From c56fb905d1a300b2fe6c011848ea520031ea0df1 Mon Sep 17 00:00:00 2001 From: Sam Tuke Date: Wed, 5 Dec 2012 18:57:44 +0000 Subject: Development snapshot Read/write interoperability working through web UI and WebDAV New class Session for handling session data A few new unit tests Some additional unit tests are now failing, esp. legacy enc related ones --- apps/files_encryption/lib/session.php | 66 +++++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) create mode 100644 apps/files_encryption/lib/session.php (limited to 'apps/files_encryption/lib/session.php') diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php new file mode 100644 index 00000000000..946e5a6eddd --- /dev/null +++ b/apps/files_encryption/lib/session.php @@ -0,0 +1,66 @@ +. + * + */ + +namespace OCA\Encryption; + +/** + * Class for handling encryption related session data + */ + +class Session { + + /** + * @brief Sets user id for session and triggers emit + * @return bool + * + */ + public static function setPrivateKey( $privateKey, $userId ) { + + $_SESSION['privateKey'] = $privateKey; + + return true; + + } + + /** + * @brief Gets user id for session and triggers emit + * @returns string $privateKey The user's plaintext private key + * + */ + public static function getPrivateKey( $userId ) { + + if ( + isset( $_SESSION['privateKey'] ) + && !empty( $_SESSION['privateKey'] ) + ) { + + return $_SESSION['privateKey']; + + } else { + + return false; + + } + + } + +} \ No newline at end of file -- cgit v1.2.3 From b66d38ecae3a2e7914520a90c5ef01cbc1432c10 Mon Sep 17 00:00:00 2001 From: Sam Tuke Date: Tue, 11 Dec 2012 15:10:39 +0000 Subject: Revert "Development snapshot" This reverts commit c56fb905d1a300b2fe6c011848ea520031ea0df1. --- apps/files_encryption/appinfo/app.php | 9 +---- apps/files_encryption/hooks/hooks.php | 10 ++--- apps/files_encryption/lib/crypt.php | 25 ++++++------ apps/files_encryption/lib/keymanager.php | 20 ++-------- apps/files_encryption/lib/proxy.php | 27 ++++--------- apps/files_encryption/lib/session.php | 66 ------------------------------- apps/files_encryption/lib/stream.php | 54 +++++++------------------ apps/files_encryption/lib/util.php | 4 +- apps/files_encryption/tests/crypt.php | 67 ++++++++++++-------------------- apps/files_encryption/tests/proxy.php | 19 +++------ 10 files changed, 74 insertions(+), 227 deletions(-) delete mode 100644 apps/files_encryption/lib/session.php (limited to 'apps/files_encryption/lib/session.php') diff --git a/apps/files_encryption/appinfo/app.php b/apps/files_encryption/appinfo/app.php index 6c082b1938c..45f43d70ff0 100644 --- a/apps/files_encryption/appinfo/app.php +++ b/apps/files_encryption/appinfo/app.php @@ -6,7 +6,6 @@ OC::$CLASSPATH['OCA\Encryption\Util'] = 'apps/files_encryption/lib/util.php'; OC::$CLASSPATH['OCA\Encryption\Keymanager'] = 'apps/files_encryption/lib/keymanager.php'; OC::$CLASSPATH['OCA\Encryption\Stream'] = 'apps/files_encryption/lib/stream.php'; OC::$CLASSPATH['OCA\Encryption\Proxy'] = 'apps/files_encryption/lib/proxy.php'; -OC::$CLASSPATH['OCA\Encryption\Session'] = 'apps/files_encryption/lib/session.php'; OC_FileProxy::register(new OCA\Encryption\Proxy()); @@ -16,13 +15,7 @@ OCP\Util::connectHook('OC_User','post_setPassword','OCA\Encryption\Hooks','setPa stream_wrapper_register( 'crypt', 'OCA\Encryption\Stream'); -$session = new OCA\Encryption\Session(); - -if ( -! $session->getPrivateKey( \OCP\USER::getUser() ) -&& OCP\User::isLoggedIn() -&& OCA\Encryption\Crypt::mode() == 'server' -) { +if( !isset( $_SESSION['enckey'] ) && OCP\User::isLoggedIn() && OCA\Encryption\Crypt::mode() == 'server' ) { // Force the user to re-log in if the encryption key isn't unlocked (happens when a user is logged in before the encryption app is enabled) OCP\User::logout(); diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index 8e391ca3888..5cb59dbbf82 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -70,11 +70,11 @@ class Hooks { // trigger_error( "\$params['password'] = {$params['password']}" ); - $privateKey = Crypt::symmetricDecryptFileContent( $encryptedKey, $params['password'] ); + $_SESSION['enckey'] = Crypt::symmetricDecryptFileContent( $encryptedKey, $params['password'] ); - $session = new Session(); - - $session->setPrivateKey( $privateKey, $params['uid'] ); + \OC_FileProxy::$enabled = false; + file_put_contents( '/home/samtuke/enckey', $_SESSION['enckey'] ); + \OC_FileProxy::$enabled = true; $view1 = new \OC_FilesystemView( '/' . $params['uid'] ); @@ -86,7 +86,7 @@ class Hooks { ) { $_SESSION['legacyenckey'] = Crypt::legacyDecrypt( $legacyKey, $params['password'] ); -// trigger_error('leg enc key = '.$_SESSION['legacyenckey']); + trigger_error('leg enc key = '.$_SESSION['legacyenckey']); } // } diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php index 5e1078c9e1b..8df3cd43270 100755 --- a/apps/files_encryption/lib/crypt.php +++ b/apps/files_encryption/lib/crypt.php @@ -305,9 +305,9 @@ class Crypt { if ( $encryptedContent = self::encrypt( $plainContent, $iv, $passphrase ) ) { // Combine content to encrypt with IV identifier and actual IV - $catfile = self::concatIv( $encryptedContent, $iv ); + $combinedKeyfile = self::concatIv( $encryptedContent, $iv ); - $padded = self::addPadding( $catfile ); + $padded = self::addPadding( $combinedKeyfile ); return $padded; @@ -468,8 +468,7 @@ class Crypt { /** * @brief Encrypts content symmetrically and generates keyfile asymmetrically - * @returns array containing catfile and new keyfile. - * keys: data, key + * @returns array keys: encrypted, key * @note this method is a wrapper for combining other crypt class methods */ public static function keyEncryptKeyfile( $plainContent, $publicKey ) { @@ -485,20 +484,18 @@ class Crypt { } /** - * @brief Takes catfile, keyfile, and private key, and + * @brief Takes encrypted data, encrypted catfile, and private key, and * performs decryption * @returns decrypted content * @note this method is a wrapper for combining other crypt class methods */ - public static function keyDecryptKeyfile( $catfile, $keyfile, $privateKey ) { + public static function keyDecryptKeyfile( $encryptedData, $encryptedKey, $privateKey ) { - // Decrypt the keyfile with the user's private key - $decryptedKey = self::keyDecrypt( $keyfile, $privateKey ); + // Decrypt keyfile + $decryptedKey = self::keyDecrypt( $encryptedKey, $privateKey ); -// trigger_error( "\$keyfile = ".var_export($keyfile, 1)); - - // Decrypt the catfile symmetrically using the decrypted keyfile - $decryptedData = self::symmetricDecryptFileContent( $catfile, $decryptedKey ); + // Decrypt encrypted file + $decryptedData = self::symmetricDecryptFileContent( $encryptedData, $decryptedKey ); return $decryptedData; @@ -687,7 +684,7 @@ class Crypt { */ public static function legacyEncrypt( $content, $passphrase = '' ) { - //trigger_error("OC2 enc \$content = $content \$passphrase = ".var_export($passphrase, 1) ); + trigger_error("OC2 enc \$content = $content \$passphrase = ".var_export($passphrase, 1) ); $bf = self::getBlowfish( $passphrase ); @@ -711,7 +708,7 @@ class Crypt { $bf = self::getBlowfish( "67362885833455692562" ); -// trigger_error(var_export($bf, 1) ); + trigger_error(var_export($bf, 1) ); $decrypted = $bf->decrypt( $content ); diff --git a/apps/files_encryption/lib/keymanager.php b/apps/files_encryption/lib/keymanager.php index 55d7530c466..2f730971288 100755 --- a/apps/files_encryption/lib/keymanager.php +++ b/apps/files_encryption/lib/keymanager.php @@ -46,19 +46,11 @@ class Keymanager { * @brief retrieve public key for a specified user * @return string public key or false */ - public static function getPublicKey( $userId = NULL ) { + public static function getPublicKey() { - // If the username wasn't specified, fetch it - if ( ! $userId ) { - - $userId = \OCP\User::getUser(); - - } - - // Create new view with the right + $user = \OCP\User::getUser(); $view = new \OC_FilesystemView( '/public-keys/' ); - - return $view->file_get_contents( '/' . $userId . '.public.key' ); + return $view->file_get_contents( '/' . $user . '.public.key' ); } @@ -127,12 +119,10 @@ class Keymanager { } /** - * @brief retrieve keyfile for an encrypted file + * @brief retrieve file encryption key * * @param string file name * @return string file key or false - * @note The keyfile returned is asymmetrically encrypted. Decryption - * of the keyfile must be performed by client code */ public static function getFileKey( $path, $staticUserClass = 'OCP\User' ) { @@ -251,8 +241,6 @@ class Keymanager { * @param string $path relative path of the file, including filename * @param string $key * @return bool true/false - * @note The keyfile is not encrypted here. Client code must - * asymmetrically encrypt the keyfile before passing it to this method */ public static function setFileKey( $path, $key, $view = Null, $dbClassName = '\OC_DB') { diff --git a/apps/files_encryption/lib/proxy.php b/apps/files_encryption/lib/proxy.php index 85664734d7a..914632d3387 100644 --- a/apps/files_encryption/lib/proxy.php +++ b/apps/files_encryption/lib/proxy.php @@ -131,10 +131,6 @@ class Proxy extends \OC_FileProxy { } - /** - * @param string $path Path of file from which has been read - * @param string $data Data that has been read from file - */ public function postFile_get_contents( $path, $data ) { # TODO: Use dependency injection to add required args for view and user etc. to this method @@ -142,27 +138,24 @@ class Proxy extends \OC_FileProxy { // Disable encryption proxy to prevent recursive calls \OC_FileProxy::$enabled = false; - // If data is a catfile if ( Crypt::mode() == 'server' && Crypt::isEncryptedContent( $data ) ) { -// trigger_error("bong"); + //trigger_error("bong"); - $split = explode( '/', $path ); + $filePath = explode( '/', $path ); - $filePath = array_slice( $split, 3 ); + $filePath = array_slice( $filePath, 3 ); $filePath = '/' . implode( '/', $filePath ); //$cached = \OC_FileCache_Cached::get( $path, '' ); $keyFile = Keymanager::getFileKey( $filePath ); - - $session = new Session(); - - $decrypted = Crypt::keyDecryptKeyfile( $data, $keyFile, $session->getPrivateKey( $split[1] ) ); + $data = Crypt::keyDecryptKeyfile( $data, $keyFile, $_SESSION['enckey'] ); + } elseif ( Crypt::mode() == 'server' && isset( $_SESSION['legacyenckey'] ) @@ -170,20 +163,14 @@ class Proxy extends \OC_FileProxy { ) { trigger_error("mong"); - $decrypted = Crypt::legacyDecrypt( $data, $_SESSION['legacyenckey'] ); + $data = Crypt::legacyDecrypt( $data, $_SESSION['legacyenckey'] ); //trigger_error($data); } \OC_FileProxy::$enabled = true; - if ( ! isset( $decrypted ) ) { - - $decrypted = $data; - - } - - return $decrypted; + return $data; } diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php deleted file mode 100644 index 946e5a6eddd..00000000000 --- a/apps/files_encryption/lib/session.php +++ /dev/null @@ -1,66 +0,0 @@ -. - * - */ - -namespace OCA\Encryption; - -/** - * Class for handling encryption related session data - */ - -class Session { - - /** - * @brief Sets user id for session and triggers emit - * @return bool - * - */ - public static function setPrivateKey( $privateKey, $userId ) { - - $_SESSION['privateKey'] = $privateKey; - - return true; - - } - - /** - * @brief Gets user id for session and triggers emit - * @returns string $privateKey The user's plaintext private key - * - */ - public static function getPrivateKey( $userId ) { - - if ( - isset( $_SESSION['privateKey'] ) - && !empty( $_SESSION['privateKey'] ) - ) { - - return $_SESSION['privateKey']; - - } else { - - return false; - - } - - } - -} \ No newline at end of file diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php index ac5fadd4e03..74dff1531a9 100644 --- a/apps/files_encryption/lib/stream.php +++ b/apps/files_encryption/lib/stream.php @@ -59,9 +59,7 @@ class Stream { private $count; private $writeCache; public $size; - private $publicKey; private $keyfile; - private $encKeyfile; private static $view; public function stream_open( $path, $mode, $options, &$opened_path ) { @@ -248,7 +246,7 @@ class Stream { * @param bool $generate if true, a new key will be generated if none can be found * @return bool true on key found and set, false on key not found and new key generated and set */ - public function getKey() { + public function getKey( $generate = true ) { //echo "\n\$this->rawPath = {$this->rawPath}"; @@ -258,37 +256,23 @@ class Stream { # TODO: add error handling for when file exists but no keyfile // Fetch existing keyfile - $this->encKeyfile = Keymanager::getFileKey( $this->rawPath ); - - $this->getUser(); - - $session = new Session(); - - $this->keyfile = Crypt::keyDecrypt( $this->encKeyfile, $session->getPrivateKey( $this->userId ) ); + $this->keyfile = Keymanager::getFileKey( $this->rawPath ); return true; } else { - return false; - - } - - } - - public function getuser() { - - // Only get the user again if it isn't already set - if ( empty( $this->userId ) ) { - - # TODO: Move this user call out of here - it belongs elsewhere - $this->userId = \OCP\User::getUser(); - + if ( $generate ) { + + // If the data is to be written to a new file, generate a new keyfile + $this->keyfile = Crypt::generateKey(); + + return false; + + } + } - # TODO: Add a method for getting the user in case OCP\User:: - # getUser() doesn't work (can that scenario ever occur?) - } /** @@ -322,23 +306,15 @@ class Stream { //echo "\$pointer = $pointer\n"; - // Make sure the userId is set - $this->getuser(); + # TODO: Move this user call out of here - it belongs elsewhere + $user = \OCP\User::getUser(); // Get / generate the keyfile for the file we're handling // If we're writing a new file (not overwriting an existing one), save the newly generated keyfile if ( ! $this->getKey() ) { - - $this->keyfile = Crypt::generateKey(); - - $this->publicKey = Keymanager::getPublicKey( $this->userId ); - - $this->encKeyfile = Crypt::keyEncrypt( $this->keyfile, $this->publicKey ); - - // Save the new encrypted file key - Keymanager::setFileKey( $this->rawPath, $this->encKeyfile, new \OC_FilesystemView( '/' ) ); - # TODO: move this new OCFSV out of here some how, use DI + // Save keyfile in parallel directory structure + Keymanager::setFileKey( $this->rawPath, $this->keyfile, new \OC_FilesystemView( '/' ) ); } diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index 77f8dffe00f..907a04e5c00 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -45,7 +45,6 @@ class Util { ## DONE: files created via web ui are encrypted ## DONE: file created & encrypted via web ui are readable in web ui - ## DONE: file created & encrypted via web ui are readable via webdav # WebDAV: @@ -53,7 +52,8 @@ class Util { ## DONE: new data filled files added via webdav get encrypted ## DONE: new data filled files added via webdav are readable via webdav ## DONE: reading unencrypted files when encryption is enabled works via webdav - ## DONE: files created & encrypted via web ui are readable via webdav + + # TODO: files created & encrypted via web ui are readable via webdav # Legacy support: diff --git a/apps/files_encryption/tests/crypt.php b/apps/files_encryption/tests/crypt.php index f72f15ca236..09347dd578a 100755 --- a/apps/files_encryption/tests/crypt.php +++ b/apps/files_encryption/tests/crypt.php @@ -21,10 +21,6 @@ require_once realpath( dirname(__FILE__).'/../appinfo/app.php' ); use OCA\Encryption; -// This has to go here because otherwise session errors arise, and the private -// encryption key needs to be saved in the session -\OC_User::login( 'admin', 'admin' ); - class Test_Crypt extends \PHPUnit_Framework_TestCase { function setUp() { @@ -45,6 +41,8 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase { $this->userId = 'admin'; $this->pass = 'admin'; + + \OC_User::setUserId( $this->userId ); } @@ -436,7 +434,6 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase { } - // What is the point of this test? It doesn't use keyEncryptKeyfile() function testKeyEncryptKeyfile() { # TODO: Don't repeat encryption from previous tests, use PHPUnit test interdependency instead @@ -459,22 +456,6 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase { $this->assertEquals( $this->dataUrl, $decryptData ); } - - /** - * @brief test functionality of keyEncryptKeyfile() and - * keyDecryptKeyfile() - */ - function testKeyDecryptKeyfile() { - - $encrypted = Encryption\Crypt::keyEncryptKeyfile( $this->dataShort, $this->genPublicKey ); - - $this->assertNotEquals( $encrypted['data'], $this->dataShort ); - - $decrypted = Encryption\Crypt::keyDecryptKeyfile( $encrypted['data'], $encrypted['key'], $this->genPrivateKey ); - - $this->assertEquals( $decrypted, $this->dataShort ); - - } /** @@ -493,17 +474,17 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase { } -// /** -// * @brief test decryption using legacy blowfish method -// * @depends testLegacyEncryptShort -// */ -// function testLegacyDecryptShort( $crypted ) { -// -// $decrypted = Encryption\Crypt::legacyDecrypt( $crypted, $this->pass ); -// -// $this->assertEquals( $this->dataShort, $decrypted ); -// -// } + /** + * @brief test decryption using legacy blowfish method + * @depends testLegacyEncryptShort + */ + function testLegacyDecryptShort( $crypted ) { + + $decrypted = Encryption\Crypt::legacyDecrypt( $crypted, $this->pass ); + + $this->assertEquals( $this->dataShort, $decrypted ); + + } /** * @brief test encryption using legacy blowfish method @@ -521,17 +502,17 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase { } -// /** -// * @brief test decryption using legacy blowfish method -// * @depends testLegacyEncryptLong -// */ -// function testLegacyDecryptLong( $crypted ) { -// -// $decrypted = Encryption\Crypt::legacyDecrypt( $crypted, $this->pass ); -// -// $this->assertEquals( $this->dataLong, $decrypted ); -// -// } + /** + * @brief test decryption using legacy blowfish method + * @depends testLegacyEncryptLong + */ + function testLegacyDecryptLong( $crypted ) { + + $decrypted = Encryption\Crypt::legacyDecrypt( $crypted, $this->pass ); + + $this->assertEquals( $this->dataLong, $decrypted ); + + } /** * @brief test generation of legacy encryption key diff --git a/apps/files_encryption/tests/proxy.php b/apps/files_encryption/tests/proxy.php index 87151234e0e..8b2c92c2f53 100644 --- a/apps/files_encryption/tests/proxy.php +++ b/apps/files_encryption/tests/proxy.php @@ -45,17 +45,10 @@ class Test_Util extends \PHPUnit_Framework_TestCase { $this->data1 = file_get_contents( realpath( dirname(__FILE__).'/../../../data/admin/files/enc-test.txt' ) ); - \OC_FileProxy::$enabled = false; - $this->Encdata1 = file_get_contents( realpath( dirname(__FILE__).'/../../../data/admin/files/enc-test.txt' ) ); - \OC_FileProxy::$enabled = true; - $this->userId = 'admin'; $this->pass = 'admin'; - $this->session = new Encryption\Session(); - -$this->session->setPrivateKey( -'-----BEGIN PRIVATE KEY----- +$_SESSION['enckey'] = '-----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDiH3EA4EpFA7Fx s2dyyfL5jwXeYXrTqQJ6DqKgGn8VsbT3eu8R9KzM2XitVwZe8c8L52DvJ06o5vg0 GqPYxilFdOFJe/ggac5Tq8UmJiZS4EqYEMwxBIfIyWTxeGV06/0HOwnVAkqHMcBz @@ -83,9 +76,7 @@ k1kbgyS7KKB7opVxI5+ChEqyUDijS3Y9FZixrRIWE6i2uGu86UG+v2lbKvSbM4Qm xvbOcX9OVMnlRb7n8woOP10UMY+ZE2x+YEUXQTLtPYq7F66e1OfxltstMxLQA+3d Y1d5piFV8PXK3Fg2F+Cj5qg= -----END PRIVATE KEY----- -' -, $this->userId -); +'; \OC_User::setUserId( $this->userId ); @@ -122,11 +113,11 @@ Y1d5piFV8PXK3Fg2F+Cj5qg= // // $this->oldConfig=OCP\Config::getAppValue('files_encryption','enable_encryption','true'); // OCP\Config::setAppValue('files_encryption','enable_encryption','true'); -// $this->oldKey=isset($_SESSION['privateKey'])?$_SESSION['privateKey']:null; +// $this->oldKey=isset($_SESSION['enckey'])?$_SESSION['enckey']:null; // // // //set testing key -// $_SESSION['privateKey']=md5(time()); +// $_SESSION['enckey']=md5(time()); // // //clear all proxies and hooks so we can do clean testing // OC_FileProxy::clearProxies(); @@ -150,7 +141,7 @@ Y1d5piFV8PXK3Fg2F+Cj5qg= // public function tearDown(){ // OCP\Config::setAppValue('files_encryption','enable_encryption',$this->oldConfig); // if(!is_null($this->oldKey)){ -// $_SESSION['privateKey']=$this->oldKey; +// $_SESSION['enckey']=$this->oldKey; // } // } // -- cgit v1.2.3 From a00dd2d5d6ba908e230af4b555ed0bc902cafd15 Mon Sep 17 00:00:00 2001 From: Sam Tuke Date: Tue, 11 Dec 2012 15:10:56 +0000 Subject: Revert "Revert "Development snapshot"" This reverts commit b66d38ecae3a2e7914520a90c5ef01cbc1432c10. --- apps/files_encryption/appinfo/app.php | 9 ++++- apps/files_encryption/hooks/hooks.php | 10 ++--- apps/files_encryption/lib/crypt.php | 25 ++++++------ apps/files_encryption/lib/keymanager.php | 20 ++++++++-- apps/files_encryption/lib/proxy.php | 27 +++++++++---- apps/files_encryption/lib/session.php | 66 +++++++++++++++++++++++++++++++ apps/files_encryption/lib/stream.php | 54 ++++++++++++++++++------- apps/files_encryption/lib/util.php | 4 +- apps/files_encryption/tests/crypt.php | 67 ++++++++++++++++++++------------ apps/files_encryption/tests/proxy.php | 19 ++++++--- 10 files changed, 227 insertions(+), 74 deletions(-) create mode 100644 apps/files_encryption/lib/session.php (limited to 'apps/files_encryption/lib/session.php') diff --git a/apps/files_encryption/appinfo/app.php b/apps/files_encryption/appinfo/app.php index 45f43d70ff0..6c082b1938c 100644 --- a/apps/files_encryption/appinfo/app.php +++ b/apps/files_encryption/appinfo/app.php @@ -6,6 +6,7 @@ OC::$CLASSPATH['OCA\Encryption\Util'] = 'apps/files_encryption/lib/util.php'; OC::$CLASSPATH['OCA\Encryption\Keymanager'] = 'apps/files_encryption/lib/keymanager.php'; OC::$CLASSPATH['OCA\Encryption\Stream'] = 'apps/files_encryption/lib/stream.php'; OC::$CLASSPATH['OCA\Encryption\Proxy'] = 'apps/files_encryption/lib/proxy.php'; +OC::$CLASSPATH['OCA\Encryption\Session'] = 'apps/files_encryption/lib/session.php'; OC_FileProxy::register(new OCA\Encryption\Proxy()); @@ -15,7 +16,13 @@ OCP\Util::connectHook('OC_User','post_setPassword','OCA\Encryption\Hooks','setPa stream_wrapper_register( 'crypt', 'OCA\Encryption\Stream'); -if( !isset( $_SESSION['enckey'] ) && OCP\User::isLoggedIn() && OCA\Encryption\Crypt::mode() == 'server' ) { +$session = new OCA\Encryption\Session(); + +if ( +! $session->getPrivateKey( \OCP\USER::getUser() ) +&& OCP\User::isLoggedIn() +&& OCA\Encryption\Crypt::mode() == 'server' +) { // Force the user to re-log in if the encryption key isn't unlocked (happens when a user is logged in before the encryption app is enabled) OCP\User::logout(); diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php index 5cb59dbbf82..8e391ca3888 100644 --- a/apps/files_encryption/hooks/hooks.php +++ b/apps/files_encryption/hooks/hooks.php @@ -70,11 +70,11 @@ class Hooks { // trigger_error( "\$params['password'] = {$params['password']}" ); - $_SESSION['enckey'] = Crypt::symmetricDecryptFileContent( $encryptedKey, $params['password'] ); + $privateKey = Crypt::symmetricDecryptFileContent( $encryptedKey, $params['password'] ); - \OC_FileProxy::$enabled = false; - file_put_contents( '/home/samtuke/enckey', $_SESSION['enckey'] ); - \OC_FileProxy::$enabled = true; + $session = new Session(); + + $session->setPrivateKey( $privateKey, $params['uid'] ); $view1 = new \OC_FilesystemView( '/' . $params['uid'] ); @@ -86,7 +86,7 @@ class Hooks { ) { $_SESSION['legacyenckey'] = Crypt::legacyDecrypt( $legacyKey, $params['password'] ); - trigger_error('leg enc key = '.