From bfd5bf2a98da6b2743cc2d2ea4822da464b6d630 Mon Sep 17 00:00:00 2001 From: wilsonge Date: Wed, 23 Aug 2017 15:05:43 +0100 Subject: [PATCH] Move FOFEncrypt to Joomla namespace --- .../components/com_users/Model/User.php | 9 +-- libraries/fof/encrypt/randvalinterface.php | 22 ------- .../Encrypt/AES/AbstractAES.php} | 15 ++--- .../Encrypt/AES/AesInterface.php} | 19 +++--- .../mcrypt.php => src/Encrypt/AES/Mcrypt.php} | 46 +++++++------- .../Encrypt/AES/OpenSSL.php} | 44 +++++++------ .../encrypt/aes.php => src/Encrypt/Aes.php} | 62 +++++++++---------- .../base32.php => src/Encrypt/Base32.php} | 31 +++++----- libraries/src/Encrypt/RandValInterface.php | 23 +++++++ .../randval.php => src/Encrypt/Randval.php} | 46 ++++---------- .../encrypt/totp.php => src/Encrypt/Totp.php} | 20 +++--- plugins/twofactorauth/totp/totp.php | 8 ++- 12 files changed, 163 insertions(+), 182 deletions(-) delete mode 100644 libraries/fof/encrypt/randvalinterface.php rename libraries/{fof/encrypt/aes/abstract.php => src/Encrypt/AES/AbstractAES.php} (82%) rename libraries/{fof/encrypt/aes/interface.php => src/Encrypt/AES/AesInterface.php} (86%) rename libraries/{fof/encrypt/aes/mcrypt.php => src/Encrypt/AES/Mcrypt.php} (64%) rename libraries/{fof/encrypt/aes/openssl.php => src/Encrypt/AES/OpenSSL.php} (69%) rename libraries/{fof/encrypt/aes.php => src/Encrypt/Aes.php} (82%) rename libraries/{fof/encrypt/base32.php => src/Encrypt/Base32.php} (87%) create mode 100644 libraries/src/Encrypt/RandValInterface.php rename libraries/{fof/encrypt/randval.php => src/Encrypt/Randval.php} (74%) rename libraries/{fof/encrypt/totp.php => src/Encrypt/Totp.php} (92%) diff --git a/administrator/components/com_users/Model/User.php b/administrator/components/com_users/Model/User.php index 24dbe99790d54..981c658eca5a4 100644 --- a/administrator/components/com_users/Model/User.php +++ b/administrator/components/com_users/Model/User.php @@ -13,6 +13,7 @@ use Joomla\CMS\Access\Access; use Joomla\CMS\Component\ComponentHelper; use Joomla\CMS\Helper\TagsHelper; +use Joomla\CMS\Encrypt\Aes; use Joomla\CMS\Language\Multilanguage; use Joomla\CMS\Mvc\Factory\MvcFactoryInterface; use Joomla\CMS\Model\Admin; @@ -1018,8 +1019,8 @@ public function getOtpConfig($user_id = null) if (strpos($config, '{') === false) { - $openssl = new \FOFEncryptAes($key, 256); - $mcrypt = new \FOFEncryptAes($key, 256, 'cbc', null, 'mcrypt'); + $openssl = new Aes($key, 256); + $mcrypt = new Aes($key, 256, 'cbc', null, 'mcrypt'); $decryptedConfig = $mcrypt->decryptString($config); @@ -1051,7 +1052,7 @@ public function getOtpConfig($user_id = null) } // Create an encryptor class - $aes = new \FOFEncryptAes($key, 256); + $aes = new Aes($key, 256); // Decrypt the data $decryptedOtep = $aes->decryptString($encryptedOtep); @@ -1118,7 +1119,7 @@ public function setOtpConfig($user_id, $otpConfig) // Create an encryptor class $key = $this->getOtpConfigEncryptionKey(); - $aes = new \FOFEncryptAes($key, 256); + $aes = new Aes($key, 256); // Create the encrypted option strings if (!empty($otpConfig->method) && ($otpConfig->method != 'none')) diff --git a/libraries/fof/encrypt/randvalinterface.php b/libraries/fof/encrypt/randvalinterface.php deleted file mode 100644 index 85cd6bd7bcf0d..0000000000000 --- a/libraries/fof/encrypt/randvalinterface.php +++ /dev/null @@ -1,22 +0,0 @@ -generate($iv_size); } @@ -76,54 +79,49 @@ public function decrypt($cipherText, $key) return $plainText; } - public function isSupported(FOFUtilsPhpfunc $phpfunc = null) + public function isSupported() { - if (!is_object($phpfunc) || !