diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2014-12-03 16:08:40 +0100 |
|---|---|---|
| committer | Morris Jobke <hey@morrisjobke.de> | 2014-12-03 16:08:40 +0100 |
| commit | 3fdb1937a39ef138b32f94ee6c813bd17cf905a9 (patch) | |
| tree | 0ae423f46ebff4916a78fac7790f9a9a30a8efa4 /apps | |
| parent | e91dddd1a010ca53baa07eecb74026588acfeab2 (diff) | |
| parent | 9ca9acf3f89a08b160d443b0e68e1d72c621e116 (diff) | |
| download | nextcloud-server-3fdb1937a39ef138b32f94ee6c813bd17cf905a9.tar.gz nextcloud-server-3fdb1937a39ef138b32f94ee6c813bd17cf905a9.zip | |
Merge pull request #12382 from owncloud/enc_reorganize_folders2
[encryption] reorganize folder structure (second try to make Jenkins happy)
Diffstat (limited to 'apps')
25 files changed, 1172 insertions, 1674 deletions
diff --git a/apps/files_encryption/ajax/changeRecoveryPassword.php b/apps/files_encryption/ajax/changeRecoveryPassword.php index bf647f2c8fa..01b76a969b6 100644 --- a/apps/files_encryption/ajax/changeRecoveryPassword.php +++ b/apps/files_encryption/ajax/changeRecoveryPassword.php @@ -55,16 +55,15 @@ $proxyStatus = \OC_FileProxy::$enabled; \OC_FileProxy::$enabled = false; $keyId = $util->getRecoveryKeyId(); -$keyPath = '/owncloud_private_key/' . $keyId . '.private.key'; -$encryptedRecoveryKey = $view->file_get_contents($keyPath); -$decryptedRecoveryKey = \OCA\Encryption\Crypt::decryptPrivateKey($encryptedRecoveryKey, $oldPassword); +$encryptedRecoveryKey = Encryption\Keymanager::getPrivateSystemKey($keyId); +$decryptedRecoveryKey = $encryptedRecoveryKey ? \OCA\Encryption\Crypt::decryptPrivateKey($encryptedRecoveryKey, $oldPassword) : false; if ($decryptedRecoveryKey) { $cipher = \OCA\Encryption\Helper::getCipher(); $encryptedKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($decryptedRecoveryKey, $newPassword, $cipher); if ($encryptedKey) { - \OCA\Encryption\Keymanager::setPrivateSystemKey($encryptedKey, $keyId . '.private.key'); + \OCA\Encryption\Keymanager::setPrivateSystemKey($encryptedKey, $keyId); $return = true; } } diff --git a/apps/files_encryption/ajax/updatePrivateKeyPassword.php b/apps/files_encryption/ajax/updatePrivateKeyPassword.php index fa5e279b21b..97da3811a0f 100644 --- a/apps/files_encryption/ajax/updatePrivateKeyPassword.php +++ b/apps/files_encryption/ajax/updatePrivateKeyPassword.php @@ -36,10 +36,8 @@ if ($passwordCorrect !== false) { $proxyStatus = \OC_FileProxy::$enabled; \OC_FileProxy::$enabled = false; -$keyPath = '/' . $user . '/files_encryption/' . $user . '.private.key'; - -$encryptedKey = $view->file_get_contents($keyPath); -$decryptedKey = \OCA\Encryption\Crypt::decryptPrivateKey($encryptedKey, $oldPassword); +$encryptedKey = Encryption\Keymanager::getPrivateKey($view, $user); +$decryptedKey = $encryptedKey ? \OCA\Encryption\Crypt::decryptPrivateKey($encryptedKey, $oldPassword) : false; if ($decryptedKey) { $cipher = \OCA\Encryption\Helper::getCipher(); diff --git a/apps/files_encryption/appinfo/update.php b/apps/files_encryption/appinfo/update.php index a29667ec6b6..957cf746974 100644 --- a/apps/files_encryption/appinfo/update.php +++ b/apps/files_encryption/appinfo/update.php @@ -4,7 +4,8 @@ use OCA\Files_Encryption\Migration; $installedVersion=OCP\Config::getAppValue('files_encryption', 'installed_version'); -if (version_compare($installedVersion, '0.6', '<')) { +// Migration OC7 -> OC8 +if (version_compare($installedVersion, '0.7', '<')) { $m = new Migration(); - $m->dropTableEncryption(); + $m->reorganizeFolderStructure(); } diff --git a/apps/files_encryption/appinfo/version b/apps/files_encryption/appinfo/version index ee6cdce3c29..faef31a4357 100644 --- a/apps/files_encryption/appinfo/version +++ b/apps/files_encryption/appinfo/version @@ -1 +1 @@ -0.6.1 +0.7.0 diff --git a/apps/files_encryption/exception/encryptionException.php b/apps/files_encryption/exception/encryptionException.php index c51a3b3439f..de1f16b4f4b 100644 --- a/apps/files_encryption/exception/encryptionException.php +++ b/apps/files_encryption/exception/encryptionException.php @@ -27,7 +27,7 @@ namespace OCA\Encryption\Exception; * Base class for all encryption exception * * Possible Error Codes: - * 10 - unknown error + * 10 - generic error * 20 - unexpected end of encryption header * 30 - unexpected blog size * 40 - encryption header to large @@ -38,7 +38,7 @@ namespace OCA\Encryption\Exception; * 90 - private key missing */ class EncryptionException extends \Exception { - const UNKNOWN = 10; + const GENERIC = 10; const UNEXPECTED_END_OF_ENCRYPTION_HEADER = 20; const UNEXPECTED_BLOG_SIZE = 30; const ENCRYPTION_HEADER_TO_LARGE = 40; diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index eadd2b64b80..d40e6b3d124 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -3,8 +3,10 @@ /**
* ownCloud
*
- * @author Sam Tuke
- * @copyright 2012 Sam Tuke samtuke@owncloud.org
+ * @copyright (C) 2014 ownCloud, Inc.
+ *
+ * @author Sam Tuke <samtuke@owncloud.org>
+ * @author Bjoern Schiessle <schiessle@owncloud.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
@@ -35,7 +37,7 @@ class Hooks { // file for which we want to delete the keys after the delete operation was successful
private static $deleteFiles = array();
// file for which we want to delete the keys after the delete operation was successful
- private static $umountedFiles = array();
+ private static $unmountedFiles = array();
/**
* Startup encryption backend upon user login
@@ -150,18 +152,7 @@ class Hooks { public static function postDeleteUser($params) {
if (\OCP\App::isEnabled('files_encryption')) {
- $view = new \OC\Files\View('/');
-
- // cleanup public key
- $publicKey = '/public-keys/' . $params['uid'] . '.public.key';
-
- // Disable encryption proxy to prevent recursive calls
- $proxyStatus = \OC_FileProxy::$enabled;
- \OC_FileProxy::$enabled = false;
-
- $view->unlink($publicKey);
-
- \OC_FileProxy::$enabled = $proxyStatus;
+ Keymanager::deletePublicKey(new \OC\Files\View(), $params['uid']);
}
}
@@ -242,7 +233,7 @@ class Hooks { \OC_FileProxy::$enabled = false;
// Save public key
- $view->file_put_contents('/public-keys/' . $user . '.public.key', $keypair['publicKey']);
+ Keymanager::setPublicKey($keypair['publicKey'], $user);
// Encrypt private key with new password
$encryptedKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($keypair['privateKey'], $newUserPassword, Helper::getCipher());
@@ -290,7 +281,7 @@ class Hooks { $l = new \OC_L10N('files_encryption');
$users = array();
- $view = new \OC\Files\View('/public-keys/');
+ $view = new \OC\Files\View('/');
switch ($params['shareType']) {
case \OCP\Share::SHARE_TYPE_USER:
@@ -303,7 +294,7 @@ class Hooks { $notConfigured = array();
foreach ($users as $user) {
- if (!$view->file_exists($user . '.public.key')) {
+ if (!Keymanager::publicKeyExists($view, $user)) {
$notConfigured[] = $user;
}
}
@@ -328,7 +319,7 @@ class Hooks { $path = \OC\Files\Filesystem::getPath($params['fileSource']);
- self::updateKeyfiles($path, $params['itemType']);
+ self::updateKeyfiles($path);
}
}
@@ -336,9 +327,8 @@ class Hooks { * update keyfiles and share keys recursively
*
* @param string $path to the file/folder
- * @param string $type 'file' or 'folder'
*/
- private static function updateKeyfiles($path, $type) {
+ private static function updateKeyfiles($path) {
$view = new \OC\Files\View('/');
$userId = \OCP\User::getUser();
$session = new \OCA\Encryption\Session($view);
@@ -350,7 +340,7 @@ class Hooks { $mountPoint = $mount->getMountPoint();
// if a folder was shared, get a list of all (sub-)folders
- if ($type === 'folder') {
+ if ($view->is_dir('/' . $userId . '/files' . $path)) {
$allFiles = $util->getAllFiles($path, $mountPoint);
} else {
$allFiles = array($path);
@@ -407,11 +397,10 @@ class Hooks { // Unshare every user who no longer has access to the file
$delUsers = array_diff($userIds, $sharingUsers);
-
- list($owner, $ownerPath) = $util->getUidAndFilename($path);
+ $keyPath = Keymanager::getKeyPath($view, $util, $path);
// delete share key
- Keymanager::delShareKey($view, $delUsers, $ownerPath, $owner);
+ Keymanager::delShareKey($view, $delUsers, $keyPath, $userId, $path);
}
}
@@ -437,37 +426,24 @@ class Hooks { $user = \OCP\User::getUser();
$view = new \OC\Files\View('/');
$util = new Util($view, $user);
- list($ownerOld, $pathOld) = $util->getUidAndFilename($params['oldpath']);
// we only need to rename the keys if the rename happens on the same mountpoint
// otherwise we perform a stream copy, so we get a new set of keys
$mp1 = $view->getMountPoint('/' . $user . '/files/' . $params['oldpath']);
$mp2 = $view->getMountPoint('/' . $user . '/files/' . $params['newpath']);
- $type = $view->is_dir('/' . $user . '/files/' . $params['oldpath']) ? 'folder' : 'file';
+ $oldKeysPath = Keymanager::getKeyPath($view, $util, $params['oldpath']);
if ($mp1 === $mp2) {
- if ($util->isSystemWideMountPoint($pathOld)) {
- $oldShareKeyPath = 'files_encryption/share-keys/' . $pathOld;
- } else {
- $oldShareKeyPath = $ownerOld . '/' . 'files_encryption/share-keys/' . $pathOld;
- }
- // gather share keys here because in postRename() the file will be moved already
- $oldShareKeys = Helper::findShareKeys($pathOld, $oldShareKeyPath, $view);
- if (count($oldShareKeys) === 0) {
- \OC_Log::write(
- 'Encryption library', 'No share keys found for "' . $pathOld . '"',
- \OC_Log::WARN
- );
- }
self::$renamedFiles[$params['oldpath']] = array(
- 'uid' => $ownerOld,
- 'path' => $pathOld,
- 'type' => $type,
'operation' => $operation,
- 'sharekeys' => $oldShareKeys
+ 'oldKeysPath' => $oldKeysPath,
+ );
+ } else {
+ self::$renamedFiles[$params['oldpath']] = array(
+ 'operation' => 'cleanup',
+ 'oldKeysPath' => $oldKeysPath,
);
-
}
}
@@ -482,81 +458,40 @@ class Hooks { return true;
}
- // Disable encryption proxy to prevent recursive calls
- $proxyStatus = \OC_FileProxy::$enabled;
- \OC_FileProxy::$enabled = false;
-
$view = new \OC\Files\View('/');
$userId = \OCP\User::getUser();
$util = new Util($view, $userId);
- $oldShareKeys = null;
- if (isset(self::$renamedFiles[$params['oldpath']]['uid']) &&
- isset(self::$renamedFiles[$params['oldpath']]['path'])) {
- $ownerOld = self::$renamedFiles[$params['oldpath']]['uid'];
- $pathOld = self::$renamedFiles[$params['oldpath']]['path'];
- $type = self::$renamedFiles[$params['oldpath']]['type'];
+ if (isset(self::$renamedFiles[$params['oldpath']]['operation']) &&
+ isset(self::$renamedFiles[$params['oldpath']]['oldKeysPath'])) {
$operation = self::$renamedFiles[$params['oldpath']]['operation'];
- $oldShareKeys = self::$renamedFiles[$params['oldpath']]['sharekeys'];
+ $oldKeysPath = self::$renamedFiles[$params['oldpath']]['oldKeysPath'];
unset(self::$renamedFiles[$params['oldpath']]);
+ if ($operation === 'cleanup') {
+ return $view->unlink($oldKeysPath);
+ }
} else {
\OCP\Util::writeLog('Encryption library', "can't get path and owner from the file before it was renamed", \OCP\Util::DEBUG);
- \OC_FileProxy::$enabled = $proxyStatus;
return false;
}
list($ownerNew, $pathNew) = $util->getUidAndFilename($params['newpath']);
- // Format paths to be relative to user files dir
- if ($util->isSystemWideMountPoint($pathOld)) {
- $oldKeyfilePath = 'files_encryption/keyfiles/' . $pathOld;
- $oldShareKeyPath = 'files_encryption/share-keys/' . $pathOld;
- } else {
- $oldKeyfilePath = $ownerOld . '/' . 'files_encryption/keyfiles/' . $pathOld;
- $oldShareKeyPath = $ownerOld . '/' . 'files_encryption/share-keys/' . $pathOld;
- }
-
if ($util->isSystemWideMountPoint($pathNew)) {
- $newKeyfilePath = 'files_encryption/keyfiles/' . $pathNew;
- $newShareKeyPath = 'files_encryption/share-keys/' . $pathNew;
- } else {
- $newKeyfilePath = $ownerNew . '/files_encryption/keyfiles/' . $pathNew;
- $newShareKeyPath = $ownerNew . '/files_encryption/share-keys/' . $pathNew;
- }
-
- // create new key folders if it doesn't exists
- if (!$view->file_exists(dirname($newShareKeyPath))) {
- $view->mkdir(dirname($newShareKeyPath));
- }
- if (!$view->file_exists(dirname($newKeyfilePath))) {
- $view->mkdir(dirname($newKeyfilePath));
- }
-
- // handle share keys
- if ($type === 'file') {
- $oldKeyfilePath .= '.key';
- $newKeyfilePath .= '.key';
-
- foreach ($oldShareKeys as $src) {
- $dst = \OC\Files\Filesystem::normalizePath(str_replace($pathOld, $pathNew, $src));
- $view->$operation($src, $dst);
- }
-
+ $newKeysPath = 'files_encryption/keys/' . $pathNew;
} else {
- // handle share-keys folders
- $view->$operation($oldShareKeyPath, $newShareKeyPath);
+ $newKeysPath = $ownerNew . '/files_encryption/keys/' . $pathNew;
}
- // Rename keyfile so it isn't orphaned
- if ($view->file_exists($oldKeyfilePath)) {
- $view->$operation($oldKeyfilePath, $newKeyfilePath);
+ // create key folders if it doesn't exists
+ if (!$view->file_exists(dirname($newKeysPath))) {
+ $view->mkdir(dirname($newKeysPath));
}
+ $view->$operation($oldKeysPath, $newKeysPath);
// update sharing-keys
- self::updateKeyfiles($params['newpath'], $type);
-
- \OC_FileProxy::$enabled = $proxyStatus;
+ self::updateKeyfiles($params['newpath']);
}
/**
@@ -592,37 +527,28 @@ class Hooks { */
public static function postDelete($params) {
- if (!isset(self::$deleteFiles[$params[\OC\Files\Filesystem::signal_param_path]])) {
+ $path = $params[\OC\Files\Filesystem::signal_param_path];
+
+ if (!isset(self::$deleteFiles[$path])) {
return true;
}
- $deletedFile = self::$deleteFiles[$params[\OC\Files\Filesystem::signal_param_path]];
- $path = $deletedFile['path'];
- $user = $deletedFile['uid'];
+ $deletedFile = self::$deleteFiles[$path];
+ $keyPath = $deletedFile['keyPath'];
// we don't need to remember the file any longer
- unset(self::$deleteFiles[$params[\OC\Files\Filesystem::signal_param_path]]);
+ unset(self::$deleteFiles[$path]);
$view = new \OC\Files\View('/');
// return if the file still exists and wasn't deleted correctly
- if ($view->file_exists('/' . $user . '/files/' . $path)) {
+ if ($view->file_exists('/' . \OCP\User::getUser() . '/files/' . $path)) {
return true;
}
- // Disable encryption proxy to prevent recursive calls
- $proxyStatus = \OC_FileProxy::$enabled;
- \OC_FileProxy::$enabled = false;
-
// Delete keyfile & shareKey so it isn't orphaned
- if (!Keymanager::deleteFileKey($view, $path, $user)) {
- \OCP\Util::writeLog('Encryption library',
- 'Keyfile or shareKey could not be deleted for file "' . $user.'/files/'.$path . '"', \OCP\Util::ERROR);
- }
-
- Keymanager::delAllShareKeys($view, $user, $path);
+ $view->unlink($keyPath);
- \OC_FileProxy::$enabled = $proxyStatus;
}
/**
@@ -631,6 +557,7 @@ class Hooks { * @return boolean|null
*/
public static function preDelete($params) {
+ $view = new \OC\Files\View('/');
$path = $params[\OC\Files\Filesystem::signal_param_path];
// skip this method if the trash bin is enabled or if we delete a file
@@ -639,68 +566,61 @@ class Hooks { return true;
}
- $util = new Util(new \OC\Files\View('/'), \OCP\USER::getUser());
- list($owner, $ownerPath) = $util->getUidAndFilename($path);
+ $util = new Util($view, \OCP\USER::getUser());
- self::$deleteFiles[$params[\OC\Files\Filesystem::signal_param_path]] = array(
- 'uid' => $owner,
- 'path' => $ownerPath);
+ $keysPath = Keymanager::getKeyPath($view, $util, $path);
+
+ self::$deleteFiles[$path] = array(
+ 'keyPath' => $keysPath);
}
/**
* unmount file from yourself
* remember files/folders which get unmounted
*/
- public static function preUmount($params) {
+ public static function preUnmount($params) {
+ $view = new \OC\Files\View('/');
+ $user = \OCP\User::getUser();
$path = $params[\OC\Files\Filesystem::signal_param_path];
- $user = \OCP\USER::getUser();
-
- $view = new \OC\Files\View();
- $itemType = $view->is_dir('/' . $user . '/files' . $path) ? 'folder' : 'file';
$util = new Util($view, $user);
list($owner, $ownerPath) = $util->getUidAndFilename($path);
- self::$umountedFiles[$params[\OC\Files\Filesystem::signal_param_path]] = array(
- 'uid' => $owner,
- 'path' => $ownerPath,
- 'itemType' => $itemType);
+ $keysPath = Keymanager::getKeyPath($view, $util, $path);
+
+ self::$unmountedFiles[$path] = array(
+ 'keyPath' => $keysPath,
+ 'owner' => $owner,
+ 'ownerPath' => $ownerPath
+ );
}
/**
* unmount file from yourself
*/
- public static function postUmount($params) {
+ public static function postUnmount($params) {
- if (!isset(self::$umountedFiles[$params[\OC\Files\Filesystem::signal_param_path]])) {
+ $path = $params[\OC\Files\Filesystem::signal_param_path];
+ $user = \OCP\User::getUser();
+
+ if (!isset(self::$unmountedFiles[$path])) {
return true;
}
- $umountedFile = self::$umountedFiles[$params[\OC\Files\Filesystem::signal_param_path]];
- $path = $umountedFile['path'];
- $user = $umountedFile['uid'];
- $itemType = $umountedFile['itemType'];
+ $umountedFile = self::$unmountedFiles[$path];
+ $keyPath = $umountedFile['keyPath'];
+ $owner = $umountedFile['owner'];
+ $ownerPath = $umountedFile['ownerPath'];
$view = new \OC\Files\View();
- $util = new Util($view, $user);
// we don't need to remember the file any longer
- unset(self::$umountedFiles[$params[\OC\Files\Filesystem::signal_param_path]]);
+ unset(self::$unmountedFiles[$path]);
- // if we unshare a folder we need a list of all (sub-)files
- if ($itemType === 'folder') {
- $allFiles = $util->getAllFiles($path);
- } else {
- $allFiles = array($path);
- }
-
- foreach ($allFiles as $path) {
-
- // check if the user still has access to the file, otherwise delete share key
- $sharingUsers = \OCP\Share::getUsersSharingFile($path, $user);
- if (!in_array(\OCP\User::getUser(), $sharingUsers['users'])) {
- Keymanager::delShareKey($view, array(\OCP\User::getUser()), $path, $user);
- }
+ // check if the user still has access to the file, otherwise delete share key
+ $sharingUsers = \OCP\Share::getUsersSharingFile($path, $user);
+ if (!in_array(\OCP\User::getUser(), $sharingUsers['users'])) {
+ Keymanager::delShareKey($view, array(\OCP\User::getUser()), $keyPath, $owner, $ownerPath);
}
}
diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php index 7a50ade82f3..24e1494fc00 100644 --- a/apps/files_encryption/lib/helper.php +++ b/apps/files_encryption/lib/helper.php @@ -3,8 +3,10 @@ /** * ownCloud * - * @author Florin Peter - * @copyright 2013 Florin Peter <owncloud@florin-peter.de> + * @copyright (C) 2014 ownCloud, Inc. + * + * @author Florin Peter <owncloud@florin-peter.de> + * @author Bjoern Schiessle <schiessle@owncloud.com> * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -17,7 +19,7 @@ * GNU AFFERO GENERAL PUBLIC LICENSE for more details. * * You should have received a copy of the GNU Affero General Public - * License along with this library. If not, see <http://www.gnu.org/licenses/>. + * License alon with this library. If not, see <http://www.gnu.org/licenses/>. * */ @@ -68,9 +70,9 @@ class Helper { \OCP\Util::connectHook('OC_Filesystem', 'post_copy', 'OCA\Encryption\Hooks', 'postRenameOrCopy'); \OCP\Util::connectHook('OC_Filesystem', 'post_delete', 'OCA\Encryption\Hooks', 'postDelete'); \OCP\Util::connectHook('OC_Filesystem', 'delete', 'OCA\Encryption\Hooks', 'preDelete'); - \OCP\Util::connectHook('OC_Filesystem', 'post_umount', 'OCA\Encryption\Hooks', 'postUmount'); - \OCP\Util::connectHook('OC_Filesystem', 'umount', 'OCA\Encryption\Hooks', 'preUmount'); \OCP\Util::connectHook('\OC\Core\LostPassword\Controller\LostController', 'post_passwordReset', 'OCA\Encryption\Hooks', 'postPasswordReset'); + \OCP\Util::connectHook('OC_Filesystem', 'post_umount', 'OCA\Encryption\Hooks', 'postUnmount'); + \OCP\Util::connectHook('OC_Filesystem', 'umount', 'OCA\Encryption\Hooks', 'preUnmount'); } /** @@ -106,6 +108,25 @@ class Helper { } /** + * get recovery key id + * + * @return string|bool recovery key ID or false + */ + public static function getRecoveryKeyId() { + $appConfig = \OC::$server->getAppConfig(); + $key = $appConfig->getValue('files_encryption', 'recoveryKeyId'); + + return ($key === null) ? false : $key; + } + + public static function getPublicShareKeyId() { + $appConfig = \OC::$server->getAppConfig(); + $key = $appConfig->getValue('files_encryption', 'publicShareKeyId'); + + return ($key === null) ? false : $key; + } + + /** * enable recovery * * @param string $recoveryKeyId @@ -124,38 +145,22 @@ class Helper { $appConfig->setValue('files_encryption', 'recoveryKeyId', $recoveryKeyId); } - if (!$view->is_dir('/owncloud_private_key')) { - $view->mkdir('/owncloud_private_key'); - } - - if ( - (!$view->file_exists("/public-keys/" . $recoveryKeyId . ".public.key") - || !$view->file_exists("/owncloud_private_key/" . $recoveryKeyId . ".private.key")) - ) { + if (!Keymanager::recoveryKeyExists($view)) { $keypair = \OCA\Encryption\Crypt::createKeypair(); - \OC_FileProxy::$enabled = false; - // Save public key - - if (!$view->is_dir('/public-keys')) { - $view->mkdir('/public-keys'); - } - - $view->file_put_contents('/public-keys/' . $recoveryKeyId . '.public.key', $keypair['publicKey']); + Keymanager::setPublicKey($keypair['publicKey'], $recoveryKeyId); $cipher = \OCA\Encryption\Helper::getCipher(); $encryptedKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($keypair['privateKey'], $recoveryPassword, $cipher); if ($encryptedKey) { - Keymanager::setPrivateSystemKey($encryptedKey, $recoveryKeyId . '.private.key'); + Keymanager::setPrivateSystemKey($encryptedKey, $recoveryKeyId); // Set recoveryAdmin as enabled $appConfig->setValue('files_encryption', 'recoveryAdminEnabled', 1); $return = true; } - \OC_FileProxy::$enabled = true; - } else { // get recovery key and check the password $util = new \OCA\Encryption\Util(new \OC\Files\View('/'), \OCP\User::getUser()); $return = $util->checkRecoveryPassword($recoveryPassword); @@ -433,47 +438,6 @@ class Helper { } /** - * find all share keys for a given file - * - * @param string $filePath path to the file name relative to the user's files dir - * for example "subdir/filename.txt" - * @param string $shareKeyPath share key prefix path relative to the user's data dir - * for example "user1/files_encryption/share-keys/subdir/filename.txt" - * @param \OC\Files\View $rootView root view, relative to data/ - * @return array list of share key files, path relative to data/$user - */ - public static function findShareKeys($filePath, $shareKeyPath, \OC\Files\View $rootView) { - $result = array(); - - $user = \OCP\User::getUser(); - $util = new Util($rootView, $user); - // get current sharing state - $sharingEnabled = \OCP\Share::isEnabled(); - - // get users sharing this file - $usersSharing = $util->getSharingUsersArray($sharingEnabled, $filePath); - - $pathinfo = pathinfo($shareKeyPath); - - $baseDir = $pathinfo['dirname'] . '/'; - $fileName = $pathinfo['basename']; - foreach ($usersSharing as $user) { - $keyName = $fileName . '.' . $user . '.shareKey'; - if ($rootView->file_exists($baseDir . $keyName)) { - $result[] = $baseDir . $keyName; - } else { - \OC_Log::write( - 'Encryption library', - 'No share key found for user "' . $user . '" for file "' . $fileName . '"', - \OC_Log::WARN - ); - } - } - - return $result; - } - - /** * remember from which file the tmp file (getLocalFile() call) was created * @param string $tmpFile path of tmp file * @param string $originalFile path of the original file relative to data/ diff --git a/apps/files_encryption/lib/keymanager.php b/apps/files_encryption/lib/keymanager.php index 9560126ef33..c8de1a73d27 100644 --- a/apps/files_encryption/lib/keymanager.php +++ b/apps/files_encryption/lib/keymanager.php @@ -3,8 +3,9 @@ /** * ownCloud * - * @author Bjoern Schiessle - * @copyright 2012 Bjoern Schiessle <schiessle@owncloud.com> + * @copyright (C) 2014 ownCloud, Inc. + * + * @author Bjoern Schiessle <schiessle@owncloud.com> * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -29,22 +30,22 @@ namespace OCA\Encryption; */ class Keymanager { + // base dir where all the file related keys are stored + private static $keys_base_dir = '/files_encryption/keys/'; + private static $encryption_base_dir = '/files_encryption'; + private static $public_key_dir = '/files_encryption/public_keys'; + /** - * retrieve the ENCRYPTED private key from a user + * read key from hard disk * - * @param \OC\Files\View $view - * @param string $user - * @return string private key or false (hopefully) - * @note the key returned by this method must be decrypted before use + * @param string $path to key + * @return string|bool either the key or false */ - public static function getPrivateKey(\OC\Files\View $view, $user) { - - $path = '/' . $user . '/' . 'files_encryption' . '/' . $user . '.private.key'; - $key = false; - + private static function getKey($path, $view) { $proxyStatus = \OC_FileProxy::$enabled; \OC_FileProxy::$enabled = false; + $key = false; if ($view->file_exists($path)) { $key = $view->file_get_contents($path); } @@ -55,22 +56,53 @@ class Keymanager { } /** - * retrieve public key for a specified user + * write key to disk + * + * + * @param string $path path to key directory + * @param string $name key name + * @param string $key key * @param \OC\Files\View $view - * @param string $userId - * @return string public key or false + * @return bool */ - public static function getPublicKey(\OC\Files\View $view, $userId) { - + private static function setKey($path, $name, $key, $view) { $proxyStatus = \OC_FileProxy::$enabled; \OC_FileProxy::$enabled = false; - $result = $view->file_get_contents('/public-keys/' . $userId . '.public.key'); + self::keySetPreparation($view, $path); + $result = $view->file_put_contents($path . '/' . $name, $key); \OC_FileProxy::$enabled = $proxyStatus; - return $result; + return (is_int($result) && $result > 0) ? true : false; + } + + /** + * retrieve the ENCRYPTED private key from a user + * + * @param \OC\Files\View $view + * @param string $user + * @return string private key or false (hopefully) + * @note the key returned by this method must be decrypted before use + */ + public static function getPrivateKey(\OC\Files\View $view, $user) { + $path = '/' . $user . '/' . 'files_encryption' . '/' . $user . '.privateKey'; + return self::getKey($path, $view); + } + + /** + * retrieve public key for a specified user + * @param \OC\Files\View $view + * @param string $userId + * @return string public key or false + */ + public static function getPublicKey(\OC\Files\View $view, $userId) { + $path = self::$public_key_dir . '/' . $userId . '.publicKey'; + return self::getKey($path, $view); + } + public static function getPublicKeyPath() { + return self::$public_key_dir; } /** @@ -97,11 +129,8 @@ class Keymanager { public static function getPublicKeys(\OC\Files\View $view, array $userIds) { $keys = array(); - foreach ($userIds as $userId) { - $keys[$userId] = self::getPublicKey($view, $userId); - } return $keys; @@ -120,39 +149,97 @@ class Keymanager { * asymmetrically encrypt the keyfile before passing it to this method */ public static function setFileKey(\OC\Files\View $view, $util, $path, $catfile) { + $path = self::getKeyPath($view, $util, $path); + return self::setKey($path, 'fileKey', $catfile, $view); - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; + } + + /** + * get path to key folder for a given file + * + * @param \OC\Files\View $view relative to data directory + * @param \OCA\Encryption\Util $util + * @param string $path path to the file, relative to the users file directory + * @return string + */ + public static function getKeyPath($view, $util, $path) { + + if ($view->is_dir('/' . \OCP\User::getUser() . '/' . $path)) { + throw new Exception\EncryptionException('file was expected but directoy was given', Exception\EncryptionException::GENERIC); + } list($owner, $filename) = $util->getUidAndFilename($path); + $filename = Helper::stripPartialFileExtension($filename); + $filePath_f = ltrim($filename, '/'); // in case of system wide mount points the keys are stored directly in the data directory if ($util->isSystemWideMountPoint($filename)) { - $basePath = '/files_encryption/keyfiles'; + $keyPath = self::$keys_base_dir . $filePath_f . '/'; } else { - $basePath = '/' . $owner . '/files_encryption/keyfiles'; + $keyPath = '/' . $owner . self::$keys_base_dir . $filePath_f . '/'; } - $targetPath = self::keySetPreparation($view, $filename, $basePath); + return $keyPath; + } - // try reusing key file if part file - if (Helper::isPartialFilePath($targetPath)) { + /** + * get path to file key for a given file + * + * @param \OC\Files\View $view relative to data directory + * @param \OCA\Encryption\Util $util + * @param string $path path to the file, relative to the users file directory + * @return string + */ + public static function getFileKeyPath($view, $util, $path) { + $keyDir = self::getKeyPath($view, $util, $path); + return $keyDir . 'fileKey'; + } - $result = $view->file_put_contents( - $basePath . '/' . Helper::stripPartialFileExtension($targetPath) . '.key', $catfile); + /** + * get path to share key for a given user + * + * @param \OC\Files\View $view relateive to data directory + * @param \OCA\Encryption\Util $util + * @param string $path path to file relative to the users files directoy + * @param string $uid user for whom we want the share-key path + * @retrun string + */ + public static function getShareKeyPath($view, $util, $path, $uid) { + $keyDir = self::getKeyPath($view, $util, $path); + return $keyDir . $uid . '.shareKey'; + } - } else { + /** + * delete public key from a given user + * + * @param \OC\Files\View $view + * @param string $uid user + * @return bool + */ + public static function deletePublicKey($view, $uid) { - $result = $view->file_put_contents($basePath . '/' . $targetPath . '.key', $catfile); + $result = false; + if (!\OCP\User::userExists($uid)) { + $publicKey = self::$public_key_dir . '/' . $uid . '.publicKey'; + $result = $view->unlink($publicKey); } - \OC_FileProxy::$enabled = $proxyStatus; - return $result; + } + /** + * check if public key for user exists + * + * @param \OC\Files\View $view + * @param string $uid + */ + public static function publicKeyExists($view, $uid) { + return $view->file_exists(self::$public_key_dir . '/'. $uid . '.publicKey'); } + + /** * retrieve keyfile for an encrypted file * @param \OC\Files\View $view @@ -164,176 +251,97 @@ class Keymanager { * of the keyfile must be performed by client code */ public static function getFileKey($view, $util, $filePath) { + $path = self::getFileKeyPath($view, $util, $filePath); + return self::getKey($path, $view); + } + /** + * store private key from the user + * @param string $key + * @return bool + * @note Encryption of the private key must be performed by client code + * as no encryption takes place here + */ + public static function setPrivateKey($key, $user = '') { - list($owner, $filename) = $util->getUidAndFilename($filePath); - $filename = Helper::stripPartialFileExtension($filename); - $filePath_f = ltrim($filename, '/'); - - // in case of system wide mount points the keys are stored directly in the data directory - if ($util->isSystemWideMountPoint($filename)) { - $keyfilePath = '/files_encryption/keyfiles/' . $filePath_f . '.key'; - } else { - $keyfilePath = '/' . $owner . '/files_encryption/keyfiles/' . $filePath_f . '.key'; - } - - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - if ($view->file_exists($keyfilePath)) { - - $result = $view->file_get_contents($keyfilePath); - - } else { - - $result = false; - - } - - \OC_FileProxy::$enabled = $proxyStatus; + $user = $user === '' ? \OCP\User::getUser() : $user; + $path = '/' . $user . '/files_encryption'; + $header = Crypt::generateHeader(); - return $result; + return self::setKey($path, $user . '.privateKey', $header . $key, new \OC\Files\View()); } /** - * Delete a keyfile + * check if recovery key exists * * @param \OC\Files\View $view - * @param string $path path of the file the key belongs to - * @param string $userId the user to whom the file belongs - * @return bool Outcome of unlink operation - * @note $path must be relative to data/user/files. e.g. mydoc.txt NOT - * /data/admin/files/mydoc.txt + * @return bool */ - public static function deleteFileKey($view, $path, $userId=null) { - - $trimmed = ltrim($path, '/'); + public static function recoveryKeyExists($view) { - if ($trimmed === '') { - \OCP\Util::writeLog('Encryption library', - 'Can\'t delete file-key empty path given!', \OCP\Util::ERROR); - return false; - } + $result = false; - if ($userId === null) { - $userId = Helper::getUser($path); + $recoveryKeyId = Helper::getRecoveryKeyId(); + if ($recoveryKeyId) { + $result = ($view->file_exists(self::$public_key_dir . '/' . $recoveryKeyId . ".publicKey") + && $view->file_exists(self::$encryption_base_dir . '/' . $recoveryKeyId . ".privateKey")); } - $util = new Util($view, $userId); - if($util->isSystemWideMountPoint($path)) { - $keyPath = '/files_encryption/keyfiles/' . $trimmed; - } else { - $keyPath = '/' . $userId . '/files_encryption/keyfiles/' . $trimmed; - } + return $result; + } + public static function publicShareKeyExists($view) { $result = false; - $fileExists = $view->file_exists('/' . $userId . '/files/' . $trimmed); - if ($view->is_dir($keyPath) && !$fileExists) { - \OCP\Util::writeLog('files_encryption', 'deleteFileKey: delete file key: ' . $keyPath, \OCP\Util::DEBUG); - $result = $view->unlink($keyPath); - } elseif ($view->file_exists($keyPath . '.key') && !$fileExists) { - \OCP\Util::writeLog('files_encryption', 'deleteFileKey: delete file key: ' . $keyPath, \OCP\Util::DEBUG); - $result = $view->unlink($keyPath . '.key'); - - } + $publicShareKeyId = Helper::getPublicShareKeyId(); + if ($publicShareKeyId) { + $result = ($view->file_exists(self::$public_key_dir . '/' . $publicShareKeyId . ".publicKey") + && $view->file_exists(self::$encryption_base_dir . '/' . $publicShareKeyId . ".privateKey")); - if ($fileExists) { - \OCP\Util::writeLog('Encryption library', - 'Did not delete the file key, file still exists: ' . '/' . $userId . '/files/' . $trimmed, \OCP\Util::ERROR); - } elseif (!$result) { - \OCP\Util::writeLog('Encryption library', - 'Could not delete keyfile; does not exist: "' . $keyPath, \OCP\Util::ERROR); } return $result; - } /** - * store private key from the user + * store public key from the user * @param string $key + * @param string $user + * * @return bool - * @note Encryption of the private key must be performed by client code - * as no encryption takes place here */ - public static function setPrivateKey($key, $user = '') { - - if ($user === '') { - $user = \OCP\User::getUser(); - } - - $header = Crypt::generateHeader(); - - $view = new \OC\Files\View('/' . $user . '/files_encryption'); - - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - if (!$view->file_exists('')) { - $view->mkdir(''); - } - - $result = $view->file_put_contents($user . '.private.key', $header . $key); - - \OC_FileProxy::$enabled = $proxyStatus; + public static function setPublicKey($key, $user = '') { - return $result; + $user = $user === '' ? \OCP\User::getUser() : $user; + return self::setKey(self::$public_key_dir, $user . '.publicKey', $key, new \OC\Files\View('/')); } /** * write private system key (recovery and public share key) to disk * * @param string $key encrypted key - * @param string $keyName name of the key file + * @param string $keyName name of the key * @return boolean */ public static function setPrivateSystemKey($key, $keyName) { + $keyName = $keyName . '.privateKey'; $header = Crypt::generateHeader(); - $view = new \OC\Files\View('/owncloud_private_key'); - - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - if (!$view->file_exists('')) { - $view->mkdir(''); - } - - $result = $view->file_put_contents($keyName, $header . $key); - - \OC_FileProxy::$enabled = $proxyStatus; - - return $result; + return self::setKey(self::$encryption_base_dir, $keyName,$header . $key, new \OC\Files\View()); } /** - * store share key + * read private system key (recovery and public share key) from disk * - * @param \OC\Files\View $view - * @param string $path where the share key is stored - * @param string $shareKey - * @return bool true/false - * @note The keyfile is not encrypted here. Client code must - * asymmetrically encrypt the keyfile before passing it to this method + * @param string $keyName name of the key + * @return string|boolean private system key or false */ - private static function setShareKey(\OC\Files\View $view, $path, $shareKey) { - - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - $result = $view->file_put_contents($path, $shareKey); - - \OC_FileProxy::$enabled = $proxyStatus; - - if (is_int($result) && $result > 0) { - return true; - } else { - return false; - } + public static function getPrivateSystemKey($keyName) { + $path = $keyName . '.privateKey'; + return self::getKey($path, new \OC\Files\View(self::$encryption_base_dir)); } /** @@ -344,35 +352,17 @@ class Keymanager { * @param array $shareKeys * @return bool */ - public static function setShareKeys(\OC\Files\View $view, $util, $path, array $shareKeys) { - - // $shareKeys must be an array with the following format: - // [userId] => [encrypted key] - - list($owner, $filename) = $util->getUidAndFilename($path); + public static function setShareKeys($view, $util, $path, array $shareKeys) { // in case of system wide mount points the keys are stored directly in the data directory - if ($util->isSystemWideMountPoint($filename)) { - $basePath = '/files_encryption/share-keys'; - } else { - $basePath = '/' . $owner . '/files_encryption/share-keys'; - } + $basePath = Keymanager::getKeyPath($view, $util, $path); - $shareKeyPath = self::keySetPreparation($view, $filename, $basePath); + self::keySetPreparation($view, $basePath); $result = true; foreach ($shareKeys as $userId => $shareKey) { - - // try reusing key file if part file - if (Helper::isPartialFilePath($shareKeyPath)) { - $writePath = $basePath . '/' . Helper::stripPartialFileExtension($shareKeyPath) . '.' . $userId . '.shareKey'; - } else { - $writePath = $basePath . '/' . $shareKeyPath . '.' . $userId . '.shareKey'; - } - - if (!self::setShareKey($view, $writePath, $shareKey)) { - + if (!self::setKey($basePath, $userId . '.shareKey', $shareKey, $view)) { // If any of the keys are not set, flag false $result = false; } @@ -392,89 +382,9 @@ class Keymanager { * @note The sharekey returned is encrypted. Decryption * of the keyfile must be performed by client code */ - public static function getShareKey(\OC\Files\View $view, $userId, $util, $filePath) { - - // try reusing key file if part file - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - list($owner, $filename) = $util->getUidAndFilename($filePath); - $filename = Helper::stripPartialFileExtension($filename); - // in case of system wide mount points the keys are stored directly in the data directory - if ($util->isSystemWideMountPoint($filename)) { - $shareKeyPath = '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey'; - } else { - $shareKeyPath = '/' . $owner . '/files_encryption/share-keys/' . $filename . '.' . $userId . '.shareKey'; - } - - if ($view->file_exists($shareKeyPath)) { - - $result = $view->file_get_contents($shareKeyPath); - - } else { - - $result = false; - - } - - \OC_FileProxy::$enabled = $proxyStatus; - - return $result; - - } - - /** - * delete all share keys of a given file - * @param \OC\Files\View $view - * @param string $userId owner of the file - * @param string $filePath path to the file, relative to the owners file dir - */ - public static function delAllShareKeys($view, $userId, $filePath) { - - $filePath = ltrim($filePath, '/'); - - if ($view->file_exists('/' . $userId . '/files/' . $filePath)) { - \OCP\Util::writeLog('Encryption library', - 'File still exists, stop deleting share keys!', \OCP\Util::ERROR); - return false; - } - - if ($filePath === '') { - \OCP\Util::writeLog('Encryption library', - 'Can\'t delete share-keys empty path given!', \OCP\Util::ERROR); - return false; - } - - $util = new util($view, $userId); - - if ($util->isSystemWideMountPoint($filePath)) { - $baseDir = '/files_encryption/share-keys/'; - } else { - $baseDir = $userId . '/files_encryption/share-keys/'; - } - - $result = true; - - if ($view->is_dir($baseDir . $filePath)) { - \OCP\Util::writeLog('files_encryption', 'delAllShareKeys: delete share keys: ' . $baseDir . $filePath, \OCP\Util::DEBUG); - $result = $view->unlink($baseDir . $filePath); - } else { - $sharingEnabled = \OCP\Share::isEnabled(); - $users = $util->getSharingUsersArray($sharingEnabled, $filePath); - foreach($users as $user) { - $keyName = $baseDir . $filePath . '.' . $user . '.shareKey'; - if ($view->file_exists($keyName)) { - \OCP\Util::writeLog( - 'files_encryption', - 'dellAllShareKeys: delete share keys: "' . $keyName . '"', - \OCP\Util::DEBUG - ); - $result &= $view->unlink($keyName); - } - } - } - - return (bool)$result; + public static function getShareKey($view, $userId, $util, $filePath) { + $path = self::getShareKeyPath($view, $util, $filePath, $userId); + return self::getKey($path, $view); } /** @@ -482,45 +392,19 @@ class Keymanager { * * @param \OC\Files\View $view relative to data/ * @param array $userIds list of users we want to remove - * @param string $filename the owners name of the file for which we want to remove the users relative to data/user/files - * @param string $owner owner of the file + * @param string $keyPath + * @param string $owner the owner of the file + * @param string $ownerPath the owners name of the file for which we want to remove the users relative to data/user/files */ - public static function delShareKey($view, $userIds, $filename, $owner) { + public static function delShareKey($view, $userIds, $keysPath, $owner, $ownerPath) { - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - $util = new Util($view, $owner); - - if ($util->isSystemWideMountPoint($filename)) { - $shareKeyPath = \OC\Files\Filesystem::normalizePath('/files_encryption/share-keys/' . $filename); - } else { - $shareKeyPath = \OC\Files\Filesystem::normalizePath('/' . $owner . '/files_encryption/share-keys/' . $filename); + $key = array_search($owner, $userIds, true); + if ($key !