add DSA implementation

This commit is contained in:
terrafrost 2016-12-23 10:02:07 -06:00
parent 9ae5206588
commit eb459daeaf
39 changed files with 4489 additions and 926 deletions

View File

@ -15,6 +15,8 @@
namespace phpseclib\Common\Functions; namespace phpseclib\Common\Functions;
use phpseclib\Math\BigInteger;
/** /**
* Common String Functions * Common String Functions
* *
@ -56,4 +58,171 @@ abstract class Strings
$string = substr($string, 0, -$index); $string = substr($string, 0, -$index);
return $substr; return $substr;
} }
/**
* Performs blinded equality testing on strings
*
* Protects against a particular type of timing attack described.
*
* See {@link http://codahale.com/a-lesson-in-timing-attacks/ A Lesson In Timing Attacks (or, Don't use MessageDigest.isEquals)}
*
* Thanks for the heads up singpolyma!
*
* @access public
* @param string $x
* @param string $y
* @return bool
*/
public static function equals($x, $y)
{
if (strlen($x) != strlen($y)) {
return false;
}
$result = 0;
for ($i = 0; $i < strlen($x); $i++) {
$result |= ord($x[$i]) ^ ord($y[$i]);
}
return $result == 0;
}
/**
* Parse SSH2-style string
*
* Returns either an array or a boolean if $data is malformed.
*
* Valid characters for $format are as follows:
*
* C = byte
* b = boolean (true/false)
* N = uint32
* s = string
* i = mpint
* l = name-list
*
* uint64 is not supported.
*
* @param string $string
* @param int $index
* @access public
* @return mixed
*/
public static function unpackSSH2($format, $data)
{
$result = [];
for ($i = 0; $i < strlen($format); $i++) {
switch ($format[$i]) {
case 'C':
case 'b':
if (!strlen($data)) {
return false;
}
break;
case 'N':
case 'i':
case 's':
case 'l':
if (strlen($data) < 4) {
return false;
}
break;
default:
throw new \InvalidArgumentException('$format contains an invalid character');
}
switch ($format[$i]) {
case 'C':
$result[] = ord(self::shift($data));
continue 2;
case 'b':
$result[] = ord(self::shift($data)) != 0;
continue 2;
case 'N':
list(, $temp) = unpack('N', self::shift($data, 4));
$result[] = $temp;
continue 2;
}
list(, $length) = unpack('N', self::shift($data, 4));
if (strlen($data) < $length) {
return false;
}
$temp = self::shift($data, $length);
switch ($format[$i]) {
case 'i':
$result[] = new BigInteger($temp, -256);
break;
case 's':
$result[] = $temp;
break;
case 'l':
$result[] = explode(',', $temp);
}
}
return $result;
}
/**
* Create SSH2-style string
*
* @param mixed $input..
* @access public
* @return mixed
*/
public static function packSSH2()
{
$elements = func_get_args();
$format = $elements[0];
array_shift($elements);
if (strlen($format) != count($elements)) {
throw new \InvalidArgumentException('There must be as many arguments as there are characters in the $format string');
}
$result = '';
for ($i = 0; $i < strlen($format); $i++) {
$element = $elements[$i];
switch ($format[$i]) {
case 'C':
if (!is_int($element)) {
throw new \InvalidArgumentException('Bytes must be represented as an integer between 0 and 255, inclusive.');
}
$result.= pack('C', $element);
break;
case 'b':
if (!is_bool($element)) {
throw new \InvalidArgumentException('A boolean parameter was expected.');
}
$result.= $element ? "\1" : "\0";
break;
case 'N':
if (!is_int($element)) {
throw new \InvalidArgumentException('An integer was expected.');
}
$result.= pack('N', $element);
break;
case 's':
if (!is_string($element)) {
throw new \InvalidArgumentException('A string was expected.');
}
$result.= pack('Na*', strlen($element), $element);
break;
case 'i':
if (!$element instanceof BigInteger) {
throw new \InvalidArgumentException('A phpseclib\Math\BigInteger object was expected.');
}
$element = $element->toBytes(true);
$result.= pack('Na*', strlen($element), $element);
break;
case 'l':
if (!is_array($element)) {
throw new \InvalidArgumentException('An array was expected.');
}
$element = implode(',', $element);
$result.= pack('Na*', strlen($element), $element);
break;
default:
throw new \InvalidArgumentException('$format contains an invalid character');
}
}
return $result;
}
} }

View File

@ -0,0 +1,660 @@
<?php
/**
* Base Class for all asymmetric key ciphers
*
* PHP version 5
*
* @category Crypt
* @package AsymmetricKey
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2016 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\Common;
use phpseclib\Math\BigInteger;
use phpseclib\Crypt\Hash;
use ParagonIE\ConstantTime\Base64;
/**
* Base Class for all stream cipher classes
*
* @package AsymmetricKey
* @author Jim Wigginton <terrafrost@php.net>
*/
abstract class AsymmetricKey
{
/**
* Precomputed Zero
*
* @var \phpseclib\Math\BigInteger
* @access private
*/
protected static $zero;
/**
* Precomputed One
*
* @var \phpseclib\Math\BigInteger
* @access private
*/
protected static $one;
/**
* Engine
*
* This is only used for key generation. Valid values are RSA::ENGINE_INTERNAL and RSA::ENGINE_OPENSSL
*
* @var int
* @access private
*/
protected static $engine = NULL;
/**
* OpenSSL configuration file name.
*
* Set to null to use system configuration file.
*
* @see self::createKey()
* @var mixed
* @access public
*/
protected static $configFile;
/**
* Supported plugins (lower case)
*
* @see self::initialize_static_variables()
* @var array
* @access private
*/
private static $plugins = [];
/**
* Supported plugins (original case)
*
* @see self::initialize_static_variables()
* @var array
* @access private
*/
private static $origPlugins = [];
/**
* Supported signature formats (lower case)
*
* @see self::initialize_static_variables()
* @var array
* @access private
*/
private static $signatureFormats = [];
/**
* Supported signature formats (original case)
*
* @see self::initialize_static_variables()
* @var array
* @access private
*/
private static $signatureFileFormats = [];
/**
* Password
*
* @var string
* @access private
*/
protected $password = false;
/**
* Loaded File Format
*
* @var string
* @access private
*/
protected $format = false;
/**
* Private Key Format
*
* @var string
* @access private
*/
protected $privateKeyFormat = 'PKCS8';
/**
* Public Key Format
*
* @var string
* @access private
*/
protected $publicKeyFormat = 'PKCS8';
/**
* Hash function
*
* @var \phpseclib\Crypt\Hash
* @access private
*/
protected $hash;
/**
* HMAC function
*
* @var \phpseclib\Crypt\Hash
* @access private
*/
private $hmac;
/**#@+
* @access private
* @see self::__construct()
*/
/**
* To use the pure-PHP implementation
*/
const ENGINE_INTERNAL = 1;
/**
* To use the OpenSSL library
*
* (if enabled; otherwise, the internal implementation will be used)
*/
const ENGINE_OPENSSL = 2;
/**#@-*/
/**
* The constructor
*
* @access public
*/
public function __construct()
{
self::initialize_static_variables();
$this->hash = new Hash('sha256');
$this->hmac = new Hash('sha256');
}
/**
* Tests engine validity
*
* @access public
* @param int $val
*/
public static function isValidEngine($val)
{
switch ($val) {
case self::ENGINE_OPENSSL:
return extension_loaded('openssl') && file_exists(self::$configFile);
case self::ENGINE_INTERNAL:
return true;
}
return false;
}
/**
* Sets the engine
*
* Only used in RSA::createKey. Valid values are RSA::ENGINE_OPENSSL and RSA::ENGINE_INTERNAL
*
* @access public
* @param int $val
*/
public static function setPreferredEngine($val)
{
static::$engine = null;
$candidateEngines = [
$val,
self::ENGINE_OPENSSL
];
foreach ($candidateEngines as $engine) {
if (static::isValidEngine($engine)) {
static::$engine = $engine;
break;
}
}
if (!isset(static::$engine)) {
static::$engine = self::ENGINE_INTERNAL;
}
}
/**
* Returns the engine
*
* @access public
* @return int
*/
public static function getEngine()
{
return self::$engine;
}
/**
* Initialize static variables
*
* @access private
*/
protected static function initialize_static_variables()
{
if (!isset(self::$zero)) {
self::$zero= new BigInteger(0);
self::$one = new BigInteger(1);
self::$configFile = __DIR__ . '/../openssl.cnf';
}
self::loadPlugins('Keys');
if (static::ALGORITHM != 'RSA') {
self::loadPlugins('Signature');
}
}
/**
* Load Plugins
*
* @params $format
* @access private
*/
private static function loadPlugins($format)
{
if (!isset(self::$plugins[static::ALGORITHM][$format])) {
self::$plugins[static::ALGORITHM][$format] = [];
foreach (glob(__DIR__ . '/../' . static::ALGORITHM . '/' . $format . '/*.php') as $file) {
$name = pathinfo($file, PATHINFO_FILENAME);
$type = 'phpseclib\Crypt\\' . static::ALGORITHM . '\\' . $format . '\\' . $name;
self::$plugins[static::ALGORITHM][$format][strtolower($name)] = $type;
self::$origPlugins[static::ALGORITHM][$format][] = $name;
}
}
}
/**
* Validate Plugin
*
* @access private
* @param string $format
* @param string $type
* @param string $method optional
* @return mixed
*/
protected static function validatePlugin($format, $type, $method = NULL)
{
$type = strtolower($type);
if (!isset(self::$plugins[static::ALGORITHM][$format][$type])) {
return false;
}
$type = self::$plugins[static::ALGORITHM][$format][$type];
if (isset($method) && !method_exists($type, $method)) {
return false;
}
return $type;
}
/**
* Load the key
*
* @access private
* @param string $key
* @param string $type
* @return array
*/
protected function load($key, $type)
{
$components = false;
if ($type === false) {
foreach (self::$plugins[static::ALGORITHM]['Keys'] as $format) {
try {
$components = $format::load($key, $this->password);
} catch (\Exception $e) {
$components = false;
}
if ($components !== false) {
break;
}
}
} else {
$format = strtolower($type);
if (isset(self::$plugins[static::ALGORITHM]['Keys'][$format])) {
$format = self::$plugins[static::ALGORITHM]['Keys'][$format];
$components = $format::load($key, $this->password);
}
}
if ($components === false) {
$this->format = false;
return false;
}
$this->format = $format;
return $components;
}
/**
* Load the public key
*
* @access private
* @param string $key
* @param string $type
* @return array
*/
protected function setPublicKey($key, $type)
{
$components = false;
if ($type === false) {
foreach (self::$plugins[static::ALGORITHM]['Keys'] as $format) {
if (!method_exists($format, 'savePublicKey')) {
continue;
}
try {
$components = $format::load($key, $this->password);
} catch (\Exception $e) {
$components = false;
}
if ($components !== false) {
break;
}
}
} else {
$format = strtolower($type);
if (isset(self::$plugins[static::ALGORITHM]['Keys'][$format])) {
$format = self::$plugins[static::ALGORITHM]['Keys'][$format];
$components = $format::load($key, $this->password);
}
}
if ($components === false) {
$this->format = false;
return false;
}
$this->format = $format;
return $components;
}
/**
* Returns a list of supported formats.
*
* @access public
* @return array
*/
public static function getSupportedKeyFormats()
{
self::initialize_static_variables();
return self::$plugins[static::ALGORITHM]['Keys'];
}
/**
* Add a fileformat plugin
*
* The plugin needs to either already be loaded or be auto-loadable.
* Loading a plugin whose shortname overwrite an existing shortname will overwrite the old plugin.
*
* @see self::load()
* @param string $fullname
* @access public
* @return bool
*/
public static function addFileFormat($fullname)
{
self::initialize_static_variables();
if (class_exists($fullname)) {
$meta = new \ReflectionClass($path);
$shortname = $meta->getShortName();
self::$plugins[static::ALGORITHM]['Keys'][strtolower($shortname)] = $fullname;
self::$origPlugins[static::ALGORITHM]['Keys'][] = $shortname;
}
}
/**
* Returns the public key's fingerprint
*
* The public key's fingerprint is returned, which is equivalent to running `ssh-keygen -lf rsa.pub`. If there is
* no public key currently loaded, false is returned.
* Example output (md5): "c1:b1:30:29:d7:b8:de:6c:97:77:10:d7:46:41:63:87" (as specified by RFC 4716)
*
* @access public
* @param string $algorithm The hashing algorithm to be used. Valid options are 'md5' and 'sha256'. False is returned
* for invalid values.
* @return mixed
*/
public function getPublicKeyFingerprint($algorithm = 'md5')
{
$type = self::validatePlugin('Keys', 'OpenSSH', 'getBinaryOutput');
if ($type === false) {
return false;
}
$status = $type::getBinaryOutput();
$type::setBinaryOutput(true);
$key = $this->getPublicKey('OpenSSH');
if ($key === false) {
return false;
}
$type::setBinaryOutput($status);
switch ($algorithm) {
case 'sha256':
$hash = new Hash('sha256');
$base = Base64::encode($hash->hash($key));
return substr($base, 0, strlen($base) - 1);
case 'md5':
return substr(chunk_split(md5($key), 2, ':'), 0, -1);
default:
return false;
}
}
/**
* __toString() magic method
*
* @access public
* @return string
*/
public function __toString()
{
try {
$key = $this->getPrivateKey($this->privateKeyFormat);
if (is_string($key)) {
return $key;
}
$key = $this->getPublicKey($this->publicKeyFormat);
return is_string($key) ? $key : '';
} catch (\Exception $e) {
return '';
}
}
/**
* __clone() magic method
*
* @access public
* @return static
*/
public function __clone()
{
$key = new static();
$key->load($this);
return $key;
}
/**
* Determines the private key format
*
* @see self::__toString()
* @access public
* @param string $format
*/
public function setPrivateKeyFormat($format)
{
$this->privateKeyFormat = $format;
}
/**
* Determines the public key format
*
* @see self::__toString()
* @access public
* @param string $format
*/
public function setPublicKeyFormat($format)
{
$this->publicKeyFormat = $format;
}
/**
* Returns the format of the loaded key.
*
* If the key that was loaded wasn't in a valid or if the key was auto-generated
* with RSA::createKey() then this will return false.
*
* @see self::load()
* @access public
* @return mixed
*/
public function getLoadedFormat()
{
if ($this->format === false) {
return false;
}
$meta = new \ReflectionClass($this->format);
return $meta->getShortName();
}
/**
* Sets the password
*
* Private keys can be encrypted with a password. To unset the password, pass in the empty string or false.
* Or rather, pass in $password such that empty($password) && !is_string($password) is true.
*
* @see self::createKey()
* @see self::load()
* @access public
* @param string $password
*/
public function setPassword($password = false)
{
$this->password = $password;
}
/**
* Determines which hashing function should be used
*
* @access public
* @param string $hash
*/
public function setHash($hash)
{
$this->hash = new Hash($hash);
$this->hmac = new Hash($hash);
}
/**
* Compute the pseudorandom k for signature generation,
* using the process specified for deterministic DSA.
*
* @access public
* @param string $h1
* @return string
*/
protected function computek($h1)
{
$v = str_repeat("\1", strlen($h1));
$k = str_repeat("\0", strlen($h1));
$x = $this->int2octets($this->x);
$h1 = $this->bits2octets($h1);
$this->hmac->setKey($k);
$k = $this->hmac->hash($v . "\0" . $x . $h1);
$this->hmac->setKey($k);
$v = $this->hmac->hash($v);
$k = $this->hmac->hash($v . "\1" . $x . $h1);
$this->hmac->setKey($k);
$v = $this->hmac->hash($v);
$qlen = $this->q->getLengthInBytes();
while (true) {
$t = '';
while (strlen($t) < $qlen) {
$v = $this->hmac->hash($v);
$t = $t . $v;
}
$k = $this->bits2int($t);
if (!$k->equals(self::$zero) && $k->compare($this->q) < 0) {
break;
}
$k = $this->hmac->hash($v . "\0");
$this->hmac->setKey($k);
$v = $this->hmac->hash($v);
}
return $k;
}
/**
* Integer to Octet String
*
* @access private
* @param \phpseclib\Math\BigInteger $v
* @return string
*/
private function int2octets($v)
{
$out = $v->toBytes();
$rolen = $this->q->getLengthInBytes();
if (strlen($out) < $rolen) {
return str_pad($out, $rolen, "\0", STR_PAD_LEFT);
} else if (strlen($out) > $rolen) {
return substr($out, -$rolen);
} else {
return $out;
}
}
/**
* Bit String to Integer
*
* @access private
* @param string $in
* @return \phpseclib\Math\BigInteger
*/
protected function bits2int($in)
{
$v = new BigInteger($in, 256);
$vlen = strlen($in) << 3;
$qlen = $this->q->getLength();
if ($vlen > $qlen) {
return $v->bitwise_rightShift($vlen - $qlen);
}
return $v;
}
/**
* Bit String to Octet String
*
* @access private
* @param string $in
* @return string
*/
private function bits2octets($in)
{
$z1 = $this->bits2int($in);
$z2 = $z1->subtract($this->q);
return $z2->compare(self::$zero) < 0 ?
$this->int2octets($z1) :
$this->int2octets($z2);
}
}

View File

@ -0,0 +1,139 @@
<?php
/**
* OpenSSH Key Handler
*
* PHP version 5
*
* Place in $HOME/.ssh/authorized_keys
*
* @category Crypt
* @package Common
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2015 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\Common\Keys;
use ParagonIE\ConstantTime\Base64;
use phpseclib\Common\Functions\Strings;
/**
* OpenSSH Formatted RSA Key Handler
*
* @package Common
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class OpenSSH
{
/**
* Default comment
*
* @var string
* @access private
*/
protected static $comment = 'phpseclib-generated-key';
/**
* Binary key flag
*
* @var bool
* @access private
*/
protected static $binary = false;
/**
* Sets the default comment
*
* @access public
* @param string $comment
*/
public static function setComment($comment)
{
self::$comment = str_replace(["\r", "\n"], '', $comment);
}
/**
* Break a public or private key down into its constituent components
*
* $type can be either ssh-dss or ssh-rsa
*
* @access public
* @param string $key
* @param string $type
* @return array
*/
public static function load($key, $type)
{
if (!is_string($key)) {
return false;
}
$parts = explode(' ', $key, 3);
if (!isset($parts[1])) {
$key = Base64::decode($parts[0]);
$comment = isset($parts[1]) ? $parts[1] : false;
} else {
if ($parts[0] != $type) {
return false;
}
$key = Base64::decode($parts[1]);
$comment = isset($parts[2]) ? $parts[2] : false;
}
if ($key === false) {
return false;
}
if (substr($key, 0, 11) != "\0\0\0\7$type") {
return false;
}
Strings::shift($key, 11);
if (strlen($key) <= 4) {
return false;
}
return $key;
}
/**
* Returns the comment for the key
*
* @access public
* @return mixed
*/
public static function getComment($key)
{
$parts = explode(' ', $key, 3);
return isset($parts[2]) ? $parts[2] : false;
}
/**
* Toggle between binary and printable keys
*
* Printable keys are what are generated by default. These are the ones that go in
* $HOME/.ssh/authorized_key.
*
* @access public
* @param bool $enabled
*/
public static function setBinaryOutput($enabled)
{
self::$binary = $enabled;
}
/**
* Returns the current binary output value
*
* @access public
* @return bool
*/
public static function getBinaryOutput()
{
return (bool) self::$binary;
}
}

