mirror of
https://github.com/danog/phpseclib.git
synced 2024-12-11 16:49:42 +01:00
Crypt/PKCS8: rm duplicate code and improve detection of public keys
This commit is contained in:
parent
b9996fda00
commit
cf69b29427
@ -317,6 +317,9 @@ abstract class PKCS8 extends PKCS
|
|||||||
{
|
{
|
||||||
$decoded = self::preParse($key);
|
$decoded = self::preParse($key);
|
||||||
|
|
||||||
|
$isPublic = strpos($key, 'PUBLIC') !== false;
|
||||||
|
$isPrivate = strpos($key, 'PRIVATE') !== false;
|
||||||
|
|
||||||
$meta = [];
|
$meta = [];
|
||||||
|
|
||||||
$decrypted = ASN1::asn1map($decoded[0], Maps\EncryptedPrivateKeyInfo::MAP);
|
$decrypted = ASN1::asn1map($decoded[0], Maps\EncryptedPrivateKeyInfo::MAP);
|
||||||
@ -445,6 +448,10 @@ abstract class PKCS8 extends PKCS
|
|||||||
|
|
||||||
$private = ASN1::asn1map($decoded[0], Maps\OneAsymmetricKey::MAP);
|
$private = ASN1::asn1map($decoded[0], Maps\OneAsymmetricKey::MAP);
|
||||||
if (is_array($private)) {
|
if (is_array($private)) {
|
||||||
|
if ($isPublic) {
|
||||||
|
throw new \UnexpectedValueException('Human readable string claims public key but DER encoded string claims private key');
|
||||||
|
}
|
||||||
|
|
||||||
if (isset($private['privateKeyAlgorithm']['parameters']) && !$private['privateKeyAlgorithm']['parameters'] instanceof ASN1\Element && isset($decoded[0]['content'][1]['content'][1])) {
|
if (isset($private['privateKeyAlgorithm']['parameters']) && !$private['privateKeyAlgorithm']['parameters'] instanceof ASN1\Element && isset($decoded[0]['content'][1]['content'][1])) {
|
||||||
$temp = $decoded[0]['content'][1]['content'][1];
|
$temp = $decoded[0]['content'][1]['content'][1];
|
||||||
$private['privateKeyAlgorithm']['parameters'] = new ASN1\Element(substr($key, $temp['start'], $temp['length']));
|
$private['privateKeyAlgorithm']['parameters'] = new ASN1\Element(substr($key, $temp['start'], $temp['length']));
|
||||||
@ -474,6 +481,10 @@ abstract class PKCS8 extends PKCS
|
|||||||
$public = ASN1::asn1map($decoded[0], Maps\PublicKeyInfo::MAP);
|
$public = ASN1::asn1map($decoded[0], Maps\PublicKeyInfo::MAP);
|
||||||
|
|
||||||
if (is_array($public)) {
|
if (is_array($public)) {
|
||||||
|
if ($isPrivate) {
|
||||||
|
throw new \UnexpectedValueException('Human readable string claims private key but DER encoded string claims public key');
|
||||||
|
}
|
||||||
|
|
||||||
if ($public['publicKey'][0] != "\0") {
|
if ($public['publicKey'][0] != "\0") {
|
||||||
throw new \UnexpectedValueException('The first byte of the public key should be null - not ' . bin2hex($public['publicKey'][0]));
|
throw new \UnexpectedValueException('The first byte of the public key should be null - not ' . bin2hex($public['publicKey'][0]));
|
||||||
}
|
}
|
||||||
|
@ -19,7 +19,6 @@
|
|||||||
|
|
||||||
namespace phpseclib3\Crypt\DH\Formats\Keys;
|
namespace phpseclib3\Crypt\DH\Formats\Keys;
|
||||||
|
|
||||||
use phpseclib3\Common\Functions\Strings;
|
|
||||||
use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor;
|
use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor;
|
||||||
use phpseclib3\File\ASN1;
|
use phpseclib3\File\ASN1;
|
||||||
use phpseclib3\File\ASN1\Maps;
|
use phpseclib3\File\ASN1\Maps;
|
||||||
@ -62,23 +61,10 @@ abstract class PKCS8 extends Progenitor
|
|||||||
*/
|
*/
|
||||||
public static function load($key, $password = '')
|
public static function load($key, $password = '')
|
||||||
{
|
{
|
||||||
if (!Strings::is_stringable($key)) {
|
|
||||||
throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
|
|
||||||
}
|
|
||||||
|
|
||||||
