Rev 846 | Rev 1042 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 846 | Rev 874 | ||
---|---|---|---|
Line 43... | Line 43... | ||
43 | * rsaEncryption format? For stand-alone keys I figure rsaEncryption is better |
43 | * rsaEncryption format? For stand-alone keys I figure rsaEncryption is better |
44 | * because SSH doesn't use PSS and idk how many SSH servers would be able to |
44 | * because SSH doesn't use PSS and idk how many SSH servers would be able to |
45 | * decode an id-RSASSA-PSS key. For X.509 certificates the id-RSASSA-PSS |
45 | * decode an id-RSASSA-PSS key. For X.509 certificates the id-RSASSA-PSS |
46 | * format is used by default (unless you change it up to use PKCS1 instead) |
46 | * format is used by default (unless you change it up to use PKCS1 instead) |
47 | * |
47 | * |
- | 48 | * @category Crypt |
|
- | 49 | * @package RSA |
|
48 | * @author Jim Wigginton <terrafrost@php.net> |
50 | * @author Jim Wigginton <terrafrost@php.net> |
49 | * @copyright 2009 Jim Wigginton |
51 | * @copyright 2009 Jim Wigginton |
50 | * @license http://www.opensource.org/licenses/mit-license.html MIT License |
52 | * @license http://www.opensource.org/licenses/mit-license.html MIT License |
51 | * @link http://phpseclib.sourceforge.net |
53 | * @link http://phpseclib.sourceforge.net |
52 | */ |
54 | */ |
Line 62... | Line 64... | ||
62 | use phpseclib3\Math\BigInteger; |
64 | use phpseclib3\Math\BigInteger; |
63 | 65 | ||
64 | /** |
66 | /** |
65 | * Pure-PHP PKCS#1 compliant implementation of RSA. |
67 | * Pure-PHP PKCS#1 compliant implementation of RSA. |
66 | * |
68 | * |
- | 69 | * @package RSA |
|
67 | * @author Jim Wigginton <terrafrost@php.net> |
70 | * @author Jim Wigginton <terrafrost@php.net> |
- | 71 | * @access public |
|
68 | */ |
72 | */ |
69 | abstract class RSA extends AsymmetricKey |
73 | abstract class RSA extends AsymmetricKey |
70 | { |
74 | { |
71 | /** |
75 | /** |
72 | * Algorithm Name |
76 | * Algorithm Name |
73 | * |
77 | * |
74 | * @var string |
78 | * @var string |
- | 79 | * @access private |
|
75 | */ |
80 | */ |
76 | const ALGORITHM = 'RSA'; |
81 | const ALGORITHM = 'RSA'; |
77 | 82 | ||
78 | /** |
83 | /** |
79 | * Use {@link http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding Optimal Asymmetric Encryption Padding} |
84 | * Use {@link http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding Optimal Asymmetric Encryption Padding} |
Line 81... | Line 86... | ||
81 | * |
86 | * |
82 | * Uses sha256 by default |
87 | * Uses sha256 by default |
83 | * |
88 | * |
84 | * @see self::setHash() |
89 | * @see self::setHash() |
85 | * @see self::setMGFHash() |
90 | * @see self::setMGFHash() |
- | 91 | * @access public |
|
86 | * @see self::encrypt() |
92 | * @see self::encrypt() |
87 | * @see self::decrypt() |
93 | * @see self::decrypt() |
88 | */ |
94 | */ |
89 | const ENCRYPTION_OAEP = 1; |
95 | const ENCRYPTION_OAEP = 1; |
90 | 96 | ||
Line 92... | Line 98... | ||
92 | * Use PKCS#1 padding. |
98 | * Use PKCS#1 padding. |
93 | * |
99 | * |
94 | * Although self::PADDING_OAEP / self::PADDING_PSS offers more security, including PKCS#1 padding is necessary for purposes of backwards |
100 | * Although self::PADDING_OAEP / self::PADDING_PSS offers more security, including PKCS#1 padding is necessary for purposes of backwards |
95 | * compatibility with protocols (like SSH-1) written before OAEP's introduction. |
101 | * compatibility with protocols (like SSH-1) written before OAEP's introduction. |
96 | * |
102 | * |
- | 103 | * @access public |
|
97 | * @see self::encrypt() |
104 | * @see self::encrypt() |
98 | * @see self::decrypt() |
