Skip to content

Commit

Permalink
Custom encryption key when using ConfigKey
Browse files Browse the repository at this point in the history
  • Loading branch information
Joris Vaesen committed Apr 26, 2016
1 parent 21012cc commit 6751ae7
Show file tree
Hide file tree
Showing 3 changed files with 50 additions and 8 deletions.
4 changes: 2 additions & 2 deletions src/Controller/Component/CookieComponent.php
View file
Expand Up @@ -252,7 +252,7 @@ protected function _load($key)
$cookie = $this->request->cookies[$first];
$config = $this->configKey($first);
$this->_loaded[$first] = true;
$this->_values[$first] = $this->_decrypt($cookie, $config['encryption']);
$this->_values[$first] = $this->_decrypt($cookie, $config['encryption'], $config['key']);
}

/**
Expand Down Expand Up @@ -310,7 +310,7 @@ protected function _write($name, $value)

$this->_response->cookie([
'name' => $name,
'value' => $this->_encrypt($value, $config['encryption']),
'value' => $this->_encrypt($value, $config['encryption'], $config['key']),
'expire' => $expires->format('U'),
'path' => $config['path'],
'domain' => $config['domain'],
Expand Down
15 changes: 9 additions & 6 deletions src/Utility/CookieCryptTrait.php
View file
Expand Up @@ -97,15 +97,15 @@ protected function _checkCipher($encrypt)
* @param string|bool $mode Encryption mode
* @return string decrypted string
*/
protected function _decrypt($values, $mode)
protected function _decrypt($values, $mode, $key = null)
{
if (is_string($values)) {
return $this->_decode($values, $mode);
return $this->_decode($values, $mode, $key);
}

$decrypted = [];
foreach ($values as $name => $value) {
$decrypted[$name] = $this->_decode($value, $mode);
$decrypted[$name] = $this->_decode($value, $mode, $key);
}
return $decrypted;
}
Expand All @@ -117,19 +117,22 @@ protected function _decrypt($values, $mode)
* @param string|false $encrypt The encryption cipher to use.
* @return string Decoded value.
*/
protected function _decode($value, $encrypt)
protected function _decode($value, $encrypt, $key)
{
if (!$encrypt) {
return $this->_explode($value);
}
$this->_checkCipher($encrypt);
$prefix = 'Q2FrZQ==.';
$value = base64_decode(substr($value, strlen($prefix)));
if (!isset($key)) {
$key = $this->_getCookieEncryptionKey();
}
if ($encrypt === 'rijndael') {
$value = Security::rijndael($value, $this->_getCookieEncryptionKey(), 'decrypt');
$value = Security::rijndael($value, $key, 'decrypt');
}
if ($encrypt === 'aes') {
$value = Security::decrypt($value, $this->_getCookieEncryptionKey());
$value = Security::decrypt($value, $key);
}
return $this->_explode($value);
}
Expand Down
39 changes: 39 additions & 0 deletions tests/TestCase/Controller/Component/CookieComponentTest.php
View file
Expand Up @@ -362,6 +362,45 @@ public function testWriteMulitMixedEncryption()
$this->assertContains('Q2FrZQ==.', $result['value']);
}

/**
* Test writing with a custom encryption key using ConfigKey
*
* @return void
*/
public function testWriteConfigKeyWithCustomEncryptionKey()
{
$name = 'sampleCookieTest';
$value = 'some data';
$encryption = 'aes';
$prefix = "Q2FrZQ==.";
$key = 'justanotherencryptionkeyjustanotherencryptionkey';

$this->Cookie->configKey($name, compact('key', 'encryption'));
$this->Cookie->write($name, $value);

$cookie = $this->Controller->response->cookie($name);

$this->assertEquals($value, Security::decrypt(base64_decode(substr($cookie['value'], strlen($prefix))), $key));
}

/**
* Test reading with a custom encryption key using ConfigKey
*
* @return void
*/
public function testReadConfigKeyWithCustomEncryptionKey()
{
$name = 'sampleCookieTest';
$value = 'some data';
$encryption = 'aes';
$key = 'justanotherencryptionkeyjustanotherencryptionkey';

$this->Cookie->configKey($name, compact('key', 'encryption'));
$this->Cookie->write($name, $value);

$this->assertEquals('some data', $this->Cookie->read($name));
}

/**
* test delete with httpOnly
*
Expand Down

0 comments on commit 6751ae7

Please sign in to comment.