/**
* Constructor
*
* Sets up the object
* @param array $config The client configuration
* @access public
*/
public function __construct($config = array())
{
$this->_privatekey = isset($config['publickey']) && !empty($config['publickey']) ? $privatekey : \Sodium\hex2bin(config('knownpasswords.PRIVATE_KEY'));
$this->_publickey = \Sodium\crypto_sign_publickey_from_secretkey($this->_privatekey);
$this->_apiurl = "https://knownpasswords.org";
//don`t change this value
$this->_serverSignaturePublicKey = \Sodium\hex2bin("e1426419742ee9f34831d3deaead88a511dc6fb635e3187427012457031e538a");
//don`t change this value
$this->_serverEncryptionPublicKey = \Sodium\hex2bin("8609896949b031fb3109e6ed5564801ab6a839c88cc8b159c4d4771513b4564e");
//don`t change this value
if (!$this->_privatekey) {
throw new \Exception('Check your PRIVATE_KEY');
}
$this->test_curl_ssl_support();
}
/**
* Load a key from a file
*
* @param string $filePath
* @param int $type
* @return array|\ParagonIE\Halite\Key
* @throws CryptoException\InvalidFlags
*/
public static function fromFile($filePath, $type = self::CRYPTO_SECRETBOX)
{
// Set this to true to flag a key as a signing key
$signing = false;
/**
* Are we doing public key cryptography?
*/
if (($type & self::ASYMMETRIC) !== 0) {
/**
* Are we doing encryption or digital signing?
*/
$secret_key = \file_get_contents($filePath);
if (($type & self::ENCRYPTION) !== 0) {
$public_key = \Sodium\crypto_box_publickey_from_secretkey($secret_key);
} elseif (($type & self::SIGNATURE) !== 0) {
// Digital signature keypair
$signing = true;
$public_key = \Sodium\crypto_sign_publickey_from_secretkey($secret_key);
} else {
throw new CryptoException\InvalidFlags('Must specify encryption or authentication');
}
// Let's return an array with two keys
return [new ASecretKey($secret_key, $signing), new APublicKey($public_key, $signing)];
} elseif ($type & self::SECRET_KEY !== 0) {
/**
* Are we doing encryption or authentication?
*/
if ($type & self::SIGNATURE !== 0) {
$signing = true;
}
$secret_key = \file_get_contents($filePath);
return new SecretKey($secret_key, $signing);
} else {
throw new CryptoException\InvalidFlags('Must specify symmetric-key or asymmetric-key');
}
}
/**
*
* Pass it a secret key, it will automatically generate a public key
*
* @param ...Key $keys
*/
public function __construct(Key ...$keys)
{
switch (\count($keys)) {
/**
* If we received two keys, it must be an asymmetric secret key and
* an asymmetric public key, in either order.
*/
case 2:
if (!$keys[0]->isAsymmetricKey() || !$keys[1]->isAsymmetricKey()) {
throw new CryptoException\InvalidKey('Only keys intended for asymmetric cryptography can be used in a KeyPair object');
}
if ($keys[0]->isPublicKey()) {
if ($keys[1]->isPublicKey()) {
throw new CryptoException\InvalidKey('Both keys cannot be public keys');
}
// $keys[0] is public, $keys[1] is secret
$this->secret_key = $keys[1] instanceof SignatureSecretKey ? $keys[1] : new SignatureSecretKey($keys[1]->get());
/**
* Let's use the secret key to calculate the *correct*
* public key. We're effectively discarding $keys[0] but
* this ensures correct usage down the line.
*/
if (!$this->secret_key->isSigningKey()) {
throw new CryptoException\InvalidKey('Must be a signing key pair');
}
// crypto_sign - Ed25519
$pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[1]->get());
$this->public_key = new SignaturePublicKey($pub, true);
\Sodium\memzero($pub);
} elseif ($keys[1]->isPublicKey()) {
// We can deduce that $keys[0] is a secret key
$this->secret_key = $keys[0] instanceof SignatureSecretKey ? $keys[0] : new SignatureSecretKey($keys[0]->get());
/**
* Let's use the secret key to calculate the *correct*
* public key. We're effectively discarding $keys[0] but
* this ensures correct usage down the line.
