diff --git a/lib/PKCS8/EncryptedPrivateKeyInfo.php b/lib/PKCS8/EncryptedPrivateKeyInfo.php index d2fb02b..e220e61 100644 --- a/lib/PKCS8/EncryptedPrivateKeyInfo.php +++ b/lib/PKCS8/EncryptedPrivateKeyInfo.php @@ -144,11 +144,11 @@ public function toPEM() * Decrypt PrivateKeyInfo from the encrypted data using password based * encryption. * - * @param string $password - * @param Crypto $crypto + * @param string $password Password + * @param Crypto|null $crypto Crypto engine, use default if not set * @return PrivateKeyInfo */ - public function decryptWithPassword($password, Crypto $crypto) + public function decryptWithPassword($password, Crypto $crypto = null) { $ai = $this->_algo; if (!($ai instanceof PBEAlgorithmIdentifier)) { @@ -173,11 +173,11 @@ public function decryptWithPassword($password, Crypto $crypto) * @param PrivateKeyInfo $pki Private key info * @param PBEAlgorithmIdentifier $algo Encryption algorithm * @param string $password Password - * @param Crypto $crypto + * @param Crypto|null $crypto Crypto engine, use default if not set * @return self */ public static function encryptWithPassword(PrivateKeyInfo $pki, - PBEAlgorithmIdentifier $algo, $password, Crypto $crypto) + PBEAlgorithmIdentifier $algo, $password, Crypto $crypto = null) { $scheme = PBEScheme::fromAlgorithmIdentifier($algo, $crypto); $ciphertext = $scheme->encrypt($pki->toDER(), $password); @@ -191,11 +191,11 @@ public static function encryptWithPassword(PrivateKeyInfo $pki, * @param PrivateKeyInfo $pki Private key info * @param PBEAlgorithmIdentifier $algo Encryption algorithm * @param string $key Key derived from a password - * @param Crypto $crypto + * @param Crypto|null $crypto Crypto engine, use default if not set * @return self */ public static function encryptWithDerivedKey(PrivateKeyInfo $pki, - PBEAlgorithmIdentifier $algo, $key, Crypto $crypto) + PBEAlgorithmIdentifier $algo, $key, Crypto $crypto = null) { $scheme = PBEScheme::fromAlgorithmIdentifier($algo, $crypto); $ciphertext = $scheme->encryptWithKey($pki->toDER(), $key); diff --git a/test/unit/EncryptedPrivateKeyInfoTest.php b/test/unit/EncryptedPrivateKeyInfoTest.php index 5a4c22f..e6ce245 100644 --- a/test/unit/EncryptedPrivateKeyInfoTest.php +++ b/test/unit/EncryptedPrivateKeyInfoTest.php @@ -2,7 +2,6 @@ use ASN1\Type\Constructed\Sequence; use ASN1\Type\Primitive\ObjectIdentifier; use ASN1\Type\Primitive\OctetString; -use Sop\CryptoBridge\Crypto; use Sop\CryptoEncoding\PEM; use Sop\CryptoTypes\AlgorithmIdentifier\GenericAlgorithmIdentifier; use Sop\CryptoTypes\AlgorithmIdentifier\Cipher\AES256CBCAlgorithmIdentifier; @@ -72,7 +71,7 @@ public function testCreate(EncryptedPrivateKeyInfo $refkey) $pki = PrivateKeyInfo::fromPEM(self::$_pem_pk); $algo = new PBEWithSHA1AndRC2CBCAlgorithmIdentifier($salt, $count); $epki = EncryptedPrivateKeyInfo::encryptWithPassword($pki, $algo, - self::PASSWORD, Crypto::getDefault()); + self::PASSWORD); $this->assertInstanceOf(EncryptedPrivateKeyInfo::class, $epki); return $epki; } @@ -108,7 +107,7 @@ public function