Skip to content

Commit

Permalink
Set default symmetric to Aes256
Browse files Browse the repository at this point in the history 
Signed-off-by: Nguyen Van Nguyen <nguyennv1981@gmail.com>
  • Loading branch information
@nguyennv
nguyennv committed Dec 20, 2024
1 parent 90a74ba commit 8742529
Show file tree
Hide file tree
Showing 21 changed files with 35 additions and 39 deletions.
2 changes: 1 addition & 1 deletion src/Common/Config.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ final class Config

private static HashAlgorithm $preferredHash = HashAlgorithm::Sha256;

private static SymmetricAlgorithm $preferredSymmetric = SymmetricAlgorithm::Aes128;
private static SymmetricAlgorithm $preferredSymmetric = SymmetricAlgorithm::Aes256;

private static CompressionAlgorithm $preferredCompression = CompressionAlgorithm::Uncompressed;

Expand Down
2 changes: 1 addition & 1 deletion src/Cryptor/Aead/CMac.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ final class CMac
* @return self
*/
public function __construct(
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256,
private int $macSize = 0
) {
$this->cipher = $symmetric->ecbCipherEngine();
Expand Down
2 changes: 1 addition & 1 deletion src/Cryptor/Aead/EAX.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ final class EAX implements AeadCipher
*/
public function __construct(
private readonly string $key,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256
) {
$this->cipher = $symmetric->cipherEngine(self::CIPHER_MODE);
$this->cipher->setKey($key);
Expand Down
2 changes: 1 addition & 1 deletion src/Cryptor/Aead/GCM.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ final class GCM implements AeadCipher
*/
public function __construct(
string $key,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256
) {
$this->cipher = $symmetric->cipherEngine(self::CIPHER_MODE);
$this->cipher->setKey($key);
Expand Down
2 changes: 1 addition & 1 deletion src/Cryptor/Aead/OCB.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ final class OCB implements AeadCipher
*/
public function __construct(
string $key,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256
) {
if ($symmetric->blockSize() !== self::BLOCK_LENGTH) {
throw new \InvalidArgumentException(
Expand Down
6 changes: 1 addition & 5 deletions src/Enum/SymmetricAlgorithm.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -218,12 +218,8 @@ public function ecbCipherEngine(): Symmetric\EcbCipher
static public function preferredSymmetrics(): array
{
return [
self::Aes128,
self::Aes192,
self::Aes256,
self::Camellia128,
self::Camellia192,
self::Camellia256,
self::Aes128,
];
}
}
2 changes: 1 addition & 1 deletion src/Key/PrivateKey.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -312,7 +312,7 @@ public function getDecryptionKeyPackets(
public function encrypt(
string $passphrase,
array $subkeyPassphrases = [],
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256
): self {
if (empty($passphrase)) {
throw new \InvalidArgumentException(
Expand Down
4 changes: 2 additions & 2 deletions src/Message/LiteralMessage.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,7 +115,7 @@ public static function fromLiteralData(
*/
public static function generateSessionKey(
array $encryptionKeys,
SymmetricAlgorithm $defaultSymmetric = SymmetricAlgorithm::Aes128
SymmetricAlgorithm $defaultSymmetric = SymmetricAlgorithm::Aes256
): SessionKeyInterface {
$preferredSymmetrics = [];
foreach ($encryptionKeys as $key) {
Expand Down Expand Up @@ -344,7 +344,7 @@ public function verifyDetached(
public function encrypt(
array $encryptionKeys = [],
array $passwords = [],
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256
): EncryptedMessageInterface {
$encryptionKeys = array_filter(
$encryptionKeys,
Expand Down
6 changes: 3 additions & 3 deletions src/Packet/AeadEncryptedData.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ public static function fromBytes(string $bytes): self
public static function encryptPackets(
string $key,
PacketListInterface $packetList,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256
): self {
Helper::assertSymmetric($symmetric);

