Merge pull request #9184 from nupplaphil/task/asn1_composer
Replace library/asn1.php & ASNValue with phpseclib
This commit is contained in:
GitHub
commit
fe545cef74
10 changed files with 222 additions and 684 deletions
|
|
@ -21,11 +21,13 @@
|
|||
|
||||
namespace Friendica\Module;
|
||||
|
||||
use ASN_BASE;
|
||||
use Friendica\BaseModule;
|
||||
use Friendica\DI;
|
||||
use Friendica\Model\User;
|
||||
use Friendica\Network\HTTPException\BadRequestException;
|
||||
use Friendica\Util\Crypto;
|
||||
use Friendica\Util\Strings;
|
||||
use phpseclib\File\ASN1;
|
||||
|
||||
/**
|
||||
* prints the public RSA key of a user
|
||||
|
|
@ -49,18 +51,10 @@ class PublicRSAKey extends BaseModule
|
|||
throw new BadRequestException();
|
||||
}
|
||||
|
||||
$lines = explode("\n", $user['spubkey']);
|
||||
unset($lines[0]);
|
||||
unset($lines[count($lines)]);
|
||||
|
||||
$asnString = base64_decode(implode('', $lines));
|
||||
$asnBase = ASN_BASE::parseASNString($asnString);
|
||||
|
||||
$m = $asnBase[0]->asnData[1]->asnData[0]->asnData[0]->asnData;
|
||||
$e = $asnBase[0]->asnData[1]->asnData[0]->asnData[1]->asnData;
|
||||
Crypto::pemToMe($user['spubkey'], $modulus, $exponent);
|
||||
|
||||
header('Content-type: application/magic-public-key');
|
||||
echo 'RSA' . '.' . $m . '.' . $e;
|
||||
echo 'RSA' . '.' . Strings::base64UrlEncode($modulus, true) . '.' . Strings::base64UrlEncode($exponent, true);
|
||||
|
||||
exit();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -229,7 +229,7 @@ class Salmon
|
|||
*/
|
||||
public static function salmonKey($pubkey)
|
||||
{
|
||||
Crypto::pemToMe($pubkey, $m, $e);
|
||||
return 'RSA' . '.' . Strings::base64UrlEncode($m, true) . '.' . Strings::base64UrlEncode($e, true);
|
||||
Crypto::pemToMe($pubkey, $modulus, $exponent);
|
||||
return 'RSA' . '.' . Strings::base64UrlEncode($modulus, true) . '.' . Strings::base64UrlEncode($exponent, true);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,12 +21,12 @@
|
|||
|
||||
namespace Friendica\Util;
|
||||
|
||||
use ASN_BASE;
|
||||
use ASNValue;
|
||||
use Friendica\Core\Hook;
|
||||
use Friendica\Core\Logger;
|
||||
use Friendica\Core\System;
|
||||
use Friendica\DI;
|
||||
use phpseclib\Crypt\RSA;
|
||||
use phpseclib\Math\BigInteger;
|
||||
|
||||
/**
|
||||
* Crypto class
|
||||
|
|
@ -65,97 +65,6 @@ class Crypto
|
|||
}
|
||||
|
||||
/**
|
||||
* @param string $Der der formatted string
|
||||
* @param bool $Private key type optional, default false
|
||||
* @return string
|
||||
*/
|
||||
private static function DerToPem($Der, $Private = false)
|
||||
{
|
||||
//Encode:
|
||||
$Der = base64_encode($Der);
|
||||
//Split lines:
|
||||
$lines = str_split($Der, 65);
|
||||
$body = implode("\n", $lines);
|
||||
//Get title:
|
||||
$title = $Private ? 'RSA PRIVATE KEY' : 'PUBLIC KEY';
|
||||
//Add wrapping:
|
||||
$result = "-----BEGIN {$title}-----\n";
|
||||
$result .= $body . "\n";
|
||||
$result .= "-----END {$title}-----\n";
|
||||
|
||||
return $result;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $Der der formatted string
|
||||
* @return string
|
||||
*/
|
||||
private static function DerToRsa($Der)
|
||||
{
|
||||
//Encode:
|
||||
$Der = base64_encode($Der);
|
||||
//Split lines:
|
||||
$lines = str_split($Der, 64);
|
||||
$body = implode("\n", $lines);
|
||||
//Get title:
|
||||
$title = 'RSA PUBLIC KEY';
|
||||
//Add wrapping:
|
||||
$result = "-----BEGIN {$title}-----\n";
|
||||
$result .= $body . "\n";
|
||||
$result .= "-----END {$title}-----\n";
|
||||
|
||||
return $result;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $Modulus modulo
|
||||
* @param string $PublicExponent exponent
|
||||
* @return string
|
||||
*/
|
||||
private static function pkcs8Encode($Modulus, $PublicExponent)
|
||||
{
|
||||
//Encode key sequence
|
||||
$modulus = new ASNValue(ASNValue::TAG_INTEGER);
|
||||
$modulus->SetIntBuffer($Modulus);
|
||||
$publicExponent = new ASNValue(ASNValue::TAG_INTEGER);
