19104101509

Committed 05 Nov 2025 01:47PM UTC coverage: 78.204% (-1.4%) from 79.595%

Build # 19104101509

Build Type

push

travis-ci

Committed by

web-flow

Commit Message

Merge pull request #1773 from IrAlfred/fix-coverage-tests-issue

fix(other): fix coverage test issue

Run Details

4650 of 5946 relevant lines covered (78.2%)

6.42 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

88.89

/lib/crypt_sodium.php

<?php

/**
 * Encryption with the libsodium extension
 *
 * This extends our standard encryption and will override it if libsodium is
 * present. Checking a password and converting cipher text to clear text fall
 * back to the standard Hm_Crypt library if they fail.  This is to ensure
 * backwards compatibility.
 *
 * @package framework
 * @subpackage crypt
 */

class Hm_Crypt extends Hm_Crypt_Base {

    /**
     * Convert ciphertext to plaintext
     * @param string $string ciphertext to decrypt
     * @param string $key encryption key
     * @return string|false decrypted text
     */
    public static function plaintext($string, $key) {
        if (!LIBSODIUM) {
            return parent::plaintext($string, $key);
        }
        $res = false;
        $raw_string = base64_decode($string);
        if (!$raw_string || strlen($raw_string) < 60) {
            return false;
        }
        list($salt, $crypt_key) = self::keygen($key, substr($raw_string, 0, 24));
        $hmac = substr($raw_string, 24, 32);
        $crypt_string = substr($raw_string, 56);

        if (Hm_Sodium_Compat::crypto_auth_verify($hmac, $crypt_string, $crypt_key)) {
            $res = Hm_Sodium_Compat::crypto_secretbox_open($crypt_string, $salt, $crypt_key);
        }
        if ($res === false) {
            return parent::plaintext($string, $key);
        }
        return $res;
    }

    /**
     * Convert plaintext into ciphertext
     * @param string $string plaintext to encrypt
     * @param string $key encryption key
     * @return string encrypted text
     */
    public static function ciphertext($string, $key) {
        if (!LIBSODIUM) {
            return parent::ciphertext($string, $key);
        }
        list($salt, $key) = self::keygen($key);
        $ciphertext = Hm_Sodium_Compat::crypto_secretbox($string, $salt, $key);
        $mac = Hm_Sodium_Compat::crypto_auth($ciphertext, $key);
        return base64_encode($salt.$mac.$ciphertext);
    }

    /**
     * Hash a password using libsodium. Args not defined here are for backwards
     * compat usage with our built in crypto
     * @param string $password password to hash
     * @return string
     */
    public static function hash_password($password, $salt = false, $count = false, $algo = 'sha512', $type = 'php') {
        if (!LIBSODIUM) {
            return parent::hash_password($password, $salt, $count, $algo, $type);
        }
        return Hm_Sodium_Compat::crypto_pwhash_str($password);
    }

    /**
     * Check a password against it's stored hash using libsodium. If that
     * fails, try our built in crypto otherwise updating to libsodium breaks
     * everything
     * @param string $password clear text password
     * @param string $hash hashed password
     * @return bool
     */
    public static function check_password($password, $hash) {
        if (!LIBSODIUM) {
            return parent::check_password($password, $hash);
        }
        if (!Hm_Sodium_Compat::crypto_pwhash_str_verify($hash, $password)) {
            return parent::check_password($password, $hash);
        }
        return true;
    }

    /**
     * stretch (or shrink) a key for libsodium
     * @param string $key the key to stretch/shrink
     * @param string $salt a salt to use, or create one if needed
     * @return string[]
     */
    protected static function keygen($key, $salt = false) {
        if ($salt === false) {
            $salt = Hm_Sodium_Compat::randombytes_buf();
        }
        return parent::keygen($key, $salt);
    }
}

