public function testVerify() { $value = 'value'; $signature = 'signature'; $badValue = 'bad_value'; $badSignature = 'bad_signature'; $this->algorithm->expects($this->exactly(2))->method('compute')->will($this->returnValueMap([[$value, $signature], [$badValue, 'wontverify']])); $this->assertTrue($this->encryption->verify($value, $signature)); $this->assertFalse($this->encryption->verify($badValue, $badSignature)); }
/** * Get a cache entry * * @param string $key * @return null|mixed * @throws DataCorrupted */ public function get(string $key) { $shmKey = $this->getSHMKey($key); if (!\apcu_exists($shmKey)) { return null; } $data = \apcu_fetch($shmKey); if ($this->authKey) { // We're authenticating this value: $mac = Util::subString($data, 0, \Sodium\CRYPTO_GENERICHASH_BYTES_MAX); $data = Util::subString($data, \Sodium\CRYPTO_GENERICHASH_BYTES_MAX); if (!Symmetric::verify($data, $this->authKey, $mac, true)) { // Someone messed with our shared memory. throw new DataCorrupted(); } } return \json_decode($data, true); }
/** * If the token is valid, log in as the user. * * @param string $token */ protected function processRecoveryToken(string $token) { if (Util::stringLength($token) < UserAccounts::RECOVERY_CHAR_LENGTH) { \Airship\redirect($this->airship_cabin_prefix . '/login'); } $selector = Util::subString($token, 0, 32); $validator = Util::subString($token, 32); $ttl = (int) $this->config('password-reset.ttl'); if (empty($ttl)) { \Airship\redirect($this->airship_cabin_prefix . '/login'); } $recoveryInfo = $this->acct->getRecoveryData($selector, $ttl); if (empty($recoveryInfo)) { \Airship\redirect($this->airship_cabin_prefix . '/login'); } $state = State::instance(); if (Symmetric::verify($validator . $recoveryInfo['userid'], $state->keyring['auth.recovery_key'], $recoveryInfo['hashedtoken'])) { $_SESSION['userid'] = (int) $recoveryInfo['userid']; $_SESSION['session_canary'] = $this->acct->createSessionCanary($recoveryInfo['userid']); $this->acct->deleteRecoveryToken($selector); \Airship\redirect($this->airship_cabin_prefix . '/my/account'); } \Airship\redirect($this->airship_cabin_prefix . '/login'); }