Beispiel #1
0
 /**
  * @return string
  */
 public function getPublicKey()
 {
     $pem = (string) $this->file->getPublicKey();
     $pem = preg_replace('/\\-+BEGIN PUBLIC KEY\\-+/', '', $pem);
     $pem = preg_replace('/\\-+END PUBLIC KEY\\-+/', '', $pem);
     $pem = str_replace(array("\n", "\r", "\t"), '', trim($pem));
     return $pem;
 }
Beispiel #2
0
function RSAEncrypt($text, $pem)
{
    $x509 = new File_X509();
    $rsa = new Crypt_RSA();
    $x509->loadX509($pem);
    $rsa->loadKey($x509->getPublicKey());
    $rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
    return bin2hex($rsa->encrypt($text));
}
 public function testLoadSPKAC()
 {
     $test = 'MIICQDCCASgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChgo9mWzQm3TSwGgpZnIc54' . 'TZ8gYpfAO/AI0etvyWDqnFfdNCUQsqxTdSi6/rtrJdLGBsszRGrRIc/0JqmjM+jCHGYutLeo4xwgr' . 'a3HAZrWDypL5IlRWnLmLA4U/qGXCXNSk+9NrJl39X3IDA8o/aOJyr9iMUJMvswcWjVjPom3NhAgmJ' . 'ZwW0vUEMw9zszExpiRnGSO5XXntQW2qvfzo+J3NzS3BBbKxEmTsfOLHextcXeFQUaBQHXB/WOtweW' . 'Y/Bd4iZ8ETmhal28g1HWVcTFPD+V+KPRFeARlVEW6JmcJucW2WdJlBGKXXXPEfdHrDS3OgD/eDWfM' . 'JE4mChZ/icxAgMBAAEWADANBgkqhkiG9w0BAQQFAAOCAQEAUMvIKhlSgEgbC081b/FJwh6mbuVgYN' . 'ZV37Ts2WjrHoDFlabu9WXU8xzgaXct3sO51vJM5I36rY4UPyc6w3y9dLaamEwKUoWnpHG8mlXs2JG' . 'GEUOvxh5z9yfk/2ZmdCVBlKnU1LDB+ZDyNyNh5B0YULrJKw9e0jV+ymP7srwUSBcdUfZh1KEKGVIN' . 'Uv4J3GuL8V63E2unWCHGRPw4EmFVTbWpgMx96XR7p/pMavu6/pVKgYQqWLOmEeOK+dmT/QVon28d5' . 'dmeL7aWrpP+3x3L0A9cATksracQX676XogdAEXJ59fcr/S5AGw1TFErbyBbfyeAWvzDZIXeMXpb9h' . 'yNtA==';
     $x509 = new File_X509();
     $spkac = $x509->loadSPKAC($test);
     $this->assertInternalType('array', $spkac);
     $spkac = $x509->loadSPKAC('SPKAC=' . $test);
     $this->assertInternalType('array', $spkac);
     $this->assertTrue($x509->validateSignature(), 'Failed asserting that the signature is valid');
     $pubKey = $x509->getPublicKey();
     $this->assertInternalType('string', "{$pubKey}");
 }
 protected function initRsa($publicKeyFile)
 {
     if (!file_exists($publicKeyFile) || !is_readable($publicKeyFile)) {
         throw new \Exception('Public key file does not exist or is not readable.');
     }
     $public_key = file_get_contents($publicKeyFile);
     $this->rsa = new \Crypt_RSA();
     $x509 = new \File_X509();
     $x509->loadX509($public_key);
     $this->rsa->loadKey($x509->getPublicKey());
     $this->rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
     $this->rsa->setHash('sha1');
 }
 /**
  * @param $appMeta
  * @param $entity
  * @param $action
  * @param $params
  * @param $cxn
  * @return array
  * @throws Exception\InvalidMessageException
  */
 protected function doCall($appMeta, $entity, $action, $params, $cxn)
 {
     $appCert = new \File_X509();
     $appCert->loadX509($appMeta['appCert']);
     $req = new RegistrationMessage($cxn['appId'], $appCert->getPublicKey(), array('cxn' => $cxn, 'entity' => $entity, 'action' => $action, 'params' => $params));
     list($respHeaders, $respCiphertext, $respCode) = $this->http->send('POST', $cxn['appUrl'], $req->encode());
     $respMessage = $this->decode(array(StdMessage::NAME, InsecureMessage::NAME, GarbledMessage::NAME), $respCiphertext);
     if ($respMessage instanceof GarbledMessage) {
         return array($respCode, array('is_error' => 1, 'error_message' => 'Received garbled message', 'original_message' => $respMessage->getData()));
     } elseif ($respMessage instanceof InsecureMessage) {
         return array($respCode, array('is_error' => 1, 'error_message' => 'Received insecure error message', 'original_message' => $respMessage->getData()));
     }
     if ($respMessage->getCxnId() != $cxn['cxnId']) {
         // Tsk, tsk, Mallory!
