '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '/files_encryption';
$this->view->file_put_contents($encPath . '/keyfiles/foo.key', 'key');
$this->view->file_put_contents($encPath . '/share-keys/foo.user1.shareKey', 'share key');
$this->view->mkdir($encPath . '/keys/foo');
$this->view->file_put_contents($encPath . '/keys/foo/fileKey', 'key');
$this->view->file_put_contents($encPath . '/keys/foo/user1.shareKey', 'share key');
$util = new \OCA\Encryption\Util($this->view, self::TEST_ENCRYPTION_UTIL_USER1);
$util->backupAllKeys('testing');
$util->backupAllKeys('testBackupAllKeys');
$encFolderContent = $this->view->getDirectoryContent($encPath);
$backupPath = '';
foreach ($encFolderContent as $c) {
$name = $c['name'];
if (substr($name, 0, strlen('backup')) === 'backup') {
$backupPath = $encPath . '/'. $c['name'];
break;
}
}
$this->assertTrue($backupPath !== '');
$backupPath = $this->getBackupPath('testBackupAllKeys');
// check backupDir Content
$this->assertTrue($this->view->is_dir($backupPath . '/keyfiles'));
$this->assertTrue($this->view->is_dir($backupPath . '/share-keys'));
$this->assertTrue($this->view->file_exists($backupPath . '/keyfiles/foo.key'));
$this->assertTrue($this->view->file_exists($backupPath . '/share-keys/foo.user1.shareKey'));
$this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.private.key'));
$this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.public.key'));
$this->assertTrue($this->view->is_dir($backupPath . '/keys'));
$this->assertTrue($this->view->is_dir($backupPath . '/keys/foo'));
$this->assertTrue($this->view->file_exists($backupPath . '/keys/foo/fileKey'));
$this->assertTrue($this->view->file_exists($backupPath . '/keys/foo/user1.shareKey'));
$this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.privateKey'));
$this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.publicKey'));
//cleanup
$this->view->deleteAll($backupPath);
$this->view->unlink($encPath . '/keyfiles/foo.key', 'key');
$this->view->unlink($encPath . '/share-keys/foo.user1.shareKey', 'share key');
$this->view->unlink($encPath . '/keys/foo/fileKey');
$this->view->unlink($encPath . '/keys/foo/user1.shareKey');
}
@ -473,8 +442,8 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase {
// rename keyfile for file1 so that the decryption for file1 fails
// Expected behaviour: decryptAll() returns false, file2 gets decrypted anyway
$this->view->rename($this->userId . '/files_encryption/keyfiles/' . $file1 . '.key',
$this->userId . '/files_encryption/keyfiles/' . $file1 . '.key.moved');
$this->view->rename($this->userId . '/files_encryption/keys/' . $file1 . '/fileKey',
$this->userId . '/files_encryption/keys/' . $file1 . '/fileKey.moved');
// decrypt all encrypted files
$result = $util->decryptAll();
@ -492,12 +461,13 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase {
$this->assertEquals(0, $fileInfoUnencrypted2['encrypted']);
// keyfiles and share keys should still exist
$this->assertTrue($this->view->is_dir($this->userId . '/files_encryption/keyfiles/'));
$this->assertTrue($this->view->is_dir($this->userId . '/files_encryption/share-keys/'));
$this->assertTrue($this->view->is_dir($this->userId . '/files_encryption/keys/'));
$this->assertTrue($this->view->file_exists($this->userId . '/files_encryption/keys/' . $file1 . '/fileKey.moved'));
$this->assertTrue($this->view->file_exists($this->userId . '/files_encryption/keys/' . $file1 . '/' . $this->userId . '.shareKey'));
// rename the keyfile for file1 back
$this->view->rename($this->userId . '/files_encryption/keyfiles/' . $file1 . '.key.moved',
$this->userId . '/files_encryption/keyfiles/' . $file1 . '.key');
$this->view->rename($this->userId . '/files_encryption/keys/' . $file1 . '/fileKey.moved',
$this->userId . '/files_encryption/keys/' . $file1 . '/fileKey');
// try again to decrypt all encrypted files
$result = $util->decryptAll();
