mirror of
https://github.com/kamilwylegala/cakephp2-php8.git
synced 2024-11-14 19:08:25 +00:00
Remove Security::engine()
We disscussed and decided to avoid auto selecting which extension to use. Instead, call Configure::write('Security.useOpenSsl', true) manually.
This commit is contained in:
parent
fc397bd481
commit
a6b0271560
2 changed files with 10 additions and 54 deletions
|
@ -36,7 +36,7 @@ class SecurityTest extends CakeTestCase {
|
|||
*/
|
||||
public function setUp() {
|
||||
parent::setUp();
|
||||
Security::engine(null);
|
||||
Configure::delete('Security.useOpenSsl');
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -46,26 +46,7 @@ class SecurityTest extends CakeTestCase {
|
|||
*/
|
||||
public function tearDown() {
|
||||
parent::tearDown();
|
||||
Security::engine(null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that Security::engine() works
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function testEngine() {
|
||||
if (extension_loaded('mcrypt')) {
|
||||
$this->assertEquals('mcrypt', Security::engine());
|
||||
}
|
||||
|
||||
$this->assertContains(Security::engine(), array('mcrypt', 'openssl'));
|
||||
|
||||
Security::engine('mcrypt');
|
||||
$this->assertEquals('mcrypt', Security::engine());
|
||||
|
||||
Security::engine('openssl');
|
||||
$this->assertEquals('openssl', Security::engine());
|
||||
Configure::delete('Security.useOpenSsl');
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -385,24 +366,24 @@ class SecurityTest extends CakeTestCase {
|
|||
*/
|
||||
public function testEncryptDecryptCompatibility($txt) {
|
||||
$this->skipIf(!extension_loaded('mcrypt'), 'This test requires mcrypt to be installed');
|
||||
$this->skipIf(!extension_loaded('openssl'), 'This test requires oepnssl to be installed');
|
||||
$this->skipIf(version_compare(PHP_VERSION, '5.3.3', '<'), 'This test requires PHP 5.3.3 or grater');
|
||||
$this->skipIf(!extension_loaded('openssl'), 'This test requires openssl to be installed');
|
||||
$this->skipIf(version_compare(PHP_VERSION, '5.3.3', '<'), 'This test requires PHP 5.3.3 or greater');
|
||||
|
||||
$key = '12345678901234567890123456789012';
|
||||
|
||||
Security::engine('mcrypt');
|
||||
Configure::write('Security.useOpenSsl', false);
|
||||
$mcrypt = Security::encrypt($txt, $key);
|
||||
|
||||
Security::engine('openssl');
|
||||
Configure::write('Security.useOpenSsl', true);
|
||||
$openssl = Security::encrypt($txt, $key);
|
||||
|
||||
$this->assertEquals(strlen($mcrypt), strlen($openssl));
|
||||
|
||||
Security::engine('mcrypt');
|
||||
Configure::write('Security.useOpenSsl', false);
|
||||
$this->assertEquals($txt, Security::decrypt($mcrypt, $key));
|
||||
$this->assertEquals($txt, Security::decrypt($openssl, $key));
|
||||
|
||||
Security::engine('openssl');
|
||||
Configure::write('Security.useOpenSsl', true);
|
||||
$this->assertEquals($txt, Security::decrypt($mcrypt, $key));
|
||||
$this->assertEquals($txt, Security::decrypt($openssl, $key));
|
||||
}
|
||||
|
|
|
@ -25,13 +25,6 @@ App::uses('CakeText', 'Utility');
|
|||
*/
|
||||
class Security {
|
||||
|
||||
/**
|
||||
* The encryption engine
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
protected static $_engine = null;
|
||||
|
||||
/**
|
||||
* Default hash method
|
||||
*
|
||||
|
@ -359,7 +352,7 @@ class Security {
|
|||
// Generate the encryption and hmac key.
|
||||
$key = substr(hash('sha256', $key . $hmacSalt), 0, 32);
|
||||
|
||||
if (static::engine() === 'openssl') {
|
||||
if (Configure::read('Security.useOpenSsl')) {
|
||||
$method = 'AES-256-CBC';
|
||||
$ivSize = openssl_cipher_iv_length($method);
|
||||
$iv = openssl_random_pseudo_bytes($ivSize);
|
||||
|
@ -426,7 +419,7 @@ class Security {
|
|||
return false;
|
||||
}
|
||||
|
||||
if (static::engine() === 'openssl') {
|
||||
if (Configure::read('Security.useOpenSsl')) {
|
||||
$method = 'AES-256-CBC';
|
||||
$ivSize = openssl_cipher_iv_length($method);
|
||||
$iv = substr($cipher, 0, $ivSize);
|
||||
|
@ -446,22 +439,4 @@ class Security {
|
|||
return rtrim($plain, "\0");
|
||||
}
|
||||
|
||||
/**
|
||||
* Set or get the encryption engine
|
||||
*
|
||||
* @param string $engine The encryption engine to use
|
||||
* @return string
|
||||
*/
|
||||
public static function engine($engine = null) {
|
||||
if (func_num_args() > 0) {
|
||||
static::$_engine = $engine;
|
||||
} elseif (static::$_engine === null) {
|
||||
static::$_engine = 'mcrypt';
|
||||
if (!extension_loaded('mcrypt') && extension_loaded('openssl') && version_compare(PHP_VERSION, '5.3.3', '>=')) {
|
||||
static::$_engine = 'openssl';
|
||||
}
|
||||
}
|
||||
return static::$_engine;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue