From e7e61824990d55a5abe822229db3b1774b2ff8f1 Mon Sep 17 00:00:00 2001
From: Camila Ayres <hello@camilasan.com>
Date: Tue, 16 Jul 2024 14:56:20 +0200
Subject: [PATCH 1/4] Check if signature is empty.

Signed-off-by: Camila Ayres <hello@camilasan.com>
---
 src/libsync/foldermetadata.cpp | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/libsync/foldermetadata.cpp b/src/libsync/foldermetadata.cpp
index 4374093325244..b30f2a0009c57 100644
--- a/src/libsync/foldermetadata.cpp
+++ b/src/libsync/foldermetadata.cpp
@@ -181,6 +181,11 @@ void FolderMetadata::setupExistingMetadata(const QByteArray &metadata)
         }
     }
 
+    if (_initialSignature.isEmpty()) {
+        qCDebug(lcCseMetadata()) << "Signature is empty";
+        return;
+    }
+
     if (!parseFileDropPart(metaDataDoc)) {
         qCDebug(lcCseMetadata()) << "Could not parse filedrop part";
         return;

From 82c952e68a21550aefe2bb92144ba94f27a93691 Mon Sep 17 00:00:00 2001
From: Camila Ayres <hello@camilasan.com>
Date: Tue, 16 Jul 2024 20:29:07 +0200
Subject: [PATCH 2/4] Add test
 testFolderMetadataWithEmptySignatureDecryptFails.

Signed-off-by: Camila Ayres <hello@camilasan.com>
---
 test/testclientsideencryptionv2.cpp | 35 +++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/test/testclientsideencryptionv2.cpp b/test/testclientsideencryptionv2.cpp
index 3aa3066de02f8..a8d8be646c805 100644
--- a/test/testclientsideencryptionv2.cpp
+++ b/test/testclientsideencryptionv2.cpp
@@ -187,6 +187,41 @@ private slots:
         QVERIFY(metadataFromJson->isValid());
     }
 
+    void testFolderMetadataWithEmptySignatureDecryptFails()
+    {
+        QScopedPointer<FolderMetadata> metadata(new FolderMetadata(_account, "/", FolderMetadata::FolderType::Root));
+        QSignalSpy metadataSetupCompleteSpy(metadata.data(), &FolderMetadata::setupComplete);
+        metadataSetupCompleteSpy.wait();
+        QCOMPARE(metadataSetupCompleteSpy.count(), 1);
+        QVERIFY(metadata->isValid());
+
+        const auto encryptedMetadata = metadata->encryptedMetadata();
+        QVERIFY(!encryptedMetadata.isEmpty());
+
+        const auto signature = metadata->metadataSignature();
+        QVERIFY(!signature.isEmpty());
+
+        auto encryptedMetadataCopy = encryptedMetadata;
+        encryptedMetadataCopy.replace("\"", "\\\"");
+
+        const QJsonDocument ocsDoc = QJsonDocument::fromJson(QStringLiteral("{\"ocs\": {\"data\": {\"meta-data\": \"%1\"}}}")
+                                                           .arg(QString::fromUtf8(encryptedMetadataCopy)).toUtf8());
+
+        const QByteArray emptySignature = {};
+        QScopedPointer<FolderMetadata> metadataFromJson(new FolderMetadata(_account, "/",
+                                                                           ocsDoc.toJson(),
+                                                                           RootEncryptedFolderInfo::makeDefault(),
+                                                                           emptySignature));
+
+        QSignalSpy metadataSetupExistingCompleteSpy(metadataFromJson.data(), &FolderMetadata::setupComplete);
+        metadataSetupExistingCompleteSpy.wait();
+        QCOMPARE(metadataSetupExistingCompleteSpy.count(), 1);
+
+        QVERIFY(metadataFromJson->metadataSignature().isEmpty());
+        QVERIFY(metadataFromJson->metadataKeyForDecryption().isEmpty());
+        QVERIFY(!metadataFromJson->isValid());
+    }
+
     void testE2EeFolderMetadataSharing()
     {
         // instantiate empty metadata, add a file, and share with a second user "sharee"

From 6dea3c1b1a5e12bfa1f1b2f5083be44f32056780 Mon Sep 17 00:00:00 2001
From: Camila Ayres <hello@camilasan.com>
Date: Thu, 26 Sep 2024 19:16:40 +0200
Subject: [PATCH 3/4] Report client status error when signature is empty.

Signed-off-by: Camila Ayres <hello@camilasan.com>
---
 src/libsync/foldermetadata.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/libsync/foldermetadata.cpp b/src/libsync/foldermetadata.cpp
index b30f2a0009c57..ba3294ed518d9 100644
--- a/src/libsync/foldermetadata.cpp
+++ b/src/libsync/foldermetadata.cpp
@@ -183,6 +183,7 @@ void FolderMetadata::setupExistingMetadata(const QByteArray &metadata)
 
     if (_initialSignature.isEmpty()) {
         qCDebug(lcCseMetadata()) << "Signature is empty";
+        _account->reportClientStatus(OCC::ClientStatusReportingStatus::E2EeError_GeneralError);
         return;
     }
 

From 5f190061d7a6f109d5dcc1817a2fb2805bef4489 Mon Sep 17 00:00:00 2001
From: Camila Ayres <hello@camilasan.com>
Date: Mon, 14 Oct 2024 16:36:38 +0200
Subject: [PATCH 4/4] Fail with error before calling folder metada setup when
 received empty signature.

Signed-off-by: Camila Ayres <hello@camilasan.com>
---
 src/libsync/discoveryphase.cpp | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/libsync/discoveryphase.cpp b/src/libsync/discoveryphase.cpp
index 142b4470d9eaf..cb7674ab40f0e 100644
--- a/src/libsync/discoveryphase.cpp
+++ b/src/libsync/discoveryphase.cpp
@@ -695,6 +695,14 @@ void DiscoverySingleDirectoryJob::metadataReceived(const QJsonDocument &json, in
         }
     }
 
+    if (job->signature().isEmpty()) {
+        qCDebug(lcDiscovery) << "Initial signature is empty.";
+        _account->reportClientStatus(OCC::ClientStatusReportingStatus::E2EeError_GeneralError);
+        emit finished(HttpError{0, tr("Encrypted metadata setup error: initial signature from server is empty.")});
+        deleteLater();
+        return;
+    }
+
     const auto e2EeFolderMetadata = new FolderMetadata(_account,
                                                  _remoteRootFolderPath,
                                                  statusCode == 404 ? QByteArray{} : json.toJson(QJsonDocument::Compact),