Crypto params validation
This commit is contained in:
Marcin Łojewski
@@ -198,6 +198,16 @@ class SettingsController extends Controller
|
|||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!$this->validateCryptoParams()) {
|
||||||
|
return [
|
||||||
|
"status" => "error", "data" => [
|
||||||
|
"message" => $this->localization->t(
|
||||||
|
"Hash algorithm parameter is out of range."
|
||||||
|
)
|
||||||
|
]
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
foreach ($properties as $key => $value) {
|
foreach ($properties as $key => $value) {
|
||||||
$reqValue = $this->request->getParam(str_replace(".", "-", $key));
|
$reqValue = $this->request->getParam(str_replace(".", "-", $key));
|
||||||
$appValue = $this->properties[$key];
|
$appValue = $this->properties[$key];
|
||||||
@@ -213,6 +223,9 @@ class SettingsController extends Controller
|
|||||||
"Property '$key' has been set to: " . $value,
|
"Property '$key' has been set to: " . $value,
|
||||||
["app" => $this->appName]
|
["app" => $this->appName]
|
||||||
);
|
);
|
||||||
|
} elseif (!is_bool($appValue) && !isset($reqValue)) {
|
||||||
|
unset($this->properties[$key]);
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -230,6 +243,48 @@ class SettingsController extends Controller
|
|||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Validate request crypto params.
|
||||||
|
*
|
||||||
|
* @return bool TRUE if crypto params are correct FALSE otherwise.
|
||||||
|
*/
|
||||||
|
private function validateCryptoParams()
|
||||||
|
{
|
||||||
|
$cryptoClass = $this->request->getParam("opt-crypto_class");
|
||||||
|
$configuration = $this->cryptoClassConfiguration($cryptoClass);
|
||||||
|
|
||||||
|
for ($i = 0; $i < count($configuration); ++$i) {
|
||||||
|
$reqParam = $this->request->getParam(
|
||||||
|
"opt-crypto_param_" . $i, null
|
||||||
|
);
|
||||||
|
$cryptoParam = $configuration[$i];
|
||||||
|
|
||||||
|
if (is_null($reqParam) || $reqParam < $cryptoParam->min
|
||||||
|
|| $reqParam > $cryptoParam->max
|
||||||
|
) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get a crypto class configuration from request.
|
||||||
|
*
|
||||||
|
* @param $cryptoClass string Crypto class name.
|
||||||
|
*
|
||||||
|
* @return array A crypto class configuration.
|
||||||
|
*/
|
||||||
|
private function cryptoClassConfiguration($cryptoClass)
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @var $passwordAlgorithm IPasswordAlgorithm
|
||||||
|
*/
|
||||||
|
$passwordAlgorithm = new $cryptoClass($this->localization);
|
||||||
|
return $passwordAlgorithm->configuration();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Clear the application cache memory.
|
* Clear the application cache memory.
|
||||||
*
|
*
|
||||||
@@ -385,12 +440,8 @@ class SettingsController extends Controller
|
|||||||
"Entering cryptoParams()", ["app" => $this->appName]
|
"Entering cryptoParams()", ["app" => $this->appName]
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
|
||||||
* @var $passwordAlgorithm IPasswordAlgorithm
|
|
||||||
*/
|
|
||||||
$cryptoClass = $this->request->getParam("cryptoClass");
|
$cryptoClass = $this->request->getParam("cryptoClass");
|
||||||
$passwordAlgorithm = new $cryptoClass($this->localization);
|
$configuration = $this->cryptoClassConfiguration($cryptoClass);
|
||||||
$configuration = $passwordAlgorithm->configuration();
|
|
||||||
|
|
||||||
if ($cryptoClass === $this->properties[Opt::CRYPTO_CLASS]) {
|
if ($cryptoClass === $this->properties[Opt::CRYPTO_CLASS]) {
|
||||||
foreach ($configuration as $key => $value) {
|
foreach ($configuration as $key => $value) {
|
||||||
|
|||||||
@@ -119,24 +119,6 @@ class Properties implements \ArrayAccess
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Is given parameter a boolean parameter.
|
|
||||||
*
|
|
||||||
* @param $param string Parameter name.
|
|
||||||
*
|
|
||||||
* @return bool Is a boolean parameter.
|
|
||||||
*/
|
|
||||||
private function isBooleanParam($param)
|
|
||||||
{
|
|
||||||
return in_array(
|
|
||||||
$param, [
|
|
||||||
Opt::APPEND_SALT, Opt::CASE_INSENSITIVE_USERNAME,
|
|
||||||
Opt::NAME_CHANGE, Opt::PASSWORD_CHANGE, Opt::PREPEND_SALT,
|
|
||||||
Opt::REVERSE_ACTIVE, Opt::USE_CACHE
|
|
||||||
]
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return an array with all supported parameters.
|
* Return an array with all supported parameters.
|
||||||
*
|
*
|
||||||
@@ -162,6 +144,24 @@ class Properties implements \ArrayAccess
|
|||||||
return $params;
|
return $params;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Is given parameter a boolean parameter.
|
||||||
|
*
|
||||||
|
* @param $param string Parameter name.
|
||||||
|
*
|
||||||
|
* @return bool Is a boolean parameter.
|
||||||
|
*/
|
||||||
|
private function isBooleanParam($param)
|
||||||
|
{
|
||||||
|
return in_array(
|
||||||
|
$param, [
|
||||||
|
Opt::APPEND_SALT, Opt::CASE_INSENSITIVE_USERNAME,
|
||||||
|
Opt::NAME_CHANGE, Opt::PASSWORD_CHANGE, Opt::PREPEND_SALT,
|
||||||
|
Opt::REVERSE_ACTIVE, Opt::USE_CACHE
|
||||||
|
]
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Store properties in the cache memory.
|
* Store properties in the cache memory.
|
||||||
*/
|
*/
|
||||||
@@ -229,6 +229,7 @@ class Properties implements \ArrayAccess
|
|||||||
*/
|
*/
|
||||||
public function offsetUnset($offset)
|
public function offsetUnset($offset)
|
||||||
{
|
{
|
||||||
|
$this->config->deleteAppValue($this->appName, $offset);
|
||||||
unset($this->data[$offset]);
|
unset($this->data[$offset]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user