/** * @return array */ public function DoGetPublicKey() { if ($this->Config()->Get('security', 'use_rsa_encryption', false)) { \RainLoop\Service::$__HIDE_ERROR_NOTICES = true; if (!\class_exists('Crypt_RSA')) { \set_include_path(\get_include_path() . PATH_SEPARATOR . APP_VERSION_ROOT_PATH . 'app/libraries/phpseclib'); \defined('CRYPT_RSA_MODE') || \define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL); include_once 'Crypt/RSA.php'; } $oRsa = new \Crypt_RSA(); $oRsa->setPublicKeyFormat(CRYPT_RSA_PUBLIC_FORMAT_RAW); $aKeys = $oRsa->createKey(1024); if (!empty($aKeys['privatekey']) && !empty($aKeys['publickey']['e']) && !empty($aKeys['publickey']['n'])) { $e = new \Math_BigInteger($aKeys['publickey']['e'], 10); $n = new \Math_BigInteger($aKeys['publickey']['n'], 10); $sHash = \md5($e->toHex() . $n->toHex()); \RainLoop\Service::$__HIDE_ERROR_NOTICES = false; return $this->DefaultResponse(__FUNCTION__, $this->Cacher()->Set(\RainLoop\KeyPathHelper::RsaCacherKey($sHash), $aKeys['privatekey']) ? array($sHash, $e->toHex(), $n->toHex()) : false); } } \RainLoop\Service::$__HIDE_ERROR_NOTICES = false; return $this->FalseResponse(__FUNCTION__); }
/** * EMSA-PSS-VERIFY * * See {@link http://tools.ietf.org/html/rfc3447#section-9.1.2 RFC3447#section-9.1.2}. * * @access private * @param String $m * @param String $em * @param Integer $emBits * @return String */ function _emsa_pss_verify($m, $em, $emBits) { // if $m is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error // be output. $emLen = ceil($emBits / 8); // by pfeffer, has been: ($emBits + 1) >> 3; // ie. ceil($emBits / 8); switch ($this->sLen) { case -1: $sLen = $this->hLen; break; case -2: // added by Pfeffer for compability with jsrsasign $sLen = $emLen - $this->hLen - 2; break; default: if ($this->sLen >= 0) { $sLen = $this->sLen; } else { $sLen = $this->hLen; } } // commented out by Pfeffer because replaced by switch: $sLen = $this->sLen == false ? $this->hLen : $this->sLen; $mHash = $this->hash->hash($m); if ($emLen < $this->hLen + $sLen + 2) { return false; } if ($em[strlen($em) - 1] != chr(0xbc)) { $nhex = $this->modulus->toHex(); return false; } $maskedDB = substr($em, 0, -$this->hLen - 1); $h = substr($em, -$this->hLen - 1, $this->hLen); $temp = chr(0xff << ($emBits & 7)); if ((~$maskedDB[0] & $temp) != $temp) { // check in no. 6 in http://tools.ietf.org/html/rfc3447#page-40 return false; } $dbMask = $this->_mgf1($h, $emLen - $this->hLen - 1); $db = $maskedDB ^ $dbMask; $db[0] = ~chr(0xff << ($emBits & 7)) & $db[0]; $temp = $emLen - $this->hLen - $sLen - 2; if (substr($db, 0, $temp) != str_repeat(chr(0), $temp) || ord($db[$temp]) != 1) { return false; // check in no. 10 in http://tools.ietf.org/html/rfc3447#page-40 } $salt = substr($db, $temp + 1); // should be $sLen long $m2 = "" . $mHash . $salt; $h2 = $this->hash->hash($m2); return $this->_equals($h, $h2); }