($phpfunc instanceof $phpfunc)) - { - $phpfunc = new FOFUtilsPhpfunc(); - } - - if (!$phpfunc->function_exists('mcrypt_get_key_size')) + if (!function_exists('mcrypt_get_key_size')) { return false; } - if (!$phpfunc->function_exists('mcrypt_get_iv_size')) + if (!function_exists('mcrypt_get_iv_size')) { return false; } - if (!$phpfunc->function_exists('mcrypt_create_iv')) + if (!function_exists('mcrypt_create_iv')) { return false; } - if (!$phpfunc->function_exists('mcrypt_encrypt')) + if (!function_exists('mcrypt_encrypt')) { return false; } - if (!$phpfunc->function_exists('mcrypt_decrypt')) + if (!function_exists('mcrypt_decrypt')) { return false; } - if (!$phpfunc->function_exists('mcrypt_list_algorithms')) + if (!function_exists('mcrypt_list_algorithms')) { return false; } - if (!$phpfunc->function_exists('hash')) + if (!function_exists('hash')) { return false; } - if (!$phpfunc->function_exists('hash_algos')) + if (!function_exists('hash_algos')) { return false; } - $algorightms = $phpfunc->mcrypt_list_algorithms(); + $algorightms = mcrypt_list_algorithms(); if (!in_array('rijndael-128', $algorightms)) { @@ -140,7 +138,7 @@ public function isSupported(FOFUtilsPhpfunc $phpfunc = null) return false; } - $algorightms = $phpfunc->hash_algos(); + $algorightms = hash_algos(); if (!in_array('sha256', $algorightms)) { diff --git a/libraries/fof/encrypt/aes/openssl.php b/libraries/src/Encrypt/AES/OpenSSL.php similarity index 69% rename from libraries/fof/encrypt/aes/openssl.php rename to libraries/src/Encrypt/AES/OpenSSL.php index 094b1e502a040..fc92dfca7acd0 100644 --- a/libraries/fof/encrypt/aes/openssl.php +++ b/libraries/src/Encrypt/AES/OpenSSL.php @@ -1,15 +1,18 @@ generate($iv_size); } @@ -103,56 +106,51 @@ public function decrypt($cipherText, $key) return $plainText; } - public function isSupported(FOFUtilsPhpfunc $phpfunc = null) + public function isSupported() { - if (!is_object($phpfunc) || !($phpfunc instanceof $phpfunc)) - { - $phpfunc = new FOFUtilsPhpfunc(); - } - - if (!$phpfunc->function_exists('openssl_get_cipher_methods')) + if (!function_exists('openssl_get_cipher_methods')) { return false; } - if (!$phpfunc->function_exists('openssl_random_pseudo_bytes')) + if (!function_exists('openssl_random_pseudo_bytes')) { return false; } - if (!$phpfunc->function_exists('openssl_cipher_iv_length')) + if (!function_exists('openssl_cipher_iv_length')) { return false; } - if (!$phpfunc->function_exists('openssl_encrypt')) + if (!function_exists('openssl_encrypt')) { return false; } - if (!$phpfunc->function_exists('openssl_decrypt')) + if (!function_exists('openssl_decrypt')) { return false; } - if (!$phpfunc->function_exists('hash')) + if (!function_exists('hash')) { return false; } - if (!$phpfunc->function_exists('hash_algos')) + if (!function_exists('hash_algos')) { return false; } - $algorightms = $phpfunc->openssl_get_cipher_methods(); + $algorightms = openssl_get_cipher_methods(); if (!in_array('aes-128-cbc', $algorightms)) { return false; } - $algorightms = $phpfunc->hash_algos(); + $algorightms = hash_algos(); if (!in_array('sha256', $algorightms)) { diff --git a/libraries/fof/encrypt/aes.php b/libraries/src/Encrypt/Aes.php similarity index 82% rename from libraries/fof/encrypt/aes.php rename to libraries/src/Encrypt/Aes.php index 25c5c06b6c103..68cefc1896fbb 100644 --- a/libraries/fof/encrypt/aes.php +++ b/libraries/src/Encrypt/Aes.php @@ -1,12 +1,18 @@ adapter = new FOFEncryptAesOpenssl(); + $this->adapter = new Openssl; - if (!