105 | * @see self::decrypt() |
99 | */ |
106 | */ |
100 | const ENCRYPTION_PKCS1 = 2; |
107 | const ENCRYPTION_PKCS1 = 2; |
101 | 108 | ||
Line 103... | Line 110... | ||
103 | * Do not use any padding |
110 | * Do not use any padding |
104 | * |
111 | * |
105 | * Although this method is not recommended it can none-the-less sometimes be useful if you're trying to decrypt some legacy |
112 | * Although this method is not recommended it can none-the-less sometimes be useful if you're trying to decrypt some legacy |
106 | * stuff, if you're trying to diagnose why an encrypted message isn't decrypting, etc. |
113 | * stuff, if you're trying to diagnose why an encrypted message isn't decrypting, etc. |
107 | * |
114 | * |
- | 115 | * @access public |
|
108 | * @see self::encrypt() |
116 | * @see self::encrypt() |
109 | * @see self::decrypt() |
117 | * @see self::decrypt() |
110 | */ |
118 | */ |
111 | const ENCRYPTION_NONE = 4; |
119 | const ENCRYPTION_NONE = 4; |
112 | 120 | ||
Line 119... | Line 127... | ||
119 | * @see self::setMGFHash() |
127 | * @see self::setMGFHash() |
120 | * @see self::setHash() |
128 | * @see self::setHash() |
121 | * @see self::sign() |
129 | * @see self::sign() |
122 | * @see self::verify() |
130 | * @see self::verify() |
123 | * @see self::setHash() |
131 | * @see self::setHash() |
- | 132 | * @access public |
|
124 | */ |
133 | */ |
125 | const SIGNATURE_PSS = 16; |
134 | const SIGNATURE_PSS = 16; |
126 | 135 | ||
127 | /** |
136 | /** |
128 | * Use a relaxed version of PKCS#1 padding for signature verification |
137 | * Use a relaxed version of PKCS#1 padding for signature verification |
129 | * |
138 | * |
130 | * @see self::sign() |
139 | * @see self::sign() |
131 | * @see self::verify() |
140 | * @see self::verify() |
132 | * @see self::setHash() |
141 | * @see self::setHash() |
- | 142 | * @access public |
|
133 | */ |
143 | */ |
134 | const SIGNATURE_RELAXED_PKCS1 = 32; |
144 | const SIGNATURE_RELAXED_PKCS1 = 32; |
135 | 145 | ||
136 | /** |
146 | /** |
137 | * Use PKCS#1 padding for signature verification |
147 | * Use PKCS#1 padding for signature verification |
138 | * |
148 | * |
139 | * @see self::sign() |
149 | * @see self::sign() |
140 | * @see self::verify() |
150 | * @see self::verify() |
141 | * @see self::setHash() |
151 | * @see self::setHash() |
- | 152 | * @access public |
|
142 | */ |
153 | */ |
143 | const SIGNATURE_PKCS1 = 64; |
154 | const SIGNATURE_PKCS1 = 64; |
144 | 155 | ||
145 | /** |
156 | /** |
146 | * Encryption padding mode |
157 | * Encryption padding mode |
147 | * |
158 | * |
148 | * @var int |
159 | * @var int |
- | 160 | * @access private |
|
149 | */ |
161 | */ |
150 | protected $encryptionPadding = self::ENCRYPTION_OAEP; |
162 | protected $encryptionPadding = self::ENCRYPTION_OAEP; |
151 | 163 | ||
152 | /** |
164 | /** |
153 | * Signature padding mode |
165 | * Signature padding mode |
154 | * |
166 | * |
155 | * @var int |
167 | * @var int |
- | 168 | * @access private |
|
156 | */ |
169 | */ |
157 | protected $signaturePadding = self::SIGNATURE_PSS; |
170 | protected $signaturePadding = self::SIGNATURE_PSS; |
158 | 171 | ||
159 | /** |
172 | /** |
160 | * Length of hash function output |
173 | * Length of hash function output |
161 | * |
174 | * |
162 | * @var int |
175 | * @var int |
- | 176 | * @access private |
|
163 | */ |
177 | */ |
164 | protected $hLen; |
178 | protected $hLen; |
165 | 179 | ||
166 | /** |
180 | /** |
167 | * Length of salt |
181 | * Length of salt |
168 | * |
182 | * |
169 | * @var int |
183 | * @var int |
- | 184 | * @access private |
|
170 | */ |
185 | */ |
171 | protected $sLen; |
