Do not call exit in library code

Check for a failure in all callers. Signed-off-by: Christian Göttsche <[email protected]>
nextcloud · Oct 23, 2024 · c79d804 · c79d804
1 parent 31d0bdb
commit c79d804
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 9 deletions.
diff --git a/src/libsync/clientsideencryption.cpp b/src/libsync/clientsideencryption.cpp
@@ -703,41 +703,41 @@ QByteArray encryptStringAsymmetric(EVP_PKEY *publicKey, const QByteArray& data)
     auto ctx = PKeyCtx::forKey(publicKey, ENGINE_get_default_RSA());
     if (!ctx) {
         qCInfo(lcCse()) << "Could not initialize the pkey context.";
-        exit(1);
+        return {};
     }
 
     if (EVP_PKEY_encrypt_init(ctx) != 1) {
         qCInfo(lcCse()) << "Error initilaizing the encryption.";
-        exit(1);
+        return {};
     }
 
     if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0) {
         qCInfo(lcCse()) << "Error setting the encryption padding.";
-        exit(1);
+        return {};
     }
 
     if (EVP_PKEY_CTX_set_rsa_oaep_md(ctx, EVP_sha256()) <= 0) {
         qCInfo(lcCse()) << "Error setting OAEP SHA 256";
-        exit(1);
+        return {};
     }
 
     if (EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, EVP_sha256()) <= 0) {
         qCInfo(lcCse()) << "Error setting MGF1 padding";
-        exit(1);
+        return {};
     }
 
     size_t outLen = 0;
     if (EVP_PKEY_encrypt(ctx, nullptr, &outLen, (unsigned char *)data.constData(), data.size()) != 1) {
         qCInfo(lcCse()) << "Error retrieving the size of the encrypted data";
-        exit(1);
+        return {};
     } else {
         qCInfo(lcCse()) << "Encryption Length:" << outLen;
     }
 
     QByteArray out(static_cast<int>(outLen), '\0');
     if (EVP_PKEY_encrypt(ctx, unsignedData(out), &outLen, (unsigned char *)data.constData(), data.size()) != 1) {
         qCInfo(lcCse()) << "Could not encrypt key." << err;
-        exit(1);
+        return {};
     }
 
     qCInfo(lcCse()) << out.toBase64();
@@ -816,6 +816,10 @@ bool ClientSideEncryption::checkPublicKeyValidity(const AccountPtr &account) con
     auto publicKey = PKey::readPublicKey(publicKeyBio);
 
     auto encryptedData = EncryptionHelper::encryptStringAsymmetric(publicKey, data.toBase64());
+    if (encryptedData.isEmpty()) {
+        qCInfo(lcCse()) << "encryption failed";
+        return false;
+    }
 
     Bio privateKeyBio;
     QByteArray privateKeyPem = account->e2e()->_privateKey;

diff --git a/src/libsync/clientsideencryptionjobs.cpp b/src/libsync/clientsideencryptionjobs.cpp
@@ -366,7 +366,9 @@ bool LockEncryptFolderApiJob::finished()
 
     if (!_publicKey.isNull()) {
         const auto folderTokenEncrypted = EncryptionHelper::encryptStringAsymmetric(_publicKey, token);
-        _journalDb->setE2EeLockedFolder(_fileId, folderTokenEncrypted);
+        if (!folderTokenEncrypted.isEmpty()) {
+            _journalDb->setE2EeLockedFolder(_fileId, folderTokenEncrypted);
+        }
     }
 
     //TODO: Parse the token and submit.

diff --git a/src/libsync/foldermetadata.cpp b/src/libsync/foldermetadata.cpp
@@ -704,6 +704,11 @@ QByteArray FolderMetadata::encryptedMetadataLegacy()
     const auto version = _account->capabilities().clientSideEncryptionVersion();
     // multiple toBase64() just to keep with the old (wrong way)
     const auto encryptedMetadataKey = encryptDataWithPublicKey(metadataKeyForEncryption().toBase64().toBase64(), _account->e2e()->_publicKey).toBase64();
+    if (encryptedMetadataKey.isEmpty()) {
+        qCDebug(lcCseMetadata) << "Metadata generation failed! Encryption failed!";
+        _account->reportClientStatus(OCC::ClientStatusReportingStatus::E2EeError_GeneralError);
+        return {};
+    }
     const QJsonObject metadata{
         {versionKey, version},
         {metadataKeyKey, QJsonValue::fromVariant(encryptedMetadataKey)},
@@ -1049,10 +1054,16 @@ bool FolderMetadata::addUser(const QString &userId, const QSslCertificate &certi
     }
 
     createNewMetadataKeyForEncryption();
+    const auto encryptedKey = encryptDataWithPublicKey(metadataKeyForEncryption(), certificatePublicKey);
+    if (encryptedKey.isEmpty()) {
+        qCWarning(lcCseMetadata()) << "Could not add a folder user. Encryption failure.";
+        return false;
+    }
+
     UserWithFolderAccess newFolderUser;
     newFolderUser.userId = userId;
     newFolderUser.certificatePem = certificate.toPem();
-    newFolderUser.encryptedMetadataKey = encryptDataWithPublicKey(metadataKeyForEncryption(), certificatePublicKey);
+    newFolderUser.encryptedMetadataKey = encryptedKey;
     _folderUsers[userId] = newFolderUser;
     updateUsersEncryptedMetadataKey();