/**
*
* @see \CryptoUtil\PBE\PBEScheme::decryptWithKey()
* @throws \UnexpectedValueException If decryption failed
* @return string
*/
public function decryptWithKey($data, $key)
{
try {
$str = $this->_crypto->decrypt($data, $key, $this->_cipher);
return $this->_removePadding($str, $this->_cipher->blockSize());
} catch (\RuntimeException $e) {
throw new \UnexpectedValueException("Decryption failed.", null, $e);
}
}
/**
*
* @see \CryptoUtil\PBE\PBEScheme::decryptWithKey()
* @throws \UnexpectedValueException If decryption failed
* @return string
*/
public function decryptWithKey($data, $key)
{
if (strlen($key) !== 16) {
throw new \UnexpectedValueException("Invalid key length.");
}
try {
$algo = $this->_cipher->withInitializationVector(substr($key, 8, 8));
$str = $this->_crypto->decrypt($data, substr($key, 0, 8), $algo);
return $this->_removePadding($str, 8);
} catch (\RuntimeException $e) {
throw new \UnexpectedValueException("Decryption failed.", null, $e);
}
}
/**
* Verify signature.
*
* @param Crypto $crypto
* @param PublicKeyInfo $pubkey_info Signer's public key
* @return bool
*/
public function verify(Crypto $crypto, PublicKeyInfo $pubkey_info)
{
$data = $this->_acinfo->toASN1()->toDER();
return $crypto->verify($data, $this->_signatureValue, $pubkey_info, $this->_signatureAlgorithm);
}
/**
* Create signed attribute certificate.
*
* @param Crypto $crypto
* @param SignatureAlgorithmIdentifier $algo Signature algorithm
* @param PrivateKeyInfo $privkey_info Private key
* @return AttributeCertificate
*/
public function sign(Crypto $crypto, SignatureAlgorithmIdentifier $algo, PrivateKeyInfo $privkey_info)
{
$aci = clone $this;
if (!isset($aci->_serialNumber)) {
$aci->_serialNumber = 0;
}
$aci->_signature = $algo;
$data = $aci->toASN1()->toDER();
$signature = $crypto->sign($data, $privkey_info, $algo);
return new AttributeCertificate($aci, $algo, $signature);
}
/**
* Create signed certificate.
*
* @param Crypto $crypto Crypto engine
* @param SignatureAlgorithmIdentifier $algo Algorithm used for signing
* @param PrivateKeyInfo $privkey_info Private key used for signing
* @return Certificate
*/
public function sign(Crypto $crypto, SignatureAlgorithmIdentifier $algo, PrivateKeyInfo $privkey_info)
{
$tbsCert = clone $this;
if (!isset($tbsCert->_version)) {
$tbsCert->_version = $tbsCert->_determineVersion();
}
if (!isset($tbsCert->_serialNumber)) {
$tbsCert->_serialNumber = 0;
}
$tbsCert->_signature = $algo;
$data = $tbsCert->toASN1()->toDER();
$signature = $crypto->sign($data, $privkey_info, $algo);
return new Certificate($tbsCert, $algo, $signature);
}
/**
* Create signed CertificationRequest.
*
* @param Crypto $crypto Crypto engine
* @param SignatureAlgorithmIdentifier $algo Algorithm used for signing
* @param PrivateKeyInfo $privkey_info Private key used for signing
* @return CertificationRequest
*/
public function sign(Crypto $crypto, SignatureAlgorithmIdentifier $algo, PrivateKeyInfo $privkey_info)
{
$data = $this->toASN1()->toDER();
$signature = $crypto->sign($data, $privkey_info, $algo);
return new CertificationRequest($this, $algo, $signature);
}
/**
* Verify certification request signature.
*
* @param Crypto $crypto
* @return bool True if signature matches
*/
public function verify(Crypto $crypto)
{
$data = $this->_certificationRequestInfo->toASN1()->toDER();
$pk_info = $this->_certificationRequestInfo->subjectPKInfo();
return $crypto->verify($data, $this->_signature, $pk_info, $this->_signatureAlgorithm);
}