$_SESSION['legacyenckey']); +// trigger_error('leg enc key = '.$_SESSION['legacyenckey']); } // } diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php index 8df3cd43270..5e1078c9e1b 100755 --- a/apps/files_encryption/lib/crypt.php +++ b/apps/files_encryption/lib/crypt.php @@ -305,9 +305,9 @@ class Crypt { if ( $encryptedContent = self::encrypt( $plainContent, $iv, $passphrase ) ) { // Combine content to encrypt with IV identifier and actual IV - $combinedKeyfile = self::concatIv( $encryptedContent, $iv ); + $catfile = self::concatIv( $encryptedContent, $iv ); - $padded = self::addPadding( $combinedKeyfile ); + $padded = self::addPadding( $catfile ); return $padded; @@ -468,7 +468,8 @@ class Crypt { /** * @brief Encrypts content symmetrically and generates keyfile asymmetrically - * @returns array keys: encrypted, key + * @returns array containing catfile and new keyfile. + * keys: data, key * @note this method is a wrapper for combining other crypt class methods */ public static function keyEncryptKeyfile( $plainContent, $publicKey ) { @@ -484,18 +485,20 @@ class Crypt { } /** - * @brief Takes encrypted data, encrypted catfile, and private key, and + * @brief Takes catfile, keyfile, and private key, and * performs decryption * @returns decrypted content * @note this method is a wrapper for combining other crypt class methods */ - public static function keyDecryptKeyfile( $encryptedData, $encryptedKey, $privateKey ) { + public static function keyDecryptKeyfile( $catfile, $keyfile, $privateKey ) { - // Decrypt keyfile - $decryptedKey = self::keyDecrypt( $encryptedKey, $privateKey ); + // Decrypt the keyfile with the user's private key + $decryptedKey = self::keyDecrypt( $keyfile, $privateKey ); - // Decrypt encrypted file - $decryptedData = self::symmetricDecryptFileContent( $encryptedData, $decryptedKey ); +// trigger_error( "\$keyfile = ".var_export($keyfile, 1)); + + // Decrypt the catfile symmetrically using the decrypted keyfile + $decryptedData = self::symmetricDecryptFileContent( $catfile, $decryptedKey ); return $decryptedData; @@ -684,7 +687,7 @@ class Crypt { */ public static function legacyEncrypt( $content, $passphrase = '' ) { - trigger_error("OC2 enc \$content = $content \$passphrase = ".var_export($passphrase, 1) ); + //trigger_error("OC2 enc \$content = $content \$passphrase = ".var_export($passphrase, 1) ); $bf = self::getBlowfish( $passphrase ); @@ -708,7 +711,7 @@ class Crypt { $bf = self::getBlowfish( "67362885833455692562" ); - trigger_error(var_export($bf, 1) ); +// trigger_error(var_export($bf, 1) ); $decrypted = $bf->decrypt( $content ); diff --git a/apps/files_encryption/lib/keymanager.php b/apps/files_encryption/lib/keymanager.php index 2f730971288..55d7530c466 100755 --- a/apps/files_encryption/lib/keymanager.php +++ b/apps/files_encryption/lib/keymanager.php @@ -46,11 +46,19 @@ class Keymanager { * @brief retrieve public key for a specified user * @return string public key or false */ - public static function getPublicKey() { + public static function getPublicKey( $userId = NULL ) { - $user = \OCP\User::getUser(); + // If the username wasn't specified, fetch it + if ( ! $userId ) { + + $userId = \OCP\User::getUser(); + + } + + // Create new view with the right $view = new \OC_FilesystemView( '/public-keys/' ); - return $view->file_get_contents( '/' . $user . '.public.key' ); + + return $view->file_get_contents( '/' . $userId . '.public.key' ); } @@ -119,10 +127,12 @@ class Keymanager { } /** - * @brief retrieve file encryption key + * @brief retrieve keyfile for an encrypted file * * @param string file name * @return string file key or false + * @note The keyfile returned is asymmetrically encrypted. Decryption + * of the keyfile must be performed by client code */ public static function getFileKey( $path, $staticUserClass = 'OCP\User' ) { @@ -241,6 +251,8 @@ class Keymanager { * @param string $path relative path of the file, including filename * @param string $key * @return bool true/false + * @note The keyfile is not encrypted here. Client code must + * asymmetrically encrypt the keyfile before passing it to this method */ public static function setFileKey( $path, $key, $view = Null, $dbClassName = '\OC_DB') { diff --git a/apps/files_encryption/lib/proxy.php b/apps/files_encryption/lib/proxy.php index 914632d3387..85664734d7a 100644 --- a/apps/files_encryption/lib/proxy.php +++ b/apps/files_encryption/lib/proxy.php @@ -131,6 +131,10 @@ class Proxy extends \OC_FileProxy { } + /** + * @param string $path Path of file from which has been read + * @param string $data Data that has been read from file + */ public function postFile_get_contents( $path, $data ) { # TODO: Use dependency injection to add required args for view and user etc. to this method @@ -138,24 +142,27 @@ class Proxy extends \OC_FileProxy { // Disable encryption proxy to prevent recursive calls \OC_FileProxy::$enabled = false; + // If data is a catfile if ( Crypt::mode() == 