Merge pull request #25 from MayMeow/dev/fix-24

MayMeow · web-flow · commit a75caed81561 · 2025-06-01T16:30:35.000+02:00
Remove passhrase from RSAParameters
diff --git a/src/RSAParameters.php b/src/RSAParameters.php
@@ -8,7 +8,6 @@ class RSAParameters
 {
     private string $privateKey;
     private string $publicKey;
-    private ?string $passphrase = 'test_passphrase';
 
     protected array $config = [
         'digest_alg' => 'sha256',
@@ -27,13 +26,13 @@ public function __construct()
      * @param array|null $configArgs
      * @return $this
      */
-    public function generateKeys(?string $passphrase = null, ?array $configArgs = null): RSAParameters
+    public function generateKeys(string $passphrase, ?array $configArgs = null, string $salt = 'salt'): RSAParameters
     {
         $keys = openssl_pkey_new($this->config);
 
         if ($keys) {
             openssl_pkey_export($keys, $private);
-            $this->privateKey = $this->encryptPrivateKey(privateKey: $private);
+            $this->privateKey = $this->encryptPrivateKey(privateKey: $private, passphrase: $passphrase, salt: $salt);
 
             $pub = openssl_pkey_get_details($keys);
 
@@ -45,22 +44,22 @@ public function generateKeys(?string $passphrase = null, ?array $configArgs = nu
         return $this;
     }
 
-    private function encryptPrivateKey(string $privateKey, string $salt = 'salt'): string
+    private function encryptPrivateKey(string $passphrase, string $privateKey, string $salt): string
     {
         $aes = new AESCryptoServiceProvider();
         $aes->generateIV();
         $k = new CryptoKey();
-        $key = $k->getCryptographicKey($this->passphrase, $salt);
+        $key = $k->getCryptographicKey($passphrase, $salt);
         $aes->setKey($key);
 
         return $aes->encrypt($privateKey);
     }
 
-    private function decryptPrivateKey(string $privateKey, string $salt = 'salt'): string
+    private function decryptPrivateKey(string $passphrase, string $privateKey, string $salt): string
     {
         $aes = new AESCryptoServiceProvider();
         $k = new CryptoKey();
-        $key = $k->getCryptographicKey($this->passphrase, $salt);
+        $key = $k->getCryptographicKey($passphrase, $salt);
         $aes->setKey($key);
 
         return $aes->decrypt($privateKey);
@@ -72,11 +71,12 @@ private function decryptPrivateKey(string $privateKey, string $salt = 'salt'): s
      * @return string|\OpenSSLAsymmetricKey
      * @throws DecryptPrivateKeyException
      */
-    public function getPrivateKey(string $salt = 'salt', bool $encrypted = false): \OpenSSLAsymmetricKey|string
+    public function getPrivateKey(string $passphrase, string $salt = 'salt', bool $encrypted = false): \OpenSSLAsymmetricKey|string
     {
         if (!$encrypted) {
             return $this->decryptPrivateKey(
                 privateKey: $this->privateKey,
+                passphrase: $passphrase,
                 salt: $salt
             );
         }
@@ -90,9 +90,8 @@ public function getPrivateKey(string $salt = 'salt', bool $encrypted = false): \
      * @param string $privateKey
      * @param string $passphrase
      */
-    public function setPrivateKey(string $privateKey, string $passphrase, string $salt = 'salt'): void
+    public function setPrivateKey(string $privateKey): void
     {
-        $this->passphrase = $passphrase;
         $this->privateKey = $privateKey;
     }
 
@@ -116,29 +115,6 @@ public function setPublicKey(string $publicKey): void
         $this->publicKey = $publicKey;
     }
 
