예제 #1
0
 public static function factoryFromEncrypted($envKey, $encData, $privateKeyFilePath, $privateKeyPassword = null)
 {
     $privateKey = null;
     if ($privateKeyPassword == null) {
         $privateKey = @openssl_get_privatekey("file://{$privateKeyFilePath}");
     } else {
         $privateKey = @openssl_get_privatekey("file://{$privateKeyFilePath}", $privateKeyPassword);
     }
     if ($privateKey === false) {
         throw new Exception('Error loading private key', self::ERROR_CONFIRM_LOAD_PRIVATE_KEY);
     }
     $srcData = base64_decode($encData);
     if ($srcData === false) {
         @openssl_free_key($privateKey);
         throw new Exception('Failed decoding data', self::ERROR_CONFIRM_FAILED_DECODING_DATA);
     }
     $srcEnvKey = base64_decode($envKey);
     if ($srcEnvKey === false) {
         throw new Exception('Failed decoding envelope key', self::ERROR_CONFIRM_FAILED_DECODING_ENVELOPE_KEY);
     }
     $data = null;
     $result = @openssl_open($srcData, $data, $srcEnvKey, $privateKey);
     if ($result === false) {
         throw new Exception('Failed decrypting data', self::ERROR_CONFIRM_FAILED_DECRYPT_DATA);
     }
     return Mobilpay_Payment_Request_Abstract::factory($data);
 }
예제 #2
0
 public function __construct()
 {
     $strCoreKey = "";
     $strPackageKey = "";
     //==================================================================
     $objPackages = $this->db->query("SELECT * FROM __repo_packages WHERE category");
     if ($objPackages) {
         while ($row = $objPackages->fetchAssoc()) {
             if (intval($row['category']) == 8) {
                 $privateKey = $strCoreKey;
             } else {
                 $privateKey = $strPackageKey;
             }
             if ($row['filehash'] != "") {
                 $strHash = $row['filehash'];
                 // fetch private key from file and ready it
                 $strKey = "file://" . $privateKey;
                 $pkeyid = openssl_pkey_get_private($strKey);
                 // compute signature
                 openssl_sign($strHash, $signature, $pkeyid, "sha1WithRSAEncryption");
                 // free the key from memory
                 openssl_free_key($pkeyid);
                 $signature = base64_encode($signature);
                 echo "UPDATE eqdkp20_repo_packages SET signature = '" . $signature . "' WHERE id=" . $row['id'] . "; ";
             }
         }
     }
 }
예제 #3
0
 /**
  * 验签
  *
  * @param string $data
  * @param string $sign
  * @param string $pem
  * @return bool 验签状态
  */
 private function verify($data, $sign)
 {
     $p = openssl_pkey_get_public(file_get_contents($this->chinaums_config['publickKey']));
     $verify = openssl_verify($data, hex2bin($sign), $p);
     openssl_free_key($p);
     return $verify > 0;
 }
예제 #4
0
	function getXMLSing($xmlHon,$priv_key){
		//Carga Certificado
		$xml = new DomDocument();
		$xml->loadXML($xmlHon);
		//Carga prosedimiento de proceso de cadena original
		$xsl = new DomDocument;
		$xsl->load("ostring.xsl");
		$proc = new xsltprocessor();
		$proc->importStyleSheet($xsl);
		$original =$proc->transformToXML($xml);
		//firma la cadena original
		
		//$fp = $cert[0]['certificates']['key'];
		//$priv_key = $f['key'];
		//die($f['key']);
		//fclose($fp);
		$pkeyid = openssl_get_privatekey($priv_key);
		openssl_sign($original, $signature, $pkeyid,OPENSSL_ALGO_MD5);
		openssl_free_key($pkeyid);
		//coloca el sello en xml
		$esqueletonew=$xmlHon;
		$esqueletonew=str_replace("#1#",base64_encode($signature),$esqueletonew);
		$xmlReturn[1]=$esqueletonew;
		$xmlReturn[2]=$original;
		$xmlReturn[3]=base64_encode($signature);
		return $xmlReturn;
	}
예제 #5
0
	function verify($pubKey, $toCheck, $signature) {
		$openSslPubKey = openssl_get_publickey($this->seclibToOpenSsl($pubKey));
		$verified = openssl_verify($toCheck, $signature, $openSslPubKey);
		openssl_free_key($openSslPubKey);
		
		return $verified;
	} # verify
예제 #6
0
 /**
  * Store a newly created resource in storage.
  *
  * @param  Request  $request
  * @return Response
  */
 public function store(Request $request)
 {
     //
     //Log::info('$request=<' . $request . '>');
     if ($request->isMethod('post')) {
         $bodyContent = $request->getContent();
         //Log::info('$bodyContent=<' . $bodyContent . '>');
         $bodyJson = json_decode($bodyContent);
         $keyPath = $this->keyRoot_ . $bodyJson->token . '/pubKey.pem';
         $fp = fopen($keyPath, 'r');
         $pubKeyMem = fread($fp, 8192);
         fclose($fp);
         $pubkeyid = openssl_pkey_get_public($pubKeyMem);
         $token = $bodyJson->token;
         $sign = $bodyJson->sign;
         $ok = openssl_verify($token, hex2bin($sign), $pubkeyid, "sha256");
         openssl_free_key($pubkeyid);
         if ($ok == 1) {
             $profilePath = $this->keyRoot_ . $bodyJson->token . '/profile';
             //Log::info('$bodyJson->payload=<' . json_encode($bodyJson->payload) . '>');
             file_put_contents($profilePath, json_encode($bodyJson->payload));
             return response()->json(['status' => 'success']);
         } else {
             return response()->json(['status' => 'failure']);
         }
     }
 }
예제 #7
0
 /**
  * {@inheritdoc}
  */
 public function decrypt($message, $key)
 {
     $privateKey = openssl_pkey_get_private($key);
     openssl_private_decrypt($message, $messageDecrypted, $privateKey);
     openssl_free_key($privateKey);
     return $messageDecrypted;
 }
예제 #8
0
function get_signed_url($url, $private_key, $key_pair_id, $expires, $client_ip = null)
{
    $policy = '{' . '"Statement":[' . '{' . '"Resource":"' . $url . '",' . '"Condition":{';
    if (!is_null($client_ip)) {
        $policy .= '"IpAddress":{"AWS:SourceIp":"' . $client_ip . '/32"},';
    }
    $policy .= '"DateLessThan":{"AWS:EpochTime":' . $expires . '}' . '}' . '}' . ']' . '}';
    // the policy contains characters that cannot be part of a URL, so we base64 encode it
    $encoded_policy = url_safe_base64_encode($policy);
    // sign the original policy, not the encoded version
    $signature = '';
    $pkeyid = openssl_get_privatekey($private_key);
    // compute signature
    openssl_sign($policy, $signature, $pkeyid);
    // free the key from memory
    openssl_free_key($pkeyid);
    // make the signature is safe to be included in a url
    $encoded_signature = url_safe_base64_encode($signature);
    // combine the above into a signed url
    // if the signed url already contains query parameters, attach the new query parameters to the end
    // otherwise, add the query parameters
    $separator = strpos($url, '?') == FALSE ? '?' : '&';
    // no IP restriction means we are using a canned policy
    if (!is_null($client_ip)) {
        $url .= $separator . "Expires=" . $expires . "&Signature=" . $encoded_signature . "&Key-Pair-Id=" . $key_pair_id;
    } else {
        $url .= $separator . "Policy=" . $encoded_policy . "&Signature=" . $encoded_signature . "&Key-Pair-Id=" . $key_pair_id;
    }
    // new lines would break us, so remove them
    return str_replace('\\n', '', $url);
}
예제 #9
0
파일: OpenSSLUtil.php 프로젝트: sdlyhu/Demo 
 /**
  * 使用公钥来验证RSA签名合法性
  *
  * @param string $data
  *            需要进行签名的数据.
