Merge pull request #15911 from owncloud/enc_create_header_for_new_key

make sure that we create a header for the encrypted private key

apps/encryption/hooks/userhooks.php

@@ -226,7 +226,7 @@ class UserHooks implements IHook {
 			// Save private key
 			if ($encryptedPrivateKey) {
 				$this->keyManager->setPrivateKey($this->user->getUser()->getUID(),
-					$encryptedPrivateKey);
+					$this->crypt->generateHeader() . $encryptedPrivateKey);
 			} else {
 				$this->logger->error('Encryption could not update users encryption password');
 			}
@@ -263,7 +263,7 @@ class UserHooks implements IHook {
 					$newUserPassword);
 
 				if ($encryptedKey) {
-					$this->keyManager->setPrivateKey($user, $encryptedKey);
+					$this->keyManager->setPrivateKey($user, $this->crypt->generateHeader() . $encryptedKey);
 
 					if ($recoveryPassword) { // if recovery key is set we can re-encrypt the key files
 						$this->recovery->recoverUsersFiles($recoveryPassword, $user);

apps/encryption/tests/hooks/UserHooksTest.php

@@ -11,6 +11,7 @@
 namespace OCA\Encryption\Tests\Hooks;
 
 
+use OCA\Encryption\Crypto\Crypt;
 use OCA\Encryption\Hooks\UserHooks;
 use Test\TestCase;
 
@@ -101,8 +102,18 @@ class UserHooksTest extends TestCase {
 			->method('symmetricEncryptFileContent')
 			->willReturn(true);
 
+		$this->cryptMock->expects($this->any())
+			->method('generateHeader')
+			->willReturn(Crypt::HEADER_START . ':Cipher:test:' . Crypt::HEADER_END);
+
 		$this->keyManagerMock->expects($this->exactly(4))
-			->method('setPrivateKey');
+			->method('setPrivateKey')
+			->willReturnCallback(function ($user, $key) {
+				$header = substr($key, 0, strlen(Crypt::HEADER_START));
+				$this->assertSame(
+					Crypt::HEADER_START,
+					$header, 'every encrypted file should start with a header');
+			});
 
 		$this->assertNull($this->instance->setPassphrase($this->params));
 		$this->params['recoveryPassword'] = 'password';