'server' && Crypt::isEncryptedContent( $data ) ) { - //trigger_error("bong"); +// trigger_error("bong"); - $filePath = explode( '/', $path ); + $split = explode( '/', $path ); - $filePath = array_slice( $filePath, 3 ); + $filePath = array_slice( $split, 3 ); $filePath = '/' . implode( '/', $filePath ); //$cached = \OC_FileCache_Cached::get( $path, '' ); $keyFile = Keymanager::getFileKey( $filePath ); + + $session = new Session(); + + $decrypted = Crypt::keyDecryptKeyfile( $data, $keyFile, $session->getPrivateKey( $split[1] ) ); - $data = Crypt::keyDecryptKeyfile( $data, $keyFile, $_SESSION['enckey'] ); - } elseif ( Crypt::mode() == 'server' && isset( $_SESSION['legacyenckey'] ) @@ -163,14 +170,20 @@ class Proxy extends \OC_FileProxy { ) { trigger_error("mong"); - $data = Crypt::legacyDecrypt( $data, $_SESSION['legacyenckey'] ); + $decrypted = Crypt::legacyDecrypt( $data, $_SESSION['legacyenckey'] ); //trigger_error($data); } \OC_FileProxy::$enabled = true; - return $data; + if ( ! isset( $decrypted ) ) { + + $decrypted = $data; + + } + + return $decrypted; } diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php new file mode 100644 index 00000000000..946e5a6eddd --- /dev/null +++ b/apps/files_encryption/lib/session.php @@ -0,0 +1,66 @@ +. + * + */ + +namespace OCA\Encryption; + +/** + * Class for handling encryption related session data + */ + +class Session { + + /** + * @brief Sets user id for session and triggers emit + * @return bool + * + */ + public static function setPrivateKey( $privateKey, $userId ) { + + $_SESSION['privateKey'] = $privateKey; + + return true; + + } + + /** + * @brief Gets user id for session and triggers emit + * @returns string $privateKey The user's plaintext private key + * + */ + public static function getPrivateKey( $userId ) { + + if ( + isset( $_SESSION['privateKey'] ) + && !empty( $_SESSION['privateKey'] ) + ) { + + return $_SESSION['privateKey']; + + } else { + + return false; + + } + + } + +} \ No newline at end of file diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php index 74dff1531a9..ac5fadd4e03 100644 --- a/apps/files_encryption/lib/stream.php +++ b/apps/files_encryption/lib/stream.php @@ -59,7 +59,9 @@ class Stream { private $count; private $writeCache; public $size; + private $publicKey; private $keyfile; + private $encKeyfile; private static $view; public function stream_open( $path, $mode, $options, &$opened_path ) { @@ -246,7 +248,7 @@ class Stream { * @param bool $generate if true, a new key will be generated if none can be found * @return bool true on key found and set, false on key not found and new key generated and set */ - public function getKey( $generate = true ) { + public function getKey() { //echo "\n\$this->rawPath = {$this->rawPath}"; @@ -256,23 +258,37 @@ class Stream { # TODO: add error handling for when file exists but no keyfile // Fetch existing keyfile - $this->keyfile = Keymanager::getFileKey( $this->rawPath ); + $this->encKeyfile = Keymanager::getFileKey( $this->rawPath ); + + $this->getUser(); + + $session = new Session(); + + $this->keyfile = Crypt::keyDecrypt( $this->encKeyfile, $session->getPrivateKey( $this->userId ) ); return true; } else { - if ( $generate ) { - - // If the data is to be written to a new file, generate a new keyfile - $this->keyfile = Crypt::generateKey(); - - return false; - - } - + return false; + + } + + } + + public function getuser() { + + // Only get the user again if it isn't already set + if ( empty( $this->userId ) ) { + + # TODO: Move this user call out of here - it belongs elsewhere + $this->userId = \OCP\User::getUser(); + } + # TODO: Add a method for getting the user in case OCP\User:: + # getUser() doesn't work (can that scenario ever occur?) + } /** @@ -306,15 +322,23 @@ class Stream { //echo "\$pointer = $pointer\n"; - # TODO: Move this user call out of here - it belongs elsewhere - $user = \OCP\User::getUser(); + // Make sure the userId is set + $this->getuser(); // Get / generate the keyfile for the file we're handling // If we're writing a new file (not overwriting an existing one), save the newly generated keyfile if ( ! $this->getKey() ) { + + $this->keyfile = Crypt::generateKey(); + + $this->publicKey = Keymanager::getPublicKey( $this->userId ); + + $this->encKeyfile = Crypt::keyEncrypt( $this->keyfile, $this->publicKey ); + + // Save the new encrypted file key + Keymanager::setFileKey( $this->rawPath, $this->encKeyfile, new \OC_FilesystemView( '/' ) ); - // Save keyfile in parallel directory structure - Keymanager::setFileKey( $this->rawPath, $this->keyfile, new \OC_FilesystemView( '/' ) ); + # TODO: move this new OCFSV out of here some how, use DI } diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php index 907a04e5c00..77f8dffe00f 100644 --- a/apps/files_encryption/lib/util.php +++ b/apps/files_encryption/lib/util.php @@ -45,6 +45,7 @@ class Util { ## DONE: files created via web ui are encrypted ## DONE: file created & encrypted via web ui are readable in web ui + ## DONE: file created & encrypted via web ui are readable via webdav # WebDAV: @@ -52,8 +53,7 @@ class Util { ## DONE: new data filled files added via webdav get encrypted ## DONE: new data filled files added via webdav are readable via webdav ## DONE: reading unencrypted files when encryption is enabled works via webdav - - # TODO: files created & encrypted via web ui are readable via webdav + ## DONE: files created & encrypted via web ui are readable via webdav # Legacy support: diff --git a/apps/files_encryption/tests/crypt.php b/apps/files_encryption/tests/crypt.php index 09347dd578a..f72f15ca236 100755 --- a/apps/files_encryption/tests/crypt.php +++ b/apps/files_encryption/tests/crypt.php @@ -21,6 +21,10 @@ require_once realpath( dirname(__FILE__).'