View File

@ -0,0 +1,80 @@
<?php
/**
* PKCS Formatted Key Handler
*
* PHP version 5
*
* @category Crypt
* @package Common
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2015 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\Common\Keys;
/**
* PKCS1 Formatted Key Handler
*
* @package RSA
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class PKCS
{
/**
* Auto-detect the format
*/
const MODE_ANY = 0;
/**
* Require base64-encoded PEM's be supplied
*/
const MODE_PEM = 1;
/**
* Require raw DER's be supplied
*/
const MODE_DER = 2;
/**#@-*/
/**
* Is the key a base-64 encoded PEM, DER or should it be auto-detected?
*
* @access private
* @param int
*/
protected static $format = self::MODE_ANY;
/**
* Require base64-encoded PEM's be supplied
*
* @access public
*/
public static function requirePEM()
{
self::$format = self::MODE_PEM;
}
/**
* Require raw DER's be supplied
*
* @access public
*/
public static function requireDER()
{
self::$format = self::MODE_DER;
}
/**
* Accept any format and auto detect the format
*
* This is the default setting
*
* @access public
*/
public static function requireAny()
{
self::$format = self::MODE_ANY;
}
}

View File

@ -0,0 +1,224 @@
<?php
/**
* PKCS1 Formatted Key Handler
*
* PHP version 5
*
* @category Crypt
* @package Common
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2015 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\Common\Keys;
use ParagonIE\ConstantTime\Base64;
use ParagonIE\ConstantTime\Hex;
use phpseclib\Crypt\Common\BlockCipher;
use phpseclib\Crypt\Random;
use phpseclib\Crypt\AES;
use phpseclib\Crypt\Base;
use phpseclib\Crypt\DES;
use phpseclib\Crypt\TripleDES;
use phpseclib\File\ASN1;
/**
* PKCS1 Formatted Key Handler
*
* @package RSA
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class PKCS1 extends PKCS
{
/**
* Default encryption algorithm
*
* @var string
* @access private
*/
private static $defaultEncryptionAlgorithm = 'AES-128-CBC';
/**
* Sets the default encryption algorithm
*
* @access public
* @param string $algo
*/
public static function setEncryptionAlgorithm($algo)
{
self::$defaultEncryptionAlgorithm = $algo;
}
/**
* Returns the mode constant corresponding to the mode string
*
* @access public
* @param string $mode
* @return int
* @throws \UnexpectedValueException if the block cipher mode is unsupported
*/
private static function getEncryptionMode($mode)
{
switch ($mode) {
case 'CBC':
return BlockCipher::MODE_CBC;
case 'ECB':
return BlockCipher::MODE_ECB;
case 'CFB':
return BlockCipher::MODE_CFB;
case 'OFB':
return BlockCipher::MODE_OFB;
case 'CTR':
return BlockCipher::MODE_CTR;
}
throw new \UnexpectedValueException('Unsupported block cipher mode of operation');
}
/**
* Returns a cipher object corresponding to a string
*
* @access public
* @param string $algo
* @return string
* @throws \UnexpectedValueException if the encryption algorithm is unsupported
*/
private static function getEncryptionObject($algo)
{
$modes = '(CBC|ECB|CFB|OFB|CTR)';
switch (true) {
case preg_match("#^AES-(128|192|256)-$modes$#", $algo, $matches):
$cipher = new AES(self::getEncryptionMode($matches[2]));
$cipher->setKeyLength($matches[1]);
return $cipher;
case preg_match("#^DES-EDE3-$modes$#", $algo, $matches):
return new TripleDES(self::getEncryptionMode($matches[1]));
case preg_match("#^DES-$modes$#", $algo, $matches):
return new DES(self::getEncryptionMode($matches[1]));
default:
throw new \UnexpectedValueException('Unsupported encryption algorithmn');
}
}
/**
* Generate a symmetric key for PKCS#1 keys
*
* @access private
* @param string $password
* @param string $iv
* @param int $length
* @return string
*/
private static function generateSymmetricKey($password, $iv, $length)
{
$symkey = '';
$iv = substr($iv, 0, 8);
while (strlen($symkey) < $length) {
$symkey.= md5($symkey . $password . $iv, true);
}
return substr($symkey, 0, $length);
}
/**
* Break a public or private key down into its constituent components
*
* @access public
* @param string $key
* @param string $password optional
* @return array
*/
protected static function load($key, $password)
{
if (!is_string($key)) {
return false;
}
/* Although PKCS#1 proposes a format that public and private keys can use, encrypting them is
"outside the scope" of PKCS#1. PKCS#1 then refers you to PKCS#12 and PKCS#15 if you're wanting to
protect private keys, however, that's not what OpenSSL* does. OpenSSL protects private keys by adding
two new "fields" to the key - DEK-Info and Proc-Type. These fields are discussed here:
http://tools.ietf.org/html/rfc1421#section-4.6.1.1
http://tools.ietf.org/html/rfc1421#section-4.6.1.3
DES-EDE3-CBC as an algorithm, however, is not discussed anywhere, near as I can tell.
DES-CBC and DES-EDE are discussed in RFC1423, however, DES-EDE3-CBC isn't, nor is its key derivation
function. As is, the definitive authority on this encoding scheme isn't the IETF but rather OpenSSL's
own implementation. ie. the implementation *is* the standard and any bugs that may exist in that
implementation are part of the standard, as well.
* OpenSSL is the de facto standard. It's utilized by OpenSSH and other projects */
if (preg_match('#DEK-Info: (.+),(.+)#', $key, $matches)) {
$iv = Hex::decode(trim($matches[2]));
// remove the Proc-Type / DEK-Info sections as they're no longer needed
$key = preg_replace('#^(?:Proc-Type|DEK-Info): .*#m', '', $key);
$ciphertext = ASN1::extractBER($key);
if ($ciphertext === false) {
$ciphertext = $key;
}
$crypto = self::getEncryptionObject($matches[1]);
$crypto->setKey(self::generateSymmetricKey($password, $iv, $crypto->getKeyLength() >> 3));
$crypto->setIV($iv);
$key = $crypto->decrypt($ciphertext);
} else {
if (self::$format != self::MODE_DER) {
$decoded = ASN1::extractBER($key);
if ($decoded !== false) {
$key = $decoded;
} elseif (self::$format == self::MODE_PEM) {
return false;
}
}
}
return $key;
}
/**
* Wrap a private key appropriately
*
* @access public
* @param string $key
* @param string $type
* @param string $password
* @return string
*/
protected static function wrapPrivateKey($key, $type, $password)
{
if (empty($password) || !is_string($password)) {
return "-----BEGIN $type PRIVATE KEY-----\r\n" .
chunk_split(Base64::encode($key), 64) .
"-----END $type PRIVATE KEY-----";
}
$cipher = self::getEncryptionObject(self::$defaultEncryptionAlgorithm);
$iv = Random::string($cipher->getBlockLength() >> 3);
$cipher->setKey(self::generateSymmetricKey($password, $iv, $cipher->getKeyLength() >> 3));
$cipher->setIV($iv);
$iv = strtoupper(Hex::encode($iv));
return "-----BEGIN $type PRIVATE KEY-----\r\n" .
"Proc-Type: 4,ENCRYPTED\r\n" .
"DEK-Info: " . self::$defaultEncryptionAlgorithm . ",$iv\r\n" .
"\r\n" .
chunk_split(Base64::encode($cipher->encrypt($key)), 64) .
"-----END $type PRIVATE KEY-----";
}
/**
* Wrap a public key appropriately
*
* @access public
* @param string $key
* @param string $type
* @return string
*/
protected static function wrapPublicKey($key, $type)
{
return "-----BEGIN $type PUBLIC KEY-----\r\n" .
chunk_split(Base64::encode($key), 64) .
"-----END $type PUBLIC KEY-----";
}
}

View File

@ -0,0 +1,609 @@
<?php
/**
* PKCS#8 Formatted Key Handler
*
* PHP version 5
*
* Used by PHP's openssl_public_encrypt() and openssl's rsautl (when -pubin is set)
*
* Processes keys with the following headers:
*
* -----BEGIN ENCRYPTED PRIVATE KEY-----
* -----BEGIN PRIVATE KEY-----
* -----BEGIN PUBLIC KEY-----
*
* Analogous to ssh-keygen's pkcs8 format (as specified by -m). Although PKCS8
* is specific to private keys it's basically creating a DER-encoded wrapper
* for keys. This just extends that same concept to public keys (much like ssh-keygen)
*
* @category Crypt
* @package Common
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2015 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\Common\Keys;
use ParagonIE\ConstantTime\Base64;
use phpseclib\Crypt\DES;
use phpseclib\Crypt\RC2;
use phpseclib\Crypt\RC4;
use phpseclib\Crypt\AES;
use phpseclib\Crypt\TripleDES;
use phpseclib\Crypt\Common\BlockCipher;
use phpseclib\Crypt\Random;
use phpseclib\Math\BigInteger;
use phpseclib\File\ASN1;
use phpseclib\File\ASN1\Maps;
use phpseclib\Exception\UnsupportedAlgorithmException;
/**
* PKCS#8 Formatted Key Handler
*
* @package Common
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class PKCS8 extends PKCS
{
/**
* Default encryption algorithm
*
* @var string
* @access private
*/
private static $defaultEncryptionAlgorithm = 'id-PBES2';
/**
* Default encryption scheme
*
* Only used when defaultEncryptionAlgorithm is id-PBES2
*
* @var string
* @access private
*/
private static $defaultEncryptionScheme = 'aes128-CBC-PAD';
/**
* Default PRF
*
* Only used when defaultEncryptionAlgorithm is id-PBES2
*
* @var string
* @access private
*/
private static $defaultPRF = 'id-hmacWithSHA256';
/**
* Default Iteration Count
*
* @var int
* @access private
*/
private static $defaultIterationCount = 2048;
/**
* OIDs loaded
*
* @var bool
* @access private
*/
private static $oidsLoaded = false;
/**
* Sets the default encryption algorithm
*
* @access public
* @param string $algo
*/
public static function setEncryptionAlgorithm($algo)
{
self::$defaultEncryptionAlgorithm = $algo;
}
/**
* Sets the default encryption algorithm for PBES2
*
* @access public
* @param string $algo
*/
public static function setEncryptionScheme($algo)
{
self::$defaultEncryptionScheme = $algo;
}
/**
* Sets the iteration count
*
* @access public
* @param int $count
*/
public static function setIterationCount($count)
{
self::$defaultIterationCount = $count;
}
/**
* Sets the PRF for PBES2
*
* @access public
* @param string $algo
*/
public static function setPRF($algo)
{
self::$defaultPRF = $algo;
}
/**
* Returns a SymmetricKey object based on a PBES1 $algo
*
* @access public
* @param string $algo
*/
private static function getPBES1EncryptionObject($algo)
{
$algo = preg_match('#^pbeWith(?:MD2|MD5|SHA1|SHA)And(.*?)-CBC$#', $algo, $matches) ?
$matches[1] :
substr($algo, 13); // strlen('pbeWithSHAAnd') == 13
switch ($algo) {
case 'DES':
$cipher = new DES(BlockCipher::MODE_CBC);
break;
case 'RC2':
$cipher = new RC2(BlockCipher::MODE_CBC);
break;
case '3-KeyTripleDES':
$cipher = new TripleDES(BlockCipher::MODE_CBC);
break;
case '2-KeyTripleDES':
$cipher = new TripleDES(BlockCipher::MODE_CBC);
$cipher->setKeyLength(128);
break;
case '128BitRC2':
$cipher = new RC2(BlockCipher::MODE_CBC);
$cipher->setKeyLength(128);
break;
case '40BitRC2':
$cipher = new RC2(BlockCipher::MODE_CBC);
$cipher->setKeyLength(40);
break;
case '128BitRC4':
$cipher = new RC4();
$cipher->setKeyLength(128);
break;
case '40BitRC4':
$cipher = new RC4();
$cipher->setKeyLength(40);
break;
default:
throw new UnsupportedAlgorithmException("$algo is not a supported algorithm");
}
return $cipher;
}
/**
* Returns a hash based on a PBES1 $algo
*
* @access public
* @param string $algo
*/
private static function getPBES1Hash($algo)
{
if (preg_match('#^pbeWith(MD2|MD5|SHA1|SHA)And.*?-CBC$#', $algo, $matches)) {
return $matches[1] == 'SHA' ? 'sha1' : $matches[1];
}
return 'sha1';
}
/**
* Returns a KDF baesd on a PBES1 $algo
*
* @access public
* @param string $algo
*/
private static function getPBES1KDF($algo)
{
switch ($algo) {
case 'pbeWithMD2AndDES-CBC':
case 'pbeWithMD2AndRC2-CBC':
case 'pbeWithMD5AndDES-CBC':
case 'pbeWithMD5AndRC2-CBC':
case 'pbeWithSHA1AndDES-CBC':
case 'pbeWithSHA1AndRC2-CBC':
return 'pbkdf1';
}
return 'pkcs12';
}
/**
* Returns a SymmetricKey object baesd on a PBES2 $algo
*
* @access public
* @param string $algo
*/
private static function getPBES2EncryptionObject($algo)
{
switch ($algo) {
case 'desCBC':
$cipher = new TripleDES(BlockCipher::MODE_CBC);
break;
case 'des-EDE3-CBC':
$cipher = new TripleDES(BlockCipher::MODE_CBC);
break;
case 'rc2CBC':
$cipher = new RC2(BlockCipher::MODE_CBC);
// in theory this can be changed
$cipher->setKeyLength(128);
break;
case 'rc5-CBC-PAD':
throw new UnsupportedAlgorithmException('rc5-CBC-PAD is not supported for PBES2 PKCS#8 keys');
case 'aes128-CBC-PAD':
case 'aes192-CBC-PAD':
case 'aes256-CBC-PAD':
$cipher = new AES(BlockCipher::MODE_CBC);
$cipher->setKeyLength(substr($algo, 3, 3));
break;
default:
throw new UnsupportedAlgorithmException("$algo is not supported");
}
return $cipher;
}
/**
* Initialize static variables
*
* @access private
*/
private static function initialize_static_variables()
{
if (!static::$childOIDsLoaded) {
ASN1::loadOIDs([static::OID_VALUE => static::OID_NAME]);
static::$childOIDsLoaded = true;
}
if (!self::$oidsLoaded) {
// from https://tools.ietf.org/html/rfc2898
ASN1::loadOIDs([
// PBES1 encryption schemes
'1.2.840.113549.1.5.1' => 'pbeWithMD2AndDES-CBC',
'1.2.840.113549.1.5.4' => 'pbeWithMD2AndRC2-CBC',
'1.2.840.113549.1.5.3' => 'pbeWithMD5AndDES-CBC',
'1.2.840.113549.1.5.6' => 'pbeWithMD5AndRC2-CBC',
'1.2.840.113549.1.5.10'=> 'pbeWithSHA1AndDES-CBC',
'1.2.840.113549.1.5.11'=> 'pbeWithSHA1AndRC2-CBC',
// from PKCS#12:
// https://tools.ietf.org/html/rfc7292
'1.2.840.113549.1.12.1.1' => 'pbeWithSHAAnd128BitRC4',
'1.2.840.113549.1.12.1.2' => 'pbeWithSHAAnd40BitRC4',
'1.2.840.113549.1.12.1.3' => 'pbeWithSHAAnd3-KeyTripleDES-CBC',
'1.2.840.113549.1.12.1.4' => 'pbeWithSHAAnd2-KeyTripleDES-CBC',
'1.2.840.113549.1.12.1.5' => 'pbeWithSHAAnd128BitRC2-CBC',
'1.2.840.113549.1.12.1.6' => 'pbeWithSHAAnd40BitRC2-CBC',
'1.2.840.113549.1.5.12' => 'id-PBKDF2',
'1.2.840.113549.1.5.13' => 'id-PBES2',
'1.2.840.113549.1.5.14' => 'id-PBMAC1',
// from PKCS#5 v2.1:
// http://www.rsa.com/rsalabs/pkcs/files/h11302-wp-pkcs5v2-1-password-based-cryptography-standard.pdf
'1.2.840.113549.2.7' => 'id-hmacWithSHA1',
'1.2.840.113549.2.8' => 'id-hmacWithSHA224',
'1.2.840.113549.2.9' => 'id-hmacWithSHA256',
'1.2.840.113549.2.10'=> 'id-hmacWithSHA384',
'1.2.840.113549.2.11'=> 'id-hmacWithSHA512',
'1.2.840.113549.2.12'=> 'id-hmacWithSHA512-224',
'1.2.840.113549.2.13'=> 'id-hmacWithSHA512-256',
'1.3.14.3.2.7' => 'desCBC',
'1.2.840.113549.3.7' => 'des-EDE3-CBC',
'1.2.840.113549.3.2' => 'rc2CBC',
'1.2.840.113549.3.9' => 'rc5-CBC-PAD',
'2.16.840.1.101.3.4.1.2' => 'aes128-CBC-PAD',
'2.16.840.1.101.3.4.1.22'=> 'aes192-CBC-PAD',
'2.16.840.1.101.3.4.1.42'=> 'aes256-CBC-PAD'
]);
self::$oidsLoaded = true;
}
}
/**
* Break a public or private key down into its constituent components
*
* @access public
* @param string $key
* @param string $password optional
* @return array
*/
protected static function load($key, $password = '')
{
self::initialize_static_variables();
if (!is_string($key)) {
return false;
}
if (self::$format != self::MODE_DER) {
$decoded = ASN1::extractBER($key);
if ($decoded !== false) {
$key = $decoded;
} elseif (self::$format == self::MODE_PEM) {
return false;
}
}
$decoded = ASN1::decodeBER($key);
if (empty($decoded)) {
return false;
}
$meta = [];
$decrypted = ASN1::asn1map($decoded[0], Maps\EncryptedPrivateKeyInfo::MAP);
if (strlen($password) && is_array($decrypted)) {
$algorithm = $decrypted['encryptionAlgorithm']['algorithm'];
switch ($algorithm) {
// PBES1
case 'pbeWithMD2AndDES-CBC':
case 'pbeWithMD2AndRC2-CBC':
case 'pbeWithMD5AndDES-CBC':
case 'pbeWithMD5AndRC2-CBC':
case 'pbeWithSHA1AndDES-CBC':
case 'pbeWithSHA1AndRC2-CBC':
case 'pbeWithSHAAnd3-KeyTripleDES-CBC':
case 'pbeWithSHAAnd2-KeyTripleDES-CBC':
case 'pbeWithSHAAnd128BitRC2-CBC':
case 'pbeWithSHAAnd40BitRC2-CBC':
case 'pbeWithSHAAnd128BitRC4':
case 'pbeWithSHAAnd40BitRC4':
$cipher = self::getPBES1EncryptionObject($algorithm);
$hash = self::getPBES1Hash($algorithm);
$kdf = self::getPBES1KDF($algorithm);
$meta['meta']['algorithm'] = $algorithm;
$temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']);
extract(ASN1::asn1map($temp[0], Maps\PBEParameter::MAP));
$iterationCount = (int) $iterationCount->toString();
$cipher->setPassword($password, $kdf, $hash, $salt, $iterationCount);
$key = $cipher->decrypt($decrypted['encryptedData']);
$decoded = ASN1::decodeBER($key);
if (empty($decoded)) {
return false;
}
break;
case 'id-PBES2':
$meta['meta']['algorithm'] = $algorithm;
$temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']);
$temp = ASN1::asn1map($temp[0], Maps\PBES2params::MAP);
extract($temp);
$cipher = self::getPBES2EncryptionObject($encryptionScheme['algorithm']);
$meta['meta']['cipher'] = $encryptionScheme['algorithm'];
$temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']);
$temp = ASN1::asn1map($temp[0], Maps\PBES2params::MAP);
extract($temp);
if (!$cipher instanceof RC2) {
$cipher->setIV($encryptionScheme['parameters']['octetString']);
} else {
$temp = ASN1::decodeBER($encryptionScheme['parameters']);
extract(ASN1::asn1map($temp[0], Maps\RC2CBCParameter::MAP));
$effectiveKeyLength = (int) $rc2ParametersVersion->toString();
switch ($effectiveKeyLength) {
case 160:
$effectiveKeyLength = 40;
break;
case 120:
$effectiveKeyLength = 64;
break;
case 58:
$effectiveKeyLength = 128;
break;
//default: // should be >= 256
}
$cipher->setIV($iv);
$cipher->setKeyLength($effectiveKeyLength);
}
$meta['meta']['keyDerivationFunc'] = $keyDerivationFunc['algorithm'];
switch ($keyDerivationFunc['algorithm']) {
case 'id-PBKDF2':
$temp = ASN1::decodeBER($keyDerivationFunc['parameters']);
$prf = ['algorithm' => 'id-hmacWithSHA1'];
$params = ASN1::asn1map($temp[0], Maps\PBKDF2params::MAP);
extract($params);
$meta['meta']['prf'] = $prf['algorithm'];
$hash = str_replace('-', '/', substr($prf['algorithm'], 11));
$params = [
$password,
'pbkdf2',
$hash,
$salt,
(int) $iterationCount->toString()
];
if (isset($keyLength)) {
$params[] = (int) $keyLength->toString();
}
call_user_func_array([$cipher, 'setPassword'], $params);
$key = $cipher->decrypt($decrypted['encryptedData']);
$decoded = ASN1::decodeBER($key);
if (empty($decoded)) {
return false;
}
break;
default:
throw new UnsupportedAlgorithmException('Only PBKDF2 is supported for PBES2 PKCS#8 keys');
}
break;
case 'id-PBMAC1':
//$temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']);
//$value = ASN1::asn1map($temp[0], Maps\PBMAC1params::MAP);
// since i can't find any implementation that does PBMAC1 it is unsupported
throw new UnsupportedAlgorithmException('Only PBES1 and PBES2 PKCS#8 keys are supported.');
// at this point we'll assume that the key conforms to PublicKeyInfo
}
}
$private = ASN1::asn1map($decoded[0], Maps\PrivateKeyInfo::MAP);
if (is_array($private)) {
return $private['privateKeyAlgorithm']['algorithm'] == static::OID_NAME ?
$private + $meta :
false;
}
// EncryptedPrivateKeyInfo and PublicKeyInfo have largely identical "signatures". the only difference
// is that the former has an octet string and the later has a bit string. the first byte of a bit
// string represents the number of bits in the last byte that are to be ignored but, currently,
// bit strings wanting a non-zero amount of bits trimmed are not supported
$public = ASN1::asn1map($decoded[0], Maps\PublicKeyInfo::MAP);
if (is_array($public)) {
if ($public['publicKey'][0] != "\0" || $public['publicKeyAlgorithm']['algorithm'] != static::OID_NAME) {
return false;
}
$public['publicKey'] = substr($public['publicKey'], 1);
return $public;
}
return false;
}
/**
* Wrap a private key appropriately
*
* @access public
* @param string $key
* @param string $attr
* @param mixed $params
* @param string $password
* @return string
*/
protected static function wrapPrivateKey($key, $attr, $params, $password)
{
self::initialize_static_variables();
$key = [
'version' => 'v1',
'privateKeyAlgorithm' => [
'algorithm' => static::OID_NAME,
'parameters' => $params
],
'privateKey' => $key
];
if (!empty($attr)) {
$key['attributes'] = $attr;
}
$key = ASN1::encodeDER($key, Maps\PrivateKeyInfo::MAP);
if (!empty($password) && is_string($password)) {
$salt = Random::string(8);
$iterationCount = self::$defaultIterationCount;
if (self::$defaultEncryptionAlgorithm == 'id-PBES2') {
$crypto = self::getPBES2EncryptionObject(self::$defaultEncryptionScheme);
$hash = str_replace('-', '/', substr(self::$defaultPRF, 11));
$kdf = 'pbkdf2';
$iv = Random::string($crypto->getBlockLength() >> 3);
$PBKDF2params = [
'salt' => $salt,
'iterationCount' => $iterationCount,
'prf' => ['algorithm' => self::$defaultPRF, 'parameters' => null]
];
$PBKDF2params = ASN1::encodeDER($PBKDF2params, Maps\PBKDF2params::MAP);
if (!$crypto instanceof RC2) {
$params = ['octetString' => $iv];
} else {
$params = [
'rc2ParametersVersion' => 58,
'iv' => $iv
];
$params = ASN1::encodeDER($params, Maps\RC2CBCParameter::MAP);
$params = new ASN1\Element($params);
}
$params = [
'keyDerivationFunc' => [
'algorithm' => 'id-PBKDF2',
'parameters' => new ASN1\Element($PBKDF2params)
],
'encryptionScheme' => [
'algorithm' => self::$defaultEncryptionScheme,
'parameters' => $params
]
];
$params = ASN1::encodeDER($params, Maps\PBES2params::MAP);
$crypto->setIV($iv);
} else {
$crypto = self::getPBES1EncryptionObject(self::$defaultEncryptionAlgorithm);
$hash = self::getPBES1Hash(self::$defaultEncryptionAlgorithm);
$kdf = self::getPBES1KDF(self::$defaultEncryptionAlgorithm);
$params = [
'salt' => $salt,
'iterationCount' => $iterationCount
];
$params = ASN1::encodeDER($params, Maps\PBEParameter::MAP);
}
$crypto->setPassword($password, $kdf, $hash, $salt, $iterationCount);
$key = $crypto->encrypt($key);
$key = [
'encryptionAlgorithm' => [
'algorithm' => self::$defaultEncryptionAlgorithm,
'parameters' => new ASN1\Element($params)
],
'encryptedData' => $key
];
$key = ASN1::encodeDER($key, Maps\EncryptedPrivateKeyInfo::MAP);
return "-----BEGIN ENCRYPTED PRIVATE KEY-----\r\n" .
chunk_split(Base64::encode($key), 64) .
"-----END ENCRYPTED PRIVATE KEY-----";
}
return "-----BEGIN PRIVATE KEY-----\r\n" .
chunk_split(Base64::encode($key), 64) .
"-----END PRIVATE KEY-----";
}
/**
* Wrap a public key appropriately
*
* @access public
* @param string $key
* @param mixed $params
* @return string
*/
protected static function wrapPublicKey($key, $params)
{
self::initialize_static_variables();
$key = [
'publicKeyAlgorithm' => [
'algorithm' => static::OID_NAME,
'parameters' => $params
],
'publicKey' => "\0" . $key
];
$key = ASN1::encodeDER($key, Maps\PublicKeyInfo::MAP);
return "-----BEGIN PUBLIC KEY-----\r\n" .
chunk_split(Base64::encode($key), 64) .
"-----END PUBLIC KEY-----";
}
}

