[Summary view] [Print] [Text view]

   1  <?php
   2  /**
   3   * Zend Framework
   4   *
   5   * LICENSE
   6   *
   7   * This source file is subject to the new BSD license that is bundled
   8   * with this package in the file LICENSE.txt.
   9   * It is also available through the world-wide-web at this URL:
  10   * http://framework.zend.com/license/new-bsd
  11   * If you did not receive a copy of the license and are unable to
  12   * obtain it through the world-wide-web, please send an email
  13   * to [email protected] so we can send you a copy immediately.
  14   *
  15   * @category   Zend
  16   * @package    Zend_Crypt
  17   * @subpackage Rsa
  18   * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
  19   * @license    http://framework.zend.com/license/new-bsd     New BSD License
  20   * @version    $Id: Rsa.php 24808 2012-05-17 19:56:09Z rob $
  21   */
  22  
  23  /**
  24   * @see Zend_Crypt_Rsa_Key_Private
  25   */
  26  require_once  'Zend/Crypt/Rsa/Key/Private.php';
  27  
  28  /**
  29   * @see Zend_Crypt_Rsa_Key_Public
  30   */
  31  require_once  'Zend/Crypt/Rsa/Key/Public.php';
  32  
  33  /**
  34   * @category   Zend
  35   * @package    Zend_Crypt
  36   * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
  37   * @license    http://framework.zend.com/license/new-bsd     New BSD License
  38   */
  39  class Zend_Crypt_Rsa
  40  {
  41  
  42      const BINARY = 'binary';
  43      const BASE64 = 'base64';
  44  
  45      protected $_privateKey;
  46  
  47      protected $_publicKey;
  48  
  49      /**
  50       * @var string
  51       */
  52      protected $_pemString;
  53  
  54      protected $_pemPath;
  55  
  56      protected $_certificateString;
  57  
  58      protected $_certificatePath;
  59  
  60      protected $_hashAlgorithm;
  61  
  62      protected $_passPhrase;
  63  
  64      /**
  65       * Class constructor
  66       *
  67       * @param array $options
  68       * @throws Zend_Crypt_Rsa_Exception
  69       */
  70      public function __construct(array $options = null)
  71      {
  72          if (!extension_loaded('openssl')) {
  73              require_once  'Zend/Crypt/Rsa/Exception.php';
  74              throw new Zend_Crypt_Rsa_Exception('Zend_Crypt_Rsa requires openssl extension to be loaded.');
  75          }
  76  
  77          // Set _hashAlgorithm property when we are sure, that openssl extension is loaded
  78          // and OPENSSL_ALGO_SHA1 constant is available
  79          $this->_hashAlgorithm = OPENSSL_ALGO_SHA1;
  80  
  81          if (isset($options)) {
  82              $this->setOptions($options);
  83          }
  84      }
  85  
  86      public function setOptions(array $options)
  87      {
  88          if (isset($options['passPhrase'])) {
  89              $this->_passPhrase = $options['passPhrase'];
  90          }
  91          foreach ($options as $option=>$value) {
  92              switch ($option) {
  93                  case 'pemString':
  94                      $this->setPemString($value);
  95                      break;
  96                  case 'pemPath':
  97                      $this->setPemPath($value);
  98                      break;
  99                  case 'certificateString':
 100                      $this->setCertificateString($value);
 101                      break;
 102                  case 'certificatePath':
 103                      $this->setCertificatePath($value);
 104                      break;
 105                  case 'hashAlgorithm':
 106                      $this->setHashAlgorithm($value);
 107                      break;
 108              }
 109          }
 110      }
 111  
 112      public function getPrivateKey()
 113      {
 114          return $this->_privateKey;
 115      }
 116  
 117      public function getPublicKey()
 118      {
 119          return $this->_publicKey;
 120      }
 121  
 122      /**
 123       * @param string $data
 124       * @param Zend_Crypt_Rsa_Key_Private $privateKey
 125       * @param string $format
 126       * @return string
 127       */
 128      public function sign($data, Zend_Crypt_Rsa_Key_Private $privateKey = null, $format = null)
 129      {
 130          $signature = '';
 131          if (isset($privateKey)) {
 132              $opensslKeyResource = $privateKey->getOpensslKeyResource();
 133          } else {
 134              $opensslKeyResource = $this->_privateKey->getOpensslKeyResource();
 135          }
 136          $result = openssl_sign(
 137              $data, $signature,
 138              $opensslKeyResource,
 139              $this->getHashAlgorithm()
 140          );
 141          if ($format == self::BASE64) {
 142              return base64_encode($signature);
 143          }
 144          return $signature;
 145      }
 146  
 147      /**
 148       * @param string $data
 149       * @param string $signature
 150       * @param string $format
 151       * @return string
 152       */
 153      public function verifySignature($data, $signature, $format = null)
 154      {
 155          if ($format == self::BASE64) {
 156              $signature = base64_decode($signature);
 157          }
 158          $result = openssl_verify($data, $signature,
 159              $this->getPublicKey()->getOpensslKeyResource(),
 160              $this->getHashAlgorithm());
