/**
* Tests the serialization and de-serialization of an EncryptedFile object
*/
public function testSerializiation()
{
// Test whether serialization doesn't return empty
$serialized = serialize($this->file);
$this->assertNotEmpty($serialized);
// Test whether serialization returned the proper object
$file = unserialize($serialized);
$this->assertInstanceOf(EncryptedFile::class, $file);
// Test whether the objects are the same
$this->assertEquals($this->file->getIv(), $file->getIv());
$this->assertEquals($this->file->getChecksum(), $file->getChecksum());
$this->assertEquals($this->file->getPadding(), $file->getPadding());
$this->assertEquals($this->file->getFile(), $file->getFile());
// Test whether the file property is still an instance of SplFileInfo
$this->assertInstanceOf(\SplFileInfo::class, $file->getFile());
}
/**
* Decrypts the source file to a target file. The checksum is an optional parameter
* that can be used to verify integrity of the file some ciphers offer no integrity check of their own.
*
* It's an optional parameter but be warned, the file may have been tampered with by an attacker.
*
* @param EncryptedFile $encryptedFile
* @param string $target
* @return string Path to the target file
* @throws DecryptException
*/
public function decrypt(EncryptedFile $encryptedFile, $target)
{
// Get the path to the source file
$source = $encryptedFile->getFile()->getRealPath();
try {
$this->decryptFile($source, $target, $encryptedFile->getIv(), $encryptedFile->getPadding());
} catch (DecryptException $e) {
// Cascade Decrypt exceptions
throw $e;
} catch (\Exception $e) {
// "wrap" other exceptions and add them to the previous stack
throw new DecryptException('Unable to decrypt file', 0, $e);
}
// Verify the integrity of the decrypted file checking the checksum against the checksum of the original source file
if (!$this->verifyChecksum($target, $encryptedFile->getChecksum())) {
unlink($target);
throw new DecryptException('Invalid checksum on decrypted file');
}
return $target;
}
