Properly handle resolution of sealing keys.

mcordingley · Jun 30, 2017 · 6a66477 · 6a66477
1 parent 3370b2b
commit 6a66477
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/src/Middleware/SealResponse.php b/src/Middleware/SealResponse.php
@@ -6,6 +6,7 @@
 use function GuzzleHttp\Psr7\stream_for;
 use Illuminate\Http\Request;
 use MCordingley\LaravelSapient\KeyResolver\Resolver;
+use ParagonIE\ConstantTime\Base64UrlSafe;
 use ParagonIE\Sapient\CryptographyKeys\SealingPublicKey;
 use ParagonIE\Sapient\Simple;
 use Symfony\Bridge\PsrHttpMessage\Factory\DiactorosFactory;
@@ -47,7 +48,7 @@ public function handle(Request $request, Closure $next): Response
         /** @var DiactorosResponse $psrResponse */
         $psrResponse = $this->psrFactory->createResponse($response);
 
-        $key = new SealingPublicKey($this->resolver->resolveKey());
+        $key = new SealingPublicKey(Base64UrlSafe::decode($this->resolver->resolveKey()));
         $cipherText = Simple::seal($psrResponse->getBody(), $key);
 
         $symfonyResponse = $this->symfonyFactory->createResponse($psrResponse->withBody(stream_for($cipherText)));

diff --git a/tests/Middleware/SealResponseTest.php b/tests/Middleware/SealResponseTest.php
@@ -6,6 +6,7 @@
 use Illuminate\Http\Response;
 use MCordingley\LaravelSapient\KeyResolver\StaticResolver;
 use MCordingley\LaravelSapient\Middleware\SealResponse;
+use ParagonIE\ConstantTime\Base64UrlSafe;
 use ParagonIE\Sapient\CryptographyKeys\SealingSecretKey;
 use ParagonIE\Sapient\Simple;
 
@@ -14,7 +15,7 @@ final class SealResponseTest extends TestCase
     public function testGoodKey()
     {
         $pair = sodium_crypto_box_keypair();
-        $public = sodium_crypto_box_publickey($pair);
+        $public = Base64UrlSafe::encode(sodium_crypto_box_publickey($pair));
         $private = new SealingSecretKey(sodium_crypto_box_secretkey($pair));
 
         $middleware = new SealResponse(new StaticResolver($public));