public static function factoryFromEncrypted($envKey, $encData, $privateKeyFilePath, $privateKeyPassword = null) { $privateKey = null; if ($privateKeyPassword == null) { $privateKey = @openssl_get_privatekey("file://{$privateKeyFilePath}"); } else { $privateKey = @openssl_get_privatekey("file://{$privateKeyFilePath}", $privateKeyPassword); } if ($privateKey === false) { throw new Exception('Error loading private key', self::ERROR_CONFIRM_LOAD_PRIVATE_KEY); } $srcData = base64_decode($encData); if ($srcData === false) { @openssl_free_key($privateKey); throw new Exception('Failed decoding data', self::ERROR_CONFIRM_FAILED_DECODING_DATA); } $srcEnvKey = base64_decode($envKey); if ($srcEnvKey === false) { throw new Exception('Failed decoding envelope key', self::ERROR_CONFIRM_FAILED_DECODING_ENVELOPE_KEY); } $data = null; $result = @openssl_open($srcData, $data, $srcEnvKey, $privateKey); if ($result === false) { throw new Exception('Failed decrypting data', self::ERROR_CONFIRM_FAILED_DECRYPT_DATA); } return Mobilpay_Payment_Request_Abstract::factory($data); }
public function __construct() { $strCoreKey = ""; $strPackageKey = ""; //================================================================== $objPackages = $this->db->query("SELECT * FROM __repo_packages WHERE category"); if ($objPackages) { while ($row = $objPackages->fetchAssoc()) { if (intval($row['category']) == 8) { $privateKey = $strCoreKey; } else { $privateKey = $strPackageKey; } if ($row['filehash'] != "") { $strHash = $row['filehash']; // fetch private key from file and ready it $strKey = "file://" . $privateKey; $pkeyid = openssl_pkey_get_private($strKey); // compute signature openssl_sign($strHash, $signature, $pkeyid, "sha1WithRSAEncryption"); // free the key from memory openssl_free_key($pkeyid); $signature = base64_encode($signature); echo "UPDATE eqdkp20_repo_packages SET signature = '" . $signature . "' WHERE id=" . $row['id'] . "; "; } } } }
/** * 验签 * * @param string $data * @param string $sign * @param string $pem * @return bool 验签状态 */ private function verify($data, $sign) { $p = openssl_pkey_get_public(file_get_contents($this->chinaums_config['publickKey'])); $verify = openssl_verify($data, hex2bin($sign), $p); openssl_free_key($p); return $verify > 0; }
function getXMLSing($xmlHon,$priv_key){ //Carga Certificado $xml = new DomDocument(); $xml->loadXML($xmlHon); //Carga prosedimiento de proceso de cadena original $xsl = new DomDocument; $xsl->load("ostring.xsl"); $proc = new xsltprocessor(); $proc->importStyleSheet($xsl); $original =$proc->transformToXML($xml); //firma la cadena original //$fp = $cert[0]['certificates']['key']; //$priv_key = $f['key']; //die($f['key']); //fclose($fp); $pkeyid = openssl_get_privatekey($priv_key); openssl_sign($original, $signature, $pkeyid,OPENSSL_ALGO_MD5); openssl_free_key($pkeyid); //coloca el sello en xml $esqueletonew=$xmlHon; $esqueletonew=str_replace("#1#",base64_encode($signature),$esqueletonew); $xmlReturn[1]=$esqueletonew; $xmlReturn[2]=$original; $xmlReturn[3]=base64_encode($signature); return $xmlReturn; }
function verify($pubKey, $toCheck, $signature) { $openSslPubKey = openssl_get_publickey($this->seclibToOpenSsl($pubKey)); $verified = openssl_verify($toCheck, $signature, $openSslPubKey); openssl_free_key($openSslPubKey); return $verified; } # verify
/** * Store a newly created resource in storage. * * @param Request $request * @return Response */ public function store(Request $request) { // //Log::info('$request=<' . $request . '>'); if ($request->isMethod('post')) { $bodyContent = $request->getContent(); //Log::info('$bodyContent=<' . $bodyContent . '>'); $bodyJson = json_decode($bodyContent); $keyPath = $this->keyRoot_ . $bodyJson->token . '/pubKey.pem'; $fp = fopen($keyPath, 'r'); $pubKeyMem = fread($fp, 8192); fclose($fp); $pubkeyid = openssl_pkey_get_public($pubKeyMem); $token = $bodyJson->token; $sign = $bodyJson->sign; $ok = openssl_verify($token, hex2bin($sign), $pubkeyid, "sha256"); openssl_free_key($pubkeyid); if ($ok == 1) { $profilePath = $this->keyRoot_ . $bodyJson->token . '/profile'; //Log::info('$bodyJson->payload=<' . json_encode($bodyJson->payload) . '>'); file_put_contents($profilePath, json_encode($bodyJson->payload)); return response()->json(['status' => 'success']); } else { return response()->json(['status' => 'failure']); } } }
/** * {@inheritdoc} */ public function decrypt($message, $key) { $privateKey = openssl_pkey_get_private($key); openssl_private_decrypt($message, $messageDecrypted, $privateKey); openssl_free_key($privateKey); return $messageDecrypted; }
