md5 to sha256 and removed defuse-encryption, extra tests

Author: Crecket

README.md

@@ -37,12 +37,6 @@ All functions are static public functions right now so you can simply call the f
 ### compareStrings($string1, $string2)
 Compare strings while preventing timed attacks
 
-### decrypt($input, $key)
-Returns the decryped output as a string using [defuse/php-encryption](https://github.com/defuse/php-encryption)'s library.
-
-### encrypt($input, $key = false)
-Encrypt a string, if no key is given one will be generated for you (Recommended) using [defuse/php-encryption](https://github.com/defuse/php-encryption)'s library.
-
 ### getFormToken('form_token_id', $form_token, $limit = 300)
 Verify a form token for the given id. The $limit is optional andm ust be given in seconds, if the limit is 300 and the token is used after 300 seconds it will be considered invalid.
 
@@ -58,9 +52,6 @@ Returns a random hexadecimal number for the given length
 ### randomInt($min, $max)
 Returns the a secure random integer within the given range.
 
-### randomSecureKey()
-Return a random key using [defuse/php-encryption](https://github.com/defuse/php-encryption)'s library.
-
 ### randomString($length)
 Returns a random string for the given length
 

composer.json

@@ -9,8 +9,7 @@
     }
   ],
   "require": {
-    "php": ">=5.6.0",
-    "defuse/php-encryption": "^1.2"
+    "php": ">=5.6.0"
   },
   "autoload": {
     "psr-4": {

composer.lock

@@ -9,50 +9,6 @@ class SecureFuncs
      */
     private static $_keyLength = 32;
 
-    /**
-     * @param $input
-     * @param $key
-     * @return string
-     * @throws \CannotPerformOperationException
-     * @throws \InvalidCiphertextException
-     */
-    public static function decrypt($input, $key)
-    {
-        try {
-            return \Crypto::decrypt($input, $key);
-        } catch (\Defuse\Crypto\Exception\InvalidCiphertextException $ex) {
-            die('DANGER! DANGER! The ciphertext has been tampered with!');
-        } catch (\Defuse\Crypto\Exception\CryptoTestFailedException $ex) {
-            die('Cannot safely perform decryption');
-        } catch (\Defuse\Crypto\Exception\CannotPerformOperationException $ex) {
-            die('Cannot safely perform decryption');
-        }
-    }
-
-    /**
-     * @param $input
-     * @param bool $key
-     * @return array
-     * @throws CannotPerformOperationException
-     * @throws \CannotPerformOperationException
-     */
-    public static function encrypt($input, $key = false)
-    {
-        if ($key === false || GenericFuncs::strlen($key) !== Crypto::KEY_BYTE_SIZE) {
-            $key = self::randomSecureKey();
-        }
-
-        try {
-            $ciphertext = \Crypto::encrypt($input, $key);
-        } catch (\Defuse\Crypto\Exception\CryptoTestFailedException $ex) {
-            die('Cannot safely perform encryption');
-        } catch (\Defuse\Crypto\Exception\CannotPerformOperationException $ex) {
-            die('Cannot safely perform encryption');
-        }
-
-        return array('Key' => $key, 'Encrypted' => $ciphertext);
-    }
-
     /**
      * Checks if the given id and token match > If not the form has been sent twice or the ID is incorrect
      * @param $id
@@ -65,7 +21,7 @@ public static function getFormToken($id, $token, $limit_time = 300)
         // Check if isset
         if (!empty($_SESSION['formtoken'][$id]) && !empty($_SESSION['formtoken_time'][$id])) {
             // Check if token is correct
-            if (md5($_SESSION['formtoken'][$id]) === $token) {
+            if (hash('sha256', $_SESSION['formtoken'][$id]) === $token) {
                 $valid = true;
                 // If time limit is set, check if isset
                 if ($limit_time !== false) {
@@ -136,20 +92,6 @@ public static function randomInt($min, $max)
         return $min + $randDiff;
     }
 
-    /**
-     * @return string
-     */
-    public static function randomSecureKey()
-    {
-        try {
-            return \Crypto::createNewRandomKey();
-        } catch (\Defuse\Crypto\Exception\CryptoTestFailedException $ex) {
-            die('Cannot safely create a key');
-        } catch (\Defuse\Crypto\Exception\CannotPerformOperationException $ex) {
-            die('Cannot safely create a key');
-        }
-    }
-
     /**
      * @param $length
      * @return string
@@ -180,7 +122,7 @@ public static function setFormToken($id)
     {
         $_SESSION['formtoken'][$id] = self::randomString(100);
         $_SESSION['formtoken_time'][$id] = time();
-        return md5($_SESSION['formtoken'][$id]);
+        return hash('sha256', $_SESSION['formtoken'][$id]);
     }
 
     /**