SQUASHED COMMIT

PSR-4 Refactor

PSR-4 autoloader in composer.json, version 2.0.0

Exception handler fixes

Fix example/benchmark scripts

Fix exception definition

Set exception handler, use \ prefixes on functions in Crypto.php

Be more explicit

Author: paragonie-scott

autoload.php

@@ -0,0 +1,38 @@
+<?php
+/**
+ * PSR-4 compatible autoloader
+ */
+\spl_autoload_register(function ($class) {
+    // Project-specific namespace prefix
+    $prefix = 'Defuse\\Crypto';
+
+    // Base directory for the namespace prefix
+    $base_dir = __DIR__.'/src/';
+
+    // Does the class use the namespace prefix?
+    $len = \strlen($prefix);
+    if (\strncmp($prefix, $class, $len) !== 0) {
+        // no, move to the next registered autoloader
+        return;
+    }
+
+    // Get the relative class name
+    $relative_class = \substr($class, $len);
+
+    // Replace the namespace prefix with the base directory, replace namespace
+    // separators with directory separators in the relative class name, append
+    // with .php
+    $file = $base_dir.
+        \str_replace(
+            ['\\', '_'],
+            '/',
+            $relative_class
+        ).'.php';
+
+    // If the file exists, require it
+    if (\file_exists($file)) {
+        require $file;
+    }
+});
+
+$crypto_exception_handler_object_dont_touch_me = new \Defuse\Crypto\ExceptionHandler;

benchmark.php

@@ -1,42 +1,41 @@
 <?php
+use \Defuse\Crypto\Crypto;
+require_once'autoload.php';
+
+function showResults($type, $start, $end, $count)
+{
+    $time = $end - $start;
+    $rate = $count / $time;
+    echo $type, ': ', $rate, ' calls/s', "\n";
+}
 
-require_once('Crypto.php');
 
 // Note: By default, the runtime tests are "cached" and not re-executed for
 // every call. To disable this, look at the RuntimeTest() function.
 
-$start = microtime(true);
+$start = \microtime(true);
 for ($i = 0; $i < 1000; $i++) {
-    $key = Crypto::CreateNewRandomKey();
+    $key = Crypto::createNewRandomKey();
 }
-$end = microtime(true);
-showResults("CreateNewRandomKey()", $start, $end, 1000);
+$end = \microtime(true);
+showResults("createNewRandomKey()", $start, $end, 1000);
 
-$start = microtime(true);
+$start = \microtime(true);
 for ($i = 0; $i < 100; $i++) {
-    $ciphertext = Crypto::Encrypt(
-        str_repeat("A", 1024*1024),
-        str_repeat("B", 16)
+    $ciphertext = Crypto::encrypt(
+        \str_repeat("A", 1024*1024),
+        \str_repeat("B", 16)
     );
 }
 $end = microtime(true);
-showResults("Encrypt(1MB)", $start, $end, 100);
+showResults("encrypt(1MB)", $start, $end, 100);
 
 $start = microtime(true);
 for ($i = 0; $i < 1000; $i++) {
-    $ciphertext = Crypto::Encrypt(
-        str_repeat("A", 1024),
-        str_repeat("B", 16)
+    $ciphertext = Crypto::encrypt(
+        \str_repeat("A", 1024),
+        \str_repeat("B", 16)
     );
 }
-$end = microtime(true);
-showResults("Encrypt(1KB)", $start, $end, 1000);
-
-function showResults($type, $start, $end, $count)
-{
-    $time = $end - $start;
-    $rate = $count / $time;
-    echo "$type: $rate calls/s\n";
-}
-
-?>
+$end = \microtime(true);
+showResults("encrypt(1KB)", $start, $end, 1000);

composer.json

@@ -2,6 +2,7 @@
     "name": "defuse/php-encryption",
     "description": "Secure PHP Encryption Library",
     "license": "MIT",
+    "version": "2.0.0",
     "keywords": ["security", "encryption", "AES", "openssl", "cipher", "cryptography", "symmetric key cryptography", "crypto", "encrypt", "authenticated encryption"],
     "authors": [
         {
@@ -10,7 +11,7 @@
         }
     ],
     "autoload": {
-        "files": ["Crypto.php"]
+        "files": ["src/autoload.php"]
     },
     "require": {
         "php":  ">=5.4.0",

example.php

@@ -1,36 +1,40 @@
 <?php
-require_once('Crypto.php');
-  try {
-      $key = Crypto::CreateNewRandomKey();
-      // WARNING: Do NOT encode $key with bin2hex() or base64_encode(),
-      // they may leak the key to the attacker through side channels.
-  } catch (CryptoTestFailedException $ex) {
-      die('Cannot safely create a key');
-  } catch (CannotPerformOperationException $ex) {
-      die('Cannot safely create a key');
-  }
 
-  $message = "ATTACK AT DAWN";
-  try {
-      $ciphertext = Crypto::Encrypt($message, $key);
-  } catch (CryptoTestFailedException $ex) {
-      die('Cannot safely perform encryption');
-  } catch (CannotPerformOperationException $ex) {
-      die('Cannot safely perform decryption');
-  }
+use \Defuse\Crypto\Crypto;
+use \Defuse\Crypto\Exception as Ex;
 
-  try {
-      $decrypted = Crypto::Decrypt($ciphertext, $key);
-  } catch (InvalidCiphertextException $ex) { // VERY IMPORTANT
-      // Either:
-      //   1. The ciphertext was modified by the attacker,
-      //   2. The key is wrong, or
-      //   3. $ciphertext is not a valid ciphertext or was corrupted.
-      // Assume the worst.
-      die('DANGER! DANGER! The ciphertext has been tampered with!');
-  } catch (CryptoTestFailedException $ex) {
-      die('Cannot safely perform encryption');
-  } catch (CannotPerformOperationException $ex) {
-      die('Cannot safely perform decryption');
-  }
-?>
+require_once 'autoload.php';
+
+try {
+    $key = Crypto::createNewRandomKey();
+    // WARNING: Do NOT encode $key with bin2hex() or base64_encode(),
+    // they may leak the key to the attacker through side channels.
+} catch (Ex\CryptoTestFailed $ex) {
+    die('Cannot safely create a key');
+} catch (Ex\CannotPerformOperation $ex) {
+    die('Cannot safely create a key');
+}
+
+$message = "ATTACK AT DAWN";
+try {
+    $ciphertext = Crypto::encrypt($message, $key);
+} catch (Ex\CryptoTestFailed $ex) {
+    die('Cannot safely perform encryption');
+} catch (Ex\CannotPerformOperation $ex) {
+    die('Cannot safely perform encryption');
+}
+
+try {
+    $decrypted = Crypto::decrypt($ciphertext, $key);
+} catch (Ex\InvalidCiphertext $ex) { // VERY IMPORTANT
+    // Either:
+    //   1. The ciphertext was modified by the attacker,
+    //   2. The key is wrong, or
+    //   3. $ciphertext is not a valid ciphertext or was corrupted.
+    // Assume the worst.
+    die('DANGER! DANGER! The ciphertext has been tampered with!');
+} catch (Ex\CryptoTestFailed $ex) {
+    die('Cannot safely perform dencryption');
+} catch (Ex\CannotPerformOperation $ex) {
+    die('Cannot safely perform decryption');
+}