load encrypt password from env (#51)

Signed-off-by: rahul <[email protected]>

Author: rcsofttech85

src/FileEncryptor.php

@@ -3,27 +3,20 @@
 namespace Rcsofttech85\FileHandler;
 
 use Exception;
+use Rcsofttech85\FileHandler\DependencyInjection\ServiceContainer;
 use Rcsofttech85\FileHandler\Exception\FileEncryptorException;
 use Rcsofttech85\FileHandler\Exception\FileHandlerException;
 use Rcsofttech85\FileHandler\Validator\FileValidatorTrait;
-use SensitiveParameter;
 use SodiumException;
 
-readonly class FileEncryptor
+final class FileEncryptor
 {
     use FileValidatorTrait;
 
-    /**
-     * @param string $filename
-     * @param string $secret
-     *
-     * @throws FileHandlerException
-     */
-    public function __construct(
-        private string $filename,
-        #[SensitiveParameter] private string $secret
-    ) {
-        $this->validateFileName($filename);
+    public const ENCRYPT_PASSWORD = 'ENCRYPT_PASSWORD';
+
+    public function __construct(private ServiceContainer $serviceContainer)
+    {
     }
 
     /**
@@ -32,9 +25,10 @@ public function __construct(
      * @throws Exception
      *
      */
-    public function encryptFile(): bool
+    public function encryptFile(string $filename): bool
     {
-        $plainText = file_get_contents($this->filename);
+        $this->validateFileName($filename);
+        $plainText = file_get_contents($filename);
 
         if (!$plainText) {
             throw new FileEncryptorException('File has no content');
@@ -46,15 +40,18 @@ public function encryptFile(): bool
 
         $nonce = random_bytes(SODIUM_CRYPTO_SECRETBOX_NONCEBYTES);
 
+        $container = $this->serviceContainer->getContainerBuilder();
+
+        $secret = $this->getParam($container, self::ENCRYPT_PASSWORD);
 
-        $key = hash('sha256', $this->secret, true);
+        $key = hash('sha256', $secret, true);
 
 
         $ciphertext = sodium_crypto_secretbox($plainText, $nonce, $key);
 
         $output = bin2hex($nonce . $ciphertext);
 
-        $file = $this->openFileAndReturnResource($this->filename);
+        $file = $this->openFileAndReturnResource($filename);
 
         try {
             fwrite($file, $output);
@@ -71,9 +68,10 @@ public function encryptFile(): bool
      * @throws FileHandlerException
      * @throws SodiumException
      */
-    public function decryptFile(): bool
+    public function decryptFile(string $filename): bool
     {
-        $encryptedData = file_get_contents($this->filename);
+        $this->validateFileName($filename);
+        $encryptedData = file_get_contents($filename);
 
         if (!$encryptedData) {
             throw new FileEncryptorException('File has no content');
@@ -83,22 +81,27 @@ public function decryptFile(): bool
             throw new FileEncryptorException('file is not encrypted');
         }
 
+
         $bytes = $this->convertHexToBin($encryptedData);
 
         $nonce = substr($bytes, 0, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES);
         $ciphertext = substr($bytes, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES);
 
-        $key = hash('sha256', $this->secret, true);
+        $container = $this->serviceContainer->getContainerBuilder();
+
+        $secret = $this->getParam($container, self::ENCRYPT_PASSWORD);
+
+        $key = hash('sha256', $secret, true);
 
         $plaintext = sodium_crypto_secretbox_open($ciphertext, $nonce, $key);
+        $file = $this->openFileAndReturnResource($filename);
 
         if (!$plaintext) {
+            fwrite($file, $encryptedData);
             throw new FileEncryptorException('could not decrypt file');
         }
 
 
-        $file = $this->openFileAndReturnResource($this->filename);
-
         try {
             fwrite($file, $plaintext);
         } finally {

src/config/services.yaml

@@ -1,17 +1,14 @@
-parameters:
-  filename: 'movie.csv'
-  secret: 'password'
-
-
-
-
 services:
+  container:
+    class: 'Rcsofttech85\FileHandler\DependencyInjection\ServiceContainer'
+
   file_handler:
     class: 'Rcsofttech85\FileHandler\FileHandler'
 
   file_encryptor:
     class: 'Rcsofttech85\FileHandler\FileEncryptor'
-    arguments: [ '%filename%','%secret%' ]
+    arguments: [ '@container' ]
+
 
   temp_file_handler:
     class: 'Rcsofttech85\FileHandler\TempFileHandler'

tests/unit/FileEncryptorTest.php

@@ -5,6 +5,7 @@
 use Base\BaseTest;
 use PHPUnit\Framework\Attributes\Test;
 use Rcsofttech85\FileHandler\Exception\FileEncryptorException;
+use Rcsofttech85\FileHandler\Exception\FileHandlerException;
 use Rcsofttech85\FileHandler\FileEncryptor;
 use SodiumException;
 
