mirror of
https://github.com/danog/tgseclib.git
synced 2024-12-02 17:48:00 +01:00
224 lines
7.3 KiB
PHP
224 lines
7.3 KiB
PHP
<?php
|
|
|
|
/**
|
|
* PKCS1 Formatted Key Handler
|
|
*
|
|
* PHP version 5
|
|
*
|
|
* @category Crypt
|
|
* @package Common
|
|
* @author Jim Wigginton <terrafrost@php.net>
|
|
* @copyright 2015 Jim Wigginton
|
|
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
|
* @link http://phpseclib.sourceforge.net
|
|
*/
|
|
|
|
namespace phpseclib\Crypt\Common;
|
|
|
|
use ParagonIE\ConstantTime\Base64;
|
|
use ParagonIE\ConstantTime\Hex;
|
|
use phpseclib\Crypt\Common\BlockCipher;
|
|
use phpseclib\Crypt\Random;
|
|
use phpseclib\Crypt\AES;
|
|
use phpseclib\Crypt\Base;
|
|
use phpseclib\Crypt\DES;
|
|
use phpseclib\Crypt\TripleDES;
|
|
use phpseclib\File\ASN1;
|
|
|
|
/**
|
|
* PKCS1 Formatted Key Handler
|
|
*
|
|
* @package RSA
|
|
* @author Jim Wigginton <terrafrost@php.net>
|
|
* @access public
|
|
*/
|
|
abstract class PKCS1 extends PKCS
|
|
{
|
|
/**
|
|
* Default encryption algorithm
|
|
*
|
|
* @var string
|
|
* @access private
|
|
*/
|
|
static $defaultEncryptionAlgorithm = 'AES-128-CBC';
|
|
|
|
/**
|
|
* Sets the default encryption algorithm
|
|
*
|
|
* @access public
|
|
* @param string $algo
|
|
*/
|
|
static function setEncryptionAlgorithm($algo)
|
|
{
|
|
self::$defaultEncryptionAlgorithm = $algo;
|
|
}
|
|
|
|
/**
|
|
* Returns the mode constant corresponding to the mode string
|
|
*
|
|
* @access public
|
|
* @param string $mode
|
|
* @return int
|
|
* @throws \UnexpectedValueException if the block cipher mode is unsupported
|
|
*/
|
|
static function getEncryptionMode($mode)
|
|
{
|
|
switch ($mode) {
|
|
case 'CBC':
|
|
return BlockCipher::MODE_CBC;
|
|
case 'ECB':
|
|
return BlockCipher::MODE_ECB;
|
|
case 'CFB':
|
|
return BlockCipher::MODE_CFB;
|
|
case 'OFB':
|
|
return BlockCipher::MODE_OFB;
|
|
case 'CTR':
|
|
return BlockCipher::MODE_CTR;
|
|
}
|
|
throw new \UnexpectedValueException('Unsupported block cipher mode of operation');
|
|
}
|
|
|
|
/**
|
|
* Returns a cipher object corresponding to a string
|
|
*
|
|
* @access public
|
|
* @param string $algo
|
|
* @return string
|
|
* @throws \UnexpectedValueException if the encryption algorithm is unsupported
|
|
*/
|
|
static function getEncryptionObject($algo)
|
|
{
|
|
$modes = '(CBC|ECB|CFB|OFB|CTR)';
|
|
switch (true) {
|
|
case preg_match("#^AES-(128|192|256)-$modes$#", $algo, $matches):
|
|
$cipher = new AES(self::getEncryptionMode($matches[2]));
|
|
$cipher->setKeyLength($matches[1]);
|
|
return $cipher;
|
|
case preg_match("#^DES-EDE3-$modes$#", $algo, $matches):
|
|
return new TripleDES(self::getEncryptionMode($matches[1]));
|
|
case preg_match("#^DES-$modes$#", $algo, $matches):
|
|
return new DES(self::getEncryptionMode($matches[1]));
|
|
default:
|
|
throw new \UnexpectedValueException('Unsupported encryption algorithmn');
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Generate a symmetric key for PKCS#1 keys
|
|
*
|
|
* @access public
|
|
* @param string $password
|
|
* @param string $iv
|
|
* @param int $length
|
|
* @return string
|
|
*/
|
|
static function generateSymmetricKey($password, $iv, $length)
|
|
{
|
|
$symkey = '';
|
|
$iv = substr($iv, 0, 8);
|
|
while (strlen($symkey) < $length) {
|
|
$symkey.= md5($symkey . $password . $iv, true);
|
|
}
|
|
return substr($symkey, 0, $length);
|
|
}
|
|
|
|
/**
|
|
* Break a public or private key down into its constituent components
|
|
*
|
|
* @access public
|
|
* @param string $key
|
|
* @param string $password optional
|
|
* @return array
|
|
*/
|
|
static function load($key, $password)
|
|
{
|
|
if (!is_string($key)) {
|
|
return false;
|
|
}
|
|
|
|
/* Although PKCS#1 proposes a format that public and private keys can use, encrypting them is
|
|
"outside the scope" of PKCS#1. PKCS#1 then refers you to PKCS#12 and PKCS#15 if you're wanting to
|
|
protect private keys, however, that's not what OpenSSL* does. OpenSSL protects private keys by adding
|
|
two new "fields" to the key - DEK-Info and Proc-Type. These fields are discussed here:
|
|
|
|
http://tools.ietf.org/html/rfc1421#section-4.6.1.1
|
|
http://tools.ietf.org/html/rfc1421#section-4.6.1.3
|
|
|
|
DES-EDE3-CBC as an algorithm, however, is not discussed anywhere, near as I can tell.