|
||||
$publicExponent->SetIntBuffer($PublicExponent);
|
||||
$keySequenceItems = [$modulus, $publicExponent];
|
||||
$keySequence = new ASNValue(ASNValue::TAG_SEQUENCE);
|
||||
$keySequence->SetSequence($keySequenceItems);
|
||||
//Encode bit string
|
||||
$bitStringValue = $keySequence->Encode();
|
||||
$bitStringValue = chr(0x00) . $bitStringValue; //Add unused bits byte
|
||||
$bitString = new ASNValue(ASNValue::TAG_BITSTRING);
|
||||
$bitString->Value = $bitStringValue;
|
||||
//Encode body
|
||||
$bodyValue = "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00" . $bitString->Encode();
|
||||
$body = new ASNValue(ASNValue::TAG_SEQUENCE);
|
||||
$body->Value = $bodyValue;
|
||||
//Get DER encoded public key:
|
||||
$PublicDER = $body->Encode();
|
||||
return $PublicDER;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $Modulus modulo
|
||||
* @param string $PublicExponent exponent
|
||||
* @return string
|
||||
*/
|
||||
private static function pkcs1Encode($Modulus, $PublicExponent)
|
||||
{
|
||||
//Encode key sequence
|
||||
$modulus = new ASNValue(ASNValue::TAG_INTEGER);
|
||||
$modulus->SetIntBuffer($Modulus);
|
||||
$publicExponent = new ASNValue(ASNValue::TAG_INTEGER);
|
||||
$publicExponent->SetIntBuffer($PublicExponent);
|
||||
$keySequenceItems = [$modulus, $publicExponent];
|
||||
$keySequence = new ASNValue(ASNValue::TAG_SEQUENCE);
|
||||
$keySequence->SetSequence($keySequenceItems);
|
||||
//Encode bit string
|
||||
$bitStringValue = $keySequence->Encode();
|
||||
return $bitStringValue;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $m modulo
|
||||
* @param string $e exponent
|
||||
|
|
@ -163,85 +72,46 @@ class Crypto
|
|||
*/
|
||||
public static function meToPem($m, $e)
|
||||
{
|
||||
$der = self::pkcs8Encode($m, $e);
|
||||
$key = self::DerToPem($der, false);
|
||||
return $key;
|
||||
$rsa = new RSA();
|
||||
$rsa->loadKey([
|
||||
'e' => new BigInteger($e, 256),
|
||||
'n' => new BigInteger($m, 256)
|
||||
]);
|
||||
return $rsa->getPublicKey();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $key key
|
||||
* @param string $m modulo reference
|
||||
* @param object $e exponent reference
|
||||
* Transform RSA public keys to standard PEM output
|
||||
*
|
||||
* @param string $key A RSA public key
|
||||
*
|
||||
* @return string The PEM output of this key
|
||||
*/
|
||||
public static function rsaToPem(string $key)
|
||||
{
|
||||
$rsa = new RSA();
|
||||
$rsa->setPublicKey($key);
|
||||
|
||||
return $rsa->getPublicKey(RSA::PUBLIC_FORMAT_PKCS8);
|
||||
}
|
||||
|
||||
/**
|
||||
* Extracts the modulo and exponent reference from a public PEM key
|
||||
*
|
||||
* @param string $key public PEM key
|
||||
* @param string $modulus (ref) modulo reference
|
||||
* @param string $exponent (ref) exponent reference
|
||||
*
|
||||
* @return void
|
||||
* @throws \Exception
|
||||
*/
|
||||
private static function pubRsaToMe($key, &$m, &$e)
|
||||
public static function pemToMe(string $key, &$modulus, &$exponent)
|
||||
{
|
||||
$lines = explode("\n", $key);
|
||||
unset($lines[0]);
|
||||
unset($lines[count($lines)]);
|
||||
$x = base64_decode(implode('', $lines));
|
||||
$rsa = new RSA();
|
||||
$rsa->loadKey($key);
|
||||
$rsa->setPublicKey();
|
||||
|
||||
$r = ASN_BASE::parseASNString($x);
|
||||
|
||||
$m = Strings::base64UrlDecode($r[0]->asnData[0]->asnData);
|
||||
$e = Strings::base64UrlDecode($r[0]->asnData[1]->asnData);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $key key
|
||||
* @return string
|
||||
* @throws \Exception
|
||||
*/
|
||||
public static function rsaToPem($key)
|
||||
{
|
||||
self::pubRsaToMe($key, $m, $e);
|
||||
return self::meToPem($m, $e);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $key key
|
||||
* @return string
|
||||
* @throws \Exception
|
||||
*/
|
||||
private static function pemToRsa($key)
|
||||
{
|
||||
self::pemToMe($key, $m, $e);
|
||||
return self::meToRsa($m, $e);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $key key
