diff --git a/apps/files_encryption/lib/keymanager.php b/apps/files_encryption/lib/keymanager.php
index e71fec5685477be8d648037d6c2355f95fc0f159..70820a6f940f0f668ff3e56a4a7ae369226be94c 100755
--- a/apps/files_encryption/lib/keymanager.php
+++ b/apps/files_encryption/lib/keymanager.php
@@ -228,24 +228,23 @@ class Keymanager {
}
$result = false;
+ $fileExists = $view->file_exists('/' . $userId . '/files/' . $trimmed);
- if ($view->is_dir($keyPath)) {
-
+ if ($view->is_dir($keyPath) && !$fileExists) {
+ \OCP\Util::writeLog('files_encryption', 'deleteFileKey: delete file key: ' . $keyPath, \OCP\Util::DEBUG);
$result = $view->unlink($keyPath);
+ } elseif ($view->file_exists($keyPath . '.key') && !$fileExists) {
+ \OCP\Util::writeLog('files_encryption', 'deleteFileKey: delete file key: ' . $keyPath, \OCP\Util::DEBUG);
+ $result = $view->unlink($keyPath . '.key');
- } else {
- if ($view->file_exists($keyPath . '.key')) {
-
- $result = $view->unlink($keyPath . '.key');
-
- }
}
- if (!$result) {
-
+ if ($fileExists) {
\OCP\Util::writeLog('Encryption library',
- 'Could not delete keyfile; does not exist: "' . $keyPath, \OCP\Util::ERROR);
-
+ 'Did not delete the file key, file still exists: ' . '/' . $userId . '/files/' . $trimmed, \OCP\Util::ERROR);
+ } elseif (!$result) {
+ \OCP\Util::writeLog('Encryption library',
+ 'Could not delete keyfile; does not exist: "' . $keyPath, \OCP\Util::ERROR);
}
return $result;
@@ -403,6 +402,12 @@ class Keymanager {
$filePath = ltrim($filePath, '/');
+ if ($view->file_exists('/' . $userId . '/files/' . $filePath)) {
+ \OCP\Util::writeLog('Encryption library',
+ 'File still exists, stop deleting share keys!', \OCP\Util::ERROR);
+ return false;
+ }
+
if ($filePath === '') {
\OCP\Util::writeLog('Encryption library',
'Can\'t delete share-keys empty path given!', \OCP\Util::ERROR);
@@ -417,19 +422,24 @@ class Keymanager {
$baseDir = $userId . '/files_encryption/share-keys/';
}
+ $result = true;
if ($view->is_dir($baseDir . $filePath)) {
- $view->unlink($baseDir . $filePath);
+ \OCP\Util::writeLog('files_encryption', 'delAllShareKeys: delete share keys: ' . $baseDir . $filePath, \OCP\Util::DEBUG);
+ $result = $view->unlink($baseDir . $filePath);
} else {
$parentDir = dirname($baseDir . $filePath);
$filename = pathinfo($filePath, PATHINFO_BASENAME);
foreach($view->getDirectoryContent($parentDir) as $content) {
$path = $content['path'];
if (self::getFilenameFromShareKey($content['name']) === $filename) {
- $view->unlink('/' . $userId . '/' . $path);
+ \OCP\Util::writeLog('files_encryption', 'dellAllShareKeys: delete share keys: ' . '/' . $userId . '/' . $path, \OCP\Util::DEBUG);
+ $result &= $view->unlink('/' . $userId . '/' . $path);
}
}
}
+
+ return (bool)$result;
}
/**
@@ -454,18 +464,23 @@ class Keymanager {
if ($view->is_dir($shareKeyPath)) {
- self::recursiveDelShareKeys($shareKeyPath, $userIds, $view);
+ self::recursiveDelShareKeys($shareKeyPath, $userIds, $owner, $view);
} else {
foreach ($userIds as $userId) {
- if (!$view->unlink($shareKeyPath . '.' . $userId . '.shareKey')) {
+ if ($userId === $owner && $view->file_exists('/' . $owner . '/files/' . $filename)) {
+ \OCP\Util::writeLog('files_encryption', 'Tried to delete owner key, but the file still exists!', \OCP\Util::FATAL);
+ continue;
+ }
+ $result = $view->unlink($shareKeyPath . '.' . $userId . '.shareKey');
+ \OCP\Util::writeLog('files_encryption', 'delShareKey: delete share key: ' . $shareKeyPath . '.' . $userId . '.shareKey' , \OCP\Util::DEBUG);
+ if (!$result) {
\OCP\Util::writeLog('Encryption library',
'Could not delete shareKey; does not exist: "' . $shareKeyPath . '.' . $userId
. '.shareKey"', \OCP\Util::ERROR);
}
-
}
}
@@ -477,19 +492,30 @@ class Keymanager {
*
* @param string $dir directory
* @param array $userIds user ids for which the share keys should be deleted
+ * @param string $owner owner of the file
+ * @param \OC\Files\View $view view relative to data/
*/
- private static function recursiveDelShareKeys($dir, $userIds, $view) {
