function token_verify($Hash, $Qx, $Qy, $R, $S) { $pGOST = GOSTcurve::generator_GOST(); $curve_GOST = GOSTcurve::curve_GOST(); $pubk = new PublicKey($pGOST, new Point($curve_GOST, gmp_Utils::gmp_hexdec('0x' . $Qx), gmp_Utils::gmp_hexdec('0x' . $Qy))); $got = $pubk->GOST_verifies(gmp_Utils::gmp_hexdec('0x' . $Hash), new Signature(gmp_Utils::gmp_hexdec('0x' . $R), gmp_Utils::gmp_hexdec('0x' . $S))); return $got; }
/** * Decrypt * * @param string $msg * @param string $privateKey * @return string * @throws RuntimeException */ public function decrypt(string $msg, string $privateKey = '') : string { // get the session key list($encryptedKey, $ciphertext) = explode(':', $msg, 2); // decrypt the session key with privateKey $sessionKey = $this->public->decrypt(base64_decode($encryptedKey), $privateKey); //openssl_private_decrypt(base64_decode($encryptedKey), $sessionKey, $privateKey, $padding); // encrypt the plaintext with symmetric algorithm return $this->symmetric->decrypt($ciphertext, $sessionKey); }
/** * @depnds testGenerateWithoutException */ public function testIsValid() { $sinKey = new SinKey(); $this->assertNotNull($sinKey); $this->assertFalse($sinKey->isValid()); $pubKey = PublicKey::create(); $this->assertNotNull($pubKey); $pubKey->setPrivateKey(PrivateKey::create()->generate()); $pubKey->generate(); $sinKey->setPublicKey($pubKey); $sinKey->generate(); $this->assertTrue($sinKey->isValid()); }
public static function test_signature_validity($Msg, $Qx, $Qy, $R, $S, $expected, $verbose = false) { $p192 = NISTcurve::generator_192(); $curve_192 = NISTcurve::curve_192(); $pubk = new PublicKey($p192, new Point($curve_192, $Qx, $Qy)); $got = $pubk->verifies(PrivateKey::digest_integer($Msg), new Signature($R, $S)); if (bccomp($got, $expected) == 0) { if ($verbose) { print "Signature tested as expected: received " . var_export($got, true) . ", expected " . var_export($expected, true) . ".<br />"; } flush(); } else { print "*** Signature test failed: received " . var_export($got, true) . ", expected " . var_export($expected, true) . ".<br />"; } flush(); }
/** * @param string $keyMaterial - The actual key data * @param bool $signing - Is this a signing key? */ public function __construct($keyMaterial = '', ...$args) { parent::__construct($keyMaterial, false); }
/** * Check Sig * * This function will check a provided DER encoded $sig, a digest of * the message to be signed - $hash (the output of _create_txin_signature_hash()), * and the $key for the signature to be tested against. * Returns TRUE if the signature is valid for this $hash and $key, * otherwise returns FALSE. * * @param string $sig * @param string $hash * @param string $key * @return boolean */ public static function _check_sig($sig, $hash, $key) { $signature = self::decode_signature($sig); $test_signature = new \Signature(gmp_init($signature['r'], 16), gmp_init($signature['s'], 16)); $generator = \SECcurve::generator_secp256k1(); $curve = $generator->getCurve(); if (strlen($key) == '66') { $decompress = BitcoinLib::decompress_public_key($key); $public_key_point = $decompress['point']; } else { $x = gmp_strval(gmp_init(substr($key, 2, 64), 16), 10); $y = gmp_strval(gmp_init(substr($key, 66, 64), 16), 10); $public_key_point = new \Point($curve, $x, $y, $generator->getOrder()); } $public_key = new \PublicKey($generator, $public_key_point); $hash = gmp_init($hash, 16); return $public_key->verifies($hash, $test_signature) == TRUE; }
/** * Internal function to parse output lines, (usually from gpg --recv-keys or gpg --list-keys), * into an array of valid Key and SecretKey objects. * * @param array $output * * @return array */ private function _parseOutputLines($output){ $keys = []; $k = null; // Last Key foreach($output as $line){ $type = substr($line, 0, 4); switch($type){ case 'gpg:': // This is a GPG comment, skip it. continue; break; case 'tru:': // This is a trust definition, skip it for now. continue; break; case 'pub:': if($k !== null){ // This is a new key. // Save the previous one. $keys[] = $k; } // This is a new key object. $k = new PublicKey(); $k->parseLine($line); break; case 'sec:': if($k !== null){ // This is a new key. // Save the previous one. $keys[] = $k; } // This is a new key object. $k = new SecretKey(); $k->parseLine($line); break; default: if($k !== null) { // Let the previous key handle it! $k->parseLine($line); } break; } } // End of output and there is data? if($k !== null){ $keys[] = $k; } return $keys; }
/** * Retrieve the public key associated with this * certificate * * @return security.crypto.PublicKey */ public function getPublicKey() { return PublicKey::fromString($this->export()); }