View File

@ -0,0 +1,230 @@
<?php
/**
* PuTTY Formatted Key Handler
*
* PHP version 5
*
* @category Crypt
* @package Common
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2016 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\Common\Keys;
use ParagonIE\ConstantTime\Base64;
use ParagonIE\ConstantTime\Hex;
use phpseclib\Crypt\AES;
use phpseclib\Crypt\Hash;
use phpseclib\Crypt\Random;
use phpseclib\Common\Functions\Strings;
/**
* PuTTY Formatted Key Handler
*
* @package Common
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class PuTTY
{
/**
* Default comment
*
* @var string
* @access private
*/
private static $comment = 'phpseclib-generated-key';
/**
* Sets the default comment
*
* @access public
* @param string $comment
*/
public static function setComment($comment)
{
self::$comment = str_replace(["\r", "\n"], '', $comment);
}
/**
* Generate a symmetric key for PuTTY keys
*
* @access public
* @param string $password
* @param int $length
* @return string
*/
private static function generateSymmetricKey($password, $length)
{
$symkey = '';
$sequence = 0;
while (strlen($symkey) < $length) {
$temp = pack('Na*', $sequence++, $password);
$symkey.= Hex::decode(sha1($temp));
}
return substr($symkey, 0, $length);
}
/**
* Break a public or private key down into its constituent components
*
* @access public
* @param string $key
* @param string $publicHandler
* @param string $type
* @param string $password
* @return array
*/
protected static function load($key, $password)
{
if (!is_string($key)) {
return false;
}
if (strpos($key, 'BEGIN SSH2 PUBLIC KEY')) {
$data = preg_split('#[\r\n]+#', $key);
$data = array_splice($data, 2, -1);
$data = implode('', $data);
$components = call_user_func([static::PUBLIC_HANDLER, 'load'], $data);
if ($components === false) {
return false;
}
if (!preg_match('#Comment: "(.+)"#', $key, $matches)) {
return false;
}
$components['comment'] = str_replace(['\\\\', '\"'], ['\\', '"'], $matches[1]);
return $components;
}
$components = [];
$key = preg_split('#\r\n|\r|\n#', trim($key));
$type = trim(preg_replace('#PuTTY-User-Key-File-2: (.+)#', '$1', $key[0]));
if ($type != static::TYPE) {
return false;
}
$encryption = trim(preg_replace('#Encryption: (.+)#', '$1', $key[1]));
$components['comment'] = trim(preg_replace('#Comment: (.+)#', '$1', $key[2]));
$publicLength = trim(preg_replace('#Public-Lines: (\d+)#', '$1', $key[3]));
$public = Base64::decode(implode('', array_map('trim', array_slice($key, 4, $publicLength))));
$source = Strings::packSSH2('ssss', static::TYPE, $encryption, $components['comment'], $public);
extract(unpack('Nlength', Strings::shift($public, 4)));
if (Strings::shift($public, $length) != static::TYPE) {
return false;
}
$components['public'] = $public;
$privateLength = trim(preg_replace('#Private-Lines: (\d+)#', '$1', $key[$publicLength + 4]));
$private = Base64::decode(implode('', array_map('trim', array_slice($key, $publicLength + 5, $privateLength))));
switch ($encryption) {
case 'aes256-cbc':
$symkey = self::generateSymmetricKey($password, 32);
$crypto = new AES(AES::MODE_CBC);
}
$hashkey = 'putty-private-key-file-mac-key';
if ($encryption != 'none') {
$hashkey.= $password;
$crypto->setKey($symkey);
$crypto->setIV(str_repeat("\0", $crypto->getBlockLength() >> 3));
$crypto->disablePadding();
$private = $crypto->decrypt($private);
}
$source.= Strings::packSSH2('s', $private);
$hash = new Hash('sha1');
$hash->setKey(sha1($hashkey, true));
$hmac = trim(preg_replace('#Private-MAC: (.+)#', '$1', $key[$publicLength + $privateLength + 5]));
$hmac = Hex::decode($hmac);
if (!Strings::equals($hash->hash($source), $hmac)) {
throw new \UnexpectedValueException('MAC validation error');
}
$components['private'] = $private;
return $components;
}
/**
* Wrap a private key appropriately
*
* @access private
* @param string $public
* @param string $private
* @param string $password
* @return string
*/
protected static function wrapPrivateKey($public, $private, $password)
{
$key = "PuTTY-User-Key-File-2: " . static::TYPE . "\r\nEncryption: ";
$encryption = (!empty($password) || is_string($password)) ? 'aes256-cbc' : 'none';
$key.= $encryption;
$key.= "\r\nComment: " . self::$comment . "\r\n";
$public = Strings::packSSH2('s', static::TYPE) . $public;
$source = Strings::packSSH2('ssss', static::TYPE, $encryption, self::$comment, $public);
$public = Base64::encode($public);
$key.= "Public-Lines: " . ((strlen($public) + 63) >> 6) . "\r\n";
$key.= chunk_split($public, 64);
if (empty($password) && !is_string($password)) {
$source.= Strings::packSSH2('s', $private);
$hashkey = 'putty-private-key-file-mac-key';
} else {
$private.= Random::string(16 - (strlen($private) & 15));
$source.= Strings::packSSH2('s', $private);
$crypto = new AES(AES::MODE_CBC);
$crypto->setKey(self::generateSymmetricKey($password, 32));
$crypto->setIV(str_repeat("\0", $crypto->getBlockLength() >> 3));
$crypto->disablePadding();
$private = $crypto->encrypt($private);
$hashkey = 'putty-private-key-file-mac-key' . $password;
}
$private = Base64::encode($private);
$key.= 'Private-Lines: ' . ((strlen($private) + 63) >> 6) . "\r\n";
$key.= chunk_split($private, 64);
$hash = new Hash('sha1');
$hash->setKey(sha1($hashkey, true));
$key.= 'Private-MAC: ' . Hex::encode($hash->hash($source)) . "\r\n";
return $key;
}
/**
* Wrap a public key appropriately
*
* This is basically the format described in RFC 4716 (https://tools.ietf.org/html/rfc4716)
*
* @access private
* @param string $key
* @return string
*/
protected static function wrapPublicKey($key)
{
$key = pack('Na*a*', strlen(static::TYPE), static::TYPE, $key);
$key = "---- BEGIN SSH2 PUBLIC KEY ----\r\n" .
'Comment: "' . str_replace(['\\', '"'], ['\\\\', '\"'], self::$comment) . "\"\r\n" .
chunk_split(Base64::encode($key), 64) .
'---- END SSH2 PUBLIC KEY ----';
return $key;
}
}

View File

@ -0,0 +1,67 @@
<?php
/**
* Raw Signature Handler
*
* PHP version 5
*
* Handles signatures as arrays
*
* @category Crypt
* @package Common
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2016 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\Common\Signature;
use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\Strings;
/**
* Raw Signature Handler
*
* @package Common
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class Raw
{
/**
* Loads a signature
*
* @access public
* @param array $key
* @return array
*/
public static function load($sig)
{
switch (true) {
case !is_array($sig):
case !isset($sig['r']) || !isset($sig['s']):
case !$sig['r'] instanceof BigInteger:
case !$sig['s'] instanceof BigInteger:
return false;
}
return [
'r' => $key['r'],
's' => $key['s']
];
}
/**
* Returns a signature in the appropriate format
*
* @access public
* @param \phpseclib\Math\BigInteger $r
* @param \phpseclib\Math\BigInteger $s
* @return string
*/
public static function save(BigInteger $r, BigInteger $s)
{
return compact('r', 's');
}
}

