Merge pull request #16926 from nextcloud/feat/delete-e2ee-files-and-credentials

feat(e2ee): add debug deletion

Author: alperozturk96

app/src/androidTest/java/com/owncloud/android/operations/DeleteE2ERemoteOperationIT.kt

@@ -0,0 +1,63 @@
+/*
+ * Nextcloud - Android Client
+ *
+ * SPDX-FileCopyrightText: 2026 Alper Ozturk <alper.ozturk@nextcloud.com>
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+package com.owncloud.android.operations
+
+import com.owncloud.android.AbstractOnServerIT
+import com.owncloud.android.lib.resources.e2ee.DeleteEncryptedFilesRemoteOperation
+import com.owncloud.android.lib.resources.users.DeletePrivateKeyRemoteOperation
+import com.owncloud.android.lib.resources.users.DeletePublicKeyRemoteOperation
+import com.owncloud.android.lib.resources.users.GetPrivateKeyRemoteOperation
+import com.owncloud.android.lib.resources.users.GetPublicKeyRemoteOperation
+import com.owncloud.android.lib.resources.users.StorePrivateKeyRemoteOperation
+import com.owncloud.android.utils.EncryptionUtils
+import com.owncloud.android.utils.crypto.CryptoHelper
+import org.junit.Assert.assertFalse
+import org.junit.Assert.assertTrue
+import org.junit.Test
+
+class DeleteE2ERemoteOperationIT : AbstractOnServerIT() {
+
+    @Test
+    fun testDeleteEncryptedFiles() {
+        val sut = DeleteEncryptedFilesRemoteOperation()
+        val result = sut.execute(nextcloudClient)
+        assertTrue(result.isSuccess)
+    }
+
+    @Test
+    fun testDeletePrivateKey() {
+        val keyPair = EncryptionUtils.generateKeyPair()
+        val privateKey = keyPair.private
+        val keyPhrase = "moreovertelevisionfactorytendencyindependenceinternationalintellectualimpress" +
+            "interestvolunteer"
+        val privatePemKeyString = EncryptionUtils.privateKeyToPEM(privateKey)
+        val encryptedPrivateKey = CryptoHelper.encryptPrivateKey(
+            privatePemKeyString,
+            keyPhrase
+        )
+
+        StorePrivateKeyRemoteOperation(encryptedPrivateKey).execute(nextcloudClient)
+
+        val sut = DeletePrivateKeyRemoteOperation()
+        val result = sut.execute(nextcloudClient)
+        assertTrue(result.isSuccess)
+
+        val getResult = GetPrivateKeyRemoteOperation().execute(nextcloudClient)
+        assertFalse(getResult.isSuccess)
+    }
+
+    @Test
+    fun testDeletePublicKey() {
+        val sut = DeletePublicKeyRemoteOperation()
+        val result = sut.execute(nextcloudClient)
+        assertTrue(result.isSuccess)
+
+        val getResult = GetPublicKeyRemoteOperation().execute(nextcloudClient)
+        assertFalse(getResult.isSuccess)
+    }
+}

