Commits · c963e65cec63ad83a83cd152d67a2562bb678865 · Perun / Perun ProxyIdP / v1 / simplesamlphp

May 05, 2017

Added tests for SimpleSAML\Utils\Crypto · 8e39cd49

Matt Schwager authored 7 years ago

This also required adding an additional argument to
SimpleSAML\Utils\Crypto::loadPrivateKey to ease in testing. Without
this additional argument, SimpleSAML_Configuration::getBaseDir eventually
gets called to determine the private key location. This doesn't work
well with vfsstream. This argument shouldn't cause too much trouble, and
seems cohesive enough with the function's purpose.

8e39cd49

bugfix: SimpleSAML\Utils\Crypto returns true for different strings using PHP < 5.6. · 4bc62965

Jaime Pérez Crespo authored 7 years ago

The reason was the lack of conversion to integer for each character of the strings before applying the XOR operator to them. The operator returns always an empty string when applied to two characters, and applying a binary-wise OR between 0 and an empty string, yields 0. Therefore, $diff is always 0, and the function returns true for every two strings with same length, regardless of their contents.

4bc62965

Apr 26, 2017
- The ciphertext should never be less than 48 bytes, throw an exception in such case. · eff61b3e
  Jaime Pérez Crespo authored 7 years ago
  
  eff61b3e
- bugfix: mb_strlen() needs the encoding too. · 150c1ef1
  Jaime Pérez Crespo authored 7 years ago
  
  150c1ef1
- Revert "Try to find out what’s broken with the PHP 5.3 build." · d86980b0
  Jaime Pérez Crespo authored 7 years ago
```
This reverts commit b1b0d0ef.
```
  d86980b0
- Revert "Use hex instead of base64, add also the original ciphertext." · 6c0ef58d
  Jaime Pérez Crespo authored 7 years ago
```
This reverts commit c441f9c9.
```
  6c0ef58d
- Try to fix build. · 47fb7380
  Jaime Pérez Crespo authored 7 years ago
```
It looks like mb_substr() doesn’t cope well with NULL as the third parameter in PHP 5.3.
```
  47fb7380
- Use hex instead of base64, add also the original ciphertext. · c441f9c9
  Jaime Pérez Crespo authored 7 years ago
  
  c441f9c9
- Try to find out what’s broken with the PHP 5.3 build. · b1b0d0ef
  Jaime Pérez Crespo authored 7 years ago
  
  b1b0d0ef
- Make sure data encrypted with SimpleSAML\Utils\Crypto::aesEncrypt() is also authenticated. · de298480
  Jaime Pérez Crespo authored 7 years ago
  
  de298480
Mar 30, 2017

Fix an issue with IV generation in SimpleSAML\Utils\Crypto::aesEncrypt(). · 77df6a93

Jaime Pérez Crespo authored 7 years ago

IVs must be random and one-time (never reused). Additionally, by deriving it from the key, the key length was effectively reduced to 128 bits.

77df6a93

Mar 17, 2017
- Add a SimpleSAML\Utils\Crypto::secureCompare() method. · b72c79e3
  Jaime Pérez Crespo authored 8 years ago
```
Use it when constant-time comparisons are needed to avoid side-channel attacks.
```
  b72c79e3
Jan 10, 2017
- Add a couple of methods to handle conversion between PEM and DER. · 6914263c
  Jaime Pérez authored 8 years ago
```
This resolves #476.
```
  6914263c
- Minor formatting and phpdoc fixes. · b9eecee8
  Jaime Pérez authored 8 years ago
  
  b9eecee8
Aug 05, 2016
- Deprecate the certFingerprint option. · 2cebbd34
  Thijs Kinkhorst authored 8 years ago
```
Issue a notice when the option is used nonetheless.

Closes: #432
```
  2cebbd34
Jul 31, 2015
- Be explicit when checking if there's a salt defined or not. · d48e188d
  Jaime Perez Crespo authored 9 years ago
  
  d48e188d
Jul 20, 2015

Reimplement \SimpleSAML\Utils\Crypto::aesDecrypt() and... · 3fd76a6b

Jaime Perez Crespo authored 9 years ago

Reimplement \SimpleSAML\Utils\Crypto::aesDecrypt() and \SimpleSAML\Utils\Crypto::aesEncrypt() to use openssl instead of mcrypt. This removes the direct dependency on mcrypt and closes #228.

