Merge branch 'master' of https://github.com/zendframework/zf2 into ad…

…d_maxlength_to_param_container
zendframework · Nov 13, 2014 · f00c160 · f00c160
commit f00c160
Show file tree

Hide file tree

Showing 51 changed files with 327 additions and 300 deletions.
diff --git a/composer.json b/composer.json
@@ -13,7 +13,7 @@
         }
     },
     "require": {
-        "php": ">=5.3.3",
+        "php": ">=5.3.23",
         "zendframework/zend-math": "self.version",
         "zendframework/zend-stdlib": "self.version",
         "zendframework/zend-servicemanager": "self.version"
@@ -23,8 +23,8 @@
     },
     "extra": {
         "branch-alias": {
-            "dev-master": "2.2-dev",
-            "dev-develop": "2.3-dev"
+            "dev-master": "2.3-dev",
+            "dev-develop": "2.4-dev"
         }
     },
     "autoload-dev": {

diff --git a/src/BlockCipher.php b/src/BlockCipher.php
@@ -3,24 +3,27 @@
  * Zend Framework (http://framework.zend.com/)
  *
  * @link      http://github.com/zendframework/zf2 for the canonical source repository
- * @copyright Copyright (c) 2005-2013 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  */
 
 namespace Zend\Crypt;
 
-use Zend\Crypt\Hmac;
 use Zend\Crypt\Key\Derivation\Pbkdf2;
 use Zend\Crypt\Symmetric\SymmetricInterface;
-use Zend\Crypt\Utils;
 use Zend\Math\Rand;
 
 /**
  * Encrypt using a symmetric cipher then authenticate using HMAC (SHA-256)
  */
 class BlockCipher
 {
-    const KEY_DERIV_HMAC = 'sha256';
+    /**
+     * Hash algorithm for Pbkdf2
+     *
+     * @var string
+     */
+    protected $pbkdf2Hash = 'sha256';
 
     /**
      * Symmetric cipher
@@ -37,7 +40,7 @@ class BlockCipher
     protected static $symmetricPlugins = null;
 
     /**
-     * Hash algorithm fot HMAC
+     * Hash algorithm for HMAC
      *
      * @var string
      */
@@ -74,7 +77,7 @@ class BlockCipher
     /**
      * Constructor
      *
-     * @param SymmetricInterface $cipher
+     * @param  SymmetricInterface $cipher
      */
     public function __construct(SymmetricInterface $cipher)
     {
@@ -162,7 +165,7 @@ public function getCipher()
     /**
      * Set the number of iterations for Pbkdf2
      *
-     * @param  int     $num
+     * @param  int $num
      * @return BlockCipher
      */
     public function setKeyIteration($num)
@@ -185,7 +188,7 @@ public function getKeyIteration()
     /**
      * Set the salt (IV)
      *
-     * @param  string                             $salt
+     * @param  string $salt
      * @return BlockCipher
      * @throws Exception\InvalidArgumentException
      */
@@ -224,7 +227,7 @@ public function getOriginalSalt()
     /**
      * Enable/disable the binary output
      *
-     * @param  bool        $value
+     * @param  bool $value
      * @return BlockCipher
      */
     public function setBinaryOutput($value)
@@ -274,7 +277,7 @@ public function getKey()
     /**
      * Set algorithm of the symmetric cipher
      *
-     * @param  string                             $algo
+     * @param  string $algo
      * @return BlockCipher
      * @throws Exception\InvalidArgumentException
      */
@@ -323,7 +326,7 @@ public function getCipherSupportedAlgorithms()
     /**
      * Set the hash algorithm for HMAC authentication
      *
-     * @param  string                             $hash
+     * @param  string $hash
      * @return BlockCipher
      * @throws Exception\InvalidArgumentException
      */
@@ -349,18 +352,58 @@ public function getHashAlgorithm()
         return $this->hash;
     }
 
