示例#1
0
文件: AesTest.php 项目: Joal01/fof
 /**
  * @covers FOF30\Encrypt\Aes
  *
  * @return  void
  */
 public function testCryptProcessEcb()
 {
     if (function_exists('mcrypt_module_open')) {
         $this->aes = new Aes('The quick brown fox jumped over the lazy dog', 256, 'ecb');
         // Regular string
         $str = 'THATISINSANE';
         $es = $this->aes->encryptString($str, true);
         $ds = $this->aes->decryptString($es, true);
         $ds = rtrim($ds, "");
         $this->assertNotEquals($str, $es);
         $this->assertEquals($str, $ds);
         // UTF-8 data
         $str = 'Χρησιμοποιώντας μη λατινικούς χαρακτήρες';
         $es = $this->aes->encryptString($str, false);
         $ds = $this->aes->decryptString($es, false);
         $ds = rtrim($ds, "");
         $this->assertNotEquals($str, $es);
         $this->assertEquals($str, $ds);
         // Using an odd sized keystring (using sha256 to convert it to a key)
         $this->aes = new Aes('The quick brown fox jumped over the lazy dog');
         $str = 'This is some very secret stuff that you are not supposed to transmit in clear text';
         $es = $this->aes->encryptString($str, true);
         $ds = $this->aes->decryptString($es, true);
         $ds = rtrim($ds, "");
         $this->assertNotEquals($str, $es);
         $this->assertEquals($str, $ds);
     } else {
         $this->markTestSkipped('mcrypt is not supported on this system');
     }
 }
 public function GetTestGetTransparentAuthenticationCredentials()
 {
     // Let's do some TOTP encoding
     $totp = new Totp();
     $otp = $totp->getCode(static::$totpKey);
     $cryptoKey = hash('sha256', static::$totpKey . $otp);
     $aes = new Aes($cryptoKey);
     $plainText_right = json_encode(array('username' => 'FOF30test', 'password' => 'dummy'));
     $plainText_missingPassword = json_encode(array('username' => 'FOF30test'));
     $plainText_missingUsername = json_encode(array('password' => 'dummy'));
     $plainText_crap = 'crap_data';
     $encoded_right = $aes->encryptString($plainText_right);
     $encoded_missingPassword = $aes->encryptString($plainText_missingPassword);
     $encoded_missingUsername = $aes->encryptString($plainText_missingUsername);
     $encoded_crap = $aes->encryptString($plainText_crap);
     $otp = $totp->getCode(static::$totpKey, time() - 86400);
     $cryptoKey = hash('sha256', static::$totpKey . $otp);
     $aes = new Aes($cryptoKey);
     $encodedOutdated = $aes->encryptString($plainText_right);
     // Input data, server globals, do I expect correct username/password
     return array(array(null, array('PHP_AUTH_USER' => 'FOF30test', 'PHP_AUTH_PW' => 'dummy'), true), array(null, array('PHP_AUTH_PW' => 'dummy'), false), array(null, array('PHP_AUTH_USER' => 'FOF30test'), false), array(array('testAuth' => json_encode(array('username' => 'FOF30test', 'password' => 'dummy'))), null, true), array(array('testAuth' => json_encode(array('password' => 'dummy'))), null, false), array(array('testAuth' => json_encode(array('username' => 'FOF30test'))), null, false), array(array('testAuth' => 'stupid_string_is_no_good_json_data'), null, false), array(array('FOF30Username' => 'FOF30test', 'FOF30Password' => 'dummy'), null, true), array(array('FOF30Password' => 'dummy'), null, false), array(array('FOF30Username' => 'FOF30test'), null, false), array(array('junk' => 'food'), null, false), array(null, array('PHP_AUTH_USER' => 'FOF30user', 'PHP_AUTH_PW' => $encoded_right), true), array(null, array('PHP_AUTH_USER' => 'FOF30user', 'PHP_AUTH_PW' => $encoded_missingUsername), false), array(null, array('PHP_AUTH_USER' => 'FOF30user', 'PHP_AUTH_PW' => $encoded_missingPassword), false), array(null, array('PHP_AUTH_USER' => 'FOF30user', 'PHP_AUTH_PW' => $encoded_crap), false), array(null, array('PHP_AUTH_USER' => 'FOF30user', 'PHP_AUTH_PW' => 'this_is_crap_data'), false), array(null, array('PHP_AUTH_USER' => 'FOF30user', 'PHP_AUTH_PW' => $encodedOutdated), false), array(array('testAuth' => $encoded_right), null, true), array(array('testAuth' => $encoded_missingUsername), null, false), array(null, array('testAuth' => $encoded_missingPassword), false), array(null, array('testAuth' => $encoded_crap), false), array(array('testAuth' => 'this_is_crap_data'), null, false), array(array('testAuth' => $encodedOutdated), null, false));
 }
示例#3
0
 /**
  * Decrypts a transparent authentication message using a TOTP
  *
  * @param   string  $encryptedData  The encrypted data
  *
  * @return  array  The decrypted data
  */
 private function decryptWithTOTP($encryptedData)
 {
     if (empty($this->totpKey)) {
         $this->cryptoKey = null;
         return null;
     }
     $totp = new Totp($this->timeStep);
     $period = $totp->getPeriod();
     $period--;
     for ($i = 0; $i <= 2; $i++) {
         $time = ($period + $i) * $this->timeStep;
         $otp = $totp->getCode($this->totpKey, $time);
         $this->cryptoKey = hash('sha256', $this->totpKey . $otp);
         $aes = new Aes($this->cryptoKey);
         try {
             $ret = $aes->decryptString($encryptedData);
         } catch (\Exception $e) {
             continue;
         }
         $ret = rtrim($ret, "");
         $ret = json_decode($ret, true);
         if (!is_array($ret)) {
             continue;
         }
         if (!array_key_exists('username', $ret)) {
             continue;
         }
         if (!array_key_exists('password', $ret)) {
             continue;
         }
         // Successful decryption!
         return $ret;
     }
     // Obviously if we're here we could not decrypt anything. Bail out.
     $this->cryptoKey = null;
     return null;
 }