spacefreak/user_sql
1
0
Fork 0
Code Pull Requests Activity

Crypto params validation

Browse Source
This commit is contained in:
Marcin Łojewski
2018-12-26 12:02:19 +01:00
parent 7f84113bca
commit 2da835b017
2 changed files with 75 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
lib/Controller/SettingsController.php
View File

@@ -198,6 +198,16 @@ class SettingsController extends Controller
];
}
if (!$this->validateCryptoParams()) {
return [
"status" => "error", "data" => [
"message" => $this->localization->t(
"Hash algorithm parameter is out of range."
)
]
];
}
foreach ($properties as $key => $value) {
$reqValue = $this->request->getParam(str_replace(".", "-", $key));
$appValue = $this->properties[$key];
@@ -213,6 +223,9 @@ class SettingsController extends Controller
"Property '$key' has been set to: " . $value,
["app" => $this->appName]
);
} elseif (!is_bool($appValue) && !isset($reqValue)) {
unset($this->properties[$key]);
}
}
@@ -230,6 +243,48 @@ class SettingsController extends Controller
];
}
/**
* Validate request crypto params.
*
* @return bool TRUE if crypto params are correct FALSE otherwise.
*/
private function validateCryptoParams()
{
$cryptoClass = $this->request->getParam("opt-crypto_class");
$configuration = $this->cryptoClassConfiguration($cryptoClass);
for ($i = 0; $i < count($configuration); ++$i) {
$reqParam = $this->request->getParam(
"opt-crypto_param_" . $i, null
);
$cryptoParam = $configuration[$i];
if (is_null($reqParam) || $reqParam < $cryptoParam->min
|| $reqParam > $cryptoParam->max
) {
return false;
}
}
return true;
}
/**
* Get a crypto class configuration from request.
*
* @param $cryptoClass string Crypto class name.
*
* @return array A crypto class configuration.
*/
private function cryptoClassConfiguration($cryptoClass)
{
/**
* @var $passwordAlgorithm IPasswordAlgorithm
*/
$passwordAlgorithm = new $cryptoClass($this->localization);
return $passwordAlgorithm->configuration();
}
/**
* Clear the application cache memory.
*
@@ -385,12 +440,8 @@ class SettingsController extends Controller
"Entering cryptoParams()", ["app" => $this->appName]
);
/**
* @var $passwordAlgorithm IPasswordAlgorithm
*/
$cryptoClass = $this->request->getParam("cryptoClass");
$passwordAlgorithm = new $cryptoClass($this->localization);
$configuration = $passwordAlgorithm->configuration();
$configuration = $this->cryptoClassConfiguration($cryptoClass);
if ($cryptoClass === $this->properties[Opt::CRYPTO_CLASS]) {
foreach ($configuration as $key => $value) {

37
lib/Properties.php
View File

@@ -119,24 +119,6 @@ class Properties implements \ArrayAccess
);
}
/**
* Is given parameter a boolean parameter.
*
* @param $param string Parameter name.
*
* @return bool Is a boolean parameter.
*/
private function isBooleanParam($param)
{
return in_array(
$param, [
Opt::APPEND_SALT, Opt::CASE_INSENSITIVE_USERNAME,
Opt::NAME_CHANGE, Opt::PASSWORD_CHANGE, Opt::PREPEND_SALT,
Opt::REVERSE_ACTIVE, Opt::USE_CACHE
]
);
}
/**
* Return an array with all supported parameters.
*
@@ -162,6 +144,24 @@ class Properties implements \ArrayAccess
return $params;
}
/**
* Is given parameter a boolean parameter.
*
* @param $param string Parameter name.
*
* @return bool Is a boolean parameter.
*/
private function isBooleanParam($param)
{
return in_array(
$param, [
Opt::APPEND_SALT, Opt::CASE_INSENSITIVE_USERNAME,
Opt::NAME_CHANGE, Opt::PASSWORD_CHANGE, Opt::PREPEND_SALT,
Opt::REVERSE_ACTIVE, Opt::USE_CACHE
]
);
}
/**
* Store properties in the cache memory.
*/
@@ -229,6 +229,7 @@ class Properties implements \ArrayAccess
*/
public function offsetUnset($offset)
{
$this->config->deleteAppValue($this->appName, $offset);
unset($this->data[$offset]);
}
}