From a1b37845a81fe4562fa85d4a17877203fcf7959d Mon Sep 17 00:00:00 2001
From: Andrew Nicols <andrew@nicols.co.uk>
Date: Tue, 9 May 2023 12:35:00 +0800
Subject: [PATCH] MDL-78072 core: Skip mobile encryption if Sodium is not
 available

---
 .../airnotifier/message_output_airnotifier.php     | 14 ++++++++------
 user/tests/devicekey_test.php                      |  2 ++
 .../update_user_device_public_key_test.php         |  1 +
 3 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/message/output/airnotifier/message_output_airnotifier.php b/message/output/airnotifier/message_output_airnotifier.php
index 677dbaf1ff2..7ad19b36c2a 100644
--- a/message/output/airnotifier/message_output_airnotifier.php
+++ b/message/output/airnotifier/message_output_airnotifier.php
@@ -24,7 +24,6 @@
  * @since Moodle 2.7
  */
 
-
 require_once($CFG->dirroot . '/message/output/lib.php');
 
 /**
@@ -109,6 +108,8 @@ class message_output_airnotifier extends message_output {
         // We are sending to message to all devices.
         $airnotifiermanager = new message_airnotifier_manager();
         $devicetokens = $airnotifiermanager->get_user_devices($CFG->airnotifiermobileappname, $eventdata->userto->id);
+        $skipsend = $encryptnotifications && $encryptprocessing == message_airnotifier_manager::ENCRYPT_UNSUPPORTED_NOT_SEND;
+        $encryptionavailable = \core\encryption::is_sodium_installed();
 
         foreach ($devicetokens as $devicetoken) {
             if (!$devicetoken->enable) {
@@ -116,10 +117,11 @@ class message_output_airnotifier extends message_output {
             }
 
             // Check if we should skip sending the notification.
-            if ($encryptnotifications && empty($devicetoken->publickey) &&
-                    $encryptprocessing == message_airnotifier_manager::ENCRYPT_UNSUPPORTED_NOT_SEND) {
-
-                continue;   // Avoid sending notifications to devices not supporting encryption.
+            if ($skipsend) {
+                // If encryption is not available, do not send notifications.
+                if (!$encryptionavailable || ($encryptnotifications && empty($devicetoken->publickey))) {
+                    continue;
+                }
             }
 
             // Sending the message to the device.
@@ -173,7 +175,7 @@ class message_output_airnotifier extends message_output {
             return $payload;
         }
 
-        if (empty($devicetoken->publickey)) {
+        if (empty($devicetoken->publickey)|| !\core\encryption::is_sodium_installed()) {
             $payload->encrypted = false;
             return $payload;
         }
diff --git a/user/tests/devicekey_test.php b/user/tests/devicekey_test.php
index 337a01280f8..17328257bf6 100644
--- a/user/tests/devicekey_test.php
+++ b/user/tests/devicekey_test.php
@@ -23,8 +23,10 @@ use stdClass;
  *
  * @package core_user
  * @covers \core_user\devicekey
+ * @requires extension sodium
  */
 class devicekey_test extends \advanced_testcase {
+
     /**
      * Helper to create a device record.
      *
diff --git a/user/tests/external/update_user_device_public_key_test.php b/user/tests/external/update_user_device_public_key_test.php
index 7efb54663f1..1b21c364811 100644
--- a/user/tests/external/update_user_device_public_key_test.php
+++ b/user/tests/external/update_user_device_public_key_test.php
@@ -29,6 +29,7 @@ use stdClass;
  *
  * @package core_user
  * @covers \core_user\external\update_user_device_public_key
+ * @requires extension sodium
  */
 class update_user_device_public_key_test extends \advanced_testcase {
     /**