@ -515,17 +485,32 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase {
$this->assertEquals(0, $fileInfoUnencrypted2['encrypted']);
// keyfiles and share keys should be deleted
$this->assertFalse($this->view->is_dir($this->userId . '/files_encryption/keyfiles/'));
$this->assertFalse($this->view->is_dir($this->userId . '/files_encryption/share-keys/'));
$this->assertFalse($this->view->is_dir($this->userId . '/files_encryption/keys/'));
//cleanup
$backupPath = $this->getBackupPath('decryptAll');
$this->view->unlink($this->userId . '/files/' . $file1);
$this->view->unlink($this->userId . '/files/' . $file2);
$this->view->deleteAll($this->userId . '/files_encryption/keyfiles.backup');
$this->view->deleteAll($this->userId . '/files_encryption/share-keys.backup');
$this->view->deleteAll($backupPath);
}
function getBackupPath($extension) {
$encPath = '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '/files_encryption';
$encFolderContent = $this->view->getDirectoryContent($encPath);
$backupPath = '';
foreach ($encFolderContent as $c) {
$name = $c['name'];
if (substr($name, 0, strlen('backup.' . $extension)) === 'backup.' . $extension) {
$backupPath = $encPath . '/'. $c['name'];
break;
}
}
return $backupPath;
}
/**
* @dataProvider dataProviderFortestIsMountPointApplicableToUser
*/

30
apps/files_encryption/tests/webdav.php
View File

@ -45,20 +45,6 @@ class Test_Encryption_Webdav extends \OCA\Files_Encryption\Tests\TestCase {
public static function setUpBeforeClass() {
parent::setUpBeforeClass();
// reset backend
\OC_User::clearBackends();
\OC_User::useBackend('database');
// Filesystem related hooks
\OCA\Encryption\Helper::registerFilesystemHooks();
// Filesystem related hooks
\OCA\Encryption\Helper::registerUserHooks();
// clear and register hooks
\OC_FileProxy::clearProxies();
\OC_FileProxy::register(new OCA\Encryption\Proxy());
// create test user
self::loginHelper(\Test_Encryption_Webdav::TEST_ENCRYPTION_WEBDAV_USER1, true);
@ -106,14 +92,6 @@ class Test_Encryption_Webdav extends \OCA\Files_Encryption\Tests\TestCase {
// cleanup test user
\OC_User::deleteUser(\Test_Encryption_Webdav::TEST_ENCRYPTION_WEBDAV_USER1);
\OC_Hook::clear();
\OC_FileProxy::clearProxies();
// Delete keys in /data/
$view = new \OC\Files\View('/');
$view->rmdir('public-keys');
$view->rmdir('owncloud_private_key');
parent::tearDownAfterClass();
}
@ -143,11 +121,11 @@ class Test_Encryption_Webdav extends \OCA\Files_Encryption\Tests\TestCase {
// check if key-file was created
$this->assertTrue($this->view->file_exists(
'/' . $this->userId . '/files_encryption/keyfiles/' . $filename . '.key'));
'/' . $this->userId . '/files_encryption/keys/' . $filename . '/fileKey'));
// check if shareKey-file was created
$this->assertTrue($this->view->file_exists(
'/' . $this->userId . '/files_encryption/share-keys/' . $filename . '.' . $this->userId . '.shareKey'));
'/' . $this->userId . '/files_encryption/keys/' . $filename . '/' . $this->userId . '.shareKey'));
// disable encryption proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
@ -217,11 +195,11 @@ class Test_Encryption_Webdav extends \OCA\Files_Encryption\Tests\TestCase {
// check if key-file was removed
$this->assertFalse($this->view->file_exists(
'/' . $this->userId . '/files_encryption/keyfiles' . $filename . '.key'));
'/' . $this->userId . '/files_encryption/keys/' . $filename . '/fileKey'));
// check if shareKey-file was removed
$this->assertFalse($this->view->file_exists(
'/' . $this->userId . '/files_encryption/share-keys' . $filename . '.' . $this->userId . '.shareKey'));
'/' . $this->userId . '/files_encryption/keys/' . $filename . '/' . $this->userId . '.shareKey'));
}
/**

181
apps/files_trashbin/lib/trashbin.php
View File

@ -92,11 +92,8 @@ class Trashbin {
if (!$view->is_dir('files_trashbin/versions')) {
$view->mkdir('files_trashbin/versions');
}
