From e4dd73d0e9fd008b0507881b8708ed7d3e9d6692 Mon Sep 17 00:00:00 2001 From: Clemens Schwaighofer Date: Wed, 18 Dec 2024 10:38:34 +0900 Subject: [PATCH] Composer package update --- www/admin/class_test.admin.backend.php | 2 +- www/admin/class_test.array.php | 2 +- www/admin/class_test.autoloader.php | 2 +- www/admin/class_test.byte.php | 2 +- www/admin/class_test.check.colors.php | 2 +- www/admin/class_test.class-calls.php | 2 +- www/admin/class_test.config.direct.php | 2 +- www/admin/class_test.config.link.php | 2 +- www/admin/class_test.convert.colors.php | 2 +- www/admin/class_test.create_email.php | 2 +- www/admin/class_test.datetime.php | 2 +- .../class_test.db.convert-placeholder.php | 2 +- www/admin/class_test.db.dbReturn.php | 2 +- www/admin/class_test.db.php | 2 +- www/admin/class_test.db.query-placeholder.php | 2 +- www/admin/class_test.db.single.php | 2 +- www/admin/class_test.db.types.php | 2 +- www/admin/class_test.debug.php | 2 +- www/admin/class_test.email.php | 2 +- www/admin/class_test.encoding.php | 2 +- www/admin/class_test.encryption.php | 48 ++++- www/admin/class_test.error_msg.php | 2 +- www/admin/class_test.file.php | 2 +- www/admin/class_test.hash.php | 2 +- www/admin/class_test.html.php | 2 +- www/admin/class_test.html_build.block.php | 2 +- www/admin/class_test.html_build.element.php | 2 +- www/admin/class_test.html_build.replace.php | 2 +- www/admin/class_test.image.php | 2 +- www/admin/class_test.json.php | 2 +- www/admin/class_test.lang.php | 2 +- www/admin/class_test.logging.php | 2 +- www/admin/class_test.login.php | 2 +- www/admin/class_test.math.php | 2 +- www/admin/class_test.memoryusage.php | 2 +- www/admin/class_test.mime.php | 2 +- www/admin/class_test.output.form.php | 2 +- www/admin/class_test.password.php | 2 +- www/admin/class_test.php | 2 +- www/admin/class_test.phpv.php | 2 +- www/admin/class_test.randomkey.php | 2 +- www/admin/class_test.readenvfile.php | 2 +- www/admin/class_test.runningtime.php | 2 +- www/admin/class_test.session.php | 2 +- www/admin/class_test.session.read.php | 2 +- www/admin/class_test.smarty.php | 2 +- www/admin/class_test.strings.php | 2 +- www/admin/class_test.system.php | 2 +- www/admin/class_test.token.php | 2 +- www/admin/class_test.uids.php | 2 +- www/admin/class_test.url-requests.curl.php | 2 +- www/admin/class_test.varistype.php | 2 +- www/composer.lock | 2 +- www/vendor/composer/installed.json | 2 +- www/vendor/composer/installed.php | 2 +- .../egrajp/corelibs-composer-all/phpunit.xml | 5 + .../publish/last.published | 2 +- .../corelibs-composer-all/src/ACL/Login.php | 12 +- .../src/Admin/Backend.php | 2 +- .../src/Combined/ArrayHandler.php | 4 +- .../src/Security/CreateKey.php | 35 +++- .../src/Security/Password.php | 13 +- .../src/Security/SymmetricEncryption.php | 181 +++++++++++++----- .../CoreLibsACLLogin_database_create_data.sql | 4 +- ...oreLibsSecuritySymmetricEncryptionTest.php | 114 ++++++++--- 65 files changed, 377 insertions(+), 151 deletions(-) diff --git a/www/admin/class_test.admin.backend.php b/www/admin/class_test.admin.backend.php index 492bbd8e..86402b18 100644 --- a/www/admin/class_test.admin.backend.php +++ b/www/admin/class_test.admin.backend.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.array.php b/www/admin/class_test.array.php index bb64ea46..6491ee59 100644 --- a/www/admin/class_test.array.php +++ b/www/admin/class_test.array.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.autoloader.php b/www/admin/class_test.autoloader.php index 173ce5af..97c53180 100644 --- a/www/admin/class_test.autoloader.php +++ b/www/admin/class_test.autoloader.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); // basic class test file diff --git a/www/admin/class_test.byte.php b/www/admin/class_test.byte.php index 3105c09f..cc17ce2f 100644 --- a/www/admin/class_test.byte.php +++ b/www/admin/class_test.byte.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.check.colors.php b/www/admin/class_test.check.colors.php index 705ea6bf..73fb8658 100644 --- a/www/admin/class_test.check.colors.php +++ b/www/admin/class_test.check.colors.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.class-calls.php b/www/admin/class_test.class-calls.php index b184069b..dd5d52ce 100644 --- a/www/admin/class_test.class-calls.php +++ b/www/admin/class_test.class-calls.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.config.direct.php b/www/admin/class_test.config.direct.php index 9ce49225..7e824bda 100644 --- a/www/admin/class_test.config.direct.php +++ b/www/admin/class_test.config.direct.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.config.link.php b/www/admin/class_test.config.link.php index f19acbfe..d980e56c 100644 --- a/www/admin/class_test.config.link.php +++ b/www/admin/class_test.config.link.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.convert.colors.php b/www/admin/class_test.convert.colors.php index 4b5f68db..462c7ef1 100644 --- a/www/admin/class_test.convert.colors.php +++ b/www/admin/class_test.convert.colors.