4

Currently I have a code base that uses openssl_public_encrypt/openssl_private_decrypt. Now I would like to test my encryption and decryption methods with a unit test, since these are pretty vital.

To really test them I think I would like to simply mock the private and public keys. Is this viable and how would I go about mocking these keys without putting any sensitive information in my code base?

Of course I could circumvent the openssl public/private part and mock the outcome of that but this logic also throws some exceptions, etc. which I would like to test.

jww
  • 97,681
  • 90
  • 411
  • 885
Stephan-v
  • 19,255
  • 31
  • 115
  • 201
  • 1
    It's not quite clear from your description what do you want to test and what is the problem. Generate a new private/public key pair and use it for testing (and put it into the repository as well). As long as they are not used for authentication on a real system they are not sensitive information. – axiac Jan 23 '17 at 09:41

1 Answers1

2

If you have PHP's OpenSSL extension installed and enabled then you can generate your public/private key pair with OpenSSL Functions:

openssl_pkey_new, for the private key with:

$private_key = openssl_pkey_new([
    'digest_alg' => 'sha256',
    'private_key_bits' => 1024,
    'private_key_type' => OPENSSL_KEYTYPE_RSA
]);

Then pass the private key to openssl_pkey_get_details to get details about the key including the public key:

$details = openssl_pkey_get_details($private_key);
$public_key = $details['key'];
grim
  • 6,669
  • 11
  • 38
  • 57