Merge pull request archwisp#13 from johnkary/cleanup

[PR13] Added test case for a previously uncovered Exception path and improved the test for IV generation

Author: archwisp

Simple.php

@@ -29,15 +29,15 @@ class Simple
     public function __construct($encryptionKey, $macKey) {
         $this->_encryptionKey = base64_decode($encryptionKey);
         $this->_macKey = base64_decode($macKey);
-        
+
         $keySize = $this->_getKeySize();
 
         if (strlen($this->_encryptionKey) !== $keySize) {
             throw new \InvalidArgumentException(
                 sprintf('Encryption key must be exactly %s bytes long.', $keySize)
             );
         }
-        
+
         if (strlen($this->_macKey) !== $keySize) {
             throw new \InvalidArgumentException(
                 sprintf('MAC key must be exactly %s bytes long.', $keySize)
@@ -49,19 +49,19 @@ public function encrypt($plaintext, $iv = null) {
         if (is_null($iv)) {
             $iv = $this->generateIv();
         }
-        
+
         $decodedIv = base64_decode($iv);
-        
+
         if (strlen($decodedIv) !== $this->_getBlockSize()) {
             throw new \InvalidArgumentException(
                 sprintf('IV must be exactly %s bytes long.', $this->_getBlockSize())
             );
         }
-        
+
         $paddedPlaintext = $this->_padWithPkcs7($plaintext);
 
-        $ciphertext = $decodedIv . mcrypt_encrypt($this->_encryptionAlgorithm, 
-            $this->_encryptionKey, $paddedPlaintext, $this->_mode, $decodedIv 
+        $ciphertext = $decodedIv . mcrypt_encrypt($this->_encryptionAlgorithm,
+            $this->_encryptionKey, $paddedPlaintext, $this->_mode, $decodedIv
         );
 
         $signature = hash_hmac($this->_macAlgorithm, $ciphertext, $this->_macKey, true);

SimpleTest.php

@@ -4,42 +4,65 @@
 
 class SimpleTest extends \PHPUnit_Framework_TestCase
 {
+    /**
+     * @var Simple
+     */
     private $_instance;
     private $_encryptionKey = 'nXA5gXtlOgHgxl6EZTfkfDmIzWaRqxZ1rq7DRNCIQ/Q=';
     private $_macKey = 'K9iPmOMowXUvcQTd7ehfcxvvHd4OtzyztQp+wuQwb6U=';
 
     public function setUp() {
-        $this->_instance = new \PHPCrypt\Simple($this->_encryptionKey, $this->_macKey);
+        $this->_instance = new Simple($this->_encryptionKey, $this->_macKey);
     }
 
-    public function testEncrypt() {
+    public function testCanEncryptPlaintext() {
         $ciphertext = $this->_instance->encrypt('FooBar ', 'lAuCU7ft5tnHPKWRjF1IKV4J6V9/eCGQIisHZfuqMtY=');
-        
-        $this->assertEquals(
+
+        $this->assertSame(
             'cmpkLTI1Ni1obWFjLXNoYTI1NnxsQXVDVTdmdDV0bkhQS1dSakYxSUtWNEo2VjkvZUNHUUlpc0haZnVxTXRhLzNnSmc3SWhIZ3h2YVVZNmlzUnlQY1JxK3gvclFmblB4WS9BMVhxWTJuQT09fDZNQkJDS0JiWWMrYVdMcG5rMU1RVlcyak01Sm56NW9IZlhuRHJpeUlMOVE9',
             $ciphertext
         );
     }
-    
-    public function testDecrypt() {
+
+    public function testCanDecryptCiphertext() {
         $plaintext = $this->_instance->decrypt(
             'cmpkLTI1Ni1obWFjLXNoYTI1NnxsQXVDVTdmdDV0bkhQS1dSakYxSUtWNEo2VjkvZUNHUUlpc0haZnVxTXRhLzNnSmc3SWhIZ3h2YVVZNmlzUnlQY1JxK3gvclFmblB4WS9BMVhxWTJuQT09fDZNQkJDS0JiWWMrYVdMcG5rMU1RVlcyak01Sm56NW9IZlhuRHJpeUlMOVE9'
         );
-        
-        $this->assertEquals('FooBar ', $plaintext);
+
+        $this->assertSame('FooBar ', $plaintext);
     }
-    
-    public function testDecryptUnknownConstruction() {
-        $this->setExpectedException('Exception', 'Unknown construction, "rjd-256-hmac-sha256/128"');
-        $plaintext = $this->_instance->decrypt(
+
+    /**
+     * @expectedException \RunTimeException
+     * @expectedExceptionMessage Unknown construction, "rjd-256-hmac-sha256/128"
+     */
+    public function testDecryptingSignedCiphertextWithUnknownConstructionThrowsException() {
+        $this->_instance->decrypt(
             'cmpkLTI1Ni1obWFjLXNoYTI1Ni8xMjh8bEF1Q1U3ZnQ1dG5IUEtXUmpGMUlLVjRKNlY5L2VDR1FJaXNIWmZ1cU10YS8zZ0pnN0loSGd4dmFVWTZpc1J5UGNScSt4L3JRZm5QeFkvQTFYcVkybkE9PXw2TUJCQ0tCYlljK2FXTHBuazFNUVZXMmpNNUpuejVvSGZYbkRyaXlJTDlRPQ=='
         );
     }
 