+ private static function recursiveDelShareKeys($dir, $userIds, $owner, $view) {
$dirContent = $view->opendir($dir);
+ $dirSlices = explode('/', ltrim($dir, '/'));
+ $realFileDir = '/' . $owner . '/files/' . implode('/', array_slice($dirSlices, 3)) . '/';
if (is_resource($dirContent)) {
while (($file = readdir($dirContent)) !== false) {
if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
if ($view->is_dir($dir . '/' . $file)) {
- self::recursiveDelShareKeys($dir . '/' . $file, $userIds, $view);
+ self::recursiveDelShareKeys($dir . '/' . $file, $userIds, $owner, $view);
} else {
+ $realFile = $realFileDir . self::getFilenameFromShareKey($file);
foreach ($userIds as $userId) {
if (preg_match("/(.*)." . $userId . ".shareKey/", $file)) {
+ if ($userId === $owner &&
+ $view->file_exists($realFile)) {
+ \OCP\Util::writeLog('files_encryption', 'original file still exists, keep owners share key!', \OCP\Util::ERROR);
+ continue;
+ }
+ \OCP\Util::writeLog('files_encryption', 'recursiveDelShareKey: delete share key: ' . $file, \OCP\Util::DEBUG);
$view->unlink($dir . '/' . $file);
}
}
diff --git a/apps/files_encryption/tests/keymanager.php b/apps/files_encryption/tests/keymanager.php
index 3339f8c73e6dfe6807df5a4c8459db0b1256a3d5..eb7583650a809dda116cf07fcbf4c145fb50f221 100644
--- a/apps/files_encryption/tests/keymanager.php
+++ b/apps/files_encryption/tests/keymanager.php
@@ -27,7 +27,7 @@ class Test_Encryption_Keymanager extends \PHPUnit_Framework_TestCase {
public $userId;
public $pass;
- public $stateFilesTrashbin;
+ public static $stateFilesTrashbin;
/**
* @var OC\Files\View
*/
@@ -50,6 +50,12 @@ class Test_Encryption_Keymanager extends \PHPUnit_Framework_TestCase {
// disable file proxy by default
\OC_FileProxy::$enabled = false;
+ // remember files_trashbin state
+ self::$stateFilesTrashbin = OC_App::isEnabled('files_trashbin');
+
+ // we don't want to tests with app files_trashbin enabled
+ \OC_App::disable('files_trashbin');
+
// create test user
\OC_User::deleteUser(\Test_Encryption_Keymanager::TEST_USER);
\Test_Encryption_Util::loginHelper(\Test_Encryption_Keymanager::TEST_USER, true);
@@ -70,28 +76,17 @@ class Test_Encryption_Keymanager extends \PHPUnit_Framework_TestCase {
$this->view = new \OC\Files\View('/');
- \OC_User::setUserId(\Test_Encryption_Keymanager::TEST_USER);
+ \Test_Encryption_Util::loginHelper(Test_Encryption_Keymanager::TEST_USER);
$this->userId = \Test_Encryption_Keymanager::TEST_USER;
$this->pass = \Test_Encryption_Keymanager::TEST_USER;
$userHome = \OC_User::getHome($this->userId);
$this->dataDir = str_replace('/' . $this->userId, '', $userHome);
-
- // remember files_trashbin state
- $this->stateFilesTrashbin = OC_App::isEnabled('files_trashbin');
-
- // we don't want to tests with app files_trashbin enabled
- \OC_App::disable('files_trashbin');
}
function tearDown() {
- // reset app files_trashbin
- if ($this->stateFilesTrashbin) {
- OC_App::enable('files_trashbin');
- }
- else {
- OC_App::disable('files_trashbin');
- }
+ $this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys');
+ $this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles');
}
public static function tearDownAfterClass() {
@@ -99,6 +94,10 @@ class Test_Encryption_Keymanager extends \PHPUnit_Framework_TestCase {
// cleanup test user
\OC_User::deleteUser(\Test_Encryption_Keymanager::TEST_USER);
+ // reset app files_trashbin
+ if (self::$stateFilesTrashbin) {
+ OC_App::enable('files_trashbin');
+ }
}
/**
@@ -204,14 +203,19 @@ class Test_Encryption_Keymanager extends \PHPUnit_Framework_TestCase {
/**
* @medium
*/
- function testRecursiveDelShareKeys() {
+ function testRecursiveDelShareKeysFolder() {
+
+ $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1/existingFile.txt', 'data');
- // create folder structure
+ // create folder structure for some dummy share key files
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1');
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder');
$this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder');
// create some dummy share keys