$isPublic = strpos($key, 'PUBLIC') !== false;
|
|
||||||
|
|
||||||
$key = parent::load($key, $password);
|
$key = parent::load($key, $password);
|
||||||
|
|
||||||
$type = isset($key['privateKey']) ? 'privateKey' : 'publicKey';
|
$type = isset($key['privateKey']) ? 'privateKey' : 'publicKey';
|
||||||
|
|
||||||
switch (true) {
|
|
||||||
case !$isPublic && $type == 'publicKey':
|
|
||||||
throw new \UnexpectedValueException('Human readable string claims non-public key but DER encoded string claims public key');
|
|
||||||
case $isPublic && $type == 'privateKey':
|
|
||||||
throw new \UnexpectedValueException('Human readable string claims public key but DER encoded string claims private key');
|
|
||||||
}
|
|
||||||
|
|
||||||
$decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element);
|
$decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element);
|
||||||
if (empty($decoded)) {
|
if (empty($decoded)) {
|
||||||
throw new \RuntimeException('Unable to decode BER of parameters');
|
throw new \RuntimeException('Unable to decode BER of parameters');
|
||||||
|
@ -23,7 +23,6 @@
|
|||||||
|
|
||||||
namespace phpseclib3\Crypt\DSA\Formats\Keys;
|
namespace phpseclib3\Crypt\DSA\Formats\Keys;
|
||||||
|
|
||||||
use phpseclib3\Common\Functions\Strings;
|
|
||||||
use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor;
|
use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor;
|
||||||
use phpseclib3\File\ASN1;
|
use phpseclib3\File\ASN1;
|
||||||
use phpseclib3\File\ASN1\Maps;
|
use phpseclib3\File\ASN1\Maps;
|
||||||
@ -66,23 +65,10 @@ abstract class PKCS8 extends Progenitor
|
|||||||
*/
|
*/
|
||||||
public static function load($key, $password = '')
|
public static function load($key, $password = '')
|
||||||
{
|
{
|
||||||
if (!Strings::is_stringable($key)) {
|
|
||||||
throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
|
|
||||||
}
|
|
||||||
|
|
||||||
$isPublic = strpos($key, 'PUBLIC') !== false;
|
|
||||||
|
|
||||||
$key = parent::load($key, $password);
|
$key = parent::load($key, $password);
|
||||||
|
|
||||||
$type = isset($key['privateKey']) ? 'privateKey' : 'publicKey';
|
$type = isset($key['privateKey']) ? 'privateKey' : 'publicKey';
|
||||||
|
|
||||||
switch (true) {
|
|
||||||
case !$isPublic && $type == 'publicKey':
|
|
||||||
throw new \UnexpectedValueException('Human readable string claims non-public key but DER encoded string claims public key');
|
|
||||||
case $isPublic && $type == 'privateKey':
|
|
||||||
throw new \UnexpectedValueException('Human readable string claims public key but DER encoded string claims private key');
|
|
||||||
}
|
|
||||||
|
|
||||||
$decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element);
|
$decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element);
|
||||||
if (!$decoded) {
|
if (!$decoded) {
|
||||||
throw new \RuntimeException('Unable to decode BER of parameters');
|
throw new \RuntimeException('Unable to decode BER of parameters');
|
||||||
|
@ -23,7 +23,6 @@
|
|||||||
|
|
||||||
namespace phpseclib3\Crypt\EC\Formats\Keys;
|
namespace phpseclib3\Crypt\EC\Formats\Keys;
|
||||||
|
|
||||||
use phpseclib3\Common\Functions\Strings;
|
|
||||||
use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor;
|
use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor;
|
||||||
use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve;
|
use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve;
|
||||||
use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve;
|
use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve;
|
||||||
