mirror of
https://github.com/Combodo/iTop.git
synced 2026-02-12 23:14:18 +01:00
N°4250 - Problem with unencryption when the attribute is empty
N°4058 - Setup failed when added an encrypted field due to default value NULL non SODIUM compatible
This commit is contained in:
Anne-Cath
@@ -118,6 +118,7 @@ class SimpleCrypt
|
||||
*/
|
||||
function Encrypt($key, $sString)
|
||||
{
|
||||
|
||||
return $this->oEngine->Encrypt($key,$sString);
|
||||
}
|
||||
|
||||
@@ -130,6 +131,10 @@ class SimpleCrypt
|
||||
*/
|
||||
function Decrypt($key, $string)
|
||||
{
|
||||
if (is_null($string) || strlen($string) == 0) {
|
||||
IssueLog::Warning("Cannot decrypt empty/null value");
|
||||
return $string;
|
||||
}
|
||||
return $this->oEngine->Decrypt($key,$string);
|
||||
}
|
||||
|
||||
@@ -234,6 +239,10 @@ class SimpleCryptSimpleEngine implements CryptEngine
|
||||
|
||||
public function Decrypt($key, $encrypted_data)
|
||||
{
|
||||
if (is_null($encrypted_data) || strlen($encrypted_data) == 0) {
|
||||
IssueLog::Warning("Cannot decrypt empty/null value");
|
||||
return $encrypted_data;
|
||||
}
|
||||
$result = '';
|
||||
for($i=1; $i<=strlen($encrypted_data); $i++)
|
||||
{
|
||||
@@ -330,6 +339,10 @@ class SimpleCryptSodiumEngine implements CryptEngine
|
||||
|
||||
public function Decrypt($key, $encrypted_data)
|
||||
{
|
||||
if (is_null($encrypted_data) || strlen($encrypted_data) == 0) {
|
||||
IssueLog::Warning("Cannot decrypt empty/null value");
|
||||
return $encrypted_data;
|
||||
}
|
||||
$key = hex2bin($key);
|
||||
$encrypted_data = base64_decode($encrypted_data);
|
||||
$nonce = mb_substr($encrypted_data, 0, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, '8bit');
|
||||
@@ -362,6 +375,10 @@ class SimpleCryptOpenSSLEngine implements CryptEngine
|
||||
|
||||
public function Decrypt($key, $encrypted_data)
|
||||
{
|
||||
if (is_null($encrypted_data) || strlen($encrypted_data) == 0) {
|
||||
IssueLog::Warning("Cannot decrypt empty/null value");
|
||||
return $encrypted_data;
|
||||
}
|
||||
$key = hex2bin($key);
|
||||
$iv = mb_substr($encrypted_data, 0, openssl_cipher_iv_length("AES-256-CBC"), '8bit');
|
||||
$encrypted_data = mb_substr($encrypted_data, openssl_cipher_iv_length("AES-256-CBC"), null, '8bit');
|
||||
@@ -411,6 +428,10 @@ class SimpleCryptOpenSSLMcryptCompatibilityEngine implements CryptEngine
|
||||
|
||||
public function Decrypt($key, $encrypted_data)
|
||||
{
|
||||
if (is_null($encrypted_data) || strlen($encrypted_data) == 0) {
|
||||
IssueLog::Warning("Cannot decrypt empty/null value");
|
||||
return $encrypted_data;
|
||||
}
|
||||
$key = SimpleCryptOpenSSLMcryptCompatibilityEngine::MakeOpenSSLBlowfishKey($key);
|
||||
$iv = mb_substr($encrypted_data, 0, openssl_cipher_iv_length("BF-CBC"), '8bit');
|
||||
$encrypted_data = mb_substr($encrypted_data, openssl_cipher_iv_length("BF-CBC"), null, '8bit');
|
||||
|
||||
79
tests/php-unit-tests/unitary-tests/core/SympleCryptTest.php
Normal file
79
tests/php-unit-tests/unitary-tests/core/SympleCryptTest.php
Normal file
@@ -0,0 +1,79 @@
|
||||
<?php
|
||||
/*!