app/src/main/java/com/owncloud/android/operations/e2e/E2EDeletionService.kt

@@ -0,0 +1,79 @@
+/*
+ * Nextcloud - Android Client
+ *
+ * SPDX-FileCopyrightText: 2026 Alper Ozturk <alper.ozturk@nextcloud.com>
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+package com.owncloud.android.operations.e2e
+
+import android.content.Context
+import android.os.Handler
+import android.os.Looper
+import android.util.Log
+import com.google.android.material.dialog.MaterialAlertDialogBuilder
+import com.nextcloud.client.account.User
+import com.nextcloud.client.network.ClientFactory
+import com.owncloud.android.R
+import com.owncloud.android.lib.common.utils.Log_OC
+import com.owncloud.android.lib.resources.e2ee.DeleteEncryptedFilesRemoteOperation
+import com.owncloud.android.lib.resources.users.DeletePrivateKeyRemoteOperation
+import com.owncloud.android.lib.resources.users.DeletePublicKeyRemoteOperation
+
+@Suppress("MagicNumber")
+class E2EDeletionService(private val clientFactory: ClientFactory) {
+    private val mainHandler = Handler(Looper.getMainLooper())
+
+    fun showRemoveE2EKeysAndFilesAlertDialog(context: Context, user: User, onResult: (Boolean) -> Unit) {
+        MaterialAlertDialogBuilder(context, R.style.FallbackTheming_Dialog)
+            .setTitle(R.string.prefs_remove_e2e_keys_and_files)
+            .setMessage(R.string.remove_e2e_keys_and_files_dialog_warning)
+            .setCancelable(true)
+            .setNegativeButton(R.string.common_cancel) { dialog, _ -> dialog.dismiss() }
+            .setPositiveButton(R.string.common_ok) { dialog, _ ->
+                deleteKeysAndFiles(user) {
+                    dialog.dismiss()
+                    onResult(it)
+                }
+            }
+            .show()
+    }
+
+    private fun deleteKeysAndFiles(user: User, onResult: (Boolean) -> Unit) {
+        Thread {
+            val result = runCatching {
+                val client = clientFactory.createNextcloudClient(user)
+                var successfulOperationResultCount = 3
+
+                if (!DeletePrivateKeyRemoteOperation().execute(client).isSuccess) {
+                    successfulOperationResultCount -= 1
+                }
+
+                Log_OC.i(TAG, "🔑" + "private key is deleted")
+
+                if (!DeletePublicKeyRemoteOperation().execute(client).isSuccess) {
+                    successfulOperationResultCount -= 1
+                }
+
+                Log_OC.i(TAG, "🗝" + "public key is deleted")
+
+                if (!DeleteEncryptedFilesRemoteOperation().execute(client).isSuccess) {
+                    successfulOperationResultCount -= 1
+                }
+
+                Log_OC.i(TAG, "🗂️" + "encrypted files are deleted")
+
+                successfulOperationResultCount == 3
+            }.getOrElse { e ->
+                Log.e(TAG, "Cannot delete E2E keys and files", e)
+                false
+            }
+
+            mainHandler.post { onResult(result) }
+        }.start()
+    }
+
+    companion object {
+        private val TAG = E2EDeletionService::class.java.simpleName
+    }
+}

app/src/main/java/com/owncloud/android/ui/activity/SettingsActivity.java

@@ -54,6 +54,7 @@
 import com.nextcloud.client.preferences.DarkMode;
 import com.nextcloud.utils.extensions.ContextExtensionsKt;
 import com.nextcloud.utils.mdm.MDMConfig;
+import com.owncloud.android.BuildConfig;
 import com.owncloud.android.MainApp;
 import com.owncloud.android.R;
 import com.owncloud.android.authentication.AuthenticatorActivity;
@@ -63,6 +64,7 @@
 import com.owncloud.android.lib.common.ExternalLink;
 import com.owncloud.android.lib.common.ExternalLinkType;
 import com.owncloud.android.lib.common.utils.Log_OC;
+import com.owncloud.android.operations.e2e.E2EDeletionService;
 import com.owncloud.android.providers.DocumentsStorageProvider;
 import com.owncloud.android.ui.ThemeableSwitchPreference;
 import com.owncloud.android.ui.asynctasks.LoadingVersionNumberTask;
@@ -78,7 +80,6 @@
 import com.owncloud.android.utils.theme.CapabilityUtils;
 import com.owncloud.android.utils.theme.ViewThemeUtils;
 
-import java.util.List;
 import java.util.Objects;
 
 import javax.inject.Inject;
@@ -91,7 +92,6 @@
 import androidx.core.content.ContextCompat;
 import androidx.core.content.res.ResourcesCompat;
 import kotlin.Unit;
-import kotlin.jvm.functions.Function1;
 
 import static com.owncloud.android.ui.activity.DrawerActivity.REQ_ALL_FILES_ACCESS;
 
@@ -138,6 +138,8 @@ public class SettingsActivity extends PreferenceActivity
     private String storagePath;
     private String pendingLock;
 
+    private E2EDeletionService e2EDeletionService;
+
     private User user;
     @Inject ArbitraryDataProvider arbitraryDataProvider;
     @Inject AppPreferences preferences;
@@ -164,6 +166,7 @@ public void onCreate(Bundle savedInstanceState) {
         PreferenceScreen preferenceScreen = (PreferenceScreen) findPreference("preference_screen");
 
         user = accountManager.getUser();
+        e2EDeletionService = new E2EDeletionService(clientFactory);
 
         // retrieve user's base uri
         setupBaseUri();
@@ -368,6 +371,8 @@ private void setupMoreCategory() {
 
         removeE2E(preferenceCategoryMore);
 
+        removeE2EFilesAndKeys(preferenceCategoryMore);
+
         setupHelpPreference(preferenceCategoryMore);
 
         setupRecommendPreference(preferenceCategoryMore);
@@ -537,6 +542,46 @@ private void removeE2E(PreferenceCategory preferenceCategoryMore) {
         }
     }
 
+    private void removeE2EFilesAndKeys(PreferenceCategory preferenceCategoryMore) {
+        if (BuildConfig.DEBUG) {
+            Preference removeKeysAndFilesPreference = findPreference("remove_e2e_files_and_keys");
+            if (removeKeysAndFilesPreference != null) {
+                if (!FileOperationsHelper.isEndToEndEncryptionSetup(this, user)) {
+                    preferenceCategoryMore.removePreference(removeKeysAndFilesPreference);
+                } else {
+                    removeKeysAndFilesPreference.setOnPreferenceClickListener(p -> {
+                        showRemoveE2EKeysAndFilesAlertDialog(preferenceCategoryMore, removeKeysAndFilesPreference);
+                        return true;
+                    });
+                }
+            }
+        }
+    }
+
+    private void showRemoveE2EKeysAndFilesAlertDialog(PreferenceCategory preferenceCategoryMore, Preference preference) {
+        if (e2EDeletionService == null) {
+            return;
+        }
+
+        e2EDeletionService.showRemoveE2EKeysAndFilesAlertDialog(this, user, success -> {
+            if (success) {
+                EncryptionUtils.removeE2E(arbitraryDataProvider, user);
+                preferenceCategoryMore.removePreference(preference);
+
+                Preference pMnemonic = findPreference("mnemonic");
+                if (pMnemonic != null) {
+                    preferenceCategoryMore.removePreference(pMnemonic);
+                }
+
+                Preference pRemoveE2E = findPreference("remove_e2e");
+                if (pRemoveE2E != null) {
+                    preferenceCategoryMore.removePreference(pRemoveE2E);
+                }
+            }
+            return Unit.INSTANCE;
+        });
+    }
+
     private void showRemoveE2EAlertDialog(PreferenceCategory preferenceCategoryMore, Preference preference) {
         new MaterialAlertDialogBuilder(this, R.style.FallbackTheming_Dialog)
             .setTitle(R.string.prefs_e2e_mnemonic)

