Skip to content

Commit 347f7bf

Browse files
paragonie-scottparagonie-scott
committed
Sync with defuse/php-encryption changes
1 parent 439ced4 commit 347f7bf

File tree

4 files changed

+20
-35
lines changed

4 files changed

+20
-35
lines changed

autoload.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,3 +35,5 @@
3535
require $file;
3636
}
3737
});
38+
39+
require_once __DIR__ . '/vendor/autoload.php';

composer.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -29,8 +29,8 @@
2929
},
3030
"require": {
3131
"defuse/php-encryption": "^2.0",
32-
"paragonie/random_compat": "^1.2",
33-
"paragonie/constant_time_encoding": "^0.3"
32+
"paragonie/random_compat": "^1|^2",
33+
"paragonie/constant_time_encoding": "^1|^2"
3434
},
3535
"require-dev": {
3636
"defuse/php-encryption": "^2.0"

src/PasswordLock.php

Lines changed: 12 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
use \Defuse\Crypto\Crypto;
55
use \Defuse\Crypto\Key;
66
use \ParagonIE\ConstantTime\Base64;
7+
use \ParagonIE\ConstantTime\Binary;
78

89
class PasswordLock
910
{
@@ -14,6 +15,7 @@ class PasswordLock
1415
* @param string $password
1516
* @param Key $aesKey
1617
* @return string
18+
* @throws \Exception
1719
*/
1820
public static function hashAndEncrypt($password, Key $aesKey)
1921
{
@@ -40,7 +42,9 @@ public static function hashAndEncrypt($password, Key $aesKey)
4042
* @param string $password
4143
* @param string $ciphertext
4244
* @param string $aesKey - must be exactly 16 bytes
43-
* @return boolean
45+
* @return bool
46+
* @throws \Exception
47+
* @throws \InvalidArgumentException
4448
*/
4549
public static function decryptAndVerifyLegacy($password, $ciphertext, $aesKey)
4650
{
@@ -49,7 +53,7 @@ public static function decryptAndVerifyLegacy($password, $ciphertext, $aesKey)
4953
'Password must be a string.'
5054
);
5155
}
52-
if (self::safeStrlen($aesKey) !== 16) {
56+
if (Binary::safeStrlen($aesKey) !== 16) {
5357
throw new \Exception("Encryption keys must be 16 bytes long");
5458
}
5559
$hash = Crypto::legacyDecrypt(
@@ -71,7 +75,9 @@ public static function decryptAndVerifyLegacy($password, $ciphertext, $aesKey)
7175
* @param string $password
7276
* @param string $ciphertext
7377
* @param Key $aesKey
74-
* @return boolean
78+
* @return bool
79+
* @throws \Exception
80+
* @throws \InvalidArgumentException
7581
*/
7682
public static function decryptAndVerify($password, $ciphertext, Key $aesKey)
7783
{
@@ -85,9 +91,6 @@ public static function decryptAndVerify($password, $ciphertext, Key $aesKey)
8591
'Ciphertext must be a string.'
8692
);
8793
}
88-
if (self::safeStrlen($aesKey) !== 32) {
89-
throw new \Exception("Encryption keys must be 32 bytes long");
90-
}
9194
$hash = Crypto::decrypt(
9295
$ciphertext,
9396
$aesKey
@@ -119,9 +122,10 @@ public static function rotateKey($ciphertext, Key $oldKey, Key $newKey)
119122
*
120123
* @param string $password
121124
* @param string $ciphertext
122-
* @param sring $oldKey
125+
* @param string $oldKey
123126
* @param Key $newKey
124127
* @return string
128+
* @throws \Exception
125129
*/
126130
public static function upgradeFromVersion1(
127131
$password,
@@ -135,24 +139,6 @@ public static function upgradeFromVersion1(
135139
);
136140
}
137141
$plaintext = Crypto::legacyDecrypt($ciphertext, $oldKey);
138-
return self::hashAndEncrypt($password, $newKey);
139-
}
140-
141-
/**
142-
* Don't count characters, count the number of bytes
143-
*
144-
* @param string
145-
* @return int
146-
*/
147-
protected static function safeStrlen($str)
148-
{
149-
static $exists = null;
150-
if ($exists === null) {
151-
$exists = \function_exists('\\mb_strlen');
152-
}
153-
if ($exists) {
154-
return \mb_strlen($str, '8bit');
155-
}
156-
return \strlen($str);
142+
return self::hashAndEncrypt($plaintext, $newKey);
157143
}
158144
}

tests/PasswordLockTest.php

Lines changed: 4 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -8,9 +8,8 @@ class PasswordLockTest extends PHPUnit_Framework_TestCase
88
{
99
public function testHash()
1010
{
11-
$key = \Defuse\Crypto\Key::LoadFromAsciiSafeString(
12-
\hex2bin('0102030405060708090a0b0c0d0e0f10')
13-
);
11+
$key = \Defuse\Crypto\Key::createNewRandomKey();
12+
1413
$password = PasswordLock::hashAndEncrypt('YELLOW SUBMARINE', $key);
1514

1615
$this->assertTrue(
@@ -23,13 +22,11 @@ public function testHash()
2322
}
2423

2524
/**
26-
* @expectedException \Defuse\Crypto\Exception\InvalidCiphertext
25+
* @expectedException \Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException
2726
*/
2827
public function testBitflip()
2928
{
30-
$key = \Defuse\Crypto\Key::LoadFromAsciiSafeString(
31-
\hex2bin('0102030405060708090a0b0c0d0e0f10')
32-
);
29+
$key = \Defuse\Crypto\Key::createNewRandomKey();
3330
$password = PasswordLock::hashAndEncrypt('YELLOW SUBMARINE', $key);
3431
$password[0] = (\ord($password[0]) === 0 ? 255 : 0);
3532

0 commit comments

Comments
 (0)