Moving encryption related properties to CookieCryptTrait

src/Http/Cookie/Cookie.php

@@ -14,13 +14,27 @@
 namespace Cake\Http\Cookie;
 
 use Cake\Utility\Hash;
-use Cake\Utility\Security;
 use DateTimeInterface;
 use InvalidArgumentException;
 use RuntimeException;
 
 /**
  * Cookie object to build a cookie and turn it into a header value
+ *
+ * An HTTP cookie (also called web cookie, Internet cookie, browser cookie or
+ * simply cookie) is a small piece of data sent from a website and stored on
+ * the user's computer by the user's web browser while the user is browsing.
+ *
+ * Cookies were designed to be a reliable mechanism for websites to remember
+ * stateful information (such as items added in the shopping cart in an online
+ * store) or to record the user's browsing activity (including clicking
+ * particular buttons, logging in, or recording which pages were visited in
+ * the past). They can also be used to remember arbitrary pieces of information
+ * that the user previously entered into form fields such as names, addresses,
+ * passwords, and credit card numbers.
+ *
+ * @link https://tools.ietf.org/html/rfc6265
+ * @link https://en.wikipedia.org/wiki/HTTP_cookie
  */
 class Cookie implements CookieInterface
 {
@@ -90,13 +104,6 @@ class Cookie implements CookieInterface
     protected $httpOnly = false;
 
     /**
-     * The key for encrypting and decrypting the cookie
-     *
-     * @var string
-     */
-    protected $encryptionKey = '';
-
-    /**
      * Constructor
      *
      * @param string $name Cookie name
@@ -312,7 +319,11 @@ class Cookie implements CookieInterface
     public function encrypt($key)
     {
         $this->encryptionKey = $key;
-        $this->value = $this->_encrypt($this->value, 'aes', $key);
+        $this->value = $this->_encrypt(
+            $this->value,
+            $this->encryptionCipher,
+            $key
+        );
 
         return $this;
     }
@@ -326,7 +337,11 @@ class Cookie implements CookieInterface
     public function decrypt($key)
     {
         $this->encryptionKey = $key;
-        $this->value = $this->_decrypt($this->value, 'aes', $key);
+        $this->value = $this->_decrypt(
+            $this->value,
+            $this->encryptionCipher,
+            $key
+        );
 
         return $this;
     }
@@ -339,7 +354,7 @@ class Cookie implements CookieInterface
     public function expand()
     {
         if (!$this->isExpanded) {
-            $this->data = $this->_explode($this->value);
+            $this->data = $this->_expand($this->value);
             $this->isExpanded = true;
         }
 
@@ -347,14 +362,14 @@ class Cookie implements CookieInterface
     }
 
     /**
-     * Serialized the data to a string
+     * Serializes the cookie value to a string
      *
      * @return $this
      */
     public function flatten()
     {
         if ($this->isExpanded) {
-            $this->value = $this->_implode($this->value);
+            $this->value = $this->_flatten($this->value);
             $this->isExpanded = false;
         }
 
@@ -370,31 +385,4 @@ class Cookie implements CookieInterface
     {
         return $this->isExpanded;
     }
-
-    /**
-     * Sets the encryption key
-     *
-     * @param string $key Encryption key
-     * @return $this
-     */
-    public function setEncryptionKey($key)
-    {
-        $this->encryptionKey = $key;
-
-        return $this;
-    }
-
-    /**
-     * Gets the cryptographic key
-     *
-     * @return string
-     */
-    public function getEncryptionKey()
-    {
-        if (empty($this->encryptionKey)) {
-            return Security::salt();
-        }
-
-        return $this->encryptionKey;
-    }
 }

src/Http/Cookie/CookieCryptTrait.php

@@ -20,25 +20,75 @@ use RuntimeException;
 /**
  * Cookie Crypt Trait.
  *
- * Provides the encrypt/decrypt logic for the CookieComponent.
- *
- * @link http://book.cakephp.org/3.0/en/controllers/components/cookie.html
+ * Provides the encrypt/decrypt logic.
  */
 trait CookieCryptTrait
 {
+
     /**
      * Valid cipher names for encrypted cookies.
      *
      * @var array
      */
-    protected $_validCiphers = ['aes', 'rijndael'];
+    protected $_validCiphers = [
+        'aes',
+        'rijndael'
+    ];
+
+    /**
+     * Encryption cipher
+     *
+     * @param string
+     */
+    protected $encryptionCipher = 'aes';
+
+    /**
+     * The key for encrypting and decrypting the cookie
+     *
+     * @var string
+     */
+    protected $encryptionKey = '';
+
+    /**
+     * Sets the encryption cipher
+     *
+     * @param string $cipher Cipher
+     * @return $this
+     */
+    public function setEncryptionCipher($cipher)
+    {
+        $this->checkCipher($cipher);
+        $this->encryptionCipher = $cipher;
+
+        return $this;
+    }
+
+    /**
+     * Sets the encryption key
+     *
+     * @param string $key Encryption key
+     * @return $this
+     */
+    public function setEncryptionKey($key)
+    {
+        $this->encryptionKey = $key;
+
+        return $this;
+    }
 
     /**
      * Returns the encryption key to be used.
      *
      * @return string
      */
-    abstract protected function getEncryptionKey();
+    public function getEncryptionKey()
+    {
+        if (empty($this->encryptionKey)) {
+            return Security::salt();
+        }
+
+        return $this->encryptionKey;
+    }
 
     /**
      * Encrypts $value using public $type method in Security class
@@ -52,7 +102,7 @@ trait CookieCryptTrait
     protected function _encrypt($value, $encrypt, $key = null)
     {
         if (is_array($value)) {
-            $value = $this->_implode($value);
+            $value = $this->_flatten($value);
         }
         if ($encrypt === false) {
             return $value;
@@ -124,7 +174,7 @@ trait CookieCryptTrait
     protected function _decode($value, $encrypt, $key)
     {
         if (!$encrypt) {
-            return $this->_explode($value);
+            return $this->_expand($value);
         }
 
         $this->checkCipher($encrypt);
@@ -140,7 +190,7 @@ trait CookieCryptTrait
             $value = Security::decrypt($value, $key);
         }
 
-        return $this->_explode($value);
+        return $this->_expand($value);
     }
 
     /**
@@ -149,19 +199,19 @@ trait CookieCryptTrait
      * @param array $array Map of key and values
      * @return string A json encoded string.
      */
-    protected function _implode(array $array)
+    protected function _flatten(array $array)
     {
         return json_encode($array);
     }
 
     /**
-     * Explode method to return array from string set in CookieComponent::_implode()
-     * Maintains reading backwards compatibility with 1.x CookieComponent::_implode().
+     * Explode method to return array from string set in CookieComponent::_flatten()
+     * Maintains reading backwards compatibility with 1.x CookieComponent::_flatten().
      *
      * @param string $string A string containing JSON encoded data, or a bare string.
      * @return string|array Map of key and values
      */
-    protected function _explode($string)
+    protected function _expand($string)
     {
         $first = substr($string, 0, 1);
         if ($first === '{' || $first === '[') {