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.create_email.php b/www/admin/class_test.create_email.php index ece9c410..40643f50 100644 --- a/www/admin/class_test.create_email.php +++ b/www/admin/class_test.create_email.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.datetime.php b/www/admin/class_test.datetime.php index 18379ea8..e0374599 100644 --- a/www/admin/class_test.datetime.php +++ b/www/admin/class_test.datetime.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.db.convert-placeholder.php b/www/admin/class_test.db.convert-placeholder.php index e95586ad..6504326f 100644 --- a/www/admin/class_test.db.convert-placeholder.php +++ b/www/admin/class_test.db.convert-placeholder.php @@ -7,7 +7,7 @@ declare(strict_types=1); // turn on all error reporting -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.db.dbReturn.php b/www/admin/class_test.db.dbReturn.php index 17166558..85d56793 100644 --- a/www/admin/class_test.db.dbReturn.php +++ b/www/admin/class_test.db.dbReturn.php @@ -7,7 +7,7 @@ declare(strict_types=1); // turn on all error reporting -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.db.php b/www/admin/class_test.db.php index 1326a023..4f1bfb82 100644 --- a/www/admin/class_test.db.php +++ b/www/admin/class_test.db.php @@ -7,7 +7,7 @@ declare(strict_types=1); // turn on all error reporting -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.db.query-placeholder.php b/www/admin/class_test.db.query-placeholder.php index c934962a..87b57971 100644 --- a/www/admin/class_test.db.query-placeholder.php +++ b/www/admin/class_test.db.query-placeholder.php @@ -7,7 +7,7 @@ declare(strict_types=1); // turn on all error reporting -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.db.single.php b/www/admin/class_test.db.single.php index 102c3ce7..e3d631c4 100644 --- a/www/admin/class_test.db.single.php +++ b/www/admin/class_test.db.single.php @@ -7,7 +7,7 @@ declare(strict_types=1); // turn on all error reporting -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.db.types.php b/www/admin/class_test.db.types.php index 8f42aa66..d3c74038 100644 --- a/www/admin/class_test.db.types.php +++ b/www/admin/class_test.db.types.php @@ -7,7 +7,7 @@ declare(strict_types=1); // turn on all error reporting -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.debug.php b/www/admin/class_test.debug.php index bb3dd190..25427152 100644 --- a/www/admin/class_test.debug.php +++ b/www/admin/class_test.debug.php @@ -12,7 +12,7 @@ $PRINT_ALL = false; $ECHO_ALL = true; $DB_DEBUG = true; -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.email.php b/www/admin/class_test.email.php index 0e07cb7b..c23c143e 100644 --- a/www/admin/class_test.email.php +++ b/www/admin/class_test.email.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.encoding.php b/www/admin/class_test.encoding.php index bebac823..28081ccc 100644 --- a/www/admin/class_test.encoding.php +++ b/www/admin/class_test.encoding.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.encryption.php b/www/admin/class_test.encryption.php index 0846d4ea..e1823554 100644 --- a/www/admin/class_test.encryption.php +++ b/www/admin/class_test.encryption.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); @@ -18,6 +18,7 @@ require 'config.php'; $LOG_FILE_ID = 'classTest-encryption'; ob_end_flush(); +use CoreLibs\Security\AsymmetricAnonymousEncryption; use CoreLibs\Security\SymmetricEncryption; use CoreLibs\Security\CreateKey; @@ -36,6 +37,8 @@ print ""; print '
Class Test Master
'; print '

' . $PAGE_NAME . '

'; +print "

Symmetric Encryption

"; + $key = CreateKey::generateRandomKey(); print "Secret Key: " . $key . "
"; @@ -105,6 +108,49 @@ try { // $encrypted = $se->encrypt($string); // $decrypted = $se->decrypt($encrypted); +echo "
"; +print "

Asymmetric Encryption

"; + +$key_pair = CreateKey::createKeyPair(); +$public_key = CreateKey::getPublicKey($key_pair); + +$string = "I am some asymmetric secret"; +print "Message: " . $string . "
"; +$encrypted = sodium_crypto_box_seal($string, CreateKey::hex2bin($public_key)); +$message = sodium_bin2base64($encrypted, SODIUM_BASE64_VARIANT_ORIGINAL); +print "Encrypted PL: " . $message . "
"; +$result = sodium_base642bin($message, SODIUM_BASE64_VARIANT_ORIGINAL); +$decrypted = sodium_crypto_box_seal_open($result, CreateKey::hex2bin($key_pair)); +print "Decrypted PL: " . $decrypted . "
"; + +$encrypted = AsymmetricAnonymousEncryption::encryptKey($string, $public_key); +print "Encrypted ST: " . $encrypted . "
"; +$decrypted = AsymmetricAnonymousEncryption::decryptKey($encrypted, $key_pair); +print "Decrypted ST: " . $decrypted . "
"; + +$aa_crypt = new AsymmetricAnonymousEncryption($key_pair, $public_key); +$encrypted = $aa_crypt->encrypt($string); +print "Encrypted: " . $encrypted . "
"; +$decrypted = $aa_crypt->decrypt($encrypted); +print "Decrypted: " . $decrypted . "
"; + +print "Base64 encode: " . base64_encode('Some text here') . "
"; + +/// this has to fail +$crypt = new AsymmetricAnonymousEncryption(); +$crypt->setPublicKey(CreateKey::getPublicKey(CreateKey::createKeyPair())); +print "Public Key: " . $crypt->getPublicKey() . "
"; +try { + $crypt->setPublicKey(CreateKey::createKeyPair()); +} catch (RangeException $e) { + print "Invalid range: 
$e
"; +} +try { + $crypt->setKeyPair(CreateKey::getPublicKey(CreateKey::createKeyPair())); +} catch (RangeException $e) { + print "Invalid range: 
$e
"; +} + print ""; // __END__ diff --git a/www/admin/class_test.error_msg.php b/www/admin/class_test.error_msg.php index c83a3cc5..e174003d 100644 --- a/www/admin/class_test.error_msg.php +++ b/www/admin/class_test.error_msg.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.file.php b/www/admin/class_test.file.php index 4cdaa8a9..890adad6 100644 --- a/www/admin/class_test.file.php +++ b/www/admin/class_test.file.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.hash.php b/www/admin/class_test.hash.php index 847e2bf5..c269a5dc 100644 --- a/www/admin/class_test.hash.php +++ b/www/admin/class_test.hash.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.html.php b/www/admin/class_test.html.php index b02241b2..04143e62 100644 --- a/www/admin/class_test.html.php +++ b/www/admin/class_test.html.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.html_build.block.php b/www/admin/class_test.html_build.block.php index b03ee9ee..57471b3b 100644 --- a/www/admin/class_test.html_build.block.php +++ b/www/admin/class_test.html_build.block.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.html_build.element.php b/www/admin/class_test.html_build.element.php index 303388b3..3d55832f 100644 --- a/www/admin/class_test.html_build.element.php +++ b/www/admin/class_test.html_build.element.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.html_build.replace.php b/www/admin/class_test.html_build.replace.php index 2e648b28..48366736 100644 --- a/www/admin/class_test.html_build.replace.php +++ b/www/admin/class_test.html_build.replace.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.image.php b/www/admin/class_test.image.php index db57964f..8e3e4d15 100644 --- a/www/admin/class_test.image.php +++ b/www/admin/class_test.image.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.json.php b/www/admin/class_test.json.php index 03244d55..6c596280 100644 --- a/www/admin/class_test.json.php +++ b/www/admin/class_test.json.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.lang.php b/www/admin/class_test.lang.php index 8deb2a2d..f9cf58c4 100644 --- a/www/admin/class_test.lang.php +++ b/www/admin/class_test.lang.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.logging.php b/www/admin/class_test.logging.php index 778bdd63..e1c71bfa 100644 --- a/www/admin/class_test.logging.php +++ b/www/admin/class_test.logging.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.login.php b/www/admin/class_test.login.php index 1be459a9..2049635e 100644 --- a/www/admin/class_test.login.php +++ b/www/admin/class_test.login.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.math.php b/www/admin/class_test.math.php index d3af1f39..dfa40f3b 100644 --- a/www/admin/class_test.math.php +++ b/www/admin/class_test.math.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.memoryusage.php b/www/admin/class_test.memoryusage.php index 7e955a85..b105af9e 100644 --- a/www/admin/class_test.memoryusage.php +++ b/www/admin/class_test.memoryusage.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.mime.php b/www/admin/class_test.mime.php index f1bdab61..c2d1b233 100644 --- a/www/admin/class_test.mime.php +++ b/www/admin/class_test.mime.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.output.form.php b/www/admin/class_test.output.form.php index 1a1d4066..4e992666 100644 --- a/www/admin/class_test.output.form.php +++ b/www/admin/class_test.output.form.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.password.php b/www/admin/class_test.password.php index 0d1c390a..b1aa9de1 100644 --- a/www/admin/class_test.password.php +++ b/www/admin/class_test.password.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.php b/www/admin/class_test.php index d8470134..a54b2bce 100644 --- a/www/admin/class_test.php +++ b/www/admin/class_test.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.phpv.php b/www/admin/class_test.phpv.php index 63ac0bf5..9e0d077d 100644 --- a/www/admin/class_test.phpv.php +++ b/www/admin/class_test.phpv.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.randomkey.php b/www/admin/class_test.randomkey.php index d49d8e0c..4416b63d 100644 --- a/www/admin/class_test.randomkey.php +++ b/www/admin/class_test.randomkey.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.readenvfile.php b/www/admin/class_test.readenvfile.php index 2988dbcc..adb046d6 100644 --- a/www/admin/class_test.readenvfile.php +++ b/www/admin/class_test.readenvfile.