Crypto params validation

mlojewski-me · mlojewski-me · commit 2da835b0171c · 2018-12-26T12:19:14.000+01:00
diff --git a/lib/Controller/SettingsController.php b/lib/Controller/SettingsController.php
@@ -198,6 +198,16 @@ public function saveProperties()
             ];
         }
 
+        if (!$this->validateCryptoParams()) {
+            return [
+                "status" => "error", "data" => [
+                    "message" => $this->localization->t(
+                        "Hash algorithm parameter is out of range."
+                    )
+                ]
+            ];
+        }
+
         foreach ($properties as $key => $value) {
             $reqValue = $this->request->getParam(str_replace(".", "-", $key));
             $appValue = $this->properties[$key];
@@ -213,6 +223,9 @@ public function saveProperties()
                     "Property '$key' has been set to: " . $value,
                     ["app" => $this->appName]
                 );
+            } elseif (!is_bool($appValue) && !isset($reqValue)) {
+                unset($this->properties[$key]);
+
             }
         }
 
@@ -230,6 +243,48 @@ public function saveProperties()
         ];
     }
 
+    /**
+     * Validate request crypto params.
+     *
+     * @return bool TRUE if crypto params are correct FALSE otherwise.
+     */
+    private function validateCryptoParams()
+    {
+        $cryptoClass = $this->request->getParam("opt-crypto_class");
+        $configuration = $this->cryptoClassConfiguration($cryptoClass);
+
+        for ($i = 0; $i < count($configuration); ++$i) {
+            $reqParam = $this->request->getParam(
+                "opt-crypto_param_" . $i, null
+            );
+            $cryptoParam = $configuration[$i];
+
+            if (is_null($reqParam) || $reqParam < $cryptoParam->min
+                || $reqParam > $cryptoParam->max
+            ) {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    /**
+     * Get a crypto class configuration from request.
+     *
+     * @param $cryptoClass string Crypto class name.
+     *
+     * @return array A crypto class configuration.
+     */
+    private function cryptoClassConfiguration($cryptoClass)
+    {
+        /**
+         * @var $passwordAlgorithm IPasswordAlgorithm
+         */
+        $passwordAlgorithm = new $cryptoClass($this->localization);
+        return $passwordAlgorithm->configuration();
+    }
+
     /**
      * Clear the application cache memory.
      *
@@ -385,12 +440,8 @@ public function cryptoParams()
             "Entering cryptoParams()", ["app" => $this->appName]
         );
 
-        /**
-         * @var $passwordAlgorithm IPasswordAlgorithm
-         */
         $cryptoClass = $this->request->getParam("cryptoClass");
-        $passwordAlgorithm = new $cryptoClass($this->localization);
-        $configuration = $passwordAlgorithm->configuration();
+        $configuration = $this->cryptoClassConfiguration($cryptoClass);
 
         if ($cryptoClass === $this->properties[Opt::CRYPTO_CLASS]) {
             foreach ($configuration as $key => $value) {
diff --git a/lib/Properties.php b/lib/Properties.php
@@ -119,24 +119,6 @@ private function loadProperties()
         );
     }
 
-    /**
-     * Is given parameter a boolean parameter.
-     *
-     * @param $param string Parameter name.
-     *
-     * @return bool Is a boolean parameter.
-     */
-    private function isBooleanParam($param)
-    {
-        return in_array(
-            $param, [
-                Opt::APPEND_SALT, Opt::CASE_INSENSITIVE_USERNAME,
-                Opt::NAME_CHANGE, Opt::PASSWORD_CHANGE, Opt::PREPEND_SALT,
-                Opt::REVERSE_ACTIVE, Opt::USE_CACHE
-            ]
-        );
-    }
-
     /**
      * Return an array with all supported parameters.
      *
@@ -162,6 +144,24 @@ private function getParameterArray()
         return $params;
     }
 
+    /**
+     * Is given parameter a boolean parameter.
+     *
+     * @param $param string Parameter name.
+     *
+     * @return bool Is a boolean parameter.
+     */
+    private function isBooleanParam($param)
+    {
+        return in_array(
+            $param, [
+                Opt::APPEND_SALT, Opt::CASE_INSENSITIVE_USERNAME,
+                Opt::NAME_CHANGE, Opt::PASSWORD_CHANGE, Opt::PREPEND_SALT,
+                Opt::REVERSE_ACTIVE, Opt::USE_CACHE
+            ]
+        );
+    }
+
     /**
      * Store properties in the cache memory.
      */
@@ -229,6 +229,7 @@ public function offsetSet($offset, $value)
      */
     public function offsetUnset($offset)
     {
+        $this->config->deleteAppValue($this->appName, $offset);
         unset($this->data[$offset]);
     }
 }
