Asymmetric Anoymouse Encryption phpunit tests
This commit is contained in:
Clemens Schwaighofer
@@ -18,6 +18,7 @@ require 'config.php';
|
||||
$LOG_FILE_ID = 'classTest-encryption';
|
||||
ob_end_flush();
|
||||
|
||||
use CoreLibs\Security\AsymmetricAnonymousEncryption;
|
||||
use CoreLibs\Security\SymmetricEncryption;
|
||||
use CoreLibs\Security\CreateKey;
|
||||
|
||||
@@ -36,6 +37,8 @@ print "<body>";
|
||||
print '<div><a href="class_test.php">Class Test Master</a></div>';
|
||||
print '<div><h1>' . $PAGE_NAME . '</h1></div>';
|
||||
|
||||
print "<h2>Symmetric Encryption</h2>";
|
||||
|
||||
$key = CreateKey::generateRandomKey();
|
||||
print "Secret Key: " . $key . "<br>";
|
||||
|
||||
@@ -105,6 +108,49 @@ try {
|
||||
// $encrypted = $se->encrypt($string);
|
||||
// $decrypted = $se->decrypt($encrypted);
|
||||
|
||||
echo "<hr>";
|
||||
print "<h2>Asymmetric Encryption</h2>";
|
||||
|
||||
$key_pair = CreateKey::createKeyPair();
|
||||
$public_key = CreateKey::getPublicKey($key_pair);
|
||||
|
||||
$string = "I am some asymmetric secret";
|
||||
print "Message: " . $string . "<br>";
|
||||
$encrypted = sodium_crypto_box_seal($string, CreateKey::hex2bin($public_key));
|
||||
$message = sodium_bin2base64($encrypted, SODIUM_BASE64_VARIANT_ORIGINAL);
|
||||
print "Encrypted PL: " . $message . "<br>";
|
||||
$result = sodium_base642bin($message, SODIUM_BASE64_VARIANT_ORIGINAL);
|
||||
$decrypted = sodium_crypto_box_seal_open($result, CreateKey::hex2bin($key_pair));
|
||||
print "Decrypted PL: " . $decrypted . "<br>";
|
||||
|
||||
$encrypted = AsymmetricAnonymousEncryption::encryptKey($string, $public_key);
|
||||
print "Encrypted ST: " . $encrypted . "<br>";
|
||||
$decrypted = AsymmetricAnonymousEncryption::decryptKey($encrypted, $key_pair);
|
||||
print "Decrypted ST: " . $decrypted . "<br>";
|
||||
|
||||
$aa_crypt = new AsymmetricAnonymousEncryption($key_pair, $public_key);
|
||||
$encrypted = $aa_crypt->encrypt($string);
|
||||
print "Encrypted: " . $encrypted . "<br>";
|
||||
$decrypted = $aa_crypt->decrypt($encrypted);
|
||||
print "Decrypted: " . $decrypted . "<br>";
|
||||
|
||||
print "Base64 encode: " . base64_encode('Some text here') . "<Br>";
|
||||
|
||||
/// this has to fail
|
||||
$crypt = new AsymmetricAnonymousEncryption();
|
||||
$crypt->setPublicKey(CreateKey::getPublicKey(CreateKey::createKeyPair()));
|
||||
print "Public Key: " . $crypt->getPublicKey() . "<br>";
|
||||
try {
|
||||
$crypt->setPublicKey(CreateKey::createKeyPair());
|
||||
} catch (RangeException $e) {
|
||||
print "Invalid range: <pre>$e</pre>";
|
||||
}
|
||||
try {
|
||||
$crypt->setKeyPair(CreateKey::getPublicKey(CreateKey::createKeyPair()));
|
||||
} catch (RangeException $e) {
|
||||
print "Invalid range: <pre>$e</pre>";
|
||||
}
|
||||
|
||||
print "</body></html>";
|
||||
|
||||
// __END__
|
||||
|
||||
@@ -70,7 +70,8 @@ class AsymmetricAnonymousEncryption
|
||||
// new if no instsance or key is different
|
||||
if (
|
||||
empty(self::$instance) ||
|
||||
self::$instance->key_pair != $key_pair
|
||||
self::$instance->key_pair != $key_pair ||
|
||||
self::$instance->public_key != $public_key
|
||||
) {
|
||||
self::$instance = new self($key_pair, $public_key);
|
||||
}
|
||||
@@ -100,7 +101,7 @@ class AsymmetricAnonymousEncryption
|
||||
$zero ^ $this->key_pair
|
||||
);
|
||||
unset($zero);
|
||||
unset($this->key_pair);
|
||||
unset($this->key_pair); /** @phan-suppress-current-line PhanTypeObjectUnsetDeclaredProperty */
|
||||
}
|
||||
|
||||
/* ************************************************************************
|
||||
@@ -112,6 +113,9 @@ class AsymmetricAnonymousEncryption
|
||||
*
|
||||
* @param ?string $key_pair
|
||||
* @return string
|
||||
* @throws \UnexpectedValueException key pair empty
|
||||
* @throws \UnexpectedValueException invalid hex key pair
|
||||
* @throws \UnexpectedValueException key pair not correct size
|
||||
*/
|
||||
private function createKeyPair(
|
||||
#[\SensitiveParameter]
|
||||
@@ -141,6 +145,9 @@ class AsymmetricAnonymousEncryption
|
||||
*
|
||||