         throw new \RuntimeException('Received response from incorrect connection.');
     }
     return array($respCode, $respMessage->getData());
 }
 public function verifyPackage($src, $hash, $signature, $type = "core", $blnDeleteIfWrong = true, $blnAgain = false)
 {
     if (file_exists($src) && $signature != "" && $hash != "") {
         $arrIntermCerts = $this->getIntermediateCerts();
         $arrVerified = array();
         foreach ($arrIntermCerts as $cert) {
             if ($this->verifyIntermediateCert($cert, $type)) {
                 $arrVerified[] = $cert;
             }
         }
         $strFileHash = sha1_file($src);
         include_once 'libraries/phpseclib/X509.php';
         include_once 'libraries/phpseclib/RSA.php';
         $x509 = new File_X509();
         foreach ($arrVerified as $intermCert) {
             //Check, if $hash is valid
             $cert = $x509->loadX509($intermCert);
             $pkey = $x509->getPublicKey()->getPublicKey();
             $rsa = new Crypt_RSA();
             $rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
             $rsa->loadKey($pkey);
             $blnVerified = $rsa->verify($hash, base64_decode($signature));
             //If hashes are eqal, it's a valid package
             if ($blnVerified && $strFileHash === $hash) {
                 return true;
             }
         }
         //We are still here, package not valid
         //load new intermediate Cert
         $this->loadIntermediateCert();
         //do the thing again
         if (!$blnAgain) {
             $blnResult = $this->verifyPackage($src, $hash, $signature, $type, $blnDeleteIfWrong, true);
             return $blnResult;
         }
     }
     return false;
 }
Beispiel #7
0
 function testVerifyWithGoogleIDToken()
 {
     $id_token_string = file_get_contents($this->fixture_dir . 'google.jwt');
     $cert_string = file_get_contents($this->fixture_dir . 'google.crt');
     $x509 = new File_X509();
     $x509->loadX509($cert_string);
     $public_key = $x509->getPublicKey()->getPublicKey();
     $jwt = JOSE_JWT::decode($id_token_string);
     $jws = new JOSE_JWS($jwt);
     $this->assertInstanceOf('JOSE_JWS', $jws->verify($public_key));
 }
Beispiel #8
0
 /**
  * Quasi-private - marked public to work-around PHP 5.3 compat.
  *
  * @param \File_X509 $x509
  * @return \Crypt_RSA
  */
 public static function getRsaFromCert($x509)
 {
     $rsa = $x509->getPublicKey();
     if (!$rsa) {
         throw new InvalidMessageException("Invalid message: certificate missing or does not have public key");
     }
     $rsa->setEncryptionMode(Constants::RSA_ENC_MODE);
     $rsa->setSignatureMode(Constants::RSA_SIG_MODE);
     $rsa->setHash(Constants::RSA_HASH);
     return $rsa;
 }
$Message .= "doulCiTeam Certificate, DEVELOPMENT : " . "\n" . $doulCiTeamCertificate . "\n";
$Message .= "doulCiTeam Certificate PublicKey : " . "\n" . $doulCiTeamCertificatePublikKey . "\n";
$iPhoneActivationOrig = file_get_contents($iPhoneActivationOrigFile);
$iPhoneActivationOrigVect = openssl_pkey_get_details(openssl_pkey_get_public($iPhoneActivationOrig));
$iPhoneActivationOrigPublicKey = $iPhoneActivationOrigVect['key'];
$Message .= "Apple Certificate PRODUCTION : " . "\n" . $iPhoneActivationOrig . "\n";
$Message .= "Apple Certificate PublicKey, Apple Inc. : " . "\n" . $iPhoneActivationOrigPublicKey . "\n";
$iPhoneDeviceCAOrig = file_get_contents($iPhoneDeviceCAOrigFile);
$iPhoneDeviceCAOrigVect = openssl_pkey_get_details(openssl_pkey_get_public($iPhoneDeviceCAOrig));
$iPhoneDeviceCAOrigPublicKey = $iPhoneDeviceCAOrigVect['key'];
$Message .= "Apple Certificate PRODUCTION : " . "\n" . $iPhoneDeviceCAOrig . "\n";
$Message .= "Apple Certificate PublicKey, Apple Inc. : " . "\n" . $iPhoneDeviceCAOrigPublicKey . "\n";
//print $iPhoneDeviceCAOrig;
$DeviceCAOrig = new File_X509();
$DeviceCAOrig->loadX509($iPhoneDeviceCAOrig);
$DeviceCAOrigPublicKey = $DeviceCAOrig->getPublicKey($iPhoneDeviceCAOrig);
$DeviceCAOrigDN = $DeviceCAOrig->getDN(true);
$DeviceCAOrigIssuerDN = $DeviceCAOrig->getIssuerDN(true);
$DeviceCAOrigExtensions = $DeviceCAOrig->getExtensions();
$iPhoneDeviceCANew_x509 = new File_X509();
//$iPhoneDeviceCANew_x509->setPublicKey ( $DeviceCAOrigPublicKey );
//$iPhoneDeviceCANew_x509->setDN ( $DeviceCAOrigDN );
$iPhoneDeviceCANew_x509->setStartDate('-1 day');
$iPhoneDeviceCANew_x509->setEndDate('+ 10 year');
//$iPhoneDeviceCANew_x509->setIssuerDN ( $DeviceCAOrigIssuerDN );
$extensions = array();
$i = 0;
if (is_array($DeviceCAOrigExtensions)) {
    foreach ($DeviceCAOrigExtensions as $extension) {
        $extensions[] = $extension;
        $value = $DeviceCAOrig->getExtension($extension);