186 | protected $sLen; |
172 | 187 | ||
173 | /** |
188 | /** |
174 | * Label |
189 | * Label |
175 | * |
190 | * |
176 | * @var string |
191 | * @var string |
- | 192 | * @access private |
|
177 | */ |
193 | */ |
178 | protected $label = ''; |
194 | protected $label = ''; |
179 | 195 | ||
180 | /** |
196 | /** |
181 | * Hash function for the Mask Generation Function |
197 | * Hash function for the Mask Generation Function |
182 | * |
198 | * |
183 | * @var \phpseclib3\Crypt\Hash |
199 | * @var \phpseclib3\Crypt\Hash |
- | 200 | * @access private |
|
184 | */ |
201 | */ |
185 | protected $mgfHash; |
202 | protected $mgfHash; |
186 | 203 | ||
187 | /** |
204 | /** |
188 | * Length of MGF hash function output |
205 | * Length of MGF hash function output |
189 | * |
206 | * |
190 | * @var int |
207 | * @var int |
- | 208 | * @access private |
|
191 | */ |
209 | */ |
192 | protected $mgfHLen; |
210 | protected $mgfHLen; |
193 | 211 | ||
194 | /** |
212 | /** |
195 | * Modulus (ie. n) |
213 | * Modulus (ie. n) |
196 | * |
214 | * |
197 | * @var \phpseclib3\Math\BigInteger |
215 | * @var \phpseclib3\Math\BigInteger |
- | 216 | * @access private |
|
198 | */ |
217 | */ |
199 | protected $modulus; |
218 | protected $modulus; |
200 | 219 | ||
201 | /** |
220 | /** |
202 | * Modulus length |
221 | * Modulus length |
203 | * |
222 | * |
204 | * @var \phpseclib3\Math\BigInteger |
223 | * @var \phpseclib3\Math\BigInteger |
- | 224 | * @access private |
|
205 | */ |
225 | */ |
206 | protected $k; |
226 | protected $k; |
207 | 227 | ||
208 | /** |
228 | /** |
209 | * Exponent (ie. e or d) |
229 | * Exponent (ie. e or d) |
210 | * |
230 | * |
211 | * @var \phpseclib3\Math\BigInteger |
231 | * @var \phpseclib3\Math\BigInteger |
- | 232 | * @access private |
|
212 | */ |
233 | */ |
213 | protected $exponent; |
234 | protected $exponent; |
214 | 235 | ||
215 | /** |
236 | /** |
216 | * Default public exponent |
237 | * Default public exponent |
217 | * |
238 | * |
218 | * @var int |
239 | * @var int |
219 | * @link http://en.wikipedia.org/wiki/65537_%28number%29 |
240 | * @link http://en.wikipedia.org/wiki/65537_%28number%29 |
- | 241 | * @access private |
|
220 | */ |
242 | */ |
221 | private static $defaultExponent = 65537; |
243 | private static $defaultExponent = 65537; |
222 | 244 | ||
223 | /** |
245 | /** |
224 | * Enable Blinding? |
246 | * Enable Blinding? |
225 | * |
247 | * |
226 | * @var bool |
248 | * @var bool |
- | 249 | * @access private |
|
227 | */ |
250 | */ |
228 | protected static $enableBlinding = true; |
251 | protected static $enableBlinding = true; |
229 | 252 | ||
230 | /** |
253 | /** |
231 | * OpenSSL configuration file name. |
254 | * OpenSSL configuration file name. |
Line 244... | Line 267... | ||
244 | * engine is set to self::ENGINE_INTERNAL. If Engine is set to self::ENGINE_OPENSSL then smallest Prime is |
267 | * engine is set to self::ENGINE_INTERNAL. If Engine is set to self::ENGINE_OPENSSL then smallest Prime is |
245 | * ignored (ie. multi-prime RSA support is more intended as a way to speed up RSA key generation when there's |
268 | * ignored (ie. multi-prime RSA support is more intended as a way to speed up RSA key generation when there's |
246 | * a chance neither gmp nor OpenSSL are installed) |
269 | * a chance neither gmp nor OpenSSL are installed) |
247 | * |
270 | * |
248 | * @var int |
271 | * @var int |
- | 272 | * @access private |
|
249 | */ |
273 | */ |
250 | private static $smallestPrime = 4096; |
274 | private static $smallestPrime = 4096; |
251 | 275 | ||
252 | /** |
276 | /** |
253 | * Sets the public exponent for key generation |
