3 require_once('library/ASNValue.class.php');
4 require_once('library/asn1.php');
7 function rsa_sign($data,$key) {
10 if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
11 openssl_sign($data,$sig,$key,'sha256');
14 if(strlen($key) < 1024 || extension_loaded('gmp')) {
15 require_once('library/phpsec/Crypt/RSA.php');
16 $rsa = new CRYPT_RSA();
17 $rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1;
18 $rsa->setHash('sha256');
20 $sig = $rsa->sign($data);
23 logger('rsa_sign: insecure algorithm used. Please upgrade PHP to 5.3');
24 openssl_private_encrypt(hex2bin('3031300d060960864801650304020105000420') . hash('sha256',$data,true), $sig, $key);
30 function rsa_verify($data,$sig,$key) {
32 if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
33 $verify = openssl_verify($data,$sig,$key,'sha256');
36 if(strlen($key) <= 300 || extension_loaded('gmp')) {
37 require_once('library/phpsec/Crypt/RSA.php');
38 $rsa = new CRYPT_RSA();
39 $rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1;
40 $rsa->setHash('sha256');
42 $verify = $rsa->verify($data,$sig);
45 // fallback sha256 verify for PHP < 5.3 and large key lengths
47 openssl_public_decrypt($sig,$rawsig,$key);
48 $verify = (($rawsig && substr($rawsig,-32) === hash('sha256',$data,true)) ? true : false);
55 function DerToPem($Der, $Private=false)
58 $Der = base64_encode($Der);
60 $lines = str_split($Der, 65);
61 $body = implode("\n", $lines);
63 $title = $Private? 'RSA PRIVATE KEY' : 'PUBLIC KEY';
65 $result = "-----BEGIN {$title}-----\n";
66 $result .= $body . "\n";
67 $result .= "-----END {$title}-----\n";
72 function DerToRsa($Der)
75 $Der = base64_encode($Der);
77 $lines = str_split($Der, 65);
78 $body = implode("\n", $lines);
80 $title = 'RSA PUBLIC KEY';
82 $result = "-----BEGIN {$title}-----\n";
83 $result .= $body . "\n";
84 $result .= "-----END {$title}-----\n";
90 function pkcs8_encode($Modulus,$PublicExponent) {
92 $modulus = new ASNValue(ASNValue::TAG_INTEGER);
93 $modulus->SetIntBuffer($Modulus);
94 $publicExponent = new ASNValue(ASNValue::TAG_INTEGER);
95 $publicExponent->SetIntBuffer($PublicExponent);
96 $keySequenceItems = array($modulus, $publicExponent);
97 $keySequence = new ASNValue(ASNValue::TAG_SEQUENCE);
98 $keySequence->SetSequence($keySequenceItems);
100 $bitStringValue = $keySequence->Encode();
101 $bitStringValue = chr(0x00) . $bitStringValue; //Add unused bits byte
102 $bitString = new ASNValue(ASNValue::TAG_BITSTRING);
103 $bitString->Value = $bitStringValue;
105 $bodyValue = "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00" . $bitString->Encode();
106 $body = new ASNValue(ASNValue::TAG_SEQUENCE);
107 $body->Value = $bodyValue;
108 //Get DER encoded public key:
109 $PublicDER = $body->Encode();
114 function pkcs1_encode($Modulus,$PublicExponent) {
115 //Encode key sequence
116 $modulus = new ASNValue(ASNValue::TAG_INTEGER);
117 $modulus->SetIntBuffer($Modulus);
118 $publicExponent = new ASNValue(ASNValue::TAG_INTEGER);
119 $publicExponent->SetIntBuffer($PublicExponent);
120 $keySequenceItems = array($modulus, $publicExponent);
121 $keySequence = new ASNValue(ASNValue::TAG_SEQUENCE);
122 $keySequence->SetSequence($keySequenceItems);
124 $bitStringValue = $keySequence->Encode();
125 return $bitStringValue;
129 function metopem($m,$e) {
130 $der = pkcs8_encode($m,$e);
131 $key = DerToPem($der,false);
136 function pubrsatome($key,&$m,&$e) {
137 require_once('library/asn1.php');
138 require_once('include/salmon.php');
140 $lines = explode("\n",$key);
142 unset($lines[count($lines)]);
143 $x = base64_decode(implode('',$lines));
145 $r = ASN_BASE::parseASNString($x);
147 $m = base64url_decode($r[0]->asnData[0]->asnData);
148 $e = base64url_decode($r[0]->asnData[1]->asnData);
152 function rsatopem($key) {
153 pubrsatome($key,$m,$e);
154 return(metopem($m,$e));
157 function pemtorsa($key) {
159 return(metorsa($m,$e));
162 function pemtome($key,&$m,&$e) {
163 require_once('include/salmon.php');
164 $lines = explode("\n",$key);
166 unset($lines[count($lines)]);
167 $x = base64_decode(implode('',$lines));
169 $r = ASN_BASE::parseASNString($x);
171 $m = base64url_decode($r[0]->asnData[1]->asnData[0]->asnData[0]->asnData);
172 $e = base64url_decode($r[0]->asnData[1]->asnData[0]->asnData[1]->asnData);
175 function metorsa($m,$e) {
176 $der = pkcs1_encode($m,$e);
177 $key = DerToRsa($der);
181 function salmon_key($pubkey) {
182 pemtome($pubkey,$m,$e);
183 return 'RSA' . '.' . base64url_encode($m,true) . '.' . base64url_encode($e,true) ;