Use IV for *cryptHex methods
This commit is contained in:
Xavier Guimard
parent
9d5d1f6cd5
commit
cc8c5e057e
|
|
@ -162,12 +162,23 @@ sub _cryptHex {
|
|||
"Lemonldap::NG::Common::Crypto::${sub}Hex error : data length must be multiple of 32";
|
||||
return undef;
|
||||
}
|
||||
my $iv;
|
||||
if($sub eq 'encrypt') {
|
||||
$iv = $newIv->();
|
||||
}
|
||||
$data = pack "H*", $data;
|
||||
eval { $data = $self->_getCipher($key)->$sub($data); };
|
||||
if($sub eq 'decrypt') {
|
||||
$iv = bytes::substr($data,0,16);
|
||||
$data = bytes::substr($data,16);
|
||||
}
|
||||
eval { $data = $self->_getCipher($key)->set_iv($iv)->$sub($data); };
|
||||
if ($@) {
|
||||
$msg = "Crypt::Rijndael error : $@";
|
||||
return undef;
|
||||
}
|
||||
if($sub eq 'encrypt') {
|
||||
$data = $iv.$data;
|
||||
}
|
||||
$msg = "";
|
||||
$data = unpack "H*", $data;
|
||||
return $data;
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
|
||||
# change 'tests => 1' to 'tests => last_test_to_print';
|
||||
|
||||
use Test::More tests => 21;
|
||||
use Test::More tests => 22;
|
||||
use Digest::MD5 qw(md5 md5_hex md5_base64);
|
||||
use strict;
|
||||
|
||||
|
|
@ -30,7 +30,11 @@ foreach my $i ( 1 .. 17 ) {
|
|||
my $s = '';
|
||||
$s = join( '', map { chr( int( rand(94) ) + 33 ) } ( 1 .. $i ) );
|
||||
ok( $c->decrypt( $c->encrypt($s) ) eq $s,
|
||||
"Test of base64 encrypting with $i characters string" ) or diag "Source: $s\nCypher: ".$c->encrypt($s)."\nUncipher:".$c->decrypt( $c->encrypt($s));
|
||||
"Test of base64 encrypting with $i characters string" )
|
||||
or diag "Source: $s\nCypher: "
|
||||
. $c->encrypt($s)
|
||||
. "\nUncipher:"
|
||||
. $c->decrypt( $c->encrypt($s) );
|
||||
}
|
||||
|
||||
my $data = md5_hex(rand);
|
||||
|
|
@ -42,4 +46,9 @@ ok(
|
|||
|
||||
# Test a long value, and replace carriage return by %0A
|
||||
my $long = "f5a1f72e7ab2f7712855a068af0066f36bfcf2c87e6feb9cf4200da1868e1dfe";
|
||||
ok( $c->decrypt($c->encrypt($long)) eq $long, "Test of long value encrypting" );
|
||||
ok( $c->decrypt( $c->encrypt($long) ) eq $long,
|
||||
"Test of long value encrypting" );
|
||||
ok(
|
||||
$c->decryptHex( $c->encryptHex($long) ) eq $long,
|
||||
"Test of long value encrypting (hex)"
|
||||
);
|
||||
|
|
|
|||
|
|
@ -44,8 +44,8 @@ my $id1 = expectCookie($res);
|
|||
my $id2 = expectCookie( $res, 'lemonldaphttp' );
|
||||
|
||||
# Check lemonldap Cookie
|
||||
ok( $id1 =~ /^\w{64}$/, " -> Get cookie : lemonldap=something" )
|
||||
or explain( $res->[1], "Set-Cookie: lemonldap=$id1" );
|
||||
ok( $id1 =~ /^\w{64}$/, " -> https cookie is 64 char long" )
|
||||
or explain( $id1, '64-char string' );
|
||||
ok( ${ $res->[1] }[3] =~ /HttpOnly=1/, " -> Cookie 'lemonldap' is HttpOnly" )
|
||||
or explain( $res->[1] );
|
||||
ok( ${ $res->[1] }[3] =~ /secure/, " -> Cookie 'lemonldap' is secure" )
|
||||
|
|
@ -53,8 +53,8 @@ ok( ${ $res->[1] }[3] =~ /secure/, " -> Cookie 'lemonldap' is secure" )
|
|||
count(3);
|
||||
|
||||
# Check lemonldaphttp Cookie
|
||||
ok( $id2 =~ /^\w{64}$/, " -> Get cookie lemonldaphttp=something" )
|
||||
or explain( $res->[1], "Set-Cookie: lemonldaphttp=$id2" );
|
||||
ok( length($id2) % 32 == 0, " -> http cookie is 96 byte long" )
|
||||
or explain( $id2, '\w x 32 string' );
|
||||
ok(
|
||||
${ $res->[1] }[5] =~ /HttpOnly=1/,
|
||||
" -> Cookie 'lemonldaphttp' is HttpOnly"
|
||||
|
|
|
|||
Loading…
Reference in New Issue