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.runningtime.php b/www/admin/class_test.runningtime.php index 27acde98..8e33dd8c 100644 --- a/www/admin/class_test.runningtime.php +++ b/www/admin/class_test.runningtime.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.session.php b/www/admin/class_test.session.php index a8227c78..eb73256d 100644 --- a/www/admin/class_test.session.php +++ b/www/admin/class_test.session.php @@ -2,7 +2,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); /** * Undocumented function diff --git a/www/admin/class_test.session.read.php b/www/admin/class_test.session.read.php index b2e6e8e3..5750e430 100644 --- a/www/admin/class_test.session.read.php +++ b/www/admin/class_test.session.read.php @@ -2,7 +2,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); /** * Undocumented function diff --git a/www/admin/class_test.smarty.php b/www/admin/class_test.smarty.php index df44f34f..31635910 100644 --- a/www/admin/class_test.smarty.php +++ b/www/admin/class_test.smarty.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.strings.php b/www/admin/class_test.strings.php index 93c5bf0a..f1ffb689 100644 --- a/www/admin/class_test.strings.php +++ b/www/admin/class_test.strings.php @@ -2,7 +2,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.system.php b/www/admin/class_test.system.php index f59a68a1..f84bf19f 100644 --- a/www/admin/class_test.system.php +++ b/www/admin/class_test.system.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.token.php b/www/admin/class_test.token.php index f46d5166..be098831 100644 --- a/www/admin/class_test.token.php +++ b/www/admin/class_test.token.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.uids.php b/www/admin/class_test.uids.php index 3302fe8b..d01598d5 100644 --- a/www/admin/class_test.uids.php +++ b/www/admin/class_test.uids.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.url-requests.curl.php b/www/admin/class_test.url-requests.curl.php index c43ce781..b3773c23 100644 --- a/www/admin/class_test.url-requests.curl.php +++ b/www/admin/class_test.url-requests.curl.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/admin/class_test.varistype.php b/www/admin/class_test.varistype.php index 57f7487a..fc757965 100644 --- a/www/admin/class_test.varistype.php +++ b/www/admin/class_test.varistype.php @@ -6,7 +6,7 @@ declare(strict_types=1); -error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); +error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR); ob_start(); diff --git a/www/composer.lock b/www/composer.lock index 23eeac6c..4d00c05f 100644 --- a/www/composer.lock +++ b/www/composer.lock @@ -12,7 +12,7 @@ "dist": { "type": "path", "url": "/storage/var/www/html/developers/clemens/core_data/composer-packages/CoreLibs-Composer-All", - "reference": "7e01152bb4a33538bb0bbf0e3f2b22b900baba02" + "reference": "4ee141f8df16ecf8b4d32fb8763959e88ccc6914" }, "require": { "php": ">=8.2", diff --git a/www/vendor/composer/installed.json b/www/vendor/composer/installed.json index c6990b61..997be827 100644 --- a/www/vendor/composer/installed.json +++ b/www/vendor/composer/installed.json @@ -7,7 +7,7 @@ "dist": { "type": "path", "url": "/storage/var/www/html/developers/clemens/core_data/composer-packages/CoreLibs-Composer-All", - "reference": "7e01152bb4a33538bb0bbf0e3f2b22b900baba02" + "reference": "4ee141f8df16ecf8b4d32fb8763959e88ccc6914" }, "require": { "php": ">=8.2", diff --git a/www/vendor/composer/installed.php b/www/vendor/composer/installed.php index 0f83cd54..221a2bfc 100644 --- a/www/vendor/composer/installed.php +++ b/www/vendor/composer/installed.php @@ -13,7 +13,7 @@ 'egrajp/corelibs-composer-all' => array( 'pretty_version' => 'dev-development', 'version' => 'dev-development', - 'reference' => '7e01152bb4a33538bb0bbf0e3f2b22b900baba02', + 'reference' => '4ee141f8df16ecf8b4d32fb8763959e88ccc6914', 'type' => 'library', 'install_path' => __DIR__ . '/../egrajp/corelibs-composer-all', 'aliases' => array(), diff --git a/www/vendor/egrajp/corelibs-composer-all/phpunit.xml b/www/vendor/egrajp/corelibs-composer-all/phpunit.xml index 3edd6bbb..13203faa 100644 --- a/www/vendor/egrajp/corelibs-composer-all/phpunit.xml +++ b/www/vendor/egrajp/corelibs-composer-all/phpunit.xml @@ -4,4 +4,9 @@ verbose="true" bootstrap="test/phpunit/bootstrap.php" > + + + test/phpunit + + diff --git a/www/vendor/egrajp/corelibs-composer-all/publish/last.published b/www/vendor/egrajp/corelibs-composer-all/publish/last.published index 3b5db853..5c7cda31 100644 --- a/www/vendor/egrajp/corelibs-composer-all/publish/last.published +++ b/www/vendor/egrajp/corelibs-composer-all/publish/last.published @@ -1 +1 @@ -9.23.3 +9.24.1 diff --git a/www/vendor/egrajp/corelibs-composer-all/src/ACL/Login.php b/www/vendor/egrajp/corelibs-composer-all/src/ACL/Login.php index 365f5e69..0b6c55ad 100644 --- a/www/vendor/egrajp/corelibs-composer-all/src/ACL/Login.php +++ b/www/vendor/egrajp/corelibs-composer-all/src/ACL/Login.php @@ -79,7 +79,7 @@ class Login private ?int $edit_user_id; /** @var ?string the user cuid (note will be super seeded with uuid v4 later) */ private ?string $edit_user_cuid; - /** @var ?string UUIDv4, will superseed the ecuid and replace euid as login id */ + /** @var ?string UUIDv4, will superseed the eucuid and replace euid as login id */ private ?string $edit_user_cuuid; /** @var string _GET/_POST loginUserId parameter for non password login */ private string $login_user_id = ''; @@ -2138,10 +2138,10 @@ body { text-align: right; } input.login-input-text { - font-size: 1.5em; + font-size: 1.3em; } button.login-button { - font-size: 1.5em; + font-size: 1.3em; } .login-visible { visibility: visible; @@ -2371,7 +2371,7 @@ HTML; } $q = <<session->get('LOGIN_PAGES'); } - // MARK: logged in uid(pk)/cuid/ecuuid + // MARK: logged in uid(pk)/eucuid/eucuuid /** * Get the current set EUID (edit user id) @@ -2938,7 +2938,7 @@ HTML; if (empty($this->edit_user_cuuid)) { return $this->permission_okay; } - // euid must match ecuid and ecuuid + // euid must match eucuid and eucuuid // bail for previous wrong page match, eg if method is called twice if ($this->login_error == 103) { return $this->permission_okay; diff --git a/www/vendor/egrajp/corelibs-composer-all/src/Admin/Backend.php b/www/vendor/egrajp/corelibs-composer-all/src/Admin/Backend.php index 6f02cd25..04e084ff 100644 --- a/www/vendor/egrajp/corelibs-composer-all/src/Admin/Backend.php +++ b/www/vendor/egrajp/corelibs-composer-all/src/Admin/Backend.php @@ -358,7 +358,7 @@ class Backend } $q = << anything values return only the matching entries from key list + * From the array with key -> mixed values, + * return only the entries where the key matches the key given in the key list parameter + * * key list is a list[string] * if key list is empty, return array as is * diff --git a/www/vendor/egrajp/corelibs-composer-all/src/Security/CreateKey.php b/www/vendor/egrajp/corelibs-composer-all/src/Security/CreateKey.php index add2773e..e9f7c53c 100644 --- a/www/vendor/egrajp/corelibs-composer-all/src/Security/CreateKey.php +++ b/www/vendor/egrajp/corelibs-composer-all/src/Security/CreateKey.php @@ -35,14 +35,39 @@ class CreateKey return random_bytes(SODIUM_CRYPTO_SECRETBOX_KEYBYTES); } + /** + * creates a sodium cyptobox keypair as hex string + * + * @return string hex string for the keypair + */ + public static function createKeyPair(): string + { + return self::bin2hex(sodium_crypto_box_keypair()); + } + + /** + * extracts the public key and returns it as hex string from the hex keypari + * + * @param string $hex_keypair hex encoded keypair + * @return string hex encoded public key + */ + public static function getPublicKey( + #[\SensitiveParameter] + string $hex_keypair + ): string { + return self::bin2hex(sodium_crypto_box_publickey(self::hex2bin($hex_keypair))); + } + /** * convert binary key to hex string * * @param string $hex_key Convert binary key string to hex * @return string */ - public static function bin2hex(string $hex_key): string - { + public static function bin2hex( + #[\SensitiveParameter] + string $hex_key + ): string { return sodium_bin2hex($hex_key); } @@ -52,8 +77,10 @@ class CreateKey * @param string $string_key Convery hex key string to binary * @return string */ - public static function hex2bin(string $string_key): string - { + public static function hex2bin( + #[\SensitiveParameter] + string $string_key + ): string { return sodium_hex2bin($string_key); } } diff --git a/www/vendor/egrajp/corelibs-composer-all/src/Security/Password.php b/www/vendor/egrajp/corelibs-composer-all/src/Security/Password.php index 984fa5cb..8c64228e 100644 --- a/www/vendor/egrajp/corelibs-composer-all/src/Security/Password.php +++ b/www/vendor/egrajp/corelibs-composer-all/src/Security/Password.php @@ -16,8 +16,10 @@ class Password * @param string $password password * @return string hashed password */ - public static function passwordSet(string $password): string - { + public static function passwordSet( + #[\SensitiveParameter] + string $password + ): string { // always use the PHP default for the password // password options ca be set in the password init, // but should be kept as default @@ -31,8 +33,11 @@ class Password * @param string $hash password hash * @return bool true or false */ - public static function passwordVerify(string $password, string $hash): bool - { + public static function passwordVerify( + #[\SensitiveParameter] + string $password, + string $hash + ): bool { if (password_verify($password, $hash)) { return true; } else { diff --git a/www/vendor/egrajp/corelibs-composer-all/src/Security/SymmetricEncryption.php b/www/vendor/egrajp/corelibs-composer-all/src/Security/SymmetricEncryption.php index 2f8fb75e..91d8c2cb 100644 --- a/www/vendor/egrajp/corelibs-composer-all/src/Security/SymmetricEncryption.php +++ b/www/vendor/egrajp/corelibs-composer-all/src/Security/SymmetricEncryption.php @@ -24,19 +24,19 @@ class SymmetricEncryption /** @var SymmetricEncryption self instance */ private static SymmetricEncryption $instance; - /** @var string bin hex key */ - private string $key = ''; + /** @var ?string bin hex key */ + private ?string $key = null; /** * init class * if key not passed, key must be set with createKey * - * @param string|null|null $key + * @param string|null $key encryption key */ public function __construct( - string|null $key = null + ?string $key = null ) { - if ($key != null) { + if ($key !