/** * @expectedException \RuntimeException * @expectedExceptionMessage Unknown cipher method */ public function testInvalidCipher() { $privateKey = CurveFactory::getGeneratorByName('nistp256')->getPrivateKeyFrom(gmp_init(100)); $iv = random_bytes(16); $method = 'not-a-known-cipher'; new EncryptedPrivateKey($privateKey, $method, $iv); }
/** * @param string $name * @return bool */ public function checkCurveSupported($name) { try { CurveFactory::getCurveByName($name); return true; } catch (\Exception $e) { return false; } }
/** * @param ObjectIdentifier $oid * @return \Mdanter\Ecc\Primitives\GeneratorPoint */ public static function getGeneratorFromOid(ObjectIdentifier $oid) { $oidString = $oid->getContent(); $invertedMap = array_flip(self::$oidMap); if (array_key_exists($oidString, $invertedMap)) { return CurveFactory::getGeneratorByName($invertedMap[$oidString]); } throw new \RuntimeException('Invalid data: unsupported generator.'); }
/** * @param string $curveName * @return \Mdanter\Ecc\Primitives\GeneratorPoint */ public static function generator($curveName) { switch ($curveName) { case NistCurve::NAME_P256: case NistCurve::NAME_P384: case NistCurve::NAME_P521: return CurveFactory::getGeneratorByName($curveName); default: throw new \InvalidArgumentException('Unknown or unsupported generator'); } }
private static function getServerP256() { $generator = CurveFactory::getGeneratorByName('nist-p256'); $privateKeySerializer = new PemPrivateKeySerializer(new DerPrivateKeySerializer()); $privateKey = $generator->createPrivateKey(); $privateKeyStr = $privateKeySerializer->serialize($privateKey); $publicKeySerializer = new PemPublicKeySerializer(new DerPublicKeySerializer()); $publicKey = $privateKey->getPublicKey(); $publicKeyStr = $publicKeySerializer->serialize($publicKey); return array('private' => $privateKeyStr, 'public' => $publicKeyStr); }
/** * @param InputInterface $input * @param OutputInterface $output * @return void */ protected function execute(InputInterface $input, OutputInterface $output) { $curveName = $input->getOption('curve'); if (!$curveName) { throw new \InvalidArgumentException('Curve name is required. Use "list-curves" to get available names.'); } $generator = CurveFactory::getGeneratorByName($curveName); if ($output instanceof ConsoleOutputInterface) { $output->getErrorOutput()->writeln('Using curve "' . $curveName . "'"); } $privKeySerializer = $this->getPrivateKeySerializer($input, 'out'); $pubKeySerializer = $this->getPublicKeySerializer($input, 'out'); $privKey = $generator->createPrivateKey(); $output->writeln($privKeySerializer->serialize($privKey)); $pubKey = $privKey->getPublicKey(); $output->writeln($pubKeySerializer->serialize($pubKey)); }
/** * @return array */ public function getHmacTestSet() { $yaml = new Yaml(); $files = $this->getFiles(); $datasets = []; foreach ($files as $file) { $data = $yaml->parse($file); if (!isset($data['hmac'])) { continue; } $generator = CurveFactory::getGeneratorByName($data['name']); foreach ($data['hmac'] as $sig) { $datasets[] = [$generator, isset($sig['size']) ? $sig['size'] : 0, $sig['key'], $sig['algo'], $sig['message'], strtolower($sig['k']), strtolower($sig['r']), strtolower($sig['s'])]; } } return $datasets; }
