PluginProbe ʕ •ᴥ•ʔ
JetBackup – Backup, Restore & Migrate / 3.1.13.4
JetBackup – Backup, Restore & Migrate v3.1.13.4
3.1.22.4 3.1.22.3 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8 1.4.8.1 1.4.9 1.5.0 1.5.1 1.5.1.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.6.0 1.6.10 1.6.11 1.6.12 1.6.13 1.6.15 1.6.5.1 1.6.8.8 1.6.9 1.6.9.1 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7.5 2.0.8.7 2.0.9.11 2.0.9.14 2.0.9.15 2.0.9.6 2.0.9.7 2.0.9.9 3.1.10.7 3.1.11.1 3.1.12.3 3.1.13.4 3.1.14.17 3.1.15.4 3.1.16.1 3.1.17.5 3.1.18.10 3.1.18.8 3.1.18.9 3.1.19.8 3.1.20.3 3.1.21.3 3.1.7.9 3.1.9.2 trunk 1.1.90 1.1.91 1.2.0 1.2.5 1.2.6 1.2.7 1.2.8 1.2.9 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2
backup / src / JetBackup / 3rdparty / phpseclib3 / Crypt / RSA / Formats / Keys / PSS.php
backup / src / JetBackup / 3rdparty / phpseclib3 / Crypt / RSA / Formats / Keys Last commit date
.htaccess 9 months ago JWK.php 9 months ago MSBLOB.php 9 months ago OpenSSH.php 9 months ago PKCS1.php 9 months ago PKCS8.php 9 months ago PSS.php 9 months ago PuTTY.php 9 months ago Raw.php 9 months ago XML.php 9 months ago index.html 9 months ago web.config 9 months ago
PSS.php
226 lines
1 <?php
2
3 /**
4 * PKCS#8 Formatted RSA-PSS Key Handler
5 *
6 * PHP version 5
7 *
8 * Used by PHP's openssl_public_encrypt() and openssl's rsautl (when -pubin is set)
9 *
10 * Processes keys with the following headers:
11 *
12 * -----BEGIN ENCRYPTED PRIVATE KEY-----
13 * -----BEGIN PRIVATE KEY-----
14 * -----BEGIN PUBLIC KEY-----
15 *
16 * Analogous to "openssl genpkey -algorithm rsa-pss".
17 *
18 * @author Jim Wigginton <terrafrost@php.net>
19 * @copyright 2015 Jim Wigginton
20 * @license http://www.opensource.org/licenses/mit-license.html MIT License
21 * @link http://phpseclib.sourceforge.net
22 */
23
24 declare(strict_types=1);
25
26 namespace phpseclib3\Crypt\RSA\Formats\Keys;
27
28 use phpseclib3\Common\Functions\Strings;
29 use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor;
30 use phpseclib3\Exception\UnexpectedValueException;
31 use phpseclib3\File\ASN1;
32 use phpseclib3\File\ASN1\Maps;
33 use phpseclib3\Math\BigInteger;
34
35 /**
36 * PKCS#8 Formatted RSA-PSS Key Handler
37 *
38 * @author Jim Wigginton <terrafrost@php.net>
39 */
40 abstract class PSS extends Progenitor
41 {
42 /**
43 * OID Name
44 *
45 * @var string
46 */
47 public const OID_NAME = 'id-RSASSA-PSS';
48
49 /**
50 * OID Value
51 *
52 * @var string
53 */
54 public const OID_VALUE = '1.2.840.113549.1.1.10';
55
56 /**
57 * OIDs loaded
58 *
59 * @var bool
60 */
61 private static $oidsLoaded = false;
62
63 /**
64 * Child OIDs loaded
65 *
66 * @var bool
67 */
68 protected static $childOIDsLoaded = false;
69
70 /**
71 * Initialize static variables
72 */
73 private static function initialize_static_variables(): void
74 {
75 if (!self::$oidsLoaded) {
76 ASN1::loadOIDs([
77 'md2' => '1.2.840.113549.2.2',
78 'md4' => '1.2.840.113549.2.4',
79 'md5' => '1.2.840.113549.2.5',
80 'id-sha1' => '1.3.14.3.2.26',
81 'id-sha256' => '2.16.840.1.101.3.4.2.1',
82 'id-sha384' => '2.16.840.1.101.3.4.2.2',
83 'id-sha512' => '2.16.840.1.101.3.4.2.3',
84 'id-sha224' => '2.16.840.1.101.3.4.2.4',
85 'id-sha512/224' => '2.16.840.1.101.3.4.2.5',
86 'id-sha512/256' => '2.16.840.1.101.3.4.2.6',
87
88 'id-mgf1' => '1.2.840.113549.1.1.8',
89 ]);
90 self::$oidsLoaded = true;
91 }
92 }
93
94 /**
95 * Break a public or private key down into its constituent components
96 *
97 * @param string|array $key
98 */
99 public static function load($key, ?string $password = null): array
100 {
101 self::initialize_static_variables();
102
103 if (!Strings::is_stringable($key)) {
104 throw new UnexpectedValueException('Key should be a string - not a ' . gettype($key));
105 }
106
107 $components = ['isPublicKey' => str_contains($key, 'PUBLIC')];
108
109 $key = parent::load($key, $password);
110
111 $type = isset($key['privateKey']) ? 'private' : 'public';
112