|
||||
* @param string $m modulo reference
|
||||
* @param string $e exponent reference
|
||||
* @return void
|
||||
* @throws \Exception
|
||||
*/
|
||||
public static function pemToMe($key, &$m, &$e)
|
||||
{
|
||||
$lines = explode("\n", $key);
|
||||
unset($lines[0]);
|
||||
unset($lines[count($lines)]);
|
||||
$x = base64_decode(implode('', $lines));
|
||||
|
||||
$r = ASN_BASE::parseASNString($x);
|
||||
|
||||
if (isset($r[0])) {
|
||||
$m = Strings::base64UrlDecode($r[0]->asnData[1]->asnData[0]->asnData[0]->asnData);
|
||||
$e = Strings::base64UrlDecode($r[0]->asnData[1]->asnData[0]->asnData[1]->asnData);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $m modulo
|
||||
* @param string $e exponent
|
||||
* @return string
|
||||
*/
|
||||
private static function meToRsa($m, $e)
|
||||
{
|
||||
$der = self::pkcs1Encode($m, $e);
|
||||
$key = self::DerToRsa($der);
|
||||
return $key;
|
||||
$modulus = $rsa->modulus->toBytes();
|
||||
$exponent = $rsa->exponent->toBytes();
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -282,13 +152,13 @@ class Crypto
|
|||
|
||||
/**
|
||||
* Encrypt a string with 'aes-256-cbc' cipher method.
|
||||
*
|
||||
*
|
||||
* Ported from Hubzilla: https://framagit.org/hubzilla/core/blob/master/include/crypto.php
|
||||
*
|
||||
*
|
||||
* @param string $data
|
||||
* @param string $key The key used for encryption.
|
||||
* @param string $iv A non-NULL Initialization Vector.
|
||||
*
|
||||
*
|
||||
* @return string|boolean Encrypted string or false on failure.
|
||||
*/
|
||||
private static function encryptAES256CBC($data, $key, $iv)
|
||||
|
|
@ -298,13 +168,13 @@ class Crypto
|
|||
|
||||
/**
|
||||
* Decrypt a string with 'aes-256-cbc' cipher method.
|
||||
*
|
||||
*
|
||||
* Ported from Hubzilla: https://framagit.org/hubzilla/core/blob/master/include/crypto.php
|
||||
*
|
||||
*
|
||||
* @param string $data
|
||||
* @param string $key The key used for decryption.
|
||||
* @param string $iv A non-NULL Initialization Vector.
|
||||
*
|
||||
*
|
||||
* @return string|boolean Decrypted string or false on failure.
|
||||
*/
|
||||
private static function decryptAES256CBC($data, $key, $iv)
|
||||
|
|
@ -312,42 +182,6 @@ class Crypto
|
|||
return openssl_decrypt($data, 'aes-256-cbc', str_pad($key, 32, "\0"), OPENSSL_RAW_DATA, str_pad($iv, 16, "\0"));
|
||||
}
|
||||
|
||||
/**
|
||||
* Encrypt a string with 'aes-256-ctr' cipher method.
|
||||
*
|
||||
* Ported from Hubzilla: https://framagit.org/hubzilla/core/blob/master/include/crypto.php
|
||||
*
|
||||
* @param string $data
|
||||
* @param string $key The key used for encryption.
|
||||
* @param string $iv A non-NULL Initialization Vector.
|
||||
*
|
||||
* @return string|boolean Encrypted string or false on failure.
|
||||
*/
|
||||
private static function encryptAES256CTR($data, $key, $iv)
|
||||
{
|
||||
$key = substr($key, 0, 32);
|
||||
$iv = substr($iv, 0, 16);
|
||||
return openssl_encrypt($data, 'aes-256-ctr', str_pad($key, 32, "\0"), OPENSSL_RAW_DATA, str_pad($iv, 16, "\0"));
|
||||
}
|
||||
|
||||
/**
|
||||
* Decrypt a string with 'aes-256-ctr' cipher method.
|
||||
*
|
||||
* Ported from Hubzilla: https://framagit.org/hubzilla/core/blob/master/include/crypto.php
|
||||
*
|
||||
* @param string $data
|
||||
* @param string $key The key used for decryption.
|
||||
* @param string $iv A non-NULL Initialization Vector.
|
||||
*
|
||||
* @return string|boolean Decrypted string or false on failure.
|
||||
*/
|
||||
private static function decryptAES256CTR($data, $key, $iv)
|
||||
{
|
||||
$key = substr($key, 0, 32);
|
||||
$iv = substr($iv, 0, 16);
|
||||
return openssl_decrypt($data, 'aes-256-ctr', str_pad($key, 32, "\0"), OPENSSL_RAW_DATA, str_pad($iv, 16, "\0"));
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* Ported from Hubzilla: https://framagit.org/hubzilla/core/blob/master/include/crypto.php
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue