From 26f21ee6eb2a61e6411c9b78bdb0cc09a8a9eadd Mon Sep 17 00:00:00 2001 From: Anne-Cath Date: Tue, 4 Nov 2025 15:25:53 +0100 Subject: [PATCH] =?UTF-8?q?N=C2=B04250=20-=20Problem=20with=20unencryption?= =?UTF-8?q?=20when=20the=20attribute=20is=20empty=20N=C2=B04058=20-=20Setu?= =?UTF-8?q?p=20failed=20when=20added=20an=20encrypted=20field=20due=20to?= =?UTF-8?q?=20default=20value=20NULL=20non=20SODIUM=20compatible?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/simplecrypt.class.inc.php | 21 +++++ .../unitary-tests/core/SympleCryptTest.php | 79 +++++++++++++++++++ 2 files changed, 100 insertions(+) create mode 100644 tests/php-unit-tests/unitary-tests/core/SympleCryptTest.php diff --git a/core/simplecrypt.class.inc.php b/core/simplecrypt.class.inc.php index b49d0c2d1..91c90738d 100644 --- a/core/simplecrypt.class.inc.php +++ b/core/simplecrypt.class.inc.php @@ -118,6 +118,7 @@ class SimpleCrypt */ function Encrypt($key, $sString) { + return $this->oEngine->Encrypt($key,$sString); } @@ -130,6 +131,10 @@ class SimpleCrypt */ function Decrypt($key, $string) { + if (is_null($string) || strlen($string) == 0) { + IssueLog::Warning("Cannot decrypt empty/null value"); + return $string; + } return $this->oEngine->Decrypt($key,$string); } @@ -234,6 +239,10 @@ class SimpleCryptSimpleEngine implements CryptEngine public function Decrypt($key, $encrypted_data) { + if (is_null($encrypted_data) || strlen($encrypted_data) == 0) { + IssueLog::Warning("Cannot decrypt empty/null value"); + return $encrypted_data; + } $result = ''; for($i=1; $i<=strlen($encrypted_data); $i++) { @@ -330,6 +339,10 @@ class SimpleCryptSodiumEngine implements CryptEngine public function Decrypt($key, $encrypted_data) { + if (is_null($encrypted_data) || strlen($encrypted_data) == 0) { + IssueLog::Warning("Cannot decrypt empty/null value"); + return $encrypted_data; + } $key = hex2bin($key); $encrypted_data = base64_decode($encrypted_data); $nonce = mb_substr($encrypted_data, 0, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, '8bit'); @@ -362,6 +375,10 @@ class SimpleCryptOpenSSLEngine implements CryptEngine public function Decrypt($key, $encrypted_data) { + if (is_null($encrypted_data) || strlen($encrypted_data) == 0) { + IssueLog::Warning("Cannot decrypt empty/null value"); + return $encrypted_data; + } $key = hex2bin($key); $iv = mb_substr($encrypted_data, 0, openssl_cipher_iv_length("AES-256-CBC"), '8bit'); $encrypted_data = mb_substr($encrypted_data, openssl_cipher_iv_length("AES-256-CBC"), null, '8bit'); @@ -411,6 +428,10 @@ class SimpleCryptOpenSSLMcryptCompatibilityEngine implements CryptEngine public function Decrypt($key, $encrypted_data) { + if (is_null($encrypted_data) || strlen($encrypted_data) == 0) { + IssueLog::Warning("Cannot decrypt empty/null value"); + return $encrypted_data; + } $key = SimpleCryptOpenSSLMcryptCompatibilityEngine::MakeOpenSSLBlowfishKey($key); $iv = mb_substr($encrypted_data, 0, openssl_cipher_iv_length("BF-CBC"), '8bit'); $encrypted_data = mb_substr($encrypted_data, openssl_cipher_iv_length("BF-CBC"), null, '8bit'); diff --git a/tests/php-unit-tests/unitary-tests/core/SympleCryptTest.php b/tests/php-unit-tests/unitary-tests/core/SympleCryptTest.php new file mode 100644 index 000000000..4c39bbd06 --- /dev/null +++ b/tests/php-unit-tests/unitary-tests/core/SympleCryptTest.php @@ -0,0 +1,79 @@ +['SimpleCrypt'], + 'SimpleCryptSimpleEngine'=>['SimpleCryptSimpleEngine']]; + if(function_exists('sodium_crypto_secretbox_open')){ + $aClassProvider['SimpleCryptSodiumEngine'] = ['SimpleCryptSodiumEngine'] ; + } + if(function_exists('openssl_decrypt')){ + $aClassProvider['SimpleCryptOpenSSLEngine'] = ['SimpleCryptOpenSSLEngine']; + $aClassProvider['SimpleCryptOpenSSLMcryptCompatibilityEngine'] = ['SimpleCryptOpenSSLMcryptCompatibilityEngine']; + } + return$aClassProvider; + } + /** + * @param $sClass + * @dataProvider DecryptClassProvider + **/ + public function testDecryptWithNullValue($sClass) + { + $oSimpleCrypt = new $sClass(); + $this->assertEquals(null, $oSimpleCrypt->Decrypt("dd", null)); + } + + /** + * @param $sClass + * @dataProvider DecryptClassProvider + **/ + public function testDecryptWithEmptyValue($sClass) + { + $oSimpleCrypt = new $sClass(); + $this->assertEquals('', $oSimpleCrypt->Decrypt("dd", "")); + } + + public function DecryptClassWithNonDecryptableValueProvider() + { + $aClassProvider = ['SimpleCrypt'=>['SimpleCrypt', '** decryption error **'], + // 'SimpleCryptSimpleEngine'=>['SimpleCryptSimpleEngine', ' '] + ]; + if(function_exists('sodium_crypto_secretbox_open')){ + $aClassProvider['SimpleCryptSodiumEngine'] = ['SimpleCryptSodiumEngine', '', 'SodiumException'] ; + } + if(function_exists('openssl_decrypt')){ + $aClassProvider['SimpleCryptOpenSSLEngine'] = ['SimpleCryptOpenSSLEngine', '** decryption error **']; + $aClassProvider['SimpleCryptOpenSSLMcryptCompatibilityEngine'] = ['SimpleCryptOpenSSLMcryptCompatibilityEngine', '** decryption error **']; + } + return$aClassProvider; + } + /** + * @param $sClass + * @param $sExpectedValue + * @dataProvider DecryptClassWithNonDecryptableValueProvider + **/ + public function testDecrypWithNonDecryptableValue($sClass, $sExpectedValue = '', $sExpectedException = null) + { + if($sExpectedException !== null) { + $this->expectException($sExpectedException); + } + $oSimpleCrypt = new $sClass(); + $result=$oSimpleCrypt->Decrypt("dd", "gabuzomeuuofteod"); + $this->assertEquals($sExpectedValue, $result,''); + } + +}