if (!$view->is_dir('files_trashbin/keyfiles')) {
$view->mkdir('files_trashbin/keyfiles');
}
if (!$view->is_dir('files_trashbin/share-keys')) {
$view->mkdir('files_trashbin/share-keys');
if (!$view->is_dir('files_trashbin/keys')) {
$view->mkdir('files_trashbin/keys');
}
}
@ -277,78 +274,23 @@ class Trashbin {
return 0;
}
$util = new \OCA\Encryption\Util(new \OC\Files\View('/'), $user);
$util = new \OCA\Encryption\Util($rootView, $user);
// disable proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
if ($util->isSystemWideMountPoint($ownerPath)) {
$baseDir = '/files_encryption/';
} else {
$baseDir = $owner . '/files_encryption/';
$baseDir = '/files_encryption/';
if (!$util->isSystemWideMountPoint($ownerPath)) {
$baseDir = $owner . $baseDir;
}
$keyfile = \OC\Files\Filesystem::normalizePath($baseDir . '/keyfiles/' . $ownerPath);
$keyfiles = \OC\Files\Filesystem::normalizePath($baseDir . '/keys/' . $ownerPath);
if ($rootView->is_dir($keyfile) || $rootView->file_exists($keyfile . '.key')) {
// move keyfiles
if ($rootView->is_dir($keyfile)) {
$size += self::calculateSize(new \OC\Files\View($keyfile));
if ($owner !== $user) {
self::copy_recursive($keyfile, $owner . '/files_trashbin/keyfiles/' . basename($ownerPath) . '.d' . $timestamp, $rootView);
}
$rootView->rename($keyfile, $user . '/files_trashbin/keyfiles/' . $filename . '.d' . $timestamp);
} else {
$size += $rootView->filesize($keyfile . '.key');
if ($owner !== $user) {
$rootView->copy($keyfile . '.key', $owner . '/files_trashbin/keyfiles/' . basename($ownerPath) . '.key.d' . $timestamp);
}
$rootView->rename($keyfile . '.key', $user . '/files_trashbin/keyfiles/' . $filename . '.key.d' . $timestamp);
}
}
// retain share keys
$sharekeys = \OC\Files\Filesystem::normalizePath($baseDir . '/share-keys/' . $ownerPath);
if ($rootView->is_dir($sharekeys)) {
$size += self::calculateSize(new \OC\Files\View($sharekeys));
if ($rootView->is_dir($keyfiles)) {
$size += self::calculateSize(new \OC\Files\View($keyfiles));
if ($owner !== $user) {
self::copy_recursive($sharekeys, $owner . '/files_trashbin/share-keys/' . basename($ownerPath) . '.d' . $timestamp, $rootView);
}
$rootView->rename($sharekeys, $user . '/files_trashbin/share-keys/' . $filename . '.d' . $timestamp);
} else {
// handle share-keys
$matches = \OCA\Encryption\Helper::findShareKeys($ownerPath, $sharekeys, $rootView);
foreach ($matches as $src) {
// get source file parts
$pathinfo = pathinfo($src);
// we only want to keep the users key so we can access the private key
$userShareKey = $filename . '.' . $user . '.shareKey';
// if we found the share-key for the owner, we need to move it to files_trashbin
if ($pathinfo['basename'] == $userShareKey) {
// calculate size
$size += $rootView->filesize($sharekeys . '.' . $user . '.shareKey');
// move file
$rootView->rename($sharekeys . '.' . $user . '.shareKey', $user . '/files_trashbin/share-keys/' . $userShareKey . '.d' . $timestamp);
} elseif ($owner !== $user) {
$ownerShareKey = basename($ownerPath) . '.' . $owner . '.shareKey';
if ($pathinfo['basename'] == $ownerShareKey) {
$rootView->rename($sharekeys . '.' . $owner . '.shareKey', $owner . '/files_trashbin/share-keys/' . $ownerShareKey . '.d' . $timestamp);
}
} else {
// don't keep other share-keys
unlink($src);
}
self::copy_recursive($keyfiles, $owner . '/files_trashbin/keys/' . basename($ownerPath) . '.d' . $timestamp, $rootView);
}
$rootView->rename($keyfiles, $user . '/files_trashbin/keys/' . $filename . '.d' . $timestamp);
}
// enable proxy
\OC_FileProxy::$enabled = $proxyStatus;
}
return $size;
}
@ -492,7 +434,7 @@ class Trashbin {
* @return bool
*/
private static function restoreEncryptionKeys(\OC\Files\View $view, $file, $filename, $uniqueFilename, $location, $timestamp) {
// Take care of encryption keys TODO! Get '.key' in file between file name and delete date (also for permanent delete!)