Expand Down Expand Up @@ -171,7 +171,7 @@ public function getIV(): string
*/
public function decrypt(
string $key,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256
): self {
if ($this->packetList instanceof PacketListInterface) {
return $this;
Expand Down Expand Up @@ -227,7 +227,7 @@ private static function crypt(
string $key,
string $data,
string $finalChunk = "",
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256,
AeadAlgorithm $aead = AeadAlgorithm::Ocb,
int $chunkSizeByte = 12,
string $iv = ""
Expand Down
2 changes: 1 addition & 1 deletion src/Packet/EncryptedDataTrait.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ public function getPacketList(): ?PacketListInterface
*/
public function encrypt(
string $key,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256
): self {
if ($this->packetList instanceof PacketListInterface) {
return self::encryptPackets($key, $this->packetList, $symmetric);
Expand Down
4 changes: 2 additions & 2 deletions src/Packet/Key/SessionKey.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ class SessionKey implements SessionKeyInterface
*/
public function __construct(
private readonly string $encryptionKey,
private readonly SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128,
private readonly SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256,
private readonly ?AeadAlgorithm $aead = null
) {
}
Expand Down Expand Up @@ -60,7 +60,7 @@ public static function fromBytes(string $bytes): self
* @return self
*/
public static function produceKey(
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256,
?AeadAlgorithm $aead = null
): self {
return new self(
Expand Down
4 changes: 2 additions & 2 deletions src/Packet/SecretKey.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -323,7 +323,7 @@ public function isDecrypted(): bool
*/
public function encrypt(
string $passphrase,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256,
?AeadAlgorithm $aead = null
): self {
if ($this->isDecrypted()) {
Expand Down Expand Up @@ -565,7 +565,7 @@ protected static function generateKeyMaterial(
*/
protected function encryptKeyMaterial(
string $passphrase,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256,
?AeadAlgorithm $aead = null
): array {
Helper::assertSymmetric($symmetric);
Expand Down
4 changes: 2 additions & 2 deletions src/Packet/SecretSubkey.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ public function __construct(
string $keyData = "",
?KeyMaterialInterface $keyMaterial = null,
S2kUsage $s2kUsage = S2kUsage::None,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256,
?S2KInterface $s2k = null,
?AeadAlgorithm $aead = null,
string $iv = ""
Expand Down Expand Up @@ -129,7 +129,7 @@ public static function generate(
*/
public function encrypt(
string $passphrase,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256,
?AeadAlgorithm $aead = null
): self {
if ($this->isDecrypted()) {
Expand Down
8 changes: 4 additions & 4 deletions src/Packet/Signature.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1142,16 +1142,16 @@ private static function keySignatureProperties(int $version): array
if ($version === KeyVersion::V6->value) {
$props[] = new Signature\PreferredAeadCiphers(
implode([
chr(SymmetricAlgorithm::Aes256->value),
chr(AeadAlgorithm::Ocb->value),
chr(SymmetricAlgorithm::Aes256->value),
chr(AeadAlgorithm::Gcm->value),
chr(SymmetricAlgorithm::Aes128->value),
chr(AeadAlgorithm::Ocb->value),
chr(SymmetricAlgorithm::Aes128->value),
chr(AeadAlgorithm::Gcm->value),
chr(SymmetricAlgorithm::Aes128->value),
chr(AeadAlgorithm::Eax->value),
chr(SymmetricAlgorithm::Aes256->value),
chr(AeadAlgorithm::Ocb->value),
chr(SymmetricAlgorithm::Aes256->value),
chr(AeadAlgorithm::Gcm->value),
])
);
}
Expand Down
4 changes: 2 additions & 2 deletions src/Packet/SymEncryptedData.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ public static function fromBytes(string $bytes): self
public static function encryptPackets(
string $key,
PacketListInterface $packetList,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256
): self {
Helper::assertSymmetric($symmetric);
$cipher = $symmetric->cipherEngine(Config::CIPHER_MODE);
Expand Down Expand Up @@ -110,7 +110,7 @@ public function toBytes(): string
*/
public function decrypt(
string $key,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256
): self {
if (!Config::allowUnauthenticated()) {
throw new \RuntimeException("Message is not authenticated.");
Expand Down
6 changes: 3 additions & 3 deletions src/Packet/SymEncryptedIntegrityProtectedData.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -139,7 +139,7 @@ public static function fromBytes(string $bytes): self
public static function encryptPackets(
string $key,
PacketListInterface $packetList,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256,
?AeadAlgorithm $aead = null
): self {
Helper::assertSymmetric($symmetric);
Expand Down Expand Up @@ -243,7 +243,7 @@ public function getSalt(): string
*/
public function decrypt(
string $key,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256
): self {
if ($this->packetList instanceof PacketListInterface) {
return $this;
Expand Down Expand Up @@ -326,7 +326,7 @@ private static function aeadCrypt(
string $key,
string $data,
string $finalChunk = "",
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256,
AeadAlgorithm $aead = AeadAlgorithm::Gcm,
int $chunkSizeByte = 12,
string $salt = ""
Expand Down
4 changes: 2 additions & 2 deletions src/Packet/SymmetricKeyEncryptedSessionKey.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ class SymmetricKeyEncryptedSessionKey extends AbstractPacket implements
public function __construct(
private readonly int $version,
private readonly S2KInterface $s2k,
private readonly SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128,
private readonly SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256,
private readonly ?AeadAlgorithm $aead = null,
private readonly string $iv = "",
private readonly string $encrypted = "",
Expand Down Expand Up @@ -138,7 +138,7 @@ public static function fromBytes(string $bytes): self
public static function encryptSessionKey(
string $password,
?SessionKeyInterface $sessionKey = null,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256,
?AeadAlgorithm $aead = null
): self {
$aeadProtect = $aead instanceof AeadAlgorithm;
Expand Down
4 changes: 2 additions & 2 deletions src/Type/EncryptedDataPacketInterface.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ function getPacketList(): ?PacketListInterface;
*/
function encrypt(
string $key,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256
): self;

/**
Expand All @@ -62,7 +62,7 @@ function encryptWithSessionKey(SessionKeyInterface $sessionKey): self;
*/
function decrypt(
string $key,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256
): self;

/**
Expand Down
2 changes: 1 addition & 1 deletion src/Type/LiteralMessageInterface.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ function verifyDetached(
function encrypt(
array $encryptionKeys = [],
array $passwords = [],
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256
): EncryptedMessageInterface;

/**
Expand Down
2 changes: 1 addition & 1 deletion src/Type/PrivateKeyInterface.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ function getDecryptionKeyPackets(
function encrypt(
string $passphrase,
array $subkeyPassphrases = [],
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256
): self;

/**
Expand Down
2 changes: 1 addition & 1 deletion src/Type/SecretKeyPacketInterface.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ function isDecrypted(): bool;
*/
function encrypt(
string $passphrase,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes128,
SymmetricAlgorithm $symmetric = SymmetricAlgorithm::Aes256,
?AeadAlgorithm $aead = null
): self;

Expand Down

0 comments on commit 8742529

Please sign in to comment.