277 | * Sets the public exponent for key generation |
254 | * |
278 | * |
255 | * This will be 65537 unless changed. |
279 | * This will be 65537 unless changed. |
256 | * |
280 | * |
- | 281 | * @access public |
|
257 | * @param int $val |
282 | * @param int $val |
258 | */ |
283 | */ |
259 | public static function setExponent($val) |
284 | public static function setExponent($val) |
260 | { |
285 | { |
261 | self::$defaultExponent = $val; |
286 | self::$defaultExponent = $val; |
Line 264... | Line 289... | ||
264 | /** |
289 | /** |
265 | * Sets the smallest prime number in bits. Used for key generation |
290 | * Sets the smallest prime number in bits. Used for key generation |
266 | * |
291 | * |
267 | * This will be 4096 unless changed. |
292 | * This will be 4096 unless changed. |
268 | * |
293 | * |
- | 294 | * @access public |
|
269 | * @param int $val |
295 | * @param int $val |
270 | */ |
296 | */ |
271 | public static function setSmallestPrime($val) |
297 | public static function setSmallestPrime($val) |
272 | { |
298 | { |
273 | self::$smallestPrime = $val; |
299 | self::$smallestPrime = $val; |
Line 276... | Line 302... | ||
276 | /** |
302 | /** |
277 | * Sets the OpenSSL config file path |
303 | * Sets the OpenSSL config file path |
278 | * |
304 | * |
279 | * Set to the empty string to use the default config file |
305 | * Set to the empty string to use the default config file |
280 | * |
306 | * |
- | 307 | * @access public |
|
281 | * @param string $val |
308 | * @param string $val |
282 | */ |
309 | */ |
283 | public static function setOpenSSLConfigPath($val) |
310 | public static function setOpenSSLConfigPath($val) |
284 | { |
311 | { |
285 | self::$configFile = $val; |
312 | self::$configFile = $val; |
Line 289... | Line 316... | ||
289 | * Create a private key |
316 | * Create a private key |
290 | * |
317 | * |
291 | * The public key can be extracted from the private key |
318 | * The public key can be extracted from the private key |
292 | * |
319 | * |
293 | * @return RSA |
320 | * @return RSA |
- | 321 | * @access public |
|
294 | * @param int $bits |
322 | * @param int $bits |
295 | */ |
323 | */ |
296 | public static function createKey($bits = 2048) |
324 | public static function createKey($bits = 2048) |
297 | { |
325 | { |
298 | self::initialize_static_variables(); |
326 | self::initialize_static_variables(); |
Line 420... | Line 448... | ||
420 | 448 | ||
421 | /** |
449 | /** |
422 | * OnLoad Handler |
450 | * OnLoad Handler |
423 | * |
451 | * |
424 | * @return bool |
452 | * @return bool |
- | 453 | * @access protected |
|
425 | * @param array $components |
454 | * @param array $components |
426 | */ |
455 | */ |
427 | protected static function onLoad($components) |
456 | protected static function onLoad($components) |
428 | { |
457 | { |
429 | $key = $components['isPublicKey'] ? |
458 | $key = $components['isPublicKey'] ? |
Line 496... | Line 525... | ||
496 | /** |
525 | /** |
497 | * Integer-to-Octet-String primitive |
526 | * Integer-to-Octet-String primitive |
498 | * |
527 | * |
499 | * See {@link http://tools.ietf.org/html/rfc3447#section-4.1 RFC3447#section-4.1}. |
528 | * See {@link http://tools.ietf.org/html/rfc3447#section-4.1 RFC3447#section-4.1}. |
500 | * |
529 | * |
- | 530 | * @access private |
|
501 | * @param bool|\phpseclib3\Math\BigInteger $x |
531 | * @param bool|\phpseclib3\Math\BigInteger $x |
502 | * @param int $xLen |
532 | * @param int $xLen |
503 | * @return bool|string |
533 | * @return bool|string |
504 | */ |
534 | */ |
505 | protected function i2osp($x, $xLen) |
535 | protected function i2osp($x, $xLen) |
Line 517... | Line 547... | ||
