/** * Constructor * * Sets up the object * @param array $config The client configuration * @access public */ public function __construct($config = array()) { $this->_privatekey = isset($config['publickey']) && !empty($config['publickey']) ? $privatekey : \Sodium\hex2bin(config('knownpasswords.PRIVATE_KEY')); $this->_publickey = \Sodium\crypto_sign_publickey_from_secretkey($this->_privatekey); $this->_apiurl = "https://knownpasswords.org"; //don`t change this value $this->_serverSignaturePublicKey = \Sodium\hex2bin("e1426419742ee9f34831d3deaead88a511dc6fb635e3187427012457031e538a"); //don`t change this value $this->_serverEncryptionPublicKey = \Sodium\hex2bin("8609896949b031fb3109e6ed5564801ab6a839c88cc8b159c4d4771513b4564e"); //don`t change this value if (!$this->_privatekey) { throw new \Exception('Check your PRIVATE_KEY'); } $this->test_curl_ssl_support(); }
/** * Load a key from a file * * @param string $filePath * @param int $type * @return array|\ParagonIE\Halite\Key * @throws CryptoException\InvalidFlags */ public static function fromFile($filePath, $type = self::CRYPTO_SECRETBOX) { // Set this to true to flag a key as a signing key $signing = false; /** * Are we doing public key cryptography? */ if (($type & self::ASYMMETRIC) !== 0) { /** * Are we doing encryption or digital signing? */ $secret_key = \file_get_contents($filePath); if (($type & self::ENCRYPTION) !== 0) { $public_key = \Sodium\crypto_box_publickey_from_secretkey($secret_key); } elseif (($type & self::SIGNATURE) !== 0) { // Digital signature keypair $signing = true; $public_key = \Sodium\crypto_sign_publickey_from_secretkey($secret_key); } else { throw new CryptoException\InvalidFlags('Must specify encryption or authentication'); } // Let's return an array with two keys return [new ASecretKey($secret_key, $signing), new APublicKey($public_key, $signing)]; } elseif ($type & self::SECRET_KEY !== 0) { /** * Are we doing encryption or authentication? */ if ($type & self::SIGNATURE !== 0) { $signing = true; } $secret_key = \file_get_contents($filePath); return new SecretKey($secret_key, $signing); } else { throw new CryptoException\InvalidFlags('Must specify symmetric-key or asymmetric-key'); } }
/** * * Pass it a secret key, it will automatically generate a public key * * @param ...Key $keys */ public function __construct(Key ...$keys) { switch (\count($keys)) { /** * If we received two keys, it must be an asymmetric secret key and * an asymmetric public key, in either order. */ case 2: if (!$keys[0]->isAsymmetricKey() || !$keys[1]->isAsymmetricKey()) { throw new CryptoException\InvalidKey('Only keys intended for asymmetric cryptography can be used in a KeyPair object'); } if ($keys[0]->isPublicKey()) { if ($keys[1]->isPublicKey()) { throw new CryptoException\InvalidKey('Both keys cannot be public keys'); } // $keys[0] is public, $keys[1] is secret $this->secret_key = $keys[1] instanceof SignatureSecretKey ? $keys[1] : new SignatureSecretKey($keys[1]->get()); /** * Let's use the secret key to calculate the *correct* * public key. We're effectively discarding $keys[0] but * this ensures correct usage down the line. */ if (!$this->secret_key->isSigningKey()) { throw new CryptoException\InvalidKey('Must be a signing key pair'); } // crypto_sign - Ed25519 $pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[1]->get()); $this->public_key = new SignaturePublicKey($pub, true); \Sodium\memzero($pub); } elseif ($keys[1]->isPublicKey()) { // We can deduce that $keys[0] is a secret key $this->secret_key = $keys[0] instanceof SignatureSecretKey ? $keys[0] : new SignatureSecretKey($keys[0]->get()); /** * Let's use the secret key to calculate the *correct* * public key. We're effectively discarding $keys[0] but * this ensures correct usage down the line. */ if (!