Rev 30 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 30 | Rev 31 | ||
---|---|---|---|
Line 1... | Line 1... | ||
1 | <?php |
1 | <?php |
2 | 2 | ||
3 | /* |
3 | /* |
4 | * OpenSSL php functions implemented using phpseclib |
4 | * OpenSSL php functions implemented using phpseclib |
5 | * Copyright 2022 Daniel Marschall, ViaThinkSoft |
5 | * Copyright 2022 Daniel Marschall, ViaThinkSoft |
6 | * Version 2022-04-09 |
6 | * Version 2022-04-10 |
7 | * |
7 | * |
8 | * Licensed under the Apache License, Version 2.0 (the "License"); |
8 | * Licensed under the Apache License, Version 2.0 (the "License"); |
9 | * you may not use this file except in compliance with the License. |
9 | * you may not use this file except in compliance with the License. |
10 | * You may obtain a copy of the License at |
10 | * You may obtain a copy of the License at |
11 | * |
11 | * |
Line 50... | Line 50... | ||
50 | function openssl_pkey_new($pkey_config=null) { |
50 | function openssl_pkey_new($pkey_config=null) { |
51 | try { |
51 | try { |
52 | $algo = $pkey_config && isset($pkey_config["private_key_type"]) ? $pkey_config["private_key_type"] : OPENSSL_KEYTYPE_RSA; |
52 | $algo = $pkey_config && isset($pkey_config["private_key_type"]) ? $pkey_config["private_key_type"] : OPENSSL_KEYTYPE_RSA; |
53 | $bits = $pkey_config && isset($pkey_config["private_key_bits"]) ? $pkey_config["private_key_bits"] : 2048; |
53 | $bits = $pkey_config && isset($pkey_config["private_key_bits"]) ? $pkey_config["private_key_bits"] : 2048; |
54 | 54 | ||
- | 55 | // TODO: Also support $pkey_config['encrypt_key'] and $pkey_config['encrypt_key_cipher'] ? |
|
- | 56 | ||
55 | if ($algo == OPENSSL_KEYTYPE_RSA) { |
57 | if ($algo == OPENSSL_KEYTYPE_RSA) { |
56 | $private = \phpseclib3\Crypt\RSA::createKey($bits); |
58 | $private = \phpseclib3\Crypt\RSA::createKey($bits); |
57 | } else { |
59 | } else { |
58 | throw new Exception("Algo not implemented"); |
60 | throw new Exception("Algo not implemented"); |
59 | } |
61 | } |
Line 70... | Line 72... | ||
70 | } |
72 | } |
71 | } |
73 | } |
72 | 74 | ||
73 | function openssl_pkey_export($res, &$privKey, $passphrase = null, $options = null) { |
75 | function openssl_pkey_export($res, &$privKey, $passphrase = null, $options = null) { |
74 | try { |
76 | try { |
75 | if (!is_null($passphrase)) throw new Exception("passphrase not implemented"); |
77 | if ($res instanceof \phpseclib3\Crypt\Common\PrivateKey /*\phpseclib3\Crypt\RSA\PrivateKey*/ ) { |
- | 78 | $privKey = $res; |
|
- | 79 | if (!is_null($passphrase)) { |
|
- | 80 | $privKey = $res->withPassword($passphrase); |
|
- | 81 | } |
|
- | 82 | $privKey = $privKey.""; |
|
- | 83 | return true; |
|
- | 84 | } else if (is_string($res)) { |
|
- | 85 | $privKey = $res; |
|
- | 86 | if (!is_null($passphrase)) { |
|
76 | //if (!is_null($options)) throw new Exception("options not implemented"); |
87 | $privKey = \phpseclib3\Crypt\RSA::load($privKey); |
- | 88 | $privKey = $res->withPassword($passphrase); |
|
- | 89 | $privKey = $privKey.""; |
|
- | 90 | } |
|
- | 91 | return true; |
|
- | 92 | } else if (is_array($res)) { |
|
77 | $privKey = $res[2].""; |
93 | $privKey = $res[2].""; |
- | 94 | if (!is_null($passphrase)) { |
|
- | 95 | $privKey = \phpseclib3\Crypt\RSA::load($privKey); |
