X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FUtil%2FCrypto.php;h=b3ae2d69b8442cad3c819f8cf2935e3f9d728889;hb=bdb5aa6bd92528da480baab99ca92a3768a89d0b;hp=55852d59ba58defc7fc644ae09db9ea2486eafc0;hpb=9d9489494e558572c4391160959f807d5480fd54;p=friendica.git

diff --git a/src/Util/Crypto.php b/src/Util/Crypto.php
index 55852d59ba..b3ae2d69b8 100644
--- a/src/Util/Crypto.php
+++ b/src/Util/Crypto.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2020, Friendica
+ * @copyright Copyright (C) 2010-2021, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -21,10 +21,12 @@
 
 namespace Friendica\Util;
 
+use Exception;
 use Friendica\Core\Hook;
 use Friendica\Core\Logger;
 use Friendica\Core\System;
 use Friendica\DI;
+use ParagonIE\ConstantTime\Base64UrlSafe;
 use phpseclib\Crypt\RSA;
 use phpseclib\Math\BigInteger;
 
@@ -73,11 +75,10 @@ class Crypto
 	public static function meToPem($m, $e)
 	{
 		$rsa = new RSA();
-		$rsa->loadKey(
-			[
-				'e' => new BigInteger($e, 256),
-				'n' => new BigInteger($m, 256)
-			]);
+		$rsa->loadKey([
+			'e' => new BigInteger($e, 256),
+			'n' => new BigInteger($m, 256)
+		]);
 		return $rsa->getPublicKey();
 	}
 
@@ -151,6 +152,50 @@ class Crypto
 		return $response;
 	}
 
+	/**
+	 * Create a new elliptic curve key pair
+	 *
+	 * @return array with the elements "prvkey", "pubkey", "vapid-public" and "vapid-private"
+	 */
+	public static function newECKeypair()
+	{
+		$openssl_options = [
+			'curve_name'       => 'prime256v1',
+			'private_key_type' => OPENSSL_KEYTYPE_EC
+		];
+
+		$conf = DI::config()->get('system', 'openssl_conf_file');
+		if ($conf) {
+			$openssl_options['config'] = $conf;
+		}
+		$result = openssl_pkey_new($openssl_options);
+
+		if (empty($result)) {
+			throw new Exception('Key creation failed');
+		}
+
+		$response = ['prvkey' => '', 'pubkey' => ''];
+
+		// Get private key
+		openssl_pkey_export($result, $response['prvkey']);
+
+		// Get public key
+		$pkey = openssl_pkey_get_details($result);
+		$response['pubkey'] = $pkey['key'];
+
+		// Create VAPID keys
+		// @see https://github.com/web-push-libs/web-push-php/blob/256a18b2a2411469c94943725fb6eccb9681bd75/src/Utils.php#L60-L62
+		$hexString = '04';
+		$hexString .= str_pad(bin2hex($pkey['ec']['x']), 64, '0', STR_PAD_LEFT);
+		$hexString .= str_pad(bin2hex($pkey['ec']['y']), 64, '0', STR_PAD_LEFT);
+		$response['vapid-public'] = Base64UrlSafe::encode(hex2bin($hexString));
+
+		// @see https://github.com/web-push-libs/web-push-php/blob/256a18b2a2411469c94943725fb6eccb9681bd75/src/VAPID.php
+		$response['vapid-private'] = Base64UrlSafe::encode(hex2bin(str_pad(bin2hex($pkey['ec']['d']), 64, '0', STR_PAD_LEFT)));
+
+		return $response;
+	}
+
 	/**
 	 * Encrypt a string with 'aes-256-cbc' cipher method.
 	 *