Removed Mcrypt in favor of BlockCipher in Zend\Filter + changed rand …

…in Captcha
guilhermewop · Jul 25, 2012 · 74d4f53 · 74d4f53
1 parent edb5f72
commit 74d4f53
Show file tree

Hide file tree

Showing 15 changed files with 393 additions and 662 deletions.
diff --git a/library/Zend/Captcha/AbstractWord.php b/library/Zend/Captcha/AbstractWord.php
@@ -11,6 +11,7 @@
 namespace Zend\Captcha;
 
 use Zend\Session\Container;
+use Zend\Math\Rand;
 
 /**
  * AbstractWord-based captcha adapter
@@ -350,7 +351,7 @@ public function generate()
      */
     protected function generateRandomId()
     {
-        return md5(mt_rand(0, 1000) . microtime(true));
+        return md5(Rand::getBytes(32));
     }
 
     /**

diff --git a/library/Zend/Captcha/composer.json b/library/Zend/Captcha/composer.json
@@ -13,7 +13,8 @@
     },
     "target-dir": "Zend/Captcha",
     "require": {
-        "php": ">=5.3.3"
+        "php": ">=5.3.3",
+        "zendframework/zend-math": "self.version"
     },
     "require-dev": {
         "zendframework/zendservice-recaptcha": "*"

diff --git a/library/Zend/Crypt/BlockCipher.php b/library/Zend/Crypt/BlockCipher.php
@@ -46,6 +46,13 @@ class BlockCipher
      * @var string
      */
     protected $hash = 'sha256';
+
+    /**
+     * Salt (IV)
+     *
+     * @var string
+     */
+    protected $salt;
 
     /**
      * The output is binary?
@@ -177,6 +184,32 @@ public function getKeyIteration()
         return $this->keyIteration;
     }
 
+    /**
+     * Set the salt (IV)
+     *
+     * @param string $salt
+     * @return BlockCipher
+     * @throws Exception\InvalidArgumentException
+     */
+    public function setSalt($salt)
+    {
+        if (empty($salt)) {
+            throw new Exception\InvalidArgumentException("The salt (IV) cannot be empty");
+        }
+        $this->salt = $salt;
+        return $this;
+    }
+
+    /**
+     * Get the salt (IV)
+     *
+     * @return string
+     */
+    public function getSalt()
+    {
+        return $this->salt;
+    }
+
     /**
      * Enable/disable the binary output
      *
@@ -318,8 +351,12 @@ public function encrypt($data)
             throw new Exception\InvalidArgumentException('No symmetric cipher specified');
         }
         $keySize = $this->cipher->getKeySize();
-        // generate a random salt (IV)
-        $this->cipher->setSalt(Rand::getBytes($this->cipher->getSaltSize(), true));
+        $salt = $this->getSalt();
+        // generate a random salt (IV) if empty
+        if (empty($salt)) {
+            $salt = Rand::getBytes($this->cipher->getSaltSize(), true);
+        }
+        $this->cipher->setSalt($salt); 
         // generate the encryption key and the HMAC key for the authentication
         $hash = Pbkdf2::calc(self::KEY_DERIV_HMAC,
                              $this->getKey(),

diff --git a/library/Zend/Crypt/Symmetric/Mcrypt.php b/library/Zend/Crypt/Symmetric/Mcrypt.php
@@ -236,9 +236,6 @@ public function setKey($key)
         if (empty($key)) {
             throw new Exception\InvalidArgumentException('The key cannot be empty');
         }
-        if (strlen($key) < $this->getKeySize()) {
-            throw new Exception\InvalidArgumentException('The key is not long enough for the cipher');
-        }
         $this->key = $key;
         return $this;
     }
@@ -318,9 +315,17 @@ public function encrypt($data)
         if (null === $this->getKey()) {
             throw new Exception\InvalidArgumentException('No key specified for the encryption');
         }
+        if (strlen($this->getKey()) < $this->getKeySize()) {
+            throw new Exception\InvalidArgumentException('The key is not long enough for the cipher');
+        }
         if (null === $this->getSalt()) {
             throw new Exception\InvalidArgumentException('The salt (IV) cannot be empty');
         }
+        if (strlen($this->getSalt()) < $this->getSaltSize()) {
+            throw new Exception\InvalidArgumentException(
+                'The size of the salt (IV) is not enough. You need ' . $this->getSaltSize() . ' bytes'
+            );
+        }
         if (null === $this->getPadding()) {
             throw new Exception\InvalidArgumentException('You have to specify a padding method');
         }
@@ -400,15 +405,10 @@ public function getSupportedAlgorithms()
      */
     public function setSalt($salt)
     {
-        if (!empty($salt)) {
-            $ivSize = $this->getSaltSize();
-            if (strlen($salt) < $ivSize) {
-                throw new Exception\InvalidArgumentException(
-                    "The size of the salt (IV) is not enough. You need $ivSize bytes"
-                );
-            }
-            $this->iv = $salt;
+        if (empty($salt)) {
+            throw new Exception\InvalidArgumentException('The salt (IV) cannot be empty');
         }
+        $this->iv = $salt;
         return $this;
     }
 

diff --git a/library/Zend/Filter/Encrypt.php b/library/Zend/Filter/Encrypt.php
@@ -65,7 +65,7 @@ public function setAdapter($options = null)
             $adapter = $options['adapter'];
             unset($options['adapter']);
         } else {
-            $adapter = 'Mcrypt';
+            $adapter = 'BlockCipher';
         }
 
         if (!is_array($options)) {