Currently I have a code base that uses openssl_public_encrypt/openssl_private_decrypt. Now I would like to test my encryption and decryption methods with a unit test, since these are pretty vital.
To really test them I think I would like to simply mock the private and public keys. Is this viable and how would I go about mocking these keys without putting any sensitive information in my code base?
Of course I could circumvent the openssl public/private part and mock the outcome of that but this logic also throws some exceptions, etc. which I would like to test.
If you have PHP's OpenSSL extension installed and enabled then you can generate your public/private key pair with OpenSSL Functions:
openssl_pkey_new, for the private key with:
$private_key = openssl_pkey_new([
'digest_alg' => 'sha256',
'private_key_bits' => 1024,
'private_key_type' => OPENSSL_KEYTYPE_RSA
]);
Then pass the private key to openssl_pkey_get_details to get details about the key including the public key:
$details = openssl_pkey_get_details($private_key);
$public_key = $details['key'];