== false && $view->file_exists('/' . $owner . '/files/' . $ownerPath)) { + unset($userIds[$key]); } - if ($view->is_dir($shareKeyPath)) { - - self::recursiveDelShareKeys($shareKeyPath, $userIds, $owner, $view); - - } else { - - foreach ($userIds as $userId) { + self::recursiveDelShareKeys($keysPath, $userIds, $view); - if ($userId === $owner && $view->file_exists('/' . $owner . '/files/' . $filename)) { - \OCP\Util::writeLog('files_encryption', 'Tried to delete owner key, but the file still exists!', \OCP\Util::FATAL); - continue; - } - $result = $view->unlink($shareKeyPath . '.' . $userId . '.shareKey'); - \OCP\Util::writeLog('files_encryption', 'delShareKey: delete share key: ' . $shareKeyPath . '.' . $userId . '.shareKey' , \OCP\Util::DEBUG); - if (!$result) { - \OCP\Util::writeLog('Encryption library', - 'Could not delete shareKey; does not exist: "' . $shareKeyPath . '.' . $userId - . '.shareKey"', \OCP\Util::ERROR); - } - } - } - - \OC_FileProxy::$enabled = $proxyStatus; } /** @@ -528,35 +412,23 @@ class Keymanager { * * @param string $dir directory * @param array $userIds user ids for which the share keys should be deleted - * @param string $owner owner of the file * @param \OC\Files\View $view view relative to data/ */ - private static function recursiveDelShareKeys($dir, $userIds, $owner, $view) { + private static function recursiveDelShareKeys($dir, $userIds, $view) { $dirContent = $view->opendir($dir); - $dirSlices = explode('/', ltrim($dir, '/')); - $realFileDir = '/' . $owner . '/files/' . implode('/', array_slice($dirSlices, 3)) . '/'; if (is_resource($dirContent)) { while (($file = readdir($dirContent)) !== false) { if (!\OC\Files\Filesystem::isIgnoredDir($file)) { if ($view->is_dir($dir . '/' . $file)) { - self::recursiveDelShareKeys($dir . '/' . $file, $userIds, $owner, $view); + self::recursiveDelShareKeys($dir . '/' . $file, $userIds, $view); } else { foreach ($userIds as $userId) { - $fileNameFromShareKey = self::getFilenameFromShareKey($file, $userId); - if (!$fileNameFromShareKey) { - continue; - } - $realFile = $realFileDir . $fileNameFromShareKey; - - if ($userId === $owner && - $view->file_exists($realFile)) { - \OCP\Util::writeLog('files_encryption', 'original file still exists, keep owners share key!', \OCP\Util::ERROR); - continue; + if ($userId . '.shareKey' === $file) { + \OCP\Util::writeLog('files_encryption', 'recursiveDelShareKey: delete share key: ' . $file, \OCP\Util::DEBUG); + $view->unlink($dir . '/' . $file); } - \OCP\Util::writeLog('files_encryption', 'recursiveDelShareKey: delete share key: ' . $file, \OCP\Util::DEBUG); - $view->unlink($dir . '/' . $file); } } } @@ -567,21 +439,15 @@ class Keymanager { /** * Make preparations to vars and filesystem for saving a keyfile - * @param string|boolean $path + * + * @param \OC\Files\View $view + * @param string $path relatvie to the views root * @param string $basePath */ - protected static function keySetPreparation(\OC\Files\View $view, $path, $basePath) { - - $targetPath = ltrim($path, '/'); - - $path_parts = pathinfo($targetPath); - + protected static function keySetPreparation($view, $path) { // If the file resides within a subdirectory, create it - if ( - isset($path_parts['dirname']) - && !$view->file_exists($basePath . '/' . $path_parts['dirname']) - ) { - $sub_dirs = explode('/', $basePath . '/' . $path_parts['dirname']); + if (!$view->file_exists($path)) { + $sub_dirs = explode('/', $path); $dir = ''; foreach ($sub_dirs as $sub_dir) { $dir .= '/' . $sub_dir; @@ -590,27 +456,6 @@ class Keymanager { } } } - - return $targetPath; - } - /** - * extract filename from share key name - * @param string $shareKey (filename.userid.sharekey) - * @param string $userId - * @return string|false filename or false - */ - protected static function getFilenameFromShareKey($shareKey, $userId) { - $expectedSuffix = '.' . $userId . '.' . 'shareKey'; - $suffixLen = strlen($expectedSuffix); - - $suffix = substr($shareKey, -$suffixLen); - - if ($suffix !== $expectedSuffix) { - return false; - } - - return substr($shareKey, 0, -$suffixLen); - } } diff --git a/apps/files_encryption/lib/migration.php b/apps/files_encryption/lib/migration.php index 59389911b5b..ee2e52114cf 100644 --- a/apps/files_encryption/lib/migration.php +++ b/apps/files_encryption/lib/migration.php @@ -2,8 +2,9 @@ /** * ownCloud * - * @author Thomas Müller - * @copyright 2014 Thomas Müller deepdiver@owncloud.com + * @copyright (C) 2014 ownCloud, Inc. + * + * @author Bjoern Schiessle <schiessle@owncloud.com> * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -25,26 +26,257 @@ namespace OCA\Files_Encryption; class Migration { - public function __construct($tableName = 'encryption') { - $this->tableName = $tableName; + /** + * @var \OC\Files\View + */ + private $view; + private $public_share_key_id; + private $recovery_key_id; + + public function __construct() { + $this->view = new \OC\Files\View(); + $this->public_share_key_id = \OCA\Encryption\Helper::getPublicShareKeyId(); + $this->recovery_key_id = \OCA\Encryption\Helper::getRecoveryKeyId(); + } + + public function reorganizeFolderStructure() { + + $this->createPathForKeys('/files_encryption'); + + // backup system wide folders + $this->backupSystemWideKeys(); + + // rename public keys + $this->renamePublicKeys(); + + // rename system wide mount point + $this->renameFileKeys('', '/files_encryption/keyfiles'); + + // rename system private keys + $this->renameSystemPrivateKeys(); + + // delete old system wide folders + $this->view->deleteAll('/public-keys'); + $this->view->deleteAll('/owncloud_private_key'); + $this->view->deleteAll('/files_encryption/share-keys'); + $this->view->deleteAll('/files_encryption/keyfiles'); + + $users = \OCP\User::getUsers(); + foreach ($users as $user) { + // backup all keys + if ($this->backupUserKeys($user)) { + // create new 'key' folder + $this->view->mkdir($user . '/files_encryption/keys'); + // rename users private key + $this->renameUsersPrivateKey($user); + // rename file keys + $path = $user . '/files_encryption/keyfiles'; + $this->renameFileKeys($user, $path); + $trashPath = $user . '/files_trashbin/keyfiles'; + if (\OC_App::isEnabled('files_trashbin') && $this->view->is_dir($trashPath)) { + $this->renameFileKeys($user, $trashPath, true); + $this->view->deleteAll($trashPath); + $this->view->deleteAll($user . '/files_trashbin/share-keys'); + } + // delete old folders + $this->deleteOldKeys($user); + } + } + } + + private function backupSystemWideKeys() { + $backupDir = 'encryption_migration_backup_' . date("Y-m-d_H-i-s"); + $this->view->mkdir($backupDir); + $this->view->copy('owncloud_private_key', $backupDir . '/owncloud_private_key'); + $this->view->copy('public-keys', $backupDir . '/public-keys'); + $this->view->copy('files_encryption', $backupDir . '/files_encryption'); + } + + private function backupUserKeys($user) { + $encryptionDir = $user . '/files_encryption'; + if ($this->view->is_dir($encryptionDir)) { + $backupDir = $user . '/encryption_migration_backup_' . date("Y-m-d_H-i-s"); + $this->view->mkdir($backupDir); + $this->view->copy($encryptionDir, $backupDir); + return true; + } + return false; + } + + private function renamePublicKeys() { + $dh = $this->view->opendir('public-keys'); + + $this->createPathForKeys('files_encryption/public_keys'); + + if (is_resource($dh)) { + while (($oldPublicKey = readdir($dh)) !== false) { + if (!\OC\Files\Filesystem::isIgnoredDir($oldPublicKey)) { + $newPublicKey = substr($oldPublicKey, 0, strlen($oldPublicKey) - strlen('.public.key')) . '.publicKey'; + $this->view->rename('public-keys/' . $oldPublicKey , 'files_encryption/public_keys/' . $newPublicKey); + } + } + closedir($dh); + } + } + + private function renameSystemPrivateKeys() { + $dh = $this->view->opendir('owncloud_private_key'); + + if (is_resource($dh)) { + while (($oldPrivateKey = readdir($dh)) !== false) { + if (!\OC\Files\Filesystem::isIgnoredDir($oldPrivateKey)) { + $newPrivateKey = substr($oldPrivateKey, 0, strlen($oldPrivateKey) - strlen('.private.key')) . '.privateKey'; + $this->view->rename('owncloud_private_key/' . $oldPrivateKey , 'files_encryption/' . $newPrivateKey); + } + } + closedir($dh); + } + } + + private function renameUsersPrivateKey($user) { + $oldPrivateKey = $user . '/files_encryption/' . $user . '.private.key'; + $newPrivateKey = substr($oldPrivateKey, 0, strlen($oldPrivateKey) - strlen('.private.key')) . '.privateKey'; + + $this->view->rename($oldPrivateKey, $newPrivateKey); + } + + private function getFileName($file, $trash) { + + $extLength = strlen('.key'); + + if ($trash) { + $parts = explode('.', $file); + if ($parts[count($parts) - 1] !== 'key') { + $extLength = $extLength + strlen('.' . $parts[count($parts) - 1]); + } + } + + $filename = substr($file, 0, strlen($file) - $extLength); + + return $filename; + } + + private function getExtension($file, $trash) { + + $extension = ''; + + if ($trash) { + $parts = explode('.', $file); + if ($parts[count($parts) - 1] !== 'key') { + $extension = '.' . $parts[count($parts) - 1]; + } + } + + return $extension; + } + + private function getFilePath($path, $user, $trash) { + $offset = $trash ? strlen($user . '/files_trashbin/keyfiles') : strlen($user . '/files_encryption/keyfiles'); + return substr($path, $offset); + } + + private function getTargetDir($user, $filePath, $filename, $extension, $trash) { + if ($trash) { + $targetDir = $user . '/files_trashbin/keys/' . $filePath . '/' . $filename . $extension; + } else { + $targetDir = $user . '/files_encryption/keys/' . $filePath . '/' . $filename . $extension; + } + + return $targetDir; + } + + private function renameFileKeys($user, $path, $trash = false) { + + $dh = $this->view->opendir($path); + + if (is_resource($dh)) { + while (($file = readdir($dh)) !== false) { + if (!\OC\Files\Filesystem::isIgnoredDir($file)) { + if ($this->view->is_dir($path . '/' . $file)) { + $this->renameFileKeys($user, $path . '/' . $file, $trash); + } else { + $filename = $this->getFileName($file, $trash); + $filePath = $this->getFilePath($path, $user, $trash); + $extension = $this->getExtension($file, $trash); + $targetDir = $this->getTargetDir($user, $filePath, $filename, $extension, $trash); + $this->createPathForKeys($targetDir); + $this->view->copy($path . '/' . $file, $targetDir . '/fileKey'); + $this->renameShareKeys($user, $filePath, $filename, $targetDir, $trash); + } + } + } + closedir($dh); + } } - // migrate settings from oc_encryption to oc_preferences - public function dropTableEncryption() { - $tableName = $this->tableName; - if (!\OC_DB::tableExists($tableName)) { - return; + private function getOldShareKeyPath($user, $filePath, $trash) { + if ($trash) { + $oldShareKeyPath = $user . '/files_trashbin/share-keys/' . $filePath; + } else { + $oldShareKeyPath = $user . '/files_encryption/share-keys/' . $filePath; } - $sql = "select `uid`, max(`recovery_enabled`) as `recovery_enabled`, min(`migration_status`) as `migration_status` from `*PREFIX*$tableName` group by `uid`"; - $query = \OCP\DB::prepare($sql); - $result = $query->execute(array())->fetchAll(); - foreach ($result as $row) { - \OC_Preferences::setValue($row['uid'], 'files_encryption', 'recovery_enabled', $row['recovery_enabled']); - \OC_Preferences::setValue($row['uid'], 'files_encryption', 'migration_status', $row['migration_status']); + return $oldShareKeyPath; + } + + private function getUidFromShareKey($file, $filename, $trash) { + $extLength = strlen('.shareKey'); + if ($trash) { + $parts = explode('.', $file); + if ($parts[count($parts) - 1] !== 'shareKey') { + $extLength = $extLength + strlen('.' . $parts[count($parts) - 1]); + } } - \OC_DB::dropTable($tableName); + $uid = substr($file, strlen($filename) + 1, $extLength * -1); + + return $uid; } + private function renameShareKeys($user, $filePath, $filename, $target, $trash) { + $oldShareKeyPath = $this->getOldShareKeyPath($user, $filePath, $trash); + $dh = $this->view->opendir($oldShareKeyPath); + + if (is_resource($dh)) { + while (($file = readdir($dh)) !== false) { + if (!\OC\Files\Filesystem::isIgnoredDir($file)) { + if ($this->view->is_dir($oldShareKeyPath . '/' . $file)) { + continue; + } else { + if (substr($file, 0, strlen($filename) +1) === $filename . '.') { + + $uid = $this->getUidFromShareKey($file, $filename, $trash); + if ($uid === $this->public_share_key_id || + $uid === $this->recovery_key_id || + \OCP\User::userExists($uid)) { + $this->view->copy($oldShareKeyPath . '/' . $file, $target . '/' . $uid . '.shareKey'); + } + } + } + + } + } + closedir($dh); + } + } + + private function deleteOldKeys($user) { + $this->view->deleteAll($user . '/files_encryption/keyfiles'); + $this->view->deleteAll($user . '/files_encryption/share-keys'); + } + + private function createPathForKeys($path) { + if (!$this->view->file_exists($path)) { + $sub_dirs = explode('/', $path); + $dir = ''; + foreach ($sub_dirs as $sub_dir) { + $dir .= '/' . $sub_dir; + if (!$this->view->is_dir($dir)) { + $this->view->mkdir($dir); + } + } + } + } + + } diff --git a/apps/files_encryption/lib/proxy.php b/apps/files_encryption/lib/proxy.php index a358a46a6e7..0e8ca7319f0 100644 --- a/apps/files_encryption/lib/proxy.php +++ b/apps/files_encryption/lib/proxy.php @@ -3,10 +3,11 @@ /** * ownCloud * - * @author Bjoern Schiessle, Sam Tuke, Robin Appelman - * @copyright 2012 Sam Tuke <samtuke@owncloud.com> - * 2012 Robin Appelman <icewind1991@gmail.com> - * 2014 Bjoern Schiessle <schiessle@owncloud.com> + * @copyright (C) 2014 ownCloud, Inc. + * + * @author Bjoern Schiessle <schiessle@owncloud.com> + * @author Sam Tuke <samtuke@owncloud.com> + * @author Robin Appelman <icewind1991@gmail.com> * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -204,11 +205,11 @@ class Proxy extends \OC_FileProxy { public function postFile_get_contents($path, $data) { $plainData = null; - $view = new \OC\Files\View('/'); // If data is a catfile if ( Crypt::mode() === 'server' + && $this->shouldEncrypt($path) && Crypt::isCatfileContent($data) ) { diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php index 132748b6ea5..7f1e0664cdc 100644 --- a/apps/files_encryption/lib/session.php +++ b/apps/files_encryption/lib/session.php @@ -2,8 +2,10 @@ /** * ownCloud * - * @author Sam Tuke - * @copyright 2012 Sam Tuke samtuke@owncloud.com + * @copyright (C) 2014 ownCloud, Inc. + * + * @author Sam Tuke <samtuke@owncloud.com> + * @author Bjoern Schiessle <schiessle@owncloud.com> * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -46,51 +48,38 @@ class Session { $this->view = $view; - if (!$this->view->is_dir('owncloud_private_key')) { + if (!$this->view->is_dir('files_encryption')) { - $this->view->mkdir('owncloud_private_key'); + $this->view->mkdir('files_encryption'); } $appConfig = \OC::$server->getAppConfig(); - $publicShareKeyId = $appConfig->getValue('files_encryption', 'publicShareKeyId'); + $publicShareKeyId = Helper::getPublicShareKeyId(); - if ($publicShareKeyId === null) { + if ($publicShareKeyId === false) { $publicShareKeyId = 'pubShare_' . substr(md5(time()), 0, 8); $appConfig->setValue('files_encryption', 'publicShareKeyId', $publicShareKeyId); } - if ( - !$this->view->file_exists("/public-keys/" . $publicShareKeyId . ".public.key") - || !$this->view->file_exists("/owncloud_private_key/" . $publicShareKeyId . ".private.key") - ) { + if (!Keymanager::publicShareKeyExists($view)) { $keypair = Crypt::createKeypair(); - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; // Save public key - - if (!$view->is_dir('/public-keys')) { - $view->mkdir('/public-keys'); - } - - $this->view->file_put_contents('/public-keys/' . $publicShareKeyId . '.public.key', $keypair['publicKey']); + Keymanager::setPublicKey($keypair['publicKey'], $publicShareKeyId); // Encrypt private key empty passphrase $cipher = \OCA\Encryption\Helper::getCipher(); $encryptedKey = \OCA\Encryption\Crypt::symmetricEncryptFileContent($keypair['privateKey'], '', $cipher); if ($encryptedKey) { - Keymanager::setPrivateSystemKey($encryptedKey, $publicShareKeyId . '.private.key'); + Keymanager::setPrivateSystemKey($encryptedKey, $publicShareKeyId); } else { \OCP\Util::writeLog('files_encryption', 'Could not create public share keys', \OCP\Util::ERROR); } - \OC_FileProxy::$enabled = $proxyStatus; - } if (\OCA\Encryption\Helper::isPublicAccess() && !self::getPublicSharePrivateKey()) { @@ -98,8 +87,7 @@ class Session { $proxyStatus = \OC_FileProxy::$enabled; \OC_FileProxy::$enabled = false; - $encryptedKey = $this->view->file_get_contents( - '/owncloud_private_key/' . $publicShareKeyId . '.private.key'); + $encryptedKey = Keymanager::getPrivateSystemKey($publicShareKeyId); $privateKey = Crypt::decryptPrivateKey($encryptedKey, ''); self::setPublicSharePrivateKey($privateKey); diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index d214d13de69..42a7e20c87f 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -2,10 +2,11 @@ /** * ownCloud * - * @author Sam Tuke, Frank Karlitschek, Bjoern Schiessle - * @copyright 2012 Sam Tuke <samtuke@owncloud.com>, - * Frank Karlitschek <frank@owncloud.org>, - * Bjoern Schiessle <schiessle@owncloud.com> + * @copyright (C) 2014 ownCloud, Inc. + * + * @author Sam Tuke <samtuke@owncloud.com>, + * @author Frank Karlitschek <frank@owncloud.org>, + * @author Bjoern Schiessle <schiessle@owncloud.com> * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -44,10 +45,10 @@ class Util { private $client; // Client side encryption mode flag private $publicKeyDir; // Dir containing all public user keys private $encryptionDir; // Dir containing user's files_encryption - private $keyfilesPath; // Dir containing user's keyfiles - private $shareKeysPath; // Dir containing env keys for shared files + private $keysPath; // Dir containing all file related encryption keys private $publicKeyPath; // Path to user's public key private $privateKeyPath; // Path to user's private key + private $userFilesDir; private $publicShareKeyId; private $recoveryKeyId; private $isPublic; @@ -72,14 +73,13 @@ class Util { $this->fileFolderName = 'files'; $this->userFilesDir = '/' . $userId . '/' . $this->fileFolderName; // TODO: Does this need to be user configurable? - $this->publicKeyDir = '/' . 'public-keys'; + $this->publicKeyDir = Keymanager::getPublicKeyPath(); $this->encryptionDir = '/' . $this->userId . '/' . 'files_encryption'; - $this->keyfilesPath = $this->encryptionDir . '/' . 'keyfiles'; - $this->shareKeysPath = $this->encryptionDir . '/' . 'share-keys'; + $this->keysPath = $this->encryptionDir . '/' . 'keys'; $this->publicKeyPath = - $this->publicKeyDir . '/' . $this->userId . '.public.key'; // e.g. data/public-keys/admin.public.key + $this->publicKeyDir . '/' . $this->userId . '.publicKey'; // e.g. data/public-keys/admin.publicKey $this->privateKeyPath = - $this->encryptionDir . '/' . $this->userId . '.private.key'; // e.g. data/admin/admin.private.key + $this->encryptionDir . '/' . $this->userId . '.privateKey'; // e.g. data/admin/admin.privateKey // make sure that the owners home is mounted \OC\Files\Filesystem::initMountPoints($userId); @@ -99,8 +99,7 @@ class Util { if ( !$this->view->file_exists($this->encryptionDir) - or !$this->view->file_exists($this->keyfilesPath) - or !$this->view->file_exists($this->shareKeysPath) + or !$this->view->file_exists($this->keysPath) or !$this->view->file_exists($this->publicKeyPath) or !$this->view->file_exists($this->privateKeyPath) ) { @@ -149,8 +148,7 @@ class Util { $this->userDir, $this->publicKeyDir, $this->encryptionDir, - $this->keyfilesPath, - $this->shareKeysPath + $this->keysPath ); // Check / create all necessary dirs @@ -727,8 +725,8 @@ class Util { } if ($successful) { - $this->view->rename($this->keyfilesPath, $this->keyfilesPath . '.backup'); - $this->view->rename($this->shareKeysPath, $this->shareKeysPath . '.backup'); + $this->backupAllKeys('decryptAll'); + $this->view->deleteAll($this->keysPath); } \OC_FileProxy::$enabled = true; @@ -845,9 +843,9 @@ class Util { break; - case 'keyfilesPath': + case 'keysPath': - return $this->keyfilesPath; + return $this->keysPath; break; @@ -1365,22 +1363,14 @@ class Util { public function checkRecoveryPassword($password) { $result = false; - $pathKey = '/owncloud_private_key/' . $this->recoveryKeyId . ".private.key"; - - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - $recoveryKey = $this->view->file_get_contents($pathKey); + $recoveryKey = Keymanager::getPrivateSystemKey($this->recoveryKeyId); $decryptedRecoveryKey = Crypt::decryptPrivateKey($recoveryKey, $password); if ($decryptedRecoveryKey) { $result = true; } - \OC_FileProxy::$enabled = $proxyStatus; - - return $result; } @@ -1395,19 +1385,17 @@ class Util { * add recovery key to all encrypted files */ public function addRecoveryKeys($path = '/') { - $dirContent = $this->view->getDirectoryContent($this->keyfilesPath . $path); + $dirContent = $this->view->getDirectoryContent($this->keysPath . '/' . $path); foreach ($dirContent as $item) { // get relative path from files_encryption/keyfiles/ - $filePath = substr($item['path'], strlen('files_encryption/keyfiles')); - if ($item['type'] === 'dir') { + $filePath = substr($item['path'], strlen('files_encryption/keys')); + if ($this->view->is_dir($this->userFilesDir . '/' . $filePath)) { $this->addRecoveryKeys($filePath . '/'); } else { $session = new \OCA\Encryption\Session(new \OC\Files\View('/')); $sharingEnabled = \OCP\Share::isEnabled(); - // remove '.key' extension from path e.g. 