app/src/main/java/com/owncloud/android/utils/EncryptionUtils.java

@@ -17,6 +17,7 @@
 import com.google.gson.GsonBuilder;
 import com.google.gson.reflect.TypeToken;
 import com.nextcloud.client.account.User;
+import com.nextcloud.common.SessionTimeOutKt;
 import com.nextcloud.utils.e2ee.E2EVersionHelper;
 import com.owncloud.android.R;
 import com.owncloud.android.datamodel.ArbitraryDataProvider;
@@ -42,7 +43,6 @@
 import com.owncloud.android.lib.resources.e2ee.StoreMetadataRemoteOperation;
 import com.owncloud.android.lib.resources.e2ee.StoreMetadataV2RemoteOperation;
 import com.owncloud.android.lib.resources.e2ee.UnlockFileRemoteOperation;
-import com.owncloud.android.lib.resources.e2ee.UnlockFileV1RemoteOperation;
 import com.owncloud.android.lib.resources.e2ee.UpdateMetadataRemoteOperation;
 import com.owncloud.android.lib.resources.e2ee.UpdateMetadataV2RemoteOperation;
 import com.owncloud.android.lib.resources.files.model.ServerFileInterface;
@@ -1166,7 +1166,8 @@ public static String lockFolder(ServerFileInterface parentFile, OwnCloudClient c
     public static String lockFolder(ServerFileInterface parentFile, OwnCloudClient client, long counter) throws UploadException {
         // Lock folder
         LockFileRemoteOperation lockFileOperation = new LockFileRemoteOperation(parentFile.getLocalId(),
-                                                                                counter);
+                                                                                counter,
+                                                                                SessionTimeOutKt.getDefaultSessionTimeOut());
         RemoteOperationResult<String> lockFileOperationResult = lockFileOperation.execute(client);
 
         if (lockFileOperationResult.isSuccess() &&
@@ -1366,7 +1367,7 @@ public static RemoteOperationResult<Void> unlockFolder(ServerFileInterface paren
 
     public static RemoteOperationResult<Void> unlockFolderV1(ServerFileInterface parentFolder, OwnCloudClient client, String token) {
         if (token != null) {
-            return new UnlockFileV1RemoteOperation(parentFolder.getLocalId(), token).execute(client);
+            return new UnlockFileRemoteOperation(parentFolder.getLocalId(), token, SessionTimeOutKt.getDefaultSessionTimeOut(), false).execute(client);
         } else {
             return new RemoteOperationResult<>(new Exception("No token available"));
         }

app/src/main/res/values/strings.xml

@@ -1384,7 +1384,9 @@
     <string name="internet_connection_required_for_encrypted_folder_setup">An internet connection is required to set up the encrypted folder</string>
     <string name="prefs_setup_e2e">Set up end-to-end encryption</string>
     <string name="prefs_e2e_active">End-to-end encryption is set up!</string>
+    <string name="prefs_remove_e2e_keys_and_files">Remove encrypted files and keys</string>
     <string name="prefs_remove_e2e">Remove encryption locally</string>
+    <string name="remove_e2e_keys_and_files_dialog_warning">This operation will remove all encrypted files, private and public keys. Are you sure?</string>
     <string name="remove_e2e">You can remove end-to-end encryption locally on this client</string>
     <string name="confirm_removal">Remove local encryption</string>
     <string name="remove_e2e_message">You can remove end-to-end encryption locally on this client. The encrypted files will remain on server, but will not be synced to this computer any longer.</string>

app/src/main/res/xml/preferences.xml

@@ -113,6 +113,9 @@
             android:title="@string/prefs_remove_e2e"
             android:key="remove_e2e"
             android:summary="@string/remove_e2e" />
+        <Preference
+            android:title="@string/prefs_remove_e2e_keys_and_files"
+            android:key="remove_e2e_files_and_keys" />
 
         <Preference
             android:title="@string/prefs_help"

gradle/libs.versions.toml

@@ -5,7 +5,7 @@
 androidCommonLibraryVersion = "0.33.2"
 androidGifDrawableVersion = "1.2.31"
 androidImageCropperVersion = "4.7.0"
-androidLibraryVersion ="313455ebde7ed7b8ad7488d126c7024ceb00c99d"
+androidLibraryVersion ="3e61a5e3ef7a2bb7b3182944922bdf95c6201d11"
 androidPluginVersion = "9.2.0"
 androidsvgVersion = "1.4"
 androidxMediaVersion = "1.5.1"