testEncryptedData(EncryptedPrivateKeyInfo $epki) */ public function testDecrypt(EncryptedPrivateKeyInfo $epki) { - $pki = $epki->decryptWithPassword(self::PASSWORD, Crypto::getDefault()); + $pki = $epki->decryptWithPassword(self::PASSWORD); $this->assertInstanceOf(PrivateKeyInfo::class, $pki); return $pki; } @@ -121,7 +120,7 @@ public function testDecrypt(EncryptedPrivateKeyInfo $epki) */ public function testDecryptFail(EncryptedPrivateKeyInfo $epki) { - $epki->decryptWithPassword("nope", Crypto::getDefault()); + $epki->decryptWithPassword("nope"); } /** @@ -137,7 +136,7 @@ public function testDecryptInvalidAlgo(EncryptedPrivateKeyInfo $epki) $prop = $refl->getProperty("_algo"); $prop->setAccessible(true); $prop->setValue($epki, new GenericAlgorithmIdentifier("1.3.6.1.3")); - $epki->decryptWithPassword("nope", Crypto::getDefault()); + $epki->decryptWithPassword("nope"); } /** @@ -190,7 +189,7 @@ public function testCreateV2(EncryptedPrivateKeyInfo $refkey) new PBKDF2AlgorithmIdentifier($salt, $count), new DESEDE3CBCAlgorithmIdentifier($iv)); $epki = EncryptedPrivateKeyInfo::encryptWithPassword($pki, $algo, - self::PASSWORD, Crypto::getDefault()); + self::PASSWORD); $this->assertInstanceOf(EncryptedPrivateKeyInfo::class, $epki); return $epki; } @@ -215,7 +214,7 @@ public function testV2EqualsToRef(EncryptedPrivateKeyInfo $ref, */ public function testDecryptV2(EncryptedPrivateKeyInfo $epki) { - $pki = $epki->decryptWithPassword(self::PASSWORD, Crypto::getDefault()); + $pki = $epki->decryptWithPassword(self::PASSWORD); $this->assertInstanceOf(PrivateKeyInfo::class, $pki); return $pki; } @@ -236,12 +235,11 @@ public function testEncryptWithKey(EncryptedPrivateKeyInfo $refkey) $algo = new PBES2AlgorithmIdentifier( new PBKDF2AlgorithmIdentifier($salt, $count), new DESEDE3CBCAlgorithmIdentifier($iv)); - $scheme = PBEScheme::fromAlgorithmIdentifier($algo, Crypto::getDefault()); + $scheme = PBEScheme::fromAlgorithmIdentifier($algo); $key = $scheme->kdf()->derive(self::PASSWORD, $salt, $count, $algo->esAlgorithmIdentifier() ->keySize()); - $epki = EncryptedPrivateKeyInfo::encryptWithDerivedKey($pki, $algo, $key, - Crypto::getDefault()); + $epki = EncryptedPrivateKeyInfo::encryptWithDerivedKey($pki, $algo, $key); $this->assertEquals($refkey->toDER(), $epki->toDER()); } @@ -274,7 +272,7 @@ public function testCreateV2AES(EncryptedPrivateKeyInfo $refkey) new PBKDF2AlgorithmIdentifier($salt, $count, null, $prf_algo), new AES256CBCAlgorithmIdentifier($iv)); $epki = EncryptedPrivateKeyInfo::encryptWithPassword($pki, $algo, - self::PASSWORD, Crypto::getDefault()); + self::PASSWORD); $this->assertInstanceOf(EncryptedPrivateKeyInfo::class, $epki); return $epki; } @@ -299,7 +297,7 @@ public function testV2AESEqualsToRef(EncryptedPrivateKeyInfo $ref, */ public function testDecryptV2AES(EncryptedPrivateKeyInfo $epki) { - $pki = $epki->decryptWithPassword(self::PASSWORD, Crypto::getDefault()); + $pki = $epki->decryptWithPassword(self::PASSWORD); $this->assertInstanceOf(PrivateKeyInfo::class, $pki); return $pki; }