<?php
include '../phpseclib/vendor/autoload.php';
$privKey = new \phpseclib\Crypt\RSA();
$private = file_get_contents('private.pem');
$privKey->setPassword('VdcpDTWTc5Aehxgv2uL9haaFddDBhrc8uCMG3ykg');
$privKey->load($private);
$pubKey = new \phpseclib\Crypt\RSA();
$public = file_get_contents('public.pem');
$pubKey->load($public);
$subject = new \phpseclib\File\X509();
$subject->setDNProp('id-at-organizationName', 'www.test.com');
$subject->setDNProp('name', 'Name Inc.');
$subject->setDNProp('emailaddress', '*****@*****.**');
$subject->setDNProp('postalcode', '90210');
$subject->setDNProp('state', 'California');
$subject->setDNProp('streetaddress', 'Infinite Loop 1');
$subject->setPublicKey($pubKey);
$issuer = new \phpseclib\File\X509();
$issuer->setPrivateKey($privKey);
$issuer->setDN($subject->getDN());
$x509 = new \phpseclib\File\X509();
$x509->setStartDate(date('Y-m-d H:i:s'));
$x509->setEndDate(date('Y-m-d H:i:s', strtotime('+1 year')));
$result = $x509->sign($issuer, $subject, 'sha512WithRSAEncryption');
$certificate = $x509->saveX509($result);
$filepublic = fopen('cert.crt', 'w');
fwrite($filepublic, $certificate);
fclose($filepublic);
echo 'Cert has been generated' . PHP_EOL;
echo $certificate . PHP_EOL;
<?php
include '../phpseclib/vendor/autoload.php';
$rsa_signer = new \phpseclib\Crypt\RSA();
$private = file_get_contents('private.pem');
$rsa_signer->setPassword('VdcpDTWTc5Aehxgv2uL9haaFddDBhrc8uCMG3ykg');
$rsa_signer->load($private);
$rsa_signer->setHash('sha512');
$rsa_signer->setMGFHash('sha512');
$message = 'Litwo Ojczyzno moja, ty jesteś jak zdrowie';
$signature = $rsa_signer->sign($message, phpseclib\Crypt\RSA::PADDING_PSS);
$signature_base64 = base64_encode($signature);
echo 'Message: ' . $message . "\r\n";
echo 'Signature (RAW): ' . $signature . "\r\n";
echo 'Signature (base64): ' . $signature_base64 . "\r\n";
echo '------------------------------------DECODING------------------------------------------' . "\r\n";
$rsa_verifier = new \phpseclib\Crypt\RSA();
$rsa_verifier->setHash('sha512');
$rsa_verifier->setMGFHash('sha512');
$public = file_get_contents('public.pem');
$rsa_verifier->load($public);
$verification = $rsa_verifier->verify($message, $signature);
echo 'Verified: ' . ($verification ? 'TRUE' : 'FALSE');
/**
* Make the Jason API call to the backend via http
*/
private function make_jason_http_request($data)
{
// use key 'http' even if you send the request to https://...
$options = array('http' => array('header' => "Content-type: application/json\r\n", 'method' => 'POST', 'content' => json_encode($data)));
$context = stream_context_create($options);
$result = file_get_contents(get_option('api_uri'), false, $context);
$keyArray = $this->get_key();
// extract the key
$modulus = $keyArray['keys'][0]['n'];
$exponent = $keyArray['keys'][0]['e'];
$rsa = new phpseclib\Crypt\RSA();
$modulus = new \phpseclib\Math\BigInteger(Firebase\JWT\JWT::urlsafeB64Decode($modulus), 256);
$exponent = new \phpseclib\Math\BigInteger(Firebase\JWT\JWT::urlsafeB64Decode($exponent), 256);
$rsa->load(array('n' => $modulus, 'e' => $exponent));
$rsa->setPublicKey();
$pubKey = $rsa->getPublicKey();
$decodedResult = $this->decode_jwt($result, $pubKey);
return array($decodedResult, $result);
}
<?php
include '../phpseclib/vendor/autoload.php';
$rsa = new \phpseclib\Crypt\RSA();
$private = file_get_contents('private.pem');
$rsa->setPassword('VdcpDTWTc5Aehxgv2uL9haaFddDBhrc8uCMG3ykg');
phpseclib\Crypt\RSA\PKCS1::setEncryptionAlgorithm('AES-256-CBC');
$rsa->setHash('sha512');
$rsa->setMGFHash('sha512');
$rsa->load($private);
foreach ($rsa->primes as $key => $prime) {
echo 'p' . $key . '= ' . $prime . '(' . strlen($prime) . ')' . PHP_EOL;
}
echo 'n= ' . $rsa->modulus . PHP_EOL;
echo 'e= ' . $rsa->publicExponent . '(binary: ' . decbin($rsa->publicExponent->value) . ')' . '(hexadecimal: ' . dechex($rsa->publicExponent->value) . ')' . PHP_EOL;
if ($rsa->password) {
echo 'password= '******'Bits: ' . $rsa->getSize() . ' bits.' . '(' . strlen($rsa->modulus) . ')(2^' . $rsa->getSize() . ')' . PHP_EOL;
echo PHP_EOL;
echo $rsa->getPrivateKey('PKCS1') . PHP_EOL;
//Get private key (in this case content of file)
$private = file_get_contents('private.pem');
//This private key is password protected, so load key
$rsa_private->setPassword($password);
//load the private key
$rsa_private->load($private);
//set hash (I chose sha512 because sha1 apparently has collisions)
$rsa_private->setHash('sha512');
//set MGF hash
$rsa_private->setMGFHash('sha512');
//Create new RSA Object - public key
$rsa_public = new \phpseclib\Crypt\RSA();
//Get public key (in this case content of file)
$public = file_get_contents('public.pem');
//load the public key
$rsa_public->load($public);
//set hash
$rsa_public->setHash('sha512');
//set MGF hash
$rsa_public->setMGFHash('sha512');
echo 'Plaintext: ' . $plaintext . PHP_EOL;
//encrypt with public key and OAEP as padding
$ciphertext_raw = $rsa_public->encrypt($plaintext, phpseclib\Crypt\RSA::PADDING_OAEP);
echo 'Ciphertext (RAW): ' . $ciphertext_raw . PHP_EOL;
//Encode as base64 for better management
$ciphertext = base64_encode($ciphertext_raw);
echo 'Ciphertext (base64): ' . $ciphertext . PHP_EOL;
//Decode from base64 then decrypt with private key
$decrypted = $rsa_private->decrypt(base64_decode($ciphertext));
echo 'Decrypted: ' . $decrypted . PHP_EOL;
//Is everything ok?
<?php
include '../phpseclib/vendor/autoload.php';
$rsa = new \phpseclib\Crypt\RSA();
$public = file_get_contents('public.pem');
$rsa->load($public);
$rsa->setHash('sha512');
$rsa->setMGFHash('sha512');
echo 'n= ' . $rsa->modulus . PHP_EOL;
echo 'e= ' . $rsa->exponent . PHP_EOL;
echo 'Bits: ' . $rsa->getSize() . ' bits.' . '(' . strlen($rsa->modulus) . ')' . PHP_EOL;
echo PHP_EOL;
echo $rsa->getPublicKey('PKCS1') . PHP_EOL;
