From 4ef9df8750553518143a7b1d088ab755db482cf1 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 13 Apr 2015 15:56:36 +0200 Subject: [PATCH] skip user if we don't have a public key --- apps/encryption/appinfo/application.php | 3 + apps/encryption/lib/crypto/encryption.php | 16 ++++- .../tests/lib/crypto/encryptionTest.php | 69 +++++++++++++++++++ 3 files changed, 87 insertions(+), 1 deletion(-) diff --git a/apps/encryption/appinfo/application.php b/apps/encryption/appinfo/application.php index 0c9dcb76fb..0d6f57f46e 100644 --- a/apps/encryption/appinfo/application.php +++ b/apps/encryption/appinfo/application.php @@ -94,10 +94,12 @@ class Application extends \OCP\AppFramework\App { public function registerEncryptionModule() { $container = $this->getContainer(); + $this->encryptionManager->registerEncryptionModule( Encryption::ID, Encryption::DISPLAY_NAME, function() use ($container) { + return new Encryption( $container->query('Crypt'), $container->query('KeyManager'), @@ -105,6 +107,7 @@ class Application extends \OCP\AppFramework\App { $container->getServer()->getLogger() ); }); + } public function registerServices() { diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php index 4e181b0712..0fb6f257f3 100644 --- a/apps/encryption/lib/crypto/encryption.php +++ b/apps/encryption/lib/crypto/encryption.php @@ -25,6 +25,7 @@ namespace OCA\Encryption\Crypto; +use OCA\Encryption\Exceptions\PublicKeyMissingException; use OCA\Encryption\Util; use OCP\Encryption\IEncryptionModule; use OCA\Encryption\KeyManager; @@ -67,6 +68,7 @@ class Encryption implements IEncryptionModule { /** @var Util */ private $util; + /** @var ILogger */ private $logger; @@ -161,6 +163,9 @@ class Encryption implements IEncryptionModule { * @param string $path to the file * @return string remained data which should be written to the file in case * of a write operation + * @throws PublicKeyMissingException + * @throws \Exception + * @throws \OCA\Encryption\Exceptions\MultiKeyEncryptException */ public function end($path) { $result = ''; @@ -171,7 +176,16 @@ class Encryption implements IEncryptionModule { } $publicKeys = array(); foreach ($this->accessList['users'] as $uid) { - $publicKeys[$uid] = $this->keyManager->getPublicKey($uid); + try { + $publicKeys[$uid] = $this->keyManager->getPublicKey($uid); + } catch (PublicKeyMissingException $e) { + $this->logger->warning('no public key found for user \'' . $uid . + '\', user will not be able to read the file', array('app' => 'encryption')); + // if the public key of the owner is missing we should fail + if ($uid === $this->user) { + throw $e; + } + } } $publicKeys = $this->keyManager->addSystemKeys($this->accessList, $publicKeys); diff --git a/apps/encryption/tests/lib/crypto/encryptionTest.php b/apps/encryption/tests/lib/crypto/encryptionTest.php index cb4ca2d3a1..70e48a2eab 100644 --- a/apps/encryption/tests/lib/crypto/encryptionTest.php +++ b/apps/encryption/tests/lib/crypto/encryptionTest.php @@ -21,6 +21,7 @@ namespace OCA\Encryption\Tests\Crypto; +use OCA\Encryption\Exceptions\PublicKeyMissingException; use Test\TestCase; use OCA\Encryption\Crypto\Encryption; @@ -63,6 +64,74 @@ class EncryptionTest extends TestCase { $this->utilMock, $this->loggerMock ); + + } + + /** + * test if public key from one of the recipients is missing + */ + public function testEndUser1() { + $this->instance->begin('/foo/bar', 'user1', 'r', array(), array('users' => array('user1', 'user2', 'user3'))); + $this->endTest(); + } + + /** + * test if public key from owner is missing + * + * @expectedException \OCA\Encryption\Exceptions\PublicKeyMissingException + */ + public function testEndUser2() { + $this->instance->begin('/foo/bar', 'user2', 'r', array(), array('users' => array('user1', 'user2', 'user3'))); + $this->endTest(); + } + + /** + * common part of testEndUser1 and testEndUser2 + * + * @throws PublicKeyMissingException + */ + public function endTest() { + // prepare internal variables + $class = get_class($this->instance); + $module = new \ReflectionClass($class); + $isWriteOperation = $module->getProperty('isWriteOperation'); + $writeCache = $module->getProperty('writeCache'); + $isWriteOperation->setAccessible(true); + $writeCache->setAccessible(true); + $isWriteOperation->setValue($this->instance, true); + $writeCache->setValue($this->instance, ''); + $isWriteOperation->setAccessible(false); + $writeCache->setAccessible(false); + + $this->keyManagerMock->expects($this->any()) + ->method('getPublicKey') + ->will($this->returnCallback([$this, 'getPublicKeyCallback'])); + $this->keyManagerMock->expects($this->any()) + ->method('addSystemKeys') + ->will($this->returnCallback([$this, 'addSystemKeysCallback'])); + $this->cryptMock->expects($this->any()) + ->method('multiKeyEncrypt') + ->willReturn(true); + $this->cryptMock->expects($this->any()) + ->method('setAllFileKeys') + ->willReturn(true); + + $this->instance->end('/foo/bar'); + } + + + public function getPublicKeyCallback($uid) { + if ($uid === 'user2') { + throw new PublicKeyMissingException($uid); + } + return $uid; + } + + public function addSystemKeysCallback($accessList, $publicKeys) { + $this->assertSame(2, count($publicKeys)); + $this->assertArrayHasKey('user1', $publicKeys); + $this->assertArrayHasKey('user3', $publicKeys); + return $publicKeys; } /**