diff options
Diffstat (limited to 'tests/lib/IntegrityCheck/CheckerTest.php')
| -rw-r--r-- | tests/lib/IntegrityCheck/CheckerTest.php | 1255 |
1 files changed, 468 insertions, 787 deletions
diff --git a/tests/lib/IntegrityCheck/CheckerTest.php b/tests/lib/IntegrityCheck/CheckerTest.php index 6f0c8e8ae85..a8a2596a3d8 100644 --- a/tests/lib/IntegrityCheck/CheckerTest.php +++ b/tests/lib/IntegrityCheck/CheckerTest.php @@ -1,39 +1,32 @@ <?php + /** - * @author Lukas Reschke <lukas@owncloud.com> - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * + * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors + * SPDX-FileCopyrightText: 2016 ownCloud, Inc. + * SPDX-License-Identifier: AGPL-3.0-only */ namespace Test\IntegrityCheck; +use OC\Core\Command\Maintenance\Mimetype\GenerateMimetypeFileBuilder; +use OC\Files\Type\Detection; use OC\IntegrityCheck\Checker; use OC\IntegrityCheck\Helpers\AppLocator; use OC\IntegrityCheck\Helpers\EnvironmentHelper; use OC\IntegrityCheck\Helpers\FileAccessHelper; use OC\Memcache\NullCache; use OCP\App\IAppManager; +use OCP\IAppConfig; use OCP\ICacheFactory; use OCP\IConfig; +use OCP\ServerVersion; use phpseclib\Crypt\RSA; use phpseclib\File\X509; use Test\TestCase; class CheckerTest extends TestCase { + /** @var ServerVersion|\PHPUnit\Framework\MockObject\MockObject */ + private $serverVersion; /** @var EnvironmentHelper|\PHPUnit\Framework\MockObject\MockObject */ private $environmentHelper; /** @var AppLocator|\PHPUnit\Framework\MockObject\MockObject */ @@ -44,6 +37,8 @@ class CheckerTest extends TestCase { private $fileAccessHelper; /** @var IConfig|\PHPUnit\Framework\MockObject\MockObject */ private $config; + /** @var IAppConfig|\PHPUnit\Framework\MockObject\MockObject */ + private $appConfig; /** @var ICacheFactory|\PHPUnit\Framework\MockObject\MockObject */ private $cacheFactory; /** @var IAppManager|\PHPUnit\Framework\MockObject\MockObject */ @@ -53,13 +48,15 @@ class CheckerTest extends TestCase { protected function setUp(): void { parent::setUp(); + $this->serverVersion = $this->createMock(ServerVersion::class); $this->environmentHelper = $this->createMock(EnvironmentHelper::class); $this->fileAccessHelper = $this->createMock(FileAccessHelper::class); $this->appLocator = $this->createMock(AppLocator::class); $this->config = $this->createMock(IConfig::class); + $this->appConfig = $this->createMock(IAppConfig::class); $this->cacheFactory = $this->createMock(ICacheFactory::class); $this->appManager = $this->createMock(IAppManager::class); - $this->mimeTypeDetector = $this->createMock(\OC\Files\Type\Detection::class); + $this->mimeTypeDetector = $this->createMock(Detection::class); $this->config->method('getAppValue') ->willReturnArgument(2); @@ -71,10 +68,12 @@ class CheckerTest extends TestCase { ->willReturn(new NullCache()); $this->checker = new Checker( + $this->serverVersion, $this->environmentHelper, $this->fileAccessHelper, $this->appLocator, $this->config, + $this->appConfig, $this->cacheFactory, $this->appManager, $this->mimeTypeDetector @@ -82,23 +81,23 @@ class CheckerTest extends TestCase { } - public function testWriteAppSignatureOfNotExistingApp() { + public function testWriteAppSignatureOfNotExistingApp(): void { $this->expectException(\Exception::class); $this->expectExceptionMessage('Exception message'); $this->fileAccessHelper - ->expects($this->at(0)) + ->expects($this->once()) ->method('assertDirectoryExists') ->with('NotExistingApp/appinfo') ->willThrowException(new \Exception('Exception message')); $this->fileAccessHelper - ->expects($this->at(1)) + ->expects($this->once()) ->method('is_writable') ->with('NotExistingApp/appinfo') ->willReturn(true); - $keyBundle = file_get_contents(__DIR__ .'/../../data/integritycheck/SomeApp.crt'); - $rsaPrivateKey = file_get_contents(__DIR__ .'/../../data/integritycheck/SomeApp.key'); + $keyBundle = file_get_contents(__DIR__ . '/../../data/integritycheck/SomeApp.crt'); + $rsaPrivateKey = file_get_contents(__DIR__ . '/../../data/integritycheck/SomeApp.key'); $rsa = new RSA(); $rsa->loadKey($rsaPrivateKey); $x509 = new X509(); @@ -107,17 +106,17 @@ class CheckerTest extends TestCase { } - public function testWriteAppSignatureWrongPermissions() { + public function testWriteAppSignatureWrongPermissions(): void { $this->expectException(\Exception::class); $this->expectExceptionMessageMatches('/[a-zA-Z\\/_-]+ is not writable/'); $this->fileAccessHelper ->expects($this->once()) ->method('file_put_contents') - ->will($this->throwException(new \Exception('Exception message'))); + ->willThrowException(new \Exception('Exception message')); - $keyBundle = file_get_contents(__DIR__ .'/../../data/integritycheck/SomeApp.crt'); - $rsaPrivateKey = file_get_contents(__DIR__ .'/../../data/integritycheck/SomeApp.key'); + $keyBundle = file_get_contents(__DIR__ . '/../../data/integritycheck/SomeApp.crt'); + $rsaPrivateKey = file_get_contents(__DIR__ . '/../../data/integritycheck/SomeApp.key'); $rsa = new RSA(); $rsa->loadKey($rsaPrivateKey); $x509 = new X509(); @@ -125,7 +124,7 @@ class CheckerTest extends TestCase { $this->checker->writeAppSignature(\OC::$SERVERROOT . '/tests/data/integritycheck/app/', $x509, $rsa); } - public function testWriteAppSignature() { + public function testWriteAppSignature(): void { $expectedSignatureFileData = '{ "hashes": { "AnotherFile.txt": "1570ca9420e37629de4328f48c51da29840ddeaa03ae733da4bf1d854b8364f594aac560601270f9e1797ed4cd57c1aea87bf44cf4245295c94f2e935a2f0112", @@ -138,17 +137,17 @@ class CheckerTest extends TestCase { ->expects($this->once()) ->method('file_put_contents') ->with( - $this->equalTo(\OC::$SERVERROOT . '/tests/data/integritycheck/app//appinfo/signature.json'), - $this->callback(function ($signature) use ($expectedSignatureFileData) { - $expectedArray = json_decode($expectedSignatureFileData, true); - $actualArray = json_decode($signature, true); - $this->assertEquals($expectedArray, $actualArray); - return true; - }) + $this->equalTo(\OC::$SERVERROOT . '/tests/data/integritycheck/app//appinfo/signature.json'), + $this->callback(function ($signature) use ($expectedSignatureFileData) { + $expectedArray = json_decode($expectedSignatureFileData, true); + $actualArray = json_decode($signature, true); + $this->assertEquals($expectedArray, $actualArray); + return true; + }) ); - $keyBundle = file_get_contents(__DIR__ .'/../../data/integritycheck/SomeApp.crt'); - $rsaPrivateKey = file_get_contents(__DIR__ .'/../../data/integritycheck/SomeApp.key'); + $keyBundle = file_get_contents(__DIR__ . '/../../data/integritycheck/SomeApp.crt'); + $rsaPrivateKey = file_get_contents(__DIR__ . '/../../data/integritycheck/SomeApp.key'); $rsa = new RSA(); $rsa->loadKey($rsaPrivateKey); $x509 = new X509(); @@ -156,16 +155,16 @@ class CheckerTest extends TestCase { $this->checker->writeAppSignature(\OC::$SERVERROOT . '/tests/data/integritycheck/app/', $x509, $rsa); } - public function testVerifyAppSignatureWithoutSignatureData() { - $this->environmentHelper - ->expects($this->once()) - ->method('getChannel') - ->willReturn('stable'); + public function testVerifyAppSignatureWithoutSignatureData(): void { + $this->serverVersion + ->expects($this->once()) + ->method('getChannel') + ->willReturn('stable'); $this->config - ->expects($this->any()) - ->method('getSystemValue') - ->with('integrity.check.disabled', false) - ->willReturn(false); + ->expects($this->any()) + ->method('getSystemValueBool') + ->with('integrity.check.disabled', false) + ->willReturn(false); $expected = [ 'EXCEPTION' => [ @@ -176,22 +175,22 @@ class CheckerTest extends TestCase { $this->assertSame($expected, $this->checker->verifyAppSignature('SomeApp')); } - public function testVerifyAppSignatureWithValidSignatureData() { - $this->environmentHelper - ->expects($this->once()) - ->method('getChannel') - ->willReturn('stable'); + public function testVerifyAppSignatureWithValidSignatureData(): void { + $this->serverVersion + ->expects($this->once()) + ->method('getChannel') + ->willReturn('stable'); $this->config - ->expects($this->any()) - ->method('getSystemValue') - ->with('integrity.check.disabled', false) - ->willReturn(false); + ->expects($this->any()) + ->method('getSystemValueBool') + ->with('integrity.check.disabled', false) + ->willReturn(false); $this->appLocator - ->expects($this->once()) - ->method('getAppPath') - ->with('SomeApp') - ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/app/'); + ->expects($this->once()) + ->method('getAppPath') + ->with('SomeApp') + ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/app/'); $signatureDataFile = '{ "hashes": { "AnotherFile.txt": "1570ca9420e37629de4328f48c51da29840ddeaa03ae733da4bf1d854b8364f594aac560601270f9e1797ed4cd57c1aea87bf44cf4245295c94f2e935a2f0112", @@ -201,39 +200,32 @@ class CheckerTest extends TestCase { "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEvjCCAqagAwIBAgIUc\/0FxYrsgSs9rDxp03EJmbjN0NwwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIxMDMzM1oXDTE2MTEwMzIxMDMzM1owDzENMAsGA1UEAwwEY29yZTCCAiIwDQYJ\r\nKoZIhvcNAQEBBQADggIPADCCAgoCggIBALb6EgHpkAqZbO5vRO8XSh7G7XGWHw5s\r\niOf4RwPXR6SE9bWZEm\/b72SfWk\/\/J6AbrD8WiOzBuT\/ODy6k5T1arEdHO+Pux0W1\r\nMxYJJI4kH74KKgMpC0SB0Rt+8WrMqV1r3hhJ46df6Xr\/xolP3oD+eLbShPcblhdS\r\nVtkZEkoev8Sh6L2wDCeHDyPxzvj1w2dTdGVO9Kztn0xIlyfEBakqvBWtcxyi3Ln0\r\nklnxlMx3tPDUE4kqvpia9qNiB1AN2PV93eNr5\/2riAzIssMFSCarWCx0AKYb54+d\r\nxLpcYFyqPJ0ydBCkF78DD45RCZet6PNYkdzgbqlUWEGGomkuDoJbBg4wzgzO0D77\r\nH87KFhYW8tKFFvF1V3AHl\/sFQ9tDHaxM9Y0pZ2jPp\/ccdiqnmdkBxBDqsiRvHvVB\r\nCn6qpb4vWGFC7vHOBfYspmEL1zLlKXZv3ezMZEZw7O9ZvUP3VO\/wAtd2vUW8UFiq\r\ns2v1QnNLN6jNh51obcwmrBvWhJy9vQIdtIjQbDxqWTHh1zUSrw9wrlklCBZ\/zrM0\r\ni8nfCFwTxWRxp3H9KoECzO\/zS5R5KIS7s3\/wq\/w9T2Ie4rcecgXwDizwnn0C\/aKc\r\nbDIjujpL1s9HO05pcD\/V3wKcPZ1izymBkmMyIbL52iRVN5FTVHeZdXPpFuq+CTQJ\r\nQ238lC+A\/KOVAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBAGoKTnh8RfJV4sQItVC2\r\nAvfJagkrIqZ3iiQTUBQGTKBsTnAqE1H7QgUSV9vSd+8rgvHkyZsRjmtyR1e3A6Ji\r\noNCXUbExC\/0iCPUqdHZIVb+Lc\/vWuv4ByFMybGPydgtLoEUX2ZrKFWmcgZFDUSRd\r\n9Uj26vtUhCC4bU4jgu6hIrR9IuxOBLQUxGTRZyAcXvj7obqRAEZwFAKQgFpfpqTb\r\nH+kjcbZSaAlLVSF7vBc1syyI8RGYbqpwvtREqJtl5IEIwe6huEqJ3zPnlP2th\/55\r\ncf3Fovj6JJgbb9XFxrdnsOsDOu\/tpnaRWlvv5ib4+SzG5wWFT5UUEo4Wg2STQiiX\r\nuVSRQxK1LE1yg84bs3NZk9FSQh4B8vZVuRr5FaJsZZkwlFlhRO\/\/+TJtXRbyNgsf\r\noMRZGi8DLGU2SGEAHcRH\/QZHq\/XDUWVzdxrSBYcy7GSpT7UDVzGv1rEJUrn5veP1\r\n0KmauAqtiIaYRm4f6YBsn0INcZxzIPZ0p8qFtVZBPeHhvQtvOt0iXI\/XUxEWOa2F\r\nK2EqhErgMK\/N07U1JJJay5tYZRtvkGq46oP\/5kQG8hYST0MDK6VihJoPpvCmAm4E\r\npEYKQ96x6A4EH9Y9mZlYozH\/eqmxPbTK8n89\/p7Ydun4rI+B2iiLnY8REWWy6+UQ\r\nV204fGUkJqW5CrKy3P3XvY9X\r\n-----END CERTIFICATE-----" }'; $this->fileAccessHelper - ->expects($this->at(0)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/app//appinfo/signature.json' - ) - ->willReturn($signatureDataFile); - $this->fileAccessHelper - ->expects($this->at(1)) - ->method('file_get_contents') - ->with( - '/resources/codesigning/root.crt' - ) - ->willReturn(file_get_contents(__DIR__ .'