$this->secret_key->isSigningKey()) { throw new CryptoException\InvalidKey('Must be a signing key pair'); } // crypto_sign - Ed25519 $pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[0]->get()); $this->public_key = new SignaturePublicKey($pub, true); \Sodium\memzero($pub); } else { throw new CryptoException\InvalidKey('Both keys cannot be secret keys'); } break; /** * If we only received one key, it must be an asymmetric secret key! */ /** * If we only received one key, it must be an asymmetric secret key! */ case 1: if (!$keys[0]->isAsymmetricKey()) { throw new CryptoException\InvalidKey('Only keys intended for asymmetric cryptography can be used in a KeyPair object'); } if ($keys[0]->isPublicKey()) { throw new CryptoException\InvalidKey('We cannot generate a valid keypair given only a public key; we can given only a secret key, however.'); } $this->secret_key = $keys[0] instanceof SignatureSecretKey ? $keys[0] : new SignatureSecretKey($keys[0]->get(), $keys[0]->isSigningKey()); if (!$this->secret_key->isSigningKey()) { throw new CryptoException\InvalidKey('Must be a signing key pair'); } // We need to calculate the public key from the secret key $pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[0]->get()); $this->public_key = new SignaturePublicKey($pub, true); \Sodium\memzero($pub); break; default: throw new \InvalidArgumentException('Halite\\EncryptionKeyPair expects 1 or 2 keys'); } }
/** * See the appropriate derived class. * * @return SignaturePublicKey */ public function derivePublicKey() { $publicKey = \Sodium\crypto_sign_publickey_from_secretkey($this->getRawKeyMaterial()); return new SignaturePublicKey($publicKey); }
/** * * Pass it a secret key, it will automatically generate a public key * * @param ...Key $keys */ public function __construct(Key ...$keys) { switch (\count($keys)) { /** * If we received two keys, it must be an asymmetric secret key and * an asymmetric public key, in either order. */ case 2: if (!$keys[0]->isAsymmetricKey()) { throw new CryptoException\InvalidKey('Only keys intended for asymmetric cryptography can be used in a KeyPair object'); } elseif (!$keys[1]->isAsymmetricKey()) { throw new CryptoException\InvalidKey('Only keys intended for asymmetric cryptography can be used in a KeyPair object'); } if ($keys[0]->isPublicKey()) { if ($keys[1]->isPublicKey()) { throw new CryptoException\InvalidKey('Both keys cannot be public keys'); } $sign = $keys[1]->isSigningKey(); // $keys[0] is public, $keys[1] is secret if ($sign) { $this->secret_key = $keys[1] instanceof SignatureSecretKey ? $keys[1] : new SignatureSecretKey($keys[1]->get()); $pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[1]->get()); $this->public_key = new SignaturePublicKey($pub, true); \Sodium\memzero($pub); } else { $this->secret_key = $keys[1] instanceof EncryptionSecretKey ? $keys[1] : new EncryptionSecretKey($keys[1]->get()); // crypto_box - Curve25519 $pub = \Sodium\crypto_box_publickey_from_secretkey($keys[1]->get()); $this->public_key = new EncryptionPublicKey($pub, false); \Sodium\memzero($pub); } } elseif ($keys[1]->isPublicKey()) { $sign = $keys[0]->isSigningKey(); // We can deduce that $keys[0] is a secret key if ($sign) { $this->secret_key = $keys[0] instanceof SignatureSecretKey ? $keys[0] : new SignatureSecretKey($keys[0]->get()); // crypto_sign - Ed25519 $pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[0]->get()); $this->public_key = new SignaturePublicKey($pub); \Sodium\memzero($pub); } else { $this->secret_key = $keys[0] instanceof EncryptionSecretKey ? $keys[0] : new EncryptionSecretKey($keys[0]->get()); // crypto_box - Curve25519 $pub = \Sodium\crypto_box_publickey_from_secretkey($keys[0]->get()); $this->public_key = new EncryptionPublicKey($pub); \Sodium\memzero($pub); } } else { throw new CryptoException\InvalidKey('Both keys cannot be secret keys'); } break; /** * If we only received one key, it must be an asymmetric secret key! */ /** * If we only received one key, it must be an asymmetric secret key! */ case 1: if (!