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user1.shareKey', 'data');
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.user1.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file2.user2.shareKey', 'data');
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file2.user3.shareKey', 'data');
@@ -221,9 +225,11 @@ class Test_Encryption_Keymanager extends \PHPUnit_Framework_TestCase {
$this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/subsubfolder/file2.user3.shareKey', 'data');
// recursive delete share keys from user1 and user2
- Encryption\Keymanager::delShareKey($this->view, array('user1', 'user2'), '/folder1/');
+ Encryption\Keymanager::delShareKey($this->view, array('user1', 'user2', Test_Encryption_Keymanager::TEST_USER), '/folder1/');
// check if share keys from user1 and user2 are deleted
+ $this->assertFalse($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.user1.shareKey'));
$this->assertFalse($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/file1.user1.shareKey'));
$this->assertFalse($this->view->file_exists(
@@ -241,8 +247,175 @@ class Test_Encryption_Keymanager extends \PHPUnit_Framework_TestCase {
$this->assertTrue($this->view->file_exists(
'/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/subfolder/file2.user3.shareKey'));
+ // owner key from existing file should still exists because the file is still there
+ $this->assertTrue($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey'));
+
// cleanup
- $this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys');
+ $this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
+
+ }
+
+ /**
+ * @medium
+ */
+ function testRecursiveDelShareKeysFile() {
+
+ $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1/existingFile.txt', 'data');
+
+ // create folder structure for some dummy share key files
+ $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1');
+
+ // create some dummy share keys
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user1.shareKey', 'data');
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user2.shareKey', 'data');
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user3.shareKey', 'data');
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data');
+
+ // recursive delete share keys from user1 and user2
+ Encryption\Keymanager::delShareKey($this->view, array('user1', 'user2', Test_Encryption_Keymanager::TEST_USER), '/folder1/existingFile.txt');
+
+ // check if share keys from user1 and user2 are deleted
+ $this->assertFalse($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.user1.shareKey'));
+ $this->assertFalse($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.user2.shareKey'));
+
+ // check if share keys for user3 and owner
+ $this->assertTrue($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey'));
+ $this->assertTrue($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user3.shareKey'));
+ // cleanup
+ $this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
+
+ }
+
+ /**
+ * @medium
+ */
+ function testDeleteFileKey() {
+
+ $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1/existingFile.txt', 'data');
+
+ // create folder structure for some dummy file key files
+ $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1');
+
+ // create dummy keyfile
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/dummyFile.txt.key', 'data');
+
+ // recursive delete share keys from user1 and user2
+ $result = Encryption\Keymanager::deleteFileKey($this->view, '/folder1/existingFile.txt');
+ $this->assertFalse($result);
+
+ $result2 = Encryption\Keymanager::deleteFileKey($this->view, '/folder1/dummyFile.txt');
+ $this->assertTrue($result2);
+
+ // check if file key from dummyFile was deleted
+ $this->assertFalse($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/dummyFile.txt.key'));
+
+ // check if file key from existing file still exists
+ $this->assertTrue($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/existingFile.txt.key'));
+
+ // cleanup
+ $this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