3fd76a6b

Jun 20, 2015

Move the aes[En|De]crypt() functionality in \SimpleSAML\Utils\Crypto to... · 18d5fadc

Jaime Perez Crespo authored 9 years ago

Move the aes[En|De]crypt() functionality in \SimpleSAML\Utils\Crypto to internal methods where the secret is passed as a parameter. Then we don't need a working configuration to test the functionality.

18d5fadc

Apr 23, 2015
- Use InvalidArgumentException instead of SimpleSAML_Error_Exception when... · 7c02bdba
  Jaime Perez Crespo authored 9 years ago
```
Use InvalidArgumentException instead of SimpleSAML_Error_Exception when dealing with wrong input parameters.
```
  7c02bdba
- Move SimpleSAML_Utilities::resolveCert() to... · 27d889e9
  Jaime Perez Crespo authored 9 years ago
```
Move SimpleSAML_Utilities::resolveCert() to SimpleSAML\Utils\Config::getCertPath() and deprecate the former.
```
  27d889e9
Apr 20, 2015
- Move SimpleSAML_Utils_Crypto to SimpleSAML\Utils\Crypto. · a38bf33d
  Jaime Perez Crespo authored 9 years ago
  
  a38bf33d
- Move SimpleSAML_Utils_Config to SimpleSAML\Utils\Config. · d71c793e
  Jaime Perez Crespo authored 9 years ago
  
  d71c793e
Apr 16, 2015
- Move SimpleSAML_Utilities::getSecretSalt() to... · 07c6d834
  Jaime Perez Crespo authored 9 years ago
```
Move SimpleSAML_Utilities::getSecretSalt() to SimpleSAML_Utils_Config::getSecretSalt(). Deprecate the former and stop using it.
```
  07c6d834
- Schedule SimpleSAML_Utilities::generateRandomBytes() for removal. Deprecate and stop using it. · 9118f43c
  Jaime Perez Crespo authored 9 years ago
  
  9118f43c
- Move loadPublicKey() and loadPrivateKey() in SimpleSAML_Utilities to SimpleSAML_Utils_Crypto. · 9f3f55f0
  Jaime Perez Crespo authored 9 years ago
```
Mark the old ones as deprecated and schedule them for removal in 2.0.
```
  9f3f55f0
- Move aesEncrypt() and aesDecrypt() in SimpleSAML_Utilities to SimpleSAML_Utils_Crypto. · 5469ee05
  Jaime Perez Crespo authored 9 years ago
```
Mark the old ones as deprecated and schedule them for removal in 2.0.
```
  5469ee05
- Reformat SimpleSAML_Utils_Crypto. Remove... · eb43cb67
  Jaime Perez Crespo authored 9 years ago
```
Reformat SimpleSAML_Utils_Crypto. Remove SimpleSAML_Utils_Crypto::apr1Md5Hash() and SimpleSAML_Utils_Crypto::apr1Md5Valid(), since we are using now an external library for that.
```
  eb43cb67
Jul 09, 2014
- Drop obsolete SVN $Id$ keywords. · 75da426f
  Thijs Kinkhorst authored 10 years ago
  
  75da426f
Feb 09, 2014

Remove more legacy code that's no longer necessary since we are requiring PHP... · 0a513602

Jaime Pérez Crespo authored 11 years ago

Remove more legacy code that's no longer necessary since we are requiring PHP >= 5.3.0. Deprecate SimpleSAML_Utilities::generateRandomBytesMTrand().

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3362 44740490-163a-0410-bde0-09ae8108e29a

0a513602

Nov 04, 2011

authcrypt: Add Htpasswd authentication source. · 05be20e2

Olav Morken authored 13 years ago

Thanks to Dyonisius Visser for implementing this!

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2974 44740490-163a-0410-bde0-09ae8108e29a

05be20e2

Nov 03, 2011

Utils_Crypt: Fix PHP start tag. · dd1b2ba4

Olav Morken authored 13 years ago

Avoid using the short tag style, since it may be disabled. Thanks to
Thijs Kinkhorst for identifying this bug.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2973 44740490-163a-0410-bde0-09ae8108e29a

dd1b2ba4

Oct 28, 2011

Add support for hashed passwords & add authcrypt:Hash authsource. · 1a263f38

Olav Morken authored 13 years ago

Thanks to Dyonisius Visser for implementing this.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2962 44740490-163a-0410-bde0-09ae8108e29a

1a263f38