From 04369c3eae728e14962c41d1ab259f9e7ed99144 Mon Sep 17 00:00:00 2001
From: Michael Hamann <michael@content-space.de>
Date: Tue, 30 Jul 2013 18:50:28 +0200
Subject: Add AES from phpseclib and use it for cookie encryption

This replaces the deprecated and broken Blowfish implementation that has
previously been used and should provide a lot more security.
---
 _test/tests/inc/auth_encryption.test.php | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 _test/tests/inc/auth_encryption.test.php

(limited to '_test')

diff --git a/_test/tests/inc/auth_encryption.test.php b/_test/tests/inc/auth_encryption.test.php
new file mode 100644
index 000000000..041eba00e
--- /dev/null
+++ b/_test/tests/inc/auth_encryption.test.php
@@ -0,0 +1,12 @@
+<?php
+
+/**
+ * Tests the auth_decrypt and auth_encrypt-functions
+ */
+class auth_encryption_test extends DokuWikiTest {
+    function testDeEncrypt() {
+        $data = "OnA28asdfäakgß*+!\"+*";
+        $secret = "oeaf1öasdöflk§";
+        $this->assertEquals($data, auth_decrypt(auth_encrypt($data, $secret), $secret));
+    }
+}
-- 
cgit v1.2.3