|
- | 96 | $privKey = $res->withPassword($passphrase); |
|
- | 97 | $privKey = $privKey.""; |
|
- | 98 | } |
|
78 | return true; |
99 | return true; |
- | 100 | } else { |
|
- | 101 | throw new Exception("Invalid input datatype"); |
|
- | 102 | } |
|
79 | } catch (Exception $e) { |
103 | } catch (Exception $e) { |
80 | global $openssl_supplement_last_error; |
104 | global $openssl_supplement_last_error; |
81 | $openssl_supplement_last_error = $e->getMessage(); |
105 | $openssl_supplement_last_error = $e->getMessage(); |
82 | return false; |
106 | return false; |
83 | } |
107 | } |
Line 92... | Line 116... | ||
92 | } |
116 | } |
93 | 117 | ||
94 | function openssl_public_encrypt($data, &$encrypted, $pubKey) { |
118 | function openssl_public_encrypt($data, &$encrypted, $pubKey) { |
95 | try { |
119 | try { |
96 | if (is_string($pubKey)) $pubKey = openssl_pkey_get_public($pubKey); |
120 | if (is_string($pubKey)) $pubKey = openssl_pkey_get_public($pubKey); |
- | 121 | if (!is_object($pubKey) || !method_exists($pubKey,'encrypt')) |
|
- | 122 | throw new Exception("Invalid input datatype"); |
|
97 | $encrypted = $pubKey->encrypt($data); |
123 | $encrypted = $pubKey->encrypt($data); |
98 | return true; |
124 | return true; |
99 | } catch (Exception $e) { |
125 | } catch (Exception $e) { |
100 | global $openssl_supplement_last_error; |
126 | global $openssl_supplement_last_error; |
101 | $openssl_supplement_last_error = $e->getMessage(); |
127 | $openssl_supplement_last_error = $e->getMessage(); |
Line 104... | Line 130... | ||
104 | } |
130 | } |
105 | 131 | ||
106 | function openssl_private_decrypt($encrypted, &$decrypted, $privKey) { |
132 | function openssl_private_decrypt($encrypted, &$decrypted, $privKey) { |
107 | try { |
133 | try { |
108 | if (is_string($privKey)) $privKey = openssl_pkey_get_private($privKey); |
134 | if (is_string($privKey)) $privKey = openssl_pkey_get_private($privKey); |
- | 135 | if (!is_object($privKey) || !method_exists($privKey,'decrypt')) |
|
- | 136 | throw new Exception("Invalid input datatype"); |
|
109 | $decrypted = $privKey->decrypt($encrypted); |
137 | $decrypted = $privKey->decrypt($encrypted); |
110 | return true; |
138 | return true; |
111 | } catch (Exception $e) { |
139 | } catch (Exception $e) { |
112 | global $openssl_supplement_last_error; |
140 | global $openssl_supplement_last_error; |
113 | $openssl_supplement_last_error = $e->getMessage(); |
141 | $openssl_supplement_last_error = $e->getMessage(); |
Line 124... | Line 152... | ||
124 | if ($algorithm == OPENSSL_ALGO_SHA512) $algorithm = 'SHA512'; |
152 | if ($algorithm == OPENSSL_ALGO_SHA512) $algorithm = 'SHA512'; |
125 | if ($algorithm == OPENSSL_ALGO_RMD160) $algorithm = 'RMD160'; |
153 | if ($algorithm == OPENSSL_ALGO_RMD160) $algorithm = 'RMD160'; |
126 | if ($algorithm == OPENSSL_ALGO_MD5) $algorithm = 'MD5'; |
154 | if ($algorithm == OPENSSL_ALGO_MD5) $algorithm = 'MD5'; |
127 | if ($algorithm == OPENSSL_ALGO_MD4) $algorithm = 'MD4'; |
155 | if ($algorithm == OPENSSL_ALGO_MD4) $algorithm = 'MD4'; |
128 | if (is_string($public)) $public = openssl_pkey_get_public($public); |
156 | if (is_string($public)) $public = openssl_pkey_get_public($public); |
- | 157 | if (!is_object($public) || !method_exists($public,'verify')) |