+    /**
+     * Set the hash algorithm for the Pbkdf2
+     *
+     * @param  string $hash
+     * @return BlockCipher
+     * @throws Exception\InvalidArgumentException
+     */
+    public function setPbkdf2HashAlgorithm($hash)
+    {
+        if (!Hash::isSupported($hash)) {
+            throw new Exception\InvalidArgumentException(
+                "The specified hash algorithm '{$hash}' is not supported by Zend\Crypt\Hash"
+            );
+        }
+        $this->pbkdf2Hash = $hash;
+
+        return $this;
+    }
+
+    /**
+     * Get the Pbkdf2 hash algorithm
+     *
+     * @return string
+     */
+    public function getPbkdf2HashAlgorithm()
+    {
+        return $this->pbkdf2Hash;
+    }
+
     /**
      * Encrypt then authenticate using HMAC
      *
-     * @param  string                             $data
+     * @param  string $data
      * @return string
      * @throws Exception\InvalidArgumentException
      */
     public function encrypt($data)
     {
-        if (empty($data)) {
+        // 0 (as integer), 0.0 (as float) & '0' (as string) will return false, though these should be allowed
+        // Must be a string, integer, or float in order to encrypt
+        if ((is_string($data) && $data === '')
+            || is_array($data)
+            || is_object($data)
+        ) {
             throw new Exception\InvalidArgumentException('The data to encrypt cannot be empty');
         }
+
+        // Cast to string prior to encrypting
+        if (!is_string($data)) {
+            $data = (string) $data;
+        }
+
         if (empty($this->cipher)) {
             throw new Exception\InvalidArgumentException('No symmetric cipher specified');
         }
@@ -373,21 +416,21 @@ public function encrypt($data)
             $this->cipher->setSalt(Rand::getBytes($this->cipher->getSaltSize(), true));
         }
         // generate the encryption key and the HMAC key for the authentication
-        $hash = Pbkdf2::calc(self::KEY_DERIV_HMAC,
-                             $this->getKey(),
-                             $this->getSalt(),
-                             $this->keyIteration,
-                             $keySize * 2);
+        $hash = Pbkdf2::calc(
+            $this->getPbkdf2HashAlgorithm(),
+            $this->getKey(),
+            $this->getSalt(),
+            $this->keyIteration,
+            $keySize * 2
+        );
         // set the encryption key
         $this->cipher->setKey(substr($hash, 0, $keySize));
         // set the key for HMAC
         $keyHmac = substr($hash, $keySize);
         // encryption
         $ciphertext = $this->cipher->encrypt($data);
         // HMAC
-        $hmac = Hmac::compute($keyHmac,
-                              $this->hash,
-                              $this->cipher->getAlgorithm() . $ciphertext);
+        $hmac = Hmac::compute($keyHmac, $this->hash, $this->cipher->getAlgorithm() . $ciphertext);
         if (!$this->binaryOutput) {
             $ciphertext = base64_encode($ciphertext);
         }
@@ -398,7 +441,7 @@ public function encrypt($data)
     /**
      * Decrypt
      *
-     * @param  string                             $data
+     * @param  string $data
      * @return string|bool
      * @throws Exception\InvalidArgumentException
      */
@@ -425,18 +468,18 @@ public function decrypt($data)
         $iv      = substr($ciphertext, 0, $this->cipher->getSaltSize());
         $keySize = $this->cipher->getKeySize();
         // generate the encryption key and the HMAC key for the authentication
-        $hash = Pbkdf2::calc(self::KEY_DERIV_HMAC,
-                             $this->getKey(),
-                             $iv,
-                             $this->keyIteration,
-                             $keySize * 2);
+        $hash = Pbkdf2::calc(
+            $this->getPbkdf2HashAlgorithm(),
+            $this->getKey(),
+            $iv,
+            $this->keyIteration,
+            $keySize * 2
+        );
         // set the decryption key
         $this->cipher->setKey(substr($hash, 0, $keySize));
         // set the key for HMAC
         $keyHmac = substr($hash, $keySize);
-        $hmacNew = Hmac::compute($keyHmac,
-                                 $this->hash,
-                                 $this->cipher->getAlgorithm() . $ciphertext);
+        $hmacNew = Hmac::compute($keyHmac, $this->hash, $this->cipher->getAlgorithm() . $ciphertext);
         if (!Utils::compareStrings($hmacNew, $hmac)) {
             return false;
         }

diff --git a/src/Exception/ExceptionInterface.php b/src/Exception/ExceptionInterface.php
@@ -3,7 +3,7 @@
  * Zend Framework (http://framework.zend.com/)
  *
  * @link      http://github.com/zendframework/zf2 for the canonical source repository
- * @copyright Copyright (c) 2005-2013 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  */
 

diff --git a/src/Exception/InvalidArgumentException.php b/src/Exception/InvalidArgumentException.php
@@ -3,7 +3,7 @@
  * Zend Framework (http://framework.zend.com/)
  *
  * @link      http://github.com/zendframework/zf2 for the canonical source repository
- * @copyright Copyright (c) 2005-2013 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  */
 
