diff options
| author | Lukas Reschke <lukas@owncloud.com> | 2016-01-04 21:00:55 +0100 |
|---|---|---|
| committer | Lukas Reschke <lukas@owncloud.com> | 2016-02-09 23:43:24 +0100 |
| commit | d25b8dacb36dd251bd7002930a9ce6ba6a50b7a6 (patch) | |
| tree | 20cc1d0bd3d2ace7ac1d4ec03743b2bee442c709 /apps/encryption/tests | |
| parent | 29f6f451a955507a8dff4a5d819e636f14b82ce5 (diff) | |
| download | nextcloud-server-d25b8dacb36dd251bd7002930a9ce6ba6a50b7a6.tar.gz nextcloud-server-d25b8dacb36dd251bd7002930a9ce6ba6a50b7a6.zip | |
Use AES-256-CTR as default
CTR is recommended over CFB mode.
Diffstat (limited to 'apps/encryption/tests')
| -rw-r--r-- | apps/encryption/tests/lib/crypto/cryptTest.php | 34 |
1 files changed, 30 insertions, 4 deletions
diff --git a/apps/encryption/tests/lib/crypto/cryptTest.php b/apps/encryption/tests/lib/crypto/cryptTest.php index e599cc28963..ce4dfb68cf1 100644 --- a/apps/encryption/tests/lib/crypto/cryptTest.php +++ b/apps/encryption/tests/lib/crypto/cryptTest.php @@ -105,7 +105,7 @@ class cryptTest extends TestCase { $this->config->expects($this->once()) ->method('getSystemValue') - ->with($this->equalTo('cipher'), $this->equalTo('AES-256-CFB')) + ->with($this->equalTo('cipher'), $this->equalTo('AES-256-CTR')) ->willReturn('AES-128-CFB'); if ($keyFormat) { @@ -126,6 +126,9 @@ class cryptTest extends TestCase { $this->crypt->generateHeader('unknown'); } + /** + * @return array + */ public function dataTestGenerateHeader() { return [ [null, 'HBEGIN:cipher:AES-128-CFB:keyFormat:hash:HEND'], @@ -134,16 +137,28 @@ class cryptTest extends TestCase { ]; } + public function testGetCipherWithInvalidCipher() { + $this->config->expects($this->once()) + ->method('getSystemValue') + ->with($this->equalTo('cipher'), $this->equalTo('AES-256-CTR')) + ->willReturn('Not-Existing-Cipher'); + $this->logger + ->expects($this->once()) + ->method('warning') + ->with('Unsupported cipher (Not-Existing-Cipher) defined in config.php supported. Falling back to AES-256-CTR'); + + $this->assertSame('AES-256-CTR', $this->crypt->getCipher()); + } + /** * @dataProvider dataProviderGetCipher * @param string $configValue * @param string $expected */ public function testGetCipher($configValue, $expected) { - $this->config->expects($this->once()) ->method('getSystemValue') - ->with($this->equalTo('cipher'), $this->equalTo('AES-256-CFB')) + ->with($this->equalTo('cipher'), $this->equalTo('AES-256-CTR')) ->willReturn($configValue); $this->assertSame($expected, @@ -161,7 +176,10 @@ class cryptTest extends TestCase { return array( array('AES-128-CFB', 'AES-128-CFB'), array('AES-256-CFB', 'AES-256-CFB'), - array('unknown', 'AES-256-CFB') + array('AES-128-CTR', 'AES-128-CTR'), + array('AES-256-CTR', 'AES-256-CTR'), + + array('unknown', 'AES-256-CTR') ); } @@ -303,10 +321,15 @@ class cryptTest extends TestCase { $this->invokePrivate($this->crypt, 'getKeySize', ['foo']); } + /** + * @return array + */ public function dataTestGetKeySize() { return [ ['AES-256-CFB', 32], ['AES-128-CFB', 16], + ['AES-256-CTR', 32], + ['AES-128-CTR', 16], ]; } @@ -351,6 +374,9 @@ class cryptTest extends TestCase { $this->assertSame($expected, $result); } + /** + * @return array + */ public function dataTestDecryptPrivateKey() { return [ [['cipher' => 'AES-128-CFB', 'keyFormat' => 'password'], 'HBEGIN:HENDprivateKey', 'AES-128-CFB', true, 'key'], |