/../../data/integritycheck/root.crt')); + ->expects($this->exactly(2)) + ->method('file_get_contents') + ->willReturnMap([ + [\OC::$SERVERROOT . '/tests/data/integritycheck/app//appinfo/signature.json', $signatureDataFile], + ['/resources/codesigning/root.crt', file_get_contents(__DIR__ . '/../../data/integritycheck/root.crt')], + ]); $this->assertSame([], $this->checker->verifyAppSignature('SomeApp')); } - public function testVerifyAppSignatureWithTamperedSignatureData() { - $this->environmentHelper - ->expects($this->once()) - ->method('getChannel') - ->willReturn('stable'); + public function testVerifyAppSignatureWithTamperedSignatureData(): void { + $this->serverVersion + ->expects($this->once()) + ->method('getChannel') + ->willReturn('stable'); $this->config - ->expects($this->any()) - ->method('getSystemValue') - ->with('integrity.check.disabled', false) - ->willReturn(false); + ->expects($this->any()) + ->method('getSystemValueBool') + ->with('integrity.check.disabled', false) + ->willReturn(false); $this->appLocator - ->expects($this->once()) - ->method('getAppPath') - ->with('SomeApp') - ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/app/'); + ->expects($this->once()) + ->method('getAppPath') + ->with('SomeApp') + ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/app/'); $signatureDataFile = '{ "hashes": { "AnotherFile.txt": "tampered", @@ -243,19 +235,12 @@ class CheckerTest extends TestCase { "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEwTCCAqmgAwIBAgIUWv0iujufs5lUr0svCf\/qTQvoyKAwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIyNDk1M1oXDTE2MTEwMzIyNDk1M1owEjEQMA4GA1UEAwwHU29tZUFwcDCCAiIw\r\nDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK8q0x62agGSRBqeWsaeEwFfepMk\r\nF8cAobMMi50qHCv9IrOn\/ZH9l52xBrbIkErVmRjmly0d4JhD8Ymhidsh9ONKYl\/j\r\n+ishsZDM8eNNdp3Ew+fEYVvY1W7mR1qU24NWj0bzVsClI7hvPVIuw7AjfBDq1C5+\r\nA+ZSLSXYvOK2cEWjdxQfuNZwEZSjmA63DUllBIrm35IaTvfuyhU6BW9yHZxmb8+M\r\nw0xDv30D5UkE\/2N7Pa\/HQJLxCR+3zKibRK3nUyRDLSXxMkU9PnFNaPNX59VPgyj4\r\nGB1CFSToldJVPF4pzh7p36uGXZVxs8m3LFD4Ol8mhi7jkxDZjqFN46gzR0r23Py6\r\ndol9vfawGIoUwp9LvL0S7MvdRY0oazLXwClLP4OQ17zpSMAiCj7fgNT661JamPGj\r\nt5O7Zn2wA7I4ddDS\/HDTWCu98Zwc9fHIpsJPgCZ9awoqxi4Mnf7Pk9g5nnXhszGC\r\ncxxIASQKM+GhdzoRxKknax2RzUCwCzcPRtCj8AQT\/x\/mqN3PfRmlnFBNACUw9bpZ\r\nSOoNq2pCF9igftDWpSIXQ38pVpKLWowjjg3DVRmVKBgivHnUnVLyzYBahHPj0vaz\r\ntFtUFRaqXDnt+4qyUGyrT5h5pjZaTcHIcSB4PiarYwdVvgslgwnQzOUcGAzRWBD4\r\n6jV2brP5vFY3g6iPAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBACTY3CCHC+Z28gCf\r\nFWGKQ3wAKs+k4+0yoti0qm2EKX7rSGQ0PHSas6uW79WstC4Rj+DYkDtIhGMSg8FS\r\nHVGZHGBCc0HwdX+BOAt3zi4p7Sf3oQef70\/4imPoKxbAVCpd\/cveVcFyDC19j1yB\r\nBapwu87oh+muoeaZxOlqQI4UxjBlR\/uRSMhOn2UGauIr3dWJgAF4pGt7TtIzt+1v\r\n0uA6FtN1Y4R5O8AaJPh1bIG0CVvFBE58esGzjEYLhOydgKFnEP94kVPgJD5ds9C3\r\npPhEpo1dRpiXaF7WGIV1X6DI\/ipWvfrF7CEy6I\/kP1InY\/vMDjQjeDnJ\/VrXIWXO\r\nyZvHXVaN\/m+1RlETsH7YO\/QmxRue9ZHN3gvvWtmpCeA95sfpepOk7UcHxHZYyQbF\r\n49\/au8j+5tsr4A83xzsT1JbcKRxkAaQ7WDJpOnE5O1+H0fB+BaLakTg6XX9d4Fo7\r\n7Gin7hVWX7pL+JIyxMzME3LhfI61+CRcqZQIrpyaafUziPQbWIPfEs7h8tCOWyvW\r\nUO8ZLervYCB3j44ivkrxPlcBklDCqqKKBzDP9dYOtS\/P4RB1NkHA9+NTvmBpTonS\r\nSFXdg9fFMD7VfjDE3Vnk+8DWkVH5wBYowTAD7w9Wuzr7DumiAULexnP\/Y7xwxLv7\r\n4B+pXTAcRK0zECDEaX3npS8xWzrB\r\n-----END CERTIFICATE-----" }'; $this->fileAccessHelper - ->expects($this->at(0)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/app//appinfo/signature.json' - ) - ->willReturn($signatureDataFile); - $this->fileAccessHelper - ->expects($this->at(1)) - ->method('file_get_contents') - ->with( - '/resources/codesigning/root.crt' - ) - ->willReturn(file_get_contents(__DIR__ .'/../../data/integritycheck/root.crt')); + ->expects($this->exactly(2)) + ->method('file_get_contents') + ->willReturnMap([ + [\OC::$SERVERROOT . '/tests/data/integritycheck/app//appinfo/signature.json', $signatureDataFile], + ['/resources/codesigning/root.crt', file_get_contents(__DIR__ . '/../../data/integritycheck/root.crt')], + ]); $expected = [ 'EXCEPTION' => [ @@ -266,22 +251,22 @@ class CheckerTest extends TestCase { $this->assertEquals($expected, $this->checker->verifyAppSignature('SomeApp')); } - public function testVerifyAppSignatureWithTamperedFiles() { - $this->environmentHelper - ->expects($this->once()) - ->method('getChannel') - ->willReturn('stable'); + public function testVerifyAppSignatureWithTamperedFiles(): void { + $this->serverVersion + ->expects($this->once()) + ->method('getChannel') + ->willReturn('stable'); $this->config - ->expects($this->any()) - ->method('getSystemValue') - ->with('integrity.check.disabled', false) - ->willReturn(false); + ->expects($this->any()) + ->method('getSystemValueBool') + ->with('integrity.check.disabled', false) + ->willReturn(false); $this->appLocator - ->expects($this->once()) - ->method('getAppPath') - ->with('SomeApp') - ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData/'); + ->expects($this->once()) + ->method('getAppPath') + ->with('SomeApp') + ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData/'); $signatureDataFile = '{ "hashes": { "AnotherFile.txt": "1570ca9420e37629de4328f48c51da29840ddeaa03ae733da4bf1d854b8364f594aac560601270f9e1797ed4cd57c1aea87bf44cf4245295c94f2e935a2f0112", @@ -291,19 +276,12 @@ class CheckerTest extends TestCase { "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEvjCCAqagAwIBAgIUc\/0FxYrsgSs9rDxp03EJmbjN0NwwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIxMDMzM1oXDTE2MTEwMzIxMDMzM1owDzENMAsGA1UEAwwEY29yZTCCAiIwDQYJ\r\nKoZIhvcNAQEBBQADggIPADCCAgoCggIBALb6EgHpkAqZbO5vRO8XSh7G7XGWHw5s\r\niOf4RwPXR6SE9bWZEm\/b72SfWk\/\/J6AbrD8WiOzBuT\/ODy6k5T1arEdHO+Pux0W1\r\nMxYJJI4kH74KKgMpC0SB0Rt+8WrMqV1r3hhJ46df6Xr\/xolP3oD+eLbShPcblhdS\r\nVtkZEkoev8Sh6L2wDCeHDyPxzvj1w2dTdGVO9Kztn0xIlyfEBakqvBWtcxyi3Ln0\r\nklnxlMx3tPDUE4kqvpia9qNiB1AN2PV93eNr5\/2riAzIssMFSCarWCx0AKYb54+d\r\nxLpcYFyqPJ0ydBCkF78DD45RCZet6PNYkdzgbqlUWEGGomkuDoJbBg4wzgzO0D77\r\nH87KFhYW8tKFFvF1V3AHl\/sFQ9tDHaxM9Y0pZ2jPp\/ccdiqnmdkBxBDqsiRvHvVB\r\nCn6qpb4vWGFC7vHOBfYspmEL1zLlKXZv3ezMZEZw7O9ZvUP3VO\/wAtd2vUW8UFiq\r\ns2v1QnNLN6jNh51obcwmrBvWhJy9vQIdtIjQbDxqWTHh1zUSrw9wrlklCBZ\/zrM0\r\ni8nfCFwTxWRxp3H9KoECzO\/zS5R5KIS7s3\/wq\/w9T2Ie4rcecgXwDizwnn0C\/aKc\r\nbDIjujpL1s9HO05pcD\/V3wKcPZ1izymBkmMyIbL52iRVN5FTVHeZdXPpFuq+CTQJ\r\nQ238lC+A\/KOVAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBAGoKTnh8RfJV4sQItVC2\r\nAvfJagkrIqZ3iiQTUBQGTKBsTnAqE1H7QgUSV9vSd+8rgvHkyZsRjmtyR1e3A6Ji\r\noNCXUbExC\/0iCPUqdHZIVb+Lc\/vWuv4ByFMybGPydgtLoEUX2ZrKFWmcgZFDUSRd\r\n9Uj26vtUhCC4bU4jgu6hIrR9IuxOBLQUxGTRZyAcXvj7obqRAEZwFAKQgFpfpqTb\r\nH+kjcbZSaAlLVSF7vBc1syyI8RGYbqpwvtREqJtl5IEIwe6huEqJ3zPnlP2th\/55\r\ncf3Fovj6JJgbb9XFxrdnsOsDOu\/tpnaRWlvv5ib4+SzG5wWFT5UUEo4Wg2STQiiX\r\nuVSRQxK1LE1yg84bs3NZk9FSQh4B8vZVuRr5FaJsZZkwlFlhRO\/\/+TJtXRbyNgsf\r\noMRZGi8DLGU2SGEAHcRH\/QZHq\/XDUWVzdxrSBYcy7GSpT7UDVzGv1rEJUrn5veP1\r\n0KmauAqtiIaYRm4f6YBsn0INcZxzIPZ0p8qFtVZBPeHhvQtvOt0iXI\/XUxEWOa2F\r\nK2EqhErgMK\/N07U1JJJay5tYZRtvkGq46oP\/5kQG8hYST0MDK6VihJoPpvCmAm4E\r\npEYKQ96x6A4EH9Y9mZlYozH\/eqmxPbTK8n89\/p7Ydun4rI+B2iiLnY8REWWy6+UQ\r\nV204fGUkJqW5CrKy3P3XvY9X\r\n-----END CERTIFICATE-----" }'; $this->fileAccessHelper - ->expects($this->at(0)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData//appinfo/signature.json' - ) - ->willReturn($signatureDataFile); - $this->fileAccessHelper - ->expects($this->at(1)) - ->method('file_get_contents') - ->with( - '/resources/codesigning/root.crt' - ) - ->willReturn(file_get_contents(__DIR__ .'/../../data/integritycheck/root.crt')); + ->expects($this->exactly(2)) + ->method('file_get_contents') + ->willReturnMap([ + [\OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData//appinfo/signature.json', $signatureDataFile], + ['/resources/codesigning/root.crt', file_get_contents(__DIR__ . '/../../data/integritycheck/root.crt')], + ]); $expected = [ @@ -330,21 +308,21 @@ class CheckerTest extends TestCase { $this->assertSame($expected, $this->checker->verifyAppSignature('SomeApp')); } - public function testVerifyAppSignatureWithTamperedFilesAndAlternatePath() { - $this->environmentHelper - ->expects($this->once()) - ->method('getChannel') - ->willReturn('stable'); + public function testVerifyAppSignatureWithTamperedFilesAndAlternatePath(): void { + $this->serverVersion + ->expects($this->once()) + ->method('getChannel') + ->willReturn('stable'); $this->config - ->expects($this->any()) - ->method('getSystemValue') - ->with('integrity.check.disabled', false) - ->willReturn(false); + ->expects($this->any()) + ->method('getSystemValueBool') + ->with('integrity.check.disabled', false) + ->willReturn(false); $this->appLocator - ->expects($this->never()) - ->method('getAppPath') - ->with('SomeApp'); + ->expects($this->never()) + ->method('getAppPath') + ->with('SomeApp'); $signatureDataFile = '{ "hashes": { "AnotherFile.txt": "1570ca9420e37629de4328f48c51da29840ddeaa03ae733da4bf1d854b8364f594aac560601270f9e1797ed4cd57c1aea87bf44cf4245295c94f2e935a2f0112", @@ -354,20 +332,12 @@ class CheckerTest extends TestCase { "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEvjCCAqagAwIBAgIUc\/0FxYrsgSs9rDxp03EJmbjN0NwwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIxMDMzM1oXDTE2MTEwMzIxMDMzM1owDzENMAsGA1UEAwwEY29yZTCCAiIwDQYJ\r\nKoZIhvcNAQEBBQADggIPADCCAgoCggIBALb6EgHpkAqZbO5vRO8XSh7G7XGWHw5s\r\niOf4RwPXR6SE9bWZEm\/b72SfWk\/\/J6AbrD8WiOzBuT\/ODy6k5T1arEdHO+Pux0W1\r\nMxYJJI4kH74KKgMpC0SB0Rt+8WrMqV1r3hhJ46df6Xr\/xolP3oD+eLbShPcblhdS\r\nVtkZEkoev8Sh6L2wDCeHDyPxzvj1w2dTdGVO9Kztn0xIlyfEBakqvBWtcxyi3Ln0\r\nklnxlMx3tPDUE4kqvpia9qNiB1AN2PV93eNr5\/2riAzIssMFSCarWCx0AKYb54+d\r\nxLpcYFyqPJ0ydBCkF78DD45RCZet6PNYkdzgbqlUWEGGomkuDoJbBg4wzgzO0D77\r\nH87KFhYW8tKFFvF1V3AHl\/sFQ9tDHaxM9Y0pZ2jPp\/ccdiqnmdkBxBDqsiRvHvVB\r\nCn6qpb4vWGFC7vHOBfYspmEL1zLlKXZv3ezMZEZw7O9ZvUP3VO\/wAtd2vUW8UFiq\r\ns2v1QnNLN6jNh51obcwmrBvWhJy9vQIdtIjQbDxqWTHh1zUSrw9wrlklCBZ\/zrM0\r\ni8nfCFwTxWRxp3H9KoECzO\/zS5R5KIS7s3\/wq\/w9T2Ie4rcecgXwDizwnn0C\/aKc\r\nbDIjujpL1s9HO05pcD\/V3wKcPZ1izymBkmMyIbL52iRVN5FTVHeZdXPpFuq+CTQJ\r\nQ238lC+A\/KOVAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBAGoKTnh8RfJV4sQItVC2\r\nAvfJagkrIqZ3iiQTUBQGTKBsTnAqE1H7QgUSV9vSd+8rgvHkyZsRjmtyR1e3A6Ji\r\noNCXUbExC\/0iCPUqdHZIVb+Lc\/vWuv4ByFMybGPydgtLoEUX2ZrKFWmcgZFDUSRd\r\n9Uj26vtUhCC4bU4jgu6hIrR9IuxOBLQUxGTRZyAcXvj7obqRAEZwFAKQgFpfpqTb\r\nH+kjcbZSaAlLVSF7vBc1syyI8RGYbqpwvtREqJtl5IEIwe6huEqJ3zPnlP2th\/55\r\ncf3Fovj6JJgbb9XFxrdnsOsDOu\/tpnaRWlvv5ib4+SzG5wWFT5UUEo4Wg2STQiiX\r\nuVSRQxK1LE1yg84bs3NZk9FSQh4B8vZVuRr5FaJsZZkwlFlhRO\/\/+TJtXRbyNgsf\r\noMRZGi8DLGU2SGEAHcRH\/QZHq\/XDUWVzdxrSBYcy7GSpT7UDVzGv1rEJUrn5veP1\r\n0KmauAqtiIaYRm4f6YBsn0INcZxzIPZ0p8qFtVZBPeHhvQtvOt0iXI\/XUxEWOa2F\r\nK2EqhErgMK\/N07U1JJJay5tYZRtvkGq46oP\/5kQG8hYST0MDK6VihJoPpvCmAm4E\r\npEYKQ96x6A4EH9Y9mZlYozH\/eqmxPbTK8n89\/p7Ydun4rI+B2iiLnY8REWWy6+UQ\r\nV204fGUkJqW5CrKy3P3XvY9X\r\n-----END CERTIFICATE-----" }'; $this->fileAccessHelper - ->expects($this->at(0)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData//appinfo/signature.json' - ) - ->willReturn($signatureDataFile); - $this->fileAccessHelper - ->expects($this->at(1)) - ->method('file_get_contents') - ->with( - '/resources/codesigning/root.crt' - ) - ->willReturn(file_get_contents(__DIR__ .'/../../data/integritycheck/root.crt')); - + ->expects($this->exactly(2)) + ->method('file_get_contents') + ->willReturnMap([ + [\OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData//appinfo/signature.json', $signatureDataFile], + ['/resources/codesigning/root.crt', file_get_contents(__DIR__ . '/../../data/integritycheck/root.crt')], + ]); $expected = [ 'INVALID_HASH' => [ @@ -393,22 +363,22 @@ class CheckerTest extends TestCase { $this->assertSame($expected, $this->checker->verifyAppSignature('SomeApp', \OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData/')); } - public function testVerifyAppWithDifferentScope() { - $this->environmentHelper - ->expects($this->once()) - ->method('getChannel') - ->willReturn('stable'); + public function testVerifyAppWithDifferentScope(): void { + $this->serverVersion + ->expects($this->once()) + ->method('getChannel') + ->willReturn('stable'); $this->config - ->expects($this->any()) - ->method('getSystemValue') - ->with('integrity.check.disabled', false) - ->willReturn(false); + ->expects($this->any()) + ->method('getSystemValueBool') + ->with('integrity.check.disabled', false) + ->willReturn(false); $this->appLocator - ->expects($this->once()) - ->method('getAppPath') - ->with('SomeApp') - ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData/'); + ->expects($this->once()) + ->method('getAppPath') + ->with('SomeApp') + ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData/'); $signatureDataFile = '{ "hashes": { "AnotherFile.txt": "1570ca9420e37629de4328f48c51da29840ddeaa03ae733da4bf1d854b8364f594aac560601270f9e1797ed4cd57c1aea87bf44cf4245295c94f2e935a2f0112", @@ -418,17 +388,12 @@ class CheckerTest extends TestCase { "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIExjCCAq6gAwIBAgIUHSJjhJqMwr+3TkoiQFg4SVVYQ1gwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIzMjc1NVoXDTE2MTEwMzIzMjc1NVowFzEVMBMGA1UEAwwMQW5vdGhlclNjb3Bl\r\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA33npb5RmUkXrDT+TbwMf\r\n0zQ33SlzsjoGxCrbSwJOn6leGGInJ6ZrdzLL0WTi\/dTpg+Y\/JS+72XWm5NSjaTxo\r\n7OHc3cQBwXQj4tN6j\/y5qqY0GDLYufEkx2rpazqt9lBSJ72u1bGl2yoOXzYCz5i0\r\n60KsJXC9K44LKzGsarzbwAgskSVNkjAsPgjnCWZmcl6icpLi5Fz9rs2UMOWbdvdI\r\nAROsn0eC9E\/akmXTy5YMu6bAIGpvjZFHzyA83FQRbvv5o1V5Gsye\/VQLEgh7rqfz\r\nT\/jgWifP+JgoeB6otzuRZ3fFsmbBiyCIRtIOzQQflozhUlWtmiEGwg4GySuMUjEH\r\nA1LF86LO+ZzDQgd2oYNKmrQ8O+EcLqx9BpV4AFhEvqdk7uycJYPHs6yl+yfbzTeJ\r\n2Xd0yVAfd9r\/iDr36clLj2bzEObdl9xzKjcCIXE4Q0G4Pur41\/BJUDK9PI390ccQ\r\nnFjjVYBMsC859OwW64tMP0zkM9Vv72LCaEzaR8jqH0j11catqxunr+StfMcmxLTN\r\nbqBJbSEq4ER3mJxCTI2UrIVmdQ7+wRxgv3QTDNOZyqrz2L8A1Rpb3h0APxtQv+oA\r\n8KIZYID5\/qsS2V2jITkMQ8Nd1W3b0cZhZ600z+znh3jLJ0TYLvwN6\/qBQTUDaM2o\r\ng1+icMqXIXIeKuoPCVVsG7cCAwEAATANBgkqhkiG9w0BAQUFAAOCAgEAHc4F\/kOV\r\nHc8In5MmGg2YtjwZzjdeoC5TIPZczRqz0B+wRbJzN6aYryKZKLmP+wKpgRnJWDzp\r\nrgKGyyEQIAfK63DEv4B9p4N1B+B3aeMKsSpVcw7wbFTD57V5A7pURGoo31d0mw5L\r\nUIXZ2u+TUfGbzucMxLdFhTwjGpz9M6Kkm\/POxmV0tvLija5LdbdKnYR9BFmyu4IX\r\nqyoIAtComATNLl+3URu3SZxhE3NxhzMz+eAeNfh1KuIf2gWIIeDCXalVSJLym+OQ\r\nHFDpqRhJqfTMprrRlmmU7Zntgbj8\/RRZuXnBvH9cQ2KykLOb4UoCPlGUqOqKyP9m\r\nDJSFRiMJfpgMQUaJk1TLhKF+IR6FnmwURLEtkONJumtDQju9KaWPlhueONdyGi0p\r\nqxLVUo1Vb52XnPhk2GEEduxpDc9V5ePJ+pdcEdMifY\/uPNBRuBj2c87yq1DLH+U4\r\n3XzP1MlwjnBWZYuoFo0j6Jq0r\/MG6HjGdmkGIsRoheRi8Z8Scz5AW5QRkNz8pKop\r\nTELFqQy9g6TyQzzC8t6HZcpNe842ZUk4raEAbCZe\/XqxWMw5svPgNceBqM3fh7sZ\r\nBSykOHLaL8kiRO\/IS3y1yZEAuiWBvtxcTNLzBb+hdRpm2y8\/qH\/pKo+CMj1VzjNT\r\nD8YRQg0cjmDytJzHDrtV\/aTc9W1aPHun0vw=\r\n-----END CERTIFICATE-----" }'; $this->fileAccessHelper - ->expects($this->at(0)) - ->method('file_get_contents') - ->with(\OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData//appinfo/signature.json') - ->willReturn($signatureDataFile); - $this->fileAccessHelper - ->expects($this->at(1)) - ->method('file_get_contents') - ->with( - '/resources/codesigning/root.crt' - ) - ->willReturn(file_get_contents(__DIR__ .'