/** * Tests the serialization and de-serialization of an EncryptedFile object */ public function testSerializiation() { // Test whether serialization doesn't return empty $serialized = serialize($this->file); $this->assertNotEmpty($serialized); // Test whether serialization returned the proper object $file = unserialize($serialized); $this->assertInstanceOf(EncryptedFile::class, $file); // Test whether the objects are the same $this->assertEquals($this->file->getIv(), $file->getIv()); $this->assertEquals($this->file->getChecksum(), $file->getChecksum()); $this->assertEquals($this->file->getPadding(), $file->getPadding()); $this->assertEquals($this->file->getFile(), $file->getFile()); // Test whether the file property is still an instance of SplFileInfo $this->assertInstanceOf(\SplFileInfo::class, $file->getFile()); }
/** * Decrypts the source file to a target file. The checksum is an optional parameter * that can be used to verify integrity of the file some ciphers offer no integrity check of their own. * * It's an optional parameter but be warned, the file may have been tampered with by an attacker. * * @param EncryptedFile $encryptedFile * @param string $target * @return string Path to the target file * @throws DecryptException */ public function decrypt(EncryptedFile $encryptedFile, $target) { // Get the path to the source file $source = $encryptedFile->getFile()->getRealPath(); try { $this->decryptFile($source, $target, $encryptedFile->getIv(), $encryptedFile->getPadding()); } catch (DecryptException $e) { // Cascade Decrypt exceptions throw $e; } catch (\Exception $e) { // "wrap" other exceptions and add them to the previous stack throw new DecryptException('Unable to decrypt file', 0, $e); } // Verify the integrity of the decrypted file checking the checksum against the checksum of the original source file if (!$this->verifyChecksum($target, $encryptedFile->getChecksum())) { unlink($target); throw new DecryptException('Invalid checksum on decrypted file'); } return $target; }