/**
* Unseals the given envelope.
*
* @param string $envelope The envelope to unseal.
* @param string $envelopeKey The envelope hash key.
* @param string $cipherMethod The cipher method used to seal the message.
* @param string $iv The optional initialization vector for some cipher methods.
* @return string The unsealed message.
* @since 0.3
*/
public function unseal(string $envelope, string $envelopeKey, string $cipherMethod = null, string $iv = '') : string
{
OpenSSL::resetErrors();
$paddedIV = InitVector::pad($iv);
if (@openssl_open($envelope, $message, $envelopeKey, $this->resource, $cipherMethod, $paddedIV) === false) {
// @codeCoverageIgnoreStart
throw new OpenSSLException(OpenSSL::getErrors(), 'Could not unseal envelope.');
// @codeCoverageIgnoreEnd
}
return $message;
}
/**
* Seals the given message in an encrypted envelope that can only be decrypted by the private key matching the public key.
*
* @param string $message The message to be sealed.
* @param string $cipherMethod The cipher method to use from CipherMethod.
* @param string $iv The optional initialization vector for some cipher methods.
* @return array Returns an array containing the envelope along other information like the key and method used.
* 0 => [string] envelope
* 1 => [string] envelope key
* 2 => [string] cipher method used
* @since 0.3
*/
public function seal(string $message, string $cipherMethod = CipherMethod::RC4, string $iv = '') : array
{
OpenSSL::resetErrors();
if (!CipherMethod::isAvailable($cipherMethod)) {
throw new CipherMethodNotAvailableException($cipherMethod, 'The given cipher method is not available in the current platform stack.');
}
$paddedIV = InitVector::pad($iv);
if (@openssl_seal($message, $envelope, $envelopeKeys, [$this->resource], $cipherMethod, $paddedIV) === false) {
// @codeCoverageIgnoreStart
throw new OpenSSLException(OpenSSL::getErrors(), 'Could not seal message.');
// @codeCoverageIgnoreEnd
}
return [$envelope, $envelopeKeys[0], $cipherMethod];
}