'file.txt.key' to 'file.txt' - $file = substr($filePath, 0, -4); - $usersSharing = $this->getSharingUsersArray($sharingEnabled, $file); - $this->setSharedFileKeyfiles($session, $usersSharing, $file); + $usersSharing = $this->getSharingUsersArray($sharingEnabled, $filePath); + $this->setSharedFileKeyfiles($session, $usersSharing, $filePath); } } } @@ -1416,16 +1404,14 @@ class Util { * remove recovery key to all encrypted files */ public function removeRecoveryKeys($path = '/') { - $dirContent = $this->view->getDirectoryContent($this->keyfilesPath . $path); + $dirContent = $this->view->getDirectoryContent($this->keysPath . '/' . $path); foreach ($dirContent as $item) { // get relative path from files_encryption/keyfiles - $filePath = substr($item['path'], strlen('files_encryption/keyfiles')); - if ($item['type'] === 'dir') { + $filePath = substr($item['path'], strlen('files_encryption/keys')); + if ($this->view->is_dir($this->userFilesDir . '/' . $filePath)) { $this->removeRecoveryKeys($filePath . '/'); } else { - // remove '.key' extension from path e.g. 'file.txt.key' to 'file.txt' - $file = substr($filePath, 0, -4); - $this->view->unlink($this->shareKeysPath . '/' . $file . '.' . $this->recoveryKeyId . '.shareKey'); + $this->view->unlink($this->keysPath . '/' . $filePath . '/' . $this->recoveryKeyId . '.shareKey'); } } } @@ -1455,27 +1441,17 @@ class Util { } $filteredUids = $this->filterShareReadyUsers($userIds); - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - //decrypt file key - $encKeyfile = $this->view->file_get_contents($this->keyfilesPath . $file . ".key"); - $shareKey = $this->view->file_get_contents( - $this->shareKeysPath . $file . "." . $this->recoveryKeyId . ".shareKey"); + $encKeyfile = Keymanager::getFileKey($this->view, $this, $file); + $shareKey = Keymanager::getShareKey($this->view, $this->recoveryKeyId, $this, $file); $plainKeyfile = Crypt::multiKeyDecrypt($encKeyfile, $shareKey, $privateKey); // encrypt file key again to all users, this time with the new public key for the recovered use $userPubKeys = Keymanager::getPublicKeys($this->view, $filteredUids['ready']); $multiEncKey = Crypt::multiKeyEncrypt($plainKeyfile, $userPubKeys); - // write new keys to filesystem TDOO! - $this->view->file_put_contents($this->keyfilesPath . $file . '.key', $multiEncKey['data']); - foreach ($multiEncKey['keys'] as $userId => $shareKey) { - $shareKeyPath = $this->shareKeysPath . $file . '.' . $userId . '.shareKey'; - $this->view->file_put_contents($shareKeyPath, $shareKey); - } + Keymanager::setFileKey($this->view, $this, $file, $multiEncKey['data']); + Keymanager::setShareKeys($this->view, $this, $file, $multiEncKey['keys']); - // Return proxy to original status - \OC_FileProxy::$enabled = $proxyStatus; } /** @@ -1484,16 +1460,14 @@ class Util { * @param string $privateKey private recovery key which is used to decrypt the files */ private function recoverAllFiles($path, $privateKey) { - $dirContent = $this->view->getDirectoryContent($this->keyfilesPath . $path); + $dirContent = $this->view->getDirectoryContent($this->keysPath . '/' . $path); foreach ($dirContent as $item) { // get relative path from files_encryption/keyfiles - $filePath = substr($item['path'], strlen('files_encryption/keyfiles')); - if ($item['type'] === 'dir') { + $filePath = substr($item['path'], strlen('files_encryption/keys')); + if ($this->view->is_dir($this->userFilesDir . '/' . $filePath)) { $this->recoverAllFiles($filePath . '/', $privateKey); } else { - // remove '.key' extension from path e.g. 'file.txt.key' to 'file.txt' - $file = substr($filePath, 0, -4); - $this->recoverFile($file, $privateKey); + $this->recoverFile($filePath, $privateKey); } } } @@ -1504,16 +1478,9 @@ class Util { */ public function recoverUsersFiles($recoveryPassword) { - // Disable encryption proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - $encryptedKey = $this->view->file_get_contents( - '/owncloud_private_key/' . $this->recoveryKeyId . '.private.key'); + $encryptedKey = Keymanager::getPrivateSystemKey( $this->recoveryKeyId); $privateKey = Crypt::decryptPrivateKey($encryptedKey, $recoveryPassword); - \OC_FileProxy::$enabled = $proxyStatus; - $this->recoverAllFiles('/', $privateKey); } @@ -1527,10 +1494,9 @@ class Util { $backupDir = $this->encryptionDir . '/backup.'; $backupDir .= ($purpose === '') ? date("Y-m-d_H-i-s") . '/' : $purpose . '.' . date("Y-m-d_H-i-s") . '/'; $this->view->mkdir($backupDir); - $this->view->copy($this->shareKeysPath, $backupDir . 'share-keys/'); - $this->view->copy($this->keyfilesPath, $backupDir . 'keyfiles/'); - $this->view->copy($this->privateKeyPath, $backupDir . $this->userId . '.private.key'); - $this->view->copy($this->publicKeyPath, $backupDir . $this->userId . '.public.key'); + $this->view->copy($this->keysPath, $backupDir . 'keys/'); + $this->view->copy($this->privateKeyPath, $backupDir . $this->userId . '.privateKey'); + $this->view->copy($this->publicKeyPath, $backupDir . $this->userId . '.publicKey'); } /** @@ -1590,7 +1556,10 @@ class Util { $encryptedKey = Keymanager::getPrivateKey($this->view, $params['uid']); - $privateKey = Crypt::decryptPrivateKey($encryptedKey, $params['password']); + $privateKey = false; + if ($encryptedKey) { + $privateKey = Crypt::decryptPrivateKey($encryptedKey, $params['password']); + } if ($privateKey === false) { \OCP\Util::writeLog('Encryption library', 'Private key for user "' . $params['uid'] diff --git a/apps/files_encryption/tests/crypt.php b/apps/files_encryption/tests/crypt.php index 7369be8ff05..ab2ce066cdb 100755 --- a/apps/files_encryption/tests/crypt.php +++ b/apps/files_encryption/tests/crypt.php @@ -33,20 +33,6 @@ class Test_Encryption_Crypt extends \OCA\Files_Encryption\Tests\TestCase { public static function setUpBeforeClass() { parent::setUpBeforeClass(); - // reset backend - \OC_User::clearBackends(); - \OC_User::useBackend('database'); - - // Filesystem related hooks - \OCA\Encryption\Helper::registerFilesystemHooks(); - - // Filesystem related hooks - \OCA\Encryption\Helper::registerUserHooks(); - - // clear and register hooks - \OC_FileProxy::clearProxies(); - \OC_FileProxy::register(new OCA\Encryption\Proxy()); - // create test user self::loginHelper(\Test_Encryption_Crypt::TEST_ENCRYPTION_CRYPT_USER1, true); } @@ -99,14 +85,6 @@ class Test_Encryption_Crypt extends \OCA\Files_Encryption\Tests\TestCase { // cleanup test user \OC_User::deleteUser(\Test_Encryption_Crypt::TEST_ENCRYPTION_CRYPT_USER1); - \OC_Hook::clear(); - \OC_FileProxy::clearProxies(); - - // Delete keys in /data/ - $view = new \OC\Files\View('/'); - $view->rmdir('public-keys'); - $view->rmdir('owncloud_private_key'); - parent::tearDownAfterClass(); } @@ -211,8 +189,6 @@ class Test_Encryption_Crypt extends \OCA\Files_Encryption\Tests\TestCase { // Teardown $this->view->unlink($this->userId . '/files/' . $filename); - - Encryption\Keymanager::deleteFileKey($this->view, $filename); } /** @@ -252,8 +228,6 @@ class Test_Encryption_Crypt extends \OCA\Files_Encryption\Tests\TestCase { // Teardown $this->view->unlink($this->userId . '/files/' . $filename); - - Encryption\Keymanager::deleteFileKey($this->view, $filename); } /** @@ -293,11 +267,7 @@ class Test_Encryption_Crypt extends \OCA\Files_Encryption\Tests\TestCase { $this->assertEquals($this->dataLong . $this->dataLong, $decrypted); // Teardown - $this->view->unlink($this->userId . '/files/' . $filename); - - Encryption\Keymanager::deleteFileKey($this->view, $filename); - } /** @@ -341,11 +311,7 @@ class Test_Encryption_Crypt extends \OCA\Files_Encryption\Tests\TestCase { $this->assertEquals($this->dataLong . $this->dataLong, $decrypted); // Teardown - $this->view->unlink($this->userId . '/files/' . $filename); - - Encryption\Keymanager::deleteFileKey($this->view, $filename); - } /** @@ -393,11 +359,7 @@ class Test_Encryption_Crypt extends \OCA\Files_Encryption\Tests\TestCase { $this->assertEquals($this->dataLong . $this->dataLong, $decrypted); // Teardown - $this->view->unlink($this->userId . '/files/' . $filename); - - Encryption\Keymanager::deleteFileKey($this->view, $filename); - } /** diff --git a/apps/files_encryption/tests/helper.php b/apps/files_encryption/tests/helper.php index fcde7dc5df3..88ba9f20d53 100644 --- a/apps/files_encryption/tests/helper.php +++ b/apps/files_encryption/tests/helper.php @@ -38,14 +38,6 @@ class Test_Encryption_Helper extends \OCA\Files_Encryption\Tests\TestCase { } public static function tearDownAfterClass() { - \OC_Hook::clear(); - \OC_FileProxy::clearProxies(); - - // Delete keys in /data/ - $view = new \OC\Files\View('/'); - $view->rmdir('public-keys'); - $view->rmdir('owncloud_private_key'); - parent::tearDownAfterClass(); } @@ -125,56 +117,4 @@ class Test_Encryption_Helper extends \OCA\Files_Encryption\Tests\TestCase { self::cleanUpUsers(); } - function userNamesProvider() { - return array( - array('testuser' . $this->getUniqueID()), - array('user.name.with.dots'), - ); - } - - /** - * Tests whether share keys can be found - * - * @dataProvider userNamesProvider - */ - function testFindShareKeys($userName) { - self::setUpUsers(); - // note: not using dataProvider as we want to make - // sure that the correct keys are match and not any - // other ones that might happen to have similar names - self::setupHooks(); - self::loginHelper($userName, true); - $testDir = 'testFindShareKeys' . $this->getUniqueID() . '/'; - $baseDir = $userName . '/files/' . $testDir; - $fileList = array( - 't est.txt', - 't est_.txt', - 't est.doc.txt', - 't est(.*).txt', // make sure the regexp is escaped - 'multiple.dots.can.happen.too.txt', - 't est.' . $userName . '.txt', - 't est_.' . $userName . '.shareKey.txt', - 'who would upload their.shareKey', - 'user ones file.txt', - 'user ones file.txt.backup', - '.t est.txt' - ); - - $rootView = new \OC\Files\View('/'); - $rootView->mkdir($baseDir); - foreach ($fileList as $fileName) { - $rootView->file_put_contents($baseDir . $fileName, 'dummy'); - } - - $shareKeysDir = $userName . '/files_encryption/share-keys/' . $testDir; - foreach ($fileList as $fileName) { - // make sure that every file only gets its correct respective keys - $result = Encryption\Helper::findShareKeys($baseDir . $fileName, $shareKeysDir . $fileName, $rootView); - $this->assertEquals( - array($shareKeysDir . $fileName . '.' . $userName . '.shareKey'), - $result - ); - } - self::cleanUpUsers(); - } } diff --git a/apps/files_encryption/tests/hooks.php b/apps/files_encryption/tests/hooks.php index 4b8be0c7c1c..d5a30f5074a 100644 --- a/apps/files_encryption/tests/hooks.php +++ b/apps/files_encryption/tests/hooks.php @@ -63,28 +63,6 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase { '.t est.txt' ); - // reset backend - \OC_User::clearBackends(); - \OC_User::useBackend('database'); - - \OC_Hook::clear('OC_Filesystem'); - \OC_Hook::clear('OC_User'); - - // clear share hooks - \OC_Hook::clear('OCP\\Share'); - \OC::registerShareHooks(); - \OCP\Util::connectHook('OC_Filesystem', 'setup', '\OC\Files\Storage\Shared', 'setup'); - - // Filesystem related hooks - \OCA\Encryption\Helper::registerFilesystemHooks(); - - // Sharing related hooks - \OCA\Encryption\Helper::registerShareHooks(); - - // clear and register proxies - \OC_FileProxy::clearProxies(); - \OC_FileProxy::register(new OCA\Encryption\Proxy()); - // create test user self::loginHelper(\Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1, true); self::loginHelper(\Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2, true); @@ -114,14 +92,6 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase { \OC_User::deleteUser(\Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1); \OC_User::deleteUser(\Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2); - \OC_Hook::clear(); - \OC_FileProxy::clearProxies(); - - // Delete keys in /data/ - $view = new \OC\Files\View('/'); - $view->rmdir('public-keys'); - $view->rmdir('owncloud_private_key'); - parent::tearDownAfterClass(); } @@ -163,10 +133,10 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase { // check if all keys are generated $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); + self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' . $this->filename . '.key')); + self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->filename . '/fileKey')); self::logoutHelper(); @@ -178,10 +148,10 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase { // check if all keys are generated $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); + self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keyfiles/' . $this->filename . '.key')); + self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' . $this->filename . '/fileKey')); // create a dummy file that we can delete something outside of data/user/files @@ -193,10 +163,10 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase { // all keys should still exist $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); + self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keyfiles/' . $this->filename . '.key')); + self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' . $this->filename . '/fileKey')); // delete the file in data/user/files @@ -205,17 +175,17 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase { // check if keys from user2 are really deleted $this->assertFalse($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); + self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); $this->assertFalse($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keyfiles/' . $this->filename . '.key')); + self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' . $this->filename . '/fileKey')); // but user1 keys should still exist $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); + self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' . $this->filename . '.key')); + self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->filename . '/fileKey')); if ($stateFilesTrashbin) { OC_App::enable('files_trashbin'); @@ -244,10 +214,10 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase { // check if all keys are generated $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); + self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' . $this->filename . '.key')); + self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->filename . '/fileKey')); // get the file info from previous created file $fileInfo = $this->user1View->getFileInfo($this->filename); @@ -260,8 +230,8 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase { // check if new share key exists $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); + self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); self::logoutHelper(); self::loginHelper(\Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2); @@ -272,10 +242,10 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase { // keys should be stored at user1s dir, not in user2s $this->assertFalse($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); + self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); $this->assertFalse($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keyfiles/' . $this->filename . '.key')); + self::TEST_ENCRYPTION_HOOKS_USER2 . '/files_encryption/keys/' . $this->filename . '/fileKey')); // delete the Shared file from user1 in data/user2/files/Shared $result = $this->user2View->unlink($this->filename); @@ -284,13 +254,13 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase { // share key for user2 from user1s home should be gone, all other keys should still exists $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); + self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); $this->assertFalse($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); + self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Hooks::TEST_ENCRYPTION_HOOKS_USER2 . '.shareKey')); $this->assertTrue($this->rootView->file_exists( - self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' . $this->filename . '.key')); + self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->filename . '/fileKey')); // cleanup @@ -327,12 +297,12 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase { function doTestRenameHook($filename) { // check if keys exists $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' - . $filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); + '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' + . $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' - . $filename . '.key')); + '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' + . $filename . '/fileKey')); // make subfolder and sub-subfolder $this->rootView->mkdir('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder); @@ -351,18 +321,18 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase { // keys should be renamed too $this->assertFalse($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' - . $filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); + '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' + . $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); $this->assertFalse($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' - . $filename . '.key')); + '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' + . $filename . '/fileKey')); $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' . $this->folder . '/' . $this->folder . '/' - . $filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); + '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->folder . '/' . $this->folder . '/' + . $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' . $this->folder . '/' . $this->folder . '/' - . $filename . '.key')); + '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->folder . '/' . $this->folder . '/' + . $filename . '/fileKey')); // cleanup $this->rootView->unlink('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder); @@ -389,12 +359,12 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase { function doTestCopyHook($filename) { // check if keys exists $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' - . $filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); + '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' + . $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' - . $filename . '.key')); + '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' + . $filename . '/fileKey')); // make subfolder and sub-subfolder $this->rootView->mkdir('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder); @@ -410,18 +380,18 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase { // keys should be copied too $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' - . $filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); + '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' + . $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' - . $filename . '.key')); + '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' + . $filename . '/fileKey')); $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/share-keys/' . $this->folder . '/' . $this->folder . '/' - . $filename . '.' