diff --git a/src/common/c_jhash.h b/src/common/c_jhash.h index 1aae10a3bdd04..5663ab62d32ed 100644 --- a/src/common/c_jhash.h +++ b/src/common/c_jhash.h @@ -151,17 +151,17 @@ static inline uint32_t c_jhash(const uint8_t *k, uint32_t length, uint32_t initv c += length; /* all the case statements fall through */ switch(len) { - case 11: c+=((uint32_t)k[10]<<24); - case 10: c+=((uint32_t)k[9]<<16); - case 9 : c+=((uint32_t)k[8]<<8); + case 11: c+=((uint32_t)k[10]<<24); Q_FALLTHROUGH(); + case 10: c+=((uint32_t)k[9]<<16); Q_FALLTHROUGH(); + case 9 : c+=((uint32_t)k[8]<<8); Q_FALLTHROUGH(); /* the first byte of c is reserved for the length */ - case 8 : b+=((uint32_t)k[7]<<24); - case 7 : b+=((uint32_t)k[6]<<16); - case 6 : b+=((uint32_t)k[5]<<8); - case 5 : b+=k[4]; - case 4 : a+=((uint32_t)k[3]<<24); - case 3 : a+=((uint32_t)k[2]<<16); - case 2 : a+=((uint32_t)k[1]<<8); + case 8 : b+=((uint32_t)k[7]<<24); Q_FALLTHROUGH(); + case 7 : b+=((uint32_t)k[6]<<16); Q_FALLTHROUGH(); + case 6 : b+=((uint32_t)k[5]<<8); Q_FALLTHROUGH(); + case 5 : b+=k[4]; Q_FALLTHROUGH(); + case 4 : a+=((uint32_t)k[3]<<24); Q_FALLTHROUGH(); + case 3 : a+=((uint32_t)k[2]<<16); Q_FALLTHROUGH(); + case 2 : a+=((uint32_t)k[1]<<8); Q_FALLTHROUGH(); case 1 : a+=k[0]; /* case 0: nothing left to add */ } diff --git a/src/libsync/clientsideencryption.cpp b/src/libsync/clientsideencryption.cpp index a5c0364c2b7ab..8917cc71f71de 100644 --- a/src/libsync/clientsideencryption.cpp +++ b/src/libsync/clientsideencryption.cpp @@ -703,33 +703,33 @@ QByteArray encryptStringAsymmetric(EVP_PKEY *publicKey, const QByteArray& data) auto ctx = PKeyCtx::forKey(publicKey, ENGINE_get_default_RSA()); if (!ctx) { qCInfo(lcCse()) << "Could not initialize the pkey context."; - exit(1); + return {}; } if (EVP_PKEY_encrypt_init(ctx) != 1) { qCInfo(lcCse()) << "Error initilaizing the encryption."; - exit(1); + return {}; } if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0) { qCInfo(lcCse()) << "Error setting the encryption padding."; - exit(1); + return {}; } if (EVP_PKEY_CTX_set_rsa_oaep_md(ctx, EVP_sha256()) <= 0) { qCInfo(lcCse()) << "Error setting OAEP SHA 256"; - exit(1); + return {}; } if (EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, EVP_sha256()) <= 0) { qCInfo(lcCse()) << "Error setting MGF1 padding"; - exit(1); + return {}; } size_t outLen = 0; if (EVP_PKEY_encrypt(ctx, nullptr, &outLen, (unsigned char *)data.constData(), data.size()) != 1) { qCInfo(lcCse()) << "Error retrieving the size of the encrypted data"; - exit(1); + return {}; } else { qCInfo(lcCse()) << "Encryption Length:" << outLen; } @@ -737,7 +737,7 @@ QByteArray encryptStringAsymmetric(EVP_PKEY *publicKey, const QByteArray& data) QByteArray out(static_cast(outLen), '\0'); if (EVP_PKEY_encrypt(ctx, unsignedData(out), &outLen, (unsigned char *)data.constData(), data.size()) != 1) { qCInfo(lcCse()) << "Could not encrypt key." << err; - exit(1); + return {}; } qCInfo(lcCse()) << out.toBase64(); @@ -816,6 +816,10 @@ bool ClientSideEncryption::checkPublicKeyValidity(const AccountPtr &account) con auto publicKey = PKey::readPublicKey(publicKeyBio); auto encryptedData = EncryptionHelper::encryptStringAsymmetric(publicKey, data.toBase64()); + if (encryptedData.isEmpty()) { + qCInfo(lcCse()) << "encryption failed"; + return false; + } Bio privateKeyBio; QByteArray privateKeyPem = account->e2e()->_privateKey; diff --git a/src/libsync/clientsideencryptionjobs.cpp b/src/libsync/clientsideencryptionjobs.cpp index d39c393d1777b..41afd956767a3 100644 --- a/src/libsync/clientsideencryptionjobs.cpp +++ b/src/libsync/clientsideencryptionjobs.cpp @@ -366,7 +366,9 @@ bool LockEncryptFolderApiJob::finished() if (!