Add a test for multiKeyEncrypt/Decrypt methods

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>

2 files changed, 18 insertions, 4 deletions

diff --git a/apps/encryption/lib/Crypto/Crypt.php b/apps/encryption/lib/Crypto/Crypt.php
index 516164c6a80..22a697a1232 100644
--- a/apps/encryption/lib/Crypto/Crypt.php
+++ b/apps/encryption/lib/Crypto/Crypt.php
@@ -718,6 +718,7 @@ class Crypt {
 	}
 
 	/**
+	 * @param array<string,\OpenSSLAsymmetricKey|\OpenSSLCertificate|array|string> $keyFiles
 	 * @throws MultiKeyEncryptException
 	 */
 	public function multiKeyEncrypt(string $plainContent, array $keyFiles): array {
@@ -763,6 +764,7 @@ class Crypt {
 	 * @param array $keyFiles
 	 * @return array
 	 * @throws MultiKeyEncryptException
+	 * @deprecated 27.0.0 use multiKeyEncrypt
 	 */
 	public function multiKeyEncryptLegacy($plainContent, array $keyFiles) {
 		// openssl_seal returns false without errors if plaincontent is empty
@@ -853,6 +855,7 @@ class Crypt {
 	/**
 	 * Custom implementation of openssl_seal()
 	 *
+	 * @deprecated 27.0.0 use multiKeyEncrypt
 	 * @throws EncryptionFailedException
 	 */
 	private function opensslSeal(string $data, string &$sealed_data, array &$encrypted_keys, array $public_key, string $cipher_algo): int|false {
diff --git a/apps/encryption/tests/Crypto/CryptTest.php b/apps/encryption/tests/Crypto/CryptTest.php
index 08d0bba2668..dd41c67e8ad 100644
--- a/apps/encryption/tests/Crypto/CryptTest.php
+++ b/apps/encryption/tests/Crypto/CryptTest.php
@@ -34,8 +34,6 @@ use OCP\IUserSession;
 use Test\TestCase;
 
 class CryptTest extends TestCase {
-
-
 	/** @var \OCP\ILogger|\PHPUnit\Framework\MockObject\MockObject */
 	private $logger;
 
@@ -155,7 +153,7 @@ class CryptTest extends TestCase {
 			->method('warning')
 			->with('Unsupported cipher (Not-Existing-Cipher) defined in config.php supported. Falling back to AES-256-CTR');
 
-		$this->assertSame('AES-256-CTR',  $this->crypt->getCipher());
+		$this->assertSame('AES-256-CTR', $this->crypt->getCipher());
 	}
 
 	/**
@@ -396,7 +394,7 @@ class CryptTest extends TestCase {
 	public function testDecryptPrivateKey($header, $privateKey, $expectedCipher, $isValidKey, $expected) {
 		$this->config->method('getSystemValueBool')
 			->withConsecutive(['encryption.legacy_format_support', false],
-					  ['encryption.use_legacy_base64_encoding', false])
+				['encryption.use_legacy_base64_encoding', false])
 			->willReturnOnConsecutiveCalls(true, false);
 
 		/** @var \OCA\Encryption\Crypto\Crypt | \PHPUnit\Framework\MockObject\MockObject $crypt */
@@ -465,4 +463,17 @@ class CryptTest extends TestCase {
 			$this->invokePrivate($this->crypt, 'isValidPrivateKey', ['foo'])
 		);
 	}
+
+	public function testMultiKeyEncrypt() {
+		$res = openssl_pkey_new();
+		openssl_pkey_export($res, $privateKey);
+		$publicKeyPem = openssl_pkey_get_details($res)['key'];
+		$publicKey = openssl_pkey_get_public($publicKeyPem);
+
+		$shareKeys = $this->crypt->multiKeyEncrypt('content', ['user1' => $publicKey]);
+		$this->assertEquals(
+			'content',
+			$this->crypt->multiKeyDecrypt($shareKeys['user1'], $privateKey)
+		);
+	}
 }