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); + '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->folder . '/' . $this->folder . '/' + . $filename . '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '.shareKey')); $this->assertTrue($this->rootView->file_exists( - '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keyfiles/' . $this->folder . '/' . $this->folder . '/' - . $filename . '.key')); + '/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files_encryption/keys/' . $this->folder . '/' . $this->folder . '/' + . $filename . '/fileKey')); // cleanup $this->rootView->unlink('/' . self::TEST_ENCRYPTION_HOOKS_USER1 . '/files/' . $this->folder); @@ -439,8 +409,8 @@ class Test_Encryption_Hooks extends \OCA\Files_Encryption\Tests\TestCase { // set user password for the first time \OCA\Encryption\Hooks::postCreateUser(array('uid' => 'newUser', 'password' => 'newUserPassword')); - $this->assertTrue($view->file_exists('public-keys/newUser.public.key')); - $this->assertTrue($view->file_exists('newUser/files_encryption/newUser.private.key')); + $this->assertTrue($view->file_exists(\OCA\Encryption\Keymanager::getPublicKeyPath() . '/newUser.publicKey')); + $this->assertTrue($view->file_exists('newUser/files_encryption/newUser.privateKey')); // check if we are able to decrypt the private key $encryptedKey = \OCA\Encryption\Keymanager::getPrivateKey($view, 'newUser'); diff --git a/apps/files_encryption/tests/keymanager.php b/apps/files_encryption/tests/keymanager.php index b4dc6ddeb56..21f03839430 100644 --- a/apps/files_encryption/tests/keymanager.php +++ b/apps/files_encryption/tests/keymanager.php @@ -28,17 +28,6 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase { public static function setUpBeforeClass() { parent::setUpBeforeClass(); - // reset backend - \OC_User::clearBackends(); - \OC_User::useBackend('database'); - - // Filesystem related hooks - \OCA\Encryption\Helper::registerFilesystemHooks(); - - // clear and register hooks - \OC_FileProxy::clearProxies(); - \OC_FileProxy::register(new OCA\Encryption\Proxy()); - // disable file proxy by default \OC_FileProxy::$enabled = false; @@ -78,9 +67,7 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase { } function tearDown() { - $this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys'); - $this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles'); - + $this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys'); parent::tearDown(); } @@ -94,14 +81,6 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase { OC_App::enable('files_trashbin'); } - \OC_Hook::clear(); - \OC_FileProxy::clearProxies(); - - // Delete keys in /data/ - $view = new \OC\Files\View('/'); - $view->rmdir('public-keys'); - $view->rmdir('owncloud_private_key'); - parent::tearDownAfterClass(); } @@ -140,27 +119,6 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase { $this->assertArrayHasKey('key', $sslInfo); } - function fileNameFromShareKeyProvider() { - return array( - array('file.user.shareKey', 'user', 'file'), - array('file.name.with.dots.user.shareKey', 'user', 'file.name.with.dots'), - array('file.name.user.with.dots.shareKey', 'user.with.dots', 'file.name'), - array('file.txt', 'user', false), - array('user.shareKey', 'user', false), - ); - } - - /** - * @small - * - * @dataProvider fileNameFromShareKeyProvider - */ - function testGetFilenameFromShareKey($fileName, $user, $expectedFileName) { - $this->assertEquals($expectedFileName, - \TestProtectedKeymanagerMethods::testGetFilenameFromShareKey($fileName, $user) - ); - } - /** * @medium */ @@ -180,7 +138,7 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase { Encryption\Keymanager::setFileKey($this->view, $util, $file, $key); - $this->assertTrue($this->view->file_exists('/' . $this->userId . '/files_encryption/keyfiles/' . $file . '.key')); + $this->assertTrue($this->view->file_exists('/' . $this->userId . '/files_encryption/keys/' . $file . '/fileKey')); // cleanup $this->view->unlink('/' . $this->userId . '/files/' . $file); @@ -198,7 +156,7 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase { Encryption\Keymanager::setPrivateKey($key, 'dummyUser'); - $this->assertTrue($this->view->file_exists('/dummyUser/files_encryption/dummyUser.private.key')); + $this->assertTrue($this->view->file_exists('/dummyUser/files_encryption/dummyUser.privateKey')); //clean up $this->view->deleteAll('/dummyUser'); @@ -210,14 +168,19 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase { function testSetPrivateSystemKey() { $key = "dummy key"; - $keyName = "myDummyKey.private.key"; + $keyName = "myDummyKey"; + $encHeader = Encryption\Crypt::generateHeader(); Encryption\Keymanager::setPrivateSystemKey($key, $keyName); - $this->assertTrue($this->view->file_exists('/owncloud_private_key/' . $keyName)); + $this->assertTrue($this->view->file_exists('/files_encryption/' . $keyName . '.privateKey')); + + $result = Encryption\Keymanager::getPrivateSystemKey($keyName); + + $this->assertSame($encHeader . $key, $result); // clean up - $this->view->unlink('/owncloud_private_key/' . $keyName); + $this->view->unlink('/files_encryption/' . $keyName.'.privateKey'); } @@ -256,70 +219,78 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase { $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1/existingFile.txt', 'data'); // create folder structure for some dummy share key files - $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1'); - $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder'); - $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder'); + $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1'); + $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/existingFile.txt'); + $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1'); + $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file2'); + $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder'); + $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/file2'); + $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/subsubfolder'); + $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/subsubfolder/file1'); + $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/subsubfolder/file2'); // create some dummy share keys - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user1.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.user1.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.user1.test.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.test-keymanager-userxdot.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.userx.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.' . Test_Encryption_Keymanager::TEST_USER . '.userx.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.user1.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.' . Test_Encryption_Keymanager::TEST_USER . '.user1.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file2.user2.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file2.user3.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/file2.user3.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder/file1.user1.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder/file2.user2.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder/file2.user3.shareKey', 'data'); + $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/existingFile.txt/user1.shareKey', 'data'); + $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/existingFile.txt/' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data'); + $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/user1.shareKey', 'data'); + $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/user1.test.shareKey', 'data'); + $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/test-keymanager-userxdot.shareKey', 'data'); + $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/userx.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data'); + $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/' . Test_Encryption_Keymanager::TEST_USER . '.userx.shareKey', 'data'); + $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/user1.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data'); + $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/' . Test_Encryption_Keymanager::TEST_USER . '.user1.shareKey', 'data'); + $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file2/user2.shareKey', 'data'); + $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file2/user3.shareKey', 'data'); + $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/file2/user3.shareKey', 'data'); + $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/subsubfolder/file1/user1.shareKey', 'data'); + $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/subsubfolder/file2/user2.shareKey', 'data'); + $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/subsubfolder/file2/user3.shareKey', 'data'); // recursive delete share keys from user1 and user2 - Encryption\Keymanager::delShareKey($this->view, array('user1', 'user2', Test_Encryption_Keymanager::TEST_USER), '/folder1/', Test_Encryption_Keymanager::TEST_USER); + Encryption\Keymanager::delShareKey($this->view, + array('user1', 'user2', Test_Encryption_Keymanager::TEST_USER), + Encryption\Keymanager::getKeyPath($this->view, new Encryption\Util($this->view, Test_Encryption_Keymanager::TEST_USER), '/folder1'), + Test_Encryption_Keymanager::TEST_USER, + '/folder1'); // check if share keys from user1 and user2 are deleted $this->assertFalse($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.user1.shareKey')); + '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/existingFile.txt/user1.shareKey')); $this->assertFalse($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.user1.shareKey')); + '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1/user1.shareKey')); $this->assertFalse($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file2.user2.shareKey')); + '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file2/user2.shareKey')); $this->assertFalse($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder/file1.user1.shareKey')); + '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder/file1/user1.shareKey')); $this->assertFalse($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder/file2.user2.shareKey')); + '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder/file2/user2.shareKey')); // check if share keys from user3 still exists $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file2.user3.shareKey')); + '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file2/user3.shareKey')); $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder/file2.user3.shareKey')); + '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/subsubfolder/file2/user3.shareKey')); $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/file2.user3.shareKey')); + '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/subfolder/file2/user3.shareKey')); - // check if share keys for user or file with similar name + // check if share keys for user or file with similar name $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.user1.test.shareKey')); + '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/user1.test.shareKey')); $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.test-keymanager-userxdot.shareKey')); + '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/test-keymanager-userxdot.shareKey')); $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.' . Test_Encryption_Keymanager::TEST_USER . '.userx.shareKey')); + '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/' . Test_Encryption_Keymanager::TEST_USER . '.userx.shareKey')); // FIXME: this case currently cannot be distinguished, needs further fixing - /* $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.userx.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey')); + '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/userx.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey')); $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.user1.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey')); + '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/user1.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey')); $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.' . Test_Encryption_Keymanager::TEST_USER . '.user1.shareKey')); - */ + '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/file1/' . Test_Encryption_Keymanager::TEST_USER . '.user1.shareKey')); // owner key from existing file should still exists because the file is still there $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey')); + '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keys/folder1/existingFile.txt/' . Test_Encryption_Keymanager::TEST_USER . '.shareKey')); // cleanup $this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1'); @@ -344,7 +315,12 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase { $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data'); // recursive delete share keys from user1 and user2 - Encryption\Keymanager::delShareKey($this->view, array('user1', 'user2', Test_Encryption_Keymanager::TEST_USER), '/folder1/existingFile.txt', Test_Encryption_Keymanager::TEST_USER); + Encryption\Keymanager::delShareKey($this->view, + array('user1', 'user2', Test_Encryption_Keymanager::TEST_USER), + Encryption\Keymanager::getKeyPath($this->view, new Encryption\Util($this->view, Test_Encryption_Keymanager::TEST_USER), '/folder1/existingFile.txt'), + Test_Encryption_Keymanager::TEST_USER, + '/folder1/existingFile.txt'); + // check if share keys from user1 and user2 are deleted $this->assertFalse($this->view->file_exists( @@ -362,147 +338,16 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase { } - /** - * @medium - */ - function testDeleteFileKey() { - - $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1/existingFile.txt', 'data'); - - // create folder structure for some dummy file key files - $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1'); - - // create dummy keyfile - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/dummyFile.txt.key', 'data'); - - // recursive delete share keys from user1 and user2 - $result = Encryption\Keymanager::deleteFileKey($this->view, '/folder1/existingFile.txt'); - $this->assertFalse($result); - - $result2 = Encryption\Keymanager::deleteFileKey($this->view, '/folder1/dummyFile.txt'); - $this->assertTrue($result2); - - // check if file key from dummyFile was deleted - $this->assertFalse($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/dummyFile.txt.key')); - - // check if file key from existing file still exists - $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/existingFile.txt.key')); - - // cleanup - $this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1'); - - } - - /** - * @medium - */ - function testDeleteFileKeyFolder() { - - $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1/existingFile.txt', 'data'); - - // create folder structure for some dummy file key files - $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1'); - - // create dummy keyfile - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/dummyFile.txt.key', 'data'); - - // recursive delete share keys from user1 and user2 - $result = Encryption\Keymanager::deleteFileKey($this->view, '/folder1'); - $this->assertFalse($result); - - // all file keys should still exists if we try to delete a folder with keys for which some files still exists - $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/dummyFile.txt.key')); - $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/existingFile.txt.key')); - - // delete folder - $this->view->unlink('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1'); - // create dummy keyfile - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/dummyFile.txt.key', 'data'); - - // now file keys should be deleted since the folder no longer exists - $result = Encryption\Keymanager::deleteFileKey($this->view, '/folder1'); - $this->assertTrue($result); - - $this->assertFalse($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1')); - - // cleanup - $this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1'); - - } - - function testDelAllShareKeysFile() { - $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1/existingFile.txt', 'data'); - - // create folder structure for some dummy share key files - $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1'); - - // create some dummy share keys for the existing file - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user1.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user2.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user3.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data'); - - // create some dummy share keys for a non-existing file - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user1.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user2.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user3.shareKey', 'data'); - $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data'); - - // try to del all share keys from a existing file, should fail because the file still exists - $result = Encryption\Keymanager::delAllShareKeys($this->view, Test_Encryption_Keymanager::TEST_USER, 'folder1/existingFile.txt'); - $this->assertFalse($result); - - // check if share keys still exists - $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey')); - $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user1.shareKey')); - $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user2.shareKey')); - $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user3.shareKey')); - - // try to del all share keys from file, should succeed because the does not exist any more - $result2 = Encryption\Keymanager::delAllShareKeys($this->view, Test_Encryption_Keymanager::TEST_USER, 'folder1/nonexistingFile.txt'); - $this->assertTrue($result2); - - // check if share keys are really gone - $this->assertFalse($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey')); - // check that it only deleted keys or users who had access, others remain - $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user1.shareKey')); - $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user2.shareKey')); - $this->assertTrue($this->view->file_exists( - '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user3.shareKey')); - - // cleanup - $this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1'); - - } - function testKeySetPreperation() { $basePath = '/'.Test_Encryption_Keymanager::TEST_USER.'/files'; $path = '/folder1/subfolder/subsubfolder/file.txt'; $this->assertFalse($this->view->is_dir($basePath . '/testKeySetPreperation')); - $result = TestProtectedKeymanagerMethods::testKeySetPreperation($this->view, $path, $basePath); - - // return path without leading slash - $this->assertSame('folder1/subfolder/subsubfolder/file.txt', $result); + TestProtectedKeymanagerMethods::testKeySetPreperation($this->view, $basePath . $path); // check if directory structure was created - $this->assertTrue($this->view->is_dir($basePath . '/folder1/subfolder/subsubfolder')); + $this->assertTrue($this->view->is_dir($basePath . $path)); // cleanup $this->view->deleteAll($basePath . '/folder1'); @@ -516,18 +361,11 @@ class Test_Encryption_Keymanager extends \OCA\Files_Encryption\Tests\TestCase { class TestProtectedKeymanagerMethods extends \OCA\Encryption\Keymanager { /** - * @param string $sharekey - */ - public static function testGetFilenameFromShareKey($sharekey, $user) { - return self::getFilenameFromShareKey($sharekey, $user); - } - - /** * @param \OC\Files\View $view relative to data/ * @param string $path * @param string $basePath */ - public static function testKeySetPreperation($view, $path, $basePath) { - return self::keySetPreparation($view, $path, $basePath); + public static function testKeySetPreperation($view, $path) { + return self::keySetPreparation($view, $path); } } diff --git a/apps/files_encryption/tests/migration.php b/apps/files_encryption/tests/migration.php index 8ca2e94c90a..21c4e354c29 100644 --- a/apps/files_encryption/tests/migration.php +++ b/apps/files_encryption/tests/migration.php @@ -2,8 +2,9 @@ /** * ownCloud * - * @author Thomas Müller - * @copyright 2014 Thomas Müller deepdiver@owncloud.com + * @copyright (C) 2014 ownCloud, Inc. + * + * @author Bjoern Schiessle <schiessle@owncloud.com> * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE @@ -23,7 +24,29 @@ use OCA\Encryption; use OCA\Files_Encryption\Migration; -class Test_Migration extends \Test\TestCase { +class Test_Migration extends \OCA\Files_Encryption\Tests\TestCase { + + const TEST_ENCRYPTION_MIGRATION_USER1='test_encryption_user1'; + const TEST_ENCRYPTION_MIGRATION_USER2='test_encryption_user2'; + const TEST_ENCRYPTION_MIGRATION_USER3='test_encryption_user3'; + + private $view; + private $public_share_key_id; + private $recovery_key_id; + + public static function setUpBeforeClass() { + parent::setUpBeforeClass(); + self::loginHelper(self::TEST_ENCRYPTION_MIGRATION_USER1, true); + self::loginHelper(self::TEST_ENCRYPTION_MIGRATION_USER2, true); + self::loginHelper(self::TEST_ENCRYPTION_MIGRATION_USER3, true); + } + + public static function tearDownAfterClass() { + \OC_User::deleteUser(self::TEST_ENCRYPTION_MIGRATION_USER1); + \OC_User::deleteUser(self::TEST_ENCRYPTION_MIGRATION_USER2); + \OC_User::deleteUser(self::TEST_ENCRYPTION_MIGRATION_USER3); + parent::tearDownAfterClass(); + } protected function tearDown() { if (OC_DB::tableExists('encryption_test')) { @@ -34,26 +57,17 @@ class Test_Migration extends \Test\TestCase { parent::tearDown(); } - protected function setUp() { - parent::setUp(); - + public function setUp() { + $this->loginHelper(self::TEST_ENCRYPTION_MIGRATION_USER1); + $this->view = new \OC\Files\View(); + $this->public_share_key_id = Encryption\Helper::getPublicShareKeyId(); + $this->recovery_key_id = Encryption\Helper::getRecoveryKeyId(); if (OC_DB::tableExists('encryption_test')) { OC_DB::dropTable('encryption_test'); } $this->assertTableNotExist('encryption_test'); } - public function testEncryptionTableDoesNotExist() { - - $this->assertTableNotExist('encryption_test'); - - $migration = new Migration('encryption_test'); - $migration->dropTableEncryption(); - - $this->assertTableNotExist('encryption_test'); - - } - public function checkLastIndexId() { $query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` (' .' `item_type`, `item_source`, `item_target`, `share_type`,' @@ -91,89 +105,160 @@ class Test_Migration extends \Test\TestCase { $this->checkLastIndexId(); } - public function testDataMigration() { - // TODO travis - if (getenv('TRAVIS')) { - $this->markTestSkipped('Fails on travis'); + /** + * @param string $table + */ + public function assertTableNotExist($table) { + $type=OC_Config::getValue( "dbtype", "sqlite" ); + if( $type == 'sqlite' || $type == 'sqlite3' ) { + // sqlite removes the tables after closing the DB + $this->assertTrue(true); + } else { + $this->assertFalse(OC_DB::tableExists($table), 'Table ' . $table . ' exists.'); } - - $this->assertTableNotExist('encryption_test'); - - // create test table - OC_DB::createDbFromStructure(__DIR__ . '/encryption_table.xml'); - $this->assertTableExist('encryption_test'); - - OC_DB::executeAudited('INSERT INTO `*PREFIX*encryption_test` values(?, ?, ?, ?)', - array('user1', 'server-side', 1, 1)); - - // preform migration - $migration = new Migration('encryption_test'); - $migration->dropTableEncryption(); - - // assert - $this->assertTableNotExist('encryption_test'); - - $rec = \OC_Preferences::getValue('user1', 'files_encryption', 'recovery_enabled'); - $mig = \OC_Preferences::getValue('user1', 'files_encryption', 'migration_status'); - - $this->assertEquals(1, $rec); - $this->assertEquals(1, $mig); } - public function testDuplicateDataMigration() { - // TODO travis - if (getenv('TRAVIS')) { - $this->markTestSkipped('Fails on travis'); + protected function createDummyShareKeys($uid) { + $this->view->mkdir($uid . '/files_encryption/share-keys/folder1/folder2/folder3'); + $this->view->mkdir($uid . '/files_encryption/share-keys/folder2/'); + $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/folder3/file3.