517 | /** |
547 | /** |
518 | * Octet-String-to-Integer primitive |
548 | * Octet-String-to-Integer primitive |
519 | * |
549 | * |
520 | * See {@link http://tools.ietf.org/html/rfc3447#section-4.2 RFC3447#section-4.2}. |
550 | * See {@link http://tools.ietf.org/html/rfc3447#section-4.2 RFC3447#section-4.2}. |
521 | * |
551 | * |
- | 552 | * @access private |
|
522 | * @param string $x |
553 | * @param string $x |
523 | * @return \phpseclib3\Math\BigInteger |
554 | * @return \phpseclib3\Math\BigInteger |
524 | */ |
555 | */ |
525 | protected function os2ip($x) |
556 | protected function os2ip($x) |
526 | { |
557 | { |
Line 530... | Line 561... | ||
530 | /** |
561 | /** |
531 | * EMSA-PKCS1-V1_5-ENCODE |
562 | * EMSA-PKCS1-V1_5-ENCODE |
532 | * |
563 | * |
533 | * See {@link http://tools.ietf.org/html/rfc3447#section-9.2 RFC3447#section-9.2}. |
564 | * See {@link http://tools.ietf.org/html/rfc3447#section-9.2 RFC3447#section-9.2}. |
534 | * |
565 | * |
- | 566 | * @access private |
|
535 | * @param string $m |
567 | * @param string $m |
536 | * @param int $emLen |
568 | * @param int $emLen |
537 | * @throws \LengthException if the intended encoded message length is too short |
569 | * @throws \LengthException if the intended encoded message length is too short |
538 | * @return string |
570 | * @return string |
539 | */ |
571 | */ |
Line 593... | Line 625... | ||
593 | * "The parameters field associated with id-sha1, id-sha224, id-sha256, |
625 | * "The parameters field associated with id-sha1, id-sha224, id-sha256, |
594 | * id-sha384, id-sha512, id-sha512/224, and id-sha512/256 should |
626 | * id-sha384, id-sha512, id-sha512/224, and id-sha512/256 should |
595 | * generally be omitted, but if present, it shall have a value of type |
627 | * generally be omitted, but if present, it shall have a value of type |
596 | * NULL" |
628 | * NULL" |
597 | * |
629 | * |
- | 630 | * @access private |
|
598 | * @param string $m |
631 | * @param string $m |
599 | * @param int $emLen |
632 | * @param int $emLen |
600 | * @return string |
633 | * @return string |
601 | */ |
634 | */ |
602 | protected function emsa_pkcs1_v1_5_encode_without_null($m, $emLen) |
635 | protected function emsa_pkcs1_v1_5_encode_without_null($m, $emLen) |
Line 647... | Line 680... | ||
647 | /** |
680 | /** |
648 | * MGF1 |
681 | * MGF1 |
649 | * |
682 | * |
650 | * See {@link http://tools.ietf.org/html/rfc3447#appendix-B.2.1 RFC3447#appendix-B.2.1}. |
683 | * See {@link http://tools.ietf.org/html/rfc3447#appendix-B.2.1 RFC3447#appendix-B.2.1}. |
651 | * |
684 | * |
- | 685 | * @access private |
|
652 | * @param string $mgfSeed |
686 | * @param string $mgfSeed |
653 | * @param int $maskLen |
687 | * @param int $maskLen |
654 | * @return string |
688 | * @return string |
655 | */ |
689 | */ |
656 | protected function mgf1($mgfSeed, $maskLen) |
690 | protected function mgf1($mgfSeed, $maskLen) |
Line 670... | Line 704... | ||
670 | /** |
704 | /** |
671 | * Returns the key size |
705 | * Returns the key size |
672 | * |
706 | * |
673 | * More specifically, this returns the size of the modulo in bits. |
707 | * More specifically, this returns the size of the modulo in bits. |
674 | * |
708 | * |
- | 709 | * @access public |
|
675 | * @return int |
710 | * @return int |
676 | */ |
711 | */ |
677 | public function getLength() |
712 | public function getLength() |
678 | { |
713 | { |
679 | return !isset($this->modulus) ? 0 : $this->modulus->getLength(); |
714 | return !isset($this->modulus) ? 0 : $this->modulus->getLength(); |
Line 683... | Line 718... | ||
683 | * Determines which hashing function should be used |
