aboutsummaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
authorRoeland Jago Douma <roeland@famdouma.nl>2020-06-22 15:35:52 +0200
committerRoeland Jago Douma <roeland@famdouma.nl>2020-08-20 15:42:43 +0200
commit5340ab3a75d58651e3cc65688d94444b38570cfc (patch)
tree426f4cd4a944319ed1254a463adfbb86dba6f950 /tests
parent886466d5109de6ed399e2da3dcf87eea66d531ce (diff)
downloadnextcloud-server-5340ab3a75d58651e3cc65688d94444b38570cfc.tar.gz
nextcloud-server-5340ab3a75d58651e3cc65688d94444b38570cfc.zip
New SSE key format
* Encrypt the keys with the instance secret * Store them as json (so we can add other things if needed) Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'tests')
-rw-r--r--tests/lib/Encryption/Keys/StorageTest.php127
1 files changed, 114 insertions, 13 deletions
diff --git a/tests/lib/Encryption/Keys/StorageTest.php b/tests/lib/Encryption/Keys/StorageTest.php
index bd9bbdecdf1..fdfa08d87c4 100644
--- a/tests/lib/Encryption/Keys/StorageTest.php
+++ b/tests/lib/Encryption/Keys/StorageTest.php
@@ -26,6 +26,8 @@ namespace Test\Encryption\Keys;
use OC\Encryption\Keys\Storage;
use OC\Files\View;
use OCP\IConfig;
+use OCP\Security\ICrypto;
+use PHPUnit\Framework\MockObject\MockObject;
use Test\TestCase;
class StorageTest extends TestCase {
@@ -42,6 +44,9 @@ class StorageTest extends TestCase {
/** @var \PHPUnit\Framework\MockObject\MockObject */
protected $config;
+ /** @var MockObject|ICrypto */
+ protected $crypto;
+
protected function setUp(): void {
parent::setUp();
@@ -53,14 +58,53 @@ class StorageTest extends TestCase {
->disableOriginalConstructor()
->getMock();
+ $this->crypto = $this->createMock(ICrypto::class);
+ $this->crypto->method('encrypt')
+ ->willReturnCallback(function ($data, $pass) {
+ return $data;
+ });
+ $this->crypto->method('decrypt')
+ ->willReturnCallback(function ($data, $pass) {
+ return $data;
+ });
+
$this->config = $this->getMockBuilder(IConfig::class)
->disableOriginalConstructor()
->getMock();
- $this->storage = new Storage($this->view, $this->util);
+ $this->storage = new Storage($this->view, $this->util, $this->crypto, $this->config);
}
public function testSetFileKey() {
+ $this->config->method('getSystemValue')
+ ->with('version')
+ ->willReturn('20.0.0.2');
+ $this->util->expects($this->any())
+ ->method('getUidAndFilename')
+ ->willReturn(['user1', '/files/foo.txt']);
+ $this->util->expects($this->any())
+ ->method('stripPartialFileExtension')
+ ->willReturnArgument(0);
+ $this->util->expects($this->any())
+ ->method('isSystemWideMountPoint')
+ ->willReturn(false);
+
+ $data = json_encode(['key' => base64_encode('key')]);
+ $this->view->expects($this->once())
+ ->method('file_put_contents')
+ ->with($this->equalTo('/user1/files_encryption/keys/files/foo.txt/encModule/fileKey'),
+ $this->equalTo($data))
+ ->willReturn(strlen($data));
+
+ $this->assertTrue(
+ $this->storage->setFileKey('user1/files/foo.txt', 'fileKey', 'key', 'encModule')
+ );
+ }
+
+ public function testSetFileOld() {
+ $this->config->method('getSystemValue')
+ ->with('version')
+ ->willReturn('20.0.0.0');
$this->util->expects($this->any())
->method('getUidAndFilename')
->willReturn(['user1', '/files/foo.txt']);
@@ -70,6 +114,8 @@ class StorageTest extends TestCase {
$this->util->expects($this->any())
->method('isSystemWideMountPoint')
->willReturn(false);
+ $this->crypto->expects($this->never())
+ ->method('encrypt');
$this->view->expects($this->once())
->method('file_put_contents')
->with($this->equalTo('/user1/files_encryption/keys/files/foo.txt/encModule/fileKey'),
@@ -98,6 +144,9 @@ class StorageTest extends TestCase {
* @param string $expectedKeyContent
*/
public function testGetFileKey($path, $strippedPartialName, $originalKeyExists, $expectedKeyContent) {
+ $this->config->method('getSystemValue')
+ ->with('version')
+ ->willReturn('20.0.0.2');
$this->util->expects($this->any())
->method('getUidAndFilename')
->willReturnMap([
@@ -118,6 +167,11 @@ class StorageTest extends TestCase {
->with($this->equalTo('/user1/files_encryption/keys' . $strippedPartialName . '/encModule/fileKey'))
->willReturn($originalKeyExists);
+ $this->crypto->method('decrypt')
+ ->willReturnCallback(function ($data, $pass) {
+ return $data;
+ });
+
if (!$originalKeyExists) {
$this->view->expects($this->at(1))
->method('file_exists')
@@ -127,12 +181,12 @@ class StorageTest extends TestCase {
$this->view->expects($this->once())
->method('file_get_contents')
->with($this->equalTo('/user1/files_encryption/keys' . $path . '/encModule/fileKey'))
- ->willReturn('key2');
+ ->willReturn(json_encode(['key' => base64_encode('key2')]));
} else {
$this->view->expects($this->once())
->method('file_get_contents')
