Permalink
Browse files

Cookie Encryption: QA cleanup.

  • Loading branch information...
daschl committed Sep 12, 2011
1 parent 3e15aed commit 3b7a4b12d36c4548aa52bc91493466fc25368137
Showing with 27 additions and 21 deletions.
  1. +17 −13 storage/session/strategy/Encrypt.php
  2. +10 −8 tests/cases/storage/session/strategy/EncryptTest.php
@@ -61,9 +61,11 @@ public function __construct(array $config = array()) {
'mode' => MCRYPT_MODE_CBC
);
parent::__construct($config + $defaults);
- $this->_config['vector'] = static::_vector($this->_config['cipher'], $this->_config['mode']);
+
+ extract($this->_config);

This comment has been minimized.

Show comment Hide comment
@jperras

jperras Sep 12, 2011

Contributor

Don't use extract. It's all kinds of evil in these situations.

@jperras

jperras Sep 12, 2011

Contributor

Don't use extract. It's all kinds of evil in these situations.

+ $this->_config['vector'] = static::_vector($cipher, $mode);
}
-
+
/**
* Read encryption method.
*
@@ -73,17 +75,17 @@ public function __construct(array $config = array()) {
*/
public function read($data, array $options = array()) {
$class = $options['class'];
-
+
$encrypted = $class::read(null, array('strategies' => false));
$key = isset($options['key']) ? $options['key'] : null;
-
+
if (!isset($encrypted['__encrypted']) || !$encrypted['__encrypted']) {
return isset($encrypted[$key]) ? $encrypted[$key] : null;
}
-
+
$current = $this->_decrypt($encrypted['__encrypted']);
-
- if($key) {
+
+ if ($key) {
return isset($current[$key]) ? $current[$key] : null;
} else {
return $current;
@@ -121,7 +123,7 @@ public function delete($data, array $options = array()) {
$futureData = $this->read(null, array('key' => null) + $options) ?: array();
unset($futureData[$options['key']]);
-
+
$payload = empty($futureData) ? null : $this->_encrypt($futureData);
$class::write('__encrypted', $payload, array('strategies' => false) + $options);
@@ -145,10 +147,10 @@ public static function enabled() {
*/
protected function _encrypt($decrypted = array()) {
extract($this->_config);
-
+
$encrypted = mcrypt_encrypt($cipher, $secret, serialize($decrypted), $mode, $vector);
$data = base64_encode($encrypted) . base64_encode($vector);
-
+
return $data;
}
@@ -160,7 +162,7 @@ protected function _encrypt($decrypted = array()) {
*/
protected function _decrypt($encrypted) {
extract($this->_config);
-
+
$vectorSize = strlen(base64_encode(str_repeat(" ", static::_vectorSize($cipher, $mode))));
$vector = base64_decode(substr($encrypted, -$vectorSize));
$data = base64_decode(substr($encrypted, 0, -$vectorSize));
@@ -180,7 +182,7 @@ protected function _decrypt($encrypted) {
* @link http://www.php.net/manual/en/function.mcrypt-create-iv.php
*/
protected static function _vector($cipher, $mode) {
- if(static::$_vector) {
+ if (static::$_vector) {
return static::$_vector;
}
@@ -198,4 +200,6 @@ protected static function _vector($cipher, $mode) {
protected static function _vectorSize($cipher, $mode) {
return mcrypt_get_iv_size($cipher, $mode);
}
-}
+}
+
+?>
@@ -45,31 +45,31 @@ public function testConstruct() {
public function testWrite() {
$encrypt = new Encrypt(array('secret' => $this->secret));
-
+
$key = 'fookey';
$value = 'barvalue';
$result = $encrypt->write($value, array('class' => $this->mock, 'key' => $key));
$cookie = MockCookieSession::data();
-
+
$this->assertTrue($result);
$this->assertTrue($cookie['__encrypted']);
$this->assertTrue(is_string($cookie['__encrypted']));
$this->assertNotEqual($cookie['__encrypted'], $value);
}
-
+
public function testRead() {
$encrypt = new Encrypt(array('secret' => $this->secret));
$key = 'fookey';
$value = 'barvalue';
-
+
$result = $encrypt->write($value, array('class' => $this->mock, 'key' => $key));
$this->assertTrue($result);
-
+
$cookie = MockCookieSession::data();
$result = $encrypt->read($key, array('class' => $this->mock, 'key' => $key));
-
+
$this->assertEqual($value, $result);
$this->assertNotEqual($cookie['__encrypted'], $result);
}
@@ -87,7 +87,7 @@ public function testDelete() {
$result = $encrypt->read($key, array('class' => $this->mock, 'key' => $key));
$this->assertEqual($value, $result);
-
+
$result = $encrypt->delete($key, array('class' => $this->mock, 'key' => $key));
$cookie = MockCookieSession::data();
@@ -96,4 +96,6 @@ public function testDelete() {
$result = $encrypt->read($key, array('class' => $this->mock));
$this->assertFalse($result);
}
-}
+}
+
+?>

0 comments on commit 3b7a4b1

Please sign in to comment.