diff --git a/src/libsync/discoveryphase.cpp b/src/libsync/discoveryphase.cpp index 0fcfabed9..38e4a424c 100644 --- a/src/libsync/discoveryphase.cpp +++ b/src/libsync/discoveryphase.cpp @@ -696,6 +696,14 @@ void DiscoverySingleDirectoryJob::metadataReceived(const QJsonDocument &json, in } } + if (job->signature().isEmpty()) { + qCDebug(lcDiscovery) << "Initial signature is empty."; + _account->reportClientStatus(OCC::ClientStatusReportingStatus::E2EeError_GeneralError); + emit finished(HttpError{0, tr("Encrypted metadata setup error: initial signature from server is empty.")}); + deleteLater(); + return; + } + const auto e2EeFolderMetadata = new FolderMetadata(_account, _remoteRootFolderPath, statusCode == 404 ? QByteArray{} : json.toJson(QJsonDocument::Compact), diff --git a/src/libsync/foldermetadata.cpp b/src/libsync/foldermetadata.cpp index 6536e283f..f3a21953d 100644 --- a/src/libsync/foldermetadata.cpp +++ b/src/libsync/foldermetadata.cpp @@ -181,6 +181,12 @@ void FolderMetadata::setupExistingMetadata(const QByteArray &metadata) } } + if (_initialSignature.isEmpty()) { + qCDebug(lcCseMetadata()) << "Signature is empty"; + _account->reportClientStatus(OCC::ClientStatusReportingStatus::E2EeError_GeneralError); + return; + } + if (!parseFileDropPart(metaDataDoc)) { qCDebug(lcCseMetadata()) << "Could not parse filedrop part"; return; diff --git a/test/testclientsideencryptionv2.cpp b/test/testclientsideencryptionv2.cpp index 443adad94..9b2304d02 100644 --- a/test/testclientsideencryptionv2.cpp +++ b/test/testclientsideencryptionv2.cpp @@ -192,6 +192,41 @@ private slots: QVERIFY(metadataFromJson->isValid()); } + void testFolderMetadataWithEmptySignatureDecryptFails() + { + QScopedPointer metadata(new FolderMetadata(_account, "/", FolderMetadata::FolderType::Root)); + QSignalSpy metadataSetupCompleteSpy(metadata.data(), &FolderMetadata::setupComplete); + metadataSetupCompleteSpy.wait(); + QCOMPARE(metadataSetupCompleteSpy.count(), 1); + QVERIFY(metadata->isValid()); + + const auto encryptedMetadata = metadata->encryptedMetadata(); + QVERIFY(!encryptedMetadata.isEmpty()); + + const auto signature = metadata->metadataSignature(); + QVERIFY(!signature.isEmpty()); + + auto encryptedMetadataCopy = encryptedMetadata; + encryptedMetadataCopy.replace("\"", "\\\""); + + const QJsonDocument ocsDoc = QJsonDocument::fromJson(QStringLiteral("{\"ocs\": {\"data\": {\"meta-data\": \"%1\"}}}") + .arg(QString::fromUtf8(encryptedMetadataCopy)).toUtf8()); + + const QByteArray emptySignature = {}; + QScopedPointer metadataFromJson(new FolderMetadata(_account, "/", + ocsDoc.toJson(), + RootEncryptedFolderInfo::makeDefault(), + emptySignature)); + + QSignalSpy metadataSetupExistingCompleteSpy(metadataFromJson.data(), &FolderMetadata::setupComplete); + metadataSetupExistingCompleteSpy.wait(); + QCOMPARE(metadataSetupExistingCompleteSpy.count(), 1); + + QVERIFY(metadataFromJson->metadataSignature().isEmpty()); + QVERIFY(metadataFromJson->metadataKeyForDecryption().isEmpty()); + QVERIFY(!metadataFromJson->isValid()); + } + void testE2EeFolderMetadataSharing() { // instantiate empty metadata, add a file, and share with a second user "sharee"