aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBjoern Schiessle <schiessle@owncloud.com>2015-01-13 12:45:33 +0100
committerBjoern Schiessle <schiessle@owncloud.com>2015-01-13 12:45:33 +0100
commit89f17ef6fe1b33d6eaa2f4a19e9fb598b219ab26 (patch)
treeebf46b68c5de4e76e9086c7f31f8b773acd77cad
parentdc86cbd1e275f01840b304751a02ecbe4043c51e (diff)
downloadnextcloud-server-89f17ef6fe1b33d6eaa2f4a19e9fb598b219ab26.tar.gz
nextcloud-server-89f17ef6fe1b33d6eaa2f4a19e9fb598b219ab26.zip
adapt decrypt all and restore/delete key backups to the new folder structure for encryption key introduced with OC8
-rw-r--r--apps/files_encryption/lib/util.php59
-rwxr-xr-xapps/files_encryption/tests/util.php97
-rw-r--r--lib/private/util.php8
-rw-r--r--settings/ajax/deletekeys.php8
-rw-r--r--settings/ajax/restorekeys.php15
5 files changed, 145 insertions, 42 deletions
diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php
index 1b140822724..c1f273d86ed 100644
--- a/apps/files_encryption/lib/util.php
+++ b/apps/files_encryption/lib/util.php
@@ -734,7 +734,7 @@ class Util {
}
if ($successful) {
- $this->backupAllKeys('decryptAll');
+ $this->backupAllKeys('decryptAll', false, false);
$this->view->deleteAll($this->keysPath);
}
@@ -1495,16 +1495,61 @@ class Util {
/**
* create a backup of all keys from the user
*
- * @param string $purpose (optional) define the purpose of the backup, will be part of the backup folder
+ * @param string $purpose define the purpose of the backup, will be part of the backup folder name
+ * @param boolean $timestamp (optional) should a timestamp be added, default true
+ * @param boolean $includeUserKeys (optional) include users private-/public-key, default true
*/
- public function backupAllKeys($purpose = '') {
+ public function backupAllKeys($purpose, $timestamp = true, $includeUserKeys = true) {
$this->userId;
- $backupDir = $this->encryptionDir . '/backup.';
- $backupDir .= ($purpose === '') ? date("Y-m-d_H-i-s") . '/' : $purpose . '.' . date("Y-m-d_H-i-s") . '/';
+ $backupDir = $this->encryptionDir . '/backup.' . $purpose;
+ $backupDir .= ($timestamp) ? '.' . date("Y-m-d_H-i-s") . '/' : '/';
$this->view->mkdir($backupDir);
$this->view->copy($this->keysPath, $backupDir . 'keys/');
- $this->view->copy($this->privateKeyPath, $backupDir . $this->userId . '.privateKey');
- $this->view->copy($this->publicKeyPath, $backupDir . $this->userId . '.publicKey');
+ if ($includeUserKeys) {
+ $this->view->copy($this->privateKeyPath, $backupDir . $this->userId . '.privateKey');
+ $this->view->copy($this->publicKeyPath, $backupDir . $this->userId . '.publicKey');
+ }
+ }
+
+ /**
+ * restore backup
+ *
+ * @param string $backup complete name of the backup
+ * @return boolean
+ */
+ public function restoreBackup($backup) {
+ $backupDir = $this->encryptionDir . '/backup.' . $backup . '/';
+
+ $fileKeysRestored = $this->view->rename($backupDir . 'keys', $this->encryptionDir . '/keys');
+
+ $pubKeyRestored = $privKeyRestored = true;
+ if (
+ $this->view->file_exists($backupDir . $this->userId . '.privateKey') &&
+ $this->view->file_exists($backupDir . $this->userId . '.privateKey')
+ ) {
+
+ $pubKeyRestored = $this->view->rename($backupDir . $this->userId . '.publicKey', $this->publicKeyPath);
+ $privKeyRestored = $this->view->rename($backupDir . $this->userId . '.privateKey', $this->privateKeyPath);
+ }
+
+ if ($fileKeysRestored && $pubKeyRestored && $privKeyRestored) {
+ $this->view->deleteAll($backupDir);
+
+ return true;
+ }
+
+ return false;
+ }
+
+ /**
+ * delete backup
+ *
+ * @param string $backup complete name of the backup
+ * @return boolean
+ */
+ public function deleteBackup($backup) {
+ $backupDir = $this->encryptionDir . '/backup.' . $backup . '/';
+ return $this->view->deleteAll($backupDir);
}
/**
diff --git a/apps/files_encryption/tests/util.php b/apps/files_encryption/tests/util.php
index 4e0b4f2d0de..f9ee005e95f 100755
--- a/apps/files_encryption/tests/util.php
+++ b/apps/files_encryption/tests/util.php
@@ -27,7 +27,7 @@ class Util extends TestCase {
* @var \OC\Files\View
*/
public $view;
- public $keyfilesPath;
+ public $keysPath;
public $publicKeyPath;
