Home Explore Help
Register Sign In
Eeems
/
juju-php
1
0
Fork 0
Files
Browse Source

Handle path failures better. Throw errors when encryption fails. Filter out bad encryption methods.

Nathaniel van Diepen 6 years ago
parent
e75c51fe93
commit
f8b4a3ec1f
2 changed files with 39 additions and 5 deletions
Split View Show Diff Stats
  1. 2 1
      App/path.class.php
  2. 37 4
      Data/encryption.class.php

+ 2 - 1
App/path.class.php
View File 

@@ -18,9 +18,10 @@
 
 			$ret = true;
 
 			foreach($this->handles as $k => $fn){
 
 				try{
 
-					$ret = $fn($req, $res, $args, $err) !== false;
 
+					$ret = $fn($req, $res, $args, $err) !== false || $ret === false;
 
 				}catch(\Exception $e){
 
 					$err = $e;
 
+					$ret = false;
 
 				}
 
 			}
 
 			return $ret;

+ 37 - 4
Data/encryption.class.php
View File 

@@ -18,13 +18,38 @@
 
 		}
 
 		public static function methods(){
 
 			if(is_null(self::$methods)){
 
-				self::$methods = openssl_get_cipher_methods();
 
+				$methods = openssl_get_cipher_methods(true);
 
+				$methods = array_map('StrToLower', $methods);
 
+				$methods = array_intersect_key(
 
+					$methods,
 
+					array_unique($methods)
 
+				);
 
+				$methods = array_diff($methods, [
 
+					'aes-128-ccm',
 
+					'aes-128-gcm',
 
+					'aes-128-xts',
 
+					'aes-192-ccm',
 
+					'aes-192-gcm',
 
+					'aes-256-ccm',
 
+					'aes-256-gcm',
 
+					'id-aes128-ccm',
 
+					'id-aes128-gcm',
 
+					'id-aes128-wrap',
 
+					'id-aes192-ccm',
 
+					'id-aes192-gcm',
 
+					'id-aes192-wrap',
 
+					'id-aes256-ccm',
 
+					'id-aes256-gcm',
 
+					'id-aes256-wrap',
 
+					'id-smime-alg-cms3deswrap'
 
+				]);
 
+				self::$methods = array_values(array_unique($methods));
 
 			}
 
 			return self::$methods;
 
 		}
 
 		public static function from(string $method){
 
 			if(!in_array($method, self::methods())){
 
-				throw new Exception("Unsupported OpenSSL method: {$method}");
 
+				throw new \Exception("Unsupported OpenSSL method: {$method}");
 
 			}
 
 			if(!isset(Encryption::$instances[$method])){
 
 				Encryption::$instances[$method] = new Encryption($method);
 
@@ -38,10 +63,18 @@
 
 			return openssl_cipher_iv_length($this->method);
 
 		}
 
 		public function encrypt(string $data, string $key, string $iv){
 
-			return openssl_encrypt($data, $this->method, $key, \OPENSSL_RAW_DATA, $iv);
 
+			$ret = openssl_encrypt($data, $this->method, $key, \OPENSSL_RAW_DATA, $iv);
 
+			if($ret === false){
 
+				throw new \Exception("Encryption ({$this->method}) failed: ".openssl_error_string());
 
+			}
 
+			return $ret;
 
 		}
 
 		public function decrypt(string $data, string $key, string $iv){
 
-			return openssl_decrypt($data, $this->method, $key, \OPENSSL_RAW_DATA, $iv);
 
+			$ret = openssl_decrypt($data, $this->method, $key, \OPENSSL_RAW_DATA, $iv);
 
+			if($ret === false){
 
+				throw new \Exception("Decryption ({$this->method}) failed: ".openssl_error_string());
 
+			}
 
+			return $ret;
 
 		}
 
 	}
 
 ?>