== null) { $this->setKey($key); } } @@ -45,9 +45,10 @@ class SymmetricEncryption * Returns the singleton self object. * For function wrapper use * + * @param string|null $key encryption key * @return SymmetricEncryption object */ - public static function getInstance(string|null $key = null): self + public static function getInstance(?string $key = null): self { // new if no instsance or key is different if ( @@ -59,6 +60,34 @@ class SymmetricEncryption return self::$instance; } + /** + * clean up + * + * @return void + */ + public function __deconstruct() + { + if (empty($this->key)) { + return; + } + try { + // would set it to null, but we we do not want to make key null + sodium_memzero($this->key); + return; + } catch (SodiumException) { + // empty catch + } + if (is_null($this->key)) { + return; + } + $zero = str_repeat("\0", mb_strlen($this->key, '8bit')); + $this->key = $this->key ^ ( + $zero ^ $this->key + ); + unset($zero); + unset($this->key); /** @phan-suppress-current-line PhanTypeObjectUnsetDeclaredProperty */ + } + /* ************************************************************************ * MARK: PRIVATE * *************************************************************************/ @@ -66,11 +95,19 @@ class SymmetricEncryption /** * create key and check validity * - * @param string $key The key from which the binary key will be created - * @return string Binary key string + * @param ?string $key The key from which the binary key will be created + * @return string Binary key string + * @throws \UnexpectedValueException empty key + * @throws \UnexpectedValueException invalid hex key + * @throws \RangeException invalid length */ - private function createKey(string $key): string - { + private function createKey( + #[\SensitiveParameter] + ?string $key + ): string { + if (empty($key)) { + throw new \UnexpectedValueException('Key cannot be empty'); + } try { $key = CreateKey::hex2bin($key); } catch (SodiumException $e) { @@ -91,36 +128,42 @@ class SymmetricEncryption * @param string $encrypted Text to decrypt * @param ?string $key Mandatory encryption key, will throw exception if empty * @return string Plain text - * @throws \RangeException - * @throws \UnexpectedValueException - * @throws \UnexpectedValueException + * @throws \UnexpectedValueException key cannot be empty + * @throws \UnexpectedValueException decipher message failed + * @throws \UnexpectedValueException invalid key */ - private function decryptData(string $encrypted, ?string $key): string - { - if (empty($key)) { - throw new \UnexpectedValueException('Key not set'); + private function decryptData( + #[\SensitiveParameter] + string $encrypted, + #[\SensitiveParameter] + ?string $key + ): string { + if (empty($encrypted)) { + throw new \UnexpectedValueException('Encrypted string cannot be empty'); } $key = $this->createKey($key); $decoded = base64_decode($encrypted); $nonce = mb_substr($decoded, 0, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, '8bit'); $ciphertext = mb_substr($decoded, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, null, '8bit'); - $plain = false; + $plaintext = false; try { - $plain = sodium_crypto_secretbox_open( + $plaintext = sodium_crypto_secretbox_open( $ciphertext, $nonce, $key ); } catch (SodiumException $e) { + sodium_memzero($ciphertext); + sodium_memzero($key); throw new \UnexpectedValueException('Decipher message failed: ' . $e->getMessage()); } - if (!is_string($plain)) { - throw new \UnexpectedValueException('Invalid Key'); - } sodium_memzero($ciphertext); sodium_memzero($key); - return $plain; + if (!is_string($plaintext)) { + throw new \UnexpectedValueException('Invalid Key'); + } + return $plaintext; } /** @@ -128,15 +171,15 @@ class SymmetricEncryption * * @param string $message Message to encrypt * @param ?string $key Mandatory encryption key, will throw exception if empty - * @return string - * @throws \Exception - * @throws \RangeException + * @return string Ciphered text + * @throws \UnexpectedValueException create message failed */ - private function encryptData(string $message, ?string $key): string - { - if ($key === null) { - throw new \UnexpectedValueException('Key not set'); - } + private function encryptData( + #[\SensitiveParameter] + string $message, + #[\SensitiveParameter] + ?string $key + ): string { $key = $this->createKey($key); $nonce = random_bytes(SODIUM_CRYPTO_SECRETBOX_NONCEBYTES); try { @@ -149,6 +192,8 @@ class SymmetricEncryption ) ); } catch (SodiumException $e) { + sodium_memzero($message); + sodium_memzero($key); throw new \UnexpectedValueException("Create encrypted message failed: " . $e->getMessage()); } sodium_memzero($message); @@ -160,19 +205,48 @@ class SymmetricEncryption * MARK: PUBLIC * *************************************************************************/ - /** * set a new key for encryption * * @param string $key * @return void + * @throws \UnexpectedValueException key cannot be empty */ - public function setKey(string $key) - { + public function setKey( + #[\SensitiveParameter] + string $key + ) { if (empty($key)) { throw new \UnexpectedValueException('Key cannot be empty'); } + // check that this is a valid key + $this->createKey($key); + // set key $this->key = $key; + sodium_memzero($key); + } + + /** + * Checks if set key is equal to parameter key + * + * @param string $key + * @return bool + */ + public function compareKey( + #[\SensitiveParameter] + string $key + ): bool { + return $key === $this->key; + } + + /** + * returns the current set key, null if not set + * + * @return ?string + */ + public function getKey(): ?string + { + return $this->key; } /** @@ -182,13 +256,13 @@ class SymmetricEncryption * @param string $encrypted Message encrypted with safeEncrypt() * @param string $key Encryption key (as hex string) * @return string - * @throws \Exception - * @throws \RangeException - * @throws \UnexpectedValueException - * @throws \UnexpectedValueException */ - public static function decryptKey(string $encrypted, string $key): string - { + public static function decryptKey( + #[\SensitiveParameter] + string $encrypted, + #[\SensitiveParameter] + string $key + ): string { return self::getInstance()->decryptData($encrypted, $key); } @@ -197,12 +271,11 @@ class SymmetricEncryption * * @param string $encrypted Message encrypted with safeEncrypt() * @return string - * @throws \RangeException - * @throws \UnexpectedValueException - * @throws \UnexpectedValueException */ - public function decrypt(string $encrypted): string - { + public function decrypt( + #[\SensitiveParameter] + string $encrypted + ): string { return $this->decryptData($encrypted, $this->key); } @@ -213,11 +286,13 @@ class SymmetricEncryption * @param string $message Message to encrypt * @param string $key Encryption key (as hex string) * @return string - * @throws \Exception - * @throws \RangeException */ - public static function encryptKey(string $message, string $key): string - { + public static function encryptKey( + #[\SensitiveParameter] + string $message, + #[\SensitiveParameter] + string $key + ): string { return self::getInstance()->encryptData($message, $key); } @@ -226,11 +301,11 @@ class SymmetricEncryption * * @param string $message Message to encrypt * @return string - * @throws \Exception - * @throws \RangeException */ - public function encrypt(string $message): string - { + public function encrypt( + #[\SensitiveParameter] + string $message + ): string { return $this->encryptData($message, $this->key); } } diff --git a/www/vendor/egrajp/corelibs-composer-all/test/phpunit/ACL/database/CoreLibsACLLogin_database_create_data.sql b/www/vendor/egrajp/corelibs-composer-all/test/phpunit/ACL/database/CoreLibsACLLogin_database_create_data.sql index 7caaf1c3..1b6855b5 100644 --- a/www/vendor/egrajp/corelibs-composer-all/test/phpunit/ACL/database/CoreLibsACLLogin_database_create_data.sql +++ b/www/vendor/egrajp/corelibs-composer-all/test/phpunit/ACL/database/CoreLibsACLLogin_database_create_data.sql @@ -652,8 +652,8 @@ CREATE TABLE edit_log ( edit_log_id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY, euid INT, -- this is a foreign key, but I don't nedd to reference to it FOREIGN KEY (euid) REFERENCES edit_user (edit_user_id) MATCH FULL ON UPDATE CASCADE ON DELETE SET NULL, - ecuid VARCHAR, - ecuuid UUID, -- this is the one we want to use, full UUIDv4 from the edit user table + eucuid VARCHAR, + eucuuid UUID, -- this is the one we want to use, full UUIDv4 from the edit user table -- date_created equal, but can be overridden event_date TIMESTAMP WITHOUT TIME ZONE DEFAULT CURRENT_TIMESTAMP, -- session ID if set diff --git a/www/vendor/egrajp/corelibs-composer-all/test/phpunit/Security/CoreLibsSecuritySymmetricEncryptionTest.php b/www/vendor/egrajp/corelibs-composer-all/test/phpunit/Security/CoreLibsSecuritySymmetricEncryptionTest.php index d7486501..1251a6da 100644 --- a/www/vendor/egrajp/corelibs-composer-all/test/phpunit/Security/CoreLibsSecuritySymmetricEncryptionTest.php +++ b/www/vendor/egrajp/corelibs-composer-all/test/phpunit/Security/CoreLibsSecuritySymmetricEncryptionTest.php @@ -15,6 +15,77 @@ use CoreLibs\Security\SymmetricEncryption; */ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase { + // MARK: key set compare + + /** + * Undocumented function + * + * @covers ::compareKey + * @covers ::getKey + * @testdox Check if init class set key matches to created key + * + * @return void + */ + public function testKeyInitGetCompare(): void + { + $key = CreateKey::generateRandomKey(); + $crypt = new SymmetricEncryption($key); + $this->assertTrue( + $crypt->compareKey($key), + 'set key not equal to original key' + ); + $this->assertEquals( + $key, + $crypt->getKey(), + 'set key returned not equal to original key' + ); + } + + /** + * Undocumented function + * + * @covers ::setKey + * @covers ::compareKey + * @covers ::getKey + * @testdox Check if set key after class init matches to created key + * + * @return void + */ + public function testKeySetGetCompare(): void + { + $key = CreateKey::generateRandomKey(); + $crypt = new SymmetricEncryption(); + $crypt->setKey($key); + $this->assertTrue( + $crypt->compareKey($key), + 'set key not equal to original key' + ); + $this->assertEquals( + $key, + $crypt->getKey(), + 'set key returned not equal to original key' + ); + } + + // MARK: empty encrypted string + + /** + * Undocumented function + * + * @covers ::decryptKey + * @covers ::decrypt + * @testdox Test empty encrypted string to decrypt + * + * @return void + */ + public function testEmptyDecryptionString(): void + { + $this->expectExceptionMessage('Encrypted string cannot be empty'); + SymmetricEncryption::decryptKey('', CreateKey::generateRandomKey()); + } + + // MARK: encrypt/decrypt compare + /** * Undocumented function * @@ -88,8 +159,8 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase * test encrypt/decrypt produce correct output * * @covers ::generateRandomKey - * @covers ::encrypt - * @covers ::decrypt + * @covers ::encryptKey + * @covers ::decryptKey * @dataProvider providerEncryptDecryptSuccess * @testdox encrypt/decrypt static $input must be $expected [$_dataName] * @@ -111,6 +182,8 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase ); } + // MARK: invalid key + /** * Undocumented function * @@ -180,8 +253,8 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase * Test decryption with wrong key * * @covers ::generateRandomKey - * @covers ::encrypt - * @covers ::decrypt + * @covers ::encryptKey + * @covers ::decryptKey * @dataProvider providerEncryptFailed * @testdox decrypt static with wrong key $input throws $exception_message [$_dataName] * @@ -200,6 +273,8 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase SymmetricEncryption::decryptKey($encrypted, $wrong_key); } + // MARK: wrong key + /** * Undocumented function * @@ -216,6 +291,10 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase 'key' => '1cabd5cba9e042f12522f4ff2de5c31d233b', 'excpetion_message' => 'Key is not the correct size (must be ' ], + 'empty key' => [ + 'key' => '', + 'excpetion_message' => 'Key cannot be empty' + ] ]; } @@ -236,6 +315,7 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase $enc_key = CreateKey::generateRandomKey(); // class + $this->expectExceptionMessage($exception_message); $crypt = new SymmetricEncryption($key); $this->expectExceptionMessage($exception_message); $crypt->encrypt('test'); @@ -244,22 +324,6 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase $this->expectExceptionMessage($exception_message); $crypt->setKey($key); $crypt->decrypt($encrypted); - - // class instance - $this->expectExceptionMessage($exception_message); - SymmetricEncryption::getInstance($key)->encrypt('test'); - // we must encrypt valid thing first so we can fail with the wrong key - $encrypted = SymmetricEncryption::getInstance($enc_key)->encrypt('test'); - $this->expectExceptionMessage($exception_message); - SymmetricEncryption::getInstance($key)->decrypt($encrypted); - - // class static - $this->expectExceptionMessage($exception_message); - SymmetricEncryption::encryptKey('test', $key); - // we must encrypt valid thing first so we can fail with the wrong key - $encrypted = SymmetricEncryption::encryptKey('test', $enc_key); - $this->expectExceptionMessage($exception_message); - SymmetricEncryption::decryptKey($encrypted, $key); } /** @@ -290,8 +354,8 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase /** * test invalid key provided to decrypt or encrypt * - * @covers ::encrypt - * @covers ::decrypt + * @covers ::encryptKey + * @covers ::decryptKey * @dataProvider providerWrongKey * @testdox wrong key static $key throws $exception_message [$_dataName] * @@ -312,6 +376,8 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase SymmetricEncryption::decryptKey($encrypted, $key); } + // MARK: wrong input + /** * Undocumented function * @@ -358,7 +424,7 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase /** * Undocumented function * - * @covers ::decrypt + * @covers ::decryptKey * @dataProvider providerWrongCiphertext * @testdox too short ciphertext indirect $input throws $exception_message [$_dataName] * @@ -382,7 +448,7 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase /** * Undocumented function * - * @covers ::decrypt + * @covers ::decryptKey * @dataProvider providerWrongCiphertext * @testdox too short ciphertext static $input throws $exception_message [$_dataName] *