throw exception if private key is missing

4 files changed, 21 insertions, 1 deletions

diff --git a/apps/files_encryption/appinfo/app.php b/apps/files_encryption/appinfo/app.php
index aa709fbac65..4f301f48b39 100644
--- a/apps/files_encryption/appinfo/app.php
+++ b/apps/files_encryption/appinfo/app.php
@@ -13,6 +13,7 @@ OC::$CLASSPATH['OCA\Encryption\Helper'] = 'files_encryption/lib/helper.php';
 // Exceptions
 OC::$CLASSPATH['OCA\Encryption\Exceptions\MultiKeyEncryptException'] = 'files_encryption/lib/exceptions.php';
 OC::$CLASSPATH['OCA\Encryption\Exceptions\MultiKeyDecryptException'] = 'files_encryption/lib/exceptions.php';
+OC::$CLASSPATH['OCA\Encryption\Exceptions\EncryptionException'] = 'files_encryption/lib/exceptions.php';
 
 \OCP\Util::addTranslations('files_encryption');
 \OCP\Util::addscript('files_encryption', 'encryption');
diff --git a/apps/files_encryption/lib/exceptions.php b/apps/files_encryption/lib/exceptions.php
index 3ea27faf406..5b92f4afe74 100644
--- a/apps/files_encryption/lib/exceptions.php
+++ b/apps/files_encryption/lib/exceptions.php
@@ -30,8 +30,16 @@ namespace OCA\Encryption\Exceptions;
  * 30 - encryption header to large
  * 40 - unknown cipher
  * 50 - encryption failed
+ * 60 - no private key available
  */
 class EncryptionException extends \Exception {
+	const UNEXPECTED_END_OF_ENCRTYPTION_HEADER = 10;
+	const UNEXPECTED_BLOG_SIZE = 20;
+	const ENCRYPTION_HEADER_TO_LARGE = 30;
+	const UNKNOWN_CIPHER = 40;
+	const ENCRYPTION_FAILED = 50;
+	const NO_PRIVATE_KEY_AVAILABLE = 60;
+
 }
 
 /**
diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php
index f74812a7253..046c38152b8 100644
--- a/apps/files_encryption/lib/stream.php
+++ b/apps/files_encryption/lib/stream.php
@@ -30,6 +30,7 @@
  */
 
 namespace OCA\Encryption;
+use OCA\Encryption\Exceptions\EncryptionException;
 
 /**
  * Provides 'crypt://' stream wrapper protocol.
@@ -106,6 +107,10 @@ class Stream {
 		$this->session = new \OCA\Encryption\Session($this->rootView);
 
 		$this->privateKey = $this->session->getPrivateKey();
+		if ($this->privateKey === false) {
+			throw new EncryptionException('Session does not contain a private key, maybe your login password changed?',
+					EncryptionException::NO_PRIVATE_KEY_AVAILABLE);
+		}
 
 		$normalizedPath = \OC\Files\Filesystem::normalizePath(str_replace('crypt://', '', $path));
 		if ($originalFile = Helper::getPathFromTmpFile($normalizedPath)) {
diff --git a/lib/private/connector/sabre/file.php b/lib/private/connector/sabre/file.php
index 903c3447b56..dc036c1adca 100644
--- a/lib/private/connector/sabre/file.php
+++ b/lib/private/connector/sabre/file.php
@@ -100,6 +100,8 @@ class OC_Connector_Sabre_File extends OC_Connector_Sabre_Node implements \Sabre\
 		} catch (\OCP\Files\LockNotAcquiredException $e) {
 			// the file is currently being written to by another process
 			throw new OC_Connector_Sabre_Exception_FileLocked($e->getMessage(), $e->getCode(), $e);
+		} catch (\OCA\Encryption\Exceptions\EncryptionException $e) {
+			throw new \Sabre\DAV\Exception\Forbidden($e->getMessage());
 		}
 
 		// if content length is sent by client:
@@ -152,7 +154,11 @@ class OC_Connector_Sabre_File extends OC_Connector_Sabre_Node implements \Sabre\
 		if (\OC_Util::encryptedFiles()) {
 			throw new \Sabre\DAV\Exception\ServiceUnavailable();
 		} else {
-			return $this->fileView->fopen(ltrim($this->path, '/'), 'rb');
+			try {
+				return $this->fileView->fopen(ltrim($this->path, '/'), 'rb');
+			} catch (\OCA\Encryption\Exceptions\EncryptionException $e) {
+				throw new \Sabre\DAV\Exception\Forbidden($e->getMessage());
+			}
 		}
 
 	}