worteks
/
lemonldap-ng
mirror of https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add an initialization vector in crypt methods

Browse Source
environments/ppa-mbqj77/deployments/771
Xavier Guimard 6 years ago
parent e23611b73b
commit 0b1643c294
2 changed files with 27 additions and 9 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 30
      lemonldap-ng-common/lib/Lemonldap/NG/Common/Crypto.pm
  2. 6
      lemonldap-ng-common/t/35-Common-Crypto.t

30
lemonldap-ng-common/lib/Lemonldap/NG/Common/Crypto.pm
Unescape View File

@ -15,6 +15,17 @@ use Digest::MD5 qw(md5);
use bytes;
our $VERSION = '2.0.0';
my $newIv;
BEGIN {
eval { require Crypt::URandom; Crypt::URandom::urandom(16) };
if ($@) {
$newIv = sub { return md5( rand() . time . {} ) };
}
else {
$newIv = sub { return Crypt::URandom::urandom(16) };
}
}
our $msg;
@ -41,11 +52,11 @@ sub new {
# @param key that secondary key
# @return Crypt::Rijndael object
sub _getCipher {
my ( $self, $key ) = @_;
my ( $self, $key, $iv ) = @_;
$key ||= "";
$self->{ciphers}->{$key} ||=
my $cipher =
Crypt::Rijndael->new( md5( $self->{key}, $key ), $self->{mode} );
return $self->{ciphers}->{$key};
return $cipher;
}
## @method string encrypt(string data)
@ -59,7 +70,12 @@ sub encrypt {
my $l = bytes::length($data) % 16;
$data .= "\0" x ( 16 - $l ) unless ( $l == 0 );
eval { $data = encode_base64( $self->_getCipher->encrypt($data), '' ); };
my $iv = $newIv->();
eval {
$data =
encode_base64( $iv . $self->_getCipher->set_iv($iv)->encrypt($data),
'' );
};
if ($@) {
$msg = "Crypt::Rijndael error : $@";
return undef;
@ -81,7 +97,11 @@ sub decrypt {
$data =~ s/%2F/\//ig;
$data =~ s/%3D/=/ig;
$data =~ s/%0A/\n/ig;
eval { $data = $self->_getCipher->decrypt( decode_base64($data) ); };
$data = decode_base64($data);
my $iv;
$iv = bytes::substr( $data, 0, 16 );
$data = bytes::substr( $data, 16 );
eval { $data = $self->_getCipher->set_iv($iv)->decrypt($data); };
if ($@) {
$msg = "Crypt::Rijndael error : $@";
return undef;

6
lemonldap-ng-common/t/35-Common-Crypto.t
Unescape View File

@ -30,7 +30,7 @@ foreach my $i ( 1 .. 17 ) {
my $s = '';
$s = join( '', map { chr( int( rand(94) ) + 33 ) } ( 1 .. $i ) );
ok( $c->decrypt( $c->encrypt($s) ) eq $s,
"Test of base64 encrypting with $i characters string" );
"Test of base64 encrypting with $i characters string" ) or diag "Source: $s\nCypher: ".$c->encrypt($s)."\nUncipher:".$c->decrypt( $c->encrypt($s));
}
my $data = md5_hex(rand);
@ -42,6 +42,4 @@ ok(
# Test a long value, and replace carriage return by %0A
my $long = "f5a1f72e7ab2f7712855a068af0066f36bfcf2c87e6feb9cf4200da1868e1dfe";
my $cryptedlong =
"Da6sYxp9NCXv8+8TirqHmPWwTQHyEGmkCBGCLCX/81dPSMwIQVQNV7X9KG3RrKZfyRmzJR6DZYdU%0Ab75+VH3+CA==";
ok( $c->decrypt($cryptedlong) eq $long, "Test of long value encrypting" );
ok( $c->decrypt($c->encrypt($long)) eq $long, "Test of long value encrypting" );

Write Preview
Loading…
Cancel
Save