From c2a45c1238c63ad97dbbfd1ef29fb70a45a93d09 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Tue, 4 Nov 2014 17:17:29 +0100 Subject: [PATCH] throw exception if private key is missing --- apps/files_encryption/appinfo/app.php | 1 + apps/files_encryption/lib/exceptions.php | 8 ++++++++ apps/files_encryption/lib/stream.php | 5 +++++ lib/private/connector/sabre/file.php | 8 +++++++- 4 files changed, 21 insertions(+), 1 deletion(-) diff --git a/apps/files_encryption/appinfo/app.php b/apps/files_encryption/appinfo/app.php index aa709fbac6..4f301f48b3 100644 --- a/apps/files_encryption/appinfo/app.php +++ b/apps/files_encryption/appinfo/app.php @@ -13,6 +13,7 @@ OC::$CLASSPATH['OCA\Encryption\Helper'] = 'files_encryption/lib/helper.php'; // Exceptions OC::$CLASSPATH['OCA\Encryption\Exceptions\MultiKeyEncryptException'] = 'files_encryption/lib/exceptions.php'; OC::$CLASSPATH['OCA\Encryption\Exceptions\MultiKeyDecryptException'] = 'files_encryption/lib/exceptions.php'; +OC::$CLASSPATH['OCA\Encryption\Exceptions\EncryptionException'] = 'files_encryption/lib/exceptions.php'; \OCP\Util::addTranslations('files_encryption'); \OCP\Util::addscript('files_encryption', 'encryption'); diff --git a/apps/files_encryption/lib/exceptions.php b/apps/files_encryption/lib/exceptions.php index 3ea27faf40..5b92f4afe7 100644 --- a/apps/files_encryption/lib/exceptions.php +++ b/apps/files_encryption/lib/exceptions.php @@ -30,8 +30,16 @@ namespace OCA\Encryption\Exceptions; * 30 - encryption header to large * 40 - unknown cipher * 50 - encryption failed + * 60 - no private key available */ class EncryptionException extends \Exception { + const UNEXPECTED_END_OF_ENCRTYPTION_HEADER = 10; + const UNEXPECTED_BLOG_SIZE = 20; + const ENCRYPTION_HEADER_TO_LARGE = 30; + const UNKNOWN_CIPHER = 40; + const ENCRYPTION_FAILED = 50; + const NO_PRIVATE_KEY_AVAILABLE = 60; + } /** diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php index f74812a725..046c38152b 100644 --- a/apps/files_encryption/lib/stream.php +++ b/apps/files_encryption/lib/stream.php @@ -30,6 +30,7 @@ */ namespace OCA\Encryption; +use OCA\Encryption\Exceptions\EncryptionException; /** * Provides 'crypt://' stream wrapper protocol. @@ -106,6 +107,10 @@ class Stream { $this->session = new \OCA\Encryption\Session($this->rootView); $this->privateKey = $this->session->getPrivateKey(); + if ($this->privateKey === false) { + throw new EncryptionException('Session does not contain a private key, maybe your login password changed?', + EncryptionException::NO_PRIVATE_KEY_AVAILABLE); + } $normalizedPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path)); if ($originalFile = Helper::getPathFromTmpFile($normalizedPath)) { diff --git a/lib/private/connector/sabre/file.php b/lib/private/connector/sabre/file.php index 903c3447b5..dc036c1adc 100644 --- a/lib/private/connector/sabre/file.php +++ b/lib/private/connector/sabre/file.php @@ -100,6 +100,8 @@ class OC_Connector_Sabre_File extends OC_Connector_Sabre_Node implements \Sabre\ } catch (\OCP\Files\LockNotAcquiredException $e) { // the file is currently being written to by another process throw new OC_Connector_Sabre_Exception_FileLocked($e->getMessage(), $e->getCode(), $e); + } catch (\OCA\Encryption\Exceptions\EncryptionException $e) { + throw new \Sabre\DAV\Exception\Forbidden($e->getMessage()); } // if content length is sent by client: @@ -152,7 +154,11 @@ class OC_Connector_Sabre_File extends OC_Connector_Sabre_Node implements \Sabre\ if (\OC_Util::encryptedFiles()) { throw new \Sabre\DAV\Exception\ServiceUnavailable(); } else { - return $this->fileView->fopen(ltrim($this->path, '/'), 'rb'); + try { + return $this->fileView->fopen(ltrim($this->path, '/'), 'rb'); + } catch (\OCA\Encryption\Exceptions\EncryptionException $e) { + throw new \Sabre\DAV\Exception\Forbidden($e->getMessage()); + } } }