3 +--------------------------------------------------------------------+
4 | Copyright CiviCRM LLC. All rights reserved. |
6 | This work is published under the GNU AGPLv3 license with some |
7 | permitted exceptions and without any warranty. For full license |
8 | and copyright information, see https://civicrm.org/licensing |
9 +--------------------------------------------------------------------+
12 namespace Civi\Crypto
;
14 use Civi\Crypto\Exception\CryptoException
;
17 * Test major use-cases of the 'crypto.registry' service.
19 class CryptoRegistryTest
extends \CiviUnitTestCase
{
23 protected function setUp() {
25 \CRM_Utils_Hook
::singleton()->setHook('civicrm_crypto', [$this, 'registerExampleKeys']);
28 public function testParseKey() {
29 $examples = self
::getExampleKeys();
30 $registry = \Civi
::service('crypto.registry');
32 $key0 = $registry->parseKey($examples[0]);
33 $this->assertEquals("please use 32 bytes for aes-256!", $key0['key']);
34 $this->assertEquals('aes-cbc', $key0['suite']);
36 $key1 = $registry->parseKey($examples[1]);
37 $this->assertEquals(32, strlen($key1['key']));
38 $this->assertEquals('aes-cbc', $key1['suite']);
39 $this->assertEquals('0ao5eC7C/rwwk2qii4oLd6eG3KJq8ZDX2K9zWbvaLdo=', base64_encode($key1['key']));
41 $key2 = $registry->parseKey($examples[2]);
42 $this->assertEquals(32, strlen($key2['key']));
43 $this->assertEquals('aes-ctr', $key2['suite']);
44 $this->assertEquals('0ao5eC7C/rwwk2qii4oLd6eG3KJq8ZDX2K9zWbvaLdo=', base64_encode($key2['key']));
46 $key3 = $registry->parseKey($examples[3]);
47 $this->assertEquals(32, strlen($key3['key']));
48 $this->assertEquals('aes-cbc-hs', $key3['suite']);
49 $this->assertEquals('0ao5eC7C/rwwk2qii4oLd6eG3KJq8ZDX2K9zWbvaLdo=', base64_encode($key3['key']));
52 public function testRegisterAndFindKeys() {
53 /** @var CryptoRegistry $registry */
54 $registry = \Civi
::service('crypto.registry');
56 $key = $registry->findKey('asdf-key-0');
57 $this->assertEquals(32, strlen($key['key']));
58 $this->assertEquals('aes-cbc', $key['suite']);
60 $key = $registry->findKey('asdf-key-1');
61 $this->assertEquals(32, strlen($key['key']));
62 $this->assertEquals('aes-cbc', $key['suite']);
64 $key = $registry->findKey('asdf-key-2');
65 $this->assertEquals(32, strlen($key['key']));
66 $this->assertEquals('aes-ctr', $key['suite']);
68 $key = $registry->findKey('asdf-key-3');
69 $this->assertEquals(32, strlen($key['key']));
70 $this->assertEquals('aes-cbc-hs', $key['suite']);
72 $key = $registry->findKey('UNIT-TEST');
73 $this->assertEquals(32, strlen($key['key']));
74 $this->assertEquals('asdf-key-1', $key['id']);
77 public function testValidKeyId() {
78 $valids = ['abc', 'a.b-c_d+e/', 'f\\g:h;i='];
79 $invalids = [chr(0), chr(1), chr(1) . 'abc', 'a b', "ab\n", "ab\nc", "\r", "\n"];
81 /** @var CryptoRegistry $registry */
82 $registry = \Civi
::service('crypto.registry');
84 foreach ($valids as $valid) {
85 $this->assertEquals(TRUE, $registry->isValidKeyId($valid), "Key ID \"$valid\" should be valid");
88 foreach ($invalids as $invalid) {
89 $this->assertEquals(FALSE, $registry->isValidKeyId($invalid), "Key ID \"$invalid\" should be invalid");
93 public function testAddBadKeyId() {
94 /** @var CryptoRegistry $registry */
95 $registry = \Civi
::service('crypto.registry');
98 $registry->addSymmetricKey([
102 $this->fail("Expected crypto exception");
104 catch (CryptoException
$e) {
105 $this->assertRegExp(';Malformed key ID;', $e->getMessage());