function recoverPubKey($r, $s, $e, $recoveryFlags, $G) { $isYEven = ($recoveryFlags & 1) != 0; $isSecondKey = ($recoveryFlags & 2) != 0; $curve = $G->getCurve(); $signature = new Signature($r, $s); // Precalculate (p + 1) / 4 where p is the field order static $p_over_four; // XXX just assuming only one curve/prime will be used if (!$p_over_four) { $p_over_four = gmp_div(gmp_add($curve->getPrime(), 1), 4); } // 1.1 Compute x if (!$isSecondKey) { $x = $r; } else { $x = gmp_add($r, $G->getOrder()); } // 1.3 Convert x to point $alpha = gmp_mod(gmp_add(gmp_add(gmp_pow($x, 3), gmp_mul($curve->getA(), $x)), $curve->getB()), $curve->getPrime()); $beta = NumberTheory::modular_exp($alpha, $p_over_four, $curve->getPrime()); // If beta is even, but y isn't or vice versa, then convert it, // otherwise we're done and y == beta. if (isBignumEven($beta) == $isYEven) { $y = gmp_sub($curve->getPrime(), $beta); } else { $y = $beta; } // 1.4 Check that nR is at infinity (implicitly done in construtor) $R = new Point($curve, $x, $y, $G->getOrder()); $point_negate = function ($p) { return new Point($p->curve, $p->x, gmp_neg($p->y), $p->order); }; // 1.6.1 Compute a candidate public key Q = r^-1 (sR - eG) $rInv = NumberTheory::inverse_mod($r, $G->getOrder()); $eGNeg = $point_negate(Point::mul($e, $G)); $Q = Point::mul($rInv, Point::add(Point::mul($s, $R), $eGNeg)); // 1.6.2 Test Q as a public key $Qk = new PublicKey($G, $Q); if ($Qk->verifies($e, $signature)) { return $Qk; } return false; }
function privkey2pubkey($ECDSA, $secp256k1_G) { // this is function that needs the phpecc stuff - rewrite when binary module available $privKey = gmp_Utils::gmp_hexdec($ECDSA); $pubKey = new PublicKey($secp256k1_G, Point::mul($privKey, $secp256k1_G)); $xcoord = strtoupper(gmp_Utils::gmp_dechex($pubKey->getPoint()->getX())); $xcoord = str_pad($xcoord, 64, '0', STR_PAD_LEFT); $ycoord = strtoupper(gmp_Utils::gmp_dechex($pubKey->getPoint()->getY())); $ycoord = str_pad($ycoord, 64, '0', STR_PAD_LEFT); return '04' . $xcoord . $ycoord; }
public function validate_signature($sig, $hash, $key) { // Initialize $signature = $this->decode_signature($sig); $test_signature = new Signature(gmp_init($signature['r'], 16), gmp_init($signature['s'], 16)); $generator = SECcurve::generator_secp256k1(); $curve = $generator->getCurve(); // Check key if (strlen($key) == '66') { $client = new BIP32(); $decompress = $client->decompress_public_key($key); $public_key_point = $decompress['point']; } else { $x = gmp_strval(gmp_init(substr($key, 2, 64), 16), 10); $y = gmp_strval(gmp_init(substr($key, 66, 64), 16), 10); $public_key_point = new Point($curve, $x, $y, $generator->getOrder()); } // Get hash $public_key = new PublicKey($generator, $public_key_point); $hash = gmp_init($hash, 16); // Return return $public_key->verifies($hash, $test_signature) === true; }
/** * Check if the given digital signature belongs to the given message. * * You should be calling this function with a digital signature generated with * the generateDigitalSignature() function. * * Usage example (continuation of the generateDigitalSignature() example): * * <code> * //get the default public key * $pubKey = new PublicKey(); * * if (Cryptography::verifyDigitalSignature($pubKey, $message, $signature)) { * echo "the message was not modified"; * } else { * echo "the message have been modified"; * } * </code> * * @param PublicKey $key the public key associated with the private key used to generate the signature * @param string $message the message to be checked * @param string $signature the digital signature of the given message * * @return bool true if the message digitaly signed it equal to the digital signature * * @throws \InvalidArgumentException the given message or the given signature are not a valid string * @throws AsymmetricException the error occurred while checking the message */ public static function verifyDigitalSignature(PublicKey &$key, $message, $signature) { //check the message type if (!is_string($message) && strlen($message) <= 0) { throw new \InvalidArgumentException('The message to be checked must be a non-empty string'); } //check the message type if (!is_string($signature) && strlen($signature) <= 0) { throw new \InvalidArgumentException('The digital signature of the message must be a non-empty string'); } //check for the private key if (!$key->isLoaded()) { throw new AsymmetricException('It is impossible to generate a digital signature with an unloaded key', 13); } //get the signature result $binSignature = base64_decode($signature); //attempt to verify the digital signature $verificationResult = openssl_verify($message, $binSignature, $key()['key'], OPENSSL_ALGO_SHA256); //check for errors in the process if ($verificationResult !== 0 && $verificationResult !== 1) { throw new AsymmetricException('An unknown error has occurred while verifying the digital signature', 14); } //return the result return $verificationResult != 0; }
public function testIsGenerated() { $pub = new PublicKey(); $pub->setPrivateKey($this->getMockPrivateKey()); $this->assertFalse($pub->isGenerated()); $pub->generate(); $this->assertTrue($pub->isGenerated()); }