+    public function invalidCiphertextPartsData()
+    {
+        return array(
+            'Too few parts' => array('cGFydDF8cGFydDI='), // 'part1|part2'
+            'Too many parts' => array('cGFydDF8cGFydDJ8cGFydDN8cGFydDQ='), // 'part1|part2|part3|part4'
+        );
+    }
+
+    /**
+     * @dataProvider invalidCiphertextPartsData
+     * @expectedException \RuntimeException
+     * @expectedExceptionMessage Invalid encoding
+     */
+    public function testDecryptingCiphertextWithWrongNumberOfPartsThrowsException($ciphertext) {
+        $this->_instance->decrypt($ciphertext);
+    }
+
     /**
-    /* This function encrypts the same string with randomized IVs and 
-    /* flips a single bit of the ciphertext 
-    */
+     * Encrypts the same string with randomized IVs and flips a single bit of
+     * the ciphertext.
+     */
     public function invalidCiphertextData() {
         $this->setUp();
         $invalidCiphertexts = array();
@@ -51,15 +74,15 @@ public function invalidCiphertextData() {
             $ciphertext = base64_decode($encodedCiphertext);
             $randomByte = rand(1, strlen($ciphertext));
             $mask = str_repeat("\x00", $randomByte -1) . "\x01" . str_repeat("\x00", strlen($ciphertext) - $randomByte);
-            
+
             // SANITY CHECK: If this mask is removed, this test should fail every 
             // single run because the ciphertext should match.
             $invalidCiphertext = $ciphertext ^ $mask;
 
             // printf("Ciphertext:         %s\n", bin2hex($ciphertext));
             // printf("Mask:               %s\n", bin2hex($mask));
             // printf("Invalid Ciphertext: %s\n", bin2hex($invalidCiphertext));
-            
+
             $encodedInvalidCiphertext = base64_encode($invalidCiphertext);
             $invalidCiphertexts[] = array(base64_encode($construction . '|' . $encodedInvalidCiphertext . '|' . $encodedSignature));
         }
@@ -69,16 +92,18 @@ public function invalidCiphertextData() {
 
     /**
      * @dataProvider invalidCiphertextData
+     * @expectedException \RuntimeException
+     * @expectedExceptionMessage Invalid signature
      */
-    public function testDecryptInvalidCiphertext($signedCiphertext) { 
-        $this->setExpectedException('Exception', 'Invalid signature');
-        $plaintext = $this->_instance->decrypt($signedCiphertext);
+    public function testDecryptingInvalidCiphertextThrowsException($signedCiphertext) {
+        $this->_instance->decrypt($signedCiphertext);
     }
-    
-    public function testEncryptAndDecrypt() {
+
+    public function testEncryptedDataCanBeDecrypted() {
         $plaintext = 'Something';
         $ciphertext = $this->_instance->encrypt('Something');
-        $this->assertEquals($plaintext, $this->_instance->decrypt($ciphertext));
+
+        $this->assertSame($plaintext, $this->_instance->decrypt($ciphertext));
     }
 
     public function invalidKeyData() {
@@ -94,32 +119,39 @@ public function invalidKeyData() {
 
     /**
      * @dataProvider invalidKeyData
+     * @expectedException \InvalidArgumentException
+     * @expectedExceptionMessage Encryption key must be
      */
-    public function testEncryptInvalidEncryptionKeySize($invalidKey) {
-        $this->setExpectedException('Exception');
-        $instance = new \PHPCrypt\Simple($invalidKey, $this->_macKey);
+    public function testInvalidEncryptionKeyThrowsException($invalidKey) {
+        new Simple($invalidKey, $this->_macKey);
     }
-    
+
     /**
      * @dataProvider invalidKeyData
+     * @expectedException \InvalidArgumentException
+     * @expectedExceptionMessage MAC key must be
      */
-    public function testEncryptInvalidMacKeySize($invalidKey) {
-        $this->setExpectedException('Exception');
-        $instance = new \PHPCrypt\Simple($this->_encryptionKey, $invalidKey);
+    public function testInvalidMacKeySizeThrowsException($invalidKey) {
+        new Simple($this->_encryptionKey, $invalidKey);
     }
 
-    public function testEncryptInvalidIvLength() {
-        $this->setExpectedException('Exception');
+    /**
+     * @expectedException \InvalidArgumentException
+     * @expectedExceptionMessage IV must be exactly
+     */
+    public function testEncryptWithInvalidIvLengthThrowsException() {
+        $this->_instance->encrypt('FooBar ', 'wrong-iv-length');
+    }
 
-        $ciphertext = $this->_instance->encrypt(
-            'FooBar ', $this->_encryptionKey, $this->macKey, 'Short IV');
+    public function testDifferentIvGeneratedOnEachRun() {
+        $expected = 20;
+        $ivs = array();
+        for ($i = 1; $i <= $expected; $i++) {
+            $ivs[] = $this->_instance->generateIv();
+        }
 
-        $this->assertEquals('This should never execute', base64_encode($ciphertext));
-    }
+        $duplicatesRemoved = array_values($ivs);
 
-    public function testGenerateIv() {
-        $iv = $this->_instance->generateIv();
-        $secondIv = $this->_instance->generateIv();
-        $this->assertNotEquals($iv, $secondIv);
+        $this->assertCount($expected, $duplicatesRemoved);
     }
 }