|
- | 158 | throw new Exception("Invalid input datatype"); |
|
129 | return $public->withHash($algorithm)->verify($msg, $signature) ? 1 : 0; |
159 | return $public->withHash($algorithm)->verify($msg, $signature) ? 1 : 0; |
130 | } catch (Exception $e) { |
160 | } catch (Exception $e) { |
131 | global $openssl_supplement_last_error; |
161 | global $openssl_supplement_last_error; |
132 | $openssl_supplement_last_error = $e->getMessage(); |
162 | $openssl_supplement_last_error = $e->getMessage(); |
133 | return false; |
163 | return false; |
Line 143... | Line 173... | ||
143 | if ($algorithm == OPENSSL_ALGO_SHA512) $algorithm = 'SHA512'; |
173 | if ($algorithm == OPENSSL_ALGO_SHA512) $algorithm = 'SHA512'; |
144 | if ($algorithm == OPENSSL_ALGO_RMD160) $algorithm = 'RMD160'; |
174 | if ($algorithm == OPENSSL_ALGO_RMD160) $algorithm = 'RMD160'; |
145 | if ($algorithm == OPENSSL_ALGO_MD5) $algorithm = 'MD5'; |
175 | if ($algorithm == OPENSSL_ALGO_MD5) $algorithm = 'MD5'; |
146 | if ($algorithm == OPENSSL_ALGO_MD4) $algorithm = 'MD4'; |
176 | if ($algorithm == OPENSSL_ALGO_MD4) $algorithm = 'MD4'; |
147 | if (is_string($private)) $private = openssl_pkey_get_private($private); |
177 | if (is_string($private)) $private = openssl_pkey_get_private($private); |
- | 178 | if (!is_object($private) || !method_exists($private,'sign')) |
|
- | 179 | throw new Exception("Invalid input datatype"); |
|
148 | $signature = $private->withHash($algorithm)->sign($msg); |
180 | $signature = $private->withHash($algorithm)->sign($msg); |
149 | return true; |
181 | return true; |
150 | } catch (Exception $e) { |
182 | } catch (Exception $e) { |
151 | global $openssl_supplement_last_error; |
183 | global $openssl_supplement_last_error; |
152 | $openssl_supplement_last_error = $e->getMessage(); |
184 | $openssl_supplement_last_error = $e->getMessage(); |
Line 240... | Line 272... | ||
240 | if (!file_exists($file = substr($key, 7))) throw new Exception("file not found"); |
272 | if (!file_exists($file = substr($key, 7))) throw new Exception("file not found"); |
241 | $key = file_get_contents($file); |
273 | $key = file_get_contents($file); |
242 | } |
274 | } |
243 | if (is_null($passphrase)) $passphrase = false; |
275 | if (is_null($passphrase)) $passphrase = false; |
244 | $privKey = \phpseclib3\Crypt\RSA::load($key, $passphrase); |
276 | $privKey = \phpseclib3\Crypt\RSA::load($key, $passphrase); |
245 | return $privKey->withPadding(\phpseclib3\Crypt\RSA::ENCRYPTION_PKCS1 | \phpseclib3\Crypt\RSA::SIGNATURE_PKCS1); /** @phpstan-ignore-line */ // Call to an undefined method phpseclib3\Crypt\Common\AsymmetricKey::withPadding(). |
277 | return $privKey->withPassword(false)->withPadding(\phpseclib3\Crypt\RSA::ENCRYPTION_PKCS1 | \phpseclib3\Crypt\RSA::SIGNATURE_PKCS1); /** @phpstan-ignore-line */ // Call to an undefined method phpseclib3\Crypt\Common\AsymmetricKey::withPadding(). |
246 | } catch (Exception $e) { |
278 | } catch (Exception $e) { |
247 | global $openssl_supplement_last_error; |
279 | global $openssl_supplement_last_error; |
248 | $openssl_supplement_last_error = $e->getMessage(); |
280 | $openssl_supplement_last_error = $e->getMessage(); |
249 | return false; |
281 | return false; |
250 | } |
282 | } |