* @copyright 2015 Jim Wigginton * @license http://www.opensource.org/licenses/mit-license.html MIT License * @link http://phpseclib.sourceforge.net */ namespace phpseclib\Crypt\ECDSA\Formats\Keys; use ParagonIE\ConstantTime\Base64; use phpseclib\Math\BigInteger; use phpseclib\Common\Functions\Strings; use phpseclib\Crypt\Common\Formats\Keys\OpenSSH as Progenitor; use phpseclib\Crypt\ECDSA\BaseCurves\Base as BaseCurve; use phpseclib\Exception\UnsupportedCurveException; use phpseclib\Crypt\ECDSA\Curves\Ed25519; use phpseclib\Math\Common\FiniteField\Integer; /** * OpenSSH Formatted ECDSA Key Handler * * @package ECDSA * @author Jim Wigginton * @access public */ abstract class OpenSSH extends Progenitor { use Common; /** * Supported Key Types * * @var array */ protected static $types = [ 'ecdsa-sha2-nistp256', 'ecdsa-sha2-nistp384', 'ecdsa-sha2-nistp521', 'ssh-ed25519' ]; /** * Break a public or private key down into its constituent components * * @access public * @param string $key * @param string $password optional * @return array */ public static function load($key, $password = '') { $parsed = parent::load($key, $password); if (isset($parsed['paddedKey'])) { $paddedKey = $parsed['paddedKey']; list($type) = Strings::unpackSSH2('s', $paddedKey); if ($type != $parsed['type']) { throw new \RuntimeException("The public and private keys are not of the same type ($type vs $parsed[type])"); } if ($type == 'ssh-ed25519' ) { list(, $key, $comment) = Strings::unpackSSH2('sss', $paddedKey); $key = libsodium::load($key); $key['comment'] = $comment; return $key; } list($curveName, $publicKey, $privateKey, $comment) = Strings::unpackSSH2('ssis', $paddedKey); $curve = self::loadCurveByParam(['namedCurve' => $curveName]); return [ 'curve' => $curve, 'dA' => $curve->convertInteger($privateKey), 'QA' => self::extractPoint("\0$publicKey", $curve), 'comment' => $comment ]; } if ($parsed['type'] == 'ssh-ed25519') { if (Strings::shift($parsed['publicKey'], 4) != "\0\0\0\x20") { throw new \RuntimeException('Length of ssh-ed25519 key should be 32'); } $curve = new Ed25519(); $qa = self::extractPoint($parsed['publicKey'], $curve); } else { list($curveName, $publicKey) = Strings::unpackSSH2('ss', $parsed['publicKey']); $curveName = '\phpseclib\Crypt\ECDSA\Curves\\' . $curveName; $curve = new $curveName(); $qa = self::extractPoint("\0" . $publicKey, $curve); } return [ 'curve' => $curve, 'QA' => $qa, 'comment' => $parsed['comment'] ]; } /** * Returns the alias that corresponds to a curve * * @return string */ private static function getAlias(BaseCurve $curve) { self::initialize_static_variables(); $reflect = new \ReflectionClass($curve); $name = $reflect->getShortName(); $oid = self::$curveOIDs[$name]; $aliases = array_filter(self::$curveOIDs, function($v) use ($oid) { return $v == $oid; }); $aliases = array_keys($aliases); for ($i = 0; $i < count($aliases); $i++) { if (in_array('ecdsa-sha2-' . $aliases[$i], self::$types)) { $alias = $aliases[$i]; break; } } if (!isset($alias)) { throw new UnsupportedCurveException($name . ' is not a curve that the OpenSSH plugin supports'); } return $alias; } /** * Convert an ECDSA public key to the appropriate format * * @access public * @param \phpseclib\Crypt\ECDSA\BaseCurves\Base $curve * @param \phpseclib\Math\Common\FiniteField\Integer[] $publicKey * @param array $options optional * @return string */ public static function savePublicKey(BaseCurve $curve, array $publicKey, array $options = []) { $comment = isset($options['comment']) ? $options['comment'] : self::$comment; if ($curve instanceof Ed25519) { $key = Strings::packSSH2('ss', 'ssh-ed25519', $curve->encodePoint($publicKey)); if (self::$binary) { return $key; } $key = 'ssh-ed25519 ' . base64_encode($key) . ' ' . $comment; return $key; } $alias = self::getAlias($curve); $points = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes(); $key = Strings::packSSH2('sss', 'ecdsa-sha2-' . $alias, $alias, $points); if (isset($options['binary']) ? $options['binary'] : self::$binary) { return $key; } $key = 'ecdsa-sha2-' . $alias . ' ' . base64_encode($key) . ' ' . $comment; return $key; } /** * Convert a private key to the appropriate format. * * @access public * @param \phpseclib\Math\Common\FiniteField\Integer $privateKey * @param \phpseclib\Crypt\ECDSA\Curves\Ed25519 $curve * @param \phpseclib\Math\Common\FiniteField\Integer[] $publicKey * @param string $password optional * @param array $options optional * @return string */ public static function savePrivateKey(Integer $privateKey, BaseCurve $curve, array $publicKey, $password = '', array $options = []) { if ($curve instanceof Ed25519) { if (!isset($privateKey->secret)) { throw new \RuntimeException('Private Key does not have a secret set'); } if (strlen($privateKey->secret) != 32) { throw new \RuntimeException('Private Key secret is not of the correct length'); } $pubKey = $curve->encodePoint($publicKey); $publicKey = Strings::packSSH2('ss', 'ssh-ed25519', $pubKey); $privateKey = Strings::packSSH2('sss', 'ssh-ed25519', $pubKey, $privateKey->secret . $pubKey); return self::wrapPrivateKey($publicKey, $privateKey, $options); } $alias = self::getAlias($curve); $points = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes(); $publicKey = self::savePublicKey($curve, $publicKey, ['binary' => true]); $privateKey = Strings::packSSH2('sssi', 'ecdsa-sha2-' . $alias, $alias, $points, $privateKey); return self::wrapPrivateKey($publicKey, $privateKey, $options); } }