Merge branch 'master' of git://github.com/zendframework/zf2

zendframework · Jul 26, 2012 · af61218 · af61218
12 parents 8a99be2 + b251bdd + 9ecdb37 + 1b357ee + 4a7c17e + a40cc7f + a000f96 + fef31dc + 2b50632 + e854c8c + 450528a + 01abc0c
commit af61218
Show file tree

Hide file tree

Showing 43 changed files with 212 additions and 362 deletions.
diff --git a/.gitmodules b/.gitmodules
diff --git a/composer.json b/composer.json
@@ -1,6 +1,6 @@
 {
     "name": "zendframework/zend-crypt",
-    "description": "Zend\\Crypt component",
+    "description": " ",
     "license": "BSD-3-Clause",
     "keywords": [
         "zf2",
@@ -9,11 +9,11 @@
     "homepage": "https://github.com/zendframework/zend-crypt",
     "autoload": {
         "psr-4": {
-            "Zend\\Crypt\\": "src/"
+            "Zend\\Crypt": "src/"
         }
     },
     "require": {
-        "php": ">=5.3.23",
+        "php": ">=5.3.3",
         "zendframework/zend-math": "self.version",
         "zendframework/zend-stdlib": "self.version",
         "zendframework/zend-servicemanager": "self.version"
@@ -27,14 +27,14 @@
             "dev-develop": "2.5-dev"
         }
     },
-    "require-dev": {
-        "fabpot/php-cs-fixer": "1.7.*",
-        "satooshi/php-coveralls": "dev-master",
-        "phpunit/PHPUnit": "~4.0"
-    },
     "autoload-dev": {
         "psr-4": {
             "ZendTest\\Crypt\\": "test/"
         }
+    },
+    "require-dev": {
+        "fabpot/php-cs-fixer": "1.7.*",
+        "satooshi/php-coveralls": "dev-master",
+        "phpunit/PHPUnit": "~4.0"
     }
 }
diff --git a/src/BlockCipher.php b/src/BlockCipher.php
@@ -10,11 +10,11 @@
 
 namespace Zend\Crypt;
 
-use Zend\Crypt\Symmetric\SymmetricInterface;
 use Zend\Crypt\Hmac;
-use Zend\Crypt\Utils;
 use Zend\Crypt\Key\Derivation\Pbkdf2;
-use Zend\Math\Math;
+use Zend\Crypt\Symmetric\SymmetricInterface;
+use Zend\Crypt\Utils;
+use Zend\Math\Rand;
 
 /**
  * Encrypt using a symmetric cipher then authenticate using HMAC (SHA-256)
@@ -46,6 +46,13 @@ class BlockCipher
      * @var string
      */
     protected $hash = 'sha256';
+
+    /**
+     * Salt (IV)
+     *
+     * @var string
+     */
+    protected $salt;
 
     /**
      * The output is binary?
@@ -177,6 +184,32 @@ public function getKeyIteration()
         return $this->keyIteration;
     }
 
+    /**
+     * Set the salt (IV)
+     *
+     * @param string $salt
+     * @return BlockCipher
+     * @throws Exception\InvalidArgumentException
+     */
+    public function setSalt($salt)
+    {
+        if (empty($salt)) {
+            throw new Exception\InvalidArgumentException("The salt (IV) cannot be empty");
+        }
+        $this->salt = $salt;
+        return $this;
+    }
+
+    /**
+     * Get the salt (IV)
+     *
+     * @return string
+     */
+    public function getSalt()
+    {
+        return $this->salt;
+    }
+
     /**
      * Enable/disable the binary output
      *
@@ -318,8 +351,12 @@ public function encrypt($data)
             throw new Exception\InvalidArgumentException('No symmetric cipher specified');
         }
         $keySize = $this->cipher->getKeySize();
-        // generate a random salt (IV)
-        $this->cipher->setSalt(Math::randBytes($this->cipher->getSaltSize(), true));
+        $salt = $this->getSalt();
+        // generate a random salt (IV) if empty
+        if (empty($salt)) {
+            $salt = Rand::getBytes($this->cipher->getSaltSize(), true);
+        }
+        $this->cipher->setSalt($salt); 
         // generate the encryption key and the HMAC key for the authentication
         $hash = Pbkdf2::calc(self::KEY_DERIV_HMAC,
                              $this->getKey(),

diff --git a/src/Exception/ExceptionInterface.php b/src/Exception/ExceptionInterface.php
@@ -13,8 +13,6 @@
 /**
  * @category   Zend
  * @package    Zend_Crypt
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
- * @license    http://framework.zend.com/license/new-bsd     New BSD License
  */
 interface ExceptionInterface
 {

diff --git a/src/Exception/InvalidArgumentException.php b/src/Exception/InvalidArgumentException.php
@@ -7,6 +7,7 @@
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  * @package   Zend_Crypt
  */
+
 namespace Zend\Crypt\Exception;
 
