Add Brainpool to factory, fix tests

paragonie · May 1, 2024 · 0a36f11 · 0a36f11
1 parent 841edde
commit 0a36f11
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 3 deletions.
diff --git a/src/EccFactory.php b/src/EccFactory.php
@@ -4,8 +4,10 @@
 namespace Mdanter\Ecc;
 
 use Mdanter\Ecc\Crypto\Signature\Signer;
+use Mdanter\Ecc\Curves\BrainpoolCurve;
 use Mdanter\Ecc\Curves\NistCurve;
 use Mdanter\Ecc\Curves\SecgCurve;
+use Mdanter\Ecc\Curves\SecureBrainpoolCurve;
 use Mdanter\Ecc\Curves\SecureNistCurve;
 use Mdanter\Ecc\Curves\SecureSecgCurve;
 use Mdanter\Ecc\Math\GmpMathInterface;
@@ -32,10 +34,26 @@ public static function getAdapter(bool $debug = false): GmpMathInterface
         return MathAdapterFactory::getAdapter($debug);
     }
 
+    /**
+     * Returns a factory to return Brainpool curves and generators.
+     *
+     * @param  ?GmpMathInterface $adapter [optional] Defaults to the return value of EccFactory::getAdapter().
+     * @param  bool $allowInsecure [optional] Allow insecure curves? (default: false)
+     * @return BrainpoolCurve
+     */
+    public static function getBrainpoolCurves(?GmpMathInterface $adapter = null, bool $allowInsecure = false): BrainpoolCurve
+    {
+        if ($allowInsecure) {
+            return new BrainpoolCurve($adapter ?: self::getAdapter());
+        }
+        return new SecureBrainpoolCurve($adapter ?: self::getAdapter());
+    }
+
     /**
      * Returns a factory to create NIST Recommended curves and generators.
      *
      * @param  ?GmpMathInterface $adapter [optional] Defaults to the return value of EccFactory::getAdapter().
+     * @param bool $allowInsecure [optional] Allow insecure curves? (default: false)
      * @return NistCurve
      */
     public static function getNistCurves(?GmpMathInterface $adapter = null, bool $allowInsecure = false): NistCurve
@@ -50,7 +68,7 @@ public static function getNistCurves(?GmpMathInterface $adapter = null, bool $al
      * Returns a factory to return SECG Recommended curves and generators.
      *
      * @param  ?GmpMathInterface $adapter [optional] Defaults to the return value of EccFactory::getAdapter().
-     * @param  bool $allowInsecure [optional] Allow insecure curves? (default: false)
+     * @param bool $allowInsecure [optional] Allow insecure curves? (default: false)
      * @return SecgCurve
      */
     public static function getSecgCurves(?GmpMathInterface $adapter = null, bool $allowInsecure = false): SecgCurve

diff --git a/tests/unit/EccFactoryTest.php b/tests/unit/EccFactoryTest.php
@@ -23,15 +23,23 @@ public function testCreateCurve(): void
         $this->assertInstanceOf(CurveFp::class, $created);
     }
 
+    public function testsNoInscureCurvesByDefaultBrainpool(): void
+    {
+        $this->expectException(InsecureCurveException::class);
+        $curve = EccFactory::getBrainpoolCurves()->curve256r1();
+        if ($curve->isOpensslAvailable()) {
+            $this->markTestSkipped('We can actually use this curve securely');
+        }
+    }
+
     public function testsNoInscureCurvesByDefaultNIST(): void
     {
-        $this->expectExceptionMessage('P-192 is not a secure elliptic curve');
         $this->expectException(InsecureCurveException::class);
         EccFactory::getNistCurves()->curve192();
     }
+
     public function testsNoInscureCurvesByDefaultSecg(): void
     {
-        $this->expectExceptionMessage('secp112r1 is not a secure elliptic curve');
         $this->expectException(InsecureCurveException::class);
         EccFactory::getSecgCurves()->curve112r1();
     }