$keys[0]->isAsymmetricKey()) { throw new CryptoException\InvalidKey('Only keys intended for asymmetric cryptography can be used in a KeyPair object'); } if ($keys[0]->isPublicKey()) { throw new CryptoException\InvalidKey('We cannot generate a valid keypair given only a public key; we can given only a secret key, however.'); } $sign = $keys[0]->isSigningKey(); // We can deduce that $keys[0] is a secret key if ($sign) { $this->secret_key = $keys[0] instanceof SignatureSecretKey ? $keys[0] : new SignatureSecretKey($keys[0]->get()); // crypto_sign - Ed25519 $pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[0]->get()); $this->public_key = new SignaturePublicKey($pub); \Sodium\memzero($pub); } else { $this->secret_key = $keys[0] instanceof EncryptionSecretKey ? $keys[0] : new EncryptionSecretKey($keys[0]->get()); // crypto_box - Curve25519 $pub = \Sodium\crypto_box_publickey_from_secretkey($keys[0]->get()); $this->public_key = new EncryptionPublicKey($pub); \Sodium\memzero($pub); } break; default: throw new \InvalidArgumentException('Halite\\KeyPair expects 1 or 2 keys'); } }
/** * * Pass it a secret key, it will automatically generate a public key * * @param ...Key $keys */ public function __construct(Key ...$keys) { switch (\count($keys)) { case 2: if ($keys[0]->isPublicKey()) { if ($keys[1]->isPublicKey()) { throw new CryptoAlert\InvalidKey('Both keys cannot be public keys'); } // $keys[0] is public, $keys[1] is secret $this->secret_key = $keys[1] instanceof SecretKey ? $keys[1] : new SecretKey($keys[1]->get(), $keys[1]->isSigningKey()); /** * Let's use the secret key to calculate the *correct* * public key. We're effectively discarding $keys[0] but * this ensures correct usage down the line. */ if ($this->secret_key->isSigningKey()) { // crypto_sign - Ed25519 $pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[1]->get()); $this->public_key = new PublicKey($pub, true); \Sodium\memzero($pub); } else { // crypto_box - Curve25519 $pub = \Sodium\crypto_box_publickey_from_secretkey($keys[1]->get()); $this->public_key = new PublicKey($pub, false); \Sodium\memzero($pub); } } elseif ($keys[1]->isPublicKey()) { // We can deduce that $keys[0] is a secret key $this->secret_key = $keys[0] instanceof SecretKey ? $keys[0] : new SecretKey($keys[0]->get(), $keys[0]->isSigningKey()); /** * Let's use the secret key to calculate the *correct* * public key. We're effectively discarding $keys[0] but * this ensures correct usage down the line. */ if ($this->secret_key->isSigningKey()) { // crypto_sign - Ed25519 $pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[0]->get()); $this->public_key = new PublicKey($pub, true); } else { // crypto_box - Curve25519 $pub = \Sodium\crypto_box_publickey_from_secretkey($keys[0]->get()); $this->public_key = new PublicKey($pub, false); \Sodium\memzero($pub); } } else { throw new CryptoAlert\InvalidKey('Both keys cannot be secret keys'); } break; case 1: if ($keys[0]->isPublicKey()) { throw new CryptoAlert\InvalidKey('We cannot generate a valid keypair given only a public key; we can given only a secret key, however.'); } $this->secret_key = $keys[0] instanceof SecretKey ? $keys[0] : new SecretKey($keys[0]->get(), $keys[0]->isSigningKey()); if ($this->secret_key->isSigningKey()) { // We need to calculate the public key from the secret key $pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[0]->get()); $this->public_key = new PublicKey($pub, true); \Sodium\memzero($pub); } else { // We need to calculate the public key from the secret key $pub = \Sodium\crypto_box_publickey_from_secretkey($keys[0]->get()); $this->public_key = new PublicKey($pub, false); \Sodium\memzero($pub); } break; default: throw new \InvalidArgumentException('Halite\\Keypair expects 1 or 2 keys'); } }