Use IV for *cryptHex methods
This commit is contained in:
parent
9d5d1f6cd5
commit
cc8c5e057e
|
@ -162,12 +162,23 @@ sub _cryptHex {
|
||||||
"Lemonldap::NG::Common::Crypto::${sub}Hex error : data length must be multiple of 32";
|
"Lemonldap::NG::Common::Crypto::${sub}Hex error : data length must be multiple of 32";
|
||||||
return undef;
|
return undef;
|
||||||
}
|
}
|
||||||
|
my $iv;
|
||||||
|
if($sub eq 'encrypt') {
|
||||||
|
$iv = $newIv->();
|
||||||
|
}
|
||||||
$data = pack "H*", $data;
|
$data = pack "H*", $data;
|
||||||
eval { $data = $self->_getCipher($key)->$sub($data); };
|
if($sub eq 'decrypt') {
|
||||||
|
$iv = bytes::substr($data,0,16);
|
||||||
|
$data = bytes::substr($data,16);
|
||||||
|
}
|
||||||
|
eval { $data = $self->_getCipher($key)->set_iv($iv)->$sub($data); };
|
||||||
if ($@) {
|
if ($@) {
|
||||||
$msg = "Crypt::Rijndael error : $@";
|
$msg = "Crypt::Rijndael error : $@";
|
||||||
return undef;
|
return undef;
|
||||||
}
|
}
|
||||||
|
if($sub eq 'encrypt') {
|
||||||
|
$data = $iv.$data;
|
||||||
|
}
|
||||||
$msg = "";
|
$msg = "";
|
||||||
$data = unpack "H*", $data;
|
$data = unpack "H*", $data;
|
||||||
return $data;
|
return $data;
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
|
|
||||||
# change 'tests => 1' to 'tests => last_test_to_print';
|
# change 'tests => 1' to 'tests => last_test_to_print';
|
||||||
|
|
||||||
use Test::More tests => 21;
|
use Test::More tests => 22;
|
||||||
use Digest::MD5 qw(md5 md5_hex md5_base64);
|
use Digest::MD5 qw(md5 md5_hex md5_base64);
|
||||||
use strict;
|
use strict;
|
||||||
|
|
||||||
|
@ -30,7 +30,11 @@ foreach my $i ( 1 .. 17 ) {
|
||||||
my $s = '';
|
my $s = '';
|
||||||
$s = join( '', map { chr( int( rand(94) ) + 33 ) } ( 1 .. $i ) );
|
$s = join( '', map { chr( int( rand(94) ) + 33 ) } ( 1 .. $i ) );
|
||||||
ok( $c->decrypt( $c->encrypt($s) ) eq $s,
|
ok( $c->decrypt( $c->encrypt($s) ) eq $s,
|
||||||
"Test of base64 encrypting with $i characters string" ) or diag "Source: $s\nCypher: ".$c->encrypt($s)."\nUncipher:".$c->decrypt( $c->encrypt($s));
|
"Test of base64 encrypting with $i characters string" )
|
||||||
|
or diag "Source: $s\nCypher: "
|
||||||
|
. $c->encrypt($s)
|
||||||
|
. "\nUncipher:"
|
||||||
|
. $c->decrypt( $c->encrypt($s) );
|
||||||
}
|
}
|
||||||
|
|
||||||
my $data = md5_hex(rand);
|
my $data = md5_hex(rand);
|
||||||
|
@ -42,4 +46,9 @@ ok(
|
||||||
|
|
||||||
# Test a long value, and replace carriage return by %0A
|
# Test a long value, and replace carriage return by %0A
|
||||||
my $long = "f5a1f72e7ab2f7712855a068af0066f36bfcf2c87e6feb9cf4200da1868e1dfe";
|
my $long = "f5a1f72e7ab2f7712855a068af0066f36bfcf2c87e6feb9cf4200da1868e1dfe";
|
||||||
ok( $c->decrypt($c->encrypt($long)) eq $long, "Test of long value encrypting" );
|
ok( $c->decrypt( $c->encrypt($long) ) eq $long,
|
||||||
|
"Test of long value encrypting" );
|
||||||
|
ok(
|
||||||
|
$c->decryptHex( $c->encryptHex($long) ) eq $long,
|
||||||
|
"Test of long value encrypting (hex)"
|
||||||
|
);
|
||||||
|
|
|
@ -44,8 +44,8 @@ my $id1 = expectCookie($res);
|
||||||
my $id2 = expectCookie( $res, 'lemonldaphttp' );
|
my $id2 = expectCookie( $res, 'lemonldaphttp' );
|
||||||
|
|
||||||
# Check lemonldap Cookie
|
# Check lemonldap Cookie
|
||||||
ok( $id1 =~ /^\w{64}$/, " -> Get cookie : lemonldap=something" )
|
ok( $id1 =~ /^\w{64}$/, " -> https cookie is 64 char long" )
|
||||||
or explain( $res->[1], "Set-Cookie: lemonldap=$id1" );
|
or explain( $id1, '64-char string' );
|
||||||
ok( ${ $res->[1] }[3] =~ /HttpOnly=1/, " -> Cookie 'lemonldap' is HttpOnly" )
|
ok( ${ $res->[1] }[3] =~ /HttpOnly=1/, " -> Cookie 'lemonldap' is HttpOnly" )
|
||||||
or explain( $res->[1] );
|
or explain( $res->[1] );
|
||||||
ok( ${ $res->[1] }[3] =~ /secure/, " -> Cookie 'lemonldap' is secure" )
|
ok( ${ $res->[1] }[3] =~ /secure/, " -> Cookie 'lemonldap' is secure" )
|
||||||
|
@ -53,8 +53,8 @@ ok( ${ $res->[1] }[3] =~ /secure/, " -> Cookie 'lemonldap' is secure" )
|
||||||
count(3);
|
count(3);
|
||||||
|
|
||||||
# Check lemonldaphttp Cookie
|
# Check lemonldaphttp Cookie
|
||||||
ok( $id2 =~ /^\w{64}$/, " -> Get cookie lemonldaphttp=something" )
|
ok( length($id2) % 32 == 0, " -> http cookie is 96 byte long" )
|
||||||
or explain( $res->[1], "Set-Cookie: lemonldaphttp=$id2" );
|
or explain( $id2, '\w x 32 string' );
|
||||||
ok(
|
ok(
|
||||||
${ $res->[1] }[5] =~ /HttpOnly=1/,
|
${ $res->[1] }[5] =~ /HttpOnly=1/,
|
||||||
" -> Cookie 'lemonldaphttp' is HttpOnly"
|
" -> Cookie 'lemonldaphttp' is HttpOnly"
|
||||||
|
|
Loading…
Reference in New Issue
Block a user