@ -74,23 +73,10 @@ abstract class PKCS8 extends Progenitor
|
|||||||
// one that's called
|
// one that's called
|
||||||
self::initialize_static_variables();
|
self::initialize_static_variables();
|
||||||
|
|
||||||
if (!Strings::is_stringable($key)) {
|
|
||||||
throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
|
|
||||||
}
|
|
||||||
|
|
||||||
$isPublic = strpos($key, 'PUBLIC') !== false;
|
|
||||||
|
|
||||||
$key = parent::load($key, $password);
|
$key = parent::load($key, $password);
|
||||||
|
|
||||||
$type = isset($key['privateKey']) ? 'privateKey' : 'publicKey';
|
$type = isset($key['privateKey']) ? 'privateKey' : 'publicKey';
|
||||||
|
|
||||||
switch (true) {
|
|
||||||
case !$isPublic && $type == 'publicKey':
|
|
||||||
throw new \UnexpectedValueException('Human readable string claims non-public key but DER encoded string claims public key');
|
|
||||||
case $isPublic && $type == 'privateKey':
|
|
||||||
throw new \UnexpectedValueException('Human readable string claims public key but DER encoded string claims private key');
|
|
||||||
}
|
|
||||||
|
|
||||||
switch ($key[$type . 'Algorithm']['algorithm']) {
|
switch ($key[$type . 'Algorithm']['algorithm']) {
|
||||||
case 'id-Ed25519':
|
case 'id-Ed25519':
|
||||||
case 'id-Ed448':
|
case 'id-Ed448':
|
||||||
@ -109,7 +95,7 @@ abstract class PKCS8 extends Progenitor
|
|||||||
$components = [];
|
$components = [];
|
||||||
$components['curve'] = self::loadCurveByParam($params);
|
$components['curve'] = self::loadCurveByParam($params);
|
||||||
|
|
||||||
if ($isPublic) {
|
if ($type == 'publicKey') {
|
||||||
$components['QA'] = self::extractPoint("\0" . $key['publicKey'], $components['curve']);
|
$components['QA'] = self::extractPoint("\0" . $key['publicKey'], $components['curve']);
|
||||||
|
|
||||||
return $components;
|
return $components;
|
||||||
|
@ -25,7 +25,6 @@
|
|||||||
|
|
||||||
namespace phpseclib3\Crypt\RSA\Formats\Keys;
|
namespace phpseclib3\Crypt\RSA\Formats\Keys;
|
||||||
|
|
||||||
use phpseclib3\Common\Functions\Strings;
|
|
||||||
use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor;
|
use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor;
|
||||||
use phpseclib3\File\ASN1;
|
use phpseclib3\File\ASN1;
|
||||||
use phpseclib3\Math\BigInteger;
|
use phpseclib3\Math\BigInteger;
|
||||||
@ -67,29 +66,13 @@ abstract class PKCS8 extends Progenitor
|
|||||||
*/
|
*/
|
||||||
public static function load($key, $password = '')
|
public static function load($key, $password = '')
|
||||||
{
|
{
|
||||||
if (!Strings::is_stringable($key)) {
|
|
||||||
throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
|
|
||||||
}
|
|
||||||
|
|
||||||
if (strpos($key, 'PUBLIC') !== false) {
|
|
||||||
$components = ['isPublicKey' => true];
|
|
||||||
} elseif (strpos($key, 'PRIVATE') !== false) {
|
|
||||||
$components = ['isPublicKey' => false];
|
|
||||||
} else {
|
|
||||||
$components = [];
|
|
||||||
}
|
|
||||||
|
|
||||||
$key = parent::load($key, $password);
|
$key = parent::load($key, $password);
|
||||||
|
|
||||||
if (isset($key['privateKey'])) {
|
if (isset($key['privateKey'])) {
|
||||||
if (!isset($components['isPublicKey'])) {
|
$components['isPublicKey'] = false;
|
||||||
$components['isPublicKey'] = false;
|
|
||||||
}
|
|
||||||
$type = 'private';
|
$type = 'private';
|
||||||
} else {
|
} else {
|
||||||
if (!isset($components['isPublicKey'])) {
|
$components['isPublicKey'] = true;
|
||||||
$components['isPublicKey'] = true;
|
|
||||||
}
|
|
||||||
$type = 'public';
|
$type = 'public';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user