/../../data/integritycheck/root.crt')); + ->expects($this->exactly(2)) + ->method('file_get_contents') + ->willReturnMap([ + [\OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData//appinfo/signature.json', $signatureDataFile], + ['/resources/codesigning/root.crt', file_get_contents(__DIR__ . '/../../data/integritycheck/root.crt')], + ]); $expected = [ 'EXCEPTION' => [ @@ -439,22 +404,22 @@ class CheckerTest extends TestCase { $this->assertSame($expected, $this->checker->verifyAppSignature('SomeApp')); } - public function testVerifyAppWithDifferentScopeAndAlwaysTrustedCore() { - $this->environmentHelper - ->expects($this->once()) - ->method('getChannel') - ->willReturn('stable'); + public function testVerifyAppWithDifferentScopeAndAlwaysTrustedCore(): void { + $this->serverVersion + ->expects($this->once()) + ->method('getChannel') + ->willReturn('stable'); $this->config - ->expects($this->any()) - ->method('getSystemValue') - ->with('integrity.check.disabled', false) - ->willReturn(false); + ->expects($this->any()) + ->method('getSystemValueBool') + ->with('integrity.check.disabled', false) + ->willReturn(false); $this->appLocator - ->expects($this->once()) - ->method('getAppPath') - ->with('SomeApp') - ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/app/'); + ->expects($this->once()) + ->method('getAppPath') + ->with('SomeApp') + ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/app/'); $signatureDataFile = '{ "hashes": { "AnotherFile.txt": "1570ca9420e37629de4328f48c51da29840ddeaa03ae733da4bf1d854b8364f594aac560601270f9e1797ed4cd57c1aea87bf44cf4245295c94f2e935a2f0112", @@ -464,38 +429,33 @@ class CheckerTest extends TestCase { "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEvjCCAqagAwIBAgIUc\/0FxYrsgSs9rDxp03EJmbjN0NwwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIxMDMzM1oXDTE2MTEwMzIxMDMzM1owDzENMAsGA1UEAwwEY29yZTCCAiIwDQYJ\r\nKoZIhvcNAQEBBQADggIPADCCAgoCggIBALb6EgHpkAqZbO5vRO8XSh7G7XGWHw5s\r\niOf4RwPXR6SE9bWZEm\/b72SfWk\/\/J6AbrD8WiOzBuT\/ODy6k5T1arEdHO+Pux0W1\r\nMxYJJI4kH74KKgMpC0SB0Rt+8WrMqV1r3hhJ46df6Xr\/xolP3oD+eLbShPcblhdS\r\nVtkZEkoev8Sh6L2wDCeHDyPxzvj1w2dTdGVO9Kztn0xIlyfEBakqvBWtcxyi3Ln0\r\nklnxlMx3tPDUE4kqvpia9qNiB1AN2PV93eNr5\/2riAzIssMFSCarWCx0AKYb54+d\r\nxLpcYFyqPJ0ydBCkF78DD45RCZet6PNYkdzgbqlUWEGGomkuDoJbBg4wzgzO0D77\r\nH87KFhYW8tKFFvF1V3AHl\/sFQ9tDHaxM9Y0pZ2jPp\/ccdiqnmdkBxBDqsiRvHvVB\r\nCn6qpb4vWGFC7vHOBfYspmEL1zLlKXZv3ezMZEZw7O9ZvUP3VO\/wAtd2vUW8UFiq\r\ns2v1QnNLN6jNh51obcwmrBvWhJy9vQIdtIjQbDxqWTHh1zUSrw9wrlklCBZ\/zrM0\r\ni8nfCFwTxWRxp3H9KoECzO\/zS5R5KIS7s3\/wq\/w9T2Ie4rcecgXwDizwnn0C\/aKc\r\nbDIjujpL1s9HO05pcD\/V3wKcPZ1izymBkmMyIbL52iRVN5FTVHeZdXPpFuq+CTQJ\r\nQ238lC+A\/KOVAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBAGoKTnh8RfJV4sQItVC2\r\nAvfJagkrIqZ3iiQTUBQGTKBsTnAqE1H7QgUSV9vSd+8rgvHkyZsRjmtyR1e3A6Ji\r\noNCXUbExC\/0iCPUqdHZIVb+Lc\/vWuv4ByFMybGPydgtLoEUX2ZrKFWmcgZFDUSRd\r\n9Uj26vtUhCC4bU4jgu6hIrR9IuxOBLQUxGTRZyAcXvj7obqRAEZwFAKQgFpfpqTb\r\nH+kjcbZSaAlLVSF7vBc1syyI8RGYbqpwvtREqJtl5IEIwe6huEqJ3zPnlP2th\/55\r\ncf3Fovj6JJgbb9XFxrdnsOsDOu\/tpnaRWlvv5ib4+SzG5wWFT5UUEo4Wg2STQiiX\r\nuVSRQxK1LE1yg84bs3NZk9FSQh4B8vZVuRr5FaJsZZkwlFlhRO\/\/+TJtXRbyNgsf\r\noMRZGi8DLGU2SGEAHcRH\/QZHq\/XDUWVzdxrSBYcy7GSpT7UDVzGv1rEJUrn5veP1\r\n0KmauAqtiIaYRm4f6YBsn0INcZxzIPZ0p8qFtVZBPeHhvQtvOt0iXI\/XUxEWOa2F\r\nK2EqhErgMK\/N07U1JJJay5tYZRtvkGq46oP\/5kQG8hYST0MDK6VihJoPpvCmAm4E\r\npEYKQ96x6A4EH9Y9mZlYozH\/eqmxPbTK8n89\/p7Ydun4rI+B2iiLnY8REWWy6+UQ\r\nV204fGUkJqW5CrKy3P3XvY9X\r\n-----END CERTIFICATE-----" }'; $this->fileAccessHelper - ->expects($this->at(0)) - ->method('file_get_contents') - ->with(\OC::$SERVERROOT . '/tests/data/integritycheck/app//appinfo/signature.json') - ->willReturn($signatureDataFile); - $this->fileAccessHelper - ->expects($this->at(1)) - ->method('file_get_contents') - ->with( - '/resources/codesigning/root.crt' - ) - ->willReturn(file_get_contents(__DIR__ .'/../../data/integritycheck/root.crt')); + ->expects($this->exactly(2)) + ->method('file_get_contents') + ->willReturnMap([ + [\OC::$SERVERROOT . '/tests/data/integritycheck/app//appinfo/signature.json', $signatureDataFile], + ['/resources/codesigning/root.crt', file_get_contents(__DIR__ . '/../../data/integritycheck/root.crt')], + ]); $this->assertSame([], $this->checker->verifyAppSignature('SomeApp')); } - public function testWriteCoreSignatureWithException() { + public function testWriteCoreSignatureWithException(): void { $this->expectException(\Exception::class); $this->expectExceptionMessage('Exception message'); $this->fileAccessHelper - ->expects($this->at(0)) + ->expects($this->once()) ->method('assertDirectoryExists') - ->will($this->throwException(new \Exception('Exception message'))); + ->willThrowException(new \Exception('Exception message')); $this->fileAccessHelper - ->expects($this->at(1)) + ->expects($this->once()) ->method('is_writable') ->with(__DIR__ . '/core') ->willReturn(true); - $keyBundle = file_get_contents(__DIR__ .'/../../data/integritycheck/SomeApp.crt'); - $rsaPrivateKey = file_get_contents(__DIR__ .'/../../data/integritycheck/SomeApp.key'); + $keyBundle = file_get_contents(__DIR__ . '/../../data/integritycheck/SomeApp.crt'); + $rsaPrivateKey = file_get_contents(__DIR__ . '/../../data/integritycheck/SomeApp.key'); $rsa = new RSA(); $rsa->loadKey($rsaPrivateKey); $x509 = new X509(); @@ -504,22 +464,22 @@ class CheckerTest extends TestCase { } - public function testWriteCoreSignatureWrongPermissions() { + public function testWriteCoreSignatureWrongPermissions(): void { $this->expectException(\Exception::class); $this->expectExceptionMessageMatches('/[a-zA-Z\\/_-]+ is not writable/'); $this->fileAccessHelper - ->expects($this->at(0)) + ->expects($this->once()) ->method('assertDirectoryExists') - ->will($this->throwException(new \Exception('Exception message'))); + ->willThrowException(new \Exception('Exception message')); $this->fileAccessHelper - ->expects($this->at(1)) + ->expects($this->once()) ->method('is_writable') ->with(__DIR__ . '/core') ->willReturn(false); - $keyBundle = file_get_contents(__DIR__ .'/../../data/integritycheck/SomeApp.crt'); - $rsaPrivateKey = file_get_contents(__DIR__ .'/../../data/integritycheck/SomeApp.key'); + $keyBundle = file_get_contents(__DIR__ . '/../../data/integritycheck/SomeApp.crt'); + $rsaPrivateKey = file_get_contents(__DIR__ . '/../../data/integritycheck/SomeApp.key'); $rsa = new RSA(); $rsa->loadKey($rsaPrivateKey); $x509 = new X509(); @@ -527,7 +487,7 @@ class CheckerTest extends TestCase { $this->checker->writeCoreSignature($x509, $rsa, __DIR__); } - public function testWriteCoreSignature() { + public function testWriteCoreSignature(): void { $expectedSignatureFileData = '{ "hashes": { "AnotherFile.txt": "1570ca9420e37629de4328f48c51da29840ddeaa03ae733da4bf1d854b8364f594aac560601270f9e1797ed4cd57c1aea87bf44cf4245295c94f2e935a2f0112", @@ -537,24 +497,24 @@ class CheckerTest extends TestCase { "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEvjCCAqagAwIBAgIUc\/0FxYrsgSs9rDxp03EJmbjN0NwwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIxMDMzM1oXDTE2MTEwMzIxMDMzM1owDzENMAsGA1UEAwwEY29yZTCCAiIwDQYJ\r\nKoZIhvcNAQEBBQADggIPADCCAgoCggIBALb6EgHpkAqZbO5vRO8XSh7G7XGWHw5s\r\niOf4RwPXR6SE9bWZEm\/b72SfWk\/\/J6AbrD8WiOzBuT\/ODy6k5T1arEdHO+Pux0W1\r\nMxYJJI4kH74KKgMpC0SB0Rt+8WrMqV1r3hhJ46df6Xr\/xolP3oD+eLbShPcblhdS\r\nVtkZEkoev8Sh6L2wDCeHDyPxzvj1w2dTdGVO9Kztn0xIlyfEBakqvBWtcxyi3Ln0\r\nklnxlMx3tPDUE4kqvpia9qNiB1AN2PV93eNr5\/2riAzIssMFSCarWCx0AKYb54+d\r\nxLpcYFyqPJ0ydBCkF78DD45RCZet6PNYkdzgbqlUWEGGomkuDoJbBg4wzgzO0D77\r\nH87KFhYW8tKFFvF1V3AHl\/sFQ9tDHaxM9Y0pZ2jPp\/ccdiqnmdkBxBDqsiRvHvVB\r\nCn6qpb4vWGFC7vHOBfYspmEL1zLlKXZv3ezMZEZw7O9ZvUP3VO\/wAtd2vUW8UFiq\r\ns2v1QnNLN6jNh51obcwmrBvWhJy9vQIdtIjQbDxqWTHh1zUSrw9wrlklCBZ\/zrM0\r\ni8nfCFwTxWRxp3H9KoECzO\/zS5R5KIS7s3\/wq\/w9T2Ie4rcecgXwDizwnn0C\/aKc\r\nbDIjujpL1s9HO05pcD\/V3wKcPZ1izymBkmMyIbL52iRVN5FTVHeZdXPpFuq+CTQJ\r\nQ238lC+A\/KOVAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBAGoKTnh8RfJV4sQItVC2\r\nAvfJagkrIqZ3iiQTUBQGTKBsTnAqE1H7QgUSV9vSd+8rgvHkyZsRjmtyR1e3A6Ji\r\noNCXUbExC\/0iCPUqdHZIVb+Lc\/vWuv4ByFMybGPydgtLoEUX2ZrKFWmcgZFDUSRd\r\n9Uj26vtUhCC4bU4jgu6hIrR9IuxOBLQUxGTRZyAcXvj7obqRAEZwFAKQgFpfpqTb\r\nH+kjcbZSaAlLVSF7vBc1syyI8RGYbqpwvtREqJtl5IEIwe6huEqJ3zPnlP2th\/55\r\ncf3Fovj6JJgbb9XFxrdnsOsDOu\/tpnaRWlvv5ib4+SzG5wWFT5UUEo4Wg2STQiiX\r\nuVSRQxK1LE1yg84bs3NZk9FSQh4B8vZVuRr5FaJsZZkwlFlhRO\/\/+TJtXRbyNgsf\r\noMRZGi8DLGU2SGEAHcRH\/QZHq\/XDUWVzdxrSBYcy7GSpT7UDVzGv1rEJUrn5veP1\r\n0KmauAqtiIaYRm4f6YBsn0INcZxzIPZ0p8qFtVZBPeHhvQtvOt0iXI\/XUxEWOa2F\r\nK2EqhErgMK\/N07U1JJJay5tYZRtvkGq46oP\/5kQG8hYST0MDK6VihJoPpvCmAm4E\r\npEYKQ96x6A4EH9Y9mZlYozH\/eqmxPbTK8n89\/p7Ydun4rI+B2iiLnY8REWWy6+UQ\r\nV204fGUkJqW5CrKy3P3XvY9X\r\n-----END CERTIFICATE-----" }'; $this->environmentHelper - ->expects($this->any()) - ->method('getServerRoot') - ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/app/'); + ->expects($this->any()) + ->method('getServerRoot') + ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/app/'); $this->fileAccessHelper - ->expects($this->once()) - ->method('file_put_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/app//core/signature.json', - $this->callback(function ($signature) use ($expectedSignatureFileData) { - $expectedArray = json_decode($expectedSignatureFileData, true); - $actualArray = json_decode($signature, true); - $this->assertEquals($expectedArray, $actualArray); - return true; - }) - ); - - $keyBundle = file_get_contents(__DIR__ .'/../../data/integritycheck/core.crt'); - $rsaPrivateKey = file_get_contents(__DIR__ .'