*/
if (!$this->secret_key->isSigningKey()) {
throw new CryptoException\InvalidKey('Must be a signing key pair');
}
// crypto_sign - Ed25519
$pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[0]->get());
$this->public_key = new SignaturePublicKey($pub, true);
\Sodium\memzero($pub);
} else {
throw new CryptoException\InvalidKey('Both keys cannot be secret keys');
}
break;
/**
* If we only received one key, it must be an asymmetric secret key!
*/
/**
* If we only received one key, it must be an asymmetric secret key!
*/
case 1:
if (!$keys[0]->isAsymmetricKey()) {
throw new CryptoException\InvalidKey('Only keys intended for asymmetric cryptography can be used in a KeyPair object');
}
if ($keys[0]->isPublicKey()) {
throw new CryptoException\InvalidKey('We cannot generate a valid keypair given only a public key; we can given only a secret key, however.');
}
$this->secret_key = $keys[0] instanceof SignatureSecretKey ? $keys[0] : new SignatureSecretKey($keys[0]->get(), $keys[0]->isSigningKey());
if (!$this->secret_key->isSigningKey()) {
throw new CryptoException\InvalidKey('Must be a signing key pair');
}
// We need to calculate the public key from the secret key
$pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[0]->get());
$this->public_key = new SignaturePublicKey($pub, true);
\Sodium\memzero($pub);
break;
default:
throw new \InvalidArgumentException('Halite\\EncryptionKeyPair expects 1 or 2 keys');
}
}
/**
* See the appropriate derived class.
*
* @return SignaturePublicKey
*/
public function derivePublicKey()
{
$publicKey = \Sodium\crypto_sign_publickey_from_secretkey($this->getRawKeyMaterial());
return new SignaturePublicKey($publicKey);
}
/**
*
* Pass it a secret key, it will automatically generate a public key
*
* @param ...Key $keys
*/
public function __construct(Key ...$keys)
{
switch (\count($keys)) {
/**
* If we received two keys, it must be an asymmetric secret key and
* an asymmetric public key, in either order.
*/
case 2:
if (!$keys[0]->isAsymmetricKey()) {
throw new CryptoException\InvalidKey('Only keys intended for asymmetric cryptography can be used in a KeyPair object');
} elseif (!$keys[1]->isAsymmetricKey()) {
throw new CryptoException\InvalidKey('Only keys intended for asymmetric cryptography can be used in a KeyPair object');
}
if ($keys[0]->isPublicKey()) {
if ($keys[1]->isPublicKey()) {
throw new CryptoException\InvalidKey('Both keys cannot be public keys');
}
$sign = $keys[1]->isSigningKey();
// $keys[0] is public, $keys[1] is secret
if ($sign) {
$this->secret_key = $keys[1] instanceof SignatureSecretKey ? $keys[1] : new SignatureSecretKey($keys[1]->get());
$pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[1]->get());
$this->public_key = new SignaturePublicKey($pub, true);
\Sodium\memzero($pub);
} else {
$this->secret_key = $keys[1] instanceof EncryptionSecretKey ? $keys[1] : new EncryptionSecretKey($keys[1]->get());
// crypto_box - Curve25519
$pub = \Sodium\crypto_box_publickey_from_secretkey($keys[1]->get());
$this->public_key = new EncryptionPublicKey($pub, false);
\Sodium\memzero($pub);
}
} elseif ($keys[1]->isPublicKey()) {
$sign = $keys[0]->isSigningKey();
// We can deduce that $keys[0] is a secret key
if ($sign) {
$this->secret_key = $keys[0] instanceof SignatureSecretKey ? $keys[0] : new SignatureSecretKey($keys[0]->get());
// crypto_sign - Ed25519
$pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[0]->get());
$this->public_key = new SignaturePublicKey($pub);
\Sodium\memzero($pub);
} else {
$this->secret_key = $keys[0] instanceof EncryptionSecretKey ? $keys[0] : new EncryptionSecretKey($keys[0]->get());
// crypto_box - Curve25519
$pub = \Sodium\crypto_box_publickey_from_secretkey($keys[0]->get());
$this->public_key = new EncryptionPublicKey($pub);
\Sodium\memzero($pub);
}
} else {
throw new CryptoException\InvalidKey('Both keys cannot be secret keys');
}
break;
/**
* If we only received one key, it must be an asymmetric secret key!
*/
/**
* If we only received one key, it must be an asymmetric secret key!
