From 292272d1281d58abef60c9ad8507cb770103a9c8 Mon Sep 17 00:00:00 2001 From: SunMar Date: Mon, 20 Nov 2017 07:42:09 +0100 Subject: [PATCH 1/4] Allow CryptTrait to accept a \Defuse\Crypto\Key as encryption key #812 --- src/AuthorizationServer.php | 4 +-- src/CryptTrait.php | 17 ++++++++++--- src/Grant/GrantTypeInterface.php | 2 +- src/ResponseTypes/ResponseTypeInterface.php | 2 +- tests/CryptTraitTest.php | 27 +++++++++++++-------- 5 files changed, 34 insertions(+), 18 deletions(-) diff --git a/src/AuthorizationServer.php b/src/AuthorizationServer.php index 69c16954..84a0e93a 100644 --- a/src/AuthorizationServer.php +++ b/src/AuthorizationServer.php @@ -67,7 +67,7 @@ class AuthorizationServer implements EmitterAwareInterface private $scopeRepository; /** - * @var string + * @var string|\Defuse\Crypto\Key */ private $encryptionKey; @@ -83,7 +83,7 @@ class AuthorizationServer implements EmitterAwareInterface * @param AccessTokenRepositoryInterface $accessTokenRepository * @param ScopeRepositoryInterface $scopeRepository * @param CryptKey|string $privateKey - * @param string $encryptionKey + * @param string|\Defuse\Crypto\Key $encryptionKey * @param null|ResponseTypeInterface $responseType */ public function __construct( diff --git a/src/CryptTrait.php b/src/CryptTrait.php index 125a757e..c8713ff3 100644 --- a/src/CryptTrait.php +++ b/src/CryptTrait.php @@ -12,11 +12,12 @@ namespace League\OAuth2\Server; use Defuse\Crypto\Crypto; +use Defuse\Crypto\Key; trait CryptTrait { /** - * @var string + * @var string|Key */ protected $encryptionKey; @@ -32,7 +33,11 @@ trait CryptTrait protected function encrypt($unencryptedData) { try { - return Crypto::encryptWithPassword($unencryptedData, $this->encryptionKey); + if($this->encryptionKey instanceof Key) { + return Crypto::encrypt($unencryptedData, $this->encryptionKey); + } else { + return Crypto::encryptWithPassword($unencryptedData, $this->encryptionKey); + } } catch (\Exception $e) { throw new \LogicException($e->getMessage()); } @@ -50,7 +55,11 @@ trait CryptTrait protected function decrypt($encryptedData) { try { - return Crypto::decryptWithPassword($encryptedData, $this->encryptionKey); + if($this->encryptionKey instanceof Key) { + return Crypto::decrypt($encryptedData, $this->encryptionKey); + } else { + return Crypto::decryptWithPassword($encryptedData, $this->encryptionKey); + } } catch (\Exception $e) { throw new \LogicException($e->getMessage()); } @@ -59,7 +68,7 @@ trait CryptTrait /** * Set the encryption key * - * @param string $key + * @param string|Key $key */ public function setEncryptionKey($key = null) { diff --git a/src/Grant/GrantTypeInterface.php b/src/Grant/GrantTypeInterface.php index 0e721435..56f1ee99 100644 --- a/src/Grant/GrantTypeInterface.php +++ b/src/Grant/GrantTypeInterface.php @@ -136,7 +136,7 @@ interface GrantTypeInterface extends EmitterAwareInterface /** * Set the encryption key * - * @param string|null $key + * @param string|\Defuse\Crypto\Key|null $key */ public function setEncryptionKey($key = null); } diff --git a/src/ResponseTypes/ResponseTypeInterface.php b/src/ResponseTypes/ResponseTypeInterface.php index 8ac20b8c..f76eaa6f 100644 --- a/src/ResponseTypes/ResponseTypeInterface.php +++ b/src/ResponseTypes/ResponseTypeInterface.php @@ -37,7 +37,7 @@ interface ResponseTypeInterface /** * Set the encryption key * - * @param string|null $key + * @param string|\Defuse\Crypto\Key|null $key */ public function setEncryptionKey($key = null); } diff --git a/tests/CryptTraitTest.php b/tests/CryptTraitTest.php index 26427e59..e0954508 100644 --- a/tests/CryptTraitTest.php +++ b/tests/CryptTraitTest.php @@ -2,26 +2,33 @@ namespace LeagueTests\Utils; +use Defuse\Crypto\Key; use LeagueTests\Stubs\CryptTraitStub; use PHPUnit\Framework\TestCase; class CryptTraitTest extends TestCase { - /** - * @var \LeagueTests\Stubs\CryptTraitStub - */ - protected $cryptStub; - - public function setUp() + public function testEncryptDecryptWithPassword() { - $this->cryptStub = new CryptTraitStub; + $cryptStub = new CryptTraitStub(); + $cryptStub->setEncryptionKey(base64_encode(random_bytes(36))); + + return $this->encryptDecrypt($cryptStub); } - public function testEncryptDecrypt() + public function testEncryptDecryptWithKey() { + $cryptStub = new CryptTraitStub(); + $cryptStub->setEncryptionKey(Key::createNewRandomKey()); + + return $this->encryptDecrypt($cryptStub); + } + + protected function encryptDecrypt(CryptTraitStub $cryptStub) { + $payload = 'alex loves whisky'; - $encrypted = $this->cryptStub->doEncrypt($payload); - $plainText = $this->cryptStub->doDecrypt($encrypted); + $encrypted = $cryptStub->doEncrypt($payload); + $plainText = $cryptStub->doDecrypt($encrypted); $this->assertNotEquals($payload, $encrypted); $this->assertEquals($payload, $plainText); From c9b07f386cf1c9454bc024906952e76f9398b2c9 Mon Sep 17 00:00:00 2001 From: Andrew Millington Date: Wed, 28 Feb 2018 20:01:01 +0000 Subject: [PATCH 2/4] Fix StyleCI issues and remove phpdoc order from StyleCI --- .styleci.yml | 1 - src/CryptTrait.php | 4 ++-- tests/Utils/CryptTraitTest.php | 4 ++-- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/.styleci.yml b/.styleci.yml index 6caf80c5..d3498157 100644 --- a/.styleci.yml +++ b/.styleci.yml @@ -29,7 +29,6 @@ enabled: - phpdoc_inline_tag - phpdoc_no_access - phpdoc_no_simplified_null_return - - phpdoc_order - phpdoc_property - phpdoc_scalar - phpdoc_separation diff --git a/src/CryptTrait.php b/src/CryptTrait.php index c8713ff3..be6f5a03 100644 --- a/src/CryptTrait.php +++ b/src/CryptTrait.php @@ -33,7 +33,7 @@ trait CryptTrait protected function encrypt($unencryptedData) { try { - if($this->encryptionKey instanceof Key) { + if ($this->encryptionKey instanceof Key) { return Crypto::encrypt($unencryptedData, $this->encryptionKey); } else { return Crypto::encryptWithPassword($unencryptedData, $this->encryptionKey); @@ -55,7 +55,7 @@ trait CryptTrait protected function decrypt($encryptedData) { try { - if($this->encryptionKey instanceof Key) { + if ($this->encryptionKey instanceof Key) { return Crypto::decrypt($encryptedData, $this->encryptionKey); } else { return Crypto::decryptWithPassword($encryptedData, $this->encryptionKey); diff --git a/tests/Utils/CryptTraitTest.php b/tests/Utils/CryptTraitTest.php index e0954508..6b0d592b 100644 --- a/tests/Utils/CryptTraitTest.php +++ b/tests/Utils/CryptTraitTest.php @@ -24,8 +24,8 @@ class CryptTraitTest extends TestCase return $this->encryptDecrypt($cryptStub); } - protected function encryptDecrypt(CryptTraitStub $cryptStub) { - + protected function encryptDecrypt(CryptTraitStub $cryptStub) + { $payload = 'alex loves whisky'; $encrypted = $cryptStub->doEncrypt($payload); $plainText = $cryptStub->doDecrypt($encrypted); From a56acc8dd09bc91c66a6ea2b0610128ec764863c Mon Sep 17 00:00:00 2001 From: Andrew Millington Date: Wed, 28 Feb 2018 20:33:19 +0000 Subject: [PATCH 3/4] Minor code tidy up --- src/AuthorizationServer.php | 5 +++-- src/CryptTrait.php | 8 +++---- src/Grant/GrantTypeInterface.php | 3 ++- src/ResponseTypes/ResponseTypeInterface.php | 3 ++- tests/Utils/CryptTraitTest.php | 23 +++++++++++++-------- 5 files changed, 25 insertions(+), 17 deletions(-) diff --git a/src/AuthorizationServer.php b/src/AuthorizationServer.php index 51cf6905..f1e96146 100644 --- a/src/AuthorizationServer.php +++ b/src/AuthorizationServer.php @@ -9,6 +9,7 @@ namespace League\OAuth2\Server; +use Defuse\Crypto\Key; use League\Event\EmitterAwareInterface; use League\Event\EmitterAwareTrait; use League\OAuth2\Server\Exception\OAuthServerException; @@ -68,7 +69,7 @@ class AuthorizationServer implements EmitterAwareInterface private $scopeRepository; /** - * @var string|\Defuse\Crypto\Key + * @var string|Key */ private $encryptionKey; @@ -84,7 +85,7 @@ class AuthorizationServer implements EmitterAwareInterface * @param AccessTokenRepositoryInterface $accessTokenRepository * @param ScopeRepositoryInterface $scopeRepository * @param CryptKey|string $privateKey - * @param string|\Defuse\Crypto\Key $encryptionKey + * @param string|Key $encryptionKey * @param null|ResponseTypeInterface $responseType */ public function __construct( diff --git a/src/CryptTrait.php b/src/CryptTrait.php index be6f5a03..c9a6d7a6 