diff options
Diffstat (limited to 'apps/encryption')
-rw-r--r-- | apps/encryption/command/migratekeys.php | 2 | ||||
-rw-r--r-- | apps/encryption/l10n/fr.js | 2 | ||||
-rw-r--r-- | apps/encryption/l10n/fr.json | 2 | ||||
-rw-r--r-- | apps/encryption/l10n/id.js | 3 | ||||
-rw-r--r-- | apps/encryption/l10n/id.json | 3 | ||||
-rw-r--r-- | apps/encryption/lib/keymanager.php | 25 | ||||
-rw-r--r-- | apps/encryption/lib/migration.php | 40 | ||||
-rw-r--r-- | apps/encryption/tests/lib/KeyManagerTest.php | 50 | ||||
-rw-r--r-- | apps/encryption/tests/lib/MigrationTest.php | 58 |
9 files changed, 161 insertions, 24 deletions
diff --git a/apps/encryption/command/migratekeys.php b/apps/encryption/command/migratekeys.php index e6e5e7b70b0..d0fc1573061 100644 --- a/apps/encryption/command/migratekeys.php +++ b/apps/encryption/command/migratekeys.php @@ -115,5 +115,7 @@ class MigrateKeys extends Command { } } + $migration->finalCleanUp(); + } } diff --git a/apps/encryption/l10n/fr.js b/apps/encryption/l10n/fr.js index a5b5cc00707..6eaf7b125a5 100644 --- a/apps/encryption/l10n/fr.js +++ b/apps/encryption/l10n/fr.js @@ -39,7 +39,7 @@ OC.L10N.register( "Change Password" : "Changer de mot de passe", "ownCloud basic encryption module" : "Module de chiffrement de base d'ownCloud", "Your private key password no longer matches your log-in password." : "Le mot de passe de votre clef privée ne correspond plus à votre mot de passe de connexion.", - "Set your old private key password to your current log-in password:" : "Faites de votre mot de passe de connexion le mot de passe de votre clef privée :", + "Set your old private key password to your current log-in password:" : "Remplacez l'ancien mot de passe de votre clé privée par votre mot de passe de connexion actuel :", " If you don't remember your old password you can ask your administrator to recover your files." : "Si vous ne vous souvenez plus de votre ancien mot de passe, vous pouvez demander à votre administrateur de récupérer vos fichiers.", "Old log-in password" : "Ancien mot de passe de connexion", "Current log-in password" : "Actuel mot de passe de connexion", diff --git a/apps/encryption/l10n/fr.json b/apps/encryption/l10n/fr.json index 2044ab7b80b..8e319e87fde 100644 --- a/apps/encryption/l10n/fr.json +++ b/apps/encryption/l10n/fr.json @@ -37,7 +37,7 @@ "Change Password" : "Changer de mot de passe", "ownCloud basic encryption module" : "Module de chiffrement de base d'ownCloud", "Your private key password no longer matches your log-in password." : "Le mot de passe de votre clef privée ne correspond plus à votre mot de passe de connexion.", - "Set your old private key password to your current log-in password:" : "Faites de votre mot de passe de connexion le mot de passe de votre clef privée :", + "Set your old private key password to your current log-in password:" : "Remplacez l'ancien mot de passe de votre clé privée par votre mot de passe de connexion actuel :", " If you don't remember your old password you can ask your administrator to recover your files." : "Si vous ne vous souvenez plus de votre ancien mot de passe, vous pouvez demander à votre administrateur de récupérer vos fichiers.", "Old log-in password" : "Ancien mot de passe de connexion", "Current log-in password" : "Actuel mot de passe de connexion", diff --git a/apps/encryption/l10n/id.js b/apps/encryption/l10n/id.js index 7117924864c..e1de33fe156 100644 --- a/apps/encryption/l10n/id.js +++ b/apps/encryption/l10n/id.js @@ -21,9 +21,12 @@ OC.L10N.register( "The old password was not correct, please try again." : "Sandi lama salah, mohon coba lagi.", "The current log-in password was not correct, please try again." : "Sandi masuk saat ini salah, mohon coba lagi.", "Private key password successfully updated." : "Sandi kunci privat berhasil diperbarui.", + "You need to migrate your encryption keys from the old encryption (ownCloud <= 8.0) to the new one. Please run 'occ encryption:migrate' or contact your administrator" : "Anda perlu mengganti kunci enkripsi Anda dari enkripsi lama (ownCloud <= 8.0) ke yang baru. Mohon jalankan 'occ encryption:migrate' atau hubungi administrator Anda", "Invalid private key for Encryption App. Please update your private key password in your personal settings to recover access to your encrypted files." : "Kunci privat tidak sah untuk Aplikasi Enskripsi. Silakan perbarui sandi kunci privat anda pada pengaturan pribadi untuk memulihkan akses ke berkas anda yang dienskripsi.", "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplikasi Enskripsi telah diaktifkan tetapi kunci tidak diinisialisasi, silakan log-out dan log-in lagi", + "Encryption App is enabled and ready" : "Apl Enkripsi telah diaktifkan dan siap", "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Tidak dapat mendekripsi berkas ini, mungkin ini adalah berkas bersama. Silakan meminta pemilik berkas ini untuk membagikan kembali dengan Anda.", + "Can not read this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Tidak dapat membaca berkas ini, kemungkinan merupakan berkas berbagi. Silakan minta pemilik berkas untuk membagikan ulang kepada Anda.", "Enable recovery key" : "Aktifkan kunci pemulihan", "Disable recovery key" : "Nonaktifkan kunci pemulihan", "The recovery key is an extra encryption key that is used to encrypt files. It allows recovery of a user's files if the user forgets his or her password." : "Kunci pemulihan adalah kunci enkripsi tambahan yang digunakan untuk mengenkripsi berkas. Kunci pemulihan memungkinkan untuk memulihkan berkas-berkas pengguna ketika pengguna tersebut melupakan sandi mereka.", diff --git a/apps/encryption/l10n/id.json b/apps/encryption/l10n/id.json index 5a0466c5f2a..66d7f6c8991 100644 --- a/apps/encryption/l10n/id.json +++ b/apps/encryption/l10n/id.json @@ -19,9 +19,12 @@ "The old password was not correct, please try again." : "Sandi lama salah, mohon coba lagi.", "The current log-in password was not correct, please try again." : "Sandi masuk saat ini salah, mohon coba lagi.", "Private key password successfully updated." : "Sandi kunci privat berhasil diperbarui.", + "You need to migrate your encryption keys from the old encryption (ownCloud <= 8.0) to the new one. Please run 'occ encryption:migrate' or contact your administrator" : "Anda perlu mengganti kunci enkripsi Anda dari enkripsi lama (ownCloud <= 8.0) ke yang baru. Mohon jalankan 'occ encryption:migrate' atau hubungi administrator Anda", "Invalid private key for Encryption App. Please update your private key password in your personal settings to recover access to your encrypted files." : "Kunci privat tidak sah untuk Aplikasi Enskripsi. Silakan perbarui sandi kunci privat anda pada pengaturan pribadi untuk memulihkan akses ke berkas anda yang dienskripsi.", "Encryption App is enabled but your keys are not initialized, please log-out and log-in again" : "Aplikasi Enskripsi telah diaktifkan tetapi kunci tidak diinisialisasi, silakan log-out dan log-in lagi", + "Encryption App is enabled and ready" : "Apl Enkripsi telah diaktifkan dan siap", "Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Tidak dapat mendekripsi berkas ini, mungkin ini adalah berkas bersama. Silakan meminta pemilik berkas ini untuk membagikan kembali dengan Anda.", + "Can not read this file, probably this is a shared file. Please ask the file owner to reshare the file with you." : "Tidak dapat membaca berkas ini, kemungkinan merupakan berkas berbagi. Silakan minta pemilik berkas untuk membagikan ulang kepada Anda.", "Enable recovery key" : "Aktifkan kunci pemulihan", "Disable recovery key" : "Nonaktifkan kunci pemulihan", "The recovery key is an extra encryption key that is used to encrypt files. It allows recovery of a user's files if the user forgets his or her password." : "Kunci pemulihan adalah kunci enkripsi tambahan yang digunakan untuk mengenkripsi berkas. Kunci pemulihan memungkinkan untuk memulihkan berkas-berkas pengguna ketika pengguna tersebut melupakan sandi mereka.", diff --git a/apps/encryption/lib/keymanager.php b/apps/encryption/lib/keymanager.php index 05d23873482..8c8c1f8fd78 