500
phpseclib/Crypt/DSA.php Normal file
View File

@ -0,0 +1,500 @@
<?php
/**
* Pure-PHP FIPS 186-4 compliant implementation of DSA.
*
* PHP version 5
*
* Here's an example of how to create signatures and verify signatures with this library:
* <code>
* <?php
* include 'vendor/autoload.php';
*
* extract(\phpseclib\Crypt\DSA::createKey());
*
* $plaintext = 'terrafrost';
*
* $signature = $privatekey->sign($plaintext, 'ASN1');
*
* echo $publickey->verify($plaintext, $signature) ? 'verified' : 'unverified';
* ?>
* </code>
*
* @category Crypt
* @package DSA
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2016 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt;
use ParagonIE\ConstantTime\Base64;
use phpseclib\File\ASN1;
use phpseclib\Math\BigInteger;
use phpseclib\Crypt\Common\AsymmetricKey;
use phpseclib\Common\Functions\Strings;
/**
* Pure-PHP FIPS 186-4 compliant implementation of DSA.
*
* @package DSA
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
class DSA extends AsymmetricKey
{
/**
* Algorithm Name
*
* @var string
* @access private
*/
const ALGORITHM = 'DSA';
/**
* DSA Prime P
*
* @var \phpseclib\Math\BigInteger
* @access private
*/
private $p;
/**
* DSA Group Order q
*
* Prime divisor of p-1
*
* @var \phpseclib\Math\BigInteger
* @access private
*/
protected $q;
/**
* DSA Group Generator G
*
* @var \phpseclib\Math\BigInteger
* @access private
*/
private $g;
/**
* DSA secret exponent x
*
* @var \phpseclib\Math\BigInteger
* @access private
*/
protected $x;
/**
* DSA public key value y
*
* @var \phpseclib\Math\BigInteger
* @access private
*/
private $y;
/**
* Parameters Format
*
* @var string
* @access private
*/
private $parametersFormat = 'PKCS1';
/**
* Create DSA parameters
*
* @access public
* @param int $L
* @param int $N
* @return \phpseclib\Crypt\DSA
*/
static function createParameters($L = 2048, $N = 224)
{
self::initialize_static_variables();
switch (true) {
case $N == 160:
/*
in FIPS 186-1 and 186-2 N was fixed at 160 whereas K had an upper bound of 1024.
RFC 4253 (SSH Transport Layer Protocol) references FIPS 186-2 and as such most
SSH DSA implementations only support keys with an N of 160.
puttygen let's you set the size of L (but not the size of N) and uses 2048 as the
default L value. that's not really compliant with any of the FIPS standards, however,
for the purposes of maintaining compatibility with puttygen, we'll support it
*/
//case ($L >= 512 || $L <= 1024) && (($L & 0x3F) == 0) && $N == 160:
// FIPS 186-3 changed this as follows:
//case $L == 1024 && $N == 160:
case $L == 2048 && $N == 224:
case $L == 2048 && $N == 256:
case $L == 3072 && $N == 256:
break;
default:
return false;
}
$two = new BigInteger(2);
$q = BigInteger::randomPrime($N);
$divisor = $q->multiply($two);
do {
$x = BigInteger::random($L);
list(, $c) = $x->divide($divisor);
$p = $x->subtract($c->subtract(self::$one));
} while ($p->getLength() != $L || !$p->isPrime());
$p_1 = $p->subtract(self::$one);
list($e) = $p_1->divide($q);
// quoting http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf#page=50 ,
// "h could be obtained from a random number generator or from a counter that
// changes after each use". PuTTY (sshdssg.c) starts h off at 1 and increments
// it on each loop. wikipedia says "commonly h = 2 is used" so we'll just do that
$h = clone $two;
while (true) {
$g = $h->powMod($e, $p);
if (!$g->equals(self::$one)) {
break;
}
$h = $h->add(self::$one);
}
$dsa = new DSA();
$dsa->p = $p;
$dsa->q = $q;
$dsa->g = $g;
return $dsa;
}
/**
* Create public / private key pair.
*
* This method is a bit polymorphic. It can take a DSA object (eg. pre-loaded with parameters),
* L / N as two distinct parameters or no parameters (at which point L and N will be generated
* with this method)
*
* Returns an array with the following two elements:
* - 'privatekey': The private key.
* - 'publickey': The public key.
*
* @access public
* @return \phpseclib\Crypt\DSA
*/
static function createKey()
{
self::initialize_static_variables();
$args = func_get_args();
if (count($args) == 2 && is_int($args[0]) && is_int($args[1])) {
$private = self::createParameters($args[0], $args[1]);
} else if (count($args) == 1 && $args[0] instanceof DSA) {
$private = clone $args[0];
} else if (!count($args)) {
$private = self::createParameters();
} else {
throw new \InvalidArgumentException('Valid parameters are either two integers (L and N), a single DSA object or no parameters at all.');
}
$private->x = BigInteger::randomRange(self::$one, $private->q->subtract(self::$one));
$private->y = $private->g->powMod($private->x, $private->p);
$public = clone $private;
unset($public->x);
return ['privatekey' => $private, 'publickey' => $public];
}
/**
* Loads a public or private key
*
* Returns true on success and false on failure (ie. an incorrect password was provided or the key was malformed)
*
* @access public
* @param string $key
* @param int $type optional
*/
public function load($key, $type = false)
{
if ($key instanceof DSA) {
$this->privateKeyFormat = $key->privateKeyFormat;
$this->publicKeyFormat = $key->publicKeyFormat;
$this->format = $key->format;
$this->p = $key->p;
$this->q = $key->q;
$this->g = $key->g;
$this->x = $key->x;
$this->y = $key->y;
$this->parametersFormat = $key->parametersFormat;
return true;
}
$components = parent::load($key, $type);
if ($components === false) {
return false;
}
if (isset($components['p'])) {
switch (true) {
case isset($this->p) && !$this->p->equals($components['p']):
case isset($this->q) && !$this->q->equals($components['q']):
case isset($this->g) && !$this->g->equals($components['g']):
$this->x = $this->y = null;
}
$this->p = $components['p'];
$this->q = $components['q'];
$this->g = $components['g'];
}
if (isset($components['x'])) {
$this->x = $components['x'];
}
if (isset($components['y'])) {
$this->y = $components['y'];
}
//} else if (isset($components['x'])) {
// $this->y = $this->g->powMod($this->x, $this->p);
//}
return true;
}
/**
* Returns the key size
*
* More specifically, this L (the length of DSA Prime P) and N (the length of DSA Group Order q)
*
* @access public
* @return array
*/
public function getLength()
{
return isset($this->p) ?
['L' => $this->p->getLength(), 'N' => $this->q->getLength()] :
['L' => 0, 'N' => 0];
}
/**
* __toString() magic method
*
* @access public
* @return string
*/
public function __toString()
{
$key = parent::__toString();
if (!empty($key)) {
return $key;
}
try {
$key = $this->getParameters($this->parametersFormat);
return is_string($key) ? $key : '';
} catch (\Exception $e) {
return '';
}
}
/**
* Returns the private key
*
* PKCS1 DSA private keys contain x and y. PKCS8 DSA private keys just contain x
* but y can be derived from x.
*
* @see self::getPublicKey()
* @access public
* @param string $type optional
* @return mixed
*/
public function getPrivateKey($type = 'PKCS8')
{
$type = self::validatePlugin('Keys', $type, 'savePrivateKey');
if ($type === false) {
return false;
}
if (!isset($this->x)) {
return false;
}
if (!isset($this->y)) {
$this->y = $this->g->powMod($this->x, $this->p);
}
return $type::savePrivateKey($this->p, $this->q, $this->g, $this->y, $this->x, $this->password);
}
/**
* Returns the public key
*
* If you do "openssl rsa -in private.rsa -pubout -outform PEM" you get a PKCS8 formatted key
* that contains a publicKeyAlgorithm AlgorithmIdentifier and a publicKey BIT STRING.
* An AlgorithmIdentifier contains an OID and a parameters field. With RSA public keys this
* parameters field is NULL. With DSA PKCS8 public keys it is not - it contains the p, q and g
* variables. The publicKey BIT STRING contains, simply, the y variable. This can be verified
* by getting a DSA PKCS8 public key:
*
* "openssl dsa -in private.dsa -pubout -outform PEM"
*
* ie. just swap out rsa with dsa in the rsa command above.
*
* A PKCS1 public key corresponds to the publicKey portion of the PKCS8 key. In the case of RSA
* the publicKey portion /is/ the key. In the case of DSA it is not. You cannot verify a signature
* without the parameters and the PKCS1 DSA public key format does not include the parameters.
*
* @see self::getPrivateKey()
* @access public
* @param string $type optional
* @return mixed
*/
public function getPublicKey($type = 'PKCS8')
{
$type = self::validatePlugin('Keys', $type, 'savePublicKey');
if ($type === false) {
return false;
}
if (!isset($this->y)) {
if (!isset($this->x) || !isset($this->p)) {
return false;
}
$this->y = $this->g->powMod($this->x, $this->p);
}
return $type::savePublicKey($this->p, $this->q, $this->g, $this->y);
}
/**
* Returns the parameters
*
* A public / private key is only returned if the currently loaded "key" contains an x or y
* value.
*
* @see self::getPublicKey()
* @see self::getPrivateKey()
* @access public
* @param string $type optional
* @return mixed
*/
public function getParameters($type = 'PKCS1')
{
$type = self::validatePlugin('Keys', $type, 'saveParameters');
if ($type === false) {
return false;
}
if (!isset($this->p) || !isset($this->q) || !isset($this->g)) {
return false;
}
return $type::saveParameters($this->p, $this->q, $this->g);
}
/**
* Create a signature
*
* @see self::verify()
* @access public
* @param string $message
* @param string $format optional
* @return mixed
*/
function sign($message, $format = 'Raw')
{
$format = self::validatePlugin('Signature', $format);
if ($format === false) {
return false;
}
if (empty($this->x) || empty($this->p)) {
return false;
}
while (true) {
$k = BigInteger::randomRange(self::$one, $this->q->subtract(self::$one));
$r = $this->g->powMod($k, $this->p);
list(, $r) = $r->divide($this->q);
if ($r->equals(self::$zero)) {
continue;
}
$kinv = $k->modInverse($this->q);
$h = $this->hash->hash($message);
$h = $this->bits2int($h);
$temp = $h->add($this->x->multiply($r));
$temp = $kinv->multiply($temp);
list(, $s) = $temp->divide($this->q);
if (!$s->equals(self::$zero)) {
break;
}
}
// the following is an RFC6979 compliant implementation of deterministic DSA
// it's unused because it's mainly intended for use when a good CSPRNG isn't
// available. if phpseclib's CSPRNG isn't good then even key generation is
// suspect
/*
$h1 = $this->hash->hash($message);
$k = $this->computek($h1);
$r = $this->g->powMod($k, $this->p);
list(, $r) = $r->divide($this->q);
$kinv = $k->modInverse($this->q);
$h1 = $this->bits2int($h1);
$temp = $h1->add($this->x->multiply($r));
$temp = $kinv->multiply($temp);
list(, $s) = $temp->divide($this->q);
*/
return $format::save($r, $s);
}
/**
* Verify a signature
*
* @see self::verify()
* @access public
* @param string $message
* @param string $format optional
* @return mixed
*/
function verify($message, $signature, $format = 'Raw')
{
$format = self::validatePlugin('Signature', $format);
if ($format === false) {
return false;
}
$params = $format::load($signature);
if ($params === false || count($params) != 2) {
return false;
}
extract($params);
if (empty($this->y) || empty($this->p)) {
return false;
}
$q_1 = $this->q->subtract(self::$one);
if (!$r->between(self::$one, $q_1) || !$s->between(self::$one, $q_1)) {
return false;
}
$w = $s->modInverse($this->q);
$h = $this->hash->hash($message);
$h = $this->bits2int($h);
list(, $u1) = $h->multiply($w)->divide($this->q);
list(, $u2) = $r->multiply($w)->divide($this->q);
$v1 = $this->g->powMod($u1, $this->p);
$v2 = $this->y->powMod($u2, $this->p);
list(, $v) = $v1->multiply($v2)->divide($this->p);
list(, $v) = $v->divide($this->q);
return Strings::equals($v->toBytes(), $r->toBytes());
}
}

View File

@ -0,0 +1,92 @@
<?php
/**
* OpenSSH Formatted DSA Key Handler
*
* PHP version 5
*
* Place in $HOME/.ssh/authorized_keys
*
* @category Crypt
* @package DSA
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2015 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\DSA\Keys;
use ParagonIE\ConstantTime\Base64;
use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\Strings;
use phpseclib\Crypt\Common\Keys\OpenSSH as Progenitor;
/**
* OpenSSH Formatted DSA Key Handler
*
* @package DSA
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class OpenSSH extends Progenitor
{
/**
* Break a public or private key down into its constituent components
*
* @access public
* @param string $key
* @param string $password optional
* @return array
*/
public static function load($key, $password = '')
{
$key = parent::load($key, 'ssh-dss');
if ($key === false) {
return false;
}
$result = Strings::unpackSSH2('iiii', $key);
if ($result === false) {
return false;
}
list($p, $q, $g, $y) = $result;
$comment = parent::getComment($key);
return compact('p', 'q', 'g', 'y', 'comment');
}
/**
* Convert a public key to the appropriate format
*
* @access public
* @param \phpseclib\Math\BigInteger $p
* @param \phpseclib\Math\BigInteger $q
* @param \phpseclib\Math\BigInteger $g
* @param \phpseclib\Math\BigInteger $y
* @return string
*/
public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y)
{
if ($q->getLength() != 160) {
throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160');
}
// from <http://tools.ietf.org/html/rfc4253#page-15>:
// string "ssh-dss"
// mpint p
// mpint q
// mpint g
// mpint y
$DSAPublicKey = Strings::packSSH2('siiii', 'ssh-dss', $p, $q, $g, $y);
if (self::$binary) {
return $DSAPublicKey;
}
$DSAPublicKey = 'ssh-dss ' . Base64::encode($DSAPublicKey) . ' ' . self::$comment;
return $DSAPublicKey;
}
}

View File

@ -0,0 +1,149 @@
<?php
/**
* PKCS#1 Formatted DSA Key Handler
*
* PHP version 5
*
* Used by File/X509.php
*
* Processes keys with the following headers:
*
* -----BEGIN DSA PRIVATE KEY-----
* -----BEGIN DSA PUBLIC KEY-----
* -----BEGIN DSA PARAMETERS-----
*
* Analogous to ssh-keygen's pem format (as specified by -m)
*
* @category Crypt
* @package DSA
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2015 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\DSA\Keys;
use phpseclib\Math\BigInteger;
use phpseclib\Crypt\Common\Keys\PKCS1 as Progenitor;
use phpseclib\File\ASN1;
use phpseclib\File\ASN1\Maps;
use ParagonIE\ConstantTime\Base64;
/**
* PKCS#1 Formatted RSA Key Handler
*
* @package RSA
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class PKCS1 extends Progenitor
{
/**
* Break a public or private key down into its constituent components
*
* @access public
* @param string $key
* @param string $password optional
* @return array
*/
public static function load($key, $password = '')
{
if (!is_string($key)) {
return false;
}
$key = parent::load($key, $password);
if ($key === false) {
return false;
}
$decoded = ASN1::decodeBER($key);
if (empty($decoded)) {
return false;
}
$key = ASN1::asn1map($decoded[0], Maps\DSAParams::MAP);
if (is_array($key)) {
return $key;
}
$key = ASN1::asn1map($decoded[0], Maps\DSAPrivateKey::MAP);
if (is_array($key)) {
return $key;
}
$key = ASN1::asn1map($decoded[0], Maps\DSAPublicKey::MAP);
return is_array($key) ? $key : false;
}
/**
* Convert DSA parameters to the appropriate format
*
* @access public
* @param \phpseclib\Math\BigInteger $p
* @param \phpseclib\Math\BigInteger $q
* @param \phpseclib\Math\BigInteger $g
* @return string
*/
public static function saveParameters(BigInteger $p, BigInteger $q, BigInteger $g)
{
$key = [
'p' => $p,
'q' => $q,
'g' => $g
];
$key = ASN1::encodeDER($key, Maps\DSAParams::MAP);
return "-----BEGIN DSA PARAMETERS-----\r\n" .
chunk_split(Base64::encode($key), 64) .
"-----END DSA PARAMETERS-----\r\n";
}
/**
* Convert a private key to the appropriate format.
*
* @access public
* @param \phpseclib\Math\BigInteger $p
* @param \phpseclib\Math\BigInteger $q
* @param \phpseclib\Math\BigInteger $g
* @param \phpseclib\Math\BigInteger $x
* @param \phpseclib\Math\BigInteger $y
* @param string $password optional
* @return string
*/
public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '')
{
$key = [
'version' => 0,
'p' => $p,
'q' => $q,
'g' => $g,
'y' => $y,
'x' => $x
];
$key = ASN1::encodeDER($key, Maps\DSAPrivateKey::MAP);
return self::wrapPrivateKey($key, 'DSA', $password);
}
/**
* Convert a public key to the appropriate format
*
* @access public
* @param \phpseclib\Math\BigInteger $p
* @param \phpseclib\Math\BigInteger $q
* @param \phpseclib\Math\BigInteger $g
* @param \phpseclib\Math\BigInteger $y
* @return string
*/
public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y)
{
$key = ASN1::encodeDER($y, Maps\DSAPublicKey::MAP);
return self::wrapPublicKey($key, 'DSA');
}
}

View File

@ -0,0 +1,169 @@
<?php
/**
* PKCS#8 Formatted DSA Key Handler
*
* PHP version 5
*
* Processes keys with the following headers:
*
* -----BEGIN ENCRYPTED PRIVATE KEY-----
* -----BEGIN PRIVATE KEY-----
* -----BEGIN PUBLIC KEY-----
*
* Analogous to ssh-keygen's pkcs8 format (as specified by -m). Although PKCS8
* is specific to private keys it's basically creating a DER-encoded wrapper
* for keys. This just extends that same concept to public keys (much like ssh-keygen)
*
* @category Crypt
* @package DSA
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2015 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\DSA\Keys;
use phpseclib\Math\BigInteger;
use phpseclib\Crypt\Common\Keys\PKCS8 as Progenitor;
use phpseclib\File\ASN1;
use phpseclib\File\ASN1\Maps;
/**
* PKCS#8 Formatted DSA Key Handler
*
* @package DSA
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class PKCS8 extends Progenitor
{
/**
* OID Name
*
* @var string
* @access private
*/
const OID_NAME = 'id-dsa';
/**
* OID Value
*
* @var string
* @access private
*/
const OID_VALUE = '1.2.840.10040.4.1';
/**
* Child OIDs loaded
*
* @var bool
* @access private
*/
protected static $childOIDsLoaded = false;
/**
* Break a public or private key down into its constituent components
*
* @access public
* @param string $key
* @param string $password optional
* @return array
*/
public static function load($key, $password = '')
{
if (!is_string($key)) {
return false;
}
$isPublic = strpos($key, 'PUBLIC') !== false;
$key = parent::load($key, $password);
if ($key === false) {
return false;
}
$type = isset($key['privateKey']) ? 'privateKey' : 'publicKey';
switch (true) {
case !$isPublic && $type == 'publicKey':
case $isPublic && $type == 'privateKey':
return false;
}
$decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element);
if (empty($decoded)) {
return false;
}
$components = ASN1::asn1map($decoded[0], Maps\DSAParams::MAP);
if (!is_array($components)) {
return false;
}
$decoded = ASN1::decodeBER($key[$type]);
if (empty($decoded)) {
return false;
}
$var = $type == 'privateKey' ? 'x' : 'y';
$components[$var] = ASN1::asn1map($decoded[0], Maps\DSAPublicKey::MAP);
if (!$components[$var] instanceof BigInteger) {
return false;
}
if (isset($key['meta'])) {
$components['meta'] = $key['meta'];
}
return $components;
}
/**
* Convert a private key to the appropriate format.
*
* @access public
* @param \phpseclib\Math\BigInteger $p
* @param \phpseclib\Math\BigInteger $q
* @param \phpseclib\Math\BigInteger $g
* @param \phpseclib\Math\BigInteger $x
* @param \phpseclib\Math\BigInteger $y
* @param string $password optional
* @return string
*/
public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '')
{
$params = [
'p' => $p,
'q' => $q,
'g' => $g
];
$params = ASN1::encodeDER($params, Maps\DSAParams::MAP);
$params = new ASN1\Element($params);
$key = ASN1::encodeDER($x, Maps\DSAPublicKey::MAP);
return self::wrapPrivateKey($key, [], $params, $password);
}
/**
* Convert a public key to the appropriate format
*
* @access public
* @param \phpseclib\Math\BigInteger $p
* @param \phpseclib\Math\BigInteger $q
* @param \phpseclib\Math\BigInteger $g
* @param \phpseclib\Math\BigInteger $y
* @return string
*/
public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y)
{
$params = [
'p' => $p,
'q' => $q,
'g' => $g
];
$params = ASN1::encodeDER($params, Maps\DSAParams::MAP);
$params = new ASN1\Element($params);
$key = ASN1::encodeDER($y, Maps\DSAPublicKey::MAP);
return self::wrapPublicKey($key, $params);
}
}

View File

@ -0,0 +1,129 @@
<?php
/**
* PuTTY Formatted DSA Key Handler
*
* puttygen does not generate DSA keys with an N of anything other than 160, however,
* it can still load them and convert them. PuTTY will load them, too, but SSH servers
* won't accept them. Since PuTTY formatted keys are primarily used with SSH this makes
* keys with N > 160 kinda useless, hence this handlers not supporting such keys.
*
* PHP version 5
*
* @category Crypt
* @package DSA
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2015 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\DSA\Keys;
use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\Strings;
use phpseclib\Crypt\Common\Keys\PuTTY as Progenitor;
/**
* PuTTY Formatted DSA Key Handler
*
* @package RSA
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class PuTTY extends Progenitor
{
/**
* Public Handler
*
* @var string
* @access private
*/
const PUBLIC_HANDLER = 'phpseclib\Crypt\DSA\Keys\OpenSSH';
/**
* Algorithm Identifier
*
* @var string
* @access private
*/
const TYPE = 'ssh-dss';
/**
* Break a public or private key down into its constituent components
*
* @access public
* @param string $key
* @param string $password optional
* @return array
*/
public static function load($key, $password = '')
{
$components = parent::load($key, $password);
if ($components === false || !isset($components['private'])) {
return $components;
}
extract($components);
unset($components['public'], $components['private']);
$result = Strings::unpackSSH2('iiii', $public);
if ($result === false) {
return false;
}
list($p, $q, $g, $y) = $result;
$result = Strings::unpackSSH2('i', $private);
if ($result === false) {
return false;
}
list($x) = $result;
return compact('p', 'q', 'g', 'y', 'x', 'comment');
}
/**
* Convert a private key to the appropriate format.
*
* @access public
* @param \phpseclib\Math\BigInteger $p
* @param \phpseclib\Math\BigInteger $q
* @param \phpseclib\Math\BigInteger $g
* @param \phpseclib\Math\BigInteger $y
* @param \phpseclib\Math\BigInteger $x
* @param array $primes
* @param array $exponents
* @param array $coefficients
* @param string $password optional
* @return string
*/
public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '')
{
if ($q->getLength() != 160) {
throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160');
}
$public = Strings::packSSH2('iiii', $p, $q, $g, $y);
$private = Strings::packSSH2('i', $x);
return self::wrapPrivateKey($public, $private, $password);
}
/**
* Convert a public key to the appropriate format
*
* @access public
* @param \phpseclib\Math\BigInteger $p
* @param \phpseclib\Math\BigInteger $q
* @param \phpseclib\Math\BigInteger $g
* @param \phpseclib\Math\BigInteger $y
* @return string
*/
public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y)
{
if ($q->getLength() != 160) {
throw new \InvalidArgumentException('SSH only supports keys with an N (length of Group Order q) of 160');
}
return self::wrapPublicKey(Strings::packSSH2('iiii', $p, $q, $g, $y));
}
}

View File

@ -0,0 +1,95 @@
<?php
/**
* Raw DSA Key Handler
*
* PHP version 5
*
* Reads and creates arrays as DSA keys
*
* @category Crypt
* @package DSA
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2015 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\DSA\Keys;
use phpseclib\Math\BigInteger;
/**
* Raw DSA Key Handler
*
* @package DSA
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class Raw
{
/**
* Break a public or private key down into its constituent components
*
* @access public
* @param array $key
* @param string $password optional
* @return array
*/
public static function load($key, $password = '')
{
if (!is_array($key)) {
return false;
}
switch (true) {
case !isset($key['p']) || !isset($key['q']) || !isset($key['g']):
case !$key['p'] instanceof BigInteger:
case !$key['q'] instanceof BigInteger:
case !$key['g'] instanceof BigInteger:
case !isset($key['x']) && !isset($key['y']):
case isset($key['x']) && !$key['x'] instanceof BigInteger:
case isset($key['y']) && !$key['y'] instanceof BigInteger:
return false;
}
$options = ['p' => 1, 'q' => 1, 'g' => 1, 'x' => 1, 'y' => 1];
return array_intersect_key($key, $options);
}
/**
* Convert a private key to the appropriate format.
*
* @access public
* @param \phpseclib\Math\BigInteger $p
* @param \phpseclib\Math\BigInteger $q
* @param \phpseclib\Math\BigInteger $g
* @param \phpseclib\Math\BigInteger $y
* @param \phpseclib\Math\BigInteger $x
* @param array $primes
* @param array $exponents
* @param array $coefficients
* @param string $password optional
* @return string
*/
public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y, BigInteger $x, $password = '')
{
return compact('p', 'q', 'g', 'y', 'x');
}
/**
* Convert a public key to the appropriate format
*
* @access public
* @param \phpseclib\Math\BigInteger $p
* @param \phpseclib\Math\BigInteger $q
* @param \phpseclib\Math\BigInteger $g
* @param \phpseclib\Math\BigInteger $y
* @return string
*/
public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y)
{
return compact('p', 'q', 'g', 'y');
}
}

