[Pkg-owncloud-commits] [owncloud] 147/215: also create encryption keys for empty files

Tue May 5 01:01:41 UTC 2015

This is an automated email from the git hooks/post-receive script.

taffit pushed a commit to branch stable8
in repository owncloud.

commit d5cbb66b667e5850bd6ed45d7a211d332d1c93c8
Author: Bjoern Schiessle <schiessle at owncloud.com>
Date:   Tue Apr 28 17:31:03 2015 +0200

    also create encryption keys for empty files
---
 apps/encryption/lib/crypto/encryption.php          | 35 ++++++++++++----------
 .../encryption/tests/lib/crypto/encryptionTest.php | 30 ++++++++++++++-----
 2 files changed, 42 insertions(+), 23 deletions(-)

diff --git a/apps/encryption/lib/crypto/encryption.php b/apps/encryption/lib/crypto/encryption.php
index cc61f04..4e181b0 100644
--- a/apps/encryption/lib/crypto/encryption.php
+++ b/apps/encryption/lib/crypto/encryption.php
@@ -120,27 +120,36 @@ class Encryption implements IEncryptionModule {
 	 */
 	public function begin($path, $user, $mode, array $header, array $accessList) {
 
-		if (isset($header['cipher'])) {
-			$this->cipher = $header['cipher'];
-		} else if (
+		$this->path = $this->getPathToRealFile($path);
+		$this->accessList = $accessList;
+		$this->user = $user;
+		$this->isWriteOperation = false;
+		$this->writeCache = '';
+
+		$this->fileKey = $this->keyManager->getFileKey($this->path, $this->user);
+
+		if (
 			$mode === 'w'
 			|| $mode === 'w+'
 			|| $mode === 'wb'
 			|| $mode === 'wb+'
 		) {
+			$this->isWriteOperation = true;
+			if (empty($this->fileKey)) {
+				$this->fileKey = $this->crypt->generateFileKey();
+			}
+		}
+
+		if (isset($header['cipher'])) {
+			$this->cipher = $header['cipher'];
+		} elseif ($this->isWriteOperation) {
 			$this->cipher = $this->crypt->getCipher();
 		} else {
+			// if we read a file without a header we fall-back to the legacy cipher
+			// which was used in <=oC6
 			$this->cipher = $this->crypt->getLegacyCipher();
 		}
 
-		$this->path = $this->getPathToRealFile($path);
-		$this->accessList = $accessList;
-		$this->user = $user;
-		$this->writeCache = '';
-		$this->isWriteOperation = false;
-
-		$this->fileKey = $this->keyManager->getFileKey($this->path, $this->user);
-
 		return array('cipher' => $this->cipher);
 	}
 
@@ -180,10 +189,6 @@ class Encryption implements IEncryptionModule {
 	 * @return mixed encrypted data
 	 */
 	public function encrypt($data) {
-		$this->isWriteOperation = true;
-		if (empty($this->fileKey)) {
-			$this->fileKey = $this->crypt->generateFileKey();
-		}
 
 		// If extra data is left over from the last round, make sure it
 		// is integrated into the next 6126 / 8192 block
diff --git a/apps/encryption/tests/lib/crypto/encryptionTest.php b/apps/encryption/tests/lib/crypto/encryptionTest.php
index 2fbc7a1..cb4ca2d 100644
--- a/apps/encryption/tests/lib/crypto/encryptionTest.php
+++ b/apps/encryption/tests/lib/crypto/encryptionTest.php
@@ -86,7 +86,7 @@ class EncryptionTest extends TestCase {
 	/**
 	 * @dataProvider dataTestBegin
 	 */
-	public function testBegin($mode, $header, $legacyCipher, $defaultCipher, $expected) {
+	public function testBegin($mode, $header, $legacyCipher, $defaultCipher, $fileKey, $expected) {
 
 		$this->cryptMock->expects($this->any())
 			->method('getCipher')
@@ -94,22 +94,36 @@ class EncryptionTest extends TestCase {
 		$this->cryptMock->expects($this->any())
 			->method('getLegacyCipher')
 			->willReturn($legacyCipher);
-		$this->cryptMock->expects($this->any())
-			->method('generateFileKey')
-			->willReturn('fileKey');
+		if (empty($fileKey)) {
+			$this->cryptMock->expects($this->once())
+				->method('generateFileKey')
+				->willReturn('fileKey');
+		} else {
+			$this->cryptMock->expects($this->never())
+				->method('generateFileKey');
+		}
+
+		$this->keyManagerMock->expects($this->once())
+			->method('getFileKey')
+			->willReturn($fileKey);
 
 		$result = $this->instance->begin('/user/files/foo.txt', 'user', $mode, $header, []);
 
 		$this->assertArrayHasKey('cipher', $result);
 		$this->assertSame($expected, $result['cipher']);
+		if ($mode === 'w') {
+			$this->assertTrue(\Test_Helper::invokePrivate($this->instance, 'isWriteOperation'));
+		} else {
+			$this->assertFalse(\Test_Helper::invokePrivate($this->instance, 'isWriteOperation'));
+		}
 	}
 
 	public function dataTestBegin() {
 		return array(
-			array('w', ['cipher' => 'myCipher'], 'legacyCipher', 'defaultCipher', 'myCipher'),
-			array('r', ['cipher' => 'myCipher'], 'legacyCipher', 'defaultCipher', 'myCipher'),
-			array('w', [], 'legacyCipher', 'defaultCipher', 'defaultCipher'),
-			array('r', [], 'legacyCipher', 'defaultCipher', 'legacyCipher'),
+			array('w', ['cipher' => 'myCipher'], 'legacyCipher', 'defaultCipher', 'fileKey', 'myCipher'),
+			array('r', ['cipher' => 'myCipher'], 'legacyCipher', 'defaultCipher', 'fileKey', 'myCipher'),
+			array('w', [], 'legacyCipher', 'defaultCipher', '', 'defaultCipher'),
+			array('r', [], 'legacyCipher', 'defaultCipher', 'file_key', 'legacyCipher'),
 		);
 	}
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git

