public function testEncryptFail() { \touch(__DIR__ . '/tmp/paragon_avatar.encrypt_fail.png'); \chmod(__DIR__ . '/tmp/paragon_avatar.encrypt_fail.png', 0777); \touch(__DIR__ . '/tmp/paragon_avatar.decrypt_fail.png'); \chmod(__DIR__ . '/tmp/paragon_avatar.decrypt_fail.png', 0777); $key = new EncryptionKey(\str_repeat('B', 32)); File::encrypt(__DIR__ . '/tmp/paragon_avatar.png', __DIR__ . '/tmp/paragon_avatar.encrypt_fail.png', $key); $fp = \fopen(__DIR__ . '/tmp/paragon_avatar.encrypt_fail.png', 'ab'); \fwrite($fp, \Sodium\randombytes_buf(1)); fclose($fp); try { File::decrypt(__DIR__ . '/tmp/paragon_avatar.encrypt_fail.png', __DIR__ . '/tmp/paragon_avatar.decrypt_fail.png', $key); $this->fail('Possible authentication bypass in File::decrypt()!'); } catch (CryptoException\InvalidMessage $e) { $this->assertTrue($e instanceof CryptoException\InvalidMessage); } }
/** * @covers File::encrypt() * @covers File::decrypt() */ public function testEncryptFail() { \touch(__DIR__ . '/tmp/paragon_avatar.encrypt_fail.png'); \chmod(__DIR__ . '/tmp/paragon_avatar.encrypt_fail.png', 0777); \touch(__DIR__ . '/tmp/paragon_avatar.decrypt_fail.png'); \chmod(__DIR__ . '/tmp/paragon_avatar.decrypt_fail.png', 0777); $key = new EncryptionKey(new HiddenString(\str_repeat('B', 32))); File::encrypt(__DIR__ . '/tmp/paragon_avatar.png', __DIR__ . '/tmp/paragon_avatar.encrypt_fail.png', $key); $fp = \fopen(__DIR__ . '/tmp/paragon_avatar.encrypt_fail.png', 'ab'); \fwrite($fp, \Sodium\randombytes_buf(1)); fclose($fp); try { File::decrypt(__DIR__ . '/tmp/paragon_avatar.encrypt_fail.png', __DIR__ . '/tmp/paragon_avatar.decrypt_fail.png', $key); $this->fail('This should have thrown an InvalidMessage exception!'); } catch (CryptoException\InvalidMessage $e) { $this->assertTrue($e instanceof CryptoException\InvalidMessage); \unlink(__DIR__ . '/tmp/paragon_avatar.encrypt_fail.png'); \unlink(__DIR__ . '/tmp/paragon_avatar.decrypt_fail.png'); } }