Decrypt a file using anonymous public-key encryption. Ciphertext
integrity is still assured thanks to the Encrypt-then-MAC construction.
public static unseal ( string | resource $input, string | resource $output, EncryptionSecretKey $secretKey ) : boolean | ||
$input | string | resource | File name or file handle |
$output | string | resource | File name or file handle |
$secretKey | EncryptionSecretKey | Recipient's encryption secret key |
리턴 | boolean | TRUE on success |
public function testSealFail() { \touch(__DIR__ . '/tmp/paragon_avatar.seal_fail.png'); \chmod(__DIR__ . '/tmp/paragon_avatar.seal_fail.png', 0777); \touch(__DIR__ . '/tmp/paragon_avatar.open_fail.png'); \chmod(__DIR__ . '/tmp/paragon_avatar.open_fail.png', 0777); $keypair = KeyFactory::generateEncryptionKeyPair(); $secretkey = $keypair->getSecretKey(); $publickey = $keypair->getPublicKey(); File::seal(__DIR__ . '/tmp/paragon_avatar.png', __DIR__ . '/tmp/paragon_avatar.seal_fail.png', $publickey); $fp = \fopen(__DIR__ . '/tmp/paragon_avatar.seal_fail.png', 'ab'); \fwrite($fp, \Sodium\randombytes_buf(1)); fclose($fp); try { File::unseal(__DIR__ . '/tmp/paragon_avatar.seal_fail.png', __DIR__ . '/tmp/paragon_avatar.opened.png', $secretkey); $this->fail('Possible authentication bypass in File::unseal()!'); } catch (CryptoException\InvalidMessage $e) { $this->assertTrue($e instanceof CryptoException\InvalidMessage); } }
/** * @covers File::seal() * @covers File::unseal() */ public function testSealSmallFail() { $msg = 'File is too small to have been encrypted by Halite.'; $keypair = KeyFactory::generateEncryptionKeyPair(); $secretkey = $keypair->getSecretKey(); \file_put_contents(__DIR__ . '/tmp/empty.sealed.txt', ''); try { File::unseal(__DIR__ . '/tmp/empty.sealed.txt', __DIR__ . '/tmp/empty.unsealed.txt', $secretkey); $this->fail("This should scream bloody murder"); } catch (CryptoException\InvalidMessage $e) { $this->assertEquals($e->getMessage(), $msg); } \file_put_contents(__DIR__ . '/tmp/empty.sealed.txt', "1A" . \str_repeat("", 95)); try { File::unseal(__DIR__ . '/tmp/empty.sealed.txt', __DIR__ . '/tmp/empty.unsealed.txt', $secretkey); $this->fail("This should scream bloody murder"); } catch (CryptoException\InvalidMessage $e) { $this->assertEquals($e->getMessage(), $msg); } \unlink(__DIR__ . '/tmp/empty.sealed.txt'); \unlink(__DIR__ . '/tmp/empty.unsealed.txt'); }