aboutsummaryrefslogtreecommitdiffstats
path: root/include/crypto.php
diff options
context:
space:
mode:
Diffstat (limited to 'include/crypto.php')
-rw-r--r--include/crypto.php159
1 files changed, 114 insertions, 45 deletions
diff --git a/include/crypto.php b/include/crypto.php
index e2132337f..40e68a4e7 100644
--- a/include/crypto.php
+++ b/include/crypto.php
@@ -1,7 +1,7 @@
<?php /** @file */
-use phpseclib\Crypt\RSA;
-use phpseclib\Math\BigInteger;
+require_once('library/ASNValue.class.php');
+require_once('library/asn1.php');
function rsa_sign($data,$key,$alg = 'sha256') {
if(! $key)
@@ -163,7 +163,7 @@ function other_encapsulate($data,$pubkey,$alg) {
}
$result['alg'] = $alg;
- $result['key'] = base64url_encode($k,true);
+ $result['key'] = base64url_encode($k,true);
openssl_public_encrypt($iv,$i,$pubkey,$padding);
$result['iv'] = base64url_encode($i,true);
return $result;
@@ -192,7 +192,6 @@ function crypto_methods() {
function signing_methods() {
-
$r = [ 'sha256' ];
call_hooks('signing_methods',$r);
return $r;
@@ -215,7 +214,7 @@ function aes_encapsulate($data,$pubkey) {
logger('aes_encapsulate: RSA failed. ' . print_r($x[0],true));
}
$result['alg'] = 'aes256cbc';
- $result['key'] = base64url_encode($k,true);
+ $result['key'] = base64url_encode($k,true);
openssl_public_encrypt($iv,$i,$pubkey);
$result['iv'] = base64url_encode($i,true);
return $result;
@@ -226,9 +225,9 @@ function crypto_unencapsulate($data,$prvkey) {
return;
$alg = ((is_array($data) && (array_key_exists('encrypted',$data) || array_key_exists('iv',$data))) ? $data['alg'] : '');
- if(! $alg) {
+ if(! $alg) {
return $data;
- }
+ }
if($alg === 'aes256cbc') {
return aes_unencapsulate($data,$prvkey);
@@ -308,69 +307,139 @@ function new_keypair($bits) {
}
-/**
- * @param string $m modulo
- * @param string $e exponent
- * @return string
- */
-function metopem($m, $e) {
+function DerToPem($Der, $Private=false)
+{
+ //Encode:
+ $Der = base64_encode($Der);
+ //Split lines:
+ $lines = str_split($Der, 65);
+ $body = implode("\n", $lines);
+ //Get title:
+ $title = $Private? 'RSA PRIVATE KEY' : 'PUBLIC KEY';
+ //Add wrapping:
+ $result = "-----BEGIN {$title}-----\n";
+ $result .= $body . "\n";
+ $result .= "-----END {$title}-----\n";
+
+ return $result;
+}
+
+function DerToRsa($Der)
+{
+ //Encode:
+ $Der = base64_encode($Der);
+ //Split lines:
+ $lines = str_split($Der, 64);
+ $body = implode("\n", $lines);
+ //Get title:
+ $title = 'RSA PUBLIC KEY';
+ //Add wrapping:
+ $result = "-----BEGIN {$title}-----\n";
+ $result .= $body . "\n";
+ $result .= "-----END {$title}-----\n";
+
+ return $result;
+}
- $rsa = new RSA();
- $rsa->loadKey([
- 'e' => new BigInteger($e, 256),
- 'n' => new BigInteger($m, 256)
- ]);
- return $rsa->getPublicKey();
+function pkcs8_encode($Modulus,$PublicExponent) {
+ //Encode key sequence
+ $modulus = new ASNValue(ASNValue::TAG_INTEGER);
+ $modulus->SetIntBuffer($Modulus);
+ $publicExponent = new ASNValue(ASNValue::TAG_INTEGER);
+ $publicExponent->SetIntBuffer($PublicExponent);
+ $keySequenceItems = array($modulus, $publicExponent);
+ $keySequence = new ASNValue(ASNValue::TAG_SEQUENCE);
