Don't use seal, use encrypt.

paragonie · Jan 15, 2018 · 1dfc2a4 · 1dfc2a4
1 parent 9647486
commit 1dfc2a4
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 7 deletions.
diff --git a/src/Asymmetric/Crypto.php b/src/Asymmetric/Crypto.php
@@ -292,7 +292,10 @@ public static function sign(
      * @param mixed $encoding                 Which encoding scheme to use?
      * @return string
      *
+     * @throws CannotPerformOperation
+     * @throws InvalidDigestLength
      * @throws InvalidKey
+     * @throws InvalidMessage
      * @throws InvalidType
      * @throws \TypeError
      */
@@ -313,7 +316,8 @@ public static function signAndEncrypt(
         $plaintext = new HiddenString($signature . $message->getString());
         \sodium_memzero($signature);
 
-        return self::seal($plaintext, $publicKey, $encoding);
+        $myEncKey = $secretKey->getEncryptionSecretKey();
+        return self::encrypt($plaintext, $myEncKey, $publicKey, $encoding);
     }
 
     /**
@@ -424,6 +428,8 @@ public static function verify(
      * @param mixed $encoding                      Which encoding scheme to use?
      * @return HiddenString
      *
+     * @throws CannotPerformOperation
+     * @throws InvalidDigestLength
      * @throws InvalidKey
      * @throws InvalidMessage
      * @throws InvalidSignature
@@ -443,9 +449,10 @@ public static function verifyAndDecrypt(
         } else {
             throw new InvalidKey('An invalid key type was provided');
         }
-        $unsealed = self::unseal($ciphertext, $secretKey, $encoding);
-        $signature = Binary::safeSubstr($unsealed->getString(), 0, SODIUM_CRYPTO_SIGN_BYTES);
-        $message = Binary::safeSubstr($unsealed->getString(), SODIUM_CRYPTO_SIGN_BYTES);
+        $senderEncKey = $senderPublicKey->getEncryptionPublicKey();
+        $decrypted = self::decrypt($ciphertext, $secretKey, $senderEncKey, $encoding);
+        $signature = Binary::safeSubstr($decrypted->getString(), 0, SODIUM_CRYPTO_SIGN_BYTES);
+        $message = Binary::safeSubstr($decrypted->getString(), SODIUM_CRYPTO_SIGN_BYTES);
         if (!self::verify($message, $senderPublicKey, $signature, true)) {
             throw new InvalidSignature('Invalid signature for decrypted message');
         }

diff --git a/test/unit/AsymmetricTest.php b/test/unit/AsymmetricTest.php
@@ -358,6 +358,7 @@ public function testSignEncrypt()
      * @covers Asymmetric::verifyAndDecrypt()
      *
      * @throws CryptoException\CannotPerformOperation
+     * @throws CryptoException\InvalidDigestLength
      * @throws CryptoException\InvalidKey
      * @throws CryptoException\InvalidMessage
      * @throws CryptoException\InvalidType
@@ -375,9 +376,17 @@ public function testSignEncryptFail()
             'When I think of civil liberties I think of the founding principles of the country. ' .
             'The freedoms that are in the First Amendment. But also the fundamental right to privacy.'
         );
-        $sealed = Asymmetric::seal($junk, $bob->getPublicKey());
+        $sealed = Asymmetric::encrypt(
+            $junk,
+            $alice->getSecretKey()->getEncryptionSecretKey(),
+            $bob->getPublicKey()
+        );
         try {
-            $plaintext = Asymmetric::verifyAndDecrypt($sealed, $alice->getPublicKey(), $bob->getSecretKey());
+            $plaintext = Asymmetric::verifyAndDecrypt(
+                $sealed,
+                $alice->getPublicKey(),
+                $bob->getSecretKey()
+            );
             $this->fail('Invalid signature was accepted.');
         } catch (CryptoException\InvalidSignature $ex) {
             $this->assertTrue(true);
@@ -388,9 +397,9 @@ public function testSignEncryptFail()
      * @covers Asymmetric::sign()
      * @covers Asymmetric::verify()
      *
-     * @throws CryptoException\CannotPerformOperation
      * @throws CryptoException\InvalidSignature
      * @throws CryptoException\InvalidType
+     * @throws TypeError
      */
     public function testSignFail()
     {