added tests and methods relating to handling of legacy keys
This commit is contained in:
Sam Tuke
parent
9216289856
commit
9368ea73c8
|
|
@ -39,6 +39,8 @@ class Util {
|
|||
|
||||
# DONE: add method to check if file is encrypted using new system
|
||||
# DONE: add method to check if file is encrypted using old system
|
||||
# DONE: add method to fetch legacy key
|
||||
# DONE: add method to decrypt legacy encrypted data
|
||||
# TODO: add method to encrypt all user files using new system
|
||||
# TODO: add method to decrypt all user files using new system
|
||||
# TODO: add method to encrypt all user files using old system
|
||||
|
|
@ -151,38 +153,6 @@ class Util {
|
|||
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Fetch the legacy encryption key from user files
|
||||
* @param string $login used to locate the legacy key
|
||||
* @param string $passphrase used to decrypt the legacy key
|
||||
* @return true / false
|
||||
*
|
||||
* if the key is left out, the default handeler will be used
|
||||
*/
|
||||
public function getLegacyKey( $login, $passphrase ) {
|
||||
|
||||
OC_FileProxy::$enabled = false;
|
||||
|
||||
if (
|
||||
$login
|
||||
and $passphrase
|
||||
and $key = $this->view->file_get_contents( '/' . $login . '/encryption.key' )
|
||||
) {
|
||||
|
||||
OC_FileProxy::$enabled = true;
|
||||
|
||||
return $this->legacyDecrypt( $key, $passphrase );
|
||||
|
||||
} else {
|
||||
|
||||
OC_FileProxy::$enabled = true;
|
||||
|
||||
return false;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Get the blowfish encryption handeler for a key
|
||||
* @param $key string (optional)
|
||||
|
|
@ -192,9 +162,9 @@ class Util {
|
|||
*/
|
||||
public function getBlowfish( $key = '' ) {
|
||||
|
||||
if( $key ){
|
||||
if ( $key ) {
|
||||
|
||||
return new Crypt_Blowfish($key);
|
||||
return new \Crypt_Blowfish( $key );
|
||||
|
||||
} else {
|
||||
|
||||
|
|
@ -204,6 +174,43 @@ class Util {
|
|||
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Fetch the legacy encryption key from user files
|
||||
* @param string $login used to locate the legacy key
|
||||
* @param string $passphrase used to decrypt the legacy key
|
||||
* @return true / false
|
||||
*
|
||||
* if the key is left out, the default handeler will be used
|
||||
*/
|
||||
public function getLegacyKey( $passphrase ) {
|
||||
|
||||
//OC_FileProxy::$enabled = false;
|
||||
|
||||
if (
|
||||
$passphrase
|
||||
and $key = $this->view->file_get_contents( '/encryption.key' )
|
||||
) {
|
||||
|
||||
//OC_FileProxy::$enabled = true;
|
||||
|
||||
if ( $this->legacyKey = $this->legacyDecrypt( $key, $passphrase ) ) {
|
||||
|
||||
return true;
|
||||
|
||||
} else {
|
||||
|
||||
return false;
|
||||
|
||||
}
|
||||
|
||||
} else {
|
||||
|
||||
return false;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief encrypts content using legacy blowfish system
|
||||
* @param $content the cleartext message you want to encrypt
|
||||
|
|
@ -212,9 +219,12 @@ class Util {
|
|||
*
|
||||
* This function encrypts an content
|
||||
*/
|
||||
public static function legacyEncrypt( $content, $key='') {
|
||||
$bf = self::getBlowfish($key);
|
||||
return $bf->encrypt($content);
|
||||
public function legacyEncrypt( $content, $passphrase = '' ) {
|
||||
|
||||
$bf = $this->getBlowfish( $passphrase );
|
||||
|
||||
return $bf->encrypt( $content );
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -225,9 +235,9 @@ class Util {
|
|||
*
|
||||
* This function decrypts an content
|
||||
*/
|
||||
public static function legacyDecrypt( $content, $key = '' ) {
|
||||
public function legacyDecrypt( $content, $passphrase = '' ) {
|
||||
|
||||
$bf = $this->getBlowfish( $key );
|
||||
$bf = $this->getBlowfish( $passphrase );
|
||||
|
||||
$data = $bf->decrypt( $content );
|
||||
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@
|
|||
*/
|
||||
|
||||
require realpath( dirname(__FILE__).'/../lib/crypt.php' );
|
||||
require realpath( dirname(__FILE__).'/../lib/util.php' );
|
||||
//require realpath( dirname(__FILE__).'/../../../lib/filecache.php' );
|
||||
|
