MayMeow · MayMeow · Jun 1, 2025 · Jun 1, 2025 · Jun 1, 2025 · Jun 1, 2025
@@ -8,7 +8,6 @@ class RSAParameters
 {
     private string $privateKey;
     private string $publicKey;
-    private ?string $passphrase = 'test_passphrase';
 
     protected array $config = [
         'digest_alg' => 'sha256',
@@ -27,13 +26,13 @@ public function __construct()
      * @param array|null $configArgs
      * @return $this
      */
-    public function generateKeys(?string $passphrase = null, ?array $configArgs = null): RSAParameters
+    public function generateKeys(string $passphrase, ?array $configArgs = null, string $salt = 'salt'): RSAParameters
     {
         $keys = openssl_pkey_new($this->config);
 
         if ($keys) {
             openssl_pkey_export($keys, $private);
-            $this->privateKey = $this->encryptPrivateKey(privateKey: $private);
+            $this->privateKey = $this->encryptPrivateKey(privateKey: $private, passphrase: $passphrase, salt: $salt);
 
             $pub = openssl_pkey_get_details($keys);
 
@@ -45,22 +44,22 @@ public function generateKeys(?string $passphrase = null, ?array $configArgs = nu
         return $this;
     }
 
-    private function encryptPrivateKey(string $privateKey, string $salt = 'salt'): string
+    private function encryptPrivateKey(string $passphrase, string $privateKey, string $salt): string
     {
         $aes = new AESCryptoServiceProvider();
         $aes->generateIV();
         $k = new CryptoKey();
-        $key = $k->getCryptographicKey($this->passphrase, $salt);
+        $key = $k->getCryptographicKey($passphrase, $salt);
         $aes->setKey($key);
 
         return $aes->encrypt($privateKey);
     }
 
-    private function decryptPrivateKey(string $privateKey, string $salt = 'salt'): string
+    private function decryptPrivateKey(string $passphrase, string $privateKey, string $salt): string
     {
         $aes = new AESCryptoServiceProvider();
         $k = new CryptoKey();
-        $key = $k->getCryptographicKey($this->passphrase, $salt);
+        $key = $k->getCryptographicKey($passphrase, $salt);
         $aes->setKey($key);
 
         return $aes->decrypt($privateKey);
@@ -72,11 +71,12 @@ private function decryptPrivateKey(string $privateKey, string $salt = 'salt'): s
      * @return string|\OpenSSLAsymmetricKey
      * @throws DecryptPrivateKeyException
      */
-    public function getPrivateKey(string $salt = 'salt', bool $encrypted = false): \OpenSSLAsymmetricKey|string
+    public function getPrivateKey(string $passphrase, string $salt = 'salt', bool $encrypted = false): \OpenSSLAsymmetricKey|string
     {
         if (!$encrypted) {
             return $this->decryptPrivateKey(
                 privateKey: $this->privateKey,
+                passphrase: $passphrase,
                 salt: $salt
             );
         }
@@ -90,9 +90,8 @@ public function getPrivateKey(string $salt = 'salt', bool $encrypted = false): \
      * @param string $privateKey
      * @param string $passphrase
      */
-    public function setPrivateKey(string $privateKey, string $passphrase, string $salt = 'salt'): void
+    public function setPrivateKey(string $privateKey): void
     {
-        $this->passphrase = $passphrase;
         $this->privateKey = $privateKey;
     }
 
@@ -116,29 +115,6 @@ public function setPublicKey(string $publicKey): void
         $this->publicKey = $publicKey;
     }
 
-    /**
-     * Returns passphrase for private key decryption
-     *
-     * @return string
-     */
-    public function getPassphrase(): ?string
-    {
-        return $this->passphrase;
-    }
-
-    /**
-     * Set passphrase for private key
-     *
-     * @param string $passphrase
-     * @return $this
-     */
-    public function setPassphrase(string $passphrase): RSAParameters
-    {
-        $this->passphrase = $passphrase;
-
-        return $this;
-    }
-
     /**
      * @return array
      */

@@ -28,10 +28,14 @@ public function __construct(RSAParametersLocatorInterface $locator)
      * @param RSAParameters $RSAParameters
      * @throws \MayMeow\Cryptography\Exceptions\DecryptPrivateKeyException
      */
-    public function write(RSAParameters $RSAParameters): void
+    public function write(RSAParameters $RSAParameters, string $privateKeyPass, string $salt): void
     {
         file_put_contents($this->locator->locatePublicKey(), $RSAParameters->getPublicKey());
-        file_put_contents($this->locator->locatePrivateKey(), $RSAParameters->getPrivateKey(encrypted: true));
-        file_put_contents($this->locator->locatePassphrase(), $RSAParameters->getPassphrase());
+        file_put_contents($this->locator->locatePrivateKey(), $RSAParameters->getPrivateKey(
+            encrypted: true,
+            passphrase: $privateKeyPass,
+            salt: $salt
+        ));
+        file_put_contents($this->locator->locatePassphrase(), $privateKeyPass);
     }
 }
@@ -9,5 +9,5 @@ interface RsaParametersWriterInterface
     /**
      * Write parameters to given location
      */
-    public function write(RSAParameters $RSAParameters): void;
+    public function write(RSAParameters $RSAParameters, string $privateKeyPass, string $salt): void;
 }
@@ -9,34 +9,37 @@
 
 class RSACryptoServiceProviderTest extends TestCase
 {
+    protected string $salt = 'salt';
+    protected string $passphrase = 'passphrase';
+
     /** @test */
     public function canEncryptAndDecryptText()
     {
         $plainText = "This is going to be encrypted!";
         $parameters = new RSAParameters();
-        $parameters->generateKeys("passphrase");
+        $parameters->generateKeys(passphrase: $this->passphrase, salt: $this->salt);
 
         $rsa = new RSACryptoServiceProvider();
         $rsa->setParameters($parameters);
         $encryptedTest = $rsa->encrypt($plainText);
 
-        $this->assertEquals($plainText, $rsa->decrypt($encryptedTest));
+        $this->assertEquals($plainText, $rsa->decrypt($encryptedTest, privateKeyPass: $this->passphrase, salt: $this->salt));
     }
 
     /** @test */
     public function canSealData()
     {
         $plainText = "This is going";
         $parameters = new RSAParameters();
-        $parameters->generateKeys("passphrase");
+        $parameters->generateKeys(passphrase: $this->passphrase, salt: $this->salt);
 
         $rsa = new RSACryptoServiceProvider();
         $rsa->setParameters($parameters);
 
         $aes = new AESCryptoServiceProvider();
 
         $sealed = $aes->seal($plainText, $parameters, humanReadableData: true);
-        $opened = $aes->open($sealed[1], $sealed[0], $parameters);
+        $opened = $aes->open($sealed[1], $sealed[0], $parameters, $this->passphrase, $this->salt);
 
         $this->assertEquals($plainText, $opened);
     }

@@ -11,12 +11,14 @@
 
 class RSAParametersTest extends TestCase
 {
-
+    protected string $salt = 'salt';
+    protected string $passphrase = 'passphrase';
+
     /** @test */
     public function canGenerateKeys() :void
     {
         $parameters = new RSAParameters();
-        $keys =  $parameters->generateKeys();
+        $keys =  $parameters->generateKeys(passphrase: $this->passphrase, salt: $this->salt);
 
         $this->assertInstanceOf(RSAParameters::class, $keys);
     }
@@ -25,11 +27,11 @@ public function canGenerateKeys() :void
     public function canExportKeysAndImportToFile() : void
     {
         $parameters = new RSAParameters();
-        $parameters->generateKeys();
+        $parameters->generateKeys(passphrase: $this->passphrase, salt: $this->salt);
         $locator = new TestingParametersLocator();
 
         $writer = new RsaParametersWriter($locator);
-        $writer->write($parameters);
+        $writer->write($parameters, privateKeyPass: $this->passphrase, salt: $this->salt);
 
         // Assert if exported files are on disk
         $this->assertTrue(file_exists($locator->locatePrivateKey()));
@@ -53,6 +55,6 @@ public function canExportKeysAndImportToFile() : void
         $csp2->setParameters($parameters2);
 
         // Check if imported parameters are same as parameters that was exported
-        $this->assertEquals($text, $csp2->decrypt($encryptedText));
+        $this->assertEquals($text, $csp2->decrypt($encryptedText, privateKeyPass: $this->passphrase, salt: $this->salt));
     }
 }