View File

@ -0,0 +1,129 @@
<?php
/**
* XML Formatted DSA Key Handler
*
* While XKMS defines a private key format for RSA it does not do so for DSA. Quoting that standard:
*
* "[XKMS] does not specify private key parameters for the DSA signature algorithm since the algorithm only
* supports signature modes and so the application of server generated keys and key recovery is of limited
* value"
*
* PHP version 5
*
* @category Crypt
* @package DSA
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2015 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\DSA\Keys;
use ParagonIE\ConstantTime\Base64;
use phpseclib\Math\BigInteger;
/**
* XML Formatted DSA Key Handler
*
* @package DSA
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class XML
{
/**
* Break a public or private key down into its constituent components
*
* @access public
* @param string $key
* @param string $password optional
* @return array
*/
public static function load($key, $password = '')
{
if (!is_string($key)) {
return false;
}
$use_errors = libxml_use_internal_errors(true);
$dom = new \DOMDocument();
if (!$dom->loadXML('<xml>' . $key . '</xml>')) {
return false;
}
$xpath = new \DOMXPath($dom);
$keys = ['p', 'q', 'g', 'y', 'j', 'seed', 'pgencounter'];
foreach ($keys as $key) {
// $dom->getElementsByTagName($key) is case-sensitive
$temp = $xpath->query("//*[translate(local-name(), 'ABCDEFGHIJKLMNOPQRSTUVWXYZ','abcdefghijklmnopqrstuvwxyz')='$key']");
if (!$temp->length) {
continue;
}
$value = new BigInteger(Base64::decode($temp->item(0)->nodeValue), 256);
switch ($key) {
case 'p': // a prime modulus meeting the [DSS] requirements
// Parameters P, Q, and G can be public and common to a group of users. They might be known
// from application context. As such, they are optional but P and Q must either both appear
// or both be absent
$components['p'] = $value;
break;
case 'q': // an integer in the range 2**159 < Q < 2**160 which is a prime divisor of P-1
$components['q'] = $value;
break;
case 'g': // an integer with certain properties with respect to P and Q
$components['g'] = $value;
break;
case 'y': // G**X mod P (where X is part of the private key and not made public)
$components['y'] = $value;
// the remaining options do not do anything
case 'j': // (P - 1) / Q
// Parameter J is available for inclusion solely for efficiency as it is calculatable from
// P and Q
case 'seed': // a DSA prime generation seed
// Parameters seed and pgenCounter are used in the DSA prime number generation algorithm
// specified in [DSS]. As such, they are optional but must either both be present or both
// be absent
case 'pgencounter': // a DSA prime generation counter
}
}
libxml_use_internal_errors($use_errors);
if (!isset($components['y'])) {
return false;
}
switch (true) {
case !isset($components['p']):
case !isset($components['q']):
case !isset($components['g']):
return ['y' => $components['y']];
}
return $components;
}
/**
* Convert a public key to the appropriate format
*
* See https://www.w3.org/TR/xmldsig-core/#sec-DSAKeyValue
*
* @access public
* @param \phpseclib\Math\BigInteger $p
* @param \phpseclib\Math\BigInteger $q
* @param \phpseclib\Math\BigInteger $g
* @param \phpseclib\Math\BigInteger $y
* @return string
*/
public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y)
{
return "<DSAKeyValue>\r\n" .
' <P>' . Base64::encode($p->toBytes()) . "</P>\r\n" .
' <Q>' . Base64::encode($q->toBytes()) . "</Q>\r\n" .
' <G>' . Base64::encode($g->toBytes()) . "</G>\r\n" .
' <Y>' . Base64::encode($y->toBytes()) . "</Y>\r\n" .
'</DSAKeyValue>';
}
}

View File

@ -0,0 +1,68 @@
<?php
/**
* PKCS Signature Handler
*
* PHP version 5
*
* Handles signatures in the format described in
* https://tools.ietf.org/html/rfc3279#section-2.2.2
*
* @category Crypt
* @package Common
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2016 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\DSA\Signature;
use phpseclib\Math\BigInteger;
use phpseclib\File\ASN1;
use phpseclib\File\ASN1\Maps;
/**
* PKCS Signature Handler
*
* @package Common
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class PKCS
{
/**
* Loads a signature
*
* @access public
* @param array $key
* @return array
*/
public static function load($sig)
{
if (!is_string($sig)) {
return false;
}
$decoded = ASN1::decodeBER($sig);
if (empty($decoded)) {
return false;
}
$components = ASN1::asn1map($decoded[0], Maps\DssSigValue::MAP);
return $components;
}
/**
* Returns a signature in the appropriate format
*
* @access public
* @param \phpseclib\Math\BigInteger $r
* @param \phpseclib\Math\BigInteger $s
* @return string
*/
public static function save(BigInteger $r, BigInteger $s)
{
return ASN1::encodeDER(compact('r', 's'), Maps\DssSigValue::MAP);
}
}

View File

@ -0,0 +1,29 @@
<?php
/**
* Raw DSA Signature Handler
*
* PHP version 5
*
* @category Crypt
* @package DSA
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2016 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\DSA\Signature;
use phpseclib\Crypt\Common\Signature\Raw as Progenitor;
/**
* Raw DSA Signature Handler
*
* @package DSA
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class Raw extends Progenitor
{
}

View File

@ -0,0 +1,75 @@
<?php
/**
* SSH2 Signature Handler
*
* PHP version 5
*
* Handles signatures in the format used by SSH2
*
* @category Crypt
* @package Common
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2016 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\DSA\Signature;
use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\Strings;
/**
* SSH2 Signature Handler
*
* @package Common
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class SSH2
{
/**
* Loads a signature
*
* @access public
* @param array $key
* @return array
*/
public static function load($sig)
{
if (!is_string($sig)) {
return false;
}
$result = Strings::unpackSSH2('ss', $sig);
if ($result === false) {
return false;
}
list($type, $blob) = $result;
if ($type != 'ssh-dss' || strlen($blob) != 40) {
return false;
}
return [
'r' => new BigInteger(substr($blob, 0, 20), 256),
's' => new BigInteger(substr($blob, 20), 256)
];
}
/**
* Returns a signature in the appropriate format
*
* @access public
* @param \phpseclib\Math\BigInteger $r
* @param \phpseclib\Math\BigInteger $s
* @return string
*/
public static function save(BigInteger $r, BigInteger $s)
{
if ($r->getLength() != 160 || $s->getLength != 160) {
return false;
}
return Strings::pack('ss', $r, $s);
}
}

View File

@ -50,6 +50,8 @@ use phpseclib\File\ASN1;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\Strings; use phpseclib\Common\Functions\Strings;
use phpseclib\File\ASN1\Maps\DigestInfo; use phpseclib\File\ASN1\Maps\DigestInfo;
use phpseclib\Crypt\Common\AsymmetricKey;
use phpseclib\Exception\UnsupportedAlgorithmException;
/** /**
* Pure-PHP PKCS#1 compliant implementation of RSA. * Pure-PHP PKCS#1 compliant implementation of RSA.
@ -58,8 +60,16 @@ use phpseclib\File\ASN1\Maps\DigestInfo;
* @author Jim Wigginton <terrafrost@php.net> * @author Jim Wigginton <terrafrost@php.net>
* @access public * @access public
*/ */
class RSA class RSA extends AsymmetricKey
{ {
/**
* Algorithm Name
*
* @var string
* @access private
*/
const ALGORITHM = 'RSA';
/**#@+ /**#@+
* @access public * @access public
* @see self::encrypt() * @see self::encrypt()
@ -119,54 +129,6 @@ class RSA
const PADDING_RELAXED_PKCS1 = 5; const PADDING_RELAXED_PKCS1 = 5;
/**#@-*/ /**#@-*/
/**#@+
* @access private
* @see self::__construct()
*/
/**
* To use the pure-PHP implementation
*/
const ENGINE_INTERNAL = 1;
/**
* To use the OpenSSL library
*
* (if enabled; otherwise, the internal implementation will be used)
*/
const ENGINE_OPENSSL = 2;
/**#@-*/
/**
* Precomputed Zero
*
* @var \phpseclib\Math\BigInteger
* @access private
*/
private static $zero;
/**
* Precomputed One
*
* @var \phpseclib\Math\BigInteger
* @access private
*/
private static $one;
/**
* Private Key Format
*
* @var string
* @access private
*/
private $privateKeyFormat = 'PKCS8';
/**
* Public Key Format
*
* @var string
* @access private
*/
private $publicKeyFormat = 'PKCS8';
/** /**
* Modulus (ie. n) * Modulus (ie. n)
* *
@ -223,14 +185,6 @@ class RSA
*/ */
private $hashName; private $hashName;
/**
* Hash function
*
* @var \phpseclib\Crypt\Hash
* @access private
*/
private $hash;
/** /**
* Length of hash function output * Length of hash function output
* *
@ -271,51 +225,6 @@ class RSA
*/ */
private $publicExponent = false; private $publicExponent = false;
/**
* Password
*
* @var string
* @access private
*/
private $password = false;
/**
* Loaded File Format
*
* @var string
* @access private
*/
private $format = false;
/**
* OpenSSL configuration file name.
*
* Set to null to use system configuration file.
*
* @see self::createKey()
* @var mixed
* @access public
*/
private static $configFile;
/**
* Supported file formats (lower case)
*
* @see self::initialize_static_variables()
* @var array
* @access private
*/
private static $fileFormats = false;
/**
* Supported file formats (original case)
*
* @see self::initialize_static_variables()
* @var array
* @access private
*/
private static $origFileFormats = false;
/** /**
* Public exponent * Public exponent
* *
@ -340,40 +249,6 @@ class RSA
*/ */
private static $smallestPrime = 4096; private static $smallestPrime = 4096;
/**
* Engine
*
* This is only used for key generation. Valid values are RSA::ENGINE_INTERNAL and RSA::ENGINE_OPENSSL
*
* @var int
* @access private
*/
private static $engine = NULL;
/**
* Initialize static variables
*
* @access private
*/
private static function initialize_static_variables()
{
if (!isset(self::$zero)) {
self::$zero= new BigInteger(0);
self::$one = new BigInteger(1);
self::$configFile = __DIR__ . '/../openssl.cnf';
if (self::$fileFormats === false) {
self::$fileFormats = [];
foreach (glob(__DIR__ . '/RSA/*.php') as $file) {
$name = pathinfo($file, PATHINFO_FILENAME);
$type = 'phpseclib\Crypt\RSA\\' . $name;
self::$fileFormats[strtolower($name)] = $type;
self::$origFileFormats[] = $name;
}
}
}
}
/** /**
* The constructor * The constructor
* *
@ -386,9 +261,9 @@ class RSA
*/ */
public function __construct() public function __construct()
{ {
self::initialize_static_variables(); parent::__construct();
$this->hash = new Hash('sha256'); //$this->hash = new Hash('sha256');
$this->hLen = $this->hash->getLengthInBytes(); $this->hLen = $this->hash->getLengthInBytes();
$this->hashName = 'sha256'; $this->hashName = 'sha256';
$this->mgfHash = new Hash('sha256'); $this->mgfHash = new Hash('sha256');
@ -421,73 +296,15 @@ class RSA
self::$smallestPrime = $val; self::$smallestPrime = $val;
} }
/**
* Tests engine validity
*
* @access public
* @param int $val
*/
public static function isValidEngine($val)
{
switch ($val) {
case self::ENGINE_OPENSSL:
return extension_loaded('openssl') && file_exists(self::$configFile);
case self::ENGINE_INTERNAL:
return true;
}
return false;
}
/**
* Sets the engine
*
* Only used in RSA::createKey. Valid values are RSA::ENGINE_OPENSSL and RSA::ENGINE_INTERNAL
*
* @access public
* @param int $val
*/
public static function setPreferredEngine($val)
{
self::$engine = null;
$candidateEngines = [
$val,
self::ENGINE_OPENSSL
];
foreach ($candidateEngines as $engine) {
if (self::isValidEngine($engine)) {
self::$engine = $engine;
break;
}
}
if (!isset(self::$engine)) {
self::$engine = self::ENGINE_INTERNAL;
}
}
/**
* Returns the engine
*
* @access public
* @return int
*/
public static function getEngine($val)
{
return self::$engine;
}
/** /**
* Create public / private key pair * Create public / private key pair
* *
* Returns an array with the following three elements: * Returns an array with the following two elements:
* - 'privatekey': The private key. * - 'privatekey': The private key.
* - 'publickey': The public key. * - 'publickey': The public key.
* - 'partialkey': A partially computed key (if the execution time exceeded $timeout).
* Will need to be passed back to \phpseclib\Crypt\RSA::createKey() as the third parameter for further processing.
* *
* @access public * @access public
* @param int $bits * @param int $bits
* @param int $timeout
* @param array $p * @param array $p
*/ */
public static function createKey($bits = 2048) public static function createKey($bits = 2048)
@ -513,16 +330,13 @@ class RSA
$publickeyarr = openssl_pkey_get_details($rsa); $publickeyarr = openssl_pkey_get_details($rsa);
$publickey = new RSA(); $publickey = new RSA();
$publickey->load($publickeyarr['key']); $publickey->load($publickeyarr['key']);
$publickey->setPublicKey();
// clear the buffer of error strings stemming from a minimalistic openssl.cnf // clear the buffer of error strings stemming from a minimalistic openssl.cnf
while (openssl_error_string() !== false) { while (openssl_error_string() !== false) {
} }
return [ return compact('privatekey', 'publickey');
'privatekey' => $privatekey,
'publickey' => $publickey,
'partialkey' => false
];
} }
static $e; static $e;
@ -614,47 +428,9 @@ class RSA
$publickey->modulus = $n; $publickey->modulus = $n;
$publickey->k = $bits >> 3; $publickey->k = $bits >> 3;
$publickey->exponent = $e; $publickey->exponent = $e;
$publickey->publicExponent = $e;
return [ return compact('privatekey', 'publickey');
'privatekey' => $privatekey,
'publickey' => $publickey
];
}
/**
* Add a fileformat plugin
*
* The plugin needs to either already be loaded or be auto-loadable.
* Loading a plugin whose shortname overwrite an existing shortname will overwrite the old plugin.
*
* @see self::load()
* @param string $fullname
* @access public
* @return bool
*/
public static function addFileFormat($fullname)
{
self::initialize_static_variables();
if (class_exists($fullname)) {
$meta = new \ReflectionClass($path);
$shortname = $meta->getShortName();
self::$fileFormats[strtolower($shortname)] = $fullname;
self::$origFileFormats[] = $shortname;
}
}
/**
* Returns a list of supported formats.
*
* @access public
* @return array
*/
public static function getSupportedFormats()
{
self::initialize_static_variables();
return self::$origFileFormats;
} }
/** /**
@ -671,6 +447,7 @@ class RSA
if ($key instanceof RSA) { if ($key instanceof RSA) {
$this->privateKeyFormat = $key->privateKeyFormat; $this->privateKeyFormat = $key->privateKeyFormat;
$this->publicKeyFormat = $key->publicKeyFormat; $this->publicKeyFormat = $key->publicKeyFormat;
$this->format = $key->format;
$this->k = $key->k; $this->k = $key->k;
$this->hLen = $key->hLen; $this->hLen = $key->hLen;
$this->sLen = $key->sLen; $this->sLen = $key->sLen;
@ -711,33 +488,11 @@ class RSA
return true; return true;
} }
$components = false; $components = parent::load($key, $type);
if ($type === false) {
foreach (self::$fileFormats as $format) {
try {
$components = $format::load($key, $this->password);
} catch (\Exception $e) {
$components = false;
}
if ($components !== false) {
break;
}
}
} else {
$format = strtolower($type);
if (isset(self::$fileFormats[$format])) {
$format = self::$fileFormats[$format];
$components = $format::load($key, $this->password);
}
}
if ($components === false) { if ($components === false) {
$this->format = false;
return false; return false;
} }
$this->format = $format;
$this->modulus = $components['modulus']; $this->modulus = $components['modulus'];
$this->k = $this->modulus->getLengthInBytes(); $this->k = $this->modulus->getLengthInBytes();
$this->exponent = isset($components['privateExponent']) ? $components['privateExponent'] : $components['publicExponent']; $this->exponent = isset($components['privateExponent']) ? $components['privateExponent'] : $components['publicExponent'];
@ -760,26 +515,6 @@ class RSA
return true; return true;
} }
/**
* Returns the format of the loaded key.
*
* If the key that was loaded wasn't in a valid or if the key was auto-generated
* with RSA::createKey() then this will return false.
*
* @see self::load()
* @access public
* @return mixed
*/
public function getLoadedFormat()
{
if ($this->format === false) {
return false;
}
$meta = new \ReflectionClass($this->format);
return $meta->getShortName();
}
/** /**
* Returns the private key * Returns the private key
* *
@ -790,14 +525,10 @@ class RSA
* @param string $type optional * @param string $type optional
* @return mixed * @return mixed
*/ */
public function getPrivateKey($type = 'PKCS1') public function getPrivateKey($type = 'PKCS8')
{ {
$type = strtolower($type); $type = self::validatePlugin('Keys', $type, 'savePrivateKey');
if (!isset(self::$fileFormats[$type])) { if ($type === false) {
return false;
}
$type = self::$fileFormats[$type];
if (!method_exists($type, 'savePrivateKey')) {
return false; return false;
} }
@ -836,6 +567,35 @@ class RSA
*/ */
} }
/**
* Returns a minimalistic private key
*
* Returns the private key without the prime number constituants. Structurally identical to a public key that
* hasn't been set as the public key
*
* @see self::getPrivateKey()
* @access private
* @param string $type optional
* @return mixed
*/
protected function getPrivatePublicKey($type = 'PKCS8')
{
$type = self::validatePlugin('Keys', $type, 'savePublicKey');
if ($type === false) {
return false;
}
if (empty($this->modulus) || empty($this->exponent)) {
return false;
}
$oldFormat = $this->publicKeyFormat;
$this->publicKeyFormat = $type;
$temp = $type::savePublicKey($this->modulus, $this->exponent);
$this->publicKeyFormat = $oldFormat;
return $temp;
}
/** /**
* Returns the key size * Returns the key size
* *
@ -849,22 +609,6 @@ class RSA
return !isset($this->modulus) ? 0 : $this->modulus->getLength(); return !isset($this->modulus) ? 0 : $this->modulus->getLength();
} }
/**
* Sets the password
*
* Private keys can be encrypted with a password. To unset the password, pass in the empty string or false.
* Or rather, pass in $password such that empty($password) && !is_string($password) is true.
*
* @see self::createKey()
* @see self::load()
* @access public
* @param string $password
*/
public function setPassword($password = false)
{
$this->password = $password;
}
/** /**
* Defines the public key * Defines the public key
* *
@ -898,40 +642,11 @@ class RSA
return true; return true;
} }
$components = false; $components = parent::setPublicKey($key, $type);
if ($type === false) {
foreach (self::$fileFormats as $format) {
if (!method_exists($format, 'savePublicKey')) {
continue;
}
try {
$components = $format::load($key, $this->password);
} catch (\Exception $e) {
$components = false;
}
if ($components !== false) {
break;
}
}
} else {
$format = strtolower($type);
if (isset(self::$fileFormats[$format])) {
$format = self::$fileFormats[$format];
try {
$components = $format::load($key, $this->password);
} catch (\Exception $e) {
$components = false;
}
}
}
if ($components === false) { if ($components === false) {
$this->format = false;
return false; return false;
} }
$this->format = $format;
if (empty($this->modulus) || !$this->modulus->equals($components['modulus'])) { if (empty($this->modulus) || !$this->modulus->equals($components['modulus'])) {
$this->modulus = $components['modulus']; $this->modulus = $components['modulus'];
$this->exponent = $this->publicExponent = $components['publicExponent']; $this->exponent = $this->publicExponent = $components['publicExponent'];
@ -991,12 +706,8 @@ class RSA
*/ */
public function getPublicKey($type = 'PKCS8') public function getPublicKey($type = 'PKCS8')
{ {
$type = strtolower($type); $type = self::validatePlugin('Keys', $type, 'savePublicKey');
if (!isset(self::$fileFormats[$type])) { if ($type === false) {
return false;
}
$type = self::$fileFormats[$type];
if (!method_exists($type, 'savePublicKey')) {
return false; return false;
} }
@ -1007,75 +718,6 @@ class RSA
return $type::savePublicKey($this->modulus, $this->publicExponent); return $type::savePublicKey($this->modulus, $this->publicExponent);
} }
/**
* Returns the public key's fingerprint
*
* The public key's fingerprint is returned, which is equivalent to running `ssh-keygen -lf rsa.pub`. If there is
* no public key currently loaded, false is returned.
* Example output (md5): "c1:b1:30:29:d7:b8:de:6c:97:77:10:d7:46:41:63:87" (as specified by RFC 4716)
*
* @access public
* @param string $algorithm The hashing algorithm to be used. Valid options are 'md5' and 'sha256'. False is returned
* for invalid values.
* @return mixed
*/
public function getPublicKeyFingerprint($algorithm = 'md5')
{
if (empty($this->modulus) || empty($this->publicExponent)) {
return false;
}
$modulus = $this->modulus->toBytes(true);
$publicExponent = $this->publicExponent->toBytes(true);
$RSAPublicKey = pack('Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($publicExponent), $publicExponent, strlen($modulus), $modulus);
switch ($algorithm) {
case 'sha256':
$hash = new Hash('sha256');
$base = Base64::encode($hash->hash($RSAPublicKey));
return substr($base, 0, strlen($base) - 1);
case 'md5':
return substr(chunk_split(md5($RSAPublicKey), 2, ':'), 0, -1);
default:
return false;
}
}
/**
* Returns a minimalistic private key
*
* Returns the private key without the prime number constituants. Structurally identical to a public key that
* hasn't been set as the public key
*
* @see self::getPrivateKey()
* @access private
* @param string $type optional
* @return mixed
*/
private function getPrivatePublicKey($type = 'PKCS8')
{
$type = strtolower($type);
if (!isset(self::$fileFormats[$type])) {
return false;
}
$type = self::$fileFormats[$type];
if (!method_exists($type, 'savePublicKey')) {
return false;
}
if (empty($this->modulus) || empty($this->exponent)) {
return false;
}
$oldFormat = $this->publicKeyFormat;
$this->publicKeyFormat = $type;
$temp = $type::savePublicKey($this->modulus, $this->exponent);
$this->publicKeyFormat = $oldFormat;
return $temp;
}
/** /**
* __toString() magic method * __toString() magic method
* *
@ -1096,48 +738,11 @@ class RSA
} }
} }
/**
* __clone() magic method
*
* @access public
* @return \phpseclib\Crypt\RSA
*/
public function __clone()
{
$key = new RSA();
$key->load($this);
return $key;
}
/**
* Determines the private key format
*
* @see self::__toString()
* @access public
* @param string $format
*/
public function setPrivateKeyFormat($format)
{
$this->privateKeyFormat = $format;
}
/**
* Determines the public key format
*
* @see self::__toString()
* @access public
* @param string $format
*/
public function setPublicKeyFormat($format)
{
$this->publicKeyFormat = $format;
}
/** /**
* Determines which hashing function should be used * Determines which hashing function should be used
* *
* Used with signature production / verification and (if the encryption mode is self::PADDING_OAEP) encryption and * Used with signature production / verification and (if the encryption mode is self::PADDING_OAEP) encryption and
* decryption. If $hash isn't supported, sha256 is used. * decryption.
* *
* @access public * @access public
* @param string $hash * @param string $hash
@ -1145,7 +750,7 @@ class RSA
public function setHash($hash) public function setHash($hash)
{ {
// \phpseclib\Crypt\Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example. // \phpseclib\Crypt\Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example.
switch ($hash) { switch (strtolower($hash)) {
case 'md2': case 'md2':
case 'md5': case 'md5':
case 'sha1': case 'sha1':
@ -1159,8 +764,9 @@ class RSA
$this->hashName = $hash; $this->hashName = $hash;
break; break;
default: default:
$this->hash = new Hash('sha256'); throw new UnsupportedAlgorithmException(
$this->hashName = 'sha256'; 'The only supported hash algorithms are: md2, md5, sha1, sha256, sha384, sha512, sha224, sha512/224, sha512/256'
);
} }
$this->hLen = $this->hash->getLengthInBytes(); $this->hLen = $this->hash->getLengthInBytes();
} }
@ -1352,34 +958,6 @@ class RSA
return $x; return $x;
} }
/**
* Performs blinded RSA equality testing
*
* Protects against a particular type of timing attack described.
*
* See {@link http://codahale.com/a-lesson-in-timing-attacks/ A Lesson In Timing Attacks (or, Don't use MessageDigest.isEquals)}
*
* Thanks for the heads up singpolyma!
*
* @access private
* @param string $x
* @param string $y
* @return bool
*/
private static function equals($x, $y)
{
if (strlen($x) != strlen($y)) {
return false;
}
$result = 0;
for ($i = 0; $i < strlen($x); $i++) {
$result |= ord($x[$i]) ^ ord($y[$i]);
}
return $result == 0;
}
/** /**
* RSAEP * RSAEP
* *
@ -1578,7 +1156,7 @@ class RSA
$db = $maskedDB ^ $dbMask; $db = $maskedDB ^ $dbMask;
$lHash2 = substr($db, 0, $this->hLen); $lHash2 = substr($db, 0, $this->hLen);
$m = substr($db, $this->hLen); $m = substr($db, $this->hLen);
if (!self::equals($lHash, $lHash2)) { if (!Strings::equals($lHash, $lHash2)) {
return false; return false;
} }
$m = ltrim($m, chr(0)); $m = ltrim($m, chr(0));
@ -1796,7 +1374,7 @@ class RSA
$salt = substr($db, $temp + 1); // should be $sLen long $salt = substr($db, $temp + 1); // should be $sLen long
$m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt; $m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt;
$h2 = $this->hash->hash($m2); $h2 = $this->hash->hash($m2);
return self::equals($h, $h2); return Strings::equals($h, $h2);
} }
/** /**
@ -1990,7 +1568,7 @@ class RSA
} }
// Compare // Compare
return self::equals($em, $em2); return Strings::equals($em, $em2);
} }
/** /**
@ -2080,7 +1658,7 @@ class RSA
$em = $hash->hash($m); $em = $hash->hash($m);
$em2 = $decoded['digest']; $em2 = $decoded['digest'];
return self::equals($em, $em2); return Strings::equals($em, $em2);
} }
/** /**