||||
class Test_Encryption extends UnitTestCase {
|
||||
|
|
@ -16,6 +17,7 @@ class Test_Encryption extends UnitTestCase {
|
|||
|
||||
// set content for encrypting / decrypting in tests
|
||||
$this->data = realpath( dirname(__FILE__).'/../lib/crypt.php' );
|
||||
$this->legacyData = realpath( dirname(__FILE__).'/legacy-text.txt' );
|
||||
$this->legacyEncryptedData = realpath( dirname(__FILE__).'/legacy-encrypted-text.txt' );
|
||||
|
||||
}
|
||||
|
|
@ -112,19 +114,6 @@ class Test_Encryption extends UnitTestCase {
|
|||
|
||||
}
|
||||
|
||||
// // Cannot use this test for now due to hidden dependencies in OC_FileCache
|
||||
// function testIsLegacyEncryptedContent() {
|
||||
//
|
||||
// $keyfileContent = OCA_Encryption\Crypt::symmetricEncryptFileContent( $this->legacyEncryptedData, 'hat' );
|
||||
//
|
||||
// $this->assertFalse( OCA_Encryption\Crypt::isLegacyEncryptedContent( $keyfileContent, '/files/admin/test.txt' ) );
|
||||
//
|
||||
// OC_FileCache::put( '/admin/files/legacy-encrypted-test.txt', $this->legacyEncryptedData );
|
||||
//
|
||||
// $this->assertTrue( OCA_Encryption\Crypt::isLegacyEncryptedContent( $this->legacyEncryptedData, '/files/admin/test.txt' ) );
|
||||
//
|
||||
// }
|
||||
|
||||
function testMultiKeyEncrypt() {
|
||||
|
||||
# TODO: search in keyfile for actual content as IV will ensure this test always passes
|
||||
|
|
|
|||
|
|
@ -0,0 +1,72 @@
|
|||
<?php
|
||||
/**
|
||||
* Copyright (c) 2012 Sam Tuke <samtuke@owncloud.com>
|
||||
* This file is licensed under the Affero General Public License version 3 or
|
||||
* later.
|
||||
* See the COPYING-README file.
|
||||
*/
|
||||
|
||||
require realpath( dirname(__FILE__).'/../lib/crypt.php' );
|
||||
require realpath( dirname(__FILE__).'/../lib/util.php' );
|
||||
|
||||
class Test_Encryption extends UnitTestCase {
|
||||
|
||||
function setUp() {
|
||||
|
||||
// set content for encrypting / decrypting in tests
|
||||
$this->data = realpath( dirname(__FILE__).'/../lib/crypt.php' );
|
||||
$this->legacyData = realpath( dirname(__FILE__).'/legacy-text.txt' );
|
||||
$this->legacyEncryptedData = realpath( dirname(__FILE__).'/legacy-encrypted-text.txt' );
|
||||
|
||||
$this->view = new OC_FilesystemView( '/admin' );
|
||||
|
||||
}
|
||||
|
||||
function tearDown(){}
|
||||
|
||||
// // Cannot use this test for now due to hidden dependencies in OC_FileCache
|
||||
// function testIsLegacyEncryptedContent() {
|
||||
//
|
||||
// $keyfileContent = OCA_Encryption\Crypt::symmetricEncryptFileContent( $this->legacyEncryptedData, 'hat' );
|
||||
//
|
||||
// $this->assertFalse( OCA_Encryption\Crypt::isLegacyEncryptedContent( $keyfileContent, '/files/admin/test.txt' ) );
|
||||
//
|
||||
// OC_FileCache::put( '/admin/files/legacy-encrypted-test.txt', $this->legacyEncryptedData );
|
||||
//
|
||||
// $this->assertTrue( OCA_Encryption\Crypt::isLegacyEncryptedContent( $this->legacyEncryptedData, '/files/admin/test.txt' ) );
|
||||
//
|
||||
// }
|
||||
|
||||
// // Cannot use this test for now due to need for different root in OC_Filesystem_view class
|
||||
// function testGetLegacyKey() {
|
||||
//
|
||||
// $c = new \OCA_Encryption\Util( $view, false );
|
||||
//
|
||||
// $bool = $c->getLegacyKey( 'admin' );
|
||||
//
|
||||
// $this->assertTrue( $bool );
|
||||
//
|
||||
// $this->assertTrue( $c->legacyKey );
|
||||
//
|
||||
// $this->assertTrue( is_int( $c->legacyKey ) );
|
||||
//
|
||||
// $this->assertTrue( strlen( $c->legacyKey ) == 20 );
|
||||
//
|
||||
// }
|
||||
|
||||
// // Cannot use this test for now due to need for different root in OC_Filesystem_view class
|
||||
// function testLegacyDecrypt() {
|
||||
//
|
||||
// $c = new OCA_Encryption\Util( $this->view, false );
|
||||
//
|
||||
// $bool = $c->getLegacyKey( 'admin' );
|
||||
//
|
||||
// $encrypted = $c->legacyEncrypt( $this->data, $c->legacyKey );
|
||||
//
|
||||
// $decrypted = $c->legacyDecrypt( $encrypted, $c->legacyKey );
|
||||
//
|
||||
// $this->assertEqual( $decrypted, $this->data );
|
||||
//
|
||||
// }
|
||||
|
||||
}
|
||||
Loading…
Reference in New Issue