1	<?php
2
3	/**
4	* Encryption with the libsodium extension
5	*
6	* This extends our standard encryption and will override it if libsodium is
7	* present. Checking a password and converting cipher text to clear text fall
8	* back to the standard Hm_Crypt library if they fail. This is to ensure
9	* backwards compatibility.
10	*
11	* @package framework
12	* @subpackage crypt
13	*/
14
15	class Hm_Crypt extends Hm_Crypt_Base {
16
17	/**
18	* Convert ciphertext to plaintext
19	* @param string $string ciphertext to decrypt
20	* @param string $key encryption key
21	* @return string\|false decrypted text
22	*/
23	public static function plaintext($string, $key) {	19✔
24	if (!LIBSODIUM) {	19✔
25	return parent::plaintext($string, $key);	×
26	}
27	$res = false;	19✔
28	$raw_string = base64_decode($string);	19✔
29	if (!$raw_string \|\| strlen($raw_string) < 60) {	19✔
30	return false;	3✔
31	}
32	list($salt, $crypt_key) = self::keygen($key, substr($raw_string, 0, 24));	18✔
33	$hmac = substr($raw_string, 24, 32);	18✔
34	$crypt_string = substr($raw_string, 56);	18✔
35
36	if (Hm_Sodium_Compat::crypto_auth_verify($hmac, $crypt_string, $crypt_key)) {	18✔
37	$res = Hm_Sodium_Compat::crypto_secretbox_open($crypt_string, $salt, $crypt_key);	13✔
38	}
39	if ($res === false) {	18✔
40	return parent::plaintext($string, $key);	7✔
41	}
42	return $res;	13✔
43	}
44
45	/**
46	* Convert plaintext into ciphertext
47	* @param string $string plaintext to encrypt
48	* @param string $key encryption key
49	* @return string encrypted text
50	*/
51	public static function ciphertext($string, $key) {	25✔
52	if (!LIBSODIUM) {	25✔
53	return parent::ciphertext($string, $key);	×
54	}
55	list($salt, $key) = self::keygen($key);	25✔
56	$ciphertext = Hm_Sodium_Compat::crypto_secretbox($string, $salt, $key);	25✔
57	$mac = Hm_Sodium_Compat::crypto_auth($ciphertext, $key);	25✔
58	return base64_encode($salt.$mac.$ciphertext);	25✔
59	}
60
61	/**
62	* Hash a password using libsodium. Args not defined here are for backwards
63	* compat usage with our built in crypto
64	* @param string $password password to hash
65	* @return string
66	*/
67	public static function hash_password($password, $salt = false, $count = false, $algo = 'sha512', $type = 'php') {	8✔
68	if (!LIBSODIUM) {	8✔
69	return parent::hash_password($password, $salt, $count, $algo, $type);	×
70	}
71	return Hm_Sodium_Compat::crypto_pwhash_str($password);	8✔
72	}
73
74	/**
75	* Check a password against it's stored hash using libsodium. If that
76	* fails, try our built in crypto otherwise updating to libsodium breaks
77	* everything
78	* @param string $password clear text password
79	* @param string $hash hashed password
80	* @return bool
81	*/
82	public static function check_password($password, $hash) {	8✔
83	if (!LIBSODIUM) {	8✔
84	return parent::check_password($password, $hash);	×
85	}
86	if (!Hm_Sodium_Compat::crypto_pwhash_str_verify($hash, $password)) {	8✔
87	return parent::check_password($password, $hash);	6✔
88	}
89	return true;	6✔
90	}
91
92	/**
93	* stretch (or shrink) a key for libsodium
94	* @param string $key the key to stretch/shrink
95	* @param string $salt a salt to use, or create one if needed
96	* @return string[]
97	*/
98	protected static function keygen($key, $salt = false) {	31✔
99	if ($salt === false) {	31✔
100	$salt = Hm_Sodium_Compat::randombytes_buf();	25✔
101	}
102	return parent::keygen($key, $salt);	31✔
103	}
104	}

cypht-org / cypht / 19104101509

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous