fixed dockerfile deprecation

fixed cookie encryption with new encryption lib
frmlx · Sep 4, 2024 · 7d381e0 · 7d381e0
1 parent 0106b8d
commit 7d381e0
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 8 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -70,4 +70,5 @@ RUN chmod +x "$FRAMELIX_SYSTEMDIR/entrypoint.sh"
 # health check
 HEALTHCHECK --interval=1m --timeout=3s CMD framelix_console all healthCheck -q || exit 1
 
+SHELL ["/bin/bash", "-c"]
 ENTRYPOINT $FRAMELIX_SYSTEMDIR/entrypoint.sh
diff --git a/appdata/modules/Framelix/composer.json b/appdata/modules/Framelix/composer.json
@@ -5,6 +5,7 @@
         "mpdf/qrcode": "^1.2",
         "phpoffice/phpspreadsheet": "^2.2",
         "mpdf/mpdf": "^8.2",
-        "phpmailer/phpmailer": "^6.9"
+        "phpmailer/phpmailer": "^6.9",
+        "brainfoolong/js-aes-php": "^1.0"
     }
 }
diff --git a/appdata/modules/Framelix/src/Network/Cookie.php b/appdata/modules/Framelix/src/Network/Cookie.php
@@ -5,7 +5,7 @@
 use Framelix\Framelix\Framelix;
 use Framelix\Framelix\Utils\CryptoUtils;
 use Framelix\Framelix\Utils\JsonUtils;
-use Nullix\CryptoJsAes\CryptoJsAes;
+use Nullix\JsAesPhp\JsAesPhp;
 use Throwable;
 
 use function base64_decode;
@@ -38,7 +38,7 @@ public static function get(string $name, bool $isSigned = true, bool $encrypted
             }
         }
         if ($encrypted) {
-            $value = CryptoJsAes::decrypt(base64_decode($value), CryptoUtils::hash($name));
+            $value = JsAesPhp::decrypt($value, CryptoUtils::hash($name));
         } else {
             // simply ignoring any json parse errors as this value can be modified by the user
             try {
@@ -74,7 +74,7 @@ public static function set(
             unset($_COOKIE[$name]);
         } else {
             if ($encrypted) {
-                $value = base64_encode(CryptoJsAes::encrypt($value, CryptoUtils::hash($name)));
+                $value = JsAesPhp::encrypt($value, CryptoUtils::hash($name));
             } else {
                 $value = base64_encode(JsonUtils::encode($value));
             }

diff --git a/appdata/modules/Framelix/upgrade-composer-libs.sh b/appdata/modules/Framelix/upgrade-composer-libs.sh
@@ -3,4 +3,4 @@
 SCRIPTDIR=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &>/dev/null && pwd)
 cd $SCRIPTDIR
 rm composer.lock compeser.json
-composer require robthree/twofactorauth lbuchs/webauthn mpdf/qrcode phpoffice/phpspreadsheet mpdf/mpdf phpmailer/phpmailer
+composer require robthree/twofactorauth lbuchs/webauthn mpdf/qrcode phpoffice/phpspreadsheet mpdf/mpdf phpmailer/phpmailer brainfoolong/js-aes-php
diff --git a/appdata/modules/FramelixTests/tests/Network/CookieTest.php b/appdata/modules/FramelixTests/tests/Network/CookieTest.php
@@ -27,10 +27,10 @@ public function tests(): void
         // test encryption
         Cookie::set('fooencrypted', '123456', encrypted: true);
         $this->assertSame('123456', Cookie::get('fooencrypted', encrypted: true));
-        // missing encrypted flag will return the raw array from encryption
-        $this->assertIsArray(Cookie::get('fooencrypted'));
+        // missing encrypted flag will return null because value cannot be json decoded
+        $this->assertNull(Cookie::get('fooencrypted'));
         $_COOKIE['fooencrypted__s'] .= "11";
-        // missing encrypted flag will return the raw array from encryption
+        // missing encrypted flag will return null because value cannot be json decoded
         $this->assertNull(Cookie::get('fooencrypted'));
     }
 }