$this->adapter->isSupported($phpfunc)) + if (!$this->adapter->isSupported()) { - $this->adapter = new FOFEncryptAesMcrypt(); + $this->adapter = new Mcrypt; } } else { - $this->adapter = new FOFEncryptAesMcrypt(); + $this->adapter = new Mcrypt; - if (!$this->adapter->isSupported($phpfunc)) + if (!$this->adapter->isSupported()) { - $this->adapter = new FOFEncryptAesOpenssl(); + $this->adapter = new Openssl; } } @@ -110,7 +115,7 @@ public function setPassword($password, $legacyMode = false) public function encryptString($stringToEncrypt, $base64encoded = true) { $blockSize = $this->adapter->getBlockSize(); - $randVal = new FOFEncryptRandval(); + $randVal = new Randval; $iv = $randVal->generate($blockSize); $key = $this->getExpandedKey($blockSize, $iv); @@ -156,45 +161,38 @@ public function decryptString($stringToDecrypt, $base64encoded = true) /** * Is AES encryption supported by this PHP installation? * - * @param FOFUtilsPhpfunc $phpfunc - * * @return boolean */ - public static function isSupported(FOFUtilsPhpfunc $phpfunc = null) + public static function isSupported() { - if (!is_object($phpfunc) || !($phpfunc instanceof $phpfunc)) - { - $phpfunc = new FOFUtilsPhpfunc(); - } - - $adapter = new FOFEncryptAesMcrypt(); + $adapter = new Mcrypt; - if (!$adapter->isSupported($phpfunc)) + if (!$adapter->isSupported()) { - $adapter = new FOFEncryptAesOpenssl(); + $adapter = new Openssl; } - if (!$adapter->isSupported($phpfunc)) + if (!$adapter->isSupported()) { return false; } - if (!$phpfunc->function_exists('base64_encode')) + if (!function_exists('base64_encode')) { return false; } - if (!$phpfunc->function_exists('base64_decode')) + if (!function_exists('base64_decode')) { return false; } - if (!$phpfunc->function_exists('hash_algos')) + if (!function_exists('hash_algos')) { return false; } - $algorightms = $phpfunc->hash_algos(); + $algorightms = hash_algos(); if (!in_array('sha256', $algorightms)) { diff --git a/libraries/fof/encrypt/base32.php b/libraries/src/Encrypt/Base32.php similarity index 87% rename from libraries/fof/encrypt/base32.php rename to libraries/src/Encrypt/Base32.php index 768e064dee1d9..7356f2cf4afcd 100644 --- a/libraries/fof/encrypt/base32.php +++ b/libraries/src/Encrypt/Base32.php @@ -1,19 +1,22 @@ 0) { - throw new Exception('Length must be divisible by 8'); + throw new \Exception('Length must be divisible by 8'); } if (!preg_match('/^[01]+$/', $str)) { - throw new Exception('Only 0\'s and 1\'s are permitted'); + throw new \Exception('Only 0\'s and 1\'s are permitted'); } preg_match_all('/.{8}/', $str, $chrs); @@ -80,18 +83,18 @@ private function bin2str($str) * * @return string String encoded as base32 * - * @throws exception + * @throws \Exception */ private function fromBin($str) { if (strlen($str) % 8 > 0) { - throw new Exception('Length must be divisible by 8'); + throw new \Exception('Length must be divisible by 8'); } if (!preg_match('/^[01]+$/', $str)) { - throw new Exception('Only 0\'s and 1\'s are permitted'); + throw new \Exception('Only 0\'s and 1\'s are permitted'); } // Base32 works on the first 5 bits of a byte, so we insert blanks to pad it out @@ -124,13 +127,13 @@ private function fromBin($str) * * @return string Ascii binary string * - * @throws Exception + * @throws \Exception */ private function toBin($str) { if (!preg_match('/^[' . self::CSRFC3548 . ']+$/', $str)) { - throw new Exception('Must match character set'); + throw new \Exception('Must match character set'); } // Convert the base32 string back to a binary string diff --git a/libraries/src/Encrypt/RandValInterface.php b/libraries/src/Encrypt/RandValInterface.php new file mode 100644 index 0000000000000..166c8234ee7ce --- /dev/null +++ b/libraries/src/Encrypt/RandValInterface.php @@ -0,0 +1,23 @@ +phpfunc = $phpfunc; - } - /** * * Returns a cryptographically secure random value. @@ -47,7 +25,7 @@ public function __construct(FOFUtilsPhpfunc $phpfunc = null) */ public function generate($bytes = 32) { - if ($this->phpfunc->extension_loaded('openssl') && (version_compare(PHP_VERSION, '5.3.4') >= 0 || IS_WIN)) + if (extension_loaded('openssl') && (version_compare(PHP_VERSION, '5.3.4') >= 0 || IS_WIN)) { $strong = false; $randBytes = openssl_random_pseudo_bytes($bytes, $strong); @@ -58,9 +36,9 @@ public function generate($bytes = 32) } } - if ($this->phpfunc->extension_loaded('mcrypt')) + if (extension_loaded('mcrypt')) { - return $this->phpfunc->mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM); + return mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM); } return $this->genRandomBytes($bytes); @@ -93,7 +71,7 @@ public function genRandomBytes($length = 32) $handle = null; // This is PHP 5.3.3 and up - if ($this->phpfunc->function_exists('stream_set_read_buffer') && @is_readable('/dev/urandom')) + if (function_exists('stream_set_read_buffer') && @is_readable('/dev/urandom')) { $handle = @fopen('/dev/urandom', 'rb'); diff --git a/libraries/fof/encrypt/totp.php b/libraries/src/Encrypt/Totp.php similarity index 92% rename from libraries/fof/encrypt/totp.php rename to libraries/src/Encrypt/Totp.php index 7b89c6f96c511..80827145b03f3 100644 --- a/libraries/fof/encrypt/totp.php +++ b/libraries/src/Encrypt/Totp.php @@ -1,20 +1,22 @@ _base32 = new FOFEncryptBase32; + $this->_base32 = new Base32; } else { @@ -174,7 +176,7 @@ public function generateSecret() $c = rand(0, 255); $secret .= pack("c", $c); } - $base32 = new FOFEncryptBase32; + $base32 = new Base32; return $this->_base32->encode($secret); } diff --git a/plugins/twofactorauth/totp/totp.php b/plugins/twofactorauth/totp/totp.php index e4040de5d3b97..250dc0476dd9b 100644 --- a/plugins/twofactorauth/totp/totp.php +++ b/plugins/twofactorauth/totp/totp.php @@ -9,6 +9,8 @@ defined('_JEXEC') or die; +use Joomla\CMS\Encrypt\Totp; + /** * Joomla! Two Factor Authentication using Google Authenticator TOTP Plugin * @@ -89,7 +91,7 @@ public function onUserTwofactorIdentify() public function onUserTwofactorShowConfiguration($otpConfig, $user_id = null) { // Create a new TOTP class with Google Authenticator compatible settings - $totp = new FOFEncryptTotp(30, 6, 10); + $totp = new Totp(30, 6, 10); if ($otpConfig->method === $this->methodName) { @@ -177,7 +179,7 @@ public function onUserTwofactorApplyConfiguration($method) } // Create a new TOTP class with Google Authenticator compatible settings - $totp = new FOFEncryptTotp(30, 6, 10); + $totp = new Totp(30, 6, 10); // Check the security code entered by the user (exact time slot match) $code = $totp->getCode($data['key']); @@ -259,7 +261,7 @@ public function onUserTwofactorAuthenticate($credentials, $options) } // Create a new TOTP class with Google Authenticator compatible settings - $totp = new FOFEncryptTotp(30, 6, 10); + $totp = new Totp(30, 6, 10); // Check the code $code = $totp->getCode($otpConfig->config['code']);