718 | * Determines which hashing function should be used |
684 | * |
719 | * |
685 | * Used with signature production / verification and (if the encryption mode is self::PADDING_OAEP) encryption and |
720 | * Used with signature production / verification and (if the encryption mode is self::PADDING_OAEP) encryption and |
686 | * decryption. |
721 | * decryption. |
687 | * |
722 | * |
- | 723 | * @access public |
|
688 | * @param string $hash |
724 | * @param string $hash |
689 | */ |
725 | */ |
690 | public function withHash($hash) |
726 | public function withHash($hash) |
691 | { |
727 | { |
692 | $new = clone $this; |
728 | $new = clone $this; |
Line 718... | Line 754... | ||
718 | * Determines which hashing function should be used for the mask generation function |
754 | * Determines which hashing function should be used for the mask generation function |
719 | * |
755 | * |
720 | * The mask generation function is used by self::PADDING_OAEP and self::PADDING_PSS and although it's |
756 | * The mask generation function is used by self::PADDING_OAEP and self::PADDING_PSS and although it's |
721 | * best if Hash and MGFHash are set to the same thing this is not a requirement. |
757 | * best if Hash and MGFHash are set to the same thing this is not a requirement. |
722 | * |
758 | * |
- | 759 | * @access public |
|
723 | * @param string $hash |
760 | * @param string $hash |
724 | */ |
761 | */ |
725 | public function withMGFHash($hash) |
762 | public function withMGFHash($hash) |
726 | { |
763 | { |
727 | $new = clone $this; |
764 | $new = clone $this; |
Line 750... | Line 787... | ||
750 | } |
787 | } |
751 | 788 | ||
752 | /** |
789 | /** |
753 | * Returns the MGF hash algorithm currently being used |
790 | * Returns the MGF hash algorithm currently being used |
754 | * |
791 | * |
- | 792 | * @access public |
|
755 | */ |
793 | */ |
756 | public function getMGFHash() |
794 | public function getMGFHash() |
757 | { |
795 | { |
758 | return clone $this->mgfHash; |
796 | return clone $this->mgfHash; |
759 | } |
797 | } |
Line 766... | Line 804... | ||
766 | * To quote from {@link http://tools.ietf.org/html/rfc3447#page-38 RFC3447#page-38}: |
804 | * To quote from {@link http://tools.ietf.org/html/rfc3447#page-38 RFC3447#page-38}: |
767 | * |
805 | * |
768 | * Typical salt lengths in octets are hLen (the length of the output |
806 | * Typical salt lengths in octets are hLen (the length of the output |
769 | * of the hash function Hash) and 0. |
807 | * of the hash function Hash) and 0. |
770 | * |
808 | * |
- | 809 | * @access public |
|
771 | * @param int $sLen |
810 | * @param int $sLen |
772 | */ |
811 | */ |
773 | public function withSaltLength($sLen) |
812 | public function withSaltLength($sLen) |
774 | { |
813 | { |
775 | $new = clone $this; |
814 | $new = clone $this; |
Line 778... | Line 817... | ||
778 | } |
817 | } |
779 | 818 | ||
780 | /** |
819 | /** |
781 | * Returns the salt length currently being used |
820 | * Returns the salt length currently being used |
782 | * |
821 | * |
- | 822 | * @access public |
|
783 | */ |
823 | */ |
784 | public function getSaltLength() |
824 | public function getSaltLength() |
785 | { |
825 | { |
786 | return $this->sLen !== null ? $this->sLen : $this->hLen; |
826 | return $this->sLen !== null ? $this->sLen : $this->hLen; |
787 | } |
827 | } |
Line 796... | Line 836... | ||
796 | * Both the encryption and the decryption operations of RSAES-OAEP take |
836 | * Both the encryption and the decryption operations of RSAES-OAEP take |
797 | * the value of a label L as input. In this version of PKCS #1, L is |