|
||||
* @copyright Copyright (C) 2010-2024 Combodo SAS
|
||||
* @license http://opensource.org/licenses/AGPL-3.0
|
||||
*/
|
||||
|
||||
namespace Combodo\iTop\Test\UnitTest\Core;
|
||||
|
||||
use Combodo\iTop\Test\UnitTest\ItopDataTestCase;
|
||||
use SodiumException;
|
||||
|
||||
/**
|
||||
* Tests of the ormPassword class
|
||||
*/
|
||||
class SympleCryptTest extends ItopDataTestCase
|
||||
{
|
||||
public function DecryptClassProvider()
|
||||
{
|
||||
$aClassProvider = ['SimpleCrypt'=>['SimpleCrypt'],
|
||||
'SimpleCryptSimpleEngine'=>['SimpleCryptSimpleEngine']];
|
||||
if(function_exists('sodium_crypto_secretbox_open')){
|
||||
$aClassProvider['SimpleCryptSodiumEngine'] = ['SimpleCryptSodiumEngine'] ;
|
||||
}
|
||||
if(function_exists('openssl_decrypt')){
|
||||
$aClassProvider['SimpleCryptOpenSSLEngine'] = ['SimpleCryptOpenSSLEngine'];
|
||||
$aClassProvider['SimpleCryptOpenSSLMcryptCompatibilityEngine'] = ['SimpleCryptOpenSSLMcryptCompatibilityEngine'];
|
||||
}
|
||||
return$aClassProvider;
|
||||
}
|
||||
/**
|
||||
* @param $sClass
|
||||
* @dataProvider DecryptClassProvider
|
||||
**/
|
||||
public function testDecryptWithNullValue($sClass)
|
||||
{
|
||||
$oSimpleCrypt = new $sClass();
|
||||
$this->assertEquals(null, $oSimpleCrypt->Decrypt("dd", null));
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $sClass
|
||||
* @dataProvider DecryptClassProvider
|
||||
**/
|
||||
public function testDecryptWithEmptyValue($sClass)
|
||||
{
|
||||
$oSimpleCrypt = new $sClass();
|
||||
$this->assertEquals('', $oSimpleCrypt->Decrypt("dd", ""));
|
||||
}
|
||||
|
||||
public function DecryptClassWithNonDecryptableValueProvider()
|
||||
{
|
||||
$aClassProvider = ['SimpleCrypt'=>['SimpleCrypt', '** decryption error **'],
|
||||
// 'SimpleCryptSimpleEngine'=>['SimpleCryptSimpleEngine', ' ']
|
||||
];
|
||||
if(function_exists('sodium_crypto_secretbox_open')){
|
||||
$aClassProvider['SimpleCryptSodiumEngine'] = ['SimpleCryptSodiumEngine', '', 'SodiumException'] ;
|
||||
}
|
||||
if(function_exists('openssl_decrypt')){
|
||||
$aClassProvider['SimpleCryptOpenSSLEngine'] = ['SimpleCryptOpenSSLEngine', '** decryption error **'];
|
||||
$aClassProvider['SimpleCryptOpenSSLMcryptCompatibilityEngine'] = ['SimpleCryptOpenSSLMcryptCompatibilityEngine', '** decryption error **'];
|
||||
}
|
||||
return$aClassProvider;
|
||||
}
|
||||
/**
|
||||
* @param $sClass
|
||||
* @param $sExpectedValue
|
||||
* @dataProvider DecryptClassWithNonDecryptableValueProvider
|
||||
**/
|
||||
public function testDecrypWithNonDecryptableValue($sClass, $sExpectedValue = '', $sExpectedException = null)
|
||||
{
|
||||
if($sExpectedException !== null) {
|
||||
$this->expectException($sExpectedException);
|
||||
}
|
||||
$oSimpleCrypt = new $sClass();
|
||||
$result=$oSimpleCrypt->Decrypt("dd", "gabuzomeuuofteod");
|
||||
$this->assertEquals($sExpectedValue, $result,'');
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user