/../../data/integritycheck/core.key'); + ->expects($this->once()) + ->method('file_put_contents') + ->with( + \OC::$SERVERROOT . '/tests/data/integritycheck/app//core/signature.json', + $this->callback(function ($signature) use ($expectedSignatureFileData) { + $expectedArray = json_decode($expectedSignatureFileData, true); + $actualArray = json_decode($signature, true); + $this->assertEquals($expectedArray, $actualArray); + return true; + }) + ); + + $keyBundle = file_get_contents(__DIR__ . '/../../data/integritycheck/core.crt'); + $rsaPrivateKey = file_get_contents(__DIR__ . '/../../data/integritycheck/core.key'); $rsa = new RSA(); $rsa->loadKey($rsaPrivateKey); $x509 = new X509(); @@ -562,7 +522,7 @@ class CheckerTest extends TestCase { $this->checker->writeCoreSignature($x509, $rsa, \OC::$SERVERROOT . '/tests/data/integritycheck/app/'); } - public function testWriteCoreSignatureWithUnmodifiedHtaccess() { + public function testWriteCoreSignatureWithUnmodifiedHtaccess(): void { $expectedSignatureFileData = '{ "hashes": { ".htaccess": "dc479770a6232061e04a768ee1f9133fdb3aea7b3a99f7105b0e0b6197474733e8d14b5b2bbad054e6b62a410fe5d0b3d790242dee1e0f11274af2100f5289e2", @@ -572,24 +532,24 @@ class CheckerTest extends TestCase { "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEvjCCAqagAwIBAgIUc\/0FxYrsgSs9rDxp03EJmbjN0NwwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIxMDMzM1oXDTE2MTEwMzIxMDMzM1owDzENMAsGA1UEAwwEY29yZTCCAiIwDQYJ\r\nKoZIhvcNAQEBBQADggIPADCCAgoCggIBALb6EgHpkAqZbO5vRO8XSh7G7XGWHw5s\r\niOf4RwPXR6SE9bWZEm\/b72SfWk\/\/J6AbrD8WiOzBuT\/ODy6k5T1arEdHO+Pux0W1\r\nMxYJJI4kH74KKgMpC0SB0Rt+8WrMqV1r3hhJ46df6Xr\/xolP3oD+eLbShPcblhdS\r\nVtkZEkoev8Sh6L2wDCeHDyPxzvj1w2dTdGVO9Kztn0xIlyfEBakqvBWtcxyi3Ln0\r\nklnxlMx3tPDUE4kqvpia9qNiB1AN2PV93eNr5\/2riAzIssMFSCarWCx0AKYb54+d\r\nxLpcYFyqPJ0ydBCkF78DD45RCZet6PNYkdzgbqlUWEGGomkuDoJbBg4wzgzO0D77\r\nH87KFhYW8tKFFvF1V3AHl\/sFQ9tDHaxM9Y0pZ2jPp\/ccdiqnmdkBxBDqsiRvHvVB\r\nCn6qpb4vWGFC7vHOBfYspmEL1zLlKXZv3ezMZEZw7O9ZvUP3VO\/wAtd2vUW8UFiq\r\ns2v1QnNLN6jNh51obcwmrBvWhJy9vQIdtIjQbDxqWTHh1zUSrw9wrlklCBZ\/zrM0\r\ni8nfCFwTxWRxp3H9KoECzO\/zS5R5KIS7s3\/wq\/w9T2Ie4rcecgXwDizwnn0C\/aKc\r\nbDIjujpL1s9HO05pcD\/V3wKcPZ1izymBkmMyIbL52iRVN5FTVHeZdXPpFuq+CTQJ\r\nQ238lC+A\/KOVAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBAGoKTnh8RfJV4sQItVC2\r\nAvfJagkrIqZ3iiQTUBQGTKBsTnAqE1H7QgUSV9vSd+8rgvHkyZsRjmtyR1e3A6Ji\r\noNCXUbExC\/0iCPUqdHZIVb+Lc\/vWuv4ByFMybGPydgtLoEUX2ZrKFWmcgZFDUSRd\r\n9Uj26vtUhCC4bU4jgu6hIrR9IuxOBLQUxGTRZyAcXvj7obqRAEZwFAKQgFpfpqTb\r\nH+kjcbZSaAlLVSF7vBc1syyI8RGYbqpwvtREqJtl5IEIwe6huEqJ3zPnlP2th\/55\r\ncf3Fovj6JJgbb9XFxrdnsOsDOu\/tpnaRWlvv5ib4+SzG5wWFT5UUEo4Wg2STQiiX\r\nuVSRQxK1LE1yg84bs3NZk9FSQh4B8vZVuRr5FaJsZZkwlFlhRO\/\/+TJtXRbyNgsf\r\noMRZGi8DLGU2SGEAHcRH\/QZHq\/XDUWVzdxrSBYcy7GSpT7UDVzGv1rEJUrn5veP1\r\n0KmauAqtiIaYRm4f6YBsn0INcZxzIPZ0p8qFtVZBPeHhvQtvOt0iXI\/XUxEWOa2F\r\nK2EqhErgMK\/N07U1JJJay5tYZRtvkGq46oP\/5kQG8hYST0MDK6VihJoPpvCmAm4E\r\npEYKQ96x6A4EH9Y9mZlYozH\/eqmxPbTK8n89\/p7Ydun4rI+B2iiLnY8REWWy6+UQ\r\nV204fGUkJqW5CrKy3P3XvY9X\r\n-----END CERTIFICATE-----" }'; $this->environmentHelper - ->expects($this->any()) - ->method('getServerRoot') - ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/htaccessUnmodified/'); + ->expects($this->any()) + ->method('getServerRoot') + ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/htaccessUnmodified/'); $this->fileAccessHelper - ->expects($this->once()) - ->method('file_put_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/htaccessUnmodified//core/signature.json', - $this->callback(function ($signature) use ($expectedSignatureFileData) { - $expectedArray = json_decode($expectedSignatureFileData, true); - $actualArray = json_decode($signature, true); - $this->assertEquals($expectedArray, $actualArray); - return true; - }) - ); - - $keyBundle = file_get_contents(__DIR__ .'/../../data/integritycheck/core.crt'); - $rsaPrivateKey = file_get_contents(__DIR__ .'/../../data/integritycheck/core.key'); + ->expects($this->once()) + ->method('file_put_contents') + ->with( + \OC::$SERVERROOT . '/tests/data/integritycheck/htaccessUnmodified//core/signature.json', + $this->callback(function ($signature) use ($expectedSignatureFileData) { + $expectedArray = json_decode($expectedSignatureFileData, true); + $actualArray = json_decode($signature, true); + $this->assertEquals($expectedArray, $actualArray); + return true; + }) + ); + + $keyBundle = file_get_contents(__DIR__ . '/../../data/integritycheck/core.crt'); + $rsaPrivateKey = file_get_contents(__DIR__ . '/../../data/integritycheck/core.key'); $rsa = new RSA(); $rsa->loadKey($rsaPrivateKey); $x509 = new X509(); @@ -597,7 +557,7 @@ class CheckerTest extends TestCase { $this->checker->writeCoreSignature($x509, $rsa, \OC::$SERVERROOT . '/tests/data/integritycheck/htaccessUnmodified/'); } - public function testWriteCoreSignatureWithInvalidModifiedHtaccess() { + public function testWriteCoreSignatureWithInvalidModifiedHtaccess(): void { $expectedSignatureFileData = '{ "hashes": { ".htaccess": "4a54273dc8d697b2ca615acf2ae2c1ee3c1c643492cb04f42b10984fa9aacff1420dc829fd82f93ad3476fbd0cdab0251142c887dc8f872d03e39a3a3eb6d381" @@ -606,20 +566,20 @@ class CheckerTest extends TestCase { "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEvjCCAqagAwIBAgIUc\/0FxYrsgSs9rDxp03EJmbjN0NwwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIxMDMzM1oXDTE2MTEwMzIxMDMzM1owDzENMAsGA1UEAwwEY29yZTCCAiIwDQYJ\r\nKoZIhvcNAQEBBQADggIPADCCAgoCggIBALb6EgHpkAqZbO5vRO8XSh7G7XGWHw5s\r\niOf4RwPXR6SE9bWZEm\/b72SfWk\/\/J6AbrD8WiOzBuT\/ODy6k5T1arEdHO+Pux0W1\r\nMxYJJI4kH74KKgMpC0SB0Rt+8WrMqV1r3hhJ46df6Xr\/xolP3oD+eLbShPcblhdS\r\nVtkZEkoev8Sh6L2wDCeHDyPxzvj1w2dTdGVO9Kztn0xIlyfEBakqvBWtcxyi3Ln0\r\nklnxlMx3tPDUE4kqvpia9qNiB1AN2PV93eNr5\/2riAzIssMFSCarWCx0AKYb54+d\r\nxLpcYFyqPJ0ydBCkF78DD45RCZet6PNYkdzgbqlUWEGGomkuDoJbBg4wzgzO0D77\r\nH87KFhYW8tKFFvF1V3AHl\/sFQ9tDHaxM9Y0pZ2jPp\/ccdiqnmdkBxBDqsiRvHvVB\r\nCn6qpb4vWGFC7vHOBfYspmEL1zLlKXZv3ezMZEZw7O9ZvUP3VO\/wAtd2vUW8UFiq\r\ns2v1QnNLN6jNh51obcwmrBvWhJy9vQIdtIjQbDxqWTHh1zUSrw9wrlklCBZ\/zrM0\r\ni8nfCFwTxWRxp3H9KoECzO\/zS5R5KIS7s3\/wq\/w9T2Ie4rcecgXwDizwnn0C\/aKc\r\nbDIjujpL1s9HO05pcD\/V3wKcPZ1izymBkmMyIbL52iRVN5FTVHeZdXPpFuq+CTQJ\r\nQ238lC+A\/KOVAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBAGoKTnh8RfJV4sQItVC2\r\nAvfJagkrIqZ3iiQTUBQGTKBsTnAqE1H7QgUSV9vSd+8rgvHkyZsRjmtyR1e3A6Ji\r\noNCXUbExC\/0iCPUqdHZIVb+Lc\/vWuv4ByFMybGPydgtLoEUX2ZrKFWmcgZFDUSRd\r\n9Uj26vtUhCC4bU4jgu6hIrR9IuxOBLQUxGTRZyAcXvj7obqRAEZwFAKQgFpfpqTb\r\nH+kjcbZSaAlLVSF7vBc1syyI8RGYbqpwvtREqJtl5IEIwe6huEqJ3zPnlP2th\/55\r\ncf3Fovj6JJgbb9XFxrdnsOsDOu\/tpnaRWlvv5ib4+SzG5wWFT5UUEo4Wg2STQiiX\r\nuVSRQxK1LE1yg84bs3NZk9FSQh4B8vZVuRr5FaJsZZkwlFlhRO\/\/+TJtXRbyNgsf\r\noMRZGi8DLGU2SGEAHcRH\/QZHq\/XDUWVzdxrSBYcy7GSpT7UDVzGv1rEJUrn5veP1\r\n0KmauAqtiIaYRm4f6YBsn0INcZxzIPZ0p8qFtVZBPeHhvQtvOt0iXI\/XUxEWOa2F\r\nK2EqhErgMK\/N07U1JJJay5tYZRtvkGq46oP\/5kQG8hYST0MDK6VihJoPpvCmAm4E\r\npEYKQ96x6A4EH9Y9mZlYozH\/eqmxPbTK8n89\/p7Ydun4rI+B2iiLnY8REWWy6+UQ\r\nV204fGUkJqW5CrKy3P3XvY9X\r\n-----END CERTIFICATE-----" }'; $this->fileAccessHelper - ->expects($this->once()) - ->method('file_put_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/htaccessWithInvalidModifiedContent//core/signature.json', - $this->callback(function ($signature) use ($expectedSignatureFileData) { - $expectedArray = json_decode($expectedSignatureFileData, true); - $actualArray = json_decode($signature, true); - $this->assertEquals($expectedArray, $actualArray); - return true; - }) - ); - - $keyBundle = file_get_contents(__DIR__ .'/../../data/integritycheck/core.crt'); - $rsaPrivateKey = file_get_contents(__DIR__ .'/../../data/integritycheck/core.key'); + ->expects($this->once()) + ->method('file_put_contents') + ->with( + \OC::$SERVERROOT . '/tests/data/integritycheck/htaccessWithInvalidModifiedContent//core/signature.json', + $this->callback(function ($signature) use ($expectedSignatureFileData) { + $expectedArray = json_decode($expectedSignatureFileData, true); + $actualArray = json_decode($signature, true); + $this->assertEquals($expectedArray, $actualArray); + return true; + }) + ); + + $keyBundle = file_get_contents(__DIR__ . '/../../data/integritycheck/core.crt'); + $rsaPrivateKey = file_get_contents(__DIR__ . '/../../data/integritycheck/core.key'); $rsa = new RSA(); $rsa->loadKey($rsaPrivateKey); $x509 = new X509(); @@ -627,7 +587,7 @@ class CheckerTest extends TestCase { $this->checker->writeCoreSignature($x509, $rsa, \OC::$SERVERROOT . '/tests/data/integritycheck/htaccessWithInvalidModifiedContent/'); } - public function testWriteCoreSignatureWithValidModifiedHtaccess() { + public function testWriteCoreSignatureWithValidModifiedHtaccess(): void { $expectedSignatureFileData = '{ "hashes": { ".htaccess": "7e6a7a4d8ee4f3fbc45dd579407c643471575a9d127d1c75f6d0a49e80766c3c587104b2139ef76d2a4bffce3f45777900605aaa49519c9532909b71e5030227", @@ -637,24 +597,24 @@ class CheckerTest extends TestCase { "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEvjCCAqagAwIBAgIUc\/0FxYrsgSs9rDxp03EJmbjN0NwwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIxMDMzM1oXDTE2MTEwMzIxMDMzM1owDzENMAsGA1UEAwwEY29yZTCCAiIwDQYJ\r\nKoZIhvcNAQEBBQADggIPADCCAgoCggIBALb6EgHpkAqZbO5vRO8XSh7G7XGWHw5s\r\niOf4RwPXR6SE9bWZEm\/b72SfWk\/\/J6AbrD8WiOzBuT\/ODy6k5T1arEdHO+Pux0W1\r\nMxYJJI4kH74KKgMpC0SB0Rt+8WrMqV1r3hhJ46df6Xr\/xolP3oD+eLbShPcblhdS\r\nVtkZEkoev8Sh6L2wDCeHDyPxzvj1w2dTdGVO9Kztn0xIlyfEBakqvBWtcxyi3Ln0\r\nklnxlMx3tPDUE4kqvpia9qNiB1AN2PV93eNr5\/2riAzIssMFSCarWCx0AKYb54+d\r\nxLpcYFyqPJ0ydBCkF78DD45RCZet6PNYkdzgbqlUWEGGomkuDoJbBg4wzgzO0D77\r\nH87KFhYW8tKFFvF1V3AHl\/sFQ9tDHaxM9Y0pZ2jPp\/ccdiqnmdkBxBDqsiRvHvVB\r\nCn6qpb4vWGFC7vHOBfYspmEL1zLlKXZv3ezMZEZw7O9ZvUP3VO\/wAtd2vUW8UFiq\r\ns2v1QnNLN6jNh51obcwmrBvWhJy9vQIdtIjQbDxqWTHh1zUSrw9wrlklCBZ\/zrM0\r\ni8nfCFwTxWRxp3H9KoECzO\/zS5R5KIS7s3\/wq\/w9T2Ie4rcecgXwDizwnn0C\/aKc\r\nbDIjujpL1s9HO05pcD\/V3wKcPZ1izymBkmMyIbL52iRVN5FTVHeZdXPpFuq+CTQJ\r\nQ238lC+A\/KOVAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBAGoKTnh8RfJV4sQItVC2\r\nAvfJagkrIqZ3iiQTUBQGTKBsTnAqE1H7QgUSV9vSd+8rgvHkyZsRjmtyR1e3A6Ji\r\noNCXUbExC\/0iCPUqdHZIVb+Lc\/vWuv4ByFMybGPydgtLoEUX2ZrKFWmcgZFDUSRd\r\n9Uj26vtUhCC4bU4jgu6hIrR9IuxOBLQUxGTRZyAcXvj7obqRAEZwFAKQgFpfpqTb\r\nH+kjcbZSaAlLVSF7vBc1syyI8RGYbqpwvtREqJtl5IEIwe6huEqJ3zPnlP2th\/55\r\ncf3Fovj6JJgbb9XFxrdnsOsDOu\/tpnaRWlvv5ib4+SzG5wWFT5UUEo4Wg2STQiiX\r\nuVSRQxK1LE1yg84bs3NZk9FSQh4B8vZVuRr5FaJsZZkwlFlhRO\/\/+TJtXRbyNgsf\r\noMRZGi8DLGU2SGEAHcRH\/QZHq\/XDUWVzdxrSBYcy7GSpT7UDVzGv1rEJUrn5veP1\r\n0KmauAqtiIaYRm4f6YBsn0INcZxzIPZ0p8qFtVZBPeHhvQtvOt0iXI\/XUxEWOa2F\r\nK2EqhErgMK\/N07U1JJJay5tYZRtvkGq46oP\/5kQG8hYST0MDK6VihJoPpvCmAm4E\r\npEYKQ96x6A4EH9Y9mZlYozH\/eqmxPbTK8n89\/p7Ydun4rI+B2iiLnY8REWWy6+UQ\r\nV204fGUkJqW5CrKy3P3XvY9X\r\n-----END CERTIFICATE-----" }'; $this->environmentHelper - ->expects($this->any()) - ->method('getServerRoot') - ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/htaccessWithValidModifiedContent'); + ->expects($this->any()) + ->method('getServerRoot') + ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/htaccessWithValidModifiedContent'); $this->fileAccessHelper - ->expects($this->once()) - ->method('file_put_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/htaccessWithValidModifiedContent/core/signature.json', - $this->callback(function ($signature) use ($expectedSignatureFileData) { - $expectedArray = json_decode($expectedSignatureFileData, true); - $actualArray = json_decode($signature, true); - $this->assertEquals($expectedArray, $actualArray); - return true; - }) - ); - - $keyBundle = file_get_contents(__DIR__ .'/../../data/integritycheck/core.crt'); - $rsaPrivateKey = file_get_contents(__DIR__ .'/../../data/integritycheck/core.key'); + ->expects($this->once()) + ->method('file_put_contents') + ->with( + \OC::$SERVERROOT . '/tests/data/integritycheck/htaccessWithValidModifiedContent/core/signature.json', + $this->callback(function ($signature) use ($expectedSignatureFileData) { + $expectedArray = json_decode($expectedSignatureFileData, true); + $actualArray = json_decode($signature, true); + $this->assertEquals($expectedArray, $actualArray); + return true; + }) + ); + + $keyBundle = file_get_contents(__DIR__ . '/../../data/integritycheck/core.crt'); + $rsaPrivateKey = file_get_contents(__DIR__ . '/../../data/integritycheck/core.key'); $rsa = new RSA(); $rsa->loadKey($rsaPrivateKey); $x509 = new X509(); @@ -662,16 +622,16 @@ class CheckerTest extends TestCase { $this->checker->writeCoreSignature($x509, $rsa, \OC::$SERVERROOT . '/tests/data/integritycheck/htaccessWithValidModifiedContent'); } - public function testVerifyCoreSignatureWithoutSignatureData() { - $this->environmentHelper - ->expects($this->once()) - ->method('getChannel') - ->willReturn('stable'); + public function testVerifyCoreSignatureWithoutSignatureData(): void { + $this->serverVersion + ->expects($this->once()) + ->method('getChannel') + ->willReturn('stable'); $this->config - ->expects($this->any()) - ->method('getSystemValue') - ->with('integrity.check.disabled', false) - ->willReturn(false); + ->expects($this->any()) + ->method('getSystemValueBool') + ->with('integrity.check.disabled', false) + ->willReturn(false); $expected = [ 'EXCEPTION' => [ @@ -682,21 +642,21 @@ class CheckerTest extends TestCase { $this->assertSame($expected, $this->checker->verifyCoreSignature()); } - public function testVerifyCoreSignatureWithValidSignatureData() { - $this->environmentHelper - ->expects($this->once()) - ->method('getChannel') - ->willReturn('stable'); + public function testVerifyCoreSignatureWithValidSignatureData(): void { + $this->serverVersion + ->expects($this->once()) + ->method('getChannel') + ->willReturn('stable'); $this->config - ->expects($this->any()) - ->method('getSystemValue') - ->with('integrity.check.disabled', false) - ->willReturn(false); + ->expects($this->any()) + ->method('getSystemValueBool') + ->with('integrity.check.disabled', false) + ->willReturn(false); $this->environmentHelper - ->expects($this->any()) - ->method('getServerRoot') - ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/app/'); + ->expects($this->any()) + ->method('getServerRoot') + ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/app/'); $signatureDataFile = '{ "hashes": { "AnotherFile.txt": "1570ca9420e37629de4328f48c51da29840ddeaa03ae733da4bf1d854b8364f594aac560601270f9e1797ed4cd57c1aea87bf44cf4245295c94f2e935a2f0112", @@ -706,31 +666,24 @@ class CheckerTest extends TestCase { "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEvjCCAqagAwIBAgIUc\/0FxYrsgSs9rDxp03EJmbjN0NwwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIxMDMzM1oXDTE2MTEwMzIxMDMzM1owDzENMAsGA1UEAwwEY29yZTCCAiIwDQYJ\r\nKoZIhvcNAQEBBQADggIPADCCAgoCggIBALb6EgHpkAqZbO5vRO8XSh7G7XGWHw5s\r\niOf4RwPXR6SE9bWZEm\/b72SfWk\/\/J6AbrD8WiOzBuT\/ODy6k5T1arEdHO+Pux0W1\r\nMxYJJI4kH74KKgMpC0SB0Rt+8WrMqV1r3hhJ46df6Xr\/xolP3oD+eLbShPcblhdS\r\nVtkZEkoev8Sh6L2wDCeHDyPxzvj1w2dTdGVO9Kztn0xIlyfEBakqvBWtcxyi3Ln0\r\nklnxlMx3tPDUE4kqvpia9qNiB1AN2PV93eNr5\/2riAzIssMFSCarWCx0AKYb54+d\r\nxLpcYFyqPJ0ydBCkF78DD45RCZet6PNYkdzgbqlUWEGGomkuDoJbBg4wzgzO0D77\r\nH87KFhYW8tKFFvF1V3AHl\/sFQ9tDHaxM9Y0pZ2jPp\/ccdiqnmdkBxBDqsiRvHvVB\r\nCn6qpb4vWGFC7vHOBfYspmEL1zLlKXZv3ezMZEZw7O9ZvUP3VO\/wAtd2vUW8UFiq\r\ns2v1QnNLN6jNh51obcwmrBvWhJy9vQIdtIjQbDxqWTHh1zUSrw9wrlklCBZ\/zrM0\r\ni8nfCFwTxWRxp3H9KoECzO\/zS5R5KIS7s3\/wq\/w9T2Ie4rcecgXwDizwnn0C\/aKc\r\nbDIjujpL1s9HO05pcD\/V3wKcPZ1izymBkmMyIbL52iRVN5FTVHeZdXPpFuq+CTQJ\r\nQ238lC+A\/KOVAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBAGoKTnh8RfJV4sQItVC2\r\nAvfJagkrIqZ3iiQTUBQGTKBsTnAqE1H7QgUSV9vSd+8rgvHkyZsRjmtyR1e3A6Ji\r\noNCXUbExC\/0iCPUqdHZIVb+Lc\/vWuv4ByFMybGPydgtLoEUX2ZrKFWmcgZFDUSRd\r\n9Uj26vtUhCC4bU4jgu6hIrR9IuxOBLQUxGTRZyAcXvj7obqRAEZwFAKQgFpfpqTb\r\nH+kjcbZSaAlLVSF7vBc1syyI8RGYbqpwvtREqJtl5IEIwe6huEqJ3zPnlP2th\/55\r\ncf3Fovj6JJgbb9XFxrdnsOsDOu\/tpnaRWlvv5ib4+SzG5wWFT5UUEo4Wg2STQiiX\r\nuVSRQxK1LE1yg84bs3NZk9FSQh4B8vZVuRr5FaJsZZkwlFlhRO\/\/+TJtXRbyNgsf\r\noMRZGi8DLGU2SGEAHcRH\/QZHq\/XDUWVzdxrSBYcy7GSpT7UDVzGv1rEJUrn5veP1\r\n0KmauAqtiIaYRm4f6YBsn0INcZxzIPZ0p8qFtVZBPeHhvQtvOt0iXI\/XUxEWOa2F\r\nK2EqhErgMK\/N07U1JJJay5tYZRtvkGq46oP\/5kQG8hYST0MDK6VihJoPpvCmAm4E\r\npEYKQ96x6A4EH9Y9mZlYozH\/eqmxPbTK8n89\/p7Ydun4rI+B2iiLnY8REWWy6+UQ\r\nV204fGUkJqW5CrKy3P3XvY9X\r\n-----END CERTIFICATE-----" }'; $this->fileAccessHelper - ->expects($this->at(0)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/app//core/signature.json' - ) - ->willReturn($signatureDataFile); - $this->fileAccessHelper - ->expects($this->at(1)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/app//resources/codesigning/root.crt' - ) - ->willReturn(file_get_contents(__DIR__ .'/../../data/integritycheck/root.crt')); + ->expects($this->exactly(2)) + ->method('file_get_contents') + ->willReturnMap([ + [\OC::$SERVERROOT . '/tests/data/integritycheck/app//core/signature.json', $signatureDataFile], + [\OC::$SERVERROOT . '/tests/data/integritycheck/app//resources/codesigning/root.crt', file_get_contents(__DIR__ . '/../../data/integritycheck/root.crt')], + ]); $this->assertSame([], $this->checker->verifyCoreSignature()); } - public function testVerifyCoreSignatureWithValidModifiedHtaccessSignatureData() { - $this->environmentHelper + public function testVerifyCoreSignatureWithValidModifiedHtaccessSignatureData(): void { + $this->serverVersion ->expects($this->once()) ->method('getChannel') ->willReturn('stable'); $this->config ->expects($this->any()) - ->method('getSystemValue') + ->method('getSystemValueBool') ->with('integrity.check.disabled', false) ->willReturn(false); @@ -747,311 +700,90 @@ class CheckerTest extends TestCase { "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEvjCCAqagAwIBAgIUc\/0FxYrsgSs9rDxp03EJmbjN0NwwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIxMDMzM1oXDTE2MTEwMzIxMDMzM1owDzENMAsGA1UEAwwEY29yZTCCAiIwDQYJ\r\nKoZIhvcNAQEBBQADggIPADCCAgoCggIBALb6EgHpkAqZbO5vRO8XSh7G7XGWHw5s\r\niOf4RwPXR6SE9bWZEm\/b72SfWk\/\/J6AbrD8WiOzBuT\/ODy6k5T1arEdHO+Pux0W1\r\nMxYJJI4kH74KKgMpC0SB0Rt+8WrMqV1r3hhJ46df6Xr\/xolP3oD+eLbShPcblhdS\r\nVtkZEkoev8Sh6L2wDCeHDyPxzvj1w2dTdGVO9Kztn0xIlyfEBakqvBWtcxyi3Ln0\r\nklnxlMx3tPDUE4kqvpia9qNiB1AN2PV93eNr5\/2riAzIssMFSCarWCx0AKYb54+d\r\nxLpcYFyqPJ0ydBCkF78DD45RCZet6PNYkdzgbqlUWEGGomkuDoJbBg4wzgzO0D77\r\nH87KFhYW8tKFFvF1V3AHl\/sFQ9tDHaxM9Y0pZ2jPp\/ccdiqnmdkBxBDqsiRvHvVB\r\nCn6qpb4vWGFC7vHOBfYspmEL1zLlKXZv3ezMZEZw7O9ZvUP3VO\/wAtd2vUW8UFiq\r\ns2v1QnNLN6jNh51obcwmrBvWhJy9vQIdtIjQbDxqWTHh1zUSrw9wrlklCBZ\/zrM0\r\ni8nfCFwTxWRxp3H9KoECzO\/zS5R5KIS7s3\/wq\/w9T2Ie4rcecgXwDizwnn0C\/aKc\r\nbDIjujpL1s9HO05pcD\/V3wKcPZ1izymBkmMyIbL52iRVN5FTVHeZdXPpFuq+CTQJ\r\nQ238lC+A\/KOVAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBAGoKTnh8RfJV4sQItVC2\r\nAvfJagkrIqZ3iiQTUBQGTKBsTnAqE1H7QgUSV9vSd+8rgvHkyZsRjmtyR1e3A6Ji\r\noNCXUbExC\/0iCPUqdHZIVb+Lc\/vWuv4ByFMybGPydgtLoEUX2ZrKFWmcgZFDUSRd\r\n9Uj26vtUhCC4bU4jgu6hIrR9IuxOBLQUxGTRZyAcXvj7obqRAEZwFAKQgFpfpqTb\r\nH+kjcbZSaAlLVSF7vBc1syyI8RGYbqpwvtREqJtl5IEIwe6huEqJ3zPnlP2th\/55\r\ncf3Fovj6JJgbb9XFxrdnsOsDOu\/tpnaRWlvv5ib4+SzG5wWFT5UUEo4Wg2STQiiX\r\nuVSRQxK1LE1yg84bs3NZk9FSQh4B8vZVuRr5FaJsZZkwlFlhRO\/\/+TJtXRbyNgsf\r\noMRZGi8DLGU2SGEAHcRH\/QZHq\/XDUWVzdxrSBYcy7GSpT7UDVzGv1rEJUrn5veP1\r\n0KmauAqtiIaYRm4f6YBsn0INcZxzIPZ0p8qFtVZBPeHhvQtvOt0iXI\/XUxEWOa2F\r\nK2EqhErgMK\/N07U1JJJay5tYZRtvkGq46oP\/5kQG8hYST0MDK6VihJoPpvCmAm4E\r\npEYKQ96x6A4EH9Y9mZlYozH\/eqmxPbTK8n89\/p7Ydun4rI+B2iiLnY8REWWy6+UQ\r\nV204fGUkJqW5CrKy3P3XvY9X\r\n-----END CERTIFICATE-----" }'; $this->fileAccessHelper - ->expects($this->at(0)) + ->expects($this->exactly(2)) ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/htaccessWithValidModifiedContent/core/signature.json' - ) - ->willReturn($signatureDataFile); - $this->fileAccessHelper - ->expects($this->at(1)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/htaccessWithValidModifiedContent/resources/codesigning/root.crt' - ) - ->willReturn(file_get_contents(__DIR__ .'/../../data/integritycheck/root.crt')); + ->willReturnMap([ + [\OC::$SERVERROOT . '/tests/data/integritycheck/htaccessWithValidModifiedContent/core/signature.json', $signatureDataFile], + [\OC::$SERVERROOT . '/tests/data/integritycheck/htaccessWithValidModifiedContent/resources/codesigning/root.crt', file_get_contents(__DIR__ . '/../../data/integritycheck/root.crt')], + ]); $this->assertSame([], $this->checker->verifyCoreSignature()); } - public function testVerifyCoreSignatureWithModifiedMimetypelistSignatureData() { - $this->environmentHelper + /** + * See inline instruction on how to update the test assets when changing mimetypealiases.dist.json + */ + public function testVerifyCoreSignatureWithModifiedMimetypelistSignatureData(): void { + $shippedMimetypeAliases = (array)json_decode(file_get_contents(\OC::$SERVERROOT . '/resources/config/mimetypealiases.dist.json')); + $shippedMimetypeNames = (array)json_decode(file_get_contents(\OC::$SERVERROOT . '/resources/config/mimetypenames.dist.json')); + $allAliases = array_merge($shippedMimetypeAliases, ['my-custom/mimetype' => 'custom']); + $allMimetypeNames = array_merge($shippedMimetypeNames, ['my-custom/mimetype' => 'Custom Document']); + + $this->mimeTypeDetector + ->method('getOnlyDefaultAliases') + ->willReturn($shippedMimetypeAliases); + + $this->mimeTypeDetector + ->method('getAllAliases') + ->willReturn($allAliases); + + $this->mimeTypeDetector + ->method('getAllNamings') + ->willReturn($allMimetypeNames); + + $oldMimetypeList = new GenerateMimetypeFileBuilder(); + $all = $this->mimeTypeDetector->getAllAliases(); + $namings = $this->mimeTypeDetector->getAllNamings(); + $newFile = $oldMimetypeList->generateFile($all, $namings); + + // When updating the mimetype list the test assets need to be updated as well + // 1. Update core/js/mimetypelist.js with the new generated js by running the test with the next line uncommented: + // file_put_contents(\OC::$SERVERROOT . '/tests/data/integritycheck/mimetypeListModified/core/js/mimetypelist.js', $newFile); + // 2. Update signature.json using the following occ command: + // occ integrity:sign-core --privateKey=./tests/data/integritycheck/core.key --certificate=./tests/data/integritycheck/core.crt --path=./tests/data/integritycheck/mimetypeListModified + self::assertEquals($newFile, file_get_contents(\OC::$SERVERROOT . '/tests/data/integritycheck/mimetypeListModified/core/js/mimetypelist.js')); + + $this->serverVersion ->expects($this->once()) ->method('getChannel') ->willReturn('stable'); $this->config ->expects($this->any()) - ->method('getSystemValue') + ->method('getSystemValueBool') ->with('integrity.check.disabled', false) ->willReturn(false); - $this->mimeTypeDetector - ->expects($this->once()) - ->method('getOnlyDefaultAliases') - ->willReturn( - [ - '_comment' => 'Array of mimetype aliases.', - '_comment2' => 'Any changes you make here will be overwritten on an update of Nextcloud.', - '_comment3' => 'Put any custom mappings in a new file mimetypealiases.json in the config/ folder of Nextcloud', - '_comment4' => 'After any change to mimetypealiases.json run:', - '_comment5' => './occ maintenance:mimetype:update-js', - '_comment6' => 'Otherwise your update won\'t propagate through the system.', - 'application/coreldraw' => 'image', - 'application/epub+zip' => 'text', - 'application/font-sfnt' => 'image', - 'application/font-woff' => 'image', - 'application/gpx+xml' => 'location', - 'application/illustrator' => 'image', - 'application/javascript' => 'text/code', - 'application/json' => 'text/code', - 'application/msaccess' => 'file', - 'application/msexcel' => 'x-office/spreadsheet', - 'application/msonenote' => 'x-office/document', - 'application/mspowerpoint' => 'x-office/presentation', - 'application/msword' => 'x-office/document', - 'application/octet-stream' => 'file', - 'application/postscript' => 'image', - 'application/rss+xml' => 'application/xml', - 'application/vnd.android.package-archive' => 'package/x-generic', - 'application/vnd.lotus-wordpro' => 'x-office/document', - 'application/vnd.garmin.tcx+xml' => 'location', - 'application/vnd.google-earth.kml+xml' => 'location', - 'application/vnd.google-earth.kmz' => 'location', - 'application/vnd.ms-excel' => 'x-office/spreadsheet', - 'application/vnd.ms-excel.addin.macroEnabled.12' => 'x-office/spreadsheet', - 'application/vnd.ms-excel.sheet.binary.macroEnabled.12' => 'x-office/spreadsheet', - 'application/vnd.ms-excel.sheet.macroEnabled.12' => 'x-office/spreadsheet', - 'application/vnd.ms-excel.template.macroEnabled.12' => 'x-office/spreadsheet', - 'application/vnd.ms-fontobject' => 'image', - 'application/vnd.ms-powerpoint' => 'x-office/presentation', - 'application/vnd.ms-powerpoint.addin.macroEnabled.12' => 'x-office/presentation', - 'application/vnd.ms-powerpoint.presentation.macroEnabled.12' => 'x-office/presentation', - 'application/vnd.ms-powerpoint.slideshow.macroEnabled.12' => 'x-office/presentation', - 'application/vnd.ms-powerpoint.template.macroEnabled.12' => 'x-office/presentation', - 'application/vnd.ms-visio.drawing.macroEnabled.12' => 'application/vnd.visio', - 'application/vnd.ms-visio.drawing' => 'application/vnd.visio', - 'application/vnd.ms-visio.stencil.macroEnabled.12' => 'application/vnd.visio', - 'application/vnd.ms-visio.stencil' => 'application/vnd.visio', - 'application/vnd.ms-visio.template.macroEnabled.12' => 'application/vnd.visio', - 'application/vnd.ms-visio.template' => 'application/vnd.visio', - 'application/vnd.ms-word.document.macroEnabled.12' => 'x-office/document', - 'application/vnd.ms-word.template.macroEnabled.12' => 'x-office/document', - 'application/vnd.oasis.opendocument.presentation' => 'x-office/presentation', - 'application/vnd.oasis.opendocument.presentation-template' => 'x-office/presentation', - 'application/vnd.oasis.opendocument.spreadsheet' => 'x-office/spreadsheet', - 'application/vnd.oasis.opendocument.spreadsheet-template' => 'x-office/spreadsheet', - 'application/vnd.oasis.opendocument.text' => 'x-office/document', - 'application/vnd.oasis.opendocument.text-master' => 'x-office/document', - 'application/vnd.oasis.opendocument.text-template' => 'x-office/document', - 'application/vnd.oasis.opendocument.graphics' => 'x-office/drawing', - 'application/vnd.oasis.opendocument.graphics-template' => 'x-office/drawing', - 'application/vnd.oasis.opendocument.text-web' => 'x-office/document', - 'application/vnd.oasis.opendocument.text-flat-xml' => 'x-office/document', - 'application/vnd.oasis.opendocument.spreadsheet-flat-xml' => 'x-office/spreadsheet', - 'application/vnd.oasis.opendocument.graphics-flat-xml' => 'x-office/drawing', - 'application/vnd.oasis.opendocument.presentation-flat-xml' => 'x-office/presentation', - 'application/vnd.openxmlformats-officedocument.presentationml.presentation' => 