Use DI
This commit is contained in:
parent
d26a9c3c58
commit
3329e0f2b2
|
@ -12,7 +12,9 @@ namespace OC\Security;
|
||||||
use Crypt_AES;
|
use Crypt_AES;
|
||||||
use Crypt_Hash;
|
use Crypt_Hash;
|
||||||
use OCP\Security\ICrypto;
|
use OCP\Security\ICrypto;
|
||||||
|
use OCP\Security\ISecureRandom;
|
||||||
use OCP\Security\StringUtils;
|
use OCP\Security\StringUtils;
|
||||||
|
use OCP\IConfig;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class Crypto provides a high-level encryption layer using AES-CBC. If no key has been provided
|
* Class Crypto provides a high-level encryption layer using AES-CBC. If no key has been provided
|
||||||
|
@ -29,9 +31,15 @@ class Crypto implements ICrypto {
|
||||||
private $cipher;
|
private $cipher;
|
||||||
/** @var int */
|
/** @var int */
|
||||||
private $ivLength = 16;
|
private $ivLength = 16;
|
||||||
|
/** @var IConfig */
|
||||||
|
private $config;
|
||||||
|
/** @var ISecureRandom */
|
||||||
|
private $random;
|
||||||
|
|
||||||
function __construct() {
|
function __construct(IConfig $config, ISecureRandom $random) {
|
||||||
$this->cipher = new Crypt_AES();
|
$this->cipher = new Crypt_AES();
|
||||||
|
$this->config = $config;
|
||||||
|
$this->random = $random;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -41,7 +49,7 @@ class Crypto implements ICrypto {
|
||||||
*/
|
*/
|
||||||
public function calculateHMAC($message, $password = '') {
|
public function calculateHMAC($message, $password = '') {
|
||||||
if($password === '') {
|
if($password === '') {
|
||||||
$password = \OC::$server->getConfig()->getSystemValue('secret');
|
$password = $this->config->getSystemValue('secret');
|
||||||
}
|
}
|
||||||
|
|
||||||
$hash = new Crypt_Hash('sha512');
|
$hash = new Crypt_Hash('sha512');
|
||||||
|
@ -57,11 +65,11 @@ class Crypto implements ICrypto {
|
||||||
*/
|
*/
|
||||||
public function encrypt($plaintext, $password = '') {
|
public function encrypt($plaintext, $password = '') {
|
||||||
if($password === '') {
|
if($password === '') {
|
||||||
$password = \OC::$server->getConfig()->getSystemValue('secret');
|
$password = $this->config->getSystemValue('secret');
|
||||||
}
|
}
|
||||||
$this->cipher->setPassword($password);
|
$this->cipher->setPassword($password);
|
||||||
|
|
||||||
$iv = \OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate($this->ivLength);
|
$iv = $this->random->getLowStrengthGenerator()->generate($this->ivLength);
|
||||||
$this->cipher->setIV($iv);
|
$this->cipher->setIV($iv);
|
||||||
|
|
||||||
$ciphertext = bin2hex($this->cipher->encrypt($plaintext));
|
$ciphertext = bin2hex($this->cipher->encrypt($plaintext));
|
||||||
|
@ -79,7 +87,7 @@ class Crypto implements ICrypto {
|
||||||
*/
|
*/
|
||||||
public function decrypt($authenticatedCiphertext, $password = '') {
|
public function decrypt($authenticatedCiphertext, $password = '') {
|
||||||
if($password === '') {
|
if($password === '') {
|
||||||
$password = \OC::$server->getConfig()->getSystemValue('secret');
|
$password = $this->config->getSystemValue('secret');
|
||||||
}
|
}
|
||||||
$this->cipher->setPassword($password);
|
$this->cipher->setPassword($password);
|
||||||
|
|
||||||
|
|
|
@ -205,7 +205,7 @@ class Server extends SimpleContainer implements IServerContainer {
|
||||||
return new SecureRandom();
|
return new SecureRandom();
|
||||||
});
|
});
|
||||||
$this->registerService('Crypto', function($c) {
|
$this->registerService('Crypto', function($c) {
|
||||||
return new Crypto();
|
return new Crypto(\OC::$server->getConfig(), \OC::$server->getSecureRandom());
|
||||||
});
|
});
|
||||||
$this->registerService('Db', function ($c) {
|
$this->registerService('Db', function ($c) {
|
||||||
return new Db();
|
return new Db();
|
||||||
|
|
|
@ -12,7 +12,7 @@ class CryptoTest extends \PHPUnit_Framework_TestCase {
|
||||||
|
|
||||||
function testDefaultEncrypt() {
|
function testDefaultEncrypt() {
|
||||||
$stringToEncrypt = 'Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt.';
|
$stringToEncrypt = 'Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt.';
|
||||||
$crypto = new Crypto();
|
$crypto = new Crypto(\OC::$server->getConfig(), \OC::$server->getSecureRandom());
|
||||||
$ciphertext = $crypto->encrypt($stringToEncrypt);
|
$ciphertext = $crypto->encrypt($stringToEncrypt);