gradle/verification-metadata.xml

@@ -21102,6 +21102,14 @@
             <sha256 value="69722898d31a3a5ad32cc372f2a14a057902c75bd14019570cbfc221a67fc52c" origin="Generated by Gradle" reason="Artifact is not signed"/>
          </artifact>
       </component>
+      <component group="com.github.nextcloud" name="android-library" version="3c4d9d6">
+         <artifact name="android-library-3c4d9d6.aar">
+            <sha256 value="24093678fe62d18725875dba92603e92e47013844b7d67cb5c83116f78af65c4" origin="Generated by Gradle" reason="Artifact is not signed"/>
+         </artifact>
+         <artifact name="android-library-3c4d9d6.module">
+            <sha256 value="9e53f9f1a8a4c84165d8f408febe67c80a0591791730ef70ea97ba60d1eb586d" origin="Generated by Gradle" reason="Artifact is not signed"/>
+         </artifact>
+      </component>
       <component group="com.github.nextcloud" name="android-library" version="3d422b28376339c0fbd772e480dbbdc56b7ae1a1">
          <artifact name="android-library-3d422b28376339c0fbd772e480dbbdc56b7ae1a1.aar">
             <sha256 value="58debdb6fecf8f254f38bed011ea4849405017679c7978755e2a004031b3f69e" origin="Generated by Gradle" reason="Artifact is not signed"/>
@@ -21118,6 +21126,14 @@
             <sha256 value="532080a02f0443bef7dc09d3ff484e1b9fa6ba2ca5070a0e7b44b04c4ce7475c" origin="Generated by Gradle"/>
          </artifact>
       </component>
+      <component group="com.github.nextcloud" name="android-library" version="3e61a5e3ef7a2bb7b3182944922bdf95c6201d11">
+         <artifact name="android-library-3e61a5e3ef7a2bb7b3182944922bdf95c6201d11.aar">
+            <sha256 value="2fbe1710b99ab094a4a0c7d1fb6cb32241dfc78188af994fd1ea6e214a754d84" origin="Generated by Gradle" reason="Artifact is not signed"/>
+         </artifact>
+         <artifact name="android-library-3e61a5e3ef7a2bb7b3182944922bdf95c6201d11.module">
+            <sha256 value="14f4defbcd583fbb339f5296f96e5e54455d1855761c48385a6438c828a86488" origin="Generated by Gradle" reason="Artifact is not signed"/>
+         </artifact>
+      </component>
       <component group="com.github.nextcloud" name="android-library" version="3ff8fea794d165afc1b3be698ad04bdee59e37c1">
          <artifact name="android-library-3ff8fea794d165afc1b3be698ad04bdee59e37c1.aar">
             <sha256 value="43888bc29328b621703ca813bee857853e41af6979aeaa44578beef2477ce314" origin="Generated by Gradle" reason="Artifact is not signed"/>
@@ -21558,6 +21574,14 @@
             <sha256 value="c310576fd498cdc27dbcbf15532d78cd3c9cca1e30708b7e23001b7d53633d15" origin="Generated by Gradle" reason="Artifact is not signed"/>
          </artifact>
       </component>
+      <component group="com.github.nextcloud" name="android-library" version="a1fb1a12a2">
+         <artifact name="android-library-a1fb1a12a2.aar">
+            <sha256 value="b4a99e1d80a646f6d8c7d9fa525be60661dcb3f766aae69ba29d5c6aeb42d9f3" origin="Generated by Gradle" reason="Artifact is not signed"/>
+         </artifact>
+         <artifact name="android-library-a1fb1a12a2.module">
+            <sha256 value="196c709cd6ad27ee6b27efb70ef3301a630552f76b5591d7e31784488214c340" origin="Generated by Gradle" reason="Artifact is not signed"/>
+         </artifact>
+      </component>
       <component group="com.github.nextcloud" name="android-library" version="a4d86ef9d1">
          <artifact name="android-library-a4d86ef9d1.aar">
             <sha256 value="c6c70775d49d935e7691f43fee0ff51c2c0df03c041fd75da92cf1f0df1385a7" origin="Generated by Gradle" reason="Artifact is not signed"/>