@@ -12,8 +12,6 @@
 /**
  * Invalid argument exception
  */
-class InvalidArgumentException
-    extends \InvalidArgumentException
-    implements ExceptionInterface
+class InvalidArgumentException extends \InvalidArgumentException implements ExceptionInterface
 {
 }
diff --git a/src/Exception/RuntimeException.php b/src/Exception/RuntimeException.php
@@ -3,7 +3,7 @@
  * Zend Framework (http://framework.zend.com/)
  *
  * @link      http://github.com/zendframework/zf2 for the canonical source repository
- * @copyright Copyright (c) 2005-2013 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  */
 
@@ -12,8 +12,6 @@
 /**
  * Runtime argument exception
  */
-class RuntimeException
-    extends \RuntimeException
-    implements ExceptionInterface
+class RuntimeException extends \RuntimeException implements ExceptionInterface
 {
 }
diff --git a/src/Hash.php b/src/Hash.php
@@ -3,7 +3,7 @@
  * Zend Framework (http://framework.zend.com/)
  *
  * @link      http://github.com/zendframework/zf2 for the canonical source repository
- * @copyright Copyright (c) 2005-2013 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  */
 

diff --git a/src/Hmac.php b/src/Hmac.php
@@ -3,7 +3,7 @@
  * Zend Framework (http://framework.zend.com/)
  *
  * @link      http://github.com/zendframework/zf2 for the canonical source repository
- * @copyright Copyright (c) 2005-2013 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  */
 

diff --git a/src/Key/Derivation/Exception/ExceptionInterface.php b/src/Key/Derivation/Exception/ExceptionInterface.php
@@ -3,7 +3,7 @@
  * Zend Framework (http://framework.zend.com/)
  *
  * @link      http://github.com/zendframework/zf2 for the canonical source repository
- * @copyright Copyright (c) 2005-2013 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  */
 
@@ -12,4 +12,5 @@
 use Zend\Crypt\Exception\ExceptionInterface as Exception;
 
 interface ExceptionInterface extends Exception
-{}
+{
+}
diff --git a/src/Key/Derivation/Exception/InvalidArgumentException.php b/src/Key/Derivation/Exception/InvalidArgumentException.php
@@ -3,7 +3,7 @@
  * Zend Framework (http://framework.zend.com/)
  *
  * @link      http://github.com/zendframework/zf2 for the canonical source repository
- * @copyright Copyright (c) 2005-2013 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  */
 
@@ -16,4 +16,5 @@
  */
 class InvalidArgumentException extends Exception\InvalidArgumentException implements
     ExceptionInterface
-{}
+{
+}
diff --git a/src/Key/Derivation/Exception/RuntimeException.php b/src/Key/Derivation/Exception/RuntimeException.php
@@ -3,7 +3,7 @@
  * Zend Framework (http://framework.zend.com/)
  *
  * @link      http://github.com/zendframework/zf2 for the canonical source repository
- * @copyright Copyright (c) 2005-2013 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  */
 
@@ -16,4 +16,5 @@
  */
 class RuntimeException extends Exception\RuntimeException implements
     ExceptionInterface
-{}
+{
+}
diff --git a/src/Key/Derivation/Pbkdf2.php b/src/Key/Derivation/Pbkdf2.php
@@ -3,7 +3,7 @@
  * Zend Framework (http://framework.zend.com/)
  *
  * @link      http://github.com/zendframework/zf2 for the canonical source repository
- * @copyright Copyright (c) 2005-2013 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  */
 

diff --git a/src/Key/Derivation/SaltedS2k.php b/src/Key/Derivation/SaltedS2k.php
@@ -3,7 +3,7 @@
  * Zend Framework (http://framework.zend.com/)
  *
  * @link      http://github.com/zendframework/zf2 for the canonical source repository
- * @copyright Copyright (c) 2005-2013 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  */
 
@@ -53,7 +53,7 @@ class SaltedS2k
     public static function calc($hash, $password, $salt, $bytes)
     {
         if (!in_array($hash, array_keys(static::$supportedMhashAlgos))) {
-            throw new Exception\InvalidArgumentException("The hash algorihtm $hash is not supported by " . __CLASS__);
+            throw new Exception\InvalidArgumentException("The hash algorithm $hash is not supported by " . __CLASS__);
         }
         if (strlen($salt)<8) {
             throw new Exception\InvalidArgumentException('The salt size must be at least of 8 bytes');