diff --git a/apps/encryption/lib/crypto/crypt.php b/apps/encryption/lib/crypto/crypt.php index d5a41c2900..f27f55619a 100644 --- a/apps/encryption/lib/crypto/crypt.php +++ b/apps/encryption/lib/crypto/crypt.php @@ -442,7 +442,7 @@ class Crypt { $catFile = $this->splitMetaData($keyFileContents, $cipher); - if ($catFile['signature']) { + if ($catFile['signature'] !== false) { $this->checkSignature($catFile['encrypted'], $passPhrase, $catFile['signature']); } diff --git a/apps/encryption/tests/lib/crypto/cryptTest.php b/apps/encryption/tests/lib/crypto/cryptTest.php index c774da1836..d94aea463c 100644 --- a/apps/encryption/tests/lib/crypto/cryptTest.php +++ b/apps/encryption/tests/lib/crypto/cryptTest.php @@ -204,17 +204,61 @@ class cryptTest extends TestCase { } /** - * test splitIV() + * @dataProvider dataTestSplitMetaData */ - public function testSplitIV() { - $data = 'encryptedContent00iv001234567890123456'; - $result = self::invokePrivate($this->crypt, 'splitIV', array($data)); + public function testSplitMetaData($data, $expected) { + $result = self::invokePrivate($this->crypt, 'splitMetaData', array($data, 'AES-256-CFB')); $this->assertTrue(is_array($result)); - $this->assertSame(2, count($result)); + $this->assertSame(3, count($result)); $this->assertArrayHasKey('encrypted', $result); $this->assertArrayHasKey('iv', $result); - $this->assertSame('encryptedContent', $result['encrypted']); - $this->assertSame('1234567890123456', $result['iv']); + $this->assertArrayHasKey('signature', $result); + $this->assertSame($expected['encrypted'], $result['encrypted']); + $this->assertSame($expected['iv'], $result['iv']); + $this->assertSame($expected['signature'], $result['signature']); + } + + public function dataTestSplitMetaData() { + return [ + ['encryptedContent00iv001234567890123456xx', + ['encrypted' => 'encryptedContent', 'iv' => '1234567890123456', 'signature' => false]], + ['encryptedContent00iv00123456789012345600sig00e1992521e437f6915f9173b190a512cfc38a00ac24502db44e0ba10c2bb0cc86xxx', + ['encrypted' => 'encryptedContent', 'iv' => '1234567890123456', 'signature' => 'e1992521e437f6915f9173b190a512cfc38a00ac24502db44e0ba10c2bb0cc86']], + ]; + } + + /** + * @dataProvider dataTestHasSignature + */ + public function testHasSignature($data, $expected) { + $this->assertSame($expected, + $this->invokePrivate($this->crypt, 'hasSignature', array($data, 'AES-256-CFB')) + ); + } + + public function dataTestHasSignature() { + return [ + ['encryptedContent00iv001234567890123456xx', false], + ['encryptedContent00iv00123456789012345600sig00e1992521e437f6915f9173b190a512cfc38a00ac24502db44e0ba10c2bb0cc86xxx', true] + ]; + } + + /** + * @dataProvider dataTestHasSignatureFail + * @expectedException \OC\HintException + */ + public function testHasSignatureFail($cipher) { + $data = 'encryptedContent00iv001234567890123456xx'; + $this->invokePrivate($this->crypt, 'hasSignature', array($data, $cipher)); + } + + public function dataTestHasSignatureFail() { + return [ + ['AES-256-CTR'], + ['aes-256-ctr'], + ['AES-128-CTR'], + ['ctr-256-ctr'] + ]; } /** @@ -222,7 +266,7 @@ class cryptTest extends TestCase { */ public function testAddPadding() { $result = self::invokePrivate($this->crypt, 'addPadding', array('data')); - $this->assertSame('dataxx', $result); + $this->assertSame('dataxxx', $result); } /** @@ -348,7 +392,8 @@ class cryptTest extends TestCase { [ $this->logger, $this->userSession, - $this->config + $this->config, + $this->l ] ) ->setMethods( diff --git a/apps/encryption/tests/lib/crypto/encryptionTest.php b/apps/encryption/tests/lib/crypto/encryptionTest.php index 62e77c742d..ad943ab6e4 100644 --- a/apps/encryption/tests/lib/crypto/encryptionTest.php +++ b/apps/encryption/tests/lib/crypto/encryptionTest.php @@ -229,7 +229,7 @@ class EncryptionTest extends TestCase { public function dataTestBegin() { return array( - array('w', ['cipher' => 'myCipher'], 'legacyCipher', 'defaultCipher', 'fileKey', 'myCipher'), + array('w', ['cipher' => 'myCipher'], 'legacyCipher', 'defaultCipher', 'fileKey', 'defaultCipher'), array('r', ['cipher' => 'myCipher'], 'legacyCipher', 'defaultCipher', 'fileKey', 'myCipher'), array('w', [], 'legacyCipher', 'defaultCipher', '', 'defaultCipher'), array('r', [], 'legacyCipher', 'defaultCipher', 'file_key', 'legacyCipher'), diff --git a/lib/private/files/stream/encryption.php b/lib/private/files/stream/encryption.php index 11e2b218d1..bc771a91eb 100644 --- a/lib/private/files/stream/encryption.php +++ b/lib/private/files/stream/encryption.php @@ -72,6 +72,9 @@ class Encryption extends Wrapper { /** @var string */ protected $fullPath; + /** @var bool */ + protected $signed; + /** * header data returned by the encryption module, will be written to the file * in case of a write operation diff --git a/tests/lib/files/stream/encryption.php b/tests/lib/files/stream/encryption.php index f9d8f076b6..f67dd09bc4 100644 --- a/tests/lib/files/stream/encryption.php +++ b/tests/lib/files/stream/encryption.php @@ -117,6 +117,7 @@ class Encryption extends \Test\TestCase { $header->setAccessible(true); $header->setValue($streamWrapper, array()); $header->setAccessible(false); + $this->invokePrivate($streamWrapper, 'signed', [true]); // call stream_open, that's the method we want to test $dummyVar = 'foo';