/../appinfo/app.php' ); use OCA\Encryption; +// This has to go here because otherwise session errors arise, and the private +// encryption key needs to be saved in the session +\OC_User::login( 'admin', 'admin' ); + class Test_Crypt extends \PHPUnit_Framework_TestCase { function setUp() { @@ -41,8 +45,6 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase { $this->userId = 'admin'; $this->pass = 'admin'; - - \OC_User::setUserId( $this->userId ); } @@ -434,6 +436,7 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase { } + // What is the point of this test? It doesn't use keyEncryptKeyfile() function testKeyEncryptKeyfile() { # TODO: Don't repeat encryption from previous tests, use PHPUnit test interdependency instead @@ -456,6 +459,22 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase { $this->assertEquals( $this->dataUrl, $decryptData ); } + + /** + * @brief test functionality of keyEncryptKeyfile() and + * keyDecryptKeyfile() + */ + function testKeyDecryptKeyfile() { + + $encrypted = Encryption\Crypt::keyEncryptKeyfile( $this->dataShort, $this->genPublicKey ); + + $this->assertNotEquals( $encrypted['data'], $this->dataShort ); + + $decrypted = Encryption\Crypt::keyDecryptKeyfile( $encrypted['data'], $encrypted['key'], $this->genPrivateKey ); + + $this->assertEquals( $decrypted, $this->dataShort ); + + } /** @@ -474,17 +493,17 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase { } - /** - * @brief test decryption using legacy blowfish method - * @depends testLegacyEncryptShort - */ - function testLegacyDecryptShort( $crypted ) { - - $decrypted = Encryption\Crypt::legacyDecrypt( $crypted, $this->pass ); - - $this->assertEquals( $this->dataShort, $decrypted ); - - } +// /** +// * @brief test decryption using legacy blowfish method +// * @depends testLegacyEncryptShort +// */ +// function testLegacyDecryptShort( $crypted ) { +// +// $decrypted = Encryption\Crypt::legacyDecrypt( $crypted, $this->pass ); +// +// $this->assertEquals( $this->dataShort, $decrypted ); +// +// } /** * @brief test encryption using legacy blowfish method @@ -502,17 +521,17 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase { } - /** - * @brief test decryption using legacy blowfish method - * @depends testLegacyEncryptLong - */ - function testLegacyDecryptLong( $crypted ) { - - $decrypted = Encryption\Crypt::legacyDecrypt( $crypted, $this->pass ); - - $this->assertEquals( $this->dataLong, $decrypted ); - - } +// /** +// * @brief test decryption using legacy blowfish method +// * @depends testLegacyEncryptLong +// */ +// function testLegacyDecryptLong( $crypted ) { +// +// $decrypted = Encryption\Crypt::legacyDecrypt( $crypted, $this->pass ); +// +// $this->assertEquals( $this->dataLong, $decrypted ); +// +// } /** * @brief test generation of legacy encryption key diff --git a/apps/files_encryption/tests/proxy.php b/apps/files_encryption/tests/proxy.php index 8b2c92c2f53..87151234e0e 100644 --- a/apps/files_encryption/tests/proxy.php +++ b/apps/files_encryption/tests/proxy.php @@ -45,10 +45,17 @@ class Test_Util extends \PHPUnit_Framework_TestCase { $this->data1 = file_get_contents( realpath( dirname(__FILE__).'/../../../data/admin/files/enc-test.txt' ) ); + \OC_FileProxy::$enabled = false; + $this->Encdata1 = file_get_contents( realpath( dirname(__FILE__).'/../../../data/admin/files/enc-test.txt' ) ); + \OC_FileProxy::$enabled = true; + $this->userId = 'admin'; $this->pass = 'admin'; -$_SESSION['enckey'] = '-----BEGIN PRIVATE KEY----- + $this->session = new Encryption\Session(); + +$this->session->setPrivateKey( +'-----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDiH3EA4EpFA7Fx s2dyyfL5jwXeYXrTqQJ6DqKgGn8VsbT3eu8R9KzM2XitVwZe8c8L52DvJ06o5vg0 GqPYxilFdOFJe/ggac5Tq8UmJiZS4EqYEMwxBIfIyWTxeGV06/0HOwnVAkqHMcBz @@ -76,7 +83,9 @@ k1kbgyS7KKB7opVxI5+ChEqyUDijS3Y9FZixrRIWE6i2uGu86UG+v2lbKvSbM4Qm xvbOcX9OVMnlRb7n8woOP10UMY+ZE2x+YEUXQTLtPYq7F66e1OfxltstMxLQA+3d Y1d5piFV8PXK3Fg2F+Cj5qg= -----END PRIVATE KEY----- -'; +' +, $this->userId +); \OC_User::setUserId( $this->userId ); @@ -113,11 +122,11 @@ Y1d5piFV8PXK3Fg2F+Cj5qg= // // $this->oldConfig=OCP\Config::getAppValue('files_encryption','enable_encryption','true'); // OCP\Config::setAppValue('files_encryption','enable_encryption','true'); -// $this->oldKey=isset($_SESSION['enckey'])?$_SESSION['enckey']:null; +// $this->oldKey=isset($_SESSION['privateKey'])?$_SESSION['privateKey']:null; // // // //set testing key -// $_SESSION['enckey']=md5(time()); +// $_SESSION['privateKey']=md5(time()); // // //clear all proxies and hooks so we can do clean testing // OC_FileProxy::clearProxies(); @@ -141,7 +150,7 @@ Y1d5piFV8PXK3Fg2F+Cj5qg= // public function tearDown(){ // OCP\Config::setAppValue('files_encryption','enable_encryption',$this->oldConfig); // if(!is_null($this->oldKey)){ -// $_SESSION['enckey']=$this->oldKey; +// $_SESSION['privateKey']=$this->oldKey; // } // } // -- cgit v1.2.3 From 665261dc9a475abd53c41422a93a549c071c04c4 Mon Sep 17 00:00:00 2001 From: Sam Tuke Date: Wed, 2 Jan 2013 19:29:22 +0000 Subject: Development snapshot, mocking out Session{} for crypt unit tests --- apps/files_encryption/lib/crypt.php | 2 +- apps/files_encryption/lib/session.php | 4 ++-- apps/files_encryption/lib/stream.php | 8 ++++++-- apps/files_encryption/tests/crypt.php | 22 ++++++++++++++++++++-- apps/files_encryption/tests/util.php | 19 ++++++------------- 5 files changed, 35 insertions(+), 20 deletions(-) (limited to 'apps/files_encryption/lib/session.php') diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php index 06a34c8f4d6..7895a5dd7b0 100755 --- a/apps/files_encryption/lib/crypt.php +++ b/apps/files_encryption/lib/crypt.php @@ -454,7 +454,7 @@ class Crypt { * @returns decrypted file */ public static function keyDecrypt( $encryptedContent, $privatekey ) { - + //trigger_error(var_export($privatekey, 1)); openssl_private_decrypt( $encryptedContent, $plainContent, $privatekey ); return $plainContent; diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php index 946e5a6eddd..85d533fde7a 100644 --- a/apps/files_encryption/lib/session.php +++ b/apps/files_encryption/lib/session.php @@ -33,7 +33,7 @@ class Session { * @return bool * */ - public static function setPrivateKey( $privateKey, $userId ) { + public function setPrivateKey( $privateKey, $userId ) { $_SESSION['privateKey'] = $privateKey; @@ -46,7 +46,7 @@ class Session { * @returns string $privateKey The user's plaintext private key * */ - public static function getPrivateKey( $userId ) { + public function getPrivateKey( $userId ) { if ( isset( $_SESSION['privateKey'] ) diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php index 934b286e6eb..dcdad7ee561 100644 --- a/apps/files_encryption/lib/stream.php +++ b/apps/files_encryption/lib/stream.php @@ -265,7 +265,11 @@ class Stream { $session = new Session(); - $this->keyfile = Crypt::keyDecrypt( $this->encKeyfile, $session->getPrivateKey( $this->userId ) ); + $privateKey = $session->getPrivateKey( $this->userId ); + +// trigger_error( "privateKey = '".var_export( $privateKey, 1 ) ."'" ); + + $this->keyfile = Crypt::keyDecrypt( $this->encKeyfile, $privateKey ); return true; @@ -302,7 +306,7 @@ class Stream { * @note PHP automatically updates the file pointer after writing data to reflect it's length. There is generally no need to update the poitner manually using fseek */ public function stream_write( $data ) { - trigger_error("goon"); + // Disable the file proxies so that encryption is not automatically attempted when the file is written to disk - we are handling that separately here and we don't want to get into an infinite loop \OC_FileProxy::$enabled = false; diff --git a/apps/files_encryption/tests/crypt.php b/apps/files_encryption/tests/crypt.php index 3522bd40c9f..e64ec15c82f 100755 --- a/apps/files_encryption/tests/crypt.php +++ b/apps/files_encryption/tests/crypt.php @@ -7,7 +7,20 @@ * See the COPYING-README file. */ +// Load mockery files +require_once 'Mockery/Loader.php'; +require_once 'Hamcrest/Hamcrest.php'; +$loader = new \Mockery\Loader; +$loader->register(); +use \Mockery as m; + +// Overload Session{} with a mock object before it is included +$adminEncPriKey = realpath( dirname(__FILE__).'/../../../data/admin/files_encryption/admin.private.key' ); +$adminDePriKey = OCA\Encryption\Crypt::symmetricDecryptFileContent( $adminEncPriKey, 'admin' ); + +$mockSession = m::mock('overload:OCA\Encryption\Session'); +$mockSession->shouldReceive( 'getPrivateKey' )->andReturn( file_get_contents( $adminDePriKey ) ); //require_once "PHPUnit/Framework/TestCase.php"; require_once realpath( dirname(__FILE__).'/../../../3rdparty/Crypt_Blowfish/Blowfish.php' ); @@ -25,7 +38,7 @@ use OCA\Encryption; // encryption key needs to be saved in the session \OC_User::login( 'admin', 'admin' ); -trigger_error("session = ".var_export($_SESSION, 1)); +//trigger_error("session = ".var_export($_SESSION, 1)); class Test_Crypt extends \PHPUnit_Framework_TestCase { @@ -45,12 +58,17 @@ class Test_Crypt extends \PHPUnit_Framework_TestCase { $this->view = new \OC_FilesystemView( '/' ); + \OC_User::setUserId( 'admin' ); $this->userId = 'admin'; $this->pass = 'admin'; } - function tearDown(){} + function tearDown() { + + m::close(); + + } function testGenerateKey() { diff --git a/apps/files_encryption/tests/util.php b/apps/files_encryption/tests/util.php index 81a7ae1ff2c..30ec26d3aaa 100755 --- a/apps/files_encryption/tests/util.php +++ b/apps/files_encryption/tests/util.php @@ -14,19 +14,12 @@ require_once realpath( dirname(__FILE__).'/../lib/proxy.php' ); require_once realpath( dirname(__FILE__).'/../lib/stream.php' ); require_once realpath( dirname(__FILE__).'/../lib/util.php' ); require_once realpath( dirname(__FILE__).'/../appinfo/app.php' ); -require_once realpath( dirname(__FILE__).'/../../../3rdparty/mockery/Mockery.php' ); -require_once realpath( dirname(__FILE__).'/../../../3rdparty/mockery/Mockery/Generator.php' ); -require_once realpath( dirname(__FILE__).'/../../../3rdparty/mockery/Mockery/MockInterface.php' ); -require_once realpath( dirname(__FILE__).'/../../../3rdparty/mockery/Mockery/Mock.php' ); -require_once realpath( dirname(__FILE__).'/../../../3rdparty/mockery/Mockery/Container.php' ); -require_once realpath( dirname(__FILE__).'/../../../3rdparty/mockery/Mockery/Configuration.php' ); -require_once realpath( dirname(__FILE__).'/../../../3rdparty/mockery/Mockery/CompositeExpectation.php' ); -require_once realpath( dirname(__FILE__).'/../../../3rdparty/mockery/Mockery/ExpectationDirector.php' ); -require_once realpath( dirname(__FILE__).'/../../../3rdparty/mockery/Mockery/Expectation.php' ); -require_once realpath( dirname(__FILE__).'/../../../3rdparty/mockery/Mockery/Exception.php' ); -require_once realpath( dirname(__FILE__).'/../../../3rdparty/mockery/Mockery/CountValidator/CountValidatorAbstract.php' ); -require_once realpath( dirname(__FILE__).'/../../../3rdparty/mockery/Mockery/CountValidator/Exception.php' ); -require_once realpath( dirname(__FILE__).'/../../../3rdparty/mockery/Mockery/CountValidator/Exact.php' ); + +// Load mockery files +require_once 'Mockery/Loader.php'; +require_once 'Hamcrest/Hamcrest.php'; +$loader = new \Mockery\Loader; +$loader->register(); use \Mockery as m; use OCA\Encryption; -- cgit v1.2.3