->with($this->equalTo('/user1/files_encryption/keys' . $strippedPartialName . '/encModule/fileKey'))
- ->willReturn('key');
+ ->willReturn(json_encode(['key' => base64_encode('key')]));
}
$this->assertSame($expectedKeyContent,
@@ -141,6 +195,10 @@ class StorageTest extends TestCase {
}
public function testSetFileKeySystemWide() {
+ $this->config->method('getSystemValue')
+ ->with('version')
+ ->willReturn('20.0.0.2');
+
$this->util->expects($this->any())
->method('getUidAndFilename')
->willReturn(['user1', '/files/foo.txt']);
@@ -150,11 +208,18 @@ class StorageTest extends TestCase {
$this->util->expects($this->any())
->method('stripPartialFileExtension')
->willReturnArgument(0);
+
+ $this->crypto->method('encrypt')
+ ->willReturnCallback(function ($data, $pass) {
+ return $data;
+ });
+
+ $data = json_encode(['key' => base64_encode('key')]);
$this->view->expects($this->once())
->method('file_put_contents')
->with($this->equalTo('/files_encryption/keys/files/foo.txt/encModule/fileKey'),
- $this->equalTo('key'))
- ->willReturn(strlen('key'));
+ $this->equalTo($data))
+ ->willReturn(strlen($data));
$this->assertTrue(
$this->storage->setFileKey('user1/files/foo.txt', 'fileKey', 'key', 'encModule')
@@ -162,6 +227,10 @@ class StorageTest extends TestCase {
}
public function testGetFileKeySystemWide() {
+ $this->config->method('getSystemValue')
+ ->with('version')
+ ->willReturn('20.0.0.2');
+
$this->util->expects($this->any())
->method('getUidAndFilename')
->willReturn(['user1', '/files/foo.txt']);
@@ -174,7 +243,7 @@ class StorageTest extends TestCase {
$this->view->expects($this->once())
->method('file_get_contents')
->with($this->equalTo('/files_encryption/keys/files/foo.txt/encModule/fileKey'))
- ->willReturn('key');
+ ->willReturn(json_encode(['key' => base64_encode('key')]));
$this->view->expects($this->once())
->method('file_exists')
->with($this->equalTo('/files_encryption/keys/files/foo.txt/encModule/fileKey'))
@@ -186,11 +255,19 @@ class StorageTest extends TestCase {
}
public function testSetSystemUserKey() {
+ $this->config->method('getSystemValue')
+ ->with('version')
+ ->willReturn('20.0.0.2');
+
+ $data = json_encode([
+ 'key' => base64_encode('key'),
+ 'uid' => null]
+ );
$this->view->expects($this->once())
->method('file_put_contents')
->with($this->equalTo('/files_encryption/encModule/shareKey_56884'),
- $this->equalTo('key'))
- ->willReturn(strlen('key'));
+ $this->equalTo($data))
+ ->willReturn(strlen($data));
$this->assertTrue(
$this->storage->setSystemUserKey('shareKey_56884', 'key', 'encModule')
@@ -198,11 +275,19 @@ class StorageTest extends TestCase {
}
public function testSetUserKey() {
+ $this->config->method('getSystemValue')
+ ->with('version')
+ ->willReturn('20.0.0.2');
+
+ $data = json_encode([
+ 'key' => base64_encode('key'),
+ 'uid' => 'user1']
+ );
$this->view->expects($this->once())
->method('file_put_contents')
->with($this->equalTo('/user1/files_encryption/encModule/user1.publicKey'),
- $this->equalTo('key'))
- ->willReturn(strlen('key'));
+ $this->equalTo($data))
+ ->willReturn(strlen($data));
$this->assertTrue(
$this->storage->setUserKey('user1', 'publicKey', 'key', 'encModule')
@@ -210,10 +295,18 @@ class StorageTest extends TestCase {
}
public function testGetSystemUserKey() {
+ $this->config->method('getSystemValue')
+ ->with('version')
+ ->willReturn('20.0.0.2');
+
+ $data = json_encode([
+ 'key' => base64_encode('key'),
+ 'uid' => null]
+ );
$this->view->expects($this->once())
->method('file_get_contents')
->with($this->equalTo('/files_encryption/encModule/shareKey_56884'))
- ->willReturn('key');
+ ->willReturn($data);
$this->view->expects($this->once())
->method('file_exists')
->with($this->equalTo('/files_encryption/encModule/shareKey_56884'))
@@ -225,10 +318,18 @@ class StorageTest extends TestCase {
}
public function testGetUserKey() {
+ $this->config->method('getSystemValue')
+ ->with('version')
+ ->willReturn('20.0.0.2');
+
+ $data = json_encode([
+ 'key' => base64_encode('key'),
+ 'uid' => 'user1']
+ );
$this->view->expects($this->once())
->method('file_get_contents')
->with($this->equalTo('/user1/files_encryption/encModule/user1.publicKey'))
- ->willReturn('key');
+ ->willReturn($data);
$this->view->expects($this->once())
->method('file_exists')
->with($this->equalTo('/user1/files_encryption/encModule/user1.publicKey'))
@@ -516,7 +617,7 @@ class StorageTest extends TestCase {
*/
public function testBackupUserKeys($createBackupDir) {
$storage = $this->getMockBuilder('OC\Encryption\Keys\Storage')
- ->setConstructorArgs([$this->view, $this->util])
+ ->setConstructorArgs([$this->view, $this->util, $this->crypto, $this->config])
->setMethods(['getTimestamp'])
->getMock();