Merge pull request #2 from minvws/decrypt-key-fix

Trying keyfile during decryption, not during construction
minvws · Feb 3, 2022 · e83f031 · e83f031
2 parents 37b3d94 + 5fc3da5
commit e83f031
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 23 deletions.
diff --git a/src/Service/Cms/NativeService.php b/src/Service/Cms/NativeService.php
@@ -36,10 +36,6 @@ public function __construct(array $encryptionCertsPath, string $decryptionCertPa
         $this->encryptionCertsPath = $paths;
         $this->decryptionCertPath = "file://" . $decryptionCertPath;
         $this->decryptionCertKeyPath = "file://" . $decryptionCertKeyPath;
-
-        if (!is_readable($decryptionCertKeyPath)) {
-            throw CryptoException::cannotReadFile($decryptionCertKeyPath);
-        }
     }
 
     public function encrypt(string $plainText): string
@@ -93,6 +89,10 @@ public function decrypt(string $cipherText): string
     {
         $outFile = $inFile = null;
 
+        if (!is_readable($this->decryptionCertKeyPath)) {
+            throw CryptoException::cannotReadFile($this->decryptionCertKeyPath);
+        }
+
         try {
             $inFile = tmpfile();
             if (!is_resource($inFile)) {

diff --git a/src/Service/Cms/ProcessSpawnService.php b/src/Service/Cms/ProcessSpawnService.php
@@ -32,10 +32,6 @@ public function __construct(array $encryptionCertsPath, string $decryptionCertPa
         $this->encryptionCertsPath = $encryptionCertsPath;
         $this->decryptionCertPath = $decryptionCertPath;
         $this->decryptionCertKeyPath = $decryptionCertKeyPath;
-
-        if (!is_readable($decryptionCertKeyPath)) {
-            throw CryptoException::cannotReadFile($decryptionCertKeyPath);
-        }
     }
 
 
@@ -67,6 +63,10 @@ public function encrypt(string $plainText): string
      */
     public function decrypt(string $cipherText): string
     {
+        if (!is_readable($this->decryptionCertKeyPath)) {
+            throw CryptoException::cannotReadFile($this->decryptionCertKeyPath);
+        }
+
         $args = [
             'openssl', 'cms', '-decrypt', '-inform', 'PEM', '-inkey',
             $this->decryptionCertKeyPath, $this->decryptionCertPath

diff --git a/tests/Service/Signature/ServiceTest.php b/tests/Service/Signature/ServiceTest.php
@@ -52,17 +52,6 @@ public function testCorrectDetached(string $serviceType, string $serviceTypeOthe
         $this->assertFalse($serviceOther->verify($signedData));
     }
 
-    /**
-     * @dataProvider serviceTypeProvider
-     */
-    public function testAllPurpose(string $serviceType, string $serviceTypeOther): void
-    {
-        $data = json_decode(file_get_contents(__DIR__ . "/../../mockdata/mock-signature.json"), true);
-
-        $service = $this->getService($serviceType);
-        $this->assertTrue($service->verify($data['signature'], base64_decode($data['payload'])));
-    }
-
     private function getService(string $serviceType): SignatureCryptoInterface
     {
         $args = [