/**
* @return \Crypt_RSA|null
*/
public static function CryptRSA()
{
if (null === \RainLoop\Utils::$RSA) {
if (!\defined('_phpseclib_')) {
\set_include_path(\get_include_path() . PATH_SEPARATOR . APP_VERSION_ROOT_PATH . 'app/libraries/phpseclib');
define('_phpseclib_', true);
}
if (!\class_exists('Crypt_RSA', false)) {
include_once 'Crypt/RSA.php';
\defined('CRYPT_RSA_MODE') || \define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
}
if (\class_exists('Crypt_RSA')) {
$oRsa = new \Crypt_RSA();
$oRsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
$oRsa->setPrivateKeyFormat(CRYPT_RSA_PRIVATE_FORMAT_PKCS1);
$oRsa->setPrivateKeyFormat(CRYPT_RSA_PUBLIC_FORMAT_PKCS1);
$sPrivateKey = \file_exists(APP_PRIVATE_DATA . 'rsa/private') ? \file_get_contents(APP_PRIVATE_DATA . 'rsa/private') : '';
if (!empty($sPrivateKey)) {
$oRsa->loadKey($sPrivateKey, CRYPT_RSA_PRIVATE_FORMAT_PKCS1);
$oRsa->loadKey($oRsa->getPublicKey(), CRYPT_RSA_PUBLIC_FORMAT_PKCS1);
\RainLoop\Utils::$RSA = $oRsa;
}
}
}
return \RainLoop\Utils::$RSA;
}
/**
* @param $bits
* @return KeyPair
*/
public function buildKeyPair($bits)
{
$this->rsa_imp->setPrivateKeyFormat(CRYPT_RSA_PRIVATE_FORMAT_PKCS1);
$this->rsa_imp->setPublicKeyFormat(CRYPT_RSA_PUBLIC_FORMAT_PKCS1);
$list = $this->rsa_imp->createKey($bits);
return new KeyPair(new _RSAPublicKeyPEMFornat($list['publickey']), new _RSAPrivateKeyPEMFornat($list['privatekey']));
}
public function creat_public_key()
{
$oldIncludePath = get_include_path();
$include = realpath(dirname(__FILE__));
set_include_path($include . DIRECTORY_SEPARATOR . 'CryptLib');
include_once 'Crypt/RSA.php';
$rsa = new Crypt_RSA();
$rsa->setPrivateKeyFormat(CRYPT_RSA_PRIVATE_FORMAT_PKCS1);
$rsa->setPublicKeyFormat(CRYPT_RSA_PUBLIC_FORMAT_PKCS1);
//define('CRYPT_RSA_EXPONENT', 65537);
//define('CRYPT_RSA_SMALLEST_PRIME', 64); // makes it so multi-prime RSA is used
$a = $rsa->createKey();
// == $rsa->createKey(1024) where 1024 is the key size
return $a;
}
public static function CreateLicense($licensee, $type)
{
// Gleiche Generalisierung wie am Client:
$licenseeGen = self::GeneralizeDataString($licensee);
$dataStr = $licenseeGen . (int) $type;
// "ERIKAMUSTERMANN2"
$rsa = new Crypt_RSA();
// Neue RSA-Klasse erstellen
// Setzen der RSA-Optionen auf die, die auch am Client verwendet werden:
$rsa->setPrivateKeyFormat(CRYPT_RSA_PRIVATE_FORMAT_XML);
$rsa->setHash('SHA1');
$rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
// privaten Schlüssel laden
$rsa->loadKey(self::privateKey);
// Erstellen der Signatur
$signature = $rsa->sign($dataStr);
// Formatierte Lizenzdaten zurückgeben
return self::FormatLicense($licensee, $type, $signature);
}
public function rsa_encrypt($input_str, $key)
{
$rsa = new Crypt_RSA();
$rsa->setPrivateKeyFormat(CRYPT_RSA_PRIVATE_FORMAT_PKCS1);
$rsa->setPublicKeyFormat(CRYPT_RSA_PUBLIC_FORMAT_PKCS1);
$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
$public_key = array('n' => new Math_BigInteger($key, 16), 'e' => new Math_BigInteger('65537', 10));
$rsa->loadKey($public_key, CRYPT_RSA_PUBLIC_FORMAT_RAW);
return $rsa->encrypt($input_str);
}
<?php
set_time_limit(0);
if (file_exists('private.key')) {
echo base64_encode(file_get_contents('private.key'));
} else {
include 'Crypt/RSA.php';
$rsa = new Crypt_RSA();
$rsa->setHash('sha1');
$rsa->setMGFHash('sha1');
$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_OAEP);
$rsa->setPrivateKeyFormat(CRYPT_RSA_PRIVATE_FORMAT_PKCS1);
$rsa->setPublicKeyFormat(CRYPT_RSA_PUBLIC_FORMAT_PKCS1);