if (\OCP\App::isEnabled('files_encryption')) {
$user = \OCP\User::getUser();
$rootView = new \OC\Files\View('/');
@ -506,84 +448,31 @@ class Trashbin {
return false;
}
$util = new \OCA\Encryption\Util(new \OC\Files\View('/'), $user);
$util = new \OCA\Encryption\Util($rootView, $user);
if ($util->isSystemWideMountPoint($ownerPath)) {
$baseDir = '/files_encryption/';
} else {
$baseDir = $owner . '/files_encryption/';
$baseDir = '/files_encryption/';
if (!$util->isSystemWideMountPoint($ownerPath)) {
$baseDir = $owner . $baseDir;
}
$path_parts = pathinfo($file);
$source_location = $path_parts['dirname'];
$source_location = dirname($file);
if ($view->is_dir('/files_trashbin/keyfiles/' . $file)) {
if ($view->is_dir('/files_trashbin/keys/' . $file)) {
if ($source_location != '.') {
$keyfile = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/keyfiles/' . $source_location . '/' . $filename);
$sharekey = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/share-keys/' . $source_location . '/' . $filename);
$keyfile = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/keys/' . $source_location . '/' . $filename);
} else {
$keyfile = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/keyfiles/' . $filename);
$sharekey = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/share-keys/' . $filename);
$keyfile = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/keys/' . $filename);
}
} else {
$keyfile = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/keyfiles/' . $source_location . '/' . $filename . '.key');
}
if ($timestamp) {
$keyfile .= '.d' . $timestamp;
}
// disable proxy to prevent recursive calls
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
if ($rootView->file_exists($keyfile)) {
// handle directory
if ($rootView->is_dir($keyfile)) {
// handle keyfiles
$rootView->rename($keyfile, $baseDir . '/keyfiles/' . $ownerPath);
// handle share-keys
if ($timestamp) {
$sharekey .= '.d' . $timestamp;
}
$rootView->rename($sharekey, $baseDir . '/share-keys/' . $ownerPath);
} else {
// handle keyfiles
$rootView->rename($keyfile, $baseDir . '/keyfiles/' . $ownerPath . '.key');
// handle share-keys
$ownerShareKey = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/share-keys/' . $source_location . '/' . $filename . '.' . $user . '.shareKey');
if ($timestamp) {
$ownerShareKey .= '.d' . $timestamp;
}
// move only owners key
$rootView->rename($ownerShareKey, $baseDir . '/share-keys/' . $ownerPath . '.' . $user . '.shareKey');
// try to re-share if file is shared
$filesystemView = new \OC\Files\View('/');
$session = new \OCA\Encryption\Session($filesystemView);
$util = new \OCA\Encryption\Util($filesystemView, $user);
// fix the file size
$absolutePath = \OC\Files\Filesystem::normalizePath('/' . $owner . '/files/' . $ownerPath);
$util->fixFileSize($absolutePath);
// get current sharing state
$sharingEnabled = \OCP\Share::isEnabled();
// get users sharing this file
$usersSharing = $util->getSharingUsersArray($sharingEnabled, $target);
// Attempt to set shareKey
$util->setSharedFileKeyfiles($session, $usersSharing, $target);
}
if ($rootView->is_dir($keyfile)) {
$rootView->rename($keyfile, $baseDir . '/keys/' . $ownerPath);
}
// enable proxy
\OC_FileProxy::$enabled = $proxyStatus;
}
}
@ -678,27 +567,15 @@ class Trashbin {
if (\OCP\App::isEnabled('files_encryption')) {
$user = \OCP\User::getUser();
if ($view->is_dir('/files_trashbin/files/' . $file)) {
$keyfile = \OC\Files\Filesystem::normalizePath('files_trashbin/keyfiles/' . $filename);
$sharekeys = \OC\Files\Filesystem::normalizePath('files_trashbin/share-keys/' . $filename);
} else {
$keyfile = \OC\Files\Filesystem::normalizePath('files_trashbin/keyfiles/' . $filename . '.key');
$sharekeys = \OC\Files\Filesystem::normalizePath('files_trashbin/share-keys/' . $filename . '.' . $user . '.shareKey');
}
$keyfiles = \OC\Files\Filesystem::normalizePath('files_trashbin/keys/' . $filename);
if ($timestamp) {
$keyfile .= '.d' . $timestamp;
$sharekeys .= '.d' . $timestamp;
$keyfiles .= '.d' . $timestamp;
}
if ($view->file_exists($keyfile)) {
if ($view->is_dir($keyfile)) {
$size += self::calculateSize(new \OC\Files\View('/' . $user . '/' . $keyfile));
$size += self::calculateSize(new \OC\Files\View('/' . $user . '/' . $sharekeys));
} else {
$size += $view->filesize($keyfile);
$size += $view->filesize($sharekeys);
}
$view->unlink($keyfile);
$view->unlink($sharekeys);
if ($view->is_dir($keyfiles)) {
$size += self::calculateSize(new \OC\Files\View('/' . $user . '/' . $keyfiles));
$view->deleteAll($keyfiles);
}
}
return $size;