summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRoeland Jago Douma <rullzer@users.noreply.github.com>2017-04-04 11:46:13 +0200
committerGitHub <noreply@github.com>2017-04-04 11:46:13 +0200
commitda178db98edf54088cb94391088a53257f682b5d (patch)
treeb83f18a8f348f2d09e904b4c6fbb5edea11a8a8e
parentefb21a948e586d2080e179ce6b4b271132561ad7 (diff)
parent6b9ef15803d16de4f227f4176056c030bbed9ebf (diff)
downloadnextcloud-server-da178db98edf54088cb94391088a53257f682b5d.tar.gz
nextcloud-server-da178db98edf54088cb94391088a53257f682b5d.zip
Merge pull request #4030 from nextcloud/masterkey-publiclink-nc12
Make public links work with master key
-rw-r--r--apps/encryption/lib/KeyManager.php17
-rw-r--r--apps/encryption/tests/KeyManagerTest.php35
2 files changed, 34 insertions, 18 deletions
diff --git a/apps/encryption/lib/KeyManager.php b/apps/encryption/lib/KeyManager.php
index caae154b2d3..32872ae99b3 100644
--- a/apps/encryption/lib/KeyManager.php
+++ b/apps/encryption/lib/KeyManager.php
@@ -399,6 +399,10 @@ class KeyManager {
* @return string
*/
public function getFileKey($path, $uid) {
+ if ($uid === '') {
+ $uid = null;
+ }
+ $publicAccess = is_null($uid);
$encryptedFileKey = $this->keyStorage->getFileKey($path, $this->fileKeyId, Encryption::ID);
if (empty($encryptedFileKey)) {
@@ -407,9 +411,16 @@ class KeyManager {
if ($this->util->isMasterKeyEnabled()) {
$uid = $this->getMasterKeyId();
- }
-
- if (is_null($uid)) {
+ $shareKey = $this->getShareKey($path, $uid);
+ if ($publicAccess) {
+ $privateKey = $this->getSystemPrivateKey($uid);
+ $privateKey = $this->crypt->decryptPrivateKey($privateKey, $this->getMasterKeyPassword(), $uid);
+ } else {
+ // when logged in, the master key is already decrypted in the session
+ $privateKey = $this->session->getPrivateKey();
+ }
+ } else if ($publicAccess) {
+ // use public share key for public links
$uid = $this->getPublicShareKeyId();
$shareKey = $this->getShareKey($path, $uid);
$privateKey = $this->keyStorage->getSystemUserKey($this->publicShareKeyId . '.privateKey', Encryption::ID);
diff --git a/apps/encryption/tests/KeyManagerTest.php b/apps/encryption/tests/KeyManagerTest.php
index 40def135816..a8441427a2c 100644
--- a/apps/encryption/tests/KeyManagerTest.php
+++ b/apps/encryption/tests/KeyManagerTest.php
@@ -349,6 +349,19 @@ class KeyManagerTest extends TestCase {
$this->assertTrue($this->instance->getEncryptedFileKey('/'));
}
+ public function dataTestGetFileKey() {
+ return [
+ ['user1', false, 'privateKey', true],
+ ['user1', false, false, ''],
+ ['user1', true, 'privateKey', true],
+ ['user1', true, false, ''],
+ [null, false, 'privateKey', true],
+ [null, false, false, ''],
+ [null, true, 'privateKey', true],
+ [null, true, false, '']
+ ];
+ }
+
/**
* @dataProvider dataTestGetFileKey
*
@@ -363,6 +376,10 @@ class KeyManagerTest extends TestCase {
if ($isMasterKeyEnabled) {
$expectedUid = 'masterKeyId';
+ $this->configMock->expects($this->any())->method('getSystemValue')->with('secret')
+ ->willReturn('password');
+ } else if (!$uid) {
+ $expectedUid = 'systemKeyId';
} else {
$expectedUid = $uid;
}
@@ -379,6 +396,9 @@ class KeyManagerTest extends TestCase {
->with($path, $expectedUid . '.shareKey', 'OC_DEFAULT_MODULE')
->willReturn(true);
+ $this->utilMock->expects($this->any())->method('isMasterKeyEnabled')
+ ->willReturn($isMasterKeyEnabled);
+
if (is_null($uid)) {
$this->keyStorageMock->expects($this->once())
->method('getSystemUserKey')
@@ -389,8 +409,6 @@ class KeyManagerTest extends TestCase {
} else {
$this->keyStorageMock->expects($this->never())
->method('getSystemUserKey');
- $this->utilMock->expects($this->once())->method('isMasterKeyEnabled')
- ->willReturn($isMasterKeyEnabled);
$this->sessionMock->expects($this->once())->method('getPrivateKey')->willReturn($privateKey);
}
@@ -409,19 +427,6 @@ class KeyManagerTest extends TestCase {
}
- public function dataTestGetFileKey() {
- return [
- ['user1', false, 'privateKey', true],
- ['user1', false, false, ''],
- ['user1', true, 'privateKey', true],
- ['user1', true, false, ''],
- ['', false, 'privateKey', true],
- ['', false, false, ''],
- ['', true, 'privateKey', true],
- ['', true, false, '']
- ];
- }
-
public function testDeletePrivateKey() {
$this->keyStorageMock->expects($this->once())
->method('deleteUserKey')