100644 --- a/apps/encryption/lib/keymanager.php +++ b/apps/encryption/lib/keymanager.php @@ -406,19 +406,36 @@ class KeyManager { } /** - * @param $userId + * check if user has a private and a public key + * + * @param string $userId * @return bool + * @throws PrivateKeyMissingException + * @throws PublicKeyMissingException */ public function userHasKeys($userId) { + $privateKey = $publicKey = true; + try { $this->getPrivateKey($userId); - $this->getPublicKey($userId); } catch (PrivateKeyMissingException $e) { - return false; + $privateKey = false; + $exception = $e; + } + try { + $this->getPublicKey($userId); } catch (PublicKeyMissingException $e) { + $publicKey = false; + $exception = $e; + } + + if ($privateKey && $publicKey) { + return true; + } elseif (!$privateKey && !$publicKey) { return false; + } else { + throw $exception; } - return true; } /** diff --git a/apps/encryption/lib/migration.php b/apps/encryption/lib/migration.php index 98fc5be777a..26e2a143f69 100644 --- a/apps/encryption/lib/migration.php +++ b/apps/encryption/lib/migration.php @@ -50,7 +50,7 @@ class Migration { $this->config = $config; } - public function __destruct() { + public function finalCleanUp() { $this->view->deleteAll('files_encryption/public_keys'); $this->updateFileCache(); $this->config->deleteAppValue('files_encryption', 'installed_version'); @@ -143,22 +143,32 @@ class Migration { $this->config->deleteAppValue('files_encryption', 'types'); $this->config->deleteAppValue('files_encryption', 'enabled'); + $oldAppValues = $this->connection->createQueryBuilder(); + $oldAppValues->select('*') + ->from('`*PREFIX*appconfig`') + ->where($oldAppValues->expr()->eq('`appid`', ':appid')) + ->setParameter('appid', 'files_encryption'); + $appSettings = $oldAppValues->execute(); + + while ($row = $appSettings->fetch()) { + // 'installed_version' gets deleted at the end of the migration process + if ($row['configkey'] !== 'installed_version' ) { + $this->config->setAppValue('encryption', $row['configkey'], $row['configvalue']); + $this->config->deleteAppValue('files_encryption', $row['configkey']); + } + } - $query = $this->connection->createQueryBuilder(); - $query->update('`*PREFIX*appconfig`') - ->set('`appid`', ':newappid') - ->where($query->expr()->eq('`appid`', ':oldappid')) - ->setParameter('oldappid', 'files_encryption') - ->setParameter('newappid', 'encryption'); - $query->execute(); + $oldPreferences = $this->connection->createQueryBuilder(); + $oldPreferences->select('*') + ->from('`*PREFIX*preferences`') + ->where($oldPreferences->expr()->eq('`appid`', ':appid')) + ->setParameter('appid', 'files_encryption'); + $preferenceSettings = $oldPreferences->execute(); - $query = $this->connection->createQueryBuilder(); - $query->update('`*PREFIX*preferences`') - ->set('`appid`', ':newappid') - ->where($query->expr()->eq('`appid`', ':oldappid')) - ->setParameter('oldappid', 'files_encryption') - ->setParameter('newappid', 'encryption'); - $query->execute(); + while ($row = $preferenceSettings->fetch()) { + $this->config->setUserValue($row['userid'], 'encryption', $row['configkey'], $row['configvalue']); + $this->config->deleteUserValue($row['userid'], 'files_encryption', $row['configkey']); + } } /** diff --git a/apps/encryption/tests/lib/KeyManagerTest.php b/apps/encryption/tests/lib/KeyManagerTest.php index 2561b29462f..0bac5e0341b 100644 --- a/apps/encryption/tests/lib/KeyManagerTest.php +++ b/apps/encryption/tests/lib/KeyManagerTest.php @@ -182,18 +182,62 @@ class KeyManagerTest extends TestCase { ); } - public function testUserHasKeys() { + /** + * @dataProvider dataTestUserHasKeys + */ + public function testUserHasKeys($key, $expected) { $this->keyStorageMock->expects($this->exactly(2)) ->method('getUserKey') ->with($this->equalTo($this->userId), $this->anything()) - ->willReturn('key'); + ->willReturn($key); - $this->assertTrue( + $this->assertSame($expected, $this->instance->userHasKeys($this->userId) ); } + public function dataTestUserHasKeys() { + return [ + ['key', true], + ['', false] + ]; + } + + /** + * @expectedException \OCA\Encryption\Exceptions\PrivateKeyMissingException + */ + public function testUserHasKeysMissingPrivateKey() { + $this->keyStorageMock->expects($this->exactly(2)) + ->method('getUserKey') + ->willReturnCallback(function ($uid, $keyID, $encryptionModuleId) { + if ($keyID=== 'privateKey') { + return ''; + } + return 'key'; + }); + + $this->instance->userHasKeys($this->userId); + } + + /** + * @expectedException \OCA\Encryption\Exceptions\PublicKeyMissingException + */ + public function testUserHasKeysMissingPublicKey() { + $this->keyStorageMock->expects($this->exactly(2)) + ->method('getUserKey') + ->willReturnCallback(function ($uid, $keyID, $encryptionModuleId){ + if ($keyID === 'publicKey') { + return ''; + } + return 'key'; + }); + + $this->instance->userHasKeys($this->userId); + + } + + public function testInit() { $this->keyStorageMock->expects($this->any()) ->method('getUserKey') diff --git a/apps/encryption/tests/lib/MigrationTest.php b/apps/encryption/tests/lib/MigrationTest.php index c07a4539e98..de1e2bd268b 100644 --- a/apps/encryption/tests/lib/MigrationTest.php +++ b/apps/encryption/tests/lib/MigrationTest.php @@ -242,6 +242,12 @@ class MigrationTest extends \Test\TestCase { $config->setAppValue('files_encryption', 'recoveryAdminEnabled', '1'); $config->setUserValue(self::TEST_ENCRYPTION_MIGRATION_USER1, 'files_encryption', 'recoverKeyEnabled', '1'); + //$this->invokePrivate($config, 'cache', [[]]); + $cache = $this->invokePrivate(\OC::$server->getAppConfig(), 'cache'); + unset($cache['encryption']); + unset($cache['files_encryption']); + $this->invokePrivate(\OC::$server->getAppConfig(), 'cache', [$cache]); + // delete default values set by the encryption app during initialization /** @var \OC\DB\Connection $connection */ @@ -271,6 +277,58 @@ class MigrationTest extends \Test\TestCase { } + /** + * test update db if the db already contain some existing new values + */ + public function testUpdateDBExistingNewConfig() { + $this->prepareDB(); + $config = \OC::$server->getConfig(); + $config->setAppValue('encryption', 'publicShareKeyId', 'wrong_share_id'); + $config->setUserValue(self::TEST_ENCRYPTION_MIGRATION_USER1, 'encryption', 'recoverKeyEnabled', '9'); + + $m = new Migration(\OC::$server->getConfig(), new \OC\Files\View(), \OC::$server->getDatabaseConnection()); + $m->updateDB(); + + $this->verifyDB('`*PREFIX*appconfig`', 'files_encryption', 0); + $this->verifyDB('`*PREFIX*preferences`', 'files_encryption', 0); + $this->verifyDB('`*PREFIX*appconfig`', 'encryption', 3); + $this->verifyDB('`*PREFIX*preferences`', 'encryption', 1); + + // check if the existing values where overwritten correctly + /** @var \OC\DB\Connection $connection */ + $connection = \OC::$server->getDatabaseConnection(); + $query = $connection->createQueryBuilder(); + $query->select('`configvalue`') + ->from('`*PREFIX*appconfig`') + ->where($query->expr()->andX( + $query->expr()->eq('`appid`', ':appid'), + $query->expr()->eq('`configkey`', ':configkey') + )) + ->setParameter('appid', 'encryption') + ->setParameter('configkey', 'publicShareKeyId'); + $result = $query->execute(); + $value = $result->fetch(); + $this->assertTrue(isset($value['configvalue'])); + $this->assertSame('share_id', $value['configvalue']); + + $query = $connection->createQueryBuilder(); + $query->select('`configvalue`') + ->from('`*PREFIX*preferences`') + ->where($query->expr()->andX( + $query->expr()->eq('`appid`', ':appid'), + $query->expr()->eq('`configkey`', ':configkey'), + $query->expr()->eq('`userid`', ':userid') + )) + ->setParameter('appid', 'encryption') + ->setParameter('configkey', 'recoverKeyEnabled') + ->setParameter('userid', self::TEST_ENCRYPTION_MIGRATION_USER1); + $result = $query->execute(); + $value = $result->fetch(); + $this->assertTrue(isset($value['configvalue'])); + $this->assertSame('1', $value['configvalue']); + + } + public function verifyDB($table, $appid, $expected) { /** @var \OC\DB\Connection $connection */ $connection = \OC::$server->getDatabaseConnection(); |