public $privateKeyPath;
/**
@@ -379,8 +379,6 @@ class Util extends TestCase {
$this->assertTrue($this->view->is_dir($backupPath . '/keys'));
$this->assertTrue($this->view->file_exists($backupPath . '/keys/' . $filename . '/fileKey'));
$this->assertTrue($this->view->file_exists($backupPath . '/keys/' . $filename . '/' . $user . '.shareKey'));
- $this->assertTrue($this->view->file_exists($backupPath . '/' . $user . '.privateKey'));
- $this->assertTrue($this->view->file_exists($backupPath . '/' . $user . '.publicKey'));
// cleanup
$this->view->unlink($this->userId . '/files/' . $filename);
@@ -389,21 +387,27 @@ class Util extends TestCase {
}
- /**
- * test if all keys get moved to the backup folder correctly
- */
- function testBackupAllKeys() {
- self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1);
-
+ private function createDummyKeysForBackupTest() {
// create some dummy key files
$encPath = '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '/files_encryption';
$this->view->mkdir($encPath . '/keys/foo');
$this->view->file_put_contents($encPath . '/keys/foo/fileKey', 'key');
$this->view->file_put_contents($encPath . '/keys/foo/user1.shareKey', 'share key');
+ }
+
+ /**
+ * test if all keys get moved to the backup folder correctly
+ *
+ * @dataProvider dataBackupAllKeys
+ */
+ function testBackupAllKeys($addTimestamp, $includeUserKeys) {
+ self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1);
+
+ $this->createDummyKeysForBackupTest();
$util = new \OCA\Files_Encryption\Util($this->view, self::TEST_ENCRYPTION_UTIL_USER1);
- $util->backupAllKeys('testBackupAllKeys');
+ $util->backupAllKeys('testBackupAllKeys', $addTimestamp, $includeUserKeys);
$backupPath = $this->getBackupPath('testBackupAllKeys');
@@ -412,15 +416,80 @@ class Util extends TestCase {
$this->assertTrue($this->view->is_dir($backupPath . '/keys/foo'));
$this->assertTrue($this->view->file_exists($backupPath . '/keys/foo/fileKey'));
$this->assertTrue($this->view->file_exists($backupPath . '/keys/foo/user1.shareKey'));
- $this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.privateKey'));
- $this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.publicKey'));
+
+ if ($includeUserKeys) {
+ $this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.privateKey'));
+ $this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.publicKey'));
+ } else {
+ $this->assertFalse($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.privateKey'));
+ $this->assertFalse($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.publicKey'));
+ }
//cleanup
$this->view->deleteAll($backupPath);
- $this->view->unlink($encPath . '/keys/foo/fileKey');
- $this->view->unlink($encPath . '/keys/foo/user1.shareKey');
+ $this->view->unlink($this->encryptionDir . '/keys/foo/fileKey');
+ $this->view->unlink($this->encryptionDir . '/keys/foo/user1.shareKey');
}
+ function dataBackupAllKeys() {
+ return array(
+ array(true, true),
+ array(false, true),
+ array(true, false),
+ array(false, false),
+ );
+ }
+
+
+ /**
+ * @dataProvider dataBackupAllKeys
+ */
+ function testRestoreBackup($addTimestamp, $includeUserKeys) {
+
+ $util = new \OCA\Files_Encryption\Util($this->view, self::TEST_ENCRYPTION_UTIL_USER1);
+ $this->createDummyKeysForBackupTest();
+
+ $util->backupAllKeys('restoreKeysBackupTest', $addTimestamp, $includeUserKeys);
+ $this->view->deleteAll($this->keysPath);
+ if ($includeUserKeys) {
+ $this->view->unlink($this->privateKeyPath);
+ $this->view->unlink($this->publicKeyPath);
+ }
+
+ // key should be removed after backup was created
+ $this->assertFalse($this->view->is_dir($this->keysPath));
+ if ($includeUserKeys) {
+ $this->assertFalse($this->view->file_exists($this->privateKeyPath));
+ $this->assertFalse($this->view->file_exists($this->publicKeyPath));
+ }
+
+ $backupPath = $this->getBackupPath('restoreKeysBackupTest');
+ $backupName = substr(basename($backupPath), strlen('backup.'));
+
+ $this->assertTrue($util->restoreBackup($backupName));
+
+ // check if all keys are restored
+ $this->assertFalse($this->view->is_dir($backupPath));
+ $this->assertTrue($this->view->is_dir($this->keysPath));