_publicKey.isNull()) { const auto folderTokenEncrypted = EncryptionHelper::encryptStringAsymmetric(_publicKey, token); - _journalDb->setE2EeLockedFolder(_fileId, folderTokenEncrypted); + if (!folderTokenEncrypted.isEmpty()) { + _journalDb->setE2EeLockedFolder(_fileId, folderTokenEncrypted); + } } //TODO: Parse the token and submit. diff --git a/src/libsync/foldermetadata.cpp b/src/libsync/foldermetadata.cpp index f3a21953d341d..c83ed6ce8314e 100644 --- a/src/libsync/foldermetadata.cpp +++ b/src/libsync/foldermetadata.cpp @@ -704,6 +704,11 @@ QByteArray FolderMetadata::encryptedMetadataLegacy() const auto version = _account->capabilities().clientSideEncryptionVersion(); // multiple toBase64() just to keep with the old (wrong way) const auto encryptedMetadataKey = encryptDataWithPublicKey(metadataKeyForEncryption().toBase64().toBase64(), _account->e2e()->_publicKey).toBase64(); + if (encryptedMetadataKey.isEmpty()) { + qCDebug(lcCseMetadata) << "Metadata generation failed! Encryption failed!"; + _account->reportClientStatus(OCC::ClientStatusReportingStatus::E2EeError_GeneralError); + return {}; + } const QJsonObject metadata{ {versionKey, version}, {metadataKeyKey, QJsonValue::fromVariant(encryptedMetadataKey)}, @@ -1049,10 +1054,16 @@ bool FolderMetadata::addUser(const QString &userId, const QSslCertificate &certi } createNewMetadataKeyForEncryption(); + const auto encryptedKey = encryptDataWithPublicKey(metadataKeyForEncryption(), certificatePublicKey); + if (encryptedKey.isEmpty()) { + qCWarning(lcCseMetadata()) << "Could not add a folder user. Encryption failure."; + return false; + } + UserWithFolderAccess newFolderUser; newFolderUser.userId = userId; newFolderUser.certificatePem = certificate.toPem(); - newFolderUser.encryptedMetadataKey = encryptDataWithPublicKey(metadataKeyForEncryption(), certificatePublicKey); + newFolderUser.encryptedMetadataKey = encryptedKey; _folderUsers[userId] = newFolderUser; updateUsersEncryptedMetadataKey(); diff --git a/test/testfolderwatcher.cpp b/test/testfolderwatcher.cpp index 10d945b5de5d7..a769f07d41e7b 100644 --- a/test/testfolderwatcher.cpp +++ b/test/testfolderwatcher.cpp @@ -5,12 +5,20 @@ * */ +#include #include #include "folderwatcher.h" #include "common/utility.h" #include "logger.h" +#define CHECKED_SYSTEM(cmd_) \ + do { \ + int result_ = system(cmd_); \ + Q_ASSERT(WIFEXITED(result_)); \ + Q_ASSERT(WEXITSTATUS(result_) == 0); \ + } while(0) + void touch(const QString &file) { #ifdef Q_OS_WIN @@ -19,7 +27,7 @@ void touch(const QString &file) QString cmd; cmd = QString("touch %1").arg(file); qDebug() << "Command: " << cmd; - system(cmd.toLocal8Bit()); + CHECKED_SYSTEM(cmd.toLocal8Bit()); #endif } @@ -31,7 +39,7 @@ void mkdir(const QString &file) #else QString cmd = QString("mkdir %1").arg(file); qDebug() << "Command: " << cmd; - system(cmd.toLocal8Bit()); + CHECKED_SYSTEM(cmd.toLocal8Bit()); #endif } @@ -43,7 +51,7 @@ void rmdir(const QString &file) #else QString cmd = QString("rmdir %1").arg(file); qDebug() << "Command: " << cmd; - system(cmd.toLocal8Bit()); + CHECKED_SYSTEM(cmd.toLocal8Bit()); #endif } @@ -54,7 +62,7 @@ void rm(const QString &file) #else QString cmd = QString("rm %1").arg(file); qDebug() << "Command: " << cmd; - system(cmd.toLocal8Bit()); + CHECKED_SYSTEM(cmd.toLocal8Bit()); #endif } @@ -65,7 +73,7 @@ void mv(const QString &file1, const QString &file2) #else QString cmd = QString("mv %1 %2").arg(file1, file2); qDebug() << "Command: " << cmd; - system(cmd.toLocal8Bit()); + CHECKED_SYSTEM(cmd.toLocal8Bit()); #endif } @@ -160,7 +168,7 @@ private slots: QString cmd; cmd = QString("echo \"xyz\" > \"%1\"").arg(file); qDebug() << "Command: " << cmd; - system(cmd.toLocal8Bit()); + CHECKED_SYSTEM(cmd.toLocal8Bit()); QVERIFY(waitForPathChanged(file)); } diff --git a/test/testinotifywatcher.cpp b/test/testinotifywatcher.cpp index 204939f9132c6..fda28e4495636 100644 --- a/test/testinotifywatcher.cpp +++ b/test/testinotifywatcher.cpp @@ -4,11 +4,19 @@ * any purpose. * */ +#include #include #include "folderwatcher_linux.h" #include "common/utility.h" +#define CHECKED_SYSTEM(cmd_) \ + do { \ + int result_ = system(cmd_); \ + Q_ASSERT(WIFEXITED(result_)); \ + Q_ASSERT(WEXITSTATUS(result_) == 0); \ + } while(0) + using namespace OCC; class TestInotifyWatcher: public FolderWatcherPrivate @@ -62,7 +70,7 @@ private slots: void cleanupTestCase() { if( _root.startsWith(QDir::tempPath() )) { - system( QString("rm -rf %1").arg(_root).toLocal8Bit() ); + CHECKED_SYSTEM( QString("rm -rf %1").arg(_root).toLocal8Bit() ); } } };