837 | * the value of a label L as input. In this version of PKCS #1, L is |
798 | * the empty string; other uses of the label are outside the scope of |
838 | * the empty string; other uses of the label are outside the scope of |
799 | * this document. |
839 | * this document. |
800 | * |
840 | * |
- | 841 | * @access public |
|
801 | * @param string $label |
842 | * @param string $label |
802 | */ |
843 | */ |
803 | public function withLabel($label) |
844 | public function withLabel($label) |
804 | { |
845 | { |
805 | $new = clone $this; |
846 | $new = clone $this; |
Line 808... | Line 849... | ||
808 | } |
849 | } |
809 | 850 | ||
810 | /** |
851 | /** |
811 | * Returns the label currently being used |
852 | * Returns the label currently being used |
812 | * |
853 | * |
- | 854 | * @access public |
|
813 | */ |
855 | */ |
814 | public function getLabel() |
856 | public function getLabel() |
815 | { |
857 | { |
816 | return $this->label; |
858 | return $this->label; |
817 | } |
859 | } |
Line 819... | Line 861... | ||
819 | /** |
861 | /** |
820 | * Determines the padding modes |
862 | * Determines the padding modes |
821 | * |
863 | * |
822 | * Example: $key->withPadding(RSA::ENCRYPTION_PKCS1 | RSA::SIGNATURE_PKCS1); |
864 | * Example: $key->withPadding(RSA::ENCRYPTION_PKCS1 | RSA::SIGNATURE_PKCS1); |
823 | * |
865 | * |
- | 866 | * @access public |
|
824 | * @param int $padding |
867 | * @param int $padding |
825 | */ |
868 | */ |
826 | public function withPadding($padding) |
869 | public function withPadding($padding) |
827 | { |
870 | { |
828 | $masks = [ |
871 | $masks = [ |
Line 868... | Line 911... | ||
868 | } |
911 | } |
869 | 912 | ||
870 | /** |
913 | /** |
871 | * Returns the padding currently being used |
914 | * Returns the padding currently being used |
872 | * |
915 | * |
- | 916 | * @access public |
|
873 | */ |
917 | */ |
874 | public function getPadding() |
918 | public function getPadding() |
875 | { |
919 | { |
876 | return $this->signaturePadding | $this->encryptionPadding; |
920 | return $this->signaturePadding | $this->encryptionPadding; |
877 | } |
921 | } |
Line 884... | Line 928... | ||
884 | * multi-prime RSA nor is it used if the key length is outside of the range |
928 | * multi-prime RSA nor is it used if the key length is outside of the range |
885 | * supported by OpenSSL |
929 | * supported by OpenSSL |
886 | * |
930 | * |
887 | * @see self::useInternalEngine() |
931 | * @see self::useInternalEngine() |
888 | * @see self::useBestEngine() |
932 | * @see self::useBestEngine() |
- | 933 | * @access public |
|
889 | * @return string |
934 | * @return string |
890 | */ |
935 | */ |
891 | public function getEngine() |
936 | public function getEngine() |
892 | { |
937 | { |
893 | if (!isset(self::$engines['PHP'])) { |
938 | if (!isset(self::$engines['PHP'])) { |
Line 899... | Line 944... | ||
899 | } |
944 | } |
900 | 945 | ||
901 | /** |
946 | /** |
902 | * Enable RSA Blinding |
947 | * Enable RSA Blinding |
903 | * |
948 | * |
- | 949 | * @access public |
|
904 | */ |
950 | */ |
905 | public static function enableBlinding() |
951 | public static function enableBlinding() |
906 | { |
952 | { |
907 | static::$enableBlinding = true; |
953 | static::$enableBlinding = true; |
908 | } |
954 | } |
909 | 955 | ||
910 | /** |
956 | /** |
911 | * Disable RSA Blinding |
957 | * Disable RSA Blinding |
912 | * |
958 | * |
- | 959 | * @access public |
|
913 | */ |
960 | */ |
914 | public static function disableBlinding() |
961 | public static function disableBlinding() |
915 | { |
962 | { |
916 | static::$enableBlinding = false; |
963 | static::$enableBlinding = false; |
917 | } |
964 | } |