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data'); + $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/folder3/file3.' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey' , 'data'); + $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/folder3/file3.' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey' , 'data'); + $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/file2.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data'); + $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/file2.' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey' , 'data'); + $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/folder2/file2.' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey' , 'data'); + $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/file.1.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data'); + $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/file.1.' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey' , 'data'); + $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder1/file.1.' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey' , 'data'); + $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder2/file.2.1.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data'); + $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder2/file.2.1.' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey' , 'data'); + $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder2/file.2.1.' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey' , 'data'); + if ($this->public_share_key_id) { + $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder2/file.2.1.' . $this->public_share_key_id . '.shareKey' , 'data'); } - - // create test table - OC_DB::createDbFromStructure(__DIR__ . '/encryption_table.xml'); - - // in case of duplicate entries we want to preserve 0 on migration status and 1 on recovery - $data = array( - array('user1', 'server-side', 1, 1), - array('user1', 'server-side', 1, 0), - array('user1', 'server-side', 0, 1), - array('user1', 'server-side', 0, 0), - ); - foreach ($data as $d) { - OC_DB::executeAudited( - 'INSERT INTO `*PREFIX*encryption_test` values(?, ?, ?, ?)', - $d); + if ($this->recovery_key_id) { + $this->view->file_put_contents($uid . '/files_encryption/share-keys/folder2/file.2.1.' . $this->recovery_key_id . '.shareKey' , 'data'); } + } - // preform migration - $migration = new Migration('encryption_test'); - $migration->dropTableEncryption(); + protected function createDummyFileKeys($uid) { + $this->view->mkdir($uid . '/files_encryption/keyfiles/folder1/folder2/folder3'); + $this->view->mkdir($uid . '/files_encryption/keyfiles/folder2/'); + $this->view->file_put_contents($uid . '/files_encryption/keyfiles/folder1/folder2/folder3/file3.key' , 'data'); + $this->view->file_put_contents($uid . '/files_encryption/keyfiles/folder1/folder2/file2.key' , 'data'); + $this->view->file_put_contents($uid . '/files_encryption/keyfiles/folder1/file.1.key' , 'data'); + $this->view->file_put_contents($uid . '/files_encryption/keyfiles/folder2/file.2.1.key' , 'data'); + } - // assert - $this->assertTableNotExist('encryption_test'); + protected function createDummyFilesInTrash($uid) { + $this->view->mkdir($uid . '/files_trashbin/share-keys'); + $this->view->mkdir($uid . '/files_trashbin/share-keys/folder1.d7437648723'); + $this->view->file_put_contents($uid . '/files_trashbin/share-keys/file1.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey.d5457864' , 'data'); + $this->view->file_put_contents($uid . '/files_trashbin/share-keys/file1.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey.d5457864' , 'data'); + $this->view->file_put_contents($uid . '/files_trashbin/share-keys/folder1.d7437648723/file2.' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data'); + + $this->view->mkdir($uid . '/files_trashbin/keyfiles'); + $this->view->mkdir($uid . '/files_trashbin/keyfiles/folder1.d7437648723'); + $this->view->file_put_contents($uid . '/files_trashbin/keyfiles/file1.key.d5457864' , 'data'); + $this->view->file_put_contents($uid . '/files_trashbin/keyfiles/folder1.d7437648723/file2.key' , 'data'); + } + + protected function createDummySystemWideKeys() { + $this->view->mkdir('owncloud_private_key'); + $this->view->file_put_contents('owncloud_private_key/systemwide_1.private.key', 'data'); + $this->view->file_put_contents('owncloud_private_key/systemwide_2.private.key', 'data'); + } - $rec = \OC_Preferences::getValue('user1', 'files_encryption', 'recovery_enabled'); - $mig = \OC_Preferences::getValue('user1', 'files_encryption', 'migration_status'); + public function testMigrateToNewFolderStructure() { + + // go back to the state before migration + $this->view->rename('/files_encryption/public_keys', '/public-keys'); + $this->view->rename('/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.publicKey', '/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.public.key'); + $this->view->rename('/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.publicKey', '/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.public.key'); + $this->view->rename('/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.publicKey', '/public-keys/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.public.key'); + $this->view->deleteAll(self::TEST_ENCRYPTION_MIGRATION_USER1 . '/files_encryption/keys'); + $this->view->deleteAll(self::TEST_ENCRYPTION_MIGRATION_USER2 . '/files_encryption/keys'); + $this->view->deleteAll(self::TEST_ENCRYPTION_MIGRATION_USER3 . '/files_encryption/keys'); + $this->view->rename(self::TEST_ENCRYPTION_MIGRATION_USER1 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.privateKey', + self::TEST_ENCRYPTION_MIGRATION_USER1 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.private.key'); + $this->view->rename(self::TEST_ENCRYPTION_MIGRATION_USER2 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.privateKey', + self::TEST_ENCRYPTION_MIGRATION_USER2 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.private.key'); + $this->view->rename(self::TEST_ENCRYPTION_MIGRATION_USER3 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.privateKey', + self::TEST_ENCRYPTION_MIGRATION_USER3 . '/files_encryption/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.private.key'); + + $this->createDummyShareKeys(self::TEST_ENCRYPTION_MIGRATION_USER1); + $this->createDummyShareKeys(self::TEST_ENCRYPTION_MIGRATION_USER2); + $this->createDummyShareKeys(self::TEST_ENCRYPTION_MIGRATION_USER3); + + $this->createDummyFileKeys(self::TEST_ENCRYPTION_MIGRATION_USER1); + $this->createDummyFileKeys(self::TEST_ENCRYPTION_MIGRATION_USER2); + $this->createDummyFileKeys(self::TEST_ENCRYPTION_MIGRATION_USER3); + + $this->createDummyFilesInTrash(self::TEST_ENCRYPTION_MIGRATION_USER2); + + // no user for system wide mount points + $this->createDummyFileKeys(''); + $this->createDummyShareKeys(''); + + $this->createDummySystemWideKeys(); + + $m = new \OCA\Files_Encryption\Migration(); + $m->reorganizeFolderStructure(); + + // TODO Verify that all files at the right place + $this->assertTrue($this->view->file_exists('/files_encryption/public_keys/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.publicKey')); + $this->assertTrue($this->view->file_exists('/files_encryption/public_keys/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.publicKey')); + $this->assertTrue($this->view->file_exists('/files_encryption/public_keys/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.publicKey')); + $this->verifyNewKeyPath(self::TEST_ENCRYPTION_MIGRATION_USER1); + $this->verifyNewKeyPath(self::TEST_ENCRYPTION_MIGRATION_USER2); + $this->verifyNewKeyPath(self::TEST_ENCRYPTION_MIGRATION_USER3); + // system wide keys + $this->verifyNewKeyPath(''); + // trash + $this->verifyFilesInTrash(self::TEST_ENCRYPTION_MIGRATION_USER2); - $this->assertEquals(1, $rec); - $this->assertEquals(0, $mig); } - /** - * @param string $table - */ - public function assertTableExist($table) { - $this->assertTrue(OC_DB::tableExists($table), 'Table ' . $table . ' does not exist'); + protected function verifyFilesInTrash($uid) { + // share keys + $this->view->file_exists($uid . '/files_trashbin/keys/file1.d5457864/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey.d5457864' , 'data'); + $this->view->file_exists($uid . '/files_trashbin/keys/file1.d5457864/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey.d5457864' , 'data'); + $this->view->file_exists($uid . '/files_trashbin/keys/folder1.d7437648723/file2/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey' , 'data'); + + // file keys + $this->view->file_exists($uid . '/files_trashbin/keys/file1.d5457864/fileKey.d5457864' , 'data'); + $this->view->file_exists($uid . '/files_trashbin/keyfiles/file1.d5457864/fileKey.d5457864' , 'data'); + $this->view->file_exists($uid . '/files_trashbin/keyfiles/folder1.d7437648723/file2/fileKey' , 'data'); } - /** - * @param string $table - */ - public function assertTableNotExist($table) { - $type=OC_Config::getValue( "dbtype", "sqlite" ); - if( $type == 'sqlite' || $type == 'sqlite3' ) { - // sqlite removes the tables after closing the DB - $this->assertTrue(true); - } else { - $this->assertFalse(OC_DB::tableExists($table), 'Table ' . $table . ' exists.'); + protected function verifyNewKeyPath($uid) { + // private key + if ($uid !== '') { + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/' . $uid . '.privateKey')); + } + // file keys + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/folder3/file3/fileKey')); + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/file2/fileKey')); + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/file.1/fileKey')); + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/fileKey')); + // share keys + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/folder3/file3/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey')); + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/folder3/file3/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey')); + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/folder3/file3/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey')); + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/file2/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey')); + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/file2/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey')); + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/folder2/file2/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey')); + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/file.1/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey')); + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/file.1/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey')); + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder1/file.1/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey')); + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/' . self::TEST_ENCRYPTION_MIGRATION_USER1 . '.shareKey')); + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/' . self::TEST_ENCRYPTION_MIGRATION_USER2 . '.shareKey')); + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/' . self::TEST_ENCRYPTION_MIGRATION_USER3 . '.shareKey')); + if ($this->public_share_key_id) { + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/' . $this->public_share_key_id . '.shareKey')); + } + if ($this->recovery_key_id) { + $this->assertTrue($this->view->file_exists($uid . '/files_encryption/keys/folder2/file.2.1/' . $this->recovery_key_id . '.shareKey')); } } - } diff --git a/apps/files_encryption/tests/proxy.php b/apps/files_encryption/tests/proxy.php index a91222327f1..72a9a9a5551 100644 --- a/apps/files_encryption/tests/proxy.php +++ b/apps/files_encryption/tests/proxy.php @@ -44,20 +44,6 @@ class Test_Encryption_Proxy extends \OCA\Files_Encryption\Tests\TestCase { public static function setUpBeforeClass() { parent::setUpBeforeClass(); - // reset backend - \OC_User::clearBackends(); - \OC_User::useBackend('database'); - - \OC_Hook::clear('OC_Filesystem'); - \OC_Hook::clear('OC_User'); - - // Filesystem related hooks - \OCA\Encryption\Helper::registerFilesystemHooks(); - - // clear and register hooks - \OC_FileProxy::clearProxies(); - \OC_FileProxy::register(new OCA\Encryption\Proxy()); - // create test user self::loginHelper(\Test_Encryption_Proxy::TEST_ENCRYPTION_PROXY_USER1, true); } @@ -85,14 +71,6 @@ class Test_Encryption_Proxy extends \OCA\Files_Encryption\Tests\TestCase { // cleanup test user \OC_User::deleteUser(\Test_Encryption_Proxy::TEST_ENCRYPTION_PROXY_USER1); - \OC_Hook::clear(); - \OC_FileProxy::clearProxies(); - - // Delete keys in /data/ - $view = new \OC\Files\View('/'); - $view->rmdir('public-keys'); - $view->rmdir('owncloud_private_key'); - parent::tearDownAfterClass(); } diff --git a/apps/files_encryption/tests/share.php b/apps/files_encryption/tests/share.php index 24b828433d0..f827017569f 100755 --- a/apps/files_encryption/tests/share.php +++ b/apps/files_encryption/tests/share.php @@ -47,30 +47,15 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { public static function setUpBeforeClass() { parent::setUpBeforeClass(); - // reset backend - \OC_User::clearBackends(); - \OC_User::useBackend('database'); - // enable resharing \OC::$server->getAppConfig()->setValue('core', 'shareapi_allow_resharing', 'yes'); - // clear share hooks - \OC_Hook::clear('OCP\\Share'); - // register share hooks \OC::registerShareHooks(); \OCA\Files_Sharing\Helper::registerHooks(); - // Sharing related hooks - \OCA\Encryption\Helper::registerShareHooks(); - - // Filesystem related hooks - \OCA\Encryption\Helper::registerFilesystemHooks(); - // clear and register hooks - \OC_FileProxy::clearProxies(); \OC_FileProxy::register(new OCA\Files\Share\Proxy()); - \OC_FileProxy::register(new OCA\Encryption\Proxy()); // create users self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1, true); @@ -127,14 +112,6 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { \OC_User::deleteUser(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3); \OC_User::deleteUser(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4); - \OC_Hook::clear(); - \OC_FileProxy::clearProxies(); - - // Delete keys in /data/ - $view = new \OC\Files\View('/'); - $view->rmdir('public-keys'); - $view->rmdir('owncloud_private_key'); - parent::tearDownAfterClass(); } @@ -178,8 +155,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key for user1 exists $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); // login as user1 self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2); @@ -202,8 +179,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); // cleanup $this->view->chroot('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/'); @@ -212,8 +189,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); } } @@ -239,8 +216,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key for user2 exists $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); // login as user2 self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3); @@ -266,16 +243,16 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); // unshare the file with user1 \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2); // check if share key not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); // cleanup $this->view->chroot('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/'); @@ -284,8 +261,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); } } @@ -335,9 +312,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key for user1 exists $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys' . $this->folder1 + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); // login as user1 self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2); @@ -361,9 +338,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys' + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); // cleanup $this->view->chroot('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files'); @@ -372,9 +349,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys' + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); } return $fileInfo; @@ -413,9 +390,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key for user3 exists $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys' . $this->folder1 + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); // login as user3 self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3); @@ -444,9 +421,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key for user3 exists $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys' . $this->folder1 + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey')); + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey')); // login as user3 self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4); @@ -469,9 +446,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys' + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey')); + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey')); // login as user1 self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2); @@ -481,9 +458,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys' + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); // login as admin self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1); @@ -493,9 +470,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys' + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); // cleanup $this->view->chroot('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files'); @@ -504,9 +481,9 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys' + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); } } @@ -548,8 +525,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key for public exists $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . $publicShareKeyId . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . $publicShareKeyId . '.shareKey')); // some hacking to simulate public link //$GLOBALS['app'] = 'files_sharing'; @@ -572,8 +549,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . $publicShareKeyId . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . $publicShareKeyId . '.shareKey')); // cleanup $this->view->chroot('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/'); @@ -582,8 +559,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); } /** @@ -624,11 +601,11 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key for user2 and user3 exists $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey')); // login as user1 self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3); @@ -648,11 +625,11 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER4 . '.shareKey')); // cleanup $this->view->chroot('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/'); @@ -661,8 +638,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); } @@ -708,19 +685,19 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key for admin and recovery exists $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . $recoveryKeyId . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . $recoveryKeyId . '.shareKey')); $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' . $this->folder1 + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' . $this->folder1 + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . $recoveryKeyId . '.shareKey')); + . $this->filename . '/' . $recoveryKeyId . '.shareKey')); // disable recovery for admin $this->assertTrue($util->setRecoveryForUser(0)); @@ -730,12 +707,12 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key for recovery not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . $recoveryKeyId . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . $recoveryKeyId . '.shareKey')); $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' . $this->folder1 + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . $recoveryKeyId . '.shareKey')); + . $this->filename . '/' . $recoveryKeyId . '.shareKey')); // enable recovery for admin $this->assertTrue($util->setRecoveryForUser(1)); @@ -745,12 +722,12 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key for admin and recovery exists $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . $recoveryKeyId . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . $recoveryKeyId . '.shareKey')); $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' . $this->folder1 + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . $recoveryKeyId . '.shareKey')); + . $this->filename . '/' . $recoveryKeyId . '.shareKey')); // cleanup $this->view->chroot('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/'); @@ -760,12 +737,12 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key for recovery not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . $recoveryKeyId . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . $recoveryKeyId . '.shareKey')); $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' . $this->folder1 + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . $recoveryKeyId . '.shareKey')); + . $this->filename . '/' . $recoveryKeyId . '.shareKey')); $this->assertTrue(\OCA\Encryption\Helper::adminEnableRecovery(null, 'test123')); $this->assertTrue(\OCA\Encryption\Helper::adminDisableRecovery('test123')); @@ -815,19 +792,19 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key for user and recovery exists $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/share-keys/' - . $this->filename . '.' . $recoveryKeyId . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' + . $this->filename . '/' . $recoveryKeyId . '.shareKey')); $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/share-keys/' . $this->folder1 + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/share-keys/' . $this->folder1 + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . $recoveryKeyId . '.shareKey')); + . $this->filename . '/' . $recoveryKeyId . '.shareKey')); // login as admin self::loginHelper(\Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1); @@ -859,19 +836,19 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key for user and recovery exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/share-keys/' - . $this->filename . '.' . $recoveryKeyId . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' + . $this->filename . '/' . $recoveryKeyId . '.shareKey')); $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/share-keys/' . $this->folder1 + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/share-keys/' . $this->folder1 + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '/files_encryption/keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' - . $this->filename . '.' . $recoveryKeyId . '.shareKey')); + . $this->filename . '/' . $recoveryKeyId . '.shareKey')); // enable recovery for admin $this->assertTrue($util->setRecoveryForUser(0)); @@ -915,8 +892,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { $this->assertGreaterThan(0, $fileInfo['unencrypted_size']); // break users public key - $this->view->rename('/public-keys/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.public.key', - '/public-keys/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.public.key_backup'); + $this->view->rename(\OCA\Encryption\Keymanager::getPublicKeyPath() . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.publicKey', + \OCA\Encryption\Keymanager::getPublicKeyPath() . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.publicKey_backup'); // re-enable the file proxy \OC_FileProxy::$enabled = $proxyStatus; @@ -934,8 +911,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key for user1 not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); // disable encryption proxy to prevent recursive calls $proxyStatus = \OC_FileProxy::$enabled; @@ -943,12 +920,12 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // break user1 public key $this->view->rename( - '/public-keys/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.public.key_backup', - '/public-keys/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.public.key'); + \OCA\Encryption\Keymanager::getPublicKeyPath() . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.publicKey_backup', + \OCA\Encryption\Keymanager::getPublicKeyPath() . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.publicKey'); // remove share file - $this->view->unlink('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 + $this->view->unlink('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey'); // re-enable the file proxy @@ -959,8 +936,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key not exists $this->assertFalse($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER3 . '.shareKey')); // cleanup $this->view->chroot('/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files/'); @@ -995,8 +972,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { // check if share key for user2 exists $this->assertTrue($this->view->file_exists( - '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/share-keys/' - . $this->filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); + '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '/files_encryption/keys/' + . $this->filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); // login as user2 @@ -1068,10 +1045,10 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { $this->assertEquals($this->dataShort, $newDecrypt); // check if additional share key for user2 exists - $this->assertTrue($view->file_exists('files_encryption/share-keys' . $newFolder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); + $this->assertTrue($view->file_exists('files_encryption/keys' . $newFolder . '/' . $filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); // check that old keys were removed/moved properly - $this->assertFalse($view->file_exists('files_encryption/share-keys' . $folder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); + $this->assertFalse($view->file_exists('files_encryption/keys' . $folder . '/' . $filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); // tear down \OC\Files\Filesystem::unlink($newFolder); @@ -1120,8 +1097,8 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { \OCP\Share::shareItem('folder', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2, \OCP\Constants::PERMISSION_ALL); // check that the share keys exist - $this->assertTrue($view->file_exists('files_encryption/share-keys' . $folder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - $this->assertTrue($view->file_exists('files_encryption/share-keys' . $folder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); + $this->assertTrue($view->file_exists('files_encryption/keys' . $folder . '/' . $filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); + $this->assertTrue($view->file_exists('files_encryption/keys' . $folder . '/' . $filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); // move the file into the subfolder as the test user self::loginHelper($userId); @@ -1133,12 +1110,12 @@ class Test_Encryption_Share extends \OCA\Files_Encryption\Tests\TestCase { $this->assertEquals($this->dataShort, $newDecrypt); // check if additional share key for user2 exists - $this->assertTrue($view->file_exists('files_encryption/share-keys' . $subFolder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - $this->assertTrue($view->file_exists('files_encryption/share-keys' . $subFolder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); + $this->assertTrue($view->file_exists('files_encryption/keys' . $subFolder . '/' . $filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); + $this->assertTrue($view->file_exists('files_encryption/keys' . $subFolder . '/' . $filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); // check that old keys were removed/moved properly - $this->assertFalse($view->file_exists('files_encryption/share-keys' . $folder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); - $this->assertFalse($view->file_exists('files_encryption/share-keys' . $folder . '/' . $filename . '.' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); + $this->assertFalse($view->file_exists('files_encryption/keys' . $folder . '/' . $filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER1 . '.shareKey')); + $this->assertFalse($view->file_exists('files_encryption/keys' . $folder . '/' . $filename . '/' . \Test_Encryption_Share::TEST_ENCRYPTION_SHARE_USER2 . '.shareKey')); // tear down \OC\Files\Filesystem::unlink($subFolder); diff --git a/apps/files_encryption/tests/stream.php b/apps/files_encryption/tests/stream.php index b1404ca282a..f4824935ca0 100644 --- a/apps/files_encryption/tests/stream.php +++ b/apps/files_encryption/tests/stream.php @@ -42,17 +42,6 @@ class Test_Encryption_Stream extends \OCA\Files_Encryption\Tests\TestCase { public static function setUpBeforeClass() { parent::setUpBeforeClass(); - // reset backend - \OC_User::clearBackends(); - \OC_User::useBackend('database'); - - // Filesystem related hooks - \OCA\Encryption\Helper::registerFilesystemHooks(); - - // clear and register hooks - \OC_FileProxy::clearProxies(); - \OC_FileProxy::register(new OCA\Encryption\Proxy()); - // create test user self::loginHelper(\Test_Encryption_Stream::TEST_ENCRYPTION_STREAM_USER1, true); } @@ -94,14 +83,6 @@ class Test_Encryption_Stream extends \OCA\Files_Encryption\Tests\TestCase { // cleanup test user \OC_User::deleteUser(\Test_Encryption_Stream::TEST_ENCRYPTION_STREAM_USER1); - \OC_Hook::clear(); - \OC_FileProxy::clearProxies(); - - // Delete keys in /data/ - $view = new \OC\Files\View('/'); - $view->rmdir('public-keys'); - $view->rmdir('owncloud_private_key'); - parent::tearDownAfterClass(); } diff --git a/apps/files_encryption/tests/testcase.php b/apps/files_encryption/tests/testcase.php index 3106aeda8ea..743a876ab45 100644 --- a/apps/files_encryption/tests/testcase.php +++ b/apps/files_encryption/tests/testcase.php @@ -14,6 +14,7 @@ use OCA\Encryption; * Class Test_Encryption_TestCase */ abstract class TestCase extends \Test\TestCase { + /** * @param string $user * @param bool $create @@ -50,4 +51,34 @@ abstract class TestCase extends \Test\TestCase { \OC_User::setUserId(false); \OC\Files\Filesystem::tearDown(); } + + public static function setUpBeforeClass() { + parent::setUpBeforeClass(); + + // reset backend + \OC_User::clearBackends(); + \OC_User::useBackend('database'); + + \OCA\Encryption\Helper::registerFilesystemHooks(); + \OCA\Encryption\Helper::registerUserHooks(); + \OCA\Encryption\Helper::registerShareHooks(); + + \OC::registerShareHooks(); + \OCP\Util::connectHook('OC_Filesystem', 'setup', '\OC\Files\Storage\Shared', 'setup'); + + // clear and register hooks + \OC_FileProxy::clearProxies(); + \OC_FileProxy::register(new \OCA\Encryption\Proxy()); + } + + public static function tearDownAfterClass() { + \OC_Hook::clear(); + \OC_FileProxy::clearProxies(); + + // Delete keys in /data/ + $view = new \OC\Files\View('/'); + $view->deleteAll('files_encryption'); + + parent::tearDownAfterClass(); + } } diff --git a/apps/files_encryption/tests/trashbin.php b/apps/files_encryption/tests/trashbin.php index a43e8f964a2..de5b8bd6edb 100755 --- a/apps/files_encryption/tests/trashbin.php +++ b/apps/files_encryption/tests/trashbin.php @@ -45,23 +45,9 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase { public static function setUpBeforeClass() { parent::setUpBeforeClass(); - // reset backend - \OC_User::clearBackends(); - \OC_User::useBackend('database'); - - \OC_Hook::clear('OC_Filesystem'); - \OC_Hook::clear('OC_User'); - // trashbin hooks \OCA\Files_Trashbin\Trashbin::registerHooks(); - // Filesystem related hooks - \OCA\Encryption\Helper::registerFilesystemHooks(); - - // clear and register hooks - \OC_FileProxy::clearProxies(); - \OC_FileProxy::register(new OCA\Encryption\Proxy()); - // create test user self::loginHelper(self::TEST_ENCRYPTION_TRASHBIN_USER1, true); } @@ -107,14 +93,6 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase { // cleanup test user \OC_User::deleteUser(self::TEST_ENCRYPTION_TRASHBIN_USER1); - \OC_Hook::clear(); - \OC_FileProxy::clearProxies(); - - // Delete keys in /data/ - $view = new \OC\Files\View('/'); - $view->rmdir('public-keys'); - $view->rmdir('owncloud_private_key'); - parent::tearDownAfterClass(); } @@ -138,22 +116,20 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase { // check if key for admin exists $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/' . $filename - . '.key')); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/fileKey')); $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/' . $filename2 - . '.key')); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename2 . '/fileKey')); // check if share key for admin exists $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/' - . $filename . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' + . $filename . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/' - . $filename2 . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' + . $filename2 . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); // delete first file - \OC\FIles\Filesystem::unlink($filename); + \OC\Files\Filesystem::unlink($filename); // check if file not exists $this->assertFalse($this->view->file_exists( @@ -161,13 +137,12 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase { // check if key for admin not exists $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/' . $filename - . '.key')); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/fileKey')); // check if share key for admin not exists $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/' - . $filename . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' + . $filename . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); // check that second file still exists $this->assertTrue($this->view->file_exists( @@ -175,13 +150,12 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase { // check that key for second file still exists $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/' . $filename2 - . '.key')); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename2 . '/fileKey')); // check that share key for second file still exists $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/' - . $filename2 . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' + . $filename2 . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); // get files $trashFiles = $this->view->getDirectoryContent( @@ -199,15 +173,16 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase { // check if we found the file we created $this->assertNotNull($trashFileSuffix); + $this->assertTrue($this->view->is_dir('/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename . '.' . $trashFileSuffix)); + // check if key for admin not exists $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keyfiles/' . $filename - . '.key.' . $trashFileSuffix)); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename . '.' . $trashFileSuffix . '/fileKey')); // check if share key for admin not exists $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/share-keys/' . $filename - . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey.' . $trashFileSuffix)); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename + . '.' . $trashFileSuffix . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); } /** @@ -242,6 +217,13 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase { // prepare file information $timestamp = str_replace('d', '', $trashFileSuffix); + // before calling the restore operation the keys shouldn't be there + $this->assertFalse($this->view->file_exists( + '/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/fileKey')); + $this->assertFalse($this->view->file_exists( + '/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' + . $filename . '/' . \Test_Encryption_Trashbin::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); + // restore first file $this->assertTrue(\OCA\Files_Trashbin\Trashbin::restore($filename . '.' . $trashFileSuffix, $filename, $timestamp)); @@ -251,13 +233,12 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase { // check if key for admin exists $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/' - . $filename . '.key')); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/fileKey')); // check if share key for admin exists $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/' - . $filename . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' + . $filename . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); // check that second file was NOT restored $this->assertFalse($this->view->file_exists( @@ -265,13 +246,12 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase { // check if key for admin exists $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/' - . $filename2 . '.key')); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename2 . '/fileKey')); // check if share key for admin exists $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/' - . $filename2 . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' + . $filename2 . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); } /** @@ -291,13 +271,12 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase { // check if key for admin exists $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/' . $filename - . '.key')); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/fileKey')); // check if share key for admin exists $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/' - . $filename . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' + . $filename . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); // delete file \OC\Files\Filesystem::unlink($filename); @@ -308,13 +287,13 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase { // check if key for admin not exists $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keyfiles/' . $filename - . '.key')); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' . $filename . '/' + . $filename . '.key')); // check if share key for admin not exists $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/share-keys/' - . $filename . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_encryption/keys/' + . $filename . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); // find created file with timestamp $query = \OC_DB::prepare('SELECT `timestamp`,`type` FROM `*PREFIX*files_trash`' @@ -328,13 +307,13 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase { // check if key for admin exists $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keyfiles/' . $filename - . '.key.' . $trashFileSuffix)); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename + . '.' . $trashFileSuffix . '/fileKey')); // check if share key for admin exists $this->assertTrue($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/share-keys/' . $filename - . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey.' . $trashFileSuffix)); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' + . $filename . '.' . $trashFileSuffix . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); // get timestamp from file $timestamp = str_replace('d', '', $trashFileSuffix); @@ -349,13 +328,13 @@ class Test_Encryption_Trashbin extends \OCA\Files_Encryption\Tests\TestCase { // check if key for admin not exists $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keyfiles/' . $filename - . '.key.' . $trashFileSuffix)); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename + . '.' . $trashFileSuffix . '/fileKey')); // check if share key for admin not exists $this->assertFalse($this->view->file_exists( - '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/share-keys/' . $filename - . '.' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey.' . $trashFileSuffix)); + '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '/files_trashbin/keys/' . $filename + . '.' . $trashFileSuffix . '/' . self::TEST_ENCRYPTION_TRASHBIN_USER1 . '.shareKey')); } } diff --git a/apps/files_encryption/tests/util.php b/apps/files_encryption/tests/util.php index b8057202a07..8d9aba423cd 100755 --- a/apps/files_encryption/tests/util.php +++ b/apps/files_encryption/tests/util.php @@ -43,12 +43,6 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase { public static function setUpBeforeClass() { parent::setUpBeforeClass(); - // reset backend - \OC_User::clearBackends(); - \OC_User::useBackend('database'); - - self::setupHooks(); - // create test user self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1, true); self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER2, true); @@ -85,13 +79,13 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase { $this->genPublicKey = $keypair['publicKey']; $this->genPrivateKey = $keypair['privateKey']; - $this->publicKeyDir = '/' . 