|
||||||
$this->assertEquals($stringToEncrypt, $crypto->decrypt($ciphertext));
|
$this->assertEquals($stringToEncrypt, $crypto->decrypt($ciphertext));
|
||||||
|
|
||||||
|
@ -27,17 +27,17 @@ class CryptoTest extends \PHPUnit_Framework_TestCase {
|
||||||
*/
|
*/
|
||||||
function testWrongPassword() {
|
function testWrongPassword() {
|
||||||
$stringToEncrypt = 'Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt.';
|
$stringToEncrypt = 'Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt.';
|
||||||
$encryptCrypto = new Crypto();
|
$encryptCrypto = new Crypto(\OC::$server->getConfig(), \OC::$server->getSecureRandom());
|
||||||
$ciphertext = $encryptCrypto->encrypt($stringToEncrypt);
|
$ciphertext = $encryptCrypto->encrypt($stringToEncrypt);
|
||||||
|
|
||||||
$decryptCrypto = new Crypto();
|
$decryptCrypto = new Crypto(\OC::$server->getConfig(), \OC::$server->getSecureRandom());
|
||||||
$this->assertFalse($decryptCrypto->decrypt($ciphertext, 'A wrong password!'));
|
$this->assertFalse($decryptCrypto->decrypt($ciphertext, 'A wrong password!'));
|
||||||
}
|
}
|
||||||
|
|
||||||
function testLaterDecryption() {
|
function testLaterDecryption() {
|
||||||
$stringToEncrypt = 'Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt.';
|
$stringToEncrypt = 'Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt.';
|
||||||
$encryptedString = '560f5436ba864b9f12f7f7ca6d41c327554a6f2c0a160a03316b202af07c65163274993f3a46e7547c07ba89304f00594a2f3bd99f83859097c58049c39d0d4ade10e0de914ff0604961e7c849d0271ed6c0b23f984ba16e7d033e3305fb0910e7b6a2a65c988d17dbee71d8f953684d|d2kdFUspVjC0Y0sr|1a5feacf87eaa6869a6abdfba9a296e7bbad45b6ad89f7dce67cdc98e2da5dc4379cc672cc655e52bbf19599bf59482fbea13a73937697fa656bf10f3fc4f1aa';
|
$encryptedString = '560f5436ba864b9f12f7f7ca6d41c327554a6f2c0a160a03316b202af07c65163274993f3a46e7547c07ba89304f00594a2f3bd99f83859097c58049c39d0d4ade10e0de914ff0604961e7c849d0271ed6c0b23f984ba16e7d033e3305fb0910e7b6a2a65c988d17dbee71d8f953684d|d2kdFUspVjC0Y0sr|1a5feacf87eaa6869a6abdfba9a296e7bbad45b6ad89f7dce67cdc98e2da5dc4379cc672cc655e52bbf19599bf59482fbea13a73937697fa656bf10f3fc4f1aa';
|
||||||
$crypto = new Crypto();
|
$crypto = new Crypto(\OC::$server->getConfig(), \OC::$server->getSecureRandom());
|
||||||
$this->assertEquals($stringToEncrypt, $crypto->decrypt($encryptedString, 'ThisIsAVeryS3cur3P4ssw0rd'));
|
$this->assertEquals($stringToEncrypt, $crypto->decrypt($encryptedString, 'ThisIsAVeryS3cur3P4ssw0rd'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -47,7 +47,7 @@ class CryptoTest extends \PHPUnit_Framework_TestCase {
|
||||||
*/
|
*/
|
||||||
function testWrongIV() {
|
function testWrongIV() {
|
||||||
$encryptedString = '560f5436ba864b9f12f7f7ca6d41c327554a6f2c0a160a03316b202af07c65163274993f3a46e7547c07ba89304f00594a2f3bd99f83859097c58049c39d0d4ade10e0de914ff0604961e7c849d0271ed6c0b23f984ba16e7d033e3305fb0910e7b6a2a65c988d17dbee71d8f953684d|d2kdFUspVjC0o0sr|1a5feacf87eaa6869a6abdfba9a296e7bbad45b6ad89f7dce67cdc98e2da5dc4379cc672cc655e52bbf19599bf59482fbea13a73937697fa656bf10f3fc4f1aa';
|
$encryptedString = '560f5436ba864b9f12f7f7ca6d41c327554a6f2c0a160a03316b202af07c65163274993f3a46e7547c07ba89304f00594a2f3bd99f83859097c58049c39d0d4ade10e0de914ff0604961e7c849d0271ed6c0b23f984ba16e7d033e3305fb0910e7b6a2a65c988d17dbee71d8f953684d|d2kdFUspVjC0o0sr|1a5feacf87eaa6869a6abdfba9a296e7bbad45b6ad89f7dce67cdc98e2da5dc4379cc672cc655e52bbf19599bf59482fbea13a73937697fa656bf10f3fc4f1aa';
|
||||||
$crypto = new Crypto();
|
$crypto = new Crypto(\OC::$server->getConfig(), \OC::$server->getSecureRandom());
|
||||||
$crypto->decrypt($encryptedString, 'ThisIsAVeryS3cur3P4ssw0rd');
|
$crypto->decrypt($encryptedString, 'ThisIsAVeryS3cur3P4ssw0rd');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -57,7 +57,7 @@ class CryptoTest extends \PHPUnit_Framework_TestCase {
|
||||||
*/
|
*/
|
||||||
function testWrongParameters() {
|
function testWrongParameters() {
|
||||||
$encryptedString = '1|2';
|
$encryptedString = '1|2';
|
||||||
$crypto = new Crypto();
|
$crypto = new Crypto(\OC::$server->getConfig(), \OC::$server->getSecureRandom());
|
||||||
$crypto->decrypt($encryptedString, 'ThisIsAVeryS3cur3P4ssw0rd');
|
$crypto->decrypt($encryptedString, 'ThisIsAVeryS3cur3P4ssw0rd');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue