Esempio n. 1
0
File: JWS.php Progetto: gree/jose
 private function rsa($public_or_private_key, $padding_mode)
 {
     if ($public_or_private_key instanceof JOSE_JWK) {
         $rsa = $public_or_private_key->toKey();
     } else {
         if ($public_or_private_key instanceof RSA) {
             $rsa = $public_or_private_key;
         } else {
             $rsa = new RSA();
             $rsa->loadKey($public_or_private_key);
         }
     }
     $rsa->setHash($this->digest());
     $rsa->setMGFHash($this->digest());
     $rsa->setSignatureMode($padding_mode);
     return $rsa;
 }
Esempio n. 2
0
 private function rsa($public_or_private_key, $padding_mode)
 {
     if ($public_or_private_key instanceof JOSE_JWK) {
         $rsa = $public_or_private_key->toKey();
     } else {
         if ($public_or_private_key instanceof RSA) {
             $rsa = $public_or_private_key;
         } else {
             $rsa = new RSA();
             $rsa->loadKey($public_or_private_key);
         }
     }
     $rsa->setHash($this->digest());
     $rsa->setMGFHash($this->digest());
     $rsa->setSaltLength(false);
     # NOTE: https://github.com/phpseclib/phpseclib/issues/768
     $rsa->setSignatureMode($padding_mode);
     return $rsa;
 }
Esempio n. 3
0
    /**
     * Validates a signature
     *
     * Returns true if the signature is verified, false if it is not correct or null on error
     *
     * @param string $publicKeyAlgorithm
     * @param string $publicKey
     * @param string $signatureAlgorithm
     * @param string $signature
     * @param string $signatureSubject
     * @access private
     * @return int
     */
    function _validateSignature($publicKeyAlgorithm, $publicKey, $signatureAlgorithm, $signature, $signatureSubject)
    {
        switch ($publicKeyAlgorithm) {
            case 'rsaEncryption':
                $rsa = new RSA();
                $rsa->loadKey($publicKey);

                switch ($signatureAlgorithm) {
                    case 'md2WithRSAEncryption':
                    case 'md5WithRSAEncryption':
                    case 'sha1WithRSAEncryption':
                    case 'sha224WithRSAEncryption':
                    case 'sha256WithRSAEncryption':
                    case 'sha384WithRSAEncryption':
                    case 'sha512WithRSAEncryption':
                        $rsa->setHash(preg_replace('#WithRSAEncryption$#', '', $signatureAlgorithm));
                        $rsa->setSignatureMode(RSA::SIGNATURE_PKCS1);
                        if (!@$rsa->verify($signatureSubject, $signature)) {
                            return false;
                        }
                        break;
                    default:
                        return null;
                }
                break;
            default:
                return null;
        }

        return true;
    }
Esempio n. 4
0
 /**
  * Validates a signature
  *
  * Returns true if the signature is verified and false if it is not correct.
  * If the algorithms are unsupposed an exception is thrown.
  *
  * @param string $publicKeyAlgorithm
  * @param string $publicKey
  * @param string $signatureAlgorithm
  * @param string $signature
  * @param string $signatureSubject
  * @access private
  * @throws \phpseclib\Exception\UnsupportedAlgorithmException if the algorithm is unsupported
  * @return bool
  */
 function _validateSignature($publicKeyAlgorithm, $publicKey, $signatureAlgorithm, $signature, $signatureSubject)
 {
     switch ($publicKeyAlgorithm) {
         case 'rsaEncryption':
             $rsa = new RSA();
             $rsa->load($publicKey);
             switch ($signatureAlgorithm) {
                 case 'md2WithRSAEncryption':
                 case 'md5WithRSAEncryption':
                 case 'sha1WithRSAEncryption':
                 case 'sha224WithRSAEncryption':
                 case 'sha256WithRSAEncryption':
                 case 'sha384WithRSAEncryption':
                 case 'sha512WithRSAEncryption':
                     $rsa->setHash(preg_replace('#WithRSAEncryption$#', '', $signatureAlgorithm));
                     if (!@$rsa->verify($signatureSubject, $signature, RSA::PADDING_PKCS1)) {
                         return false;
                     }
                     break;
                 default:
                     throw new UnsupportedAlgorithmException('Signature algorithm unsupported');
             }
             break;
         default:
             throw new UnsupportedAlgorithmException('Public key algorithm unsupported');
     }
     return true;
 }
Esempio n. 5
0
 static function crypt_rsa_key($mod, $exp, $hash = 'SHA256')
 {
     $rsa = new Crypt_RSA();
     $rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
     $rsa->setHash(strtolower($hash));
     $rsa->modulus = new Math_BigInteger($mod, 256);
     $rsa->k = strlen($rsa->modulus->toBytes());
     $rsa->exponent = new Math_BigInteger($exp, 256);
     $rsa->setPublicKey();
     return $rsa;
 }
 /**
  * Static method for quick calls to calculate a signature.
  * @link https://developer.walmartapis.com/#authentication
  * @param string $consumerId
  * @param string $privateKey
  * @param string $requestUrl
  * @param string $requestMethod
  * @param string|null $timestamp
  * @return string
  * @throws \Exception
  */
 public static function calculateSignature($consumerId, $privateKey, $requestUrl, $requestMethod, $timestamp = null)
 {
     if (is_null($timestamp) || !is_numeric($timestamp)) {
         $timestamp = self::getMilliseconds();
     }
     /**
      * Append values into string for signing
      */
     $message = $consumerId . "\n" . $requestUrl . "\n" . strtoupper($requestMethod) . "\n" . $timestamp . "\n";
     /**
      * Get RSA object for signing
      */
     $rsa = new RSA();
     $decodedPrivateKey = base64_decode($privateKey);
     $rsa->setPrivateKeyFormat(RSA::PRIVATE_FORMAT_PKCS8);
     $rsa->setPublicKeyFormat(RSA::PRIVATE_FORMAT_PKCS8);
     /**
      * Load private key
      */
     if ($rsa->loadKey($decodedPrivateKey, RSA::PRIVATE_FORMAT_PKCS8)) {
         /**
          * Make sure we use SHA256 for signing
          */
         $rsa->setHash('sha256');
         $rsa->setSignatureMode(RSA::SIGNATURE_PKCS1);
         $signed = $rsa->sign($message);
         /**
          * Return Base64 Encode generated signature
          */
         return base64_encode($signed);
     } else {
         throw new \Exception("Unable to load private key", 1446780146);
     }
 }
 /**
  *
  * @param string $hashtype        	
  * @param object $key        	
  * @throws OpenIDConnectClientException
  * @return bool
  */
 private function verifyRSAJWTsignature($hashtype, $key, $payload, $signature)
 {
     if (!(property_exists($key, 'n') and property_exists($key, 'e'))) {
         throw new OpenIDConnectClientException('Malformed key object');
     }
     /*
      * We already have base64url-encoded data, so re-encode it as
      * regular base64 and use the XML key format for simplicity.
      */
     var_dump($hashtype, $key, $payload, base64_encode($signature));
     $public_key_xml = "<RSAKeyValue>\r\n" . "  <Modulus>" . b64url2b64($key->n) . "</Modulus>\r\n" . "  <Exponent>" . b64url2b64($key->e) . "</Exponent>\r\n" . "</RSAKeyValue>";
     $rsa = new RSA();
     $rsa->setHash($hashtype);
     $rsa->loadKey($public_key_xml, 'xml');
     $rsa->signatureMode = RSA::SIGNATURE_PKCS1;
     return $rsa->verify($payload, $signature);
 }