diff options
author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2017-04-04 11:46:13 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-04-04 11:46:13 +0200 |
commit | da178db98edf54088cb94391088a53257f682b5d (patch) | |
tree | b83f18a8f348f2d09e904b4c6fbb5edea11a8a8e | |
parent | efb21a948e586d2080e179ce6b4b271132561ad7 (diff) | |
parent | 6b9ef15803d16de4f227f4176056c030bbed9ebf (diff) | |
download | nextcloud-server-da178db98edf54088cb94391088a53257f682b5d.tar.gz nextcloud-server-da178db98edf54088cb94391088a53257f682b5d.zip |
Merge pull request #4030 from nextcloud/masterkey-publiclink-nc12
Make public links work with master key
-rw-r--r-- | apps/encryption/lib/KeyManager.php | 17 | ||||
-rw-r--r-- | apps/encryption/tests/KeyManagerTest.php | 35 |
2 files changed, 34 insertions, 18 deletions
diff --git a/apps/encryption/lib/KeyManager.php b/apps/encryption/lib/KeyManager.php index caae154b2d3..32872ae99b3 100644 --- a/apps/encryption/lib/KeyManager.php +++ b/apps/encryption/lib/KeyManager.php @@ -399,6 +399,10 @@ class KeyManager { * @return string */ public function getFileKey($path, $uid) { + if ($uid === '') { + $uid = null; + } + $publicAccess = is_null($uid); $encryptedFileKey = $this->keyStorage->getFileKey($path, $this->fileKeyId, Encryption::ID); if (empty($encryptedFileKey)) { @@ -407,9 +411,16 @@ class KeyManager { if ($this->util->isMasterKeyEnabled()) { $uid = $this->getMasterKeyId(); - } - - if (is_null($uid)) { + $shareKey = $this->getShareKey($path, $uid); + if ($publicAccess) { + $privateKey = $this->getSystemPrivateKey($uid); + $privateKey = $this->crypt->decryptPrivateKey($privateKey, $this->getMasterKeyPassword(), $uid); + } else { + // when logged in, the master key is already decrypted in the session + $privateKey = $this->session->getPrivateKey(); + } + } else if ($publicAccess) { + // use public share key for public links $uid = $this->getPublicShareKeyId(); $shareKey = $this->getShareKey($path, $uid); $privateKey = $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.privateKey', Encryption::ID); diff --git a/apps/encryption/tests/KeyManagerTest.php b/apps/encryption/tests/KeyManagerTest.php index 40def135816..a8441427a2c 100644 --- a/apps/encryption/tests/KeyManagerTest.php +++ b/apps/encryption/tests/KeyManagerTest.php @@ -349,6 +349,19 @@ class KeyManagerTest extends TestCase { $this->assertTrue($this->instance->getEncryptedFileKey('/')); } + public function dataTestGetFileKey() { + return [ + ['user1', false, 'privateKey', true], + ['user1', false, false, ''], + ['user1', true, 'privateKey', true], + ['user1', true, false, ''], + [null, false, 'privateKey', true], + [null, false, false, ''], + [null, true, 'privateKey', true], + [null, true, false, ''] + ]; + } + /** * @dataProvider dataTestGetFileKey * @@ -363,6 +376,10 @@ class KeyManagerTest extends TestCase { if ($isMasterKeyEnabled) { $expectedUid = 'masterKeyId'; + $this->configMock->expects($this->any())->method('getSystemValue')->with('secret') + ->willReturn('password'); + } else if (!$uid) { + $expectedUid = 'systemKeyId'; } else { $expectedUid = $uid; } @@ -379,6 +396,9 @@ class KeyManagerTest extends TestCase { ->with($path, $expectedUid . '.shareKey', 'OC_DEFAULT_MODULE') ->willReturn(true); + $this->utilMock->expects($this->any())->method('isMasterKeyEnabled') + ->willReturn($isMasterKeyEnabled); + if (is_null($uid)) { $this->keyStorageMock->expects($this->once()) ->method('getSystemUserKey') @@ -389,8 +409,6 @@ class KeyManagerTest extends TestCase { } else { $this->keyStorageMock->expects($this->never()) ->method('getSystemUserKey'); - $this->utilMock->expects($this->once())->method('isMasterKeyEnabled') - ->willReturn($isMasterKeyEnabled); $this->sessionMock->expects($this->once())->method('getPrivateKey')->willReturn($privateKey); } @@ -409,19 +427,6 @@ class KeyManagerTest extends TestCase { } - public function dataTestGetFileKey() { - return [ - ['user1', false, 'privateKey', true], - ['user1', false, false, ''], - ['user1', true, 'privateKey', true], - ['user1', true, false, ''], - ['', false, 'privateKey', true], - ['', false, false, ''], - ['', true, 'privateKey', true], - ['', true, false, ''] - ]; - } - public function testDeletePrivateKey() { $this->keyStorageMock->expects($this->once()) ->method('deleteUserKey') |