  * @param string $publicKey
  *            签名用户的公钥
  * @param string $sign
  *            私钥签名
  *            
  * @return bool true/false
  */
 public static function rsaVerify($data, $publicKey, $sign)
 {
     $res = openssl_get_publickey($publicKey);
     $result = (bool) openssl_verify($data, base64_decode($sign), $res);
     openssl_free_key($res);
     return $result;
 }
예제 #10
0
 /**
  * {@inheritdoc}
  */
 public function decrypt($data, $key, $passphrase = '')
 {
     $privateKey = openssl_pkey_get_private($key, $passphrase);
     openssl_private_decrypt($data, $messageDecrypted, $privateKey);
     openssl_free_key($privateKey);
     return $messageDecrypted;
 }
예제 #11
0
 /**
  * Decrypts RSA encrypted data using the given private key
  *
  * @throws Cipher\Exception\RuntimeException
  * @param string $encryptedData The encrypted data in binary format
  * @param string $privateKey The private key in binary format
  * @param string $password The private key passphrase
  * @param integer $padding The padding to use during decryption (of not provided object value will be used)
  * @return string The decrypted data
  */
 public function decrypt($encryptedData, $privateKey, $password = null, $padding = null)
 {
     $private_key = openssl_pkey_get_private(array($privateKey, $password));
     if (!$private_key) {
         throw new Cipher\Exception\RuntimeException("Failed to load private key");
     }
     if ($padding !== null) {
         try {
             $this->setPadding($padding);
         } catch (\Exception $e) {
             openssl_free_key($private_key);
             throw $e;
         }
     }
     switch ($this->getPadding()) {
         case self::NO_PADDING:
             $openssl_padding = OPENSSL_NO_PADDING;
             break;
         case self::OAEP_PADDING:
             $openssl_padding = OPENSSL_PKCS1_OAEP_PADDING;
             break;
     }
     $result = openssl_private_decrypt($encryptedData, $decryptedData, $private_key, $openssl_padding);
     openssl_free_key($private_key);
     if (!$result) {
         throw new Cipher\Exception\RuntimeException("Unable to Decrypt Value using provided private key");
     }
     if ($this->getPadding() == self::NO_PADDING) {
         $decryptedData = substr($decryptedData, 2);
         $start = strpos($decryptedData, 0) + 1;
         $decryptedData = substr($decryptedData, $start);
     }
     return $decryptedData;
 }
예제 #12
0
 /**
  * 签名数据
  *
  * @param string $data
  *        	要签名的数据
  * @param string $private
  *        	私钥文件
  * @return string 签名的16进制数据
  */
 private function sign($data)
 {
     $p = openssl_pkey_get_private($this->chinaums_config['privateKey']);
     openssl_sign($data, $signature, $p);
     openssl_free_key($p);
     return bin2hex($signature);
 }
예제 #13
0
 public function obtenSello($cadena_original)
 {
     $pkeyid = openssl_pkey_get_private(file_get_contents($this->path_key), $this->pass_key);
     openssl_sign($cadena_original, $crypttext, $pkeyid, OPENSSL_ALGO_SHA1);
     openssl_free_key($pkeyid);
     $sello = base64_encode($crypttext);
     return $sello;
 }
예제 #14
0
function rsa_sha1_sign($policy)
{
    $priv_key = file_get_contents("/Users/joelsaltzman/Desktop/privatekey");
    $pkeyid = openssl_get_privatekey($priv_key);
    openssl_sign($policy, $signature, $pkeyid);
    openssl_free_key($pkeyid);
    return $signature;
}
예제 #15
0
 /**
  * makes the verification of the incoming data with a public key
  * @param string $signature
  * @param string $data
  * @param string $publicKeyPath
  * @return boolean
  */
 public static function verify($signature, $data, $publicKeyPath)
 {
     $publicKey = self::read($publicKeyPath);
     $pKeyId = openssl_get_publickey($publicKey);
     $result = openssl_verify($data, $signature, $pKeyId, "SHA256");
     openssl_free_key($pKeyId);
     return (bool) $result;
 }
예제 #16
0
 function verify($text, $signature)
 {
     $pubkeyid = openssl_get_publickey($this->verejny);
     $signature = base64_decode($signature);
     $vysledek = openssl_verify($text, $signature, $pubkeyid);
     openssl_free_key($pubkeyid);
     return $vysledek == 1 ? true : false;
 }
예제 #17
0
 /**
  * Verify the returned response.
  *
  * @param $message
  * @param $signature
  * @return mixed
  */
 public function verifySignature($message, $signature)
 {
     $cert = $this->getCertificate();
     $pubkeyid = openssl_get_publickey($cert);
     $verify = openssl_verify(substr($message, 0, strlen($message) - 128), $signature, $pubkeyid);
     openssl_free_key($pubkeyid);
     return $verify;
 }
예제 #18
0
function _verify($mac, $signature)
{
    $cert = file_get_contents(KEY_LOCATION . '/swedbank.pem');
    $key = openssl_get_publickey($cert);
    $ok = openssl_verify($mac, $signature, $key);
    openssl_free_key($key);
    return $ok;
}
예제 #19
0
 /**
  * @param string $text
  * @return string Base64 encoded
  */
 public function sign($text)
 {
     $privateKeyId = openssl_get_privatekey($this->privateKey, $this->privateKeyPassword);
     openssl_sign($text, $signature, $privateKeyId);
     $signature = base64_encode($signature);
     openssl_free_key($privateKeyId);
     return $signature;
 }
예제 #20
0
 function rsaSha1Sign($policy)
 {
     $signature = "";
     $pkeyid = openssl_get_privatekey($this->key);
     openssl_sign($policy, $signature, $pkeyid);
     openssl_free_key($pkeyid);
     return $signature;
 }
예제 #21
0
 public function rsaSign($data, $private_key)
 {
     $res = openssl_pkey_get_private($private_key);
     openssl_sign($data, $sign, $res);
     openssl_free_key($res);
     $sign = base64_encode($sign);
     return $sign;
 }
예제 #22
0
 /**
  * Sign some data with this private key.