+
+ }
+
+ /**
+ * @medium
+ */
+ function testDeleteFileKeyFolder() {
+
+ $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1/existingFile.txt', 'data');
+
+ // create folder structure for some dummy file key files
+ $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1');
+
+ // create dummy keyfile
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/dummyFile.txt.key', 'data');
+
+ // recursive delete share keys from user1 and user2
+ $result = Encryption\Keymanager::deleteFileKey($this->view, '/folder1');
+ $this->assertFalse($result);
+
+ // all file keys should still exists if we try to delete a folder with keys for which some files still exists
+ $this->assertTrue($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/dummyFile.txt.key'));
+ $this->assertTrue($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/existingFile.txt.key'));
+
+ // delete folder
+ $this->view->unlink('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
+ // create dummy keyfile
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1/dummyFile.txt.key', 'data');
+
+ // now file keys should be deleted since the folder no longer exists
+ $result = Encryption\Keymanager::deleteFileKey($this->view, '/folder1');
+ $this->assertTrue($result);
+
+ $this->assertFalse($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/keyfiles/folder1'));
+
+ // cleanup
+ $this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
+
+ }
+
+ function testDelAllShareKeysFile() {
+ $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1/existingFile.txt', 'data');
+
+ // create folder structure for some dummy share key files
+ $this->view->mkdir('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1');
+
+ // create some dummy share keys for the existing file
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user1.shareKey', 'data');
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user2.shareKey', 'data');
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user3.shareKey', 'data');
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data');
+
+ // create some dummy share keys for a non-existing file
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user1.shareKey', 'data');
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user2.shareKey', 'data');
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user3.shareKey', 'data');
+ $this->view->file_put_contents('/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey', 'data');
+
+ // try to del all share keys from a existing file, should fail because the file still exists
+ $result = Encryption\Keymanager::delAllShareKeys($this->view, Test_Encryption_Keymanager::TEST_USER, 'folder1/existingFile.txt');
+ $this->assertFalse($result);
+
+ // check if share keys still exists
+ $this->assertTrue($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey'));
+ $this->assertTrue($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user1.shareKey'));
+ $this->assertTrue($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user2.shareKey'));
+ $this->assertTrue($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/existingFile.txt.user3.shareKey'));
+
+ // try to del all share keys froma file, should fail because the file still exists
+ $result2 = Encryption\Keymanager::delAllShareKeys($this->view, Test_Encryption_Keymanager::TEST_USER, 'folder1/nonexistingFile.txt');
+ $this->assertTrue($result2);
+
+ // check if share keys are really gone
+ $this->assertFalse($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.' . Test_Encryption_Keymanager::TEST_USER . '.shareKey'));
+ $this->assertFalse($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user1.shareKey'));
+ $this->assertFalse($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user2.shareKey'));
+ $this->assertFalse($this->view->file_exists(
+ '/'.Test_Encryption_Keymanager::TEST_USER.'/files_encryption/share-keys/folder1/nonexistingFile.txt.user3.shareKey'));
+
+ // cleanup
+ $this->view->deleteAll('/'.Test_Encryption_Keymanager::TEST_USER.'/files/folder1');
}