100644 --- a/src/CryptTrait.php +++ b/src/CryptTrait.php @@ -35,9 +35,9 @@ trait CryptTrait try { if ($this->encryptionKey instanceof Key) { return Crypto::encrypt($unencryptedData, $this->encryptionKey); - } else { - return Crypto::encryptWithPassword($unencryptedData, $this->encryptionKey); } + + return Crypto::encryptWithPassword($unencryptedData, $this->encryptionKey); } catch (\Exception $e) { throw new \LogicException($e->getMessage()); } @@ -57,9 +57,9 @@ trait CryptTrait try { if ($this->encryptionKey instanceof Key) { return Crypto::decrypt($encryptedData, $this->encryptionKey); - } else { - return Crypto::decryptWithPassword($encryptedData, $this->encryptionKey); } + + return Crypto::decryptWithPassword($encryptedData, $this->encryptionKey); } catch (\Exception $e) { throw new \LogicException($e->getMessage()); } diff --git a/src/Grant/GrantTypeInterface.php b/src/Grant/GrantTypeInterface.php index 56f1ee99..2aee367f 100644 --- a/src/Grant/GrantTypeInterface.php +++ b/src/Grant/GrantTypeInterface.php @@ -11,6 +11,7 @@ namespace League\OAuth2\Server\Grant; +use Defuse\Crypto\Key; use League\Event\EmitterAwareInterface; use League\OAuth2\Server\CryptKey; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; @@ -136,7 +137,7 @@ interface GrantTypeInterface extends EmitterAwareInterface /** * Set the encryption key * - * @param string|\Defuse\Crypto\Key|null $key + * @param string|Key|null $key */ public function setEncryptionKey($key = null); } diff --git a/src/ResponseTypes/ResponseTypeInterface.php b/src/ResponseTypes/ResponseTypeInterface.php index f76eaa6f..5eddd607 100644 --- a/src/ResponseTypes/ResponseTypeInterface.php +++ b/src/ResponseTypes/ResponseTypeInterface.php @@ -11,6 +11,7 @@ namespace League\OAuth2\Server\ResponseTypes; +use Defuse\Crypto\Key; use League\OAuth2\Server\Entities\AccessTokenEntityInterface; use League\OAuth2\Server\Entities\RefreshTokenEntityInterface; use Psr\Http\Message\ResponseInterface; @@ -37,7 +38,7 @@ interface ResponseTypeInterface /** * Set the encryption key * - * @param string|\Defuse\Crypto\Key|null $key + * @param string|Key|null $key */ public function setEncryptionKey($key = null); } diff --git a/tests/Utils/CryptTraitTest.php b/tests/Utils/CryptTraitTest.php index 6b0d592b..c517cec2 100644 --- a/tests/Utils/CryptTraitTest.php +++ b/tests/Utils/CryptTraitTest.php @@ -8,27 +8,32 @@ use PHPUnit\Framework\TestCase; class CryptTraitTest extends TestCase { + protected $cryptStub; + + protected function setUp() + { + $this->cryptStub = new CryptTraitStub(); + } + public function testEncryptDecryptWithPassword() { - $cryptStub = new CryptTraitStub(); - $cryptStub->setEncryptionKey(base64_encode(random_bytes(36))); + $this->cryptStub->setEncryptionKey(base64_encode(random_bytes(36))); - return $this->encryptDecrypt($cryptStub); + $this->encryptDecrypt(); } public function testEncryptDecryptWithKey() { - $cryptStub = new CryptTraitStub(); - $cryptStub->setEncryptionKey(Key::createNewRandomKey()); + $this->cryptStub->setEncryptionKey(Key::createNewRandomKey()); - return $this->encryptDecrypt($cryptStub); + $this->encryptDecrypt(); } - protected function encryptDecrypt(CryptTraitStub $cryptStub) + private function encryptDecrypt() { $payload = 'alex loves whisky'; - $encrypted = $cryptStub->doEncrypt($payload); - $plainText = $cryptStub->doDecrypt($encrypted); + $encrypted = $this->cryptStub->doEncrypt($payload); + $plainText = $this->cryptStub->doDecrypt($encrypted); $this->assertNotEquals($payload, $encrypted); $this->assertEquals($payload, $plainText); From bec0de16bb3da27536592004cf99822b02bfc480 Mon Sep 17 00:00:00 2001 From: Andrew Millington Date: Wed, 28 Feb 2018 21:00:30 +0000 Subject: [PATCH 4/4] Update Changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0de8ea90..045e54e3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ### Added - Added event emitters for issued access and refresh tokens (PR #860) +- Can now use Defuse\Crypto\Key for encryption/decryption of keys which is faster than the Cryto class (PR #812) ### Removed - Remove paragone/random_compat from dependencies