113 $result = $components + PKCS1::load($key[$type . 'Key']);
114
115 if (isset($key[$type . 'KeyAlgorithm']['parameters'])) {
116 $decoded = ASN1::decodeBER($key[$type . 'KeyAlgorithm']['parameters']);
117 if ($decoded === false) {
118 throw new UnexpectedValueException('Unable to decode parameters');
119 }
120 $params = ASN1::asn1map($decoded[0], Maps\RSASSA_PSS_params::MAP);
121 } else {
122 $params = [];
123 }
124
125 if (isset($params['maskGenAlgorithm']['parameters'])) {
126 $decoded = ASN1::decodeBER($params['maskGenAlgorithm']['parameters']);
127 if ($decoded === false) {
128 throw new UnexpectedValueException('Unable to decode parameters');
129 }
130 $params['maskGenAlgorithm']['parameters'] = ASN1::asn1map($decoded[0], Maps\HashAlgorithm::MAP);
131 } else {
132 $params['maskGenAlgorithm'] = [
133 'algorithm' => 'id-mgf1',
134 'parameters' => ['algorithm' => 'id-sha1'],
135 ];
136 }
137
138 if (!isset($params['hashAlgorithm']['algorithm'])) {
139 $params['hashAlgorithm']['algorithm'] = 'id-sha1';
140 }
141
142 $result['hash'] = str_replace('id-', '', $params['hashAlgorithm']['algorithm']);
143 $result['MGFHash'] = str_replace('id-', '', $params['maskGenAlgorithm']['parameters']['algorithm']);
144 if (isset($params['saltLength'])) {
145 $result['saltLength'] = (int) $params['saltLength']->toString();
146 }
147
148 if (isset($key['meta'])) {
149 $result['meta'] = $key['meta'];
150 }
151
152 return $result;
153 }
154
155 /**
156 * Convert a private key to the appropriate format.
157 */
158 public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, array $primes, array $exponents, array $coefficients, ?string $password = null, array $options = []): string
159 {
160 self::initialize_static_variables();
161
162 $key = PKCS1::savePrivateKey($n, $e, $d, $primes, $exponents, $coefficients);
163 $key = ASN1::extractBER($key);
164 $params = self::savePSSParams($options);
165 return self::wrapPrivateKey($key, [], $params, $password, null, '', $options);
166 }
167
168 /**
169 * Convert a public key to the appropriate format
170 *
171 * @param array $options optional
172 */
173 public static function savePublicKey(BigInteger $n, BigInteger $e, array $options = []): string
174 {
175 self::initialize_static_variables();
176
177 $key = PKCS1::savePublicKey($n, $e);
178 $key = ASN1::extractBER($key);
179 $params = self::savePSSParams($options);
180 return self::wrapPublicKey($key, $params);
181 }
182
183 /**
184 * Encodes PSS parameters
185 *
186 * @return string
187 */
188 public static function savePSSParams(array $options)
189 {
190 /*
191 The trailerField field is an integer. It provides
192 compatibility with IEEE Std 1363a-2004 [P1363A]. The value
193 MUST be 1, which represents the trailer field with hexadecimal
194 value 0xBC. Other trailer fields, including the trailer field
195 composed of HashID concatenated with 0xCC that is specified in
196 IEEE Std 1363a, are not supported. Implementations that
197 perform signature generation MUST omit the trailerField field,
198 indicating that the default trailer field value was used.
199 Implementations that perform signature validation MUST
200 recognize both a present trailerField field with value 1 and an
201 absent trailerField field.
202
203 source: https://tools.ietf.org/html/rfc4055#page-9
204 */
205 $params = [
206 'trailerField' => new BigInteger(1),
207 ];
208 if (isset($options['hash'])) {
209 $params['hashAlgorithm']['algorithm'] = 'id-' . $options['hash'];
210 }
211 if (isset($options['MGFHash'])) {
212 $temp = ['algorithm' => 'id-' . $options['MGFHash']];
213 $temp = ASN1::encodeDER($temp, Maps\HashAlgorithm::MAP);
214 $params['maskGenAlgorithm'] = [
215 'algorithm' => 'id-mgf1',
216 'parameters' => new ASN1\Element($temp),
217 ];
218 }
219 if (isset($options['saltLength'])) {
220 $params['saltLength'] = new BigInteger($options['saltLength']);
221 }
222
223 return new ASN1\Element(ASN1::encodeDER($params, Maps\RSASSA_PSS_params::MAP));
224 }
225 }
226