'public-keys'; + $this->publicKeyDir = \OCA\Encryption\Keymanager::getPublicKeyPath(); $this->encryptionDir = '/' . $this->userId . '/' . 'files_encryption'; - $this->keyfilesPath = $this->encryptionDir . '/' . 'keyfiles'; + $this->keysPath = $this->encryptionDir . '/' . 'keys'; $this->publicKeyPath = - $this->publicKeyDir . '/' . $this->userId . '.public.key'; // e.g. data/public-keys/admin.public.key + $this->publicKeyDir . '/' . $this->userId . '.publicKey'; // e.g. data/public-keys/admin.publicKey $this->privateKeyPath = - $this->encryptionDir . '/' . $this->userId . '.private.key'; // e.g. data/admin/admin.private.key + $this->encryptionDir . '/' . $this->userId . '.privateKey'; // e.g. data/admin/admin.privateKey $this->view = new \OC\Files\View('/'); @@ -126,26 +120,9 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase { \OC_Group::deleteGroup(self::TEST_ENCRYPTION_UTIL_GROUP1); \OC_Group::deleteGroup(self::TEST_ENCRYPTION_UTIL_GROUP2); - \OC_Hook::clear(); - \OC_FileProxy::clearProxies(); - - // Delete keys in /data/ - $view = new \OC\Files\View('/'); - $view->rmdir('public-keys'); - $view->rmdir('owncloud_private_key'); - parent::tearDownAfterClass(); } - public static function setupHooks() { - // Filesystem related hooks - \OCA\Encryption\Helper::registerFilesystemHooks(); - - // clear and register hooks - \OC_FileProxy::clearProxies(); - \OC_FileProxy::register(new OCA\Encryption\Proxy()); - } - /** * @medium * test that paths set during User construction are correct @@ -155,7 +132,7 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase { $this->assertEquals($this->publicKeyDir, $util->getPath('publicKeyDir')); $this->assertEquals($this->encryptionDir, $util->getPath('encryptionDir')); - $this->assertEquals($this->keyfilesPath, $util->getPath('keyfilesPath')); + $this->assertEquals($this->keysPath, $util->getPath('keysPath')); $this->assertEquals($this->publicKeyPath, $util->getPath('publicKeyPath')); $this->assertEquals($this->privateKeyPath, $util->getPath('privateKeyPath')); @@ -396,16 +373,18 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase { // file should no longer be encrypted $this->assertEquals(0, $fileInfoUnencrypted['encrypted']); + $backupPath = $this->getBackupPath('decryptAll'); + // check if the keys where moved to the backup location - $this->assertTrue($this->view->is_dir($this->userId . '/files_encryption/keyfiles.backup')); - $this->assertTrue($this->view->file_exists($this->userId . '/files_encryption/keyfiles.backup/' . $filename . '.key')); - $this->assertTrue($this->view->is_dir($this->userId . '/files_encryption/share-keys.backup')); - $this->assertTrue($this->view->file_exists($this->userId . '/files_encryption/share-keys.backup/' . $filename . '.' . $user . '.shareKey')); + $this->assertTrue($this->view->is_dir($backupPath . '/keys')); + $this->assertTrue($this->view->file_exists($backupPath . '/keys/' . $filename . '/fileKey')); + $this->assertTrue($this->view->file_exists($backupPath . '/keys/' . $filename . '/' . $user . '.shareKey')); + $this->assertTrue($this->view->file_exists($backupPath . '/' . $user . '.privateKey')); + $this->assertTrue($this->view->file_exists($backupPath . '/' . $user . '.publicKey')); // cleanup $this->view->unlink($this->userId . '/files/' . $filename); - $this->view->deleteAll($this->userId . '/files_encryption/keyfiles.backup'); - $this->view->deleteAll($this->userId . '/files_encryption/share-keys.backup'); + $this->view->deleteAll($backupPath); OC_App::enable('files_encryption'); } @@ -418,38 +397,28 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase { // create some dummy key files $encPath = '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '/files_encryption'; - $this->view->file_put_contents($encPath . '/keyfiles/foo.key', 'key'); - $this->view->file_put_contents($encPath . '/share-keys/foo.user1.shareKey', 'share key'); + $this->view->mkdir($encPath . '/keys/foo'); + $this->view->file_put_contents($encPath . '/keys/foo/fileKey', 'key'); + $this->view->file_put_contents($encPath . '/keys/foo/user1.shareKey', 'share key'); $util = new \OCA\Encryption\Util($this->view, self::TEST_ENCRYPTION_UTIL_USER1); - $util->backupAllKeys('testing'); + $util->backupAllKeys('testBackupAllKeys'); - $encFolderContent = $this->view->getDirectoryContent($encPath); - - $backupPath = ''; - foreach ($encFolderContent as $c) { - $name = $c['name']; - if (substr($name, 0, strlen('backup')) === 'backup') { - $backupPath = $encPath . '/'. $c['name']; - break; - } - } - - $this->assertTrue($backupPath !== ''); + $backupPath = $this->getBackupPath('testBackupAllKeys'); // check backupDir Content - $this->assertTrue($this->view->is_dir($backupPath . '/keyfiles')); - $this->assertTrue($this->view->is_dir($backupPath . '/share-keys')); - $this->assertTrue($this->view->file_exists($backupPath . '/keyfiles/foo.key')); - $this->assertTrue($this->view->file_exists($backupPath . '/share-keys/foo.user1.shareKey')); - $this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.private.key')); - $this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.public.key')); + $this->assertTrue($this->view->is_dir($backupPath . '/keys')); + $this->assertTrue($this->view->is_dir($backupPath . '/keys/foo')); + $this->assertTrue($this->view->file_exists($backupPath . '/keys/foo/fileKey')); + $this->assertTrue($this->view->file_exists($backupPath . '/keys/foo/user1.shareKey')); + $this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.privateKey')); + $this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.publicKey')); //cleanup $this->view->deleteAll($backupPath); - $this->view->unlink($encPath . '/keyfiles/foo.key', 'key'); - $this->view->unlink($encPath . '/share-keys/foo.user1.shareKey', 'share key'); + $this->view->unlink($encPath . '/keys/foo/fileKey'); + $this->view->unlink($encPath . '/keys/foo/user1.shareKey'); } @@ -473,8 +442,8 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase { // rename keyfile for file1 so that the decryption for file1 fails // Expected behaviour: decryptAll() returns false, file2 gets decrypted anyway - $this->view->rename($this->userId . '/files_encryption/keyfiles/' . $file1 . '.key', - $this->userId . '/files_encryption/keyfiles/' . $file1 . '.key.moved'); + $this->view->rename($this->userId . '/files_encryption/keys/' . $file1 . '/fileKey', + $this->userId . '/files_encryption/keys/' . $file1 . '/fileKey.moved'); // decrypt all encrypted files $result = $util->decryptAll(); @@ -492,12 +461,13 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase { $this->assertEquals(0, $fileInfoUnencrypted2['encrypted']); // keyfiles and share keys should still exist - $this->assertTrue($this->view->is_dir($this->userId . '/files_encryption/keyfiles/')); - $this->assertTrue($this->view->is_dir($this->userId . '/files_encryption/share-keys/')); + $this->assertTrue($this->view->is_dir($this->userId . '/files_encryption/keys/')); + $this->assertTrue($this->view->file_exists($this->userId . '/files_encryption/keys/' . $file1 . '/fileKey.moved')); + $this->assertTrue($this->view->file_exists($this->userId . '/files_encryption/keys/' . $file1 . '/' . $this->userId . '.shareKey')); // rename the keyfile for file1 back - $this->view->rename($this->userId . '/files_encryption/keyfiles/' . $file1 . '.key.moved', - $this->userId . '/files_encryption/keyfiles/' . $file1 . '.key'); + $this->view->rename($this->userId . '/files_encryption/keys/' . $file1 . '/fileKey.moved', + $this->userId . '/files_encryption/keys/' . $file1 . '/fileKey'); // try again to decrypt all encrypted files $result = $util->decryptAll(); @@ -515,15 +485,30 @@ class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase { $this->assertEquals(0, $fileInfoUnencrypted2['encrypted']); // keyfiles and share keys should be deleted - $this->assertFalse($this->view->is_dir($this->userId . '/files_encryption/keyfiles/')); - $this->assertFalse($this->view->is_dir($this->userId . '/files_encryption/share-keys/')); + $this->assertFalse($this->view->is_dir($this->userId . '/files_encryption/keys/')); //cleanup + $backupPath = $this->getBackupPath('decryptAll'); $this->view->unlink($this->userId . '/files/' . $file1); $this->view->unlink($this->userId . '/files/' . $file2); - $this->view->deleteAll($this->userId . '/files_encryption/keyfiles.backup'); - $this->view->deleteAll($this->userId . '/files_encryption/share-keys.backup'); + $this->view->deleteAll($backupPath); + + } + + function getBackupPath($extension) { + $encPath = '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '/files_encryption'; + $encFolderContent = $this->view->getDirectoryContent($encPath); + + $backupPath = ''; + foreach ($encFolderContent as $c) { + $name = $c['name']; + if (substr($name, 0, strlen('backup.' . $extension)) === 'backup.' . $extension) { + $backupPath = $encPath . '/'. $c['name']; + break; + } + } + return $backupPath; } /** diff --git a/apps/files_encryption/tests/webdav.php b/apps/files_encryption/tests/webdav.php index 7cadeaf0ba9..a04a7621291 100755 --- a/apps/files_encryption/tests/webdav.php +++ b/apps/files_encryption/tests/webdav.php @@ -45,20 +45,6 @@ class Test_Encryption_Webdav extends \OCA\Files_Encryption\Tests\TestCase { public static function setUpBeforeClass() { parent::setUpBeforeClass(); - // reset backend - \OC_User::clearBackends(); - \OC_User::useBackend('database'); - - // Filesystem related hooks - \OCA\Encryption\Helper::registerFilesystemHooks(); - - // Filesystem related hooks - \OCA\Encryption\Helper::registerUserHooks(); - - // clear and register hooks - \OC_FileProxy::clearProxies(); - \OC_FileProxy::register(new OCA\Encryption\Proxy()); - // create test user self::loginHelper(\Test_Encryption_Webdav::TEST_ENCRYPTION_WEBDAV_USER1, true); @@ -106,14 +92,6 @@ class Test_Encryption_Webdav extends \OCA\Files_Encryption\Tests\TestCase { // cleanup test user \OC_User::deleteUser(\Test_Encryption_Webdav::TEST_ENCRYPTION_WEBDAV_USER1); - \OC_Hook::clear(); - \OC_FileProxy::clearProxies(); - - // Delete keys in /data/ - $view = new \OC\Files\View('/'); - $view->rmdir('public-keys'); - $view->rmdir('owncloud_private_key'); - parent::tearDownAfterClass(); } @@ -143,11 +121,11 @@ class Test_Encryption_Webdav extends \OCA\Files_Encryption\Tests\TestCase { // check if key-file was created $this->assertTrue($this->view->file_exists( - '/' . $this->userId . '/files_encryption/keyfiles/' . $filename . '.key')); + '/' . $this->userId . '/files_encryption/keys/' . $filename . '/fileKey')); // check if shareKey-file was created $this->assertTrue($this->view->file_exists( - '/' . $this->userId . '/files_encryption/share-keys/' . $filename . '.' . $this->userId . '.shareKey')); + '/' . $this->userId . '/files_encryption/keys/' . $filename . '/' . $this->userId . '.shareKey')); // disable encryption proxy to prevent recursive calls $proxyStatus = \OC_FileProxy::$enabled; @@ -217,11 +195,11 @@ class Test_Encryption_Webdav extends \OCA\Files_Encryption\Tests\TestCase { // check if key-file was removed $this->assertFalse($this->view->file_exists( - '/' . $this->userId . '/files_encryption/keyfiles' . $filename . '.key')); + '/' . $this->userId . '/files_encryption/keys/' . $filename . '/fileKey')); // check if shareKey-file was removed $this->assertFalse($this->view->file_exists( - '/' . $this->userId . '/files_encryption/share-keys' . $filename . '.' . $this->userId . '.shareKey')); + '/' . $this->userId . '/files_encryption/keys/' . $filename . '/' . $this->userId . '.shareKey')); } /** diff --git a/apps/files_trashbin/lib/trashbin.php b/apps/files_trashbin/lib/trashbin.php index 52d24143902..661fc271dfc 100644 --- a/apps/files_trashbin/lib/trashbin.php +++ b/apps/files_trashbin/lib/trashbin.php @@ -92,11 +92,8 @@ class Trashbin { if (!$view->is_dir('files_trashbin/versions')) { $view->mkdir('files_trashbin/versions'); } - if (!$view->is_dir('files_trashbin/keyfiles')) { - $view->mkdir('files_trashbin/keyfiles'); - } - if (!$view->is_dir('files_trashbin/share-keys')) { - $view->mkdir('files_trashbin/share-keys'); + if (!$view->is_dir('files_trashbin/keys')) { + $view->mkdir('files_trashbin/keys'); } } @@ -277,78 +274,23 @@ class Trashbin { return 0; } - $util = new \OCA\Encryption\Util(new \OC\Files\View('/'), $user); + $util = new \OCA\Encryption\Util($rootView, $user); - // disable proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - if ($util->isSystemWideMountPoint($ownerPath)) { - $baseDir = '/files_encryption/'; - } else { - $baseDir = $owner . '/files_encryption/'; - } - - $keyfile = \OC\Files\Filesystem::normalizePath($baseDir . '/keyfiles/' . $ownerPath); - - if ($rootView->is_dir($keyfile) || $rootView->file_exists($keyfile . '.key')) { - // move keyfiles - if ($rootView->is_dir($keyfile)) { - $size += self::calculateSize(new \OC\Files\View($keyfile)); - if ($owner !== $user) { - self::copy_recursive($keyfile, $owner . '/files_trashbin/keyfiles/' . basename($ownerPath) . '.d' . $timestamp, $rootView); - } - $rootView->rename($keyfile, $user . '/files_trashbin/keyfiles/' . $filename . '.d' . $timestamp); - } else { - $size += $rootView->filesize($keyfile . '.key'); - if ($owner !== $user) { - $rootView->copy($keyfile . '.key', $owner . '/files_trashbin/keyfiles/' . basename($ownerPath) . '.key.d' . $timestamp); - } - $rootView->rename($keyfile . '.key', $user . '/files_trashbin/keyfiles/' . $filename . '.key.d' . $timestamp); - } + $baseDir = '/files_encryption/'; + if (!$util->isSystemWideMountPoint($ownerPath)) { + $baseDir = $owner . $baseDir; } - // retain share keys - $sharekeys = \OC\Files\Filesystem::normalizePath($baseDir . '/share-keys/' . $ownerPath); + $keyfiles = \OC\Files\Filesystem::normalizePath($baseDir . '/keys/' . $ownerPath); - if ($rootView->is_dir($sharekeys)) { - $size += self::calculateSize(new \OC\Files\View($sharekeys)); + if ($rootView->is_dir($keyfiles)) { + $size += self::calculateSize(new \OC\Files\View($keyfiles)); if ($owner !== $user) { - self::copy_recursive($sharekeys, $owner . '/files_trashbin/share-keys/' . basename($ownerPath) . '.d' . $timestamp, $rootView); - } - $rootView->rename($sharekeys, $user . '/files_trashbin/share-keys/' . $filename . '.d' . $timestamp); - } else { - // handle share-keys - $matches = \OCA\Encryption\Helper::findShareKeys($ownerPath, $sharekeys, $rootView); - foreach ($matches as $src) { - // get source file parts - $pathinfo = pathinfo($src); - - // we only want to keep the users key so we can access the private key - $userShareKey = $filename . '.' . $user . '.shareKey'; - - // if we found the share-key for the owner, we need to move it to files_trashbin - if ($pathinfo['basename'] == $userShareKey) { - - // calculate size - $size += $rootView->filesize($sharekeys . '.' . $user . '.shareKey'); - - // move file - $rootView->rename($sharekeys . '.' . $user . '.shareKey', $user . '/files_trashbin/share-keys/' . $userShareKey . '.d' . $timestamp); - } elseif ($owner !== $user) { - $ownerShareKey = basename($ownerPath) . '.' . $owner . '.shareKey'; - if ($pathinfo['basename'] == $ownerShareKey) { - $rootView->rename($sharekeys . '.' . $owner . '.shareKey', $owner . '/files_trashbin/share-keys/' . $ownerShareKey . '.d' . $timestamp); - } - } else { - // don't keep other share-keys - unlink($src); - } + self::copy_recursive($keyfiles, $owner . '/files_trashbin/keys/' . basename($ownerPath) . '.d' . $timestamp, $rootView); } + $rootView->rename($keyfiles, $user . '/files_trashbin/keys/' . $filename . '.d' . $timestamp); } - // enable proxy - \OC_FileProxy::$enabled = $proxyStatus; } return $size; } @@ -492,7 +434,7 @@ class Trashbin { * @return bool */ private static function restoreEncryptionKeys(\OC\Files\View $view, $file, $filename, $uniqueFilename, $location, $timestamp) { - // Take care of encryption keys TODO! Get '.key' in file between file name and delete date (also for permanent delete!) + if (\OCP\App::isEnabled('files_encryption')) { $user = \OCP\User::getUser(); $rootView = new \OC\Files\View('/'); @@ -506,84 +448,31 @@ class Trashbin { return false; } - $util = new \OCA\Encryption\Util(new \OC\Files\View('/'), $user); + $util = new \OCA\Encryption\Util($rootView, $user); - if ($util->isSystemWideMountPoint($ownerPath)) { - $baseDir = '/files_encryption/'; - } else { - $baseDir = $owner . '/files_encryption/'; + $baseDir = '/files_encryption/'; + if (!$util->isSystemWideMountPoint($ownerPath)) { + $baseDir = $owner . $baseDir; } - $path_parts = pathinfo($file); - $source_location = $path_parts['dirname']; + $source_location = dirname($file); - if ($view->is_dir('/files_trashbin/keyfiles/' . $file)) { + if ($view->is_dir('/files_trashbin/keys/' . $file)) { if ($source_location != '.') { - $keyfile = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/keyfiles/' . $source_location . '/' . $filename); - $sharekey = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/share-keys/' . $source_location . '/' . $filename); + $keyfile = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/keys/' . $source_location . '/' . $filename); } else { - $keyfile = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/keyfiles/' . $filename); - $sharekey = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/share-keys/' . $filename); + $keyfile = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/keys/' . $filename); } - } else { - $keyfile = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/keyfiles/' . $source_location . '/' . $filename . '.key'); } if ($timestamp) { $keyfile .= '.d' . $timestamp; } - // disable proxy to prevent recursive calls - $proxyStatus = \OC_FileProxy::$enabled; - \OC_FileProxy::$enabled = false; - - if ($rootView->file_exists($keyfile)) { - // handle directory - if ($rootView->is_dir($keyfile)) { - - // handle keyfiles - $rootView->rename($keyfile, $baseDir . '/keyfiles/' . $ownerPath); - - // handle share-keys - if ($timestamp) { - $sharekey .= '.d' . $timestamp; - } - $rootView->rename($sharekey, $baseDir . '/share-keys/' . $ownerPath); - } else { - // handle keyfiles - $rootView->rename($keyfile, $baseDir . '/keyfiles/' . $ownerPath . '.key'); - - // handle share-keys - $ownerShareKey = \OC\Files\Filesystem::normalizePath($user . '/files_trashbin/share-keys/' . $source_location . '/' . $filename . '.' . $user . '.shareKey'); - if ($timestamp) { - $ownerShareKey .= '.d' . $timestamp; - } - - // move only owners key - $rootView->rename($ownerShareKey, $baseDir . '/share-keys/' . $ownerPath . '.' . $user . '.shareKey'); - - // try to re-share if file is shared - $filesystemView = new \OC\Files\View('/'); - $session = new \OCA\Encryption\Session($filesystemView); - $util = new \OCA\Encryption\Util($filesystemView, $user); - - // fix the file size - $absolutePath = \OC\Files\Filesystem::normalizePath('/' . $owner . '/files/' . $ownerPath); - $util->fixFileSize($absolutePath); - - // get current sharing state - $sharingEnabled = \OCP\Share::isEnabled(); - - // get users sharing this file - $usersSharing = $util->getSharingUsersArray($sharingEnabled, $target); - - // Attempt to set shareKey - $util->setSharedFileKeyfiles($session, $usersSharing, $target); - } + if ($rootView->is_dir($keyfile)) { + $rootView->rename($keyfile, $baseDir . '/keys/' . $ownerPath); } - // enable proxy - \OC_FileProxy::$enabled = $proxyStatus; } } @@ -678,27 +567,15 @@ class Trashbin { if (\OCP\App::isEnabled('files_encryption')) { $user = \OCP\User::getUser(); - if ($view->is_dir('/files_trashbin/files/' . $file)) { - $keyfile = \OC\Files\Filesystem::normalizePath('files_trashbin/keyfiles/' . $filename); - $sharekeys = \OC\Files\Filesystem::normalizePath('files_trashbin/share-keys/' . $filename); - } else { - $keyfile = \OC\Files\Filesystem::normalizePath('files_trashbin/keyfiles/' . $filename . '.key'); - $sharekeys = \OC\Files\Filesystem::normalizePath('files_trashbin/share-keys/' . $filename . '.' . $user . '.shareKey'); - } + $keyfiles = \OC\Files\Filesystem::normalizePath('files_trashbin/keys/' . $filename); + if ($timestamp) { - $keyfile .= '.d' . $timestamp; - $sharekeys .= '.d' . $timestamp; + $keyfiles .= '.d' . $timestamp; } - if ($view->file_exists($keyfile)) { - if ($view->is_dir($keyfile)) { - $size += self::calculateSize(new \OC\Files\View('/' . $user . '/' . $keyfile)); - $size += self::calculateSize(new \OC\Files\View('/' . $user . '/' . $sharekeys)); - } else { - $size += $view->filesize($keyfile); - $size += $view->filesize($sharekeys); - } - $view->unlink($keyfile); - $view->unlink($sharekeys); + if ($view->is_dir($keyfiles)) { + $size += self::calculateSize(new \OC\Files\View('/' . $user . '/' . $keyfiles)); + $view->deleteAll($keyfiles); + } } return $size; |