Merge pull request #814 from SunMar/master

Allow CryptTrait to accept a \Defuse\Crypto\Key as encryption key #812
2025-05-31 14:12:07 +05:30 · 2018-02-28 21:12:39 +00:00
parent e3266cb50a bec0de16bb
commit cc19da50b4
7 changed files with 37 additions and 13 deletions
--- a/.styleci.yml
+++ b/.styleci.yml
@@ -29,7 +29,6 @@ enabled:
  - phpdoc_inline_tag
  - phpdoc_no_access
  - phpdoc_no_simplified_null_return
-  - phpdoc_order
  - phpdoc_property
  - phpdoc_scalar
  - phpdoc_separation
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.

 ### Added
 - Added event emitters for issued access and refresh tokens (PR #860)
+- Can now use Defuse\Crypto\Key for encryption/decryption of keys which is faster than the Cryto class (PR #812)

 ### Removed
 - Remove paragone/random_compat from dependencies
--- a/src/AuthorizationServer.php
+++ b/src/AuthorizationServer.php
@@ -9,6 +9,7 @@

 namespace League\OAuth2\Server;

+use Defuse\Crypto\Key;
 use League\Event\EmitterAwareInterface;
 use League\Event\EmitterAwareTrait;
 use League\OAuth2\Server\Exception\OAuthServerException;
@@ -68,7 +69,7 @@ class AuthorizationServer implements EmitterAwareInterface
    private $scopeRepository;

    /**
-     * @var string
+     * @var string|Key
     */
    private $encryptionKey;

@@ -84,7 +85,7 @@ class AuthorizationServer implements EmitterAwareInterface
     * @param AccessTokenRepositoryInterface $accessTokenRepository
     * @param ScopeRepositoryInterface       $scopeRepository
     * @param CryptKey|string                $privateKey
-     * @param string                         $encryptionKey
+     * @param string|Key                     $encryptionKey
     * @param null|ResponseTypeInterface     $responseType
     */
    public function __construct(
--- a/src/CryptTrait.php
+++ b/src/CryptTrait.php
@@ -12,11 +12,12 @@
 namespace League\OAuth2\Server;

 use Defuse\Crypto\Crypto;
+use Defuse\Crypto\Key;

 trait CryptTrait
 {
    /**
-     * @var string
+     * @var string|Key
     */
    protected $encryptionKey;

@@ -32,6 +33,10 @@ trait CryptTrait
    protected function encrypt($unencryptedData)
    {
        try {
+            if ($this->encryptionKey instanceof Key) {
+                return Crypto::encrypt($unencryptedData, $this->encryptionKey);
+            }
+
            return Crypto::encryptWithPassword($unencryptedData, $this->encryptionKey);
        } catch (\Exception $e) {
            throw new \LogicException($e->getMessage());
@@ -50,6 +55,10 @@ trait CryptTrait
    protected function decrypt($encryptedData)
    {
        try {
+            if ($this->encryptionKey instanceof Key) {
+                return Crypto::decrypt($encryptedData, $this->encryptionKey);
+            }
+
            return Crypto::decryptWithPassword($encryptedData, $this->encryptionKey);
        } catch (\Exception $e) {
            throw new \LogicException($e->getMessage());
@@ -59,7 +68,7 @@ trait CryptTrait
    /**
     * Set the encryption key
     *
-     * @param string $key
+     * @param string|Key $key
     */
    public function setEncryptionKey($key = null)
    {
--- a/src/Grant/GrantTypeInterface.php
+++ b/src/Grant/GrantTypeInterface.php
@@ -11,6 +11,7 @@

 namespace League\OAuth2\Server\Grant;

+use Defuse\Crypto\Key;
 use League\Event\EmitterAwareInterface;
 use League\OAuth2\Server\CryptKey;
 use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
@@ -136,7 +137,7 @@ interface GrantTypeInterface extends EmitterAwareInterface
    /**
     * Set the encryption key
     *
-     * @param string|null $key
+     * @param string|Key|null $key
     */
    public function setEncryptionKey($key = null);
 }
--- a/src/ResponseTypes/ResponseTypeInterface.php
+++ b/src/ResponseTypes/ResponseTypeInterface.php
@@ -11,6 +11,7 @@

 namespace League\OAuth2\Server\ResponseTypes;

+use Defuse\Crypto\Key;
 use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
 use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
 use Psr\Http\Message\ResponseInterface;
@@ -37,7 +38,7 @@ interface ResponseTypeInterface
    /**
     * Set the encryption key
     *
-     * @param string|null $key
+     * @param string|Key|null $key
     */
    public function setEncryptionKey($key = null);
 }
--- a/tests/Utils/CryptTraitTest.php
+++ b/tests/Utils/CryptTraitTest.php
@@ -2,22 +2,34 @@

 namespace LeagueTests\Utils;

+use Defuse\Crypto\Key;
 use LeagueTests\Stubs\CryptTraitStub;
 use PHPUnit\Framework\TestCase;

 class CryptTraitTest extends TestCase
 {
-    /**
-     * @var \LeagueTests\Stubs\CryptTraitStub
-     */
    protected $cryptStub;

-    public function setUp()
+    protected function setUp()
    {
-        $this->cryptStub = new CryptTraitStub;
+        $this->cryptStub = new CryptTraitStub();
    }

-    public function testEncryptDecrypt()
+    public function testEncryptDecryptWithPassword()
+    {
+        $this->cryptStub->setEncryptionKey(base64_encode(random_bytes(36)));
+
+        $this->encryptDecrypt();
+    }
+
+    public function testEncryptDecryptWithKey()
+    {
+        $this->cryptStub->setEncryptionKey(Key::createNewRandomKey());
+
+        $this->encryptDecrypt();
+    }
+
+    private function encryptDecrypt()
    {
        $payload = 'alex loves whisky';
        $encrypted = $this->cryptStub->doEncrypt($payload);