View File

@ -17,7 +17,7 @@
* @link http://phpseclib.sourceforge.net * @link http://phpseclib.sourceforge.net
*/ */
namespace phpseclib\Crypt\RSA; namespace phpseclib\Crypt\RSA\Keys;
use ParagonIE\ConstantTime\Base64; use ParagonIE\ConstantTime\Base64;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
@ -173,6 +173,10 @@ abstract class MSBLOB
*/ */
public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '')
{ {
if (count($primes) != 2) {
throw new \InvalidArgumentException('MSBLOB does not support multi-prime RSA keys');
}
$n = strrev($n->toBytes()); $n = strrev($n->toBytes());
$e = str_pad(strrev($e->toBytes()), 4, "\0"); $e = str_pad(strrev($e->toBytes()), 4, "\0");
$key = pack('aavV', chr(self::PRIVATEKEYBLOB), chr(2), 0, self::CALG_RSA_KEYX); $key = pack('aavV', chr(self::PRIVATEKEYBLOB), chr(2), 0, self::CALG_RSA_KEYX);

View File

@ -0,0 +1,83 @@
<?php
/**
* OpenSSH Formatted RSA Key Handler
*
* PHP version 5
*
* Place in $HOME/.ssh/authorized_keys
*
* @category Crypt
* @package RSA
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2015 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\RSA\Keys;
use ParagonIE\ConstantTime\Base64;
use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\Strings;
use phpseclib\Crypt\Common\Keys\OpenSSH as Progenitor;
/**
* OpenSSH Formatted RSA Key Handler
*
* @package RSA
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class OpenSSH extends Progenitor
{
/**
* Break a public or private key down into its constituent components
*
* @access public
* @param string $key
* @param string $password optional
* @return array
*/
public static function load($key, $password = '')
{
$key = parent::load($key, 'ssh-rsa');
if ($key === false) {
return false;
}
$result = Strings::unpackSSH2('ii', $key);
if ($result === false) {
return false;
}
list($publicExponent, $modulus) = $result;
return [
'isPublicKey' => true,
'modulus' => $modulus,
'publicExponent' => $publicExponent,
'comment' => parent::getComment($key)
];
}
/**
* Convert a public key to the appropriate format
*
* @access public
* @param \phpseclib\Math\BigInteger $n
* @param \phpseclib\Math\BigInteger $e
* @return string
*/
public static function savePublicKey(BigInteger $n, BigInteger $e)
{
$RSAPublicKey = Strings::packSSH2('sii', 'ssh-rsa', $e, $n);
if (self::$binary) {
return $RSAPublicKey;
}
$RSAPublicKey = 'ssh-rsa ' . Base64::encode($RSAPublicKey) . ' ' . self::$comment;
return $RSAPublicKey;
}
}

View File

@ -22,10 +22,10 @@
* @link http://phpseclib.sourceforge.net * @link http://phpseclib.sourceforge.net
*/ */
namespace phpseclib\Crypt\RSA; namespace phpseclib\Crypt\RSA\Keys;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
use phpseclib\Crypt\Common\PKCS1 as Progenitor; use phpseclib\Crypt\Common\Keys\PKCS1 as Progenitor;
use phpseclib\File\ASN1; use phpseclib\File\ASN1;
use phpseclib\File\ASN1\Maps; use phpseclib\File\ASN1\Maps;

View File

@ -25,10 +25,10 @@
* @link http://phpseclib.sourceforge.net * @link http://phpseclib.sourceforge.net
*/ */
namespace phpseclib\Crypt\RSA; namespace phpseclib\Crypt\RSA\Keys;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
use phpseclib\Crypt\Common\PKCS8 as Progenitor; use phpseclib\Crypt\Common\Keys\PKCS8 as Progenitor;
use phpseclib\File\ASN1; use phpseclib\File\ASN1;
/** /**
@ -40,6 +40,30 @@ use phpseclib\File\ASN1;
*/ */
abstract class PKCS8 extends Progenitor abstract class PKCS8 extends Progenitor
{ {
/**
* OID Name
*
* @var string
* @access private
*/
const OID_NAME = 'rsaEncryption';
/**
* OID Value
*
* @var string
* @access private
*/
const OID_VALUE = '1.2.840.113549.1.1.1';
/**
* Child OIDs loaded
*
* @var bool
* @access private
*/
protected static $childOIDsLoaded = false;
/** /**
* Break a public or private key down into its constituent components * Break a public or private key down into its constituent components
* *
@ -50,6 +74,10 @@ abstract class PKCS8 extends Progenitor
*/ */
public static function load($key, $password = '') public static function load($key, $password = '')
{ {
if (!is_string($key)) {
return false;
}
$components = ['isPublicKey' => strpos($key, 'PUBLIC') !== false]; $components = ['isPublicKey' => strpos($key, 'PUBLIC') !== false];
$key = parent::load($key, $password); $key = parent::load($key, $password);
@ -59,10 +87,6 @@ abstract class PKCS8 extends Progenitor
$type = isset($key['privateKey']) ? 'private' : 'public'; $type = isset($key['privateKey']) ? 'private' : 'public';
if ($key[$type . 'KeyAlgorithm']['algorithm'] != '1.2.840.113549.1.1.1') {
return false;
}
$result = $components + PKCS1::load($key[$type . 'Key']); $result = $components + PKCS1::load($key[$type . 'Key']);
if (isset($key['meta'])) { if (isset($key['meta'])) {
@ -89,7 +113,7 @@ abstract class PKCS8 extends Progenitor
{ {
$key = PKCS1::savePrivateKey($n, $e, $d, $primes, $exponents, $coefficients); $key = PKCS1::savePrivateKey($n, $e, $d, $primes, $exponents, $coefficients);
$key = ASN1::extractBER($key); $key = ASN1::extractBER($key);
return self::wrapPrivateKey($key, '1.2.840.113549.1.1.1', [], $password); return self::wrapPrivateKey($key, [], null, $password);
} }
/** /**
@ -104,6 +128,6 @@ abstract class PKCS8 extends Progenitor
{ {
$key = PKCS1::savePublicKey($n, $e); $key = PKCS1::savePublicKey($n, $e);
$key = ASN1::extractBER($key); $key = ASN1::extractBER($key);
return self::wrapPublicKey($key, '1.2.840.113549.1.1.1'); return self::wrapPublicKey($key, null);
} }
} }

View File

@ -0,0 +1,129 @@
<?php
/**
* PuTTY Formatted RSA Key Handler
*
* PHP version 5
*
* @category Crypt
* @package RSA
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2015 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\RSA\Keys;
use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\Strings;
use phpseclib\Crypt\Common\Keys\PuTTY as Progenitor;
/**
* PuTTY Formatted RSA Key Handler
*
* @package RSA
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class PuTTY extends Progenitor
{
/**
* Public Handler
*
* @var string
* @access private
*/
const PUBLIC_HANDLER = 'phpseclib\Crypt\RSA\Keys\OpenSSH';
/**
* Algorithm Identifier
*
* @var string
* @access private
*/
const TYPE = 'ssh-rsa';
/**
* Break a public or private key down into its constituent components
*
* @access public
* @param string $key
* @param string $password optional
* @return array
*/
public static function load($key, $password = '')
{
static $one;
if (!isset($one)) {
$one = new BigInteger(1);
}
$components = parent::load($key, $password);
if ($components === false || !isset($components['private'])) {
return $components;
}
extract($components);
unset($components['public'], $components['private']);
$isPublicKey = false;
$result = Strings::unpackSSH2('ii', $public);
if ($result === false) {
return false;
}
list($publicExponent, $modulus) = $result;
$result = Strings::unpackSSH2('iiii', $private);
if ($result === false) {
return false;
}
$primes = $coefficients = [];
list($privateExponent, $primes[1], $primes[2], $coefficients[2]) = $result;
$temp = $primes[1]->subtract($one);
$exponents = [1 => $publicExponent->modInverse($temp)];
$temp = $primes[2]->subtract($one);
$exponents[] = $publicExponent->modInverse($temp);
return compact('publicExponent', 'modulus', 'privateExponent', 'primes', 'coefficients', 'exponents', 'comment', 'isPublicKey');
}
/**
* Convert a private key to the appropriate format.
*
* @access public
* @param \phpseclib\Math\BigInteger $n
* @param \phpseclib\Math\BigInteger $e
* @param \phpseclib\Math\BigInteger $d
* @param array $primes
* @param array $exponents
* @param array $coefficients
* @param string $password optional
* @return string
*/
public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '')
{
if (count($primes) != 2) {
throw new \InvalidArgumentException('PuTTY does not support multi-prime RSA keys');
}
$public = Strings::packSSH2('ii', $e, $n);
$private = Strings::packSSH2('iiii', $d, $primes[1], $primes[2], $coefficients[2]);
return self::wrapPrivateKey($public, $private, $password);
}
/**
* Convert a public key to the appropriate format
*
* @access public
* @param \phpseclib\Math\BigInteger $n
* @param \phpseclib\Math\BigInteger $e
* @return string
*/
public static function savePublicKey(BigInteger $n, BigInteger $e)
{
return self::wrapPublicKey(Strings::packSSH2($e, $n));
}
}

View File

@ -23,7 +23,7 @@
* @link http://phpseclib.sourceforge.net * @link http://phpseclib.sourceforge.net
*/ */
namespace phpseclib\Crypt\RSA; namespace phpseclib\Crypt\RSA\Keys;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;

View File

@ -18,7 +18,7 @@
* @link http://phpseclib.sourceforge.net * @link http://phpseclib.sourceforge.net
*/ */
namespace phpseclib\Crypt\RSA; namespace phpseclib\Crypt\RSA\Keys;
use ParagonIE\ConstantTime\Base64; use ParagonIE\ConstantTime\Base64;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
@ -116,7 +116,7 @@ abstract class XML
public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '')
{ {
if (count($primes) != 2) { if (count($primes) != 2) {
return false; throw new \InvalidArgumentException('XML does not support multi-prime RSA keys');
} }
return "<RSAKeyValue>\r\n" . return "<RSAKeyValue>\r\n" .
' <Modulus>' . Base64::encode($n->toBytes()) . "</Modulus>\r\n" . ' <Modulus>' . Base64::encode($n->toBytes()) . "</Modulus>\r\n" .