 /**
@@ -15,8 +16,6 @@
  * @category   Zend
  * @package    Zend_Crypt
  * @subpackage Exception
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
- * @license    http://framework.zend.com/license/new-bsd     New BSD License
  */
 class InvalidArgumentException
     extends \InvalidArgumentException

diff --git a/src/Exception/RuntimeException.php b/src/Exception/RuntimeException.php
@@ -7,6 +7,7 @@
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  * @package   Zend_Crypt
  */
+
 namespace Zend\Crypt\Exception;
 
 /**
@@ -15,8 +16,6 @@
  * @category   Zend
  * @package    Zend_Crypt
  * @subpackage Exception
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
- * @license    http://framework.zend.com/license/new-bsd     New BSD License
  */
 class RuntimeException
     extends \RuntimeException

diff --git a/src/Key/Derivation/Exception/ExceptionInterface.php b/src/Key/Derivation/Exception/ExceptionInterface.php
@@ -7,15 +7,14 @@
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  * @package   Zend_Crypt
  */
+
 namespace Zend\Crypt\Key\Derivation\Exception;
 
 use Zend\Crypt\Exception\ExceptionInterface as Exception;
 
 /**
  * @category   Zend
  * @package    Zend_Crypt
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
- * @license    http://framework.zend.com/license/new-bsd     New BSD License
  */
 interface ExceptionInterface extends Exception
-{}
+{}
diff --git a/src/Key/Derivation/Exception/InvalidArgumentException.php b/src/Key/Derivation/Exception/InvalidArgumentException.php
@@ -7,6 +7,7 @@
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  * @package   Zend_Crypt
  */
+
 namespace Zend\Crypt\Key\Derivation\Exception;
 
 use Zend\Crypt\Exception;
@@ -17,9 +18,7 @@
  * @category   Zend
  * @package    Zend_Crypt
  * @subpackage Exception
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
- * @license    http://framework.zend.com/license/new-bsd     New BSD License
  */
-class InvalidArgumentException extends Exception\InvalidArgumentException implements 
+class InvalidArgumentException extends Exception\InvalidArgumentException implements
     ExceptionInterface
 {}
diff --git a/src/Key/Derivation/Exception/RuntimeException.php b/src/Key/Derivation/Exception/RuntimeException.php
@@ -18,9 +18,7 @@
  * @category   Zend
  * @package    Zend_Crypt
  * @subpackage Exception
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
- * @license    http://framework.zend.com/license/new-bsd     New BSD License
  */
-class RuntimeException extends Exception\RuntimeException implements 
+class RuntimeException extends Exception\RuntimeException implements
     ExceptionInterface
 {}
diff --git a/src/Key/Derivation/Pbkdf2.php b/src/Key/Derivation/Pbkdf2.php
@@ -40,10 +40,10 @@ public static function calc($hash, $password, $salt, $iterations, $length)
         $result = '';
         for ($block = 1; $block <= $num; $block++) {
             $hmac = Hmac::compute($password, $hash, $salt . pack('N', $block), Hmac::OUTPUT_BINARY);
-            $mix  = $hmac; 
+            $mix  = $hmac;
             for ($i = 1; $i < $iterations; $i++) {
                 $hmac = Hmac::compute($password, $hash, $hmac, Hmac::OUTPUT_BINARY);
-                $mix ^= $hmac;    
+                $mix ^= $hmac;
             }
             $result .= $mix;
         }

diff --git a/src/Key/Derivation/SaltedS2k.php b/src/Key/Derivation/SaltedS2k.php
@@ -7,15 +7,14 @@
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  * @package   Zend_Crypt
  */
+
 namespace Zend\Crypt\Key\Derivation;
 
 /**
  * Salted S2K key generation (OpenPGP document, RFC 2440)
  *
  * @category   Zend
  * @package    Zend_Crypt
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
- * @license    http://framework.zend.com/license/new-bsd     New BSD License
  */
 class SaltedS2k
 {

diff --git a/src/Password/Bcrypt.php b/src/Password/Bcrypt.php
@@ -7,28 +7,29 @@
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  * @package   Zend_Crypt
  */
+
 namespace Zend\Crypt\Password;
 
