public function verify($data, $signature, $publicKey)
{
$this->requireLibrary();
$rsa = new Crypt_RSA();
$rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
$rsa->loadKey($publicKey);
$errorCatcher = new MWP_Debug_ErrorCatcher();
$errorCatcher->register();
$verify = $rsa->verify($data, $signature);
$errorMessage = $errorCatcher->yieldErrorMessage(true);
if (!$verify && $errorMessage !== null && $errorMessage !== 'Signature representative out of range' && $errorMessage !== 'Invalid signature') {
throw new MWP_Worker_Exception(MWP_Worker_Exception::PHPSECLIB_VERIFY_ERROR, null, array('error' => $errorMessage));
}
return $verify;
}
public function publicDecrypt($data, $publicKey)
{
$this->requireLibrary();
$rsa = new Crypt_RSA();
$rsa->setEncryptionMode(CRYPT_RSA_SIGNATURE_PKCS1);
$rsa->loadKey($publicKey, CRYPT_RSA_PUBLIC_FORMAT_PKCS1);
$errorCatcher = new MWP_Debug_ErrorCatcher();
$errorCatcher->register();
$decrypted = $rsa->decrypt($data);
$error = $errorCatcher->yieldErrorMessage(true);
// "Decryption error" is generated by the library when the public key is not correct.
if ($decrypted === false && $error !== 'Decryption error') {
throw new MWP_Worker_Exception(MWP_Worker_Exception::PHPSECLIB_DECRYPT_ERROR, "Error while trying to use OpenSSL to decrypt a message.", array('error' => $error));
}
return $decrypted === false ? null : $decrypted;
}
public function publicDecrypt($data, $publicKey)
{
$errorCatcher = new MWP_Debug_ErrorCatcher();
$errorCatcher->register('openssl_public_decrypt');
/** @handled function */
$success = @openssl_public_decrypt($data, $decrypted, $publicKey);
$lastError = $errorCatcher->yieldErrorMessage(true);
if ($success === false && $lastError !== null) {
$error = $errorRow = '';
/** @handled function */
while (($errorRow = openssl_error_string()) !== false) {
$error = $errorRow . "\n" . $error;
}
throw new MWP_Worker_Exception(MWP_Worker_Exception::OPENSSL_DECRYPT_ERROR, "There was an error while trying to use OpenSSL to decrypt a message.", array('openSslError' => $error, 'error' => $lastError));
}
return $decrypted === false ? null : $decrypted;
}
private function sftpFactory($username, $password, $host, $port = 22)
{
$errorCatcher = new MWP_Debug_ErrorCatcher();
mwp_logger()->info('Connecting to SFTP host {sftp_host}:{sftp_port}', array('sftp_host' => $host, 'sftp_port' => $port));
require_once dirname(__FILE__) . '/../PHPSecLib/Net/SFTP.php';
$errorCatcher->register();
$sftp = new Net_SFTP($host, $port);
$errorCatcher->unRegister();
if ($caughtError = $errorCatcher->yieldErrorMessage()) {
mwp_logger()->error('Error while connecting to SFTP: {error_message}', array('error_message' => $caughtError));
throw new Exception('Host did not respond to the SFTP connection request. Error message: ' . $caughtError);
}
mwp_logger()->info('Logging in to SFTP host {sftp_user}@{sftp_host}:{sftp_port} (using password: {using_password})', array('sftp_user' => $username, 'sftp_host' => $host, 'sftp_port' => $port, 'using_password' => empty($password) ? 'no' : 'yes'));
$errorCatcher->register();
$login = $sftp->login($username, $password);
$errorCatcher->unRegister();
if (!$login) {
$errorMessage = '';
if ($caughtError = $errorCatcher->yieldErrorMessage()) {
$errorMessage = sprintf(' Error message: %s.', $caughtError);
}
mwp_logger()->error('Unable to login to SFTP host {sftp_host}:{sftp_port} (error message: {error_message})', array('sftp_host' => $host, 'sftp_port' => $port, 'error_message' => empty($caughtError) ? 'empty' : $caughtError));
throw new Exception('SFTP server has rejected the provided credentials.' . $errorMessage);
}
return $sftp;
}