+ $keySequence->SetSequence($keySequenceItems);
+ //Encode bit string
+ $bitStringValue = $keySequence->Encode();
+ $bitStringValue = chr(0x00) . $bitStringValue; //Add unused bits byte
+ $bitString = new ASNValue(ASNValue::TAG_BITSTRING);
+ $bitString->Value = $bitStringValue;
+ //Encode body
+ $bodyValue = "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00" . $bitString->Encode();
+ $body = new ASNValue(ASNValue::TAG_SEQUENCE);
+ $body->Value = $bodyValue;
+ //Get DER encoded public key:
+ $PublicDER = $body->Encode();
+ return $PublicDER;
}
-/**
- * @param string key
- * @return string
- */
-function rsatopem($key) {
- $rsa = new RSA();
- $rsa->setPublicKey($key);
+function pkcs1_encode($Modulus,$PublicExponent) {
+ //Encode key sequence
+ $modulus = new ASNValue(ASNValue::TAG_INTEGER);
+ $modulus->SetIntBuffer($Modulus);
+ $publicExponent = new ASNValue(ASNValue::TAG_INTEGER);
+ $publicExponent->SetIntBuffer($PublicExponent);
+ $keySequenceItems = array($modulus, $publicExponent);
+ $keySequence = new ASNValue(ASNValue::TAG_SEQUENCE);
+ $keySequence->SetSequence($keySequenceItems);
+ //Encode bit string
+ $bitStringValue = $keySequence->Encode();
+ return $bitStringValue;
+}
- return $rsa->getPublicKey(RSA::PUBLIC_FORMAT_PKCS8);
+// http://stackoverflow.com/questions/27568570/how-to-convert-raw-modulus-exponent-to-rsa-public-key-pem-format
+function metopem($m,$e) {
+ $der = pkcs8_encode($m,$e);
+ $key = DerToPem($der,false);
+ return $key;
}
-/**
- * @param string key
- * @return string
- */
-function pemtorsa($key) {
- $rsa = new RSA();
- $rsa->setPublicKey($key);
+function pubrsatome($key,&$m,&$e) {
+ require_once('library/asn1.php');
- return $rsa->getPublicKey(RSA::PUBLIC_FORMAT_PKCS1);
+ $lines = explode("\n",$key);
+ unset($lines[0]);
+ unset($lines[count($lines)]);
+ $x = base64_decode(implode('',$lines));
+ $r = ASN_BASE::parseASNString($x);
+
+ $m = base64url_decode($r[0]->asnData[0]->asnData);
+ $e = base64url_decode($r[0]->asnData[1]->asnData);
+}
+
+
+function rsatopem($key) {
+ pubrsatome($key,$m,$e);
+ return(metopem($m,$e));
+}
+
+function pemtorsa($key) {
+ pemtome($key,$m,$e);
+ return(metorsa($m,$e));
}
-/**
- * @param string $key key
- * @param string $m reference modulo
- * @param string $e reference exponent
- */
function pemtome($key,&$m,&$e) {
+ $lines = explode("\n",$key);
+ unset($lines[0]);
+ unset($lines[count($lines)]);
+ $x = base64_decode(implode('',$lines));
- $rsa = new RSA();
- $rsa->loadKey($key);
- $rsa->setPublicKey();
+ $r = ASN_BASE::parseASNString($x);
- $e = $rsa->modulus->toBytes();
- $m = $rsa->exponent->toBytes();
+ $m = base64url_decode($r[0]->asnData[1]->asnData[0]->asnData[0]->asnData);
+ $e = base64url_decode($r[0]->asnData[1]->asnData[0]->asnData[1]->asnData);
+}
+function metorsa($m,$e) {
+ $der = pkcs1_encode($m,$e);
+ $key = DerToRsa($der);
+ return $key;
}
+
+
function salmon_key($pubkey) {
pemtome($pubkey,$m,$e);
return 'RSA' . '.' . base64url_encode($m,true) . '.' . base64url_encode($e,true) ;
}
+
function convert_salmon_key($key) {
if(strstr($key,','))