-use Zend\Math\Math;
 use Traversable;
-use Zend\Stdlib\ArrayUtils;
 use Zend\Math\Exception as MathException;
+use Zend\Math\Rand;
+use Zend\Stdlib\ArrayUtils;
 
 /**
  * Bcrypt algorithm using crypt() function of PHP
  *
  * @category   Zend
  * @package    Zend_Crypt
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
- * @license    http://framework.zend.com/license/new-bsd     New BSD License
  */
 class Bcrypt implements PasswordInterface
 {
     const MIN_SALT_SIZE = 16;
+
     /**
      * @var string
      */
     protected $cost = '14';
+
     /**
      * @var string
      */
@@ -47,7 +48,7 @@ public function __construct($options = array())
                 $options = ArrayUtils::iteratorToArray($options);
             } elseif (!is_array($options)) {
                 throw new Exception\InvalidArgumentException(
-                    'The options parameter must be an array, a Zend\Config\Config object or a Traversable'
+                    'The options parameter must be an array or a Traversable'
                 );
             }
             foreach ($options as $key => $value) {
@@ -73,7 +74,7 @@ public function __construct($options = array())
     public function create($password)
     {
         if (empty($this->salt)) {
-            $salt = Math::randBytes(self::MIN_SALT_SIZE);   
+            $salt = Rand::getBytes(self::MIN_SALT_SIZE);
         } else {
             $salt = $this->salt;
         }
@@ -86,15 +87,16 @@ public function create($password)
             $prefix = '$2y$';
         } else {
             $prefix = '$2a$';
-            // check if the password contains 8-bit character 
+            // check if the password contains 8-bit character
             if (preg_match('/[\x80-\xFF]/', $password)) {
                 throw new Exception\RuntimeException(
-                        'The bcrypt implementation used by PHP can contains a security flaw using password with 8-bit character. ' .
-                        'We suggest to upgrade to PHP 5.3.7+ or use passwords with only 7-bit characters'
+                    'The bcrypt implementation used by PHP can contains a security flaw ' .
+                    'using password with 8-bit character. ' .
+                    'We suggest to upgrade to PHP 5.3.7+ or use passwords with only 7-bit characters'
                 );
             }
         }
-        $hash   = crypt($password, $prefix . $this->cost . '$' . $salt64);
+        $hash = crypt($password, $prefix . $this->cost . '$' . $salt64);
         if (strlen($hash) <= 13) {
             throw new Exception\RuntimeException('Error during the bcrypt generation');
         }

diff --git a/src/Password/Exception/ExceptionInterface.php b/src/Password/Exception/ExceptionInterface.php
@@ -7,15 +7,14 @@
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  * @package   Zend_Crypt
  */
+
 namespace Zend\Crypt\Password\Exception;
 
 use Zend\Crypt\Exception\ExceptionInterface as Exception;
 
 /**
  * @category   Zend
  * @package    Zend_Crypt
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
- * @license    http://framework.zend.com/license/new-bsd     New BSD License
  */
 interface ExceptionInterface extends Exception
-{}
+{}
diff --git a/src/Password/Exception/InvalidArgumentException.php b/src/Password/Exception/InvalidArgumentException.php
@@ -7,6 +7,7 @@
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  * @package   Zend_Crypt
  */
+
 namespace Zend\Crypt\Password\Exception;
 
 use Zend\Crypt\Exception;
@@ -17,9 +18,7 @@
  * @category   Zend
  * @package    Zend_Crypt
  * @subpackage Exception
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
- * @license    http://framework.zend.com/license/new-bsd     New BSD License
  */
-class InvalidArgumentException extends Exception\InvalidArgumentException implements 
+class InvalidArgumentException extends Exception\InvalidArgumentException implements
     ExceptionInterface
 {}
diff --git a/src/Password/Exception/RuntimeException.php b/src/Password/Exception/RuntimeException.php
@@ -18,9 +18,7 @@
  * @category   Zend
  * @package    Zend_Crypt
  * @subpackage Exception
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
- * @license    http://framework.zend.com/license/new-bsd     New BSD License
  */
-class RuntimeException extends Exception\RuntimeException implements 
+class RuntimeException extends Exception\RuntimeException implements
     ExceptionInterface
 {}
diff --git a/src/Password/PasswordInterface.php b/src/Password/PasswordInterface.php
@@ -7,6 +7,7 @@
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  * @package   Zend_Crypt
  */
+
 namespace Zend\Crypt\Password;
 
 interface PasswordInterface