$res = $rsa->createKey(1024);
$privateKey = $res['privatekey'];
$publicKey = $res['publickey'];
file_put_contents('public.key', $publicKey);
file_put_contents('private.key', $privateKey);
echo base64_encode($privateKey);
}
/**
* @param string $sEncryptedData
*
* @return string
*/
private function clientRsaDecryptHelper($sEncryptedData)
{
$aMatch = array();
if ('rsa:xxx:' === substr($sEncryptedData, 0, 8) && $this->Config()->Get('security', 'use_rsa_encryption', false)) {
$oLogger = $this->Logger();
$oLogger->Write('Trying to decode encrypted data', \MailSo\Log\Enumerations\Type::INFO, 'RSA');
$sPrivateKey = file_exists(APP_PRIVATE_DATA . 'rsa/private') ? \file_get_contents(APP_PRIVATE_DATA . 'rsa/private') : '';
if (!empty($sPrivateKey)) {
$sData = \trim(\substr($sEncryptedData, 8));
if (!\class_exists('Crypt_RSA')) {
\set_include_path(\get_include_path() . PATH_SEPARATOR . APP_VERSION_ROOT_PATH . 'app/libraries/phpseclib');
include_once 'Crypt/RSA.php';
\defined('CRYPT_RSA_MODE') || \define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
}
$oLogger->HideErrorNotices(true);
$oRsa = new \Crypt_RSA();
$oRsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
$oRsa->setPrivateKeyFormat(CRYPT_RSA_PRIVATE_FORMAT_PKCS1);
$oRsa->setPrivateKeyFormat(CRYPT_RSA_PUBLIC_FORMAT_PKCS1);
$oRsa->loadKey($sPrivateKey, CRYPT_RSA_PRIVATE_FORMAT_PKCS1);
$sData = $oRsa->decrypt(\base64_decode($sData));
if (\preg_match('/^[a-z0-9]{32}:(.+):[a-z0-9]{32}$/', $sData, $aMatch) && isset($aMatch[1])) {
$sEncryptedData = $aMatch[1];
} else {
$oLogger->Write('Invalid decrypted data', \MailSo\Log\Enumerations\Type::WARNING, 'RSA');
}
$oLogger->HideErrorNotices(false);
} else {
$oLogger->Write('Private key is not found', \MailSo\Log\Enumerations\Type::WARNING, 'RSA');
}
}
return $sEncryptedData;
}
/**
* @param string $sEncryptedData
*
* @return string
*/
private function clientRsaDecryptHelper($sEncryptedData)
{
$aMatch = array();
if (\preg_match('/^rsa:([a-z0-9]{32}):/', $sEncryptedData, $aMatch) && !empty($aMatch[1]) && $this->Config()->Get('security', 'use_rsa_encryption', false)) {
$oLogger = $this->Logger();
$oLogger->Write('Trying to decode encrypted data', \MailSo\Log\Enumerations\Type::INFO, 'RSA');
$sPrivateKey = $this->Cacher()->Get(\RainLoop\KeyPathHelper::RsaCacherKey($aMatch[1]), true);
if (!empty($sPrivateKey)) {
$sData = \trim(\substr($sEncryptedData, 37));
if (!\class_exists('Crypt_RSA')) {
\set_include_path(\get_include_path() . PATH_SEPARATOR . APP_VERSION_ROOT_PATH . 'app/libraries/phpseclib');
\defined('CRYPT_RSA_MODE') || \define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
include_once 'Crypt/RSA.php';
}
\RainLoop\Service::$__HIDE_ERROR_NOTICES = true;
$oRsa = new \Crypt_RSA();
$oRsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
$oRsa->setPrivateKeyFormat(CRYPT_RSA_PRIVATE_FORMAT_PKCS1);
$oRsa->setPrivateKeyFormat(CRYPT_RSA_PUBLIC_FORMAT_PKCS1);
$oRsa->loadKey($sPrivateKey, CRYPT_RSA_PRIVATE_FORMAT_PKCS1);
$oMsg = new \Math_BigInteger($sData, 16);
$sData = $oRsa->decrypt($oMsg->toBytes());
if (\preg_match('/^[a-z0-9]{32}:(.+):[a-z0-9]{32}$/', $sData, $aMatch) && isset($aMatch[1])) {
$sEncryptedData = $aMatch[1];
} else {
$oLogger->Write('Invalid decrypted data', \MailSo\Log\Enumerations\Type::WARNING, 'RSA');
}
\RainLoop\Service::$__HIDE_ERROR_NOTICES = false;
} else {
$oLogger->Write('Private key is not found', \MailSo\Log\Enumerations\Type::WARNING, 'RSA');
}
}
return $sEncryptedData;
}