@@ -29,28 +30,31 @@ protected function tearDown(): void
     /**
      * @return void
      * @throws FileEncryptorException
+     * @throws FileHandlerException
      * @throws SodiumException
      */
     #[Test]
     public function throwExceptionOnDecryptingNonEncryptedFile(): void
     {
         $this->expectException(FileEncryptorException::class);
         $this->expectExceptionMessage('file is not encrypted');
-        $this->fileEncryptor->decryptFile();
+        $this->fileEncryptor->decryptFile('movie.csv');
     }
 
+
     /**
      * @return void
      * @throws FileEncryptorException
      */
     #[Test]
     public function canEncryptFile(): void
     {
-        $isFileEncrypted = $this->fileEncryptor->encryptFile();
+        $isFileEncrypted = $this->fileEncryptor->encryptFile('movie.csv');
 
         $this->assertTrue($isFileEncrypted);
     }
 
+
     /**
      * @return void
      * @throws FileEncryptorException
@@ -60,9 +64,10 @@ public function throwExceptionIfAlreadyEncrypted(): void
     {
         $this->expectException(FileEncryptorException::class);
         $this->expectExceptionMessage('file is already encrypted');
-        $this->fileEncryptor->encryptFile();
+        $this->fileEncryptor->encryptFile('movie.csv');
     }
 
+
     /**
      * @return void
      * @throws FileEncryptorException
@@ -71,12 +76,12 @@ public function throwExceptionIfAlreadyEncrypted(): void
     public function throwExceptionIfFileHasNoContentWhileEncrypt(): void
     {
         file_put_contents("test", "");
-        $file = new FileEncryptor('test', 'pass');
         $this->expectException(FileEncryptorException::class);
         $this->expectExceptionMessage('File has no content');
-        $file->encryptFile();
+        $this->fileEncryptor->encryptFile('test');
     }
 
+
     #[Test]
     public function throwExceptionIfCouldNotConvertHexToBin(): void
     {
@@ -89,42 +94,55 @@ public function throwExceptionIfCouldNotConvertHexToBin(): void
      * @return void
      * @throws FileEncryptorException
      * @throws SodiumException
+     * @throws FileHandlerException
      */
     #[Test]
     public function throwExceptionIfFileHasNoContent(): void
     {
         file_put_contents("test", "");
-        $file = new FileEncryptor('test', 'pass');
         $this->expectException(FileEncryptorException::class);
         $this->expectExceptionMessage('File has no content');
-        $file->decryptFile();
+        $this->fileEncryptor->decryptFile('test');
     }
 
+
     /**
      * @return void
      * @throws FileEncryptorException
+     * @throws FileHandlerException
      * @throws SodiumException
      */
-
     #[Test]
     public function throwExceptionIfDecryptionFails(): void
     {
-        $fileEncryptor = new FileEncryptor('movie.csv', 'wrong');
-
-        $this->expectException(FileEncryptorException::class);
-        $this->expectExceptionMessage('could not decrypt file');
-        $fileEncryptor->decryptFile();
+        $filePath = '.env';
+        $originalContent = file_get_contents($filePath);
+        if (!$originalContent) {
+            $this->fail('file not found');
+        }
+        $password = $_ENV[FileEncryptor::ENCRYPT_PASSWORD];
+        $updatedContent = str_replace($password, 'pass', $originalContent);
+
+        file_put_contents($filePath, $updatedContent);
+        try {
+            $this->expectException(FileEncryptorException::class);
+            $this->expectExceptionMessage('could not decrypt file');
+            $this->fileEncryptor->decryptFile('movie.csv');
+        } finally {
+            file_put_contents($filePath, $originalContent);
+        }
     }
 
     /**
      * @return void
      * @throws FileEncryptorException
+     * @throws FileHandlerException
      * @throws SodiumException
      */
     #[Test]
     public function canDecryptFile(): void
     {
-        $isFileDecrypted = $this->fileEncryptor->decryptFile();
+        $isFileDecrypted = $this->fileEncryptor->decryptFile('movie.csv');
 
         $this->assertTrue($isFileDecrypted);
     }