public function decryptAndVerify($ciphertext, $tag, $cek, $additional, $iv) { $params = self::$alg_params[$this->getAlg()]; if (strlen($cek) != $this->getCEKSize() / 8) { throw new CryptException('Incorrect key length'); } $iv = Util::base64url_decode($iv); if (strlen($iv) != $this->getIVSize() / 8) { throw new CryptException('Incorrect IV length'); } list($mac_key, $enc_key) = str_split($cek, (int) (strlen($cek) / 2)); $al = Util::packInt64(strlen($additional) * 8); $e = Util::base64url_decode($ciphertext); $m = hash_hmac($params['hash'], $additional . $iv . $e . $al, $mac_key, true); $t = substr($m, 0, $params['tag']); if (!Util::secure_compare(Util::base64url_decode($tag), $t)) { throw new CryptException('Authentication tag does not match'); } $plaintext = openssl_decrypt($e, $params['cipher'], $enc_key, OPENSSL_RAW_DATA, $iv); return $plaintext; }
public function verify($signature, $data, $keys, $kid = null) { $compare = $this->sign($data, $keys, $kid); return Util::secure_compare($signature, $compare); }
/** * Decodes a message using EME-OAEP. * * @param string $message the message to decode * @param int $key_length the length of the RSA key in octets * @param string $hash the hash algorithm - must be one supported by `hash_algos()` * @param string $label the label * @return string the decoded message * @throws CryptException if an error occurred in the decoding * @see https://tools.ietf.org/html/rfc3447 */ protected final function oaep_decode($encoded, $key_length, $hash = 'sha1', $label = '') { $lHash = hash($hash, $label, true); $Y = ord($encoded[0]); $maskedSeed = substr($encoded, 1, strlen($lHash)); $maskedDB = substr($encoded, strlen($lHash) + 1); $seedMask = $this->mgf1($maskedDB, strlen($lHash), $hash); $seed = $maskedSeed ^ $seedMask; $dbMask = $this->mgf1($seed, $key_length - strlen($lHash) - 1, $hash); $DB = $maskedDB ^ $dbMask; $lHash2 = substr($DB, 0, strlen($lHash)); if (!Util::secure_compare($lHash, $lHash2)) { throw new CryptException('OAEP decoding error'); } $PSM = substr($DB, strlen($lHash)); $PSM = ltrim($PSM, ""); if (substr($PSM, 0, 1) != "") { throw new CryptException('OAEP decoding error'); } return substr($PSM, 1); }