|
|
DES-CBC and DES-EDE are discussed in RFC1423, however, DES-EDE3-CBC isn't, nor is its key derivation
|
|
function. As is, the definitive authority on this encoding scheme isn't the IETF but rather OpenSSL's
|
|
own implementation. ie. the implementation *is* the standard and any bugs that may exist in that
|
|
implementation are part of the standard, as well.
|
|
|
|
* OpenSSL is the de facto standard. It's utilized by OpenSSH and other projects */
|
|
if (preg_match('#DEK-Info: (.+),(.+)#', $key, $matches)) {
|
|
$iv = Hex::decode(trim($matches[2]));
|
|
// remove the Proc-Type / DEK-Info sections as they're no longer needed
|
|
$key = preg_replace('#^(?:Proc-Type|DEK-Info): .*#m', '', $key);
|
|
$ciphertext = ASN1::extractBER($key);
|
|
if ($ciphertext === false) {
|
|
$ciphertext = $key;
|
|
}
|
|
$crypto = self::getEncryptionObject($matches[1]);
|
|
$crypto->setKey(self::generateSymmetricKey($password, $iv, $crypto->getKeyLength() >> 3));
|
|
$crypto->setIV($iv);
|
|
$key = $crypto->decrypt($ciphertext);
|
|
} else {
|
|
if (self::$format != self::MODE_DER) {
|
|
$decoded = ASN1::extractBER($key);
|
|
if ($decoded !== false) {
|
|
$key = $decoded;
|
|
} elseif (self::$format == self::MODE_PEM) {
|
|
return false;
|
|
}
|
|
}
|
|
}
|
|
|
|
return $key;
|
|
}
|
|
|
|
/**
|
|
* Wrap a private key appropriately
|
|
*
|
|
* @access public
|
|
* @param string $key
|
|
* @param string $type
|
|
* @param string $password
|
|
* @return string
|
|
*/
|
|
static function wrapPrivateKey($key, $type, $password)
|
|
{
|
|
if (empty($password) || !is_string($password)) {
|
|
return "-----BEGIN $type PRIVATE KEY-----\r\n" .
|
|
chunk_split(Base64::encode($key), 64) .
|
|
"-----END $type PRIVATE KEY-----";
|
|
}
|
|
|
|
$cipher = self::getEncryptionObject(self::$defaultEncryptionAlgorithm);
|
|
$iv = Random::string($cipher->getBlockLength() >> 3);
|
|
$cipher->setKey(self::generateSymmetricKey($password, $iv, $cipher->getKeyLength() >> 3));
|
|
$cipher->setIV($iv);
|
|
$iv = strtoupper(Hex::encode($iv));
|
|
return "-----BEGIN $type PRIVATE KEY-----\r\n" .
|
|
"Proc-Type: 4,ENCRYPTED\r\n" .
|
|
"DEK-Info: " . self::$defaultEncryptionAlgorithm . ",$iv\r\n" .
|
|
"\r\n" .
|
|
chunk_split(Base64::encode($cipher->encrypt($key)), 64) .
|
|
"-----END $type PRIVATE KEY-----";
|
|
}
|
|
|
|
/**
|
|
* Wrap a public key appropriately
|
|
*
|
|
* @access public
|
|
* @param string $key
|
|
* @param string $type
|
|
* @return string
|
|
*/
|
|
static function wrapPublicKey($key, $type)
|
|
{
|
|
return "-----BEGIN $type PUBLIC KEY-----\r\n" .
|
|
chunk_split(Base64::encode($key), 64) .
|
|
"-----END $type PUBLIC KEY-----";
|
|
}
|
|
} |