/** * {@inheritdoc} */ public static function createECKey(array $values) { Assertion::keyExists($values, 'crv', 'The curve is not set.'); $curve = $values['crv']; if (function_exists('openssl_get_curve_names')) { $args = ['curve_name' => self::getOpensslName($curve), 'private_key_type' => OPENSSL_KEYTYPE_EC]; $key = openssl_pkey_new($args); $res = openssl_pkey_export($key, $out); Assertion::true($res, 'Unable to create the key'); $rsa = new ECKey($out); $values = array_merge($values, $rsa->toArray()); return new JWK($values); } else { $curve_name = self::getNistName($curve); $generator = CurveFactory::getGeneratorByName($curve_name); $private_key = $generator->createPrivateKey(); $values = array_merge($values, ['kty' => 'EC', 'crv' => $curve, 'x' => self::encodeValue($private_key->getPublicKey()->getPoint()->getX()), 'y' => self::encodeValue($private_key->getPublicKey()->getPoint()->getY()), 'd' => self::encodeValue($private_key->getSecret())]); } return new JWK($values); }
<?php require "../vendor/autoload.php"; $curveName = 'nist-p521'; $hashAlgo = 'sha256'; $factory = new Mdanter\X509\Factory(); $adapter = \Mdanter\Ecc\EccFactory::getAdapter(); $domain = $factory->getDomain($adapter, $curveName, $hashAlgo); $rbg = \Mdanter\Ecc\Random\RandomGeneratorFactory::getUrandomGenerator(); $G = \Mdanter\Ecc\Curves\CurveFactory::getGeneratorByName($curveName); $randomInt = $rbg->generate($G->getOrder()); $k = $G->getPrivateKeyFrom($randomInt); $Q = $k->getPublicKey(); $subjectDetails = ['commonName' => '127.0.0.1']; $subject = new Mdanter\X509\Certificates\CertificateSubject($subjectDetails); $csr = $factory->getCsr($domain, $subject, $k); $csrSerializer = new \Mdanter\X509\Serializer\Certificates\CsrSerializer(new \Mdanter\X509\Serializer\Certificates\CertificateSubjectSerializer(), new \Mdanter\Ecc\Serializer\PublicKey\DerPublicKeySerializer($adapter), new \Mdanter\X509\Serializer\Signature\DerSignatureSerializer()); $serialized = $csrSerializer->serialize($csr); echo $serialized;
/** * @param MathAdapterInterface|null $adapter * @param string $curveName * @param string $hashAlgorithm * @return EcDomain */ public static function getDomain(MathAdapterInterface $adapter, $curveName, $hashAlgorithm) { $adapter = $adapter ?: EccFactory::getAdapter(); return new EcDomain($adapter, CurveFactory::getCurveByName($curveName), CurveFactory::getGeneratorByName($curveName), new Hasher($adapter, $hashAlgorithm)); }
/** * @dataProvider getDeterministicSign2Data */ public function testDeterministicSign2($curve, $size, $algo, $privKey, $message, $eK, $eR, $eS) { //echo "Try {$test->curve} / {$test->algorithm} / '{$test->message}'\n"; $G = CurveFactory::getGeneratorByName($curve); // Initialize private key and message hash (decimal) $privateKey = $G->getPrivateKeyFrom($this->math->hexDec($privKey)); $hashHex = hash($algo, $message); $messageHash = $this->math->hexDec($hashHex); // Derive K $drbg = RandomGeneratorFactory::getHmacRandomGenerator($privateKey, $messageHash, $algo); $k = $drbg->generate($G->getOrder()); $this->assertEquals($this->math->hexdec($eK), $k, 'k'); $hexSize = strlen($hashHex); $hashBits = $this->math->baseConvert($messageHash, 10, 2); if (strlen($hashBits) < $hexSize * 4) { $hashBits = str_pad($hashBits, $hexSize * 4, '0', STR_PAD_LEFT); } $messageHash = $this->math->baseConvert(substr($hashBits, 0, $size), 2, 10); $signer = new Signer($this->math); $sig = $signer->sign($privateKey, $messageHash, $k); // R and S should be correct $sR = $this->math->hexDec($eR); $sS = $this->math->hexDec($eS); $this->assertTrue($signer->verify($privateKey->getPublicKey(), $sig, $messageHash)); $this->assertSame($sR, $sig->getR(), 'r'); $this->assertSame($sS, $sig->getS(), 's'); }