/**
* before_request
* Hook for PHP Requests
*
* @param $url
* @param $headers
* @param $data
*/
public function before_request(&$url, &$headers, &$data)
{
// generate a date string
$date = new \DateTime('NOW', new \DateTimeZone("GMT"));
$headers['Date'] = $date->format("D, d M Y H:i:s \\G\\M\\T");
// build up the data to be signed
$request_data = $headers['Date'] . "\n" . $url . "\n";
if (!empty($data)) {
$request_data .= http_build_query($data);
}
// get a signature for our request
// private key is in hex form, needs to be converted into PrivateKey Object
$generator = EccFactory::getNistCurves()->generator256();
$private_key = new PrivateKey($this->math_adapter, $generator, $this->math_adapter->hexDec($this->private_key));
$hash = $this->math_adapter->hexDec(hash("sha256", $request_data));
$signer = EccFactory::getSigner();
$randomK = RandomGeneratorFactory::getRandomGenerator()->generate($private_key->getPoint()->getOrder());
$signatureObj = $signer->sign($private_key, $hash, $randomK);
$signature = $this->math_adapter->decHex($signatureObj->getR()) . $this->math_adapter->decHex($signatureObj->getS());
// apply the HTTP headers and send the request
$headers['X-Service'] = $this->service_name;
$headers['X-Signature'] = $signature;
if ($this->debug) {
echo "\n\nRequest Data\n\n";
echo "URL:\n";
var_dump($url);
echo "HEADERS:\n";
var_dump($headers);
echo "DATA:\n";
var_dump($data);
}
}
/**
* @param string $content
* @param Binary $key
* @return string
*/
public function sign($content, Binary $key)
{
$math = MathAdapterFactory::getAdapter();
$inflatedPrivateKey = $this->deserializePrivate($key->getData(), $math);
$rng = RandomGeneratorFactory::getRandomGenerator();
$hash = $this->hash($content);
$signer = new Signer($math);
$signature = $signer->sign($inflatedPrivateKey, $hash, $rng->generate($inflatedPrivateKey->getPoint()->getOrder()));
return $signature->getR() . self::$SIGNATURE_GLUE . $signature->getS();
}
/**
* @param \Jose\Object\JWKInterface $key
* @param string $data
*
* @return string
*/
private function getPHPECCSignature(JWKInterface $key, $data)
{
$p = $this->getGenerator();
$d = $this->convertBase64ToGmp($key->get('d'));
$hash = $this->convertHexToGmp(hash($this->getHashAlgorithm(), $data));
$k = RandomGeneratorFactory::getRandomGenerator()->generate($p->getOrder());
$signer = EccFactory::getSigner();
$private_key = $p->getPrivateKeyFrom($d);
$signature = $signer->sign($private_key, $hash, $k);
$part_length = $this->getSignaturePartLength();
$R = str_pad($this->convertDecToHex($signature->getR()), $part_length, '0', STR_PAD_LEFT);
$S = str_pad($this->convertDecToHex($signature->getS()), $part_length, '0', STR_PAD_LEFT);
return $this->convertHexToBin($R . $S);
}
/**
*
* @dataProvider getAdapters
*/
public function testSecp256r1EquivalenceToNistP192(MathAdapterInterface $adapter)
{
$secpFactory = EccFactory::getSecgCurves($adapter);
$nistFactory = EccFactory::getNistCurves($adapter);
$signer = new Signer($adapter);
$secret = $adapter->hexDec('DC51D3866A15BACDE33D96F992FCA99DA7E6EF0934E7097559C27F1614C88A7F');
$secpKey = $secpFactory->generator256r1()->getPrivateKeyFrom($secret);
$nistKey = $nistFactory->generator256()->getPrivateKeyFrom($secret);
$randomK = RandomGeneratorFactory::getRandomGenerator()->generate($secpKey->getPoint()->getOrder());
$message = RandomGeneratorFactory::getRandomGenerator()->generate($secpKey->getPoint()->getOrder());
$sigSecp = $signer->sign($secpKey, $message, $randomK);
$sigNist = $signer->sign($nistKey, $message, $randomK);
$this->assertEquals($sigNist->getR(), $sigSecp->getR());
$this->assertEquals($sigNist->getS(), $sigSecp->getS());
}
/**
* {@inheritdoc}
*/
public function sign(JWKInterface $key, $data)
{
$this->checkKey($key);
if (!$key->has('d')) {
throw new \InvalidArgumentException('The EC key is not private');
}
$p = $this->getGenerator();
$d = $this->convertBase64ToDec($key->get('d'));
$hash = $this->convertHexToDec(hash($this->getHashAlgorithm(), $data));
$k = RandomGeneratorFactory::getRandomGenerator()->generate($p->getOrder());
$signer = EccFactory::getSigner();
$private_key = $p->getPrivateKeyFrom($d);
$signature = $signer->sign($private_key, $hash, $k);
$part_length = $this->getSignaturePartLength();
$R = str_pad($this->convertDecToHex($signature->getR()), $part_length, '0', STR_PAD_LEFT);
$S = str_pad($this->convertDecToHex($signature->getS()), $part_length, '0', STR_PAD_LEFT);
return $this->convertHextoBin($R . $S);
}
/**
* {@inheritdoc}
*/
public function createHash(string $payload, Key $key, RandomNumberGeneratorInterface $generator = null) : string
{
$privateKey = $this->parser->getPrivateKey($key);
$generator = $generator ?: RandomGeneratorFactory::getRandomGenerator();
return $this->createSignatureHash($this->signer->sign($privateKey, $this->createSigningHash($payload), $generator->generate($privateKey->getPoint()->getOrder())));
}
/**
* @param MathAdapterInterface $adapter
* @param CurveFpInterface $curve
* @param int|string $x
* @param int|string $y
* @param null $order
* @param RandomNumberGeneratorInterface $generator
*/
public function __construct(MathAdapterInterface $adapter, CurveFpInterface $curve, $x, $y, $order = null, RandomNumberGeneratorInterface $generator = null)
{
$this->generator = $generator ?: RandomGeneratorFactory::getRandomGenerator();
parent::__construct($adapter, $curve, $x, $y, $order);
}