View File

@ -1,126 +0,0 @@
<?php
/**
* OpenSSH Formatted RSA Key Handler
*
* PHP version 5
*
* Place in $HOME/.ssh/authorized_keys
*
* @category Crypt
* @package RSA
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2015 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\RSA;
use ParagonIE\ConstantTime\Base64;
use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\Strings;
/**
* OpenSSH Formatted RSA Key Handler
*
* @package RSA
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class OpenSSH
{
/**
* Default comment
*
* @var string
* @access private
*/
private static $comment = 'phpseclib-generated-key';
/**
* Sets the default comment
*
* @access public
* @param string $comment
*/
public static function setComment($comment)
{
self::$comment = str_replace(["\r", "\n"], '', $comment);
}
/**
* Break a public or private key down into its constituent components
*
* @access public
* @param string $key
* @param string $password optional
* @return array
*/
public static function load($key, $password = '')
{
if (!is_string($key)) {
return false;
}
$parts = explode(' ', $key, 3);
$key = isset($parts[1]) ? Base64::decode($parts[1]) : Base64::decode($parts[0]);
if ($key === false) {
return false;
}
$comment = isset($parts[2]) ? $parts[2] : false;
if (substr($key, 0, 11) != "\0\0\0\7ssh-rsa") {
return false;
}
Strings::shift($key, 11);
if (strlen($key) <= 4) {
return false;
}
extract(unpack('Nlength', Strings::shift($key, 4)));
if (strlen($key) <= $length) {
return false;
}
$publicExponent = new BigInteger(Strings::shift($key, $length), -256);
if (strlen($key) <= 4) {
return false;
}
extract(unpack('Nlength', Strings::shift($key, 4)));
if (strlen($key) != $length) {
return false;
}
$modulus = new BigInteger(Strings::shift($key, $length), -256);
return [
'isPublicKey' => true,
'modulus' => $modulus,
'publicExponent' => $publicExponent,
'comment' => $comment
];
}
/**
* Convert a public key to the appropriate format
*
* @access public
* @param \phpseclib\Math\BigInteger $n
* @param \phpseclib\Math\BigInteger $e
* @return string
*/
public static function savePublicKey(BigInteger $n, BigInteger $e)
{
$publicExponent = $e->toBytes(true);
$modulus = $n->toBytes(true);
// from <http://tools.ietf.org/html/rfc4253#page-15>:
// string "ssh-rsa"
// mpint e
// mpint n
$RSAPublicKey = pack('Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($publicExponent), $publicExponent, strlen($modulus), $modulus);
$RSAPublicKey = 'ssh-rsa ' . Base64::encode($RSAPublicKey) . ' ' . self::$comment;
return $RSAPublicKey;
}
}

View File

@ -1,295 +0,0 @@
<?php
/**
* PuTTY Formatted RSA Key Handler
*
* PHP version 5
*
* @category Crypt
* @package RSA
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2015 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\RSA;
use ParagonIE\ConstantTime\Base64;
use ParagonIE\ConstantTime\Hex;
use phpseclib\Crypt\AES;
use phpseclib\Crypt\Hash;
use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\Strings;
/**
* PuTTY Formatted RSA Key Handler
*
* @package RSA
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class PuTTY
{
/**
* Default comment
*
* @var string
* @access private
*/
private static $comment = 'phpseclib-generated-key';
/**
* Sets the default comment
*
* @access public
* @param string $comment
*/
public static function setComment($comment)
{
self::$comment = str_replace(["\r", "\n"], '', $comment);
}
/**
* Generate a symmetric key for PuTTY keys
*
* @access public
* @param string $password
* @param string $iv
* @param int $length
* @return string
*/
public static function generateSymmetricKey($password, $length)
{
$symkey = '';
$sequence = 0;
while (strlen($symkey) < $length) {
$temp = pack('Na*', $sequence++, $password);
$symkey.= Hex::decode(sha1($temp));
}
return substr($symkey, 0, $length);
}
/**
* Break a public or private key down into its constituent components
*
* @access public
* @param string $key
* @param string $password optional
* @return array
*/
public static function load($key, $password = '')
{
if (!is_string($key)) {
return false;
}
static $one;
if (!isset($one)) {
$one = new BigInteger(1);
}
if (strpos($key, 'BEGIN SSH2 PUBLIC KEY')) {
$data = preg_split('#[\r\n]+#', $key);
$data = array_splice($data, 2, -1);
$data = implode('', $data);
$components = OpenSSH::load($data);
if ($components === false) {
return false;
}
if (!preg_match('#Comment: "(.+)"#', $key, $matches)) {
return false;
}
$components['comment'] = str_replace(['\\\\', '\"'], ['\\', '"'], $matches[1]);
return $components;
}
$components = ['isPublicKey' => false];
$key = preg_split('#\r\n|\r|\n#', $key);
$type = trim(preg_replace('#PuTTY-User-Key-File-2: (.+)#', '$1', $key[0]));
if ($type != 'ssh-rsa') {
return false;
}
$encryption = trim(preg_replace('#Encryption: (.+)#', '$1', $key[1]));
$components['comment'] = trim(preg_replace('#Comment: (.+)#', '$1', $key[2]));
$publicLength = trim(preg_replace('#Public-Lines: (\d+)#', '$1', $key[3]));
$public = Base64::decode(implode('', array_map('trim', array_slice($key, 4, $publicLength))));
$public = substr($public, 11);
extract(unpack('Nlength', Strings::shift($public, 4)));
$components['publicExponent'] = new BigInteger(Strings::shift($public, $length), -256);
extract(unpack('Nlength', Strings::shift($public, 4)));
$components['modulus'] = new BigInteger(Strings::shift($public, $length), -256);
$privateLength = trim(preg_replace('#Private-Lines: (\d+)#', '$1', $key[$publicLength + 4]));
$private = Base64::decode(implode('', array_map('trim', array_slice($key, $publicLength + 5, $privateLength))));
switch ($encryption) {
case 'aes256-cbc':
$symkey = static::generateSymmetricKey($password, 32);
$crypto = new AES(AES::MODE_CBC);
}
if ($encryption != 'none') {
$crypto->setKey($symkey);
$crypto->setIV(str_repeat("\0", $crypto->getBlockLength() >> 3));
$crypto->disablePadding();
$private = $crypto->decrypt($private);
}
extract(unpack('Nlength', Strings::shift($private, 4)));
if (strlen($private) < $length) {
return false;
}
$components['privateExponent'] = new BigInteger(Strings::shift($private, $length), -256);
extract(unpack('Nlength', Strings::shift($private, 4)));
if (strlen($private) < $length) {
return false;
}
$components['primes'] = [1 => new BigInteger(Strings::shift($private, $length), -256)];
extract(unpack('Nlength', Strings::shift($private, 4)));
if (strlen($private) < $length) {
return false;
}
$components['primes'][] = new BigInteger(Strings::shift($private, $length), -256);
$temp = $components['primes'][1]->subtract($one);
$components['exponents'] = [1 => $components['publicExponent']->modInverse($temp)];
$temp = $components['primes'][2]->subtract($one);
$components['exponents'][] = $components['publicExponent']->modInverse($temp);
extract(unpack('Nlength', Strings::shift($private, 4)));
if (strlen($private) < $length) {
return false;
}
$components['coefficients'] = [2 => new BigInteger(Strings::shift($private, $length), -256)];
return $components;
}
/**
* Convert a private key to the appropriate format.
*
* @access public
* @param \phpseclib\Math\BigInteger $n
* @param \phpseclib\Math\BigInteger $e
* @param \phpseclib\Math\BigInteger $d
* @param array $primes
* @param array $exponents
* @param array $coefficients
* @param string $password optional
* @return string
*/
public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '')
{
if (count($primes) != 2) {
return false;
}
$raw = [
'modulus' => $n->toBytes(true),
'publicExponent' => $e->toBytes(true),
'privateExponent' => $d->toBytes(true),
'prime1' => $primes[1]->toBytes(true),
'prime2' => $primes[2]->toBytes(true),
'exponent1' => $exponents[1]->toBytes(true),
'exponent2' => $exponents[2]->toBytes(true),
'coefficient' => $coefficients[2]->toBytes(true)
];
$key = "PuTTY-User-Key-File-2: ssh-rsa\r\nEncryption: ";
$encryption = (!empty($password) || is_string($password)) ? 'aes256-cbc' : 'none';
$key.= $encryption;
$key.= "\r\nComment: " . self::$comment . "\r\n";
$public = pack(
'Na*Na*Na*',
strlen('ssh-rsa'),
'ssh-rsa',
strlen($raw['publicExponent']),
$raw['publicExponent'],
strlen($raw['modulus']),
$raw['modulus']
);
$source = pack(
'Na*Na*Na*Na*',
strlen('ssh-rsa'),
'ssh-rsa',
strlen($encryption),
$encryption,
strlen(self::$comment),
self::$comment,
strlen($public),
$public
);
$public = Base64::encode($public);
$key.= "Public-Lines: " . ((strlen($public) + 63) >> 6) . "\r\n";
$key.= chunk_split($public, 64);
$private = pack(
'Na*Na*Na*Na*',
strlen($raw['privateExponent']),
$raw['privateExponent'],
strlen($raw['prime1']),
$raw['prime1'],
strlen($raw['prime2']),
$raw['prime2'],
strlen($raw['coefficient']),
$raw['coefficient']
);
if (empty($password) && !is_string($password)) {
$source.= pack('Na*', strlen($private), $private);
$hashkey = 'putty-private-key-file-mac-key';
} else {
$private.= Random::string(16 - (strlen($private) & 15));
$source.= pack('Na*', strlen($private), $private);
$crypto = new AES();
$crypto->setKey(static::generateSymmetricKey($password, 32));
$crypto->setIV(str_repeat("\0", $crypto->getBlockLength() >> 3));
$crypto->disablePadding();
$private = $crypto->encrypt($private);
$hashkey = 'putty-private-key-file-mac-key' . $password;
}
$private = Base64::encode($private);
$key.= 'Private-Lines: ' . ((strlen($private) + 63) >> 6) . "\r\n";
$key.= chunk_split($private, 64);
$hash = new Hash('sha1');
$hash->setKey(sha1($hashkey, true));
$key.= 'Private-MAC: ' . Hex::encode($hash->hash($source)) . "\r\n";
return $key;
}
/**
* Convert a public key to the appropriate format
*
* @access public
* @param \phpseclib\Math\BigInteger $n
* @param \phpseclib\Math\BigInteger $e
* @return string
*/
public static function savePublicKey(BigInteger $n, BigInteger $e)
{
$n = $n->toBytes(true);
$e = $e->toBytes(true);
$key = pack(
'Na*Na*Na*',
strlen('ssh-rsa'),
'ssh-rsa',
strlen($e),
$e,
strlen($n),
$n
);
$key = "---- BEGIN SSH2 PUBLIC KEY ----\r\n" .
'Comment: "' . str_replace(['\\', '"'], ['\\\\', '\"'], self::$comment) . "\"\r\n" .
chunk_split(Base64::encode($key), 64) .
'---- END SSH2 PUBLIC KEY ----';
return $key;
}
}

View File

@ -0,0 +1,37 @@
<?php
/**
* DSAParams
*
* PHP version 5
*
* @category File
* @package ASN1
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2016 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\File\ASN1\Maps;
use phpseclib\File\ASN1;
/**
* DSAParams
*
* @package ASN1
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class DSAParams
{
const MAP = [
'type' => ASN1::TYPE_SEQUENCE,
'children' => [
'p' => ['type' => ASN1::TYPE_INTEGER],
'q' => ['type' => ASN1::TYPE_INTEGER],
'g' => ['type' => ASN1::TYPE_INTEGER]
]
];
}

View File

@ -0,0 +1,40 @@
<?php
/**
* DSAPrivateKey
*
* PHP version 5
*
* @category File
* @package ASN1
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2016 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\File\ASN1\Maps;
use phpseclib\File\ASN1;
/**
* DSAPrivateKey
*
* @package ASN1
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class DSAPrivateKey
{
const MAP = [
'type' => ASN1::TYPE_SEQUENCE,
'children' => [
'version' => ['type' => ASN1::TYPE_INTEGER],
'p' => ['type' => ASN1::TYPE_INTEGER],
'q' => ['type' => ASN1::TYPE_INTEGER],
'g' => ['type' => ASN1::TYPE_INTEGER],
'y' => ['type' => ASN1::TYPE_INTEGER],
'x' => ['type' => ASN1::TYPE_INTEGER]
]
];
}

View File

@ -0,0 +1,30 @@
<?php
/**
* DSAPublicKey
*
* PHP version 5
*
* @category File
* @package ASN1
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2016 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\File\ASN1\Maps;
use phpseclib\File\ASN1;
/**
* DSAPublicKey
*
* @package ASN1
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class DSAPublicKey
{
const MAP = ['type' => ASN1::TYPE_INTEGER];
}

View File

@ -0,0 +1,36 @@
<?php
/**
* DssSigValue
*
* PHP version 5
*
* @category File
* @package ASN1
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2016 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\File\ASN1\Maps;
use phpseclib\File\ASN1;
/**
* DssSigValue
*
* @package ASN1
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
abstract class DssSigValue
{
const MAP = [
'type' => ASN1::TYPE_SEQUENCE,
'children' => [
'r' => ['type' => ASN1::TYPE_INTEGER],
's' => ['type' => ASN1::TYPE_INTEGER]
]
];
}

View File

@ -26,7 +26,6 @@ use phpseclib\File\ASN1;
*/ */
abstract class RSAPublicKey abstract class RSAPublicKey
{ {
// version must be multi if otherPrimeInfos present
const MAP = [ const MAP = [
'type' => ASN1::TYPE_SEQUENCE, 'type' => ASN1::TYPE_SEQUENCE,
'children' => [ 'children' => [

View File

@ -3867,4 +3867,17 @@ class BigInteger
{ {
return strlen($this->toBytes()); return strlen($this->toBytes());
} }
/**
* Tests BigInteger to see if it is between two integers, inclusive
*
* @param \phpseclib\Math\BigInteger $min
* @param \phpseclib\Math\BigInteger $max
* @access public
* @return boolean
*/
function between(BigInteger $min, BigInteger $max)
{
return $this->compare($min) >= 0 && $this->compare($max) <= 0;
}
} }

View File

@ -0,0 +1,50 @@
<?php
/**
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2015 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
*/
use phpseclib\Crypt\DSA;
/**
* @requires PHP 7.0
*/
class Unit_Crypt_DSA_CreateKeyTest extends PhpseclibTestCase
{
public function testCreateParameters()
{
$dsa = DSA::createParameters();
$this->assertInstanceOf('\phpseclib\Crypt\DSA', $dsa);
$this->assertRegexp('#BEGIN DSA PARAMETERS#', "$dsa");
$dsa = DSA::createParameters(100, 100);
$this->assertFalse($dsa);
$dsa = DSA::createParameters(512, 160);
$this->assertInstanceOf('\phpseclib\Crypt\DSA', $dsa);
$this->assertRegexp('#BEGIN DSA PARAMETERS#', "$dsa");
return $dsa;
}
/**
* @depends testCreateParameters
*/
public function testCreateKey($params)
{
extract(DSA::createKey());
$this->assertInstanceOf('\phpseclib\Crypt\DSA', $privatekey);
$this->assertInstanceOf('\phpseclib\Crypt\DSA', $publickey);
extract(DSA::createKey($params));
$this->assertInstanceOf('\phpseclib\Crypt\DSA', $privatekey);
$this->assertInstanceOf('\phpseclib\Crypt\DSA', $publickey);
extract(DSA::createKey(512, 160));
$this->assertInstanceOf('\phpseclib\Crypt\DSA', $privatekey);
$this->assertInstanceOf('\phpseclib\Crypt\DSA', $publickey);
}
}

