From b202f427062c29566b6ae09b1ee72b2bc1746d61 Mon Sep 17 00:00:00 2001 From: Scott Date: Wed, 14 Oct 2015 21:42:27 -0400 Subject: [PATCH] PHP's order of operations need to be reined in. --- src/Key.php | 4 ++-- test/unit/KeyTest.php | 14 +++++++++++++- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/src/Key.php b/src/Key.php index 6594595..903acde 100644 --- a/src/Key.php +++ b/src/Key.php @@ -157,11 +157,11 @@ public static function deriveFromPassword( new ASecretKey($secret_key, $signing), // Secret key new APublicKey($public_key, $signing) // Public key ]; - } elseif ($type & self::SECRET_KEY !== 0) { + } elseif (($type & self::SECRET_KEY) !== 0) { /** * Are we doing encryption or authentication? */ - if ($type & self::SIGNATURE !== 0) { + if (($type & self::SIGNATURE) !== 0) { $signing = true; $secret_key = \Sodium\crypto_pwhash_scryptsalsa208sha256( \Sodium\CRYPTO_AUTH_KEYBYTES, diff --git a/test/unit/KeyTest.php b/test/unit/KeyTest.php index b989f12..8cf7b6c 100644 --- a/test/unit/KeyTest.php +++ b/test/unit/KeyTest.php @@ -3,7 +3,6 @@ use \ParagonIE\Halite\Asymmetric\Crypto as Asymmetric; use \ParagonIE\Halite\Asymmetric\SecretKey as ASecretKey; use \ParagonIE\Halite\Asymmetric\PublicKey as APublicKey; -use \ParagonIE\Halite\Symmetric\SecretKey as SecretKey; /** * @backupGlobals disabled @@ -23,6 +22,19 @@ public function testDerive() "\x36\xa6\xc2\xb9\x6a\x65\x0d\x80\xbf\x7e\x02\x5e\x0f\x58\xf3\xd6". "\x36\x33\x95\x75\xde\xfb\x37\x08\x01\xa5\x42\x13\xbd\x54\x58\x2d" ); + $salt = \Sodium\hex2bin( + '762ce4cabd543065172236de1027536ad52ec4c9133ced3766ff319f10301888' + ); + + // Issue #10 + $enc_secret = Key::deriveFromPassword( + 'correct horse battery staple', + $salt, + Key::ENCRYPTION | Key::SECRET_KEY + ); + $this->assertTrue( + $enc_secret->isEncryptionKey() + ); } public function testDeriveSigningKey()