diff --git a/src/Asymmetric/Crypto.php b/src/Asymmetric/Crypto.php index 7970cc7..68d5993 100644 --- a/src/Asymmetric/Crypto.php +++ b/src/Asymmetric/Crypto.php @@ -292,7 +292,10 @@ public static function sign( * @param mixed $encoding Which encoding scheme to use? * @return string * + * @throws CannotPerformOperation + * @throws InvalidDigestLength * @throws InvalidKey + * @throws InvalidMessage * @throws InvalidType * @throws \TypeError */ @@ -313,7 +316,8 @@ public static function signAndEncrypt( $plaintext = new HiddenString($signature . $message->getString()); \sodium_memzero($signature); - return self::seal($plaintext, $publicKey, $encoding); + $myEncKey = $secretKey->getEncryptionSecretKey(); + return self::encrypt($plaintext, $myEncKey, $publicKey, $encoding); } /** @@ -424,6 +428,8 @@ public static function verify( * @param mixed $encoding Which encoding scheme to use? * @return HiddenString * + * @throws CannotPerformOperation + * @throws InvalidDigestLength * @throws InvalidKey * @throws InvalidMessage * @throws InvalidSignature @@ -443,9 +449,10 @@ public static function verifyAndDecrypt( } else { throw new InvalidKey('An invalid key type was provided'); } - $unsealed = self::unseal($ciphertext, $secretKey, $encoding); - $signature = Binary::safeSubstr($unsealed->getString(), 0, SODIUM_CRYPTO_SIGN_BYTES); - $message = Binary::safeSubstr($unsealed->getString(), SODIUM_CRYPTO_SIGN_BYTES); + $senderEncKey = $senderPublicKey->getEncryptionPublicKey(); + $decrypted = self::decrypt($ciphertext, $secretKey, $senderEncKey, $encoding); + $signature = Binary::safeSubstr($decrypted->getString(), 0, SODIUM_CRYPTO_SIGN_BYTES); + $message = Binary::safeSubstr($decrypted->getString(), SODIUM_CRYPTO_SIGN_BYTES); if (!self::verify($message, $senderPublicKey, $signature, true)) { throw new InvalidSignature('Invalid signature for decrypted message'); } diff --git a/test/unit/AsymmetricTest.php b/test/unit/AsymmetricTest.php index 6990a70..6fd8c1a 100644 --- a/test/unit/AsymmetricTest.php +++ b/test/unit/AsymmetricTest.php @@ -358,6 +358,7 @@ public function testSignEncrypt() * @covers Asymmetric::verifyAndDecrypt() * * @throws CryptoException\CannotPerformOperation + * @throws CryptoException\InvalidDigestLength * @throws CryptoException\InvalidKey * @throws CryptoException\InvalidMessage * @throws CryptoException\InvalidType @@ -375,9 +376,17 @@ public function testSignEncryptFail() 'When I think of civil liberties I think of the founding principles of the country. ' . 'The freedoms that are in the First Amendment. But also the fundamental right to privacy.' ); - $sealed = Asymmetric::seal($junk, $bob->getPublicKey()); + $sealed = Asymmetric::encrypt( + $junk, + $alice->getSecretKey()->getEncryptionSecretKey(), + $bob->getPublicKey() + ); try { - $plaintext = Asymmetric::verifyAndDecrypt($sealed, $alice->getPublicKey(), $bob->getSecretKey()); + $plaintext = Asymmetric::verifyAndDecrypt( + $sealed, + $alice->getPublicKey(), + $bob->getSecretKey() + ); $this->fail('Invalid signature was accepted.'); } catch (CryptoException\InvalidSignature $ex) { $this->assertTrue(true); @@ -388,9 +397,9 @@ public function testSignEncryptFail() * @covers Asymmetric::sign() * @covers Asymmetric::verify() * - * @throws CryptoException\CannotPerformOperation * @throws CryptoException\InvalidSignature * @throws CryptoException\InvalidType + * @throws TypeError */ public function testSignFail() {