'x-office/presentation', - 'application/vnd.openxmlformats-officedocument.presentationml.slideshow' => 'x-office/presentation', - 'application/vnd.openxmlformats-officedocument.presentationml.template' => 'x-office/presentation', - 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet' => 'x-office/spreadsheet', - 'application/vnd.openxmlformats-officedocument.spreadsheetml.template' => 'x-office/spreadsheet', - 'application/vnd.openxmlformats-officedocument.wordprocessingml.document' => 'x-office/document', - 'application/vnd.openxmlformats-officedocument.wordprocessingml.template' => 'x-office/document', - 'application/vnd.visio' => 'x-office/document', - 'application/vnd.wordperfect' => 'x-office/document', - 'application/x-7z-compressed' => 'package/x-generic', - 'application/x-bzip2' => 'package/x-generic', - 'application/x-cbr' => 'text', - 'application/x-compressed' => 'package/x-generic', - 'application/x-dcraw' => 'image', - 'application/x-deb' => 'package/x-generic', - 'application/x-fictionbook+xml' => 'text', - 'application/x-font' => 'image', - 'application/x-gimp' => 'image', - 'application/x-gzip' => 'package/x-generic', - 'application/x-iwork-keynote-sffkey' => 'x-office/presentation', - 'application/x-iwork-numbers-sffnumbers' => 'x-office/spreadsheet', - 'application/x-iwork-pages-sffpages' => 'x-office/document', - 'application/x-mobipocket-ebook' => 'text', - 'application/x-perl' => 'text/code', - 'application/x-photoshop' => 'image', - 'application/x-php' => 'text/code', - 'application/x-rar-compressed' => 'package/x-generic', - 'application/x-tar' => 'package/x-generic', - 'application/x-tex' => 'text', - 'application/xml' => 'text/html', - 'application/yaml' => 'text/code', - 'application/zip' => 'package/x-generic', - 'database' => 'file', - 'httpd/unix-directory' => 'dir', - 'text/css' => 'text/code', - 'text/csv' => 'x-office/spreadsheet', - 'text/html' => 'text/code', - 'text/x-c' => 'text/code', - 'text/x-c++src' => 'text/code', - 'text/x-h' => 'text/code', - 'text/x-java-source' => 'text/code', - 'text/x-ldif' => 'text/code', - 'text/x-python' => 'text/code', - 'text/x-shellscript' => 'text/code', - 'web' => 'text/code', - 'application/internet-shortcut' => 'link', - 'application/km' => 'mindmap', - 'application/x-freemind' => 'mindmap', - 'application/vnd.xmind.workbook' => 'mindmap' - ]); - - $this->mimeTypeDetector - ->expects($this->once()) - ->method('getAllAliases') - ->willReturn( - [ - '_comment' => 'Array of mimetype aliases.', - '_comment2' => 'Any changes you make here will be overwritten on an update of Nextcloud.', - '_comment3' => 'Put any custom mappings in a new file mimetypealiases.json in the config/ folder of Nextcloud', - '_comment4' => 'After any change to mimetypealiases.json run:', - '_comment5' => './occ maintenance:mimetype:update-js', - '_comment6' => 'Otherwise your update won\'t propagate through the system.', - 'application/coreldraw' => 'image', - 'application/test' => 'image', - 'application/epub+zip' => 'text', - 'application/font-sfnt' => 'image', - 'application/font-woff' => 'image', - 'application/gpx+xml' => 'location', - 'application/illustrator' => 'image', - 'application/javascript' => 'text/code', - 'application/json' => 'text/code', - 'application/msaccess' => 'file', - 'application/msexcel' => 'x-office/spreadsheet', - 'application/msonenote' => 'x-office/document', - 'application/mspowerpoint' => 'x-office/presentation', - 'application/msword' => 'x-office/document', - 'application/octet-stream' => 'file', - 'application/postscript' => 'image', - 'application/rss+xml' => 'application/xml', - 'application/vnd.android.package-archive' => 'package/x-generic', - 'application/vnd.lotus-wordpro' => 'x-office/document', - 'application/vnd.garmin.tcx+xml' => 'location', - 'application/vnd.google-earth.kml+xml' => 'location', - 'application/vnd.google-earth.kmz' => 'location', - 'application/vnd.ms-excel' => 'x-office/spreadsheet', - 'application/vnd.ms-excel.addin.macroEnabled.12' => 'x-office/spreadsheet', - 'application/vnd.ms-excel.sheet.binary.macroEnabled.12' => 'x-office/spreadsheet', - 'application/vnd.ms-excel.sheet.macroEnabled.12' => 'x-office/spreadsheet', - 'application/vnd.ms-excel.template.macroEnabled.12' => 'x-office/spreadsheet', - 'application/vnd.ms-fontobject' => 'image', - 'application/vnd.ms-powerpoint' => 'x-office/presentation', - 'application/vnd.ms-powerpoint.addin.macroEnabled.12' => 'x-office/presentation', - 'application/vnd.ms-powerpoint.presentation.macroEnabled.12' => 'x-office/presentation', - 'application/vnd.ms-powerpoint.slideshow.macroEnabled.12' => 'x-office/presentation', - 'application/vnd.ms-powerpoint.template.macroEnabled.12' => 'x-office/presentation', - 'application/vnd.ms-visio.drawing.macroEnabled.12' => 'application/vnd.visio', - 'application/vnd.ms-visio.drawing' => 'application/vnd.visio', - 'application/vnd.ms-visio.stencil.macroEnabled.12' => 'application/vnd.visio', - 'application/vnd.ms-visio.stencil' => 'application/vnd.visio', - 'application/vnd.ms-visio.template.macroEnabled.12' => 'application/vnd.visio', - 'application/vnd.ms-visio.template' => 'application/vnd.visio', - 'application/vnd.ms-word.document.macroEnabled.12' => 'x-office/document', - 'application/vnd.ms-word.template.macroEnabled.12' => 'x-office/document', - 'application/vnd.oasis.opendocument.presentation' => 'x-office/presentation', - 'application/vnd.oasis.opendocument.presentation-template' => 'x-office/presentation', - 'application/vnd.oasis.opendocument.spreadsheet' => 'x-office/spreadsheet', - 'application/vnd.oasis.opendocument.spreadsheet-template' => 'x-office/spreadsheet', - 'application/vnd.oasis.opendocument.text' => 'x-office/document', - 'application/vnd.oasis.opendocument.text-master' => 'x-office/document', - 'application/vnd.oasis.opendocument.text-template' => 'x-office/document', - 'application/vnd.oasis.opendocument.graphics' => 'x-office/drawing', - 'application/vnd.oasis.opendocument.graphics-template' => 'x-office/drawing', - 'application/vnd.oasis.opendocument.text-web' => 'x-office/document', - 'application/vnd.oasis.opendocument.text-flat-xml' => 'x-office/document', - 'application/vnd.oasis.opendocument.spreadsheet-flat-xml' => 'x-office/spreadsheet', - 'application/vnd.oasis.opendocument.graphics-flat-xml' => 'x-office/drawing', - 'application/vnd.oasis.opendocument.presentation-flat-xml' => 'x-office/presentation', - 'application/vnd.openxmlformats-officedocument.presentationml.presentation' => 'x-office/presentation', - 'application/vnd.openxmlformats-officedocument.presentationml.slideshow' => 'x-office/presentation', - 'application/vnd.openxmlformats-officedocument.presentationml.template' => 'x-office/presentation', - 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet' => 'x-office/spreadsheet', - 'application/vnd.openxmlformats-officedocument.spreadsheetml.template' => 'x-office/spreadsheet', - 'application/vnd.openxmlformats-officedocument.wordprocessingml.document' => 'x-office/document', - 'application/vnd.openxmlformats-officedocument.wordprocessingml.template' => 'x-office/document', - 'application/vnd.visio' => 'x-office/document', - 'application/vnd.wordperfect' => 'x-office/document', - 'application/x-7z-compressed' => 'package/x-generic', - 'application/x-bzip2' => 'package/x-generic', - 'application/x-cbr' => 'text', - 'application/x-compressed' => 'package/x-generic', - 'application/x-dcraw' => 'image', - 'application/x-deb' => 'package/x-generic', - 'application/x-fictionbook+xml' => 'text', - 'application/x-font' => 'image', - 'application/x-gimp' => 'image', - 'application/x-gzip' => 'package/x-generic', - 'application/x-iwork-keynote-sffkey' => 'x-office/presentation', - 'application/x-iwork-numbers-sffnumbers' => 'x-office/spreadsheet', - 'application/x-iwork-pages-sffpages' => 'x-office/document', - 'application/x-mobipocket-ebook' => 'text', - 'application/x-perl' => 'text/code', - 'application/x-photoshop' => 'image', - 'application/x-php' => 'text/code', - 'application/x-rar-compressed' => 'package/x-generic', - 'application/x-tar' => 'package/x-generic', - 'application/x-tex' => 'text', - 'application/xml' => 'text/html', - 'application/yaml' => 'text/code', - 'application/zip' => 'package/x-generic', - 'database' => 'file', - 'httpd/unix-directory' => 'dir', - 'text/css' => 'text/code', - 'text/csv' => 'x-office/spreadsheet', - 'text/html' => 'text/code', - 'text/x-c' => 'text/code', - 'text/x-c++src' => 'text/code', - 'text/x-h' => 'text/code', - 'text/x-java-source' => 'text/code', - 'text/x-ldif' => 'text/code', - 'text/x-python' => 'text/code', - 'text/x-shellscript' => 'text/code', - 'web' => 'text/code', - 'application/internet-shortcut' => 'link', - 'application/km' => 'mindmap', - 'application/x-freemind' => 'mindmap', - 'application/vnd.xmind.workbook' => 'mindmap' - ]); - $this->environmentHelper ->expects($this->any()) ->method('getServerRoot') ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/mimetypeListModified'); - $signatureDataFile = '{ - "hashes": { - "core\/js\/mimetypelist.js": "94195a260a005dac543c3f6aa504f1b28e0078297fe94a4f52f012c16c109f0323eecc9f767d6949f860dfe454625fcaf1dc56f87bb8350975d8f006bbbdf14a" - }, - "signature": "BYPMrU+2vzSOOjSFcRPsWphv0uXQ+Vu6yC7FL6V0iM4WXcAkTK1e5OjkHFqUBNIDxg0AWB14ogUFRGDr+Qh+AqDRaX1u2ST2BhO1mgVh4JaqVOhlnDgWg8NPRMaVqvMy6Rfmyj57D1vmDmbVGQmnaIxEot84mOx4MP6sgZIVOMEe2itlmNwp1ogG6t61wpj4dFe73tYPDePWh0j+TmW8a\/Ry67wIhWHHhSGWIhhYRi8NmfW0oLhL1tgze5+Oo4pvgIgJq47BOYGu4YnfY3w8PB\/sQ5bPIvd\/+CTt\/1RASoadEfLd0MjLFEVEAj3uVGMq1kv7gK4bisXrKJS\/dbCwM+iJQfVFIVjwzuPH1QLbvSEsVUkJKVM4iS4aKiIty5Q760ufuSkZUoZoBrJCy\/PfC6Dc9hmOg1gXiPA9Tzje7L\/V8b0ULmFdnZtITYjEXd52yhfB\/P6qsKOm3HM8bM\/qoL3ra7\/hwe\/dyEi45eJbrbw9lywWwK8Q+fY92o2PCQgVkPYgK0VUOxPMZ6CtBM5OOe9lkuUZzGzCl\/sWZzUiSiXQME\/CDmi2T\/cX65eXzPkFCv2503OKOGtY7fFgBOg2DGXz0\/SEubpeuhs3P+mc\/v\/TUbhJ3hOXD7OBWruTWLbJ4WZyNj4k\/NaXLi1ktbsIB5L19wAFrRLACzCD+ZkVSMs=", - "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEvjCCAqagAwIBAgIUc\/0FxYrsgSs9rDxp03EJmbjN0NwwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIxMDMzM1oXDTE2MTEwMzIxMDMzM1owDzENMAsGA1UEAwwEY29yZTCCAiIwDQYJ\r\nKoZIhvcNAQEBBQADggIPADCCAgoCggIBALb6EgHpkAqZbO5vRO8XSh7G7XGWHw5s\r\niOf4RwPXR6SE9bWZEm\/b72SfWk\/\/J6AbrD8WiOzBuT\/ODy6k5T1arEdHO+Pux0W1\r\nMxYJJI4kH74KKgMpC0SB0Rt+8WrMqV1r3hhJ46df6Xr\/xolP3oD+eLbShPcblhdS\r\nVtkZEkoev8Sh6L2wDCeHDyPxzvj1w2dTdGVO9Kztn0xIlyfEBakqvBWtcxyi3Ln0\r\nklnxlMx3tPDUE4kqvpia9qNiB1AN2PV93eNr5\/2riAzIssMFSCarWCx0AKYb54+d\r\nxLpcYFyqPJ0ydBCkF78DD45RCZet6PNYkdzgbqlUWEGGomkuDoJbBg4wzgzO0D77\r\nH87KFhYW8tKFFvF1V3AHl\/sFQ9tDHaxM9Y0pZ2jPp\/ccdiqnmdkBxBDqsiRvHvVB\r\nCn6qpb4vWGFC7vHOBfYspmEL1zLlKXZv3ezMZEZw7O9ZvUP3VO\/wAtd2vUW8UFiq\r\ns2v1QnNLN6jNh51obcwmrBvWhJy9vQIdtIjQbDxqWTHh1zUSrw9wrlklCBZ\/zrM0\r\ni8nfCFwTxWRxp3H9KoECzO\/zS5R5KIS7s3\/wq\/w9T2Ie4rcecgXwDizwnn0C\/aKc\r\nbDIjujpL1s9HO05pcD\/V3wKcPZ1izymBkmMyIbL52iRVN5FTVHeZdXPpFuq+CTQJ\r\nQ238lC+A\/KOVAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBAGoKTnh8RfJV4sQItVC2\r\nAvfJagkrIqZ3iiQTUBQGTKBsTnAqE1H7QgUSV9vSd+8rgvHkyZsRjmtyR1e3A6Ji\r\noNCXUbExC\/0iCPUqdHZIVb+Lc\/vWuv4ByFMybGPydgtLoEUX2ZrKFWmcgZFDUSRd\r\n9Uj26vtUhCC4bU4jgu6hIrR9IuxOBLQUxGTRZyAcXvj7obqRAEZwFAKQgFpfpqTb\r\nH+kjcbZSaAlLVSF7vBc1syyI8RGYbqpwvtREqJtl5IEIwe6huEqJ3zPnlP2th\/55\r\ncf3Fovj6JJgbb9XFxrdnsOsDOu\/tpnaRWlvv5ib4+SzG5wWFT5UUEo4Wg2STQiiX\r\nuVSRQxK1LE1yg84bs3NZk9FSQh4B8vZVuRr5FaJsZZkwlFlhRO\/\/+TJtXRbyNgsf\r\noMRZGi8DLGU2SGEAHcRH\/QZHq\/XDUWVzdxrSBYcy7GSpT7UDVzGv1rEJUrn5veP1\r\n0KmauAqtiIaYRm4f6YBsn0INcZxzIPZ0p8qFtVZBPeHhvQtvOt0iXI\/XUxEWOa2F\r\nK2EqhErgMK\/N07U1JJJay5tYZRtvkGq46oP\/5kQG8hYST0MDK6VihJoPpvCmAm4E\r\npEYKQ96x6A4EH9Y9mZlYozH\/eqmxPbTK8n89\/p7Ydun4rI+B2iiLnY8REWWy6+UQ\r\nV204fGUkJqW5CrKy3P3XvY9X\r\n-----END CERTIFICATE-----" -}'; - $this->fileAccessHelper - ->expects($this->at(0)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/mimetypeListModified/core/signature.json' - ) - ->willReturn($signatureDataFile); + + $signatureDataFile = file_get_contents(__DIR__ . '/../../data/integritycheck/mimetypeListModified/core/signature.json'); $this->fileAccessHelper - ->expects($this->at(1)) ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/mimetypeListModified/resources/codesigning/root.crt' - ) - ->willReturn(file_get_contents(__DIR__ .'