-    /**
-     * Returns passphrase for private key decryption
-     *
-     * @return string
-     */
-    public function getPassphrase(): ?string
-    {
-        return $this->passphrase;
-    }
-
-    /**
-     * Set passphrase for private key
-     *
-     * @param string $passphrase
-     * @return $this
-     */
-    public function setPassphrase(string $passphrase): RSAParameters
-    {
-        $this->passphrase = $passphrase;
-
-        return $this;
-    }
-
     /**
      * @return array
      */
diff --git a/src/Tools/RsaParametersWriter.php b/src/Tools/RsaParametersWriter.php
@@ -28,10 +28,14 @@ public function __construct(RSAParametersLocatorInterface $locator)
      * @param RSAParameters $RSAParameters
      * @throws \MayMeow\Cryptography\Exceptions\DecryptPrivateKeyException
      */
-    public function write(RSAParameters $RSAParameters): void
+    public function write(RSAParameters $RSAParameters, string $privateKeyPass, string $salt): void
     {
         file_put_contents($this->locator->locatePublicKey(), $RSAParameters->getPublicKey());
-        file_put_contents($this->locator->locatePrivateKey(), $RSAParameters->getPrivateKey(encrypted: true));
-        file_put_contents($this->locator->locatePassphrase(), $RSAParameters->getPassphrase());
+        file_put_contents($this->locator->locatePrivateKey(), $RSAParameters->getPrivateKey(
+            encrypted: true,
+            passphrase: $privateKeyPass,
+            salt: $salt
+        ));
+        file_put_contents($this->locator->locatePassphrase(), $privateKeyPass);
     }
 }
diff --git a/src/Tools/RsaParametersWriterInterface.php b/src/Tools/RsaParametersWriterInterface.php
@@ -9,5 +9,5 @@ interface RsaParametersWriterInterface
     /**
      * Write parameters to given location
      */
-    public function write(RSAParameters $RSAParameters): void;
+    public function write(RSAParameters $RSAParameters, string $privateKeyPass, string $salt): void;
 }
diff --git a/tests/RSACryptoServiceProviderTest.php b/tests/RSACryptoServiceProviderTest.php
@@ -9,34 +9,37 @@
 
 class RSACryptoServiceProviderTest extends TestCase
 {
+    protected string $salt = 'salt';
+    protected string $passphrase = 'passphrase';
+    
     /** @test */
     public function canEncryptAndDecryptText()
     {
         $plainText = "This is going to be encrypted!";
         $parameters = new RSAParameters();
-        $parameters->generateKeys("passphrase");
+        $parameters->generateKeys(passphrase: $this->passphrase, salt: $this->salt);
 
         $rsa = new RSACryptoServiceProvider();
         $rsa->setParameters($parameters);
         $encryptedTest = $rsa->encrypt($plainText);
 
-        $this->assertEquals($plainText, $rsa->decrypt($encryptedTest));
+        $this->assertEquals($plainText, $rsa->decrypt($encryptedTest, privateKeyPass: $this->passphrase, salt: $this->salt));
     }
 
     /** @test */
     public function canSealData()
     {
         $plainText = "This is going";
         $parameters = new RSAParameters();
-        $parameters->generateKeys("passphrase");
+        $parameters->generateKeys(passphrase: $this->passphrase, salt: $this->salt);
 
         $rsa = new RSACryptoServiceProvider();
         $rsa->setParameters($parameters);
 
         $aes = new AESCryptoServiceProvider();
 
         $sealed = $aes->seal($plainText, $parameters, humanReadableData: true);
-        $opened = $aes->open($sealed[1], $sealed[0], $parameters);
+        $opened = $aes->open($sealed[1], $sealed[0], $parameters, $this->passphrase, $this->salt);
 
         $this->assertEquals($plainText, $opened);
     }
diff --git a/tests/RSAParametersTest.php b/tests/RSAParametersTest.php
@@ -11,12 +11,14 @@
 
 class RSAParametersTest extends TestCase
 {
-
+    protected string $salt = 'salt';
+    protected string $passphrase = 'passphrase';
+    
     /** @test */
     public function canGenerateKeys() :void
     {
         $parameters = new RSAParameters();
-        $keys =  $parameters->generateKeys();
+        $keys =  $parameters->generateKeys(passphrase: $this->passphrase, salt: $this->salt);
 
         $this->assertInstanceOf(RSAParameters::class, $keys);
     }
@@ -25,11 +27,11 @@ public function canGenerateKeys() :void
     public function canExportKeysAndImportToFile() : void
     {
         $parameters = new RSAParameters();
-        $parameters->generateKeys();
+        $parameters->generateKeys(passphrase: $this->passphrase, salt: $this->salt);
         $locator = new TestingParametersLocator();
 
         $writer = new RsaParametersWriter($locator);
-        $writer->write($parameters);
+        $writer->write($parameters, privateKeyPass: $this->passphrase, salt: $this->salt);
 
         // Assert if exported files are on disk
         $this->assertTrue(file_exists($locator->locatePrivateKey()));
@@ -53,6 +55,6 @@ public function canExportKeysAndImportToFile() : void
         $csp2->setParameters($parameters2);
 
         // Check if imported parameters are same as parameters that was exported
-        $this->assertEquals($text, $csp2->decrypt($encryptedText));
+        $this->assertEquals($text, $csp2->decrypt($encryptedText, privateKeyPass: $this->passphrase, salt: $this->salt));
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -28,10 +28,14 @@ public function __construct(RSAParametersLocatorInterface $locator)`
`28`	`28`	`* @param RSAParameters $RSAParameters`
`29`	`29`	`* @throws \MayMeow\Cryptography\Exceptions\DecryptPrivateKeyException`
`30`	`30`	`*/`
`31`		`- public function write(RSAParameters $RSAParameters): void`
	`31`	`+ public function write(RSAParameters $RSAParameters, string $privateKeyPass, string $salt): void`
`32`	`32`	`{`
`33`	`33`	`file_put_contents($this->locator->locatePublicKey(), $RSAParameters->getPublicKey());`
`34`		`- file_put_contents($this->locator->locatePrivateKey(), $RSAParameters->getPrivateKey(encrypted: true));`
`35`		`- file_put_contents($this->locator->locatePassphrase(), $RSAParameters->getPassphrase());`
	`34`	`+ file_put_contents($this->locator->locatePrivateKey(), $RSAParameters->getPrivateKey(`
	`35`	`+ encrypted: true,`
	`36`	`+ passphrase: $privateKeyPass,`
	`37`	`+ salt: $salt`
	`38`	`+ ));`
	`39`	`+ file_put_contents($this->locator->locatePassphrase(), $privateKeyPass);`
`36`	`40`	`}`
`37`	`41`	`}`
Original file line number	Diff line number	Diff line change
`@@ -9,5 +9,5 @@ interface RsaParametersWriterInterface`
`9`	`9`	`/**`
`10`	`10`	`* Write parameters to given location`
`11`	`11`	`*/`
`12`		`- public function write(RSAParameters $RSAParameters): void;`
	`12`	`+ public function write(RSAParameters $RSAParameters, string $privateKeyPass, string $salt): void;`
`13`	`13`	`}`
Original file line number	Diff line number	Diff line change
`@@ -11,12 +11,14 @@`
`11`	`11`
`12`	`12`	`class RSAParametersTest extends TestCase`
`13`	`13`	`{`
`14`		`-`
	`14`	`+ protected string $salt = 'salt';`
	`15`	`+ protected string $passphrase = 'passphrase';`
	`16`	`+`
`15`	`17`	`/** @test */`
`16`	`18`	`public function canGenerateKeys() :void`
`17`	`19`	`{`
`18`	`20`	`$parameters = new RSAParameters();`
`19`		`- $keys = $parameters->generateKeys();`
	`21`	`+ $keys = $parameters->generateKeys(passphrase: $this->passphrase, salt: $this->salt);`
`20`	`22`
`21`	`23`	`$this->assertInstanceOf(RSAParameters::class, $keys);`
`22`	`24`	`}`
`@@ -25,11 +27,11 @@ public function canGenerateKeys() :void`
`25`	`27`	`public function canExportKeysAndImportToFile() : void`
`26`	`28`	`{`
`27`	`29`	`$parameters = new RSAParameters();`
`28`		`- $parameters->generateKeys();`
	`30`	`+ $parameters->generateKeys(passphrase: $this->passphrase, salt: $this->salt);`
`29`	`31`	`$locator = new TestingParametersLocator();`
`30`	`32`
`31`	`33`	`$writer = new RsaParametersWriter($locator);`
`32`		`- $writer->write($parameters);`
	`34`	`+ $writer->write($parameters, privateKeyPass: $this->passphrase, salt: $this->salt);`
`33`	`35`
`34`	`36`	`// Assert if exported files are on disk`
`35`	`37`	`$this->assertTrue(file_exists($locator->locatePrivateKey()));`
`@@ -53,6 +55,6 @@ public function canExportKeysAndImportToFile() : void`
`53`	`55`	`$csp2->setParameters($parameters2);`
`54`	`56`
`55`	`57`	`// Check if imported parameters are same as parameters that was exported`
`56`		`- $this->assertEquals($text, $csp2->decrypt($encryptedText));`
	`58`	`+ $this->assertEquals($text, $csp2->decrypt($encryptedText, privateKeyPass: $this->passphrase, salt: $this->salt));`
`57`	`59`	`}`
`58`	`60`	`}`