function get_signed_url($url, $private_key, $key_pair_id, $expires, $client_ip = null) { $policy = '{' . '"Statement":[' . '{' . '"Resource":"' . $url . '",' . '"Condition":{'; if (!is_null($client_ip)) { $policy .= '"IpAddress":{"AWS:SourceIp":"' . $client_ip . '/32"},'; } $policy .= '"DateLessThan":{"AWS:EpochTime":' . $expires . '}' . '}' . '}' . ']' . '}'; // the policy contains characters that cannot be part of a URL, so we base64 encode it $encoded_policy = url_safe_base64_encode($policy); // sign the original policy, not the encoded version $signature = ''; $pkeyid = openssl_get_privatekey($private_key); // compute signature openssl_sign($policy, $signature, $pkeyid); // free the key from memory openssl_free_key($pkeyid); // make the signature is safe to be included in a url $encoded_signature = url_safe_base64_encode($signature); // combine the above into a signed url // if the signed url already contains query parameters, attach the new query parameters to the end // otherwise, add the query parameters $separator = strpos($url, '?') == FALSE ? '?' : '&'; // no IP restriction means we are using a canned policy if (!is_null($client_ip)) { $url .= $separator . "Expires=" . $expires . "&Signature=" . $encoded_signature . "&Key-Pair-Id=" . $key_pair_id; } else { $url .= $separator . "Policy=" . $encoded_policy . "&Signature=" . $encoded_signature . "&Key-Pair-Id=" . $key_pair_id; } // new lines would break us, so remove them return str_replace('\\n', '', $url); }
/** * 使用公钥来验证RSA签名合法性 * * @param string $data * 需要进行签名的数据. * @param string $publicKey * 签名用户的公钥 * @param string $sign * 私钥签名 * * @return bool true/false */ public static function rsaVerify($data, $publicKey, $sign) { $res = openssl_get_publickey($publicKey); $result = (bool) openssl_verify($data, base64_decode($sign), $res); openssl_free_key($res); return $result; }
/** * {@inheritdoc} */ public function decrypt($data, $key, $passphrase = '') { $privateKey = openssl_pkey_get_private($key, $passphrase); openssl_private_decrypt($data, $messageDecrypted, $privateKey); openssl_free_key($privateKey); return $messageDecrypted; }
/** * Decrypts RSA encrypted data using the given private key * * @throws Cipher\Exception\RuntimeException * @param string $encryptedData The encrypted data in binary format * @param string $privateKey The private key in binary format * @param string $password The private key passphrase * @param integer $padding The padding to use during decryption (of not provided object value will be used) * @return string The decrypted data */ public function decrypt($encryptedData, $privateKey, $password = null, $padding = null) { $private_key = openssl_pkey_get_private(array($privateKey, $password)); if (!$private_key) { throw new Cipher\Exception\RuntimeException("Failed to load private key"); } if ($padding !== null) { try { $this->setPadding($padding); } catch (\Exception $e) { openssl_free_key($private_key); throw $e; } } switch ($this->getPadding()) { case self::NO_PADDING: $openssl_padding = OPENSSL_NO_PADDING; break; case self::OAEP_PADDING: $openssl_padding = OPENSSL_PKCS1_OAEP_PADDING; break; } $result = openssl_private_decrypt($encryptedData, $decryptedData, $private_key, $openssl_padding); openssl_free_key($private_key); if (!$result) { throw new Cipher\Exception\RuntimeException("Unable to Decrypt Value using provided private key"); } if ($this->getPadding() == self::NO_PADDING) { $decryptedData = substr($decryptedData, 2); $start = strpos($decryptedData, 0) + 1; $decryptedData = substr($decryptedData, $start); } return $decryptedData; }
/** * 签名数据 * * @param string $data * 要签名的数据 * @param string $private * 私钥文件 * @return string 签名的16进制数据 */ private function sign($data) { $p = openssl_pkey_get_private($this->chinaums_config['privateKey']); openssl_sign($data, $signature, $p); openssl_free_key($p); return bin2hex($signature); }
public function obtenSello($cadena_original) { $pkeyid = openssl_pkey_get_private(file_get_contents($this->path_key), $this->pass_key); openssl_sign($cadena_original, $crypttext, $pkeyid, OPENSSL_ALGO_SHA1); openssl_free_key($pkeyid); $sello = base64_encode($crypttext); return $sello; }
function rsa_sha1_sign($policy) { $priv_key = file_get_contents("/Users/joelsaltzman/Desktop/privatekey"); $pkeyid = openssl_get_privatekey($priv_key); openssl_sign($policy, $signature, $pkeyid); openssl_free_key($pkeyid); return $signature; }
/** * makes the verification of the incoming data with a public key * @param string $signature * @param string $data * @param string $publicKeyPath * @return boolean */ public static function verify($signature, $data, $publicKeyPath) { $publicKey = self::read($publicKeyPath); $pKeyId = openssl_get_publickey($publicKey); $result = openssl_verify($data, $signature, $pKeyId, "SHA256"); openssl_free_key($pKeyId); return (bool) $result; }
