skip update of encryption keys if file is not encrypted

This commit is contained in:
Bjoern Schiessle 2015-04-28 17:29:10 +02:00
parent 557b4a2cb0
commit df428b76ac
3 changed files with 81 additions and 16 deletions

View File

@ -101,7 +101,8 @@ class Application extends \OCP\AppFramework\App {
return new Encryption( return new Encryption(
$container->query('Crypt'), $container->query('Crypt'),
$container->query('KeyManager'), $container->query('KeyManager'),
$container->query('Util') $container->query('Util'),
$container->getServer()->getLogger()
); );
}); });
} }

View File

@ -28,6 +28,7 @@ namespace OCA\Encryption\Crypto;
use OCA\Encryption\Util; use OCA\Encryption\Util;
use OCP\Encryption\IEncryptionModule; use OCP\Encryption\IEncryptionModule;
use OCA\Encryption\KeyManager; use OCA\Encryption\KeyManager;
use OCP\ILogger;
class Encryption implements IEncryptionModule { class Encryption implements IEncryptionModule {
@ -66,16 +67,24 @@ class Encryption implements IEncryptionModule {
/** @var Util */ /** @var Util */
private $util; private $util;
/** @var ILogger */
private $logger;
/** /**
* *
* @param \OCA\Encryption\Crypto\Crypt $crypt * @param Crypt $crypt
* @param KeyManager $keyManager * @param KeyManager $keyManager
* @param Util $util * @param Util $util
* @param ILogger $logger
*/ */
public function __construct(Crypt $crypt, KeyManager $keyManager, Util $util) { public function __construct(Crypt $crypt,
KeyManager $keyManager,
Util $util,
ILogger $logger) {
$this->crypt = $crypt; $this->crypt = $crypt;
$this->keyManager = $keyManager; $this->keyManager = $keyManager;
$this->util = $util; $this->util = $util;
$this->logger = $logger;
} }
/** /**
@ -257,19 +266,29 @@ class Encryption implements IEncryptionModule {
*/ */
public function update($path, $uid, array $accessList) { public function update($path, $uid, array $accessList) {
$fileKey = $this->keyManager->getFileKey($path, $uid); $fileKey = $this->keyManager->getFileKey($path, $uid);
$publicKeys = array();
foreach ($accessList['users'] as $user) { if (!empty($fileKey)) {
$publicKeys[$user] = $this->keyManager->getPublicKey($user);
$publicKeys = array();
foreach ($accessList['users'] as $user) {
$publicKeys[$user] = $this->keyManager->getPublicKey($user);
}
$publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys);
$encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys);
$this->keyManager->deleteAllFileKeys($path);
$this->keyManager->setAllFileKeys($path, $encryptedFileKey);
} else {
$this->logger->debug('no file key found, we assume that the file "{file}" is not encrypted',
array('file' => $path, 'app' => 'encryption'));
return false;
} }
$publicKeys = $this->keyManager->addSystemKeys($accessList, $publicKeys);
$encryptedFileKey = $this->crypt->multiKeyEncrypt($fileKey, $publicKeys);
$this->keyManager->deleteAllFileKeys($path);
$this->keyManager->setAllFileKeys($path, $encryptedFileKey);
return true; return true;
} }

View File

@ -38,6 +38,9 @@ class EncryptionTest extends TestCase {
/** @var \PHPUnit_Framework_MockObject_MockObject */ /** @var \PHPUnit_Framework_MockObject_MockObject */
private $utilMock; private $utilMock;
/** @var \PHPUnit_Framework_MockObject_MockObject */
private $loggerMock;
public function setUp() { public function setUp() {
parent::setUp(); parent::setUp();
@ -50,8 +53,16 @@ class EncryptionTest extends TestCase {
$this->keyManagerMock = $this->getMockBuilder('OCA\Encryption\KeyManager') $this->keyManagerMock = $this->getMockBuilder('OCA\Encryption\KeyManager')
->disableOriginalConstructor() ->disableOriginalConstructor()
->getMock(); ->getMock();
$this->loggerMock = $this->getMockBuilder('OCP\ILogger')
->disableOriginalConstructor()
->getMock();
$this->instance = new Encryption($this->cryptMock, $this->keyManagerMock, $this->utilMock); $this->instance = new Encryption(
$this->cryptMock,
$this->keyManagerMock,
$this->utilMock,
$this->loggerMock
);
} }
/** /**
@ -83,6 +94,9 @@ class EncryptionTest extends TestCase {
$this->cryptMock->expects($this->any()) $this->cryptMock->expects($this->any())
->method('getLegacyCipher') ->method('getLegacyCipher')
->willReturn($legacyCipher); ->willReturn($legacyCipher);
$this->cryptMock->expects($this->any())
->method('generateFileKey')
->willReturn('fileKey');
$result = $this->instance->begin('/user/files/foo.txt', 'user', $mode, $header, []); $result = $this->instance->begin('/user/files/foo.txt', 'user', $mode, $header, []);
@ -99,5 +113,36 @@ class EncryptionTest extends TestCase {
); );
} }
/**
* @dataProvider dataTestUpdate
*
* @param string $fileKey
* @param boolean $expected
*/
public function testUpdate($fileKey, $expected) {
$this->keyManagerMock->expects($this->once())
->method('getFileKey')->willReturn($fileKey);
} $this->keyManagerMock->expects($this->any())
->method('getPublicKey')->willReturn('publicKey');
$this->keyManagerMock->expects($this->any())
->method('addSystemKeys')
->willReturnCallback(function($accessList, $publicKeys) {
return $publicKeys;
});
$this->assertSame($expected,
$this->instance->update('path', 'user1', ['users' => ['user1']])
);
}
public function dataTestUpdate() {
return array(
array('', false),
array('fileKey', true)
);
}
}