/../../data/integritycheck/root.crt')); + ->willReturnMap([ + [\OC::$SERVERROOT . '/tests/data/integritycheck/mimetypeListModified/core/signature.json', $signatureDataFile], + [\OC::$SERVERROOT . '/tests/data/integritycheck/mimetypeListModified/resources/codesigning/root.crt', file_get_contents(__DIR__ . '/../../data/integritycheck/root.crt')], + ]); $this->assertSame([], $this->checker->verifyCoreSignature()); } - public function testVerifyCoreSignatureWithValidSignatureDataAndNotAlphabeticOrder() { - $this->environmentHelper - ->expects($this->once()) - ->method('getChannel') - ->willReturn('stable'); + public function testVerifyCoreSignatureWithValidSignatureDataAndNotAlphabeticOrder(): void { + $this->serverVersion + ->expects($this->once()) + ->method('getChannel') + ->willReturn('stable'); $this->config - ->expects($this->any()) - ->method('getSystemValue') - ->with('integrity.check.disabled', false) - ->willReturn(false); + ->expects($this->any()) + ->method('getSystemValueBool') + ->with('integrity.check.disabled', false) + ->willReturn(false); $this->environmentHelper - ->expects($this->any()) - ->method('getServerRoot') - ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/app/'); + ->expects($this->any()) + ->method('getServerRoot') + ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/app/'); $signatureDataFile = '{ "hashes": { "AnotherFile.txt": "1570ca9420e37629de4328f48c51da29840ddeaa03ae733da4bf1d854b8364f594aac560601270f9e1797ed4cd57c1aea87bf44cf4245295c94f2e935a2f0112", @@ -1061,38 +793,31 @@ class CheckerTest extends TestCase { "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEvjCCAqagAwIBAgIUc\/0FxYrsgSs9rDxp03EJmbjN0NwwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIxMDMzM1oXDTE2MTEwMzIxMDMzM1owDzENMAsGA1UEAwwEY29yZTCCAiIwDQYJ\r\nKoZIhvcNAQEBBQADggIPADCCAgoCggIBALb6EgHpkAqZbO5vRO8XSh7G7XGWHw5s\r\niOf4RwPXR6SE9bWZEm\/b72SfWk\/\/J6AbrD8WiOzBuT\/ODy6k5T1arEdHO+Pux0W1\r\nMxYJJI4kH74KKgMpC0SB0Rt+8WrMqV1r3hhJ46df6Xr\/xolP3oD+eLbShPcblhdS\r\nVtkZEkoev8Sh6L2wDCeHDyPxzvj1w2dTdGVO9Kztn0xIlyfEBakqvBWtcxyi3Ln0\r\nklnxlMx3tPDUE4kqvpia9qNiB1AN2PV93eNr5\/2riAzIssMFSCarWCx0AKYb54+d\r\nxLpcYFyqPJ0ydBCkF78DD45RCZet6PNYkdzgbqlUWEGGomkuDoJbBg4wzgzO0D77\r\nH87KFhYW8tKFFvF1V3AHl\/sFQ9tDHaxM9Y0pZ2jPp\/ccdiqnmdkBxBDqsiRvHvVB\r\nCn6qpb4vWGFC7vHOBfYspmEL1zLlKXZv3ezMZEZw7O9ZvUP3VO\/wAtd2vUW8UFiq\r\ns2v1QnNLN6jNh51obcwmrBvWhJy9vQIdtIjQbDxqWTHh1zUSrw9wrlklCBZ\/zrM0\r\ni8nfCFwTxWRxp3H9KoECzO\/zS5R5KIS7s3\/wq\/w9T2Ie4rcecgXwDizwnn0C\/aKc\r\nbDIjujpL1s9HO05pcD\/V3wKcPZ1izymBkmMyIbL52iRVN5FTVHeZdXPpFuq+CTQJ\r\nQ238lC+A\/KOVAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBAGoKTnh8RfJV4sQItVC2\r\nAvfJagkrIqZ3iiQTUBQGTKBsTnAqE1H7QgUSV9vSd+8rgvHkyZsRjmtyR1e3A6Ji\r\noNCXUbExC\/0iCPUqdHZIVb+Lc\/vWuv4ByFMybGPydgtLoEUX2ZrKFWmcgZFDUSRd\r\n9Uj26vtUhCC4bU4jgu6hIrR9IuxOBLQUxGTRZyAcXvj7obqRAEZwFAKQgFpfpqTb\r\nH+kjcbZSaAlLVSF7vBc1syyI8RGYbqpwvtREqJtl5IEIwe6huEqJ3zPnlP2th\/55\r\ncf3Fovj6JJgbb9XFxrdnsOsDOu\/tpnaRWlvv5ib4+SzG5wWFT5UUEo4Wg2STQiiX\r\nuVSRQxK1LE1yg84bs3NZk9FSQh4B8vZVuRr5FaJsZZkwlFlhRO\/\/+TJtXRbyNgsf\r\noMRZGi8DLGU2SGEAHcRH\/QZHq\/XDUWVzdxrSBYcy7GSpT7UDVzGv1rEJUrn5veP1\r\n0KmauAqtiIaYRm4f6YBsn0INcZxzIPZ0p8qFtVZBPeHhvQtvOt0iXI\/XUxEWOa2F\r\nK2EqhErgMK\/N07U1JJJay5tYZRtvkGq46oP\/5kQG8hYST0MDK6VihJoPpvCmAm4E\r\npEYKQ96x6A4EH9Y9mZlYozH\/eqmxPbTK8n89\/p7Ydun4rI+B2iiLnY8REWWy6+UQ\r\nV204fGUkJqW5CrKy3P3XvY9X\r\n-----END CERTIFICATE-----" }'; $this->fileAccessHelper - ->expects($this->at(0)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/app//core/signature.json' - ) - ->willReturn($signatureDataFile); - $this->fileAccessHelper - ->expects($this->at(1)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/app//resources/codesigning/root.crt' - ) - ->willReturn(file_get_contents(__DIR__ .'/../../data/integritycheck/root.crt')); + ->expects($this->exactly(2)) + ->method('file_get_contents') + ->willReturnMap([ + [\OC::$SERVERROOT . '/tests/data/integritycheck/app//core/signature.json', $signatureDataFile], + [\OC::$SERVERROOT . '/tests/data/integritycheck/app//resources/codesigning/root.crt', file_get_contents(__DIR__ . '/../../data/integritycheck/root.crt')], + ]); $this->assertSame([], $this->checker->verifyCoreSignature()); } - public function testVerifyCoreSignatureWithTamperedSignatureData() { - $this->environmentHelper - ->expects($this->once()) - ->method('getChannel') - ->willReturn('stable'); + public function testVerifyCoreSignatureWithTamperedSignatureData(): void { + $this->serverVersion + ->expects($this->once()) + ->method('getChannel') + ->willReturn('stable'); $this->config - ->expects($this->any()) - ->method('getSystemValue') - ->with('integrity.check.disabled', false) - ->willReturn(false); + ->expects($this->any()) + ->method('getSystemValueBool') + ->with('integrity.check.disabled', false) + ->willReturn(false); $this->environmentHelper - ->expects($this->any()) - ->method('getServerRoot') - ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData/'); + ->expects($this->any()) + ->method('getServerRoot') + ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData/'); $signatureDataFile = '{ "hashes": { "AnotherFile.txt": "tampered", @@ -1102,19 +827,12 @@ class CheckerTest extends TestCase { "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEvjCCAqagAwIBAgIUc\/0FxYrsgSs9rDxp03EJmbjN0NwwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIxMDMzM1oXDTE2MTEwMzIxMDMzM1owDzENMAsGA1UEAwwEY29yZTCCAiIwDQYJ\r\nKoZIhvcNAQEBBQADggIPADCCAgoCggIBALb6EgHpkAqZbO5vRO8XSh7G7XGWHw5s\r\niOf4RwPXR6SE9bWZEm\/b72SfWk\/\/J6AbrD8WiOzBuT\/ODy6k5T1arEdHO+Pux0W1\r\nMxYJJI4kH74KKgMpC0SB0Rt+8WrMqV1r3hhJ46df6Xr\/xolP3oD+eLbShPcblhdS\r\nVtkZEkoev8Sh6L2wDCeHDyPxzvj1w2dTdGVO9Kztn0xIlyfEBakqvBWtcxyi3Ln0\r\nklnxlMx3tPDUE4kqvpia9qNiB1AN2PV93eNr5\/2riAzIssMFSCarWCx0AKYb54+d\r\nxLpcYFyqPJ0ydBCkF78DD45RCZet6PNYkdzgbqlUWEGGomkuDoJbBg4wzgzO0D77\r\nH87KFhYW8tKFFvF1V3AHl\/sFQ9tDHaxM9Y0pZ2jPp\/ccdiqnmdkBxBDqsiRvHvVB\r\nCn6qpb4vWGFC7vHOBfYspmEL1zLlKXZv3ezMZEZw7O9ZvUP3VO\/wAtd2vUW8UFiq\r\ns2v1QnNLN6jNh51obcwmrBvWhJy9vQIdtIjQbDxqWTHh1zUSrw9wrlklCBZ\/zrM0\r\ni8nfCFwTxWRxp3H9KoECzO\/zS5R5KIS7s3\/wq\/w9T2Ie4rcecgXwDizwnn0C\/aKc\r\nbDIjujpL1s9HO05pcD\/V3wKcPZ1izymBkmMyIbL52iRVN5FTVHeZdXPpFuq+CTQJ\r\nQ238lC+A\/KOVAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBAGoKTnh8RfJV4sQItVC2\r\nAvfJagkrIqZ3iiQTUBQGTKBsTnAqE1H7QgUSV9vSd+8rgvHkyZsRjmtyR1e3A6Ji\r\noNCXUbExC\/0iCPUqdHZIVb+Lc\/vWuv4ByFMybGPydgtLoEUX2ZrKFWmcgZFDUSRd\r\n9Uj26vtUhCC4bU4jgu6hIrR9IuxOBLQUxGTRZyAcXvj7obqRAEZwFAKQgFpfpqTb\r\nH+kjcbZSaAlLVSF7vBc1syyI8RGYbqpwvtREqJtl5IEIwe6huEqJ3zPnlP2th\/55\r\ncf3Fovj6JJgbb9XFxrdnsOsDOu\/tpnaRWlvv5ib4+SzG5wWFT5UUEo4Wg2STQiiX\r\nuVSRQxK1LE1yg84bs3NZk9FSQh4B8vZVuRr5FaJsZZkwlFlhRO\/\/+TJtXRbyNgsf\r\noMRZGi8DLGU2SGEAHcRH\/QZHq\/XDUWVzdxrSBYcy7GSpT7UDVzGv1rEJUrn5veP1\r\n0KmauAqtiIaYRm4f6YBsn0INcZxzIPZ0p8qFtVZBPeHhvQtvOt0iXI\/XUxEWOa2F\r\nK2EqhErgMK\/N07U1JJJay5tYZRtvkGq46oP\/5kQG8hYST0MDK6VihJoPpvCmAm4E\r\npEYKQ96x6A4EH9Y9mZlYozH\/eqmxPbTK8n89\/p7Ydun4rI+B2iiLnY8REWWy6+UQ\r\nV204fGUkJqW5CrKy3P3XvY9X\r\n-----END CERTIFICATE-----" }'; $this->fileAccessHelper - ->expects($this->at(0)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData//core/signature.json' - ) - ->willReturn($signatureDataFile); - $this->fileAccessHelper - ->expects($this->at(1)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData//resources/codesigning/root.crt' - ) - ->willReturn(file_get_contents(__DIR__ .'/../../data/integritycheck/root.crt')); + ->expects($this->exactly(2)) + ->method('file_get_contents') + ->willReturnMap([ + [\OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData//core/signature.json', $signatureDataFile], + [\OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData//resources/codesigning/root.crt', file_get_contents(__DIR__ . '/../../data/integritycheck/root.crt')], + ]); $expected = [ 'EXCEPTION' => [ @@ -1125,21 +843,21 @@ class CheckerTest extends TestCase { $this->assertSame($expected, $this->checker->verifyCoreSignature()); } - public function testVerifyCoreSignatureWithTamperedFiles() { - $this->environmentHelper - ->expects($this->once()) - ->method('getChannel') - ->willReturn('stable'); + public function testVerifyCoreSignatureWithTamperedFiles(): void { + $this->serverVersion + ->expects($this->once()) + ->method('getChannel') + ->willReturn('stable'); $this->config - ->expects($this->any()) - ->method('getSystemValue') - ->with('integrity.check.disabled', false) - ->willReturn(false); + ->expects($this->any()) + ->method('getSystemValueBool') + ->with('integrity.check.disabled', false) + ->willReturn(false); $this->environmentHelper - ->expects($this->any()) - ->method('getServerRoot') - ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData/'); + ->expects($this->any()) + ->method('getServerRoot') + ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData/'); $signatureDataFile = '{ "hashes": { "AnotherFile.txt": "1570ca9420e37629de4328f48c51da29840ddeaa03ae733da4bf1d854b8364f594aac560601270f9e1797ed4cd57c1aea87bf44cf4245295c94f2e935a2f0112", @@ -1149,19 +867,12 @@ class CheckerTest extends TestCase { "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEvjCCAqagAwIBAgIUc\/0FxYrsgSs9rDxp03EJmbjN0NwwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIxMDMzM1oXDTE2MTEwMzIxMDMzM1owDzENMAsGA1UEAwwEY29yZTCCAiIwDQYJ\r\nKoZIhvcNAQEBBQADggIPADCCAgoCggIBALb6EgHpkAqZbO5vRO8XSh7G7XGWHw5s\r\niOf4RwPXR6SE9bWZEm\/b72SfWk\/\/J6AbrD8WiOzBuT\/ODy6k5T1arEdHO+Pux0W1\r\nMxYJJI4kH74KKgMpC0SB0Rt+8WrMqV1r3hhJ46df6Xr\/xolP3oD+eLbShPcblhdS\r\nVtkZEkoev8Sh6L2wDCeHDyPxzvj1w2dTdGVO9Kztn0xIlyfEBakqvBWtcxyi3Ln0\r\nklnxlMx3tPDUE4kqvpia9qNiB1AN2PV93eNr5\/2riAzIssMFSCarWCx0AKYb54+d\r\nxLpcYFyqPJ0ydBCkF78DD45RCZet6PNYkdzgbqlUWEGGomkuDoJbBg4wzgzO0D77\r\nH87KFhYW8tKFFvF1V3AHl\/sFQ9tDHaxM9Y0pZ2jPp\/ccdiqnmdkBxBDqsiRvHvVB\r\nCn6qpb4vWGFC7vHOBfYspmEL1zLlKXZv3ezMZEZw7O9ZvUP3VO\/wAtd2vUW8UFiq\r\ns2v1QnNLN6jNh51obcwmrBvWhJy9vQIdtIjQbDxqWTHh1zUSrw9wrlklCBZ\/zrM0\r\ni8nfCFwTxWRxp3H9KoECzO\/zS5R5KIS7s3\/wq\/w9T2Ie4rcecgXwDizwnn0C\/aKc\r\nbDIjujpL1s9HO05pcD\/V3wKcPZ1izymBkmMyIbL52iRVN5FTVHeZdXPpFuq+CTQJ\r\nQ238lC+A\/KOVAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBAGoKTnh8RfJV4sQItVC2\r\nAvfJagkrIqZ3iiQTUBQGTKBsTnAqE1H7QgUSV9vSd+8rgvHkyZsRjmtyR1e3A6Ji\r\noNCXUbExC\/0iCPUqdHZIVb+Lc\/vWuv4ByFMybGPydgtLoEUX2ZrKFWmcgZFDUSRd\r\n9Uj26vtUhCC4bU4jgu6hIrR9IuxOBLQUxGTRZyAcXvj7obqRAEZwFAKQgFpfpqTb\r\nH+kjcbZSaAlLVSF7vBc1syyI8RGYbqpwvtREqJtl5IEIwe6huEqJ3zPnlP2th\/55\r\ncf3Fovj6JJgbb9XFxrdnsOsDOu\/tpnaRWlvv5ib4+SzG5wWFT5UUEo4Wg2STQiiX\r\nuVSRQxK1LE1yg84bs3NZk9FSQh4B8vZVuRr5FaJsZZkwlFlhRO\/\/+TJtXRbyNgsf\r\noMRZGi8DLGU2SGEAHcRH\/QZHq\/XDUWVzdxrSBYcy7GSpT7UDVzGv1rEJUrn5veP1\r\n0KmauAqtiIaYRm4f6YBsn0INcZxzIPZ0p8qFtVZBPeHhvQtvOt0iXI\/XUxEWOa2F\r\nK2EqhErgMK\/N07U1JJJay5tYZRtvkGq46oP\/5kQG8hYST0MDK6VihJoPpvCmAm4E\r\npEYKQ96x6A4EH9Y9mZlYozH\/eqmxPbTK8n89\/p7Ydun4rI+B2iiLnY8REWWy6+UQ\r\nV204fGUkJqW5CrKy3P3XvY9X\r\n-----END CERTIFICATE-----" }'; $this->fileAccessHelper - ->expects($this->at(0)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData//core/signature.json' - ) - ->willReturn($signatureDataFile); - $this->fileAccessHelper - ->expects($this->at(1)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData//resources/codesigning/root.crt' - ) - ->willReturn(file_get_contents(__DIR__ .'