  *
  * Note how we never actually load the private key into memory, we let OpenSSL do this and afterwards immediately
  * tell OpenSSL to forget the key to reduce chances of leakage.
  *
  * @param string $data
  * @return string
  */
 public function sign($data)
 {
     $privateKeyResource = openssl_pkey_get_private('file://' . $this->_filePath);
     $signature = null;
     openssl_sign($data, $signature, $privateKeyResource);
     openssl_free_key($privateKeyResource);
     return $signature;
 }
예제 #23
0
 /**
  * RSA验签
  * @param $data 待签名数据
  * @param $ali_public_key_path 支付宝的公钥文件路径
  * @param $sign 要校对的的签名结果
  * return 验证结果
  */
 static function verify($data, $ali_public_key_path, $sign)
 {
     $pubKey = file_get_contents($ali_public_key_path);
     $res = openssl_get_publickey($pubKey);
     $result = (bool) openssl_verify($data, base64_decode($sign), $res);
     openssl_free_key($res);
     return $result;
 }
예제 #24
0
 /**
  * @param string $text
  * @param string $signatureBase64
  * @return bool
  */
 function verify($text, $signatureBase64)
 {
     $publicKeyId = openssl_get_publickey($this->publicKey);
     $signature = base64_decode($signatureBase64);
     $res = openssl_verify($text, $signature, $publicKeyId);
     openssl_free_key($publicKeyId);
     return $res === 1;
 }
예제 #25
0
/**
 * 验签 方法 二 (未知公匙,获得需经转换)
 * [rsa_verify2 description]
 * @param  [type] $cert_file [description]
 * @param  [type] $data      [description]
 * @param  [type] $signature [description]
 * @return [type]            [description]
 */
function rsa_verify2($cert_file, $data, $signature)
{
    $cert = der2pem(file_get_contents($cert_file));
    $certs = openssl_x509_read($cert);
    $key = openssl_get_publickey($certs);
    $result = (bool) openssl_verify($data, base64_decode($signature), $key, OPENSSL_ALGO_SHA1);
    openssl_free_key($key);
    return $result;
}
예제 #26
0
파일: ext_openssl.php 프로젝트: ezoic/hhvm 
function test_openssl_free_key()
{
    $csr = openssl_csr_new(null, $ignore);
    VERIFY($csr != null);
    $publickey = openssl_csr_get_public_key($csr);
    VERIFY($publickey != false);
    VERIFY($publickey != null);
    openssl_free_key($publickey);
}
예제 #27
0
 protected function signWithRSA($data, $privateKey)
 {
     $privateKey = $this->prefixCertificateKeyPath($privateKey);
     $res = openssl_pkey_get_private($privateKey);
     openssl_sign($data, $sign, $res);
     openssl_free_key($res);
     $sign = base64_encode($sign);
     return $sign;
 }
예제 #28
0
 protected function sign($data)
 {
     $priKey = file_get_contents($this->rsaPrivateKeyFilePath);
     $res = openssl_pkey_get_private($priKey);
     openssl_sign($data, $sign, $res);
     openssl_free_key($res);
     $sign = base64_encode($sign);
     return $sign;
 }
예제 #29
0
파일: RsaSha1.php 프로젝트: horde/horde 
 public function verify($signature, $request, $consumer, $token)
 {
     $decodedSignature = base64_decode($signature);
     $baseString = $request->getSignatureBaseString();
     $pubkeyid = openssl_pkey_get_public($this->_publicKey);
     $result = openssl_verify($baseString, $decodedSignature, $pubkeyid);
     openssl_free_key($pubkeyid);
     return $result == 1;
 }
예제 #30
0
 public static function signWithRSA($data, $privateKey)
 {
     $privateKey = self::prefixCertificateKeyPath($privateKey);
     $res = openssl_pkey_get_private($privateKey);
     openssl_sign($data, $sign, $res);
     openssl_free_key($res);
     $sign = base64_encode($sign);
     return $sign;
 }