function verify($text, $signature) { $pubkeyid = openssl_get_publickey($this->verejny); $signature = base64_decode($signature); $vysledek = openssl_verify($text, $signature, $pubkeyid); openssl_free_key($pubkeyid); return $vysledek == 1 ? true : false; }
/** * Verify the returned response. * * @param $message * @param $signature * @return mixed */ public function verifySignature($message, $signature) { $cert = $this->getCertificate(); $pubkeyid = openssl_get_publickey($cert); $verify = openssl_verify(substr($message, 0, strlen($message) - 128), $signature, $pubkeyid); openssl_free_key($pubkeyid); return $verify; }
function _verify($mac, $signature) { $cert = file_get_contents(KEY_LOCATION . '/swedbank.pem'); $key = openssl_get_publickey($cert); $ok = openssl_verify($mac, $signature, $key); openssl_free_key($key); return $ok; }
/** * @param string $text * @return string Base64 encoded */ public function sign($text) { $privateKeyId = openssl_get_privatekey($this->privateKey, $this->privateKeyPassword); openssl_sign($text, $signature, $privateKeyId); $signature = base64_encode($signature); openssl_free_key($privateKeyId); return $signature; }
function rsaSha1Sign($policy) { $signature = ""; $pkeyid = openssl_get_privatekey($this->key); openssl_sign($policy, $signature, $pkeyid); openssl_free_key($pkeyid); return $signature; }
public function rsaSign($data, $private_key) { $res = openssl_pkey_get_private($private_key); openssl_sign($data, $sign, $res); openssl_free_key($res); $sign = base64_encode($sign); return $sign; }
/** * Sign some data with this private key. * * Note how we never actually load the private key into memory, we let OpenSSL do this and afterwards immediately * tell OpenSSL to forget the key to reduce chances of leakage. * * @param string $data * @return string */ public function sign($data) { $privateKeyResource = openssl_pkey_get_private('file://' . $this->_filePath); $signature = null; openssl_sign($data, $signature, $privateKeyResource); openssl_free_key($privateKeyResource); return $signature; }
/** * RSA验签 * @param $data 待签名数据 * @param $ali_public_key_path 支付宝的公钥文件路径 * @param $sign 要校对的的签名结果 * return 验证结果 */ static function verify($data, $ali_public_key_path, $sign) { $pubKey = file_get_contents($ali_public_key_path); $res = openssl_get_publickey($pubKey); $result = (bool) openssl_verify($data, base64_decode($sign), $res); openssl_free_key($res); return $result; }
/** * @param string $text * @param string $signatureBase64 * @return bool */ function verify($text, $signatureBase64) { $publicKeyId = openssl_get_publickey($this->publicKey); $signature = base64_decode($signatureBase64); $res = openssl_verify($text, $signature, $publicKeyId); openssl_free_key($publicKeyId); return $res === 1; }
/** * 验签 方法 二 (未知公匙,获得需经转换) * [rsa_verify2 description] * @param [type] $cert_file [description] * @param [type] $data [description] * @param [type] $signature [description] * @return [type] [description] */ function rsa_verify2($cert_file, $data, $signature) { $cert = der2pem(file_get_contents($cert_file)); $certs = openssl_x509_read($cert); $key = openssl_get_publickey($certs); $result = (bool) openssl_verify($data, base64_decode($signature), $key, OPENSSL_ALGO_SHA1); openssl_free_key($key); return $result; }
function test_openssl_free_key() { $csr = openssl_csr_new(null, $ignore); VERIFY($csr != null); $publickey = openssl_csr_get_public_key($csr); VERIFY($publickey != false); VERIFY($publickey != null); openssl_free_key($publickey); }
protected function signWithRSA($data, $privateKey) { $privateKey = $this->prefixCertificateKeyPath($privateKey); $res = openssl_pkey_get_private($privateKey); openssl_sign($data, $sign, $res); openssl_free_key($res); $sign = base64_encode($sign); return $sign; }
protected function sign($data) { $priKey = file_get_contents($this->rsaPrivateKeyFilePath); $res = openssl_pkey_get_private($priKey); openssl_sign($data, $sign, $res); openssl_free_key($res); $sign = base64_encode($sign); return $sign; }
public function verify($signature, $request, $consumer, $token) { $decodedSignature = base64_decode($signature); $baseString = $request->getSignatureBaseString(); $pubkeyid = openssl_pkey_get_public($this->_publicKey); $result = openssl_verify($baseString, $decodedSignature, $pubkeyid); openssl_free_key($pubkeyid); return $result == 1; }
public static function signWithRSA($data, $privateKey) { $privateKey = self::prefixCertificateKeyPath($privateKey); $res = openssl_pkey_get_private($privateKey); openssl_sign($data, $sign, $res); openssl_free_key($res); $sign = base64_encode($sign); return $sign; }