/../../data/integritycheck/root.crt')); + ->expects($this->exactly(2)) + ->method('file_get_contents') + ->willReturnMap([ + [\OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData//core/signature.json', $signatureDataFile], + [\OC::$SERVERROOT . '/tests/data/integritycheck/appWithInvalidData//resources/codesigning/root.crt', file_get_contents(__DIR__ . '/../../data/integritycheck/root.crt')], + ]); $expected = [ 'INVALID_HASH' => [ @@ -1187,21 +898,21 @@ class CheckerTest extends TestCase { $this->assertSame($expected, $this->checker->verifyCoreSignature()); } - public function testVerifyCoreWithInvalidCertificate() { - $this->environmentHelper - ->expects($this->once()) - ->method('getChannel') - ->willReturn('stable'); + public function testVerifyCoreWithInvalidCertificate(): void { + $this->serverVersion + ->expects($this->once()) + ->method('getChannel') + ->willReturn('stable'); $this->config - ->expects($this->any()) - ->method('getSystemValue') - ->with('integrity.check.disabled', false) - ->willReturn(false); + ->expects($this->any()) + ->method('getSystemValueBool') + ->with('integrity.check.disabled', false) + ->willReturn(false); $this->environmentHelper - ->expects($this->any()) - ->method('getServerRoot') - ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/app/'); + ->expects($this->any()) + ->method('getServerRoot') + ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/app/'); $signatureDataFile = '{ "hashes": { "AnotherFile.txt": "1570ca9420e37629de4328f48c51da29840ddeaa03ae733da4bf1d854b8364f594aac560601270f9e1797ed4cd57c1aea87bf44cf4245295c94f2e935a2f0112", @@ -1211,19 +922,12 @@ class CheckerTest extends TestCase { "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEvjCCAqagAwIBAgIUPYoweUxCPqbDW4ntuh7QvgyqSrgwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIyNDIwNloXDTE2MTEwMzIyNDIwNlowDzENMAsGA1UEAwwEY29yZTCCAiIwDQYJ\r\nKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJui3nDbjOIjxNnthdBZplphujsN6u8K\r\nQ\/62zAuSwzXVp0+3IMgM\/2sepklVE8YfCyVJ5+SUJqnqHoUWVRVfs8jL0wW6nrHM\r\n\/lsscAguWCee4iAdNOqI9kq4+DUau8J45e62XA9mrAo\/8\/NKzFE2y2WduDoQZcm+\r\n8+dwcUUHXw2jl8dfrmvEMYSqTNDdb4rGmQpeV+dr9BLqr+x03U1Q08qCG9j7mSOz\r\ncvJENjOvC5uzAh5LCuCgxqG4o+mPzB0FtNnwoRRu6IsF3Y3KacRqPc30fB\/iXDn5\r\nBPr14uNxTTYWoZJ1F0tZrLzRbXdjJJOC+dnQurTtXWZ8WjPB1BWQYK7fW6t82mkN\r\n2Qe2xen99gs9nX5yY\/sHM3TKSJdM7AVCEv\/emW3gNjkvWTtRlN\/Nc7X2ckNwXcvo\r\n0yi3fSPjzXpDgLbhp1FzrMlHDn1VzmRT3r8wLByWa\/hsxrJDsBzwunMJYhXhmeKb\r\n3wX0tN\/EUJTWBntpwVOIGnRPD51oBoQUOMaEAq\/kz8PgN181bWZkJbRuf+FWkijQ\r\no+HR2lVF1jWXXst5Uc+s9HN81Uly7X4O9MMg0QxT4+wymtGDs6AOkwMi9rgBTrRB\r\n3tLU3XL2UIwRXgmd8cPtTu\/I6Bm7LdyaYtZ3yJTxRewq3nZdWypqBhD8uhpIYVkf\r\no4bxmGkVAQVTAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBAKKAX5EHgU1grODnJ0of\r\nspFpgB1K67YvclNUyuU6NQ6zBJx1\/w1RnM7uxLcxiiWj1BbUhwZQ0ojmEHeUyi6O\r\nGrDVajwhTccDMmja3u5adhEncx65\/H+lD85IPRRkS2qBDssMDdJHhZ0uI+40nI7M\r\nMq1kFjl+6wiuqZXqps66DuLbk45g\/ZlrFIrIo3Ix5vj0OVqwT+gO4LYirJK6KgVS\r\nUttbcEsc\/yKU9ThnM8\/n4m2jstZXfzKPgOsJrQcZrFOtpj+CWmBzVElBSPlDT3Nh\r\nHSgOeTFJ8bQBxj2iG5dLA+JZJQKxyJ1gy2ZtxIJ2GyvLtSe8NUSqvfPWOaAKEUV2\r\ngniytnEFLr+PcD+9EGux6jZNuj6HmtWVThTfD5VGFmtlVU2z71ZRYY0kn6J3mmFc\r\nS2ecEcCUwqG5YNLncEUCyZhC2klWql2SHyGctCEyWWY7ikIDjVzYt2EbcFvLNBnP\r\ntybN1TYHRRZxlug00CCoOE9EZfk46FkZpDvU6KmqJRofkNZ5sj+SffyGcwYwNrDH\r\nKqe8m+9lHf3CRTIDeMu8r2xl1I6M6ZZfjabbmVP9Jd6WN4s6f1FlXDWzhlT1N0Qw\r\nGzJj6xB+SPtS3UV05tBlvbfA4e06D5G9uD7Q8ONcINtMS0xsSJ2oo82AqlpvlF\/q\r\noj7YKHsaTVGA+FxBktZHfoxD\r\n-----END CERTIFICATE-----" }'; $this->fileAccessHelper - ->expects($this->at(0)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/app//core/signature.json' - ) - ->willReturn($signatureDataFile); - $this->fileAccessHelper - ->expects($this->at(1)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/app//resources/codesigning/root.crt' - ) - ->willReturn(file_get_contents(__DIR__ .'/../../data/integritycheck/root.crt')); + ->expects($this->exactly(2)) + ->method('file_get_contents') + ->willReturnMap([ + [\OC::$SERVERROOT . '/tests/data/integritycheck/app//core/signature.json', $signatureDataFile], + [\OC::$SERVERROOT . '/tests/data/integritycheck/app//resources/codesigning/root.crt', file_get_contents(__DIR__ . '/../../data/integritycheck/root.crt')], + ]); $expected = [ 'EXCEPTION' => [ @@ -1234,21 +938,21 @@ class CheckerTest extends TestCase { $this->assertSame($expected, $this->checker->verifyCoreSignature()); } - public function testVerifyCoreWithDifferentScope() { - $this->environmentHelper - ->expects($this->once()) - ->method('getChannel') - ->willReturn('stable'); + public function testVerifyCoreWithDifferentScope(): void { + $this->serverVersion + ->expects($this->once()) + ->method('getChannel') + ->willReturn('stable'); $this->config - ->expects($this->any()) - ->method('getSystemValue') - ->with('integrity.check.disabled', false) - ->willReturn(false); + ->expects($this->any()) + ->method('getSystemValueBool') + ->with('integrity.check.disabled', false) + ->willReturn(false); $this->environmentHelper - ->expects($this->any()) - ->method('getServerRoot') - ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/app/'); + ->expects($this->any()) + ->method('getServerRoot') + ->willReturn(\OC::$SERVERROOT . '/tests/data/integritycheck/app/'); $signatureDataFile = '{ "hashes": { "AnotherFile.txt": "1570ca9420e37629de4328f48c51da29840ddeaa03ae733da4bf1d854b8364f594aac560601270f9e1797ed4cd57c1aea87bf44cf4245295c94f2e935a2f0112", @@ -1258,19 +962,12 @@ class CheckerTest extends TestCase { "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIEwTCCAqmgAwIBAgIUWv0iujufs5lUr0svCf\/qTQvoyKAwDQYJKoZIhvcNAQEF\r\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTEw\r\nMzIyNDk1M1oXDTE2MTEwMzIyNDk1M1owEjEQMA4GA1UEAwwHU29tZUFwcDCCAiIw\r\nDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK8q0x62agGSRBqeWsaeEwFfepMk\r\nF8cAobMMi50qHCv9IrOn\/ZH9l52xBrbIkErVmRjmly0d4JhD8Ymhidsh9ONKYl\/j\r\n+ishsZDM8eNNdp3Ew+fEYVvY1W7mR1qU24NWj0bzVsClI7hvPVIuw7AjfBDq1C5+\r\nA+ZSLSXYvOK2cEWjdxQfuNZwEZSjmA63DUllBIrm35IaTvfuyhU6BW9yHZxmb8+M\r\nw0xDv30D5UkE\/2N7Pa\/HQJLxCR+3zKibRK3nUyRDLSXxMkU9PnFNaPNX59VPgyj4\r\nGB1CFSToldJVPF4pzh7p36uGXZVxs8m3LFD4Ol8mhi7jkxDZjqFN46gzR0r23Py6\r\ndol9vfawGIoUwp9LvL0S7MvdRY0oazLXwClLP4OQ17zpSMAiCj7fgNT661JamPGj\r\nt5O7Zn2wA7I4ddDS\/HDTWCu98Zwc9fHIpsJPgCZ9awoqxi4Mnf7Pk9g5nnXhszGC\r\ncxxIASQKM+GhdzoRxKknax2RzUCwCzcPRtCj8AQT\/x\/mqN3PfRmlnFBNACUw9bpZ\r\nSOoNq2pCF9igftDWpSIXQ38pVpKLWowjjg3DVRmVKBgivHnUnVLyzYBahHPj0vaz\r\ntFtUFRaqXDnt+4qyUGyrT5h5pjZaTcHIcSB4PiarYwdVvgslgwnQzOUcGAzRWBD4\r\n6jV2brP5vFY3g6iPAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBACTY3CCHC+Z28gCf\r\nFWGKQ3wAKs+k4+0yoti0qm2EKX7rSGQ0PHSas6uW79WstC4Rj+DYkDtIhGMSg8FS\r\nHVGZHGBCc0HwdX+BOAt3zi4p7Sf3oQef70\/4imPoKxbAVCpd\/cveVcFyDC19j1yB\r\nBapwu87oh+muoeaZxOlqQI4UxjBlR\/uRSMhOn2UGauIr3dWJgAF4pGt7TtIzt+1v\r\n0uA6FtN1Y4R5O8AaJPh1bIG0CVvFBE58esGzjEYLhOydgKFnEP94kVPgJD5ds9C3\r\npPhEpo1dRpiXaF7WGIV1X6DI\/ipWvfrF7CEy6I\/kP1InY\/vMDjQjeDnJ\/VrXIWXO\r\nyZvHXVaN\/m+1RlETsH7YO\/QmxRue9ZHN3gvvWtmpCeA95sfpepOk7UcHxHZYyQbF\r\n49\/au8j+5tsr4A83xzsT1JbcKRxkAaQ7WDJpOnE5O1+H0fB+BaLakTg6XX9d4Fo7\r\n7Gin7hVWX7pL+JIyxMzME3LhfI61+CRcqZQIrpyaafUziPQbWIPfEs7h8tCOWyvW\r\nUO8ZLervYCB3j44ivkrxPlcBklDCqqKKBzDP9dYOtS\/P4RB1NkHA9+NTvmBpTonS\r\nSFXdg9fFMD7VfjDE3Vnk+8DWkVH5wBYowTAD7w9Wuzr7DumiAULexnP\/Y7xwxLv7\r\n4B+pXTAcRK0zECDEaX3npS8xWzrB\r\n-----END CERTIFICATE-----" }'; $this->fileAccessHelper - ->expects($this->at(0)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/app//core/signature.json' - ) - ->willReturn($signatureDataFile); - $this->fileAccessHelper - ->expects($this->at(1)) - ->method('file_get_contents') - ->with( - \OC::$SERVERROOT . '/tests/data/integritycheck/app//resources/codesigning/root.crt' - ) - ->willReturn(file_get_contents(__DIR__ .'/../../data/integritycheck/root.crt')); + ->expects($this->exactly(2)) + ->method('file_get_contents') + ->willReturnMap([ + [\OC::$SERVERROOT . '/tests/data/integritycheck/app//core/signature.json', $signatureDataFile], + [\OC::$SERVERROOT . '/tests/data/integritycheck/app//resources/codesigning/root.crt', file_get_contents(__DIR__ . '/../../data/integritycheck/root.crt')], + ]); $expected = [ 'EXCEPTION' => [ @@ -1281,29 +978,31 @@ class CheckerTest extends TestCase { $this->assertSame($expected, $this->checker->verifyCoreSignature()); } - public function testRunInstanceVerification() { + public function testRunInstanceVerification(): void { $this->checker = $this->getMockBuilder('\OC\IntegrityCheck\Checker') ->setConstructorArgs([ + $this->serverVersion, $this->environmentHelper, $this->fileAccessHelper, $this->appLocator, $this->config, + $this->appConfig, $this->cacheFactory, $this->appManager, $this->mimeTypeDetector, ]) - ->setMethods([ + ->onlyMethods([ 'verifyCoreSignature', 'verifyAppSignature', ]) ->getMock(); $this->checker - ->expects($this->at(0)) + ->expects($this->once()) ->method('verifyCoreSignature'); - $this->appLocator - ->expects($this->at(0)) - ->method('getAllApps') + $this->appManager + ->expects($this->once()) + ->method('getAllAppsInAppsFolders') ->willReturn([ 'files', 'calendar', @@ -1311,84 +1010,66 @@ class CheckerTest extends TestCase { 'dav', ]); $this->appManager - ->expects($this->at(0)) + ->expects($this->exactly(4)) ->method('isShipped') - ->with('files') - ->willReturn(true); + ->willReturnMap([ + ['files', true], + ['calendar', false], + ['contacts', false], + ['dav', true], + ]); + + $calls = [ + 'files', + 'calendar', + 'dav', + ]; $this->checker - ->expects($this->at(1)) + ->expects($this->exactly(3)) ->method('verifyAppSignature') - ->with('files'); - $this->appManager - ->expects($this->at(1)) - ->method('isShipped') - ->with('calendar') - ->willReturn(false); + ->willReturnCallback(function ($app) use (&$calls) { + $expected = array_shift($calls); + $this->assertSame($expected, $app); + return []; + }); $this->appLocator - ->expects($this->at(1)) + ->expects($this->exactly(2)) ->method('getAppPath') - ->with('calendar') - ->willReturn('/apps/calendar'); + ->willReturnMap([ + ['calendar', '/apps/calendar'], + ['contacts', '/apps/contacts'], + ]); $this->fileAccessHelper - ->expects($this->at(0)) + ->expects($this->exactly(2)) ->method('file_exists') - ->with('/apps/calendar/appinfo/signature.json') - ->willReturn(true); - $this->checker - ->expects($this->at(2)) - ->method('verifyAppSignature') - ->with('calendar'); - $this->appManager - ->expects($this->at(2)) - ->method('isShipped') - ->with('contacts') - ->willReturn(false); - $this->appLocator - ->expects($this->at(2)) - ->method('getAppPath') - ->with('contacts') - ->willReturn('/apps/contacts'); - $this->fileAccessHelper - ->expects($this->at(1)) - ->method('file_exists') - ->with('/apps/contacts/appinfo/signature.json') - ->willReturn(false); - $this->appManager - ->expects($this->at(3)) - ->method('isShipped') - ->with('dav') - ->willReturn(true); - $this->checker - ->expects($this->at(3)) - ->method('verifyAppSignature') - ->with('dav'); - $this->config + ->willReturnMap([ + ['/apps/calendar/appinfo/signature.json', true], + ['/apps/contacts/appinfo/signature.json', false], + ]); + $this->appConfig ->expects($this->once()) - ->method('deleteAppValue') + ->method('deleteKey') ->with('core', 'oc.integritycheck.checker'); $this->checker->runInstanceVerification(); } - public function testVerifyAppSignatureWithoutSignatureDataAndCodeCheckerDisabled() { - $this->environmentHelper - ->expects($this->once()) - ->method('getChannel') - ->willReturn('stable'); + public function testVerifyAppSignatureWithoutSignatureDataAndCodeCheckerDisabled(): void { + $this->serverVersion + ->expects($this->once()) + ->method('getChannel') + ->willReturn('stable'); $this->config - ->expects($this->any()) - ->method('getSystemValue') - ->with('integrity.check.disabled', false) - ->willReturn(true); + ->expects($this->any()) + ->method('getSystemValueBool') + ->with('integrity.check.disabled', false) + ->willReturn(true); $expected = []; $this->assertSame($expected, $this->checker->verifyAppSignature('SomeApp')); } - /** - * @return array - */ - public function channelDataProvider() { + public static function channelDataProvider(): array { return [ ['stable', true], ['git', false], @@ -1398,16 +1079,16 @@ class CheckerTest extends TestCase { /** * @param string $channel * @param bool $isCodeSigningEnforced - * @dataProvider channelDataProvider */ - public function testIsCodeCheckEnforced($channel, $isCodeSigningEnforced) { - $this->environmentHelper + #[\PHPUnit\Framework\Attributes\DataProvider('channelDataProvider')] + public function testIsCodeCheckEnforced($channel, $isCodeSigningEnforced): void { + $this->serverVersion ->expects($this->once()) ->method('getChannel') ->willReturn($channel); $this->config ->expects($this->any()) - ->method('getSystemValue') + ->method('getSystemValueBool') ->with('integrity.check.disabled', false) ->willReturn(false); @@ -1416,18 +1097,18 @@ class CheckerTest extends TestCase { /** * @param string $channel - * @dataProvider channelDataProvider */ - public function testIsCodeCheckEnforcedWithDisabledConfigSwitch($channel) { - $this->environmentHelper - ->expects($this->once()) - ->method('getChannel') - ->willReturn($channel); + #[\PHPUnit\Framework\Attributes\DataProvider('channelDataProvider')] + public function testIsCodeCheckEnforcedWithDisabledConfigSwitch($channel): void { + $this->serverVersion + ->expects($this->once()) + ->method('getChannel') + ->willReturn($channel); $this->config - ->expects($this->any()) - ->method('getSystemValue') - ->with('integrity.check.disabled', false) - ->willReturn(true); + ->expects($this->any()) + ->method('getSystemValueBool') + ->with('integrity.check.disabled', false) + ->willReturn(true); $this->assertFalse(self::invokePrivate($this->checker, 'isCodeCheckEnforced')); } |