*/
case 1:
if (!$keys[0]->isAsymmetricKey()) {
throw new CryptoException\InvalidKey('Only keys intended for asymmetric cryptography can be used in a KeyPair object');
}
if ($keys[0]->isPublicKey()) {
throw new CryptoException\InvalidKey('We cannot generate a valid keypair given only a public key; we can given only a secret key, however.');
}
$sign = $keys[0]->isSigningKey();
// We can deduce that $keys[0] is a secret key
if ($sign) {
$this->secret_key = $keys[0] instanceof SignatureSecretKey ? $keys[0] : new SignatureSecretKey($keys[0]->get());
// crypto_sign - Ed25519
$pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[0]->get());
$this->public_key = new SignaturePublicKey($pub);
\Sodium\memzero($pub);
} else {
$this->secret_key = $keys[0] instanceof EncryptionSecretKey ? $keys[0] : new EncryptionSecretKey($keys[0]->get());
// crypto_box - Curve25519
$pub = \Sodium\crypto_box_publickey_from_secretkey($keys[0]->get());
$this->public_key = new EncryptionPublicKey($pub);
\Sodium\memzero($pub);
}
break;
default:
throw new \InvalidArgumentException('Halite\\KeyPair expects 1 or 2 keys');
}
}
/**
*
* Pass it a secret key, it will automatically generate a public key
*
* @param ...Key $keys
*/
public function __construct(Key ...$keys)
{
switch (\count($keys)) {
case 2:
if ($keys[0]->isPublicKey()) {
if ($keys[1]->isPublicKey()) {
throw new CryptoAlert\InvalidKey('Both keys cannot be public keys');
}
// $keys[0] is public, $keys[1] is secret
$this->secret_key = $keys[1] instanceof SecretKey ? $keys[1] : new SecretKey($keys[1]->get(), $keys[1]->isSigningKey());
/**
* Let's use the secret key to calculate the *correct*
* public key. We're effectively discarding $keys[0] but
* this ensures correct usage down the line.
*/
if ($this->secret_key->isSigningKey()) {
// crypto_sign - Ed25519
$pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[1]->get());
$this->public_key = new PublicKey($pub, true);
\Sodium\memzero($pub);
} else {
// crypto_box - Curve25519
$pub = \Sodium\crypto_box_publickey_from_secretkey($keys[1]->get());
$this->public_key = new PublicKey($pub, false);
\Sodium\memzero($pub);
}
} elseif ($keys[1]->isPublicKey()) {
// We can deduce that $keys[0] is a secret key
$this->secret_key = $keys[0] instanceof SecretKey ? $keys[0] : new SecretKey($keys[0]->get(), $keys[0]->isSigningKey());
/**
* Let's use the secret key to calculate the *correct*
* public key. We're effectively discarding $keys[0] but
* this ensures correct usage down the line.
*/
if ($this->secret_key->isSigningKey()) {
// crypto_sign - Ed25519
$pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[0]->get());
$this->public_key = new PublicKey($pub, true);
} else {
// crypto_box - Curve25519
$pub = \Sodium\crypto_box_publickey_from_secretkey($keys[0]->get());
$this->public_key = new PublicKey($pub, false);
\Sodium\memzero($pub);
}
} else {
throw new CryptoAlert\InvalidKey('Both keys cannot be secret keys');
}
break;
case 1:
if ($keys[0]->isPublicKey()) {
throw new CryptoAlert\InvalidKey('We cannot generate a valid keypair given only a public key; we can given only a secret key, however.');
}
$this->secret_key = $keys[0] instanceof SecretKey ? $keys[0] : new SecretKey($keys[0]->get(), $keys[0]->isSigningKey());
if ($this->secret_key->isSigningKey()) {
// We need to calculate the public key from the secret key
$pub = \Sodium\crypto_sign_publickey_from_secretkey($keys[0]->get());
$this->public_key = new PublicKey($pub, true);
\Sodium\memzero($pub);
} else {
// We need to calculate the public key from the secret key
$pub = \Sodium\crypto_box_publickey_from_secretkey($keys[0]->get());
$this->public_key = new PublicKey($pub, false);
\Sodium\memzero($pub);
}
break;
default:
throw new \InvalidArgumentException('Halite\\Keypair expects 1 or 2 keys');
}
}