View File

@ -0,0 +1,233 @@
<?php
/**
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2013 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
*/
use phpseclib\Crypt\DSA;
use phpseclib\Crypt\DSA\Keys\PKCS1;
use phpseclib\Crypt\DSA\Keys\PKCS8;
use phpseclib\Crypt\DSA\Keys\PuTTY;
use phpseclib\Math\BigInteger;
class Unit_Crypt_DSA_LoadKeyTest extends PhpseclibTestCase
{
public function testBadKey()
{
$dsa = new DSA();
$key = 'zzzzzzzzzzzzzz';
$this->assertFalse($dsa->load($key));
}
public function testPuTTYKey()
{
$dsa = new DSA();
$key = 'PuTTY-User-Key-File-2: ssh-dss
Encryption: none
Comment: dsa-key-20161223
Public-Lines: 18
AAAAB3NzaC1kc3MAAAEBAIsH1A8S7goEEneW6D/zJXh1zypZRlKlw7vNaJ7yXi9v
qUkKnTSXK9lR4/nYy4SVTcVApY0sEU2RSDridLTy40ZeMPArH+sxR7lCSZ2AuNq9
sQxu6VtYg1LKGekKYWC+r4TrZoTz2PUyrUd6sYBsYIX4ozbH2ITgYmYL9ONCrLbt
4KsKO2EUE3xN3RHv8CkAp5BraCMw5z4vC43t0bcW63RN2mEvqWOqBFx5qe7uck4j
pH7AvLyvwEye7t5KwJ8P1SMN72u4AWqyXqzLK3Ye0B7hQSFnbz0od4ps3EN+Irsu
Kf20nkGgHKYJwenpIQwHz3xhBhtgiYCdQXb3ril1kd8AAAAVAJmhajsmmqwQqNkd
k4JSJ/Y1SE11AAABADYHKKmAZ0OvCZ58m5CGPfuoX4h4nc5L0p3e0Sozcc9cJ5h3
PvD18ggAf4cLoTpxETnXTFg+30shpKbr2WsE0Jrswe6V2bMaP7Hil6q3WWahLZx6
9bEClnYCTlJkungzFjJmW+M7yd8xBHCBM6r83FKlLJjolJhHDL5DqX/uHP/9H0sl
wncwALro1jTo3JU5oRdzMuLWf9P2MB7sEsoeWk2BOiil1BtKnItuObJgXUCCuaWB
dPJyk4ZVMZZqr+vCnjocRrlQUwlMUG73Ze6KJKM1OgOKMt4PwaqD9oUaKq/gc+Eb
UtCwVR6TEeIEkmazguvbAb6dSJ18TMZ07H6DJngAAAEAYE/7gKVb8P23zYzcfYOv
3zG713/i/LAJ+dW3lQupyWkUnE8wDIht7DwKgcA/Vs73jG7SlqPjcMrNzBHjQE+y
FVCP4xO+wDsh2wZ+KVppVkMljfGpp/0mQ0mQbrmTkaCNZc0ogXwtaI4r7Su2cCq0
HMwrFJFFXXLaTZY49+lkrtP6q8WFOYJGK3WnrWvXyOe9Xnh2o8E1dQJ0RnshdOft
j1KZ4JhOHnGKoz8+sKuchGVhs5VaMbJUur3cC8INaeKvtrEpwW/Ety5iy1iPyps9
S9PlwN0KyVFGWdP2B4Gyj85IXCm3r+JNVoV5tVX9IUBTXnUor7YfWNncwWn56Lc+
RQ==
Private-Lines: 1
AAAAFFMy7BG9rPXwzqZzIY/lqsHEILNf
Private-MAC: 62b92ddd8b341b9414d640c24ba6ae929a78e039
';
$dsa->setPrivateKeyFormat('PuTTY');
$dsa->setPublicKeyFormat('PuTTY');
$this->assertTrue($dsa->load($key));
$this->assertInternalType('string', "$dsa");
$this->assertSame("$dsa", $dsa->getPrivateKey('PuTTY'));
$this->assertInternalType('string', $dsa->getPublicKey('PuTTY'));
$this->assertInternalType('string', $dsa->getParameters());
$dsa->setPassword('password');
$this->assertGreaterThan(0, strlen("$dsa"));
}
public function testPKCS1Key()
{
$dsa = new DSA();
$key = '-----BEGIN DSA PRIVATE KEY-----
MIIDPQIBAAKCAQEAiwfUDxLuCgQSd5boP/MleHXPKllGUqXDu81onvJeL2+pSQqd
NJcr2VHj+djLhJVNxUCljSwRTZFIOuJ0tPLjRl4w8Csf6zFHuUJJnYC42r2xDG7p
W1iDUsoZ6QphYL6vhOtmhPPY9TKtR3qxgGxghfijNsfYhOBiZgv040Kstu3gqwo7
YRQTfE3dEe/wKQCnkGtoIzDnPi8Lje3RtxbrdE3aYS+pY6oEXHmp7u5yTiOkfsC8
vK/ATJ7u3krAnw/VIw3va7gBarJerMsrdh7QHuFBIWdvPSh3imzcQ34iuy4p/bSe
QaAcpgnB6ekhDAfPfGEGG2CJgJ1BdveuKXWR3wIVAJmhajsmmqwQqNkdk4JSJ/Y1
SE11AoIBADYHKKmAZ0OvCZ58m5CGPfuoX4h4nc5L0p3e0Sozcc9cJ5h3PvD18ggA
f4cLoTpxETnXTFg+30shpKbr2WsE0Jrswe6V2bMaP7Hil6q3WWahLZx69bEClnYC
TlJkungzFjJmW+M7yd8xBHCBM6r83FKlLJjolJhHDL5DqX/uHP/9H0slwncwALro
1jTo3JU5oRdzMuLWf9P2MB7sEsoeWk2BOiil1BtKnItuObJgXUCCuaWBdPJyk4ZV
MZZqr+vCnjocRrlQUwlMUG73Ze6KJKM1OgOKMt4PwaqD9oUaKq/gc+EbUtCwVR6T
EeIEkmazguvbAb6dSJ18TMZ07H6DJngCggEAYE/7gKVb8P23zYzcfYOv3zG713/i
/LAJ+dW3lQupyWkUnE8wDIht7DwKgcA/Vs73jG7SlqPjcMrNzBHjQE+yFVCP4xO+
wDsh2wZ+KVppVkMljfGpp/0mQ0mQbrmTkaCNZc0ogXwtaI4r7Su2cCq0HMwrFJFF
XXLaTZY49+lkrtP6q8WFOYJGK3WnrWvXyOe9Xnh2o8E1dQJ0RnshdOftj1KZ4JhO
HnGKoz8+sKuchGVhs5VaMbJUur3cC8INaeKvtrEpwW/Ety5iy1iPyps9S9PlwN0K
yVFGWdP2B4Gyj85IXCm3r+JNVoV5tVX9IUBTXnUor7YfWNncwWn56Lc+RQIUUzLs
Eb2s9fDOpnMhj+WqwcQgs18=
-----END DSA PRIVATE KEY-----';
$dsa->setPrivateKeyFormat('PKCS1');
$dsa->setPublicKeyFormat('PKCS1');
$this->assertTrue($dsa->load($key));
$this->assertInternalType('string', "$dsa");
$this->assertSame("$dsa", $dsa->getPrivateKey('PKCS1'));
$this->assertInternalType('string', $dsa->getPublicKey('PKCS1'));
$this->assertInternalType('string', $dsa->getParameters());
}
public function testParameters()
{
$dsa = new DSA();
$key = '-----BEGIN DSA PARAMETERS-----
MIIBHgKBgQDandMycPZNOEwDXpIDSdFODWOQVO5tlnt38wK0X33TJh4wQdqOSiVF
I+g+X8reP43ag3TEHu5bstrk6Znm7y1htTTvXQVTEwp6X3YHXbJG4Faul3g08Vud
3gzV841wToVCMUinl0EOxMYP/CO9/Kvf66KACtqWITzJYBpwAeUKfwIVAM8e3xO8
aityXVRiQRWeZtOI1yq9AoGAbmA+RzIZrtPx1mC5KzrpwgwgNHbbQBT83qeNKjEh
N+S6A47iI5OVvpxd/ZwjdXoYo7D6RxR+3LNcT64DyYrBEZuzQzHeifaO6lBvDSNf
L1cwyXx0KMaaampd34MzOIHbC44SHY+cE3aVVUsnmt6Ur1nQaVYVszl+AO6m8bPm
4Vg=
-----END DSA PARAMETERS-----';
$key = str_replace(["\n", "\r"], '', $key);
$this->assertTrue($dsa->load($key));
$this->assertSame($key, str_replace(["\n", "\r"], '', "$dsa"));
$this->assertSame($key, str_replace(["\n", "\r"], '', $dsa->getParameters()));
}
public function testPKCS8Public()
{
$dsa = new DSA();
$key = '-----BEGIN PUBLIC KEY-----
MIIBtjCCASsGByqGSM44BAEwggEeAoGBANqd0zJw9k04TANekgNJ0U4NY5BU7m2W
e3fzArRffdMmHjBB2o5KJUUj6D5fyt4/jdqDdMQe7luy2uTpmebvLWG1NO9dBVMT
CnpfdgddskbgVq6XeDTxW53eDNXzjXBOhUIxSKeXQQ7Exg/8I738q9/rooAK2pYh
PMlgGnAB5Qp/AhUAzx7fE7xqK3JdVGJBFZ5m04jXKr0CgYBuYD5HMhmu0/HWYLkr
OunCDCA0dttAFPzep40qMSE35LoDjuIjk5W+nF39nCN1ehijsPpHFH7cs1xPrgPJ
isERm7NDMd6J9o7qUG8NI18vVzDJfHQoxppqal3fgzM4gdsLjhIdj5wTdpVVSyea
3pSvWdBpVhWzOX4A7qbxs+bhWAOBhAACgYBTpSKcKoVKw+hglVClqvqQdNKGC4a+
XC4lOh2221ZrTgy/sN92vT7cdBn4ydHoth6/bD236L/FYfiX4S4mOczPhrv/l/2u
ZpmyOpXM/0opRMIRdmqVW4ardBFNokmlqngwcbaptfRnk9W2cQtx0lmKy6X/vnis
3AElwP86TYgBhw==
-----END PUBLIC KEY-----';
$this->assertTrue($dsa->load($key));
$this->assertInternalType('string', "$dsa");
}
public function testPKCS8Private()
{
$dsa = new DSA();
$key = '-----BEGIN PRIVATE KEY-----
MIIBSgIBADCCASsGByqGSM44BAEwggEeAoGBANqd0zJw9k04TANekgNJ0U4NY5BU
7m2We3fzArRffdMmHjBB2o5KJUUj6D5fyt4/jdqDdMQe7luy2uTpmebvLWG1NO9d
BVMTCnpfdgddskbgVq6XeDTxW53eDNXzjXBOhUIxSKeXQQ7Exg/8I738q9/rooAK
2pYhPMlgGnAB5Qp/AhUAzx7fE7xqK3JdVGJBFZ5m04jXKr0CgYBuYD5HMhmu0/HW
YLkrOunCDCA0dttAFPzep40qMSE35LoDjuIjk5W+nF39nCN1ehijsPpHFH7cs1xP
rgPJisERm7NDMd6J9o7qUG8NI18vVzDJfHQoxppqal3fgzM4gdsLjhIdj5wTdpVV
Syea3pSvWdBpVhWzOX4A7qbxs+bhWAQWAhQiF7sFfCtZ7oOgCb2aJ9ySC9sTug==
-----END PRIVATE KEY-----';
$this->assertTrue($dsa->load($key));
$this->assertInternalType('string', "$dsa");
$this->assertSame("$dsa", $dsa->getPrivateKey());
$this->assertInternalType('string', $dsa->getPublicKey());
$this->assertInternalType('string', $dsa->getParameters());
}
/**
* @expectedException \UnexpectedValueException
*/
public function testPuTTYBadMAC()
{
$dsa = new DSA();
$key = 'PuTTY-User-Key-File-2: ssh-dss
Encryption: none
Comment: dsa-key-20161223
Public-Lines: 18
AAAAB3NzaC1kc3MAAAEBAIsH1A8S7goEEneW6D/zJXh1zypZRlKlw7vNaJ7yXi9v
qUkKnTSXK9lR4/nYy4SVTcVApY0sEU2RSDridLTy40ZeMPArH+sxR7lCSZ2AuNq9
sQxu6VtYg1LKGekKYWC+r4TrZoTz2PUyrUd6sYBsYIX4ozbH2ITgYmYL9ONCrLbt
4KsKO2EUE3xN3RHv8CkAp5BraCMw5z4vC43t0bcW63RN2mEvqWOqBFx5qe7uck4j
pH7AvLyvwEye7t5KwJ8P1SMN72u4AWqyXqzLK3Ye0B7hQSFnbz0od4ps3EN+Irsu
Kf20nkGgHKYJwenpIQwHz3xhBhtgiYCdQXb3ril1kd8AAAAVAJmhajsmmqwQqNkd
k4JSJ/Y1SE11AAABADYHKKmAZ0OvCZ58m5CGPfuoX4h4nc5L0p3e0Sozcc9cJ5h3
PvD18ggAf4cLoTpxETnXTFg+30shpKbr2WsE0Jrswe6V2bMaP7Hil6q3WWahLZx6
9bEClnYCTlJkungzFjJmW+M7yd8xBHCBM6r83FKlLJjolJhHDL5DqX/uHP/9H0sl
wncwALro1jTo3JU5oRdzMuLWf9P2MB7sEsoeWk2BOiil1BtKnItuObJgXUCCuaWB
dPJyk4ZVMZZqr+vCnjocRrlQUwlMUG73Ze6KJKM1OgOKMt4PwaqD9oUaKq/gc+Eb
UtCwVR6TEeIEkmazguvbAb6dSJ18TMZ07H6DJngAAAEAYE/7gKVb8P23zYzcfYOv
3zG713/i/LAJ+dW3lQupyWkUnE8wDIht7DwKgcA/Vs73jG7SlqPjcMrNzBHjQE+y
FVCP4xO+wDsh2wZ+KVppVkMljfGpp/0mQ0mQbrmTkaCNZc0ogXwtaI4r7Su2cCq0
HMwrFJFFXXLaTZY49+lkrtP6q8WFOYJGK3WnrWvXyOe9Xnh2o8E1dQJ0RnshdOft
j1KZ4JhOHnGKoz8+sKuchGVhs5VaMbJUur3cC8INaeKvtrEpwW/Ety5iy1iPyps9
S9PlwN0KyVFGWdP2B4Gyj85IXCm3r+JNVoV5tVX9IUBTXnUor7YfWNncwWn56Lc+
RQ==
Private-Lines: 1
AAAAFFMy7BG9rPXwzqZzIY/lqsHEILNf
Private-MAC: aaaaaadd8b341b9414d640c24ba6ae929a78e039
';
$this->assertFalse($dsa->load($key));
$dsa->load($key, 'PuTTY');
}
public function testXML()
{
$dsa = new DSA();
$key = '-----BEGIN PUBLIC KEY-----
MIIBtjCCASsGByqGSM44BAEwggEeAoGBANqd0zJw9k04TANekgNJ0U4NY5BU7m2W
e3fzArRffdMmHjBB2o5KJUUj6D5fyt4/jdqDdMQe7luy2uTpmebvLWG1NO9dBVMT
CnpfdgddskbgVq6XeDTxW53eDNXzjXBOhUIxSKeXQQ7Exg/8I738q9/rooAK2pYh
PMlgGnAB5Qp/AhUAzx7fE7xqK3JdVGJBFZ5m04jXKr0CgYBuYD5HMhmu0/HWYLkr
OunCDCA0dttAFPzep40qMSE35LoDjuIjk5W+nF39nCN1ehijsPpHFH7cs1xPrgPJ
isERm7NDMd6J9o7qUG8NI18vVzDJfHQoxppqal3fgzM4gdsLjhIdj5wTdpVVSyea
3pSvWdBpVhWzOX4A7qbxs+bhWAOBhAACgYBTpSKcKoVKw+hglVClqvqQdNKGC4a+
XC4lOh2221ZrTgy/sN92vT7cdBn4ydHoth6/bD236L/FYfiX4S4mOczPhrv/l/2u
ZpmyOpXM/0opRMIRdmqVW4ardBFNokmlqngwcbaptfRnk9W2cQtx0lmKy6X/vnis
3AElwP86TYgBhw==
-----END PUBLIC KEY-----';
$dsa->load($key);
$xml = $dsa->getPublicKey('XML');
$this->assertContains('DSAKeyValue', $xml);
$dsa = new DSA();
$dsa->load($xml);
$pkcs8 = $dsa->getPublicKey('PKCS8');
$this->assertSame(
strtolower(preg_replace('#\s#', '', $pkcs8)),
strtolower(preg_replace('#\s#', '', $key))
);
}
}

View File

@ -0,0 +1,115 @@
<?php
/**
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2015 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
*/
use phpseclib\Crypt\DSA;
class Unit_Crypt_DSA_SignatureTest extends PhpseclibTestCase
{
public function testPKCSSignature()
{
$message = 'hello, world!';
$dsa = new DSA();
$dsa->load('-----BEGIN DSA PRIVATE KEY-----
MIIBvAIBAAKBgQDsGAHAM16bsPlwl7jaec4QMynYa0YLiLiOZC4mvH4UW/tRJxTz
aV7eH1EtnP9D9J78x/07wKYs8zJEWCXmuq0UluQfjA47+pb68b/ucQTNeZHboNN9
5oEi+8BCSK0y8G3uf3Y89qHvqa9Si6rP374MinEMrbVFm+UpsGflFcd83wIVALtJ
ANi+lYG7xMKQ/bE4+bS8gemNAoGBAORowvirD7AB9x2SpdiME41+O4jVR8rs6+GX
Ml3Hif6Yt1kem0CeraX9SNoyBNAzjD5TVMGIdGlgRr6GNreHeXMGWlvdDkvCACER
ZEEtMsKZicm+yl6kR8AGHTCA/PBltHfyrFQd4n9I//UDqI4RjqzvpCXGQcVEsSDY
CCBGBQJRAoGBALnHTAZlpoLJZuSBVtnMuRM3cSX43IkE9w9FveDV1jX5mmfK7yBV
pQFV8eVJfk91ERQ4Dn6ePLUv2dRIt4a0S0qHqadgzyoFyqkmmUi1kNLyixtRqh+m
2gXx0t63HEpZDbEPppdpnlppZquVQh7TyrKSXW9MTzUkQjFI9UY7kZeKAhQXiJgI
kBniZHdFBAZBTE14YJUBkw==
-----END DSA PRIVATE KEY-----');
$signature = $dsa->sign($message, 'PKCS');
$dsa->load('-----BEGIN PUBLIC KEY-----
MIIBuDCCASwGByqGSM44BAEwggEfAoGBAOwYAcAzXpuw+XCXuNp5zhAzKdhrRguI
uI5kLia8fhRb+1EnFPNpXt4fUS2c/0P0nvzH/TvApizzMkRYJea6rRSW5B+MDjv6
lvrxv+5xBM15kdug033mgSL7wEJIrTLwbe5/djz2oe+pr1KLqs/fvgyKcQyttUWb
5SmwZ+UVx3zfAhUAu0kA2L6VgbvEwpD9sTj5tLyB6Y0CgYEA5GjC+KsPsAH3HZKl
2IwTjX47iNVHyuzr4ZcyXceJ/pi3WR6bQJ6tpf1I2jIE0DOMPlNUwYh0aWBGvoY2
t4d5cwZaW90OS8IAIRFkQS0ywpmJyb7KXqRHwAYdMID88GW0d/KsVB3if0j/9QOo
jhGOrO+kJcZBxUSxINgIIEYFAlEDgYUAAoGBALnHTAZlpoLJZuSBVtnMuRM3cSX4
3IkE9w9FveDV1jX5mmfK7yBVpQFV8eVJfk91ERQ4Dn6ePLUv2dRIt4a0S0qHqadg
zyoFyqkmmUi1kNLyixtRqh+m2gXx0t63HEpZDbEPppdpnlppZquVQh7TyrKSXW9M
TzUkQjFI9UY7kZeK
-----END PUBLIC KEY-----');
$this->assertTrue($dsa->verify($message, $signature, 'PKCS'));
$this->assertFalse($dsa->verify('foozbar', $signature, 'PKCS'));
// openssl dgst -dss1 -sign dsa_priv.pem foo.txt > sigfile.bin
$signature = '302c021456d7e7da10d1538a6cd45dcb2b0ce15c28bac03402147e973a4de1e92e8a87ed5218c797952a3f854df5';
$signature = pack('H*', $signature);
$dsa->setHash('sha1');
$this->assertTrue($dsa->verify("foobar\n", $signature, 'PKCS'));
$this->assertFalse($dsa->verify('foozbar', $signature, 'PKCS'));
// openssl dgst -sha256 -sign dsa_priv.pem foo.txt > sigfile.bin
$signature = '302e021500b131ec2682c4c0be13e6558ba3d64929ebc0ac420215009946300a03561cef50c0a51d0cd0a2c835e798fc';
$signature = pack('H*', $signature);
$dsa->setHash('sha256');
$this->assertTrue($dsa->verify('abcdefghijklmnopqrstuvwxyz', $signature, 'PKCS'));
$this->assertFalse($dsa->verify('zzzz', $signature, 'PKCS'));
}
public function testRandomSignature()
{
$message = 'hello, world!';
$dsa = new DSA();
$dsa->load('-----BEGIN DSA PRIVATE KEY-----
MIIBvAIBAAKBgQDsGAHAM16bsPlwl7jaec4QMynYa0YLiLiOZC4mvH4UW/tRJxTz
aV7eH1EtnP9D9J78x/07wKYs8zJEWCXmuq0UluQfjA47+pb68b/ucQTNeZHboNN9
5oEi+8BCSK0y8G3uf3Y89qHvqa9Si6rP374MinEMrbVFm+UpsGflFcd83wIVALtJ
ANi+lYG7xMKQ/bE4+bS8gemNAoGBAORowvirD7AB9x2SpdiME41+O4jVR8rs6+GX
Ml3Hif6Yt1kem0CeraX9SNoyBNAzjD5TVMGIdGlgRr6GNreHeXMGWlvdDkvCACER
ZEEtMsKZicm+yl6kR8AGHTCA/PBltHfyrFQd4n9I//UDqI4RjqzvpCXGQcVEsSDY
CCBGBQJRAoGBALnHTAZlpoLJZuSBVtnMuRM3cSX43IkE9w9FveDV1jX5mmfK7yBV
pQFV8eVJfk91ERQ4Dn6ePLUv2dRIt4a0S0qHqadgzyoFyqkmmUi1kNLyixtRqh+m
2gXx0t63HEpZDbEPppdpnlppZquVQh7TyrKSXW9MTzUkQjFI9UY7kZeKAhQXiJgI
kBniZHdFBAZBTE14YJUBkw==
-----END DSA PRIVATE KEY-----');
$signature1 = $dsa->sign($message, 'PKCS');
$signature2 = $dsa->sign($message, 'PKCS');
// phpseclib's DSA implementation uses a CSPRNG to generate the k parameter.
// used correctly this should result in different signatures every time.
// RFC6979 describes a deterministic DSA scheme wherein two signatures for the same
// plaintext would yield the same value so if that were to be switched to then this
// unit test would need to be updated
$this->assertNotEquals($signature1, $signature2);
$this->assertTrue($dsa->verify($message, $signature1, 'PKCS'));
$this->assertTrue($dsa->verify($message, $signature2, 'PKCS'));
}
public function testSSHSignature()
{
$dsa = new DSA();
$dsa->setHash('sha1');
$dsa->load('AAAAB3NzaC1kc3MAAACBAPyzZzm4oqmY12lxmHwNcfYDNyXr38M1lU6xy9I792U1YSKgX27nUW9eXdJ8Mrn63Le5rrBRfg2Niycx' .
'JF2IwDpwCi7YpIv79uwT3RtA0chQDS4vx8qi8BWBzy7PZC9hmqY62+mgfj8ooga1sr+JpMh+8r4j3KjPM+wE37khkgkvAAAAFQDn' .
'19pBng6TajI/vdg7GPnxsitCqQAAAIEA6Pl1Z/TVdkc+HpfkAvcg2Q+yNtnVq7+26RCbRDO3b9Ocr+tZA9u23qnO3KDYeygzaLnI' .
'gpErp61Bj70iIUldhXy2LFGZFEC9XiKmt/tQxSDKiBbj3bS3wKfHrAlElgjhqxiRh+GixgSsmCj96eJFXcsxPjQU81HR+WJ0ALV1' .
'UnMAAACABRdNuqqe1Y68es8TIflV71P0J7Ci2BbbqAXRwYYKc9/7DrygwaN2UIbMXyOLuojeZgQPPoM9nkzd6QZo8M9apawVKKwD' .
'GAUj2of+F9WVRxhE0ohTQBzD/3HqT80pQsX+rYcxuSx1cCtdMp4oLrrfKO2J4EiWUkaoSB7SdCaj+vU=');
$message = pack('H*', '8bfc69a222c12ddf6bc6bf33c9cadc106af04feb');
$signature = pack('H*', '000000077373682d64737300000028a7a2e55dc43e5e6145aa94daa0552ea479d1139d6d6ba50650b489e24e976593e73f76557813d6bc');
$this->assertTrue($dsa->verify($message, $signature, 'SSH2'));
}
}

View File

@ -7,7 +7,7 @@
*/ */
use phpseclib\Crypt\RSA; use phpseclib\Crypt\RSA;
use phpseclib\Crypt\RSA\PKCS1; use phpseclib\Crypt\RSA\Keys\PKCS1;
class Unit_Crypt_RSA_CreateKeyTest extends PhpseclibTestCase class Unit_Crypt_RSA_CreateKeyTest extends PhpseclibTestCase
{ {

View File

@ -6,9 +6,9 @@
*/ */
use phpseclib\Crypt\RSA; use phpseclib\Crypt\RSA;
use phpseclib\Crypt\RSA\PKCS1; use phpseclib\Crypt\RSA\Keys\PKCS1;
use phpseclib\Crypt\RSA\PKCS8; use phpseclib\Crypt\RSA\Keys\PKCS8;
use phpseclib\Crypt\RSA\PuTTY; use phpseclib\Crypt\RSA\Keys\PuTTY;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
class Unit_Crypt_RSA_LoadKeyTest extends PhpseclibTestCase class Unit_Crypt_RSA_LoadKeyTest extends PhpseclibTestCase