* @param ?string $public_key
|
||||
* @return string
|
||||
* @throws \UnexpectedValueException public key empty
|
||||
* @throws \UnexpectedValueException invalid hex key
|
||||
* @throws \UnexpectedValueException invalid key length
|
||||
*/
|
||||
private function createPublicKey(?string $public_key): string
|
||||
{
|
||||
@@ -169,6 +176,8 @@ class AsymmetricAnonymousEncryption
|
||||
* @param string $message
|
||||
* @param ?string $public_key
|
||||
* @return string
|
||||
* @throws \UnexpectedValueException create encryption failed
|
||||
* @throws \UnexpectedValueException convert to base64 failed
|
||||
*/
|
||||
private function asymmetricEncryption(
|
||||
#[\SensitiveParameter]
|
||||
@@ -199,6 +208,10 @@ class AsymmetricAnonymousEncryption
|
||||
* @param string $message
|
||||
* @param ?string $key_pair
|
||||
* @return string
|
||||
* @throws \UnexpectedValueException message string empty
|
||||
* @throws \UnexpectedValueException base64 decoding failed
|
||||
* @throws \UnexpectedValueException decryption failed
|
||||
* @throws \UnexpectedValueException could not decrypt message
|
||||
*/
|
||||
private function asymmetricDecryption(
|
||||
#[\SensitiveParameter]
|
||||
@@ -207,7 +220,7 @@ class AsymmetricAnonymousEncryption
|
||||
?string $key_pair
|
||||
): string {
|
||||
if (empty($message)) {
|
||||
throw new \UnexpectedValueException('Message string cannot be empty');
|
||||
throw new \UnexpectedValueException('Encrypted string cannot be empty');
|
||||
}
|
||||
$key_pair = $this->createKeyPair($key_pair);
|
||||
try {
|
||||
@@ -224,14 +237,14 @@ class AsymmetricAnonymousEncryption
|
||||
} catch (SodiumException $e) {
|
||||
sodium_memzero($message);
|
||||
sodium_memzero($key_pair);
|
||||
sodium_memzero($result);
|
||||
throw new \UnexpectedValueException("Decrypting message failed: " . $e->getMessage());
|
||||
}
|
||||
if (!is_string($plaintext)) {
|
||||
sodium_memzero($key_pair);
|
||||
throw new \UnexpectedValueException('Could not decrypt message');
|
||||
}
|
||||
sodium_memzero($result);
|
||||
sodium_memzero($key_pair);
|
||||
sodium_memzero($result);
|
||||
if (!is_string($plaintext)) {
|
||||
throw new \UnexpectedValueException('Invalid key pair');
|
||||
}
|
||||
return $plaintext;
|
||||
}
|
||||
|
||||
@@ -244,6 +257,7 @@ class AsymmetricAnonymousEncryption
|
||||
*
|
||||
* @param string $key_pair Key pair in hex
|
||||
* @return void
|
||||
* @throws \UnexpectedValueException key pair empty
|
||||
*/
|
||||
public function setKeyPair(
|
||||
#[\SensitiveParameter]
|
||||
@@ -252,8 +266,17 @@ class AsymmetricAnonymousEncryption
|
||||
if (empty($key_pair)) {
|
||||
throw new \UnexpectedValueException('Key pair cannot be empty');
|
||||
}
|
||||
// check if valid;
|
||||
$this->createKeyPair($key_pair);
|
||||
// set new key pair
|
||||
$this->key_pair = $key_pair;
|
||||
sodium_memzero($key_pair);
|
||||
// set public key if not set
|
||||
if (empty($this->public_key)) {
|
||||
$this->public_key = CreateKey::getPublicKey($this->key_pair);
|
||||
// check if valid
|
||||
$this->createPublicKey($this->public_key);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -286,12 +309,15 @@ class AsymmetricAnonymousEncryption
|
||||
*
|
||||
* @param string $public_key Public Key in hex
|
||||
* @return void
|
||||
* @throws \UnexpectedValueException public key empty
|
||||
*/
|
||||
public function setPublicKey(string $public_key)
|
||||
{
|
||||
if (empty($public_key)) {
|
||||
throw new \UnexpectedValueException('Public key cannot be empty');
|
||||
}
|
||||
// check if valid
|
||||
$this->createPublicKey($public_key);
|
||||
$this->public_key = $public_key;
|
||||
sodium_memzero($public_key);
|
||||
}
|
||||
|
||||
@@ -85,7 +85,7 @@ class SymmetricEncryption
|
||||
$zero ^ $this->key
|
||||
);
|
||||
unset($zero);
|
||||
unset($this->key);
|
||||
unset($this->key); /** @phan-suppress-current-line PhanTypeObjectUnsetDeclaredProperty */
|
||||
}
|
||||
|
||||
/* ************************************************************************
|
||||
|
||||
Reference in New Issue
Block a user