+ $this->assertTrue($this->view->is_dir($this->keysPath . '/foo'));
+ $this->assertTrue($this->view->file_exists($this->keysPath . '/foo/fileKey'));
+ $this->assertTrue($this->view->file_exists($this->keysPath . '/foo/user1.shareKey'));
+ $this->assertTrue($this->view->file_exists($this->privateKeyPath));
+ $this->assertTrue($this->view->file_exists($this->publicKeyPath));
+ }
+
+ function testDeleteBackup() {
+ $util = new \OCA\Files_Encryption\Util($this->view, self::TEST_ENCRYPTION_UTIL_USER1);
+ $this->createDummyKeysForBackupTest();
+
+ $util->backupAllKeys('testDeleteBackup', false, false);
+
+ $this->assertTrue($this->view->is_dir($this->encryptionDir . '/backup.testDeleteBackup'));
+
+ $util->deleteBackup('testDeleteBackup');
+
+ $this->assertFalse($this->view->is_dir($this->encryptionDir . '/backup.testDeleteBackup'));
+ }
function testDescryptAllWithBrokenFiles() {
diff --git a/lib/private/util.php b/lib/private/util.php
index ec3640503e4..d2d286fc11e 100644
--- a/lib/private/util.php
+++ b/lib/private/util.php
@@ -692,9 +692,9 @@ class OC_Util {
$encryptedFiles = false;
if (OC_App::isEnabled('files_encryption') === false) {
$view = new OC\Files\View('/' . OCP\User::getUser());
- $keyfilePath = '/files_encryption/keyfiles';
- if ($view->is_dir($keyfilePath)) {
- $dircontent = $view->getDirectoryContent($keyfilePath);
+ $keysPath = '/files_encryption/keys';
+ if ($view->is_dir($keysPath)) {
+ $dircontent = $view->getDirectoryContent($keysPath);
if (!empty($dircontent)) {
$encryptedFiles = true;
}
@@ -714,7 +714,7 @@ class OC_Util {
$backupExists = false;
if (OC_App::isEnabled('files_encryption') === false) {
$view = new OC\Files\View('/' . OCP\User::getUser());
- $backupPath = '/files_encryption/keyfiles.backup';
+ $backupPath = '/files_encryption/backup.decryptAll';
if ($view->is_dir($backupPath)) {
$dircontent = $view->getDirectoryContent($backupPath);
if (!empty($dircontent)) {
diff --git a/settings/ajax/deletekeys.php b/settings/ajax/deletekeys.php
index 86a45820af9..7d6c9a27aa0 100644
--- a/settings/ajax/deletekeys.php
+++ b/settings/ajax/deletekeys.php
@@ -4,13 +4,11 @@ OCP\JSON::checkLoggedIn();
OCP\JSON::callCheck();
$l = \OC::$server->getL10N('settings');
-$user = \OC_User::getUser();
-$view = new \OC\Files\View('/' . $user . '/files_encryption');
-$keyfilesDeleted = $view->deleteAll('keyfiles.backup');
-$sharekeysDeleted = $view->deleteAll('share-keys.backup');
+$util = new \OCA\Files_Encryption\Util(new \OC\Files\View(), \OC_User::getUser());
+$result = $util->deleteBackup('decryptAll');
-if ($keyfilesDeleted && $sharekeysDeleted) {
+if ($result) {
\OCP\JSON::success(array('data' => array('message' => $l->t('Encryption keys deleted permanently'))));
} else {
\OCP\JSON::error(array('data' => array('message' => $l->t('Couldn\'t permanently delete your encryption keys, please check your owncloud.log or ask your administrator'))));
diff --git a/settings/ajax/restorekeys.php b/settings/ajax/restorekeys.php
index 5c263fadab4..b89a8286db2 100644
--- a/settings/ajax/restorekeys.php
+++ b/settings/ajax/restorekeys.php
@@ -4,21 +4,12 @@ OCP\JSON::checkLoggedIn();
OCP\JSON::callCheck();
$l = \OC::$server->getL10N('settings');
-$user = \OC_User::getUser();
-$view = new \OC\Files\View('/' . $user . '/files_encryption');
-$keyfilesRestored = $view->rename('keyfiles.backup', 'keyfiles');
-$sharekeysRestored = $view->rename('share-keys.backup' , 'share-keys');
+$util = new \OCA\Files_Encryption\Util(new \OC\Files\View(), \OC_User::getUser());
+$result = $util->restoreBackup('decryptAll');
-if ($keyfilesRestored && $sharekeysRestored) {
+if ($result) {
\OCP\JSON::success(array('data' => array('message' => $l->t('Backups restored successfully'))));
} else {
- // if one of the move operation was succesful we remove the files back to have a consistent state
- if($keyfilesRestored) {
- $view->rename('keyfiles', 'keyfiles.backup');
- }
- if($sharekeysRestored) {
- $view->rename('share-keys' , 'share-keys.backup');
- }
\OCP\JSON::error(array('data' => array('message' => $l->t('Couldn\'t restore your encryption keys, please check your owncloud.log or ask your administrator'))));
}