 161          return $result;
 162      }
 163  
 164      /**
 165       * @param string $data
 166       * @param Zend_Crypt_Rsa_Key $key
 167       * @param string $format
 168       * @return string
 169       */
 170      public function encrypt($data, Zend_Crypt_Rsa_Key $key, $format = null)
 171      {
 172          $encrypted = '';
 173          $function = 'openssl_public_encrypt';
 174          if ($key instanceof Zend_Crypt_Rsa_Key_Private) {
 175              $function = 'openssl_private_encrypt';
 176          }
 177          $function($data, $encrypted, $key->getOpensslKeyResource());
 178          if ($format == self::BASE64) {
 179              return base64_encode($encrypted);
 180          }
 181          return $encrypted;
 182      }
 183  
 184      /**
 185       * @param string $data
 186       * @param Zend_Crypt_Rsa_Key $key
 187       * @param string $format
 188       * @return string
 189       */
 190      public function decrypt($data, Zend_Crypt_Rsa_Key $key, $format = null)
 191      {
 192          $decrypted = '';
 193          if ($format == self::BASE64) {
 194              $data = base64_decode($data);
 195          }
 196          $function = 'openssl_private_decrypt';
 197          if ($key instanceof Zend_Crypt_Rsa_Key_Public) {
 198              $function = 'openssl_public_decrypt';
 199          }
 200          $function($data, $decrypted, $key->getOpensslKeyResource());
 201          return $decrypted;
 202      }
 203  
 204      /**
 205       * @param  array $configargs
 206       * 
 207       * @throws Zend_Crypt_Rsa_Exception
 208       * 
 209       * @return ArrayObject
 210       */
 211      public function generateKeys(array $configargs = null)
 212      {
 213          $config = null;
 214          $passPhrase = null;
 215          if ($configargs !== null) {
 216              if (isset($configargs['passPhrase'])) {
 217                  $passPhrase = $configargs['passPhrase'];
 218                  unset($configargs['passPhrase']);
 219              }
 220              $config = $this->_parseConfigArgs($configargs);
 221          }
 222          $privateKey = null;
 223          $publicKey = null;
 224          $resource = openssl_pkey_new($config);
 225          if (!$resource) {
 226              require_once  'Zend/Crypt/Rsa/Exception.php';
 227              throw new Zend_Crypt_Rsa_Exception('Failed to generate a new private key');
 228          }
 229          // above fails on PHP 5.3
 230          openssl_pkey_export($resource, $private, $passPhrase);
 231          $privateKey = new Zend_Crypt_Rsa_Key_Private($private, $passPhrase);
 232          $details = openssl_pkey_get_details($resource);
 233          $publicKey = new Zend_Crypt_Rsa_Key_Public($details['key']);
 234          $return = new ArrayObject(array(
 235             'privateKey'=>$privateKey,
 236             'publicKey'=>$publicKey
 237          ), ArrayObject::ARRAY_AS_PROPS);
 238          return $return;
 239      }
 240  
 241      /**
 242       * @param string $value
 243       */
 244      public function setPemString($value)
 245      {
 246          $this->_pemString = $value;
 247          try {
 248              $this->_privateKey = new Zend_Crypt_Rsa_Key_Private($this->_pemString, $this->_passPhrase);
 249              $this->_publicKey = $this->_privateKey->getPublicKey();
 250          } catch (Zend_Crypt_Exception $e) {
 251              $this->_privateKey = null;
 252              $this->_publicKey = new Zend_Crypt_Rsa_Key_Public($this->_pemString);
 253          }
 254      }
 255  
 256      public function setPemPath($value)
 257      {
 258          $this->_pemPath = $value;
 259          $this->setPemString(file_get_contents($this->_pemPath));
 260      }
 261  
 262      public function setCertificateString($value)
 263      {
 264          $this->_certificateString = $value;
 265          $this->_publicKey = new Zend_Crypt_Rsa_Key_Public($this->_certificateString, $this->_passPhrase);
 266      }
 267  
 268      public function setCertificatePath($value)
 269      {
 270          $this->_certificatePath = $value;
 271          $this->setCertificateString(file_get_contents($this->_certificatePath));
 272      }
 273  
 274      public function setHashAlgorithm($name)
 275      {
 276          switch (strtolower($name)) {
 277              case 'md2':
 278                  $this->_hashAlgorithm = OPENSSL_ALGO_MD2;
 279                  break;
 280              case 'md4':
 281                  $this->_hashAlgorithm = OPENSSL_ALGO_MD4;
 282                  break;
 283              case 'md5':
 284                  $this->_hashAlgorithm = OPENSSL_ALGO_MD5;
 285                  break;
 286              case 'sha1':
 287                  $this->_hashAlgorithm = OPENSSL_ALGO_SHA1;
 288                  break;
 289              case 'dss1':
 290                  $this->_hashAlgorithm = OPENSSL_ALGO_DSS1;
 291                  break;
 292          }
 293      }
 294  
 295      /**
 296       * @return string
 297       */
 298      public function getPemString()
 299      {
 300          return $this->_pemString;
 301      }
 302  
 303      public function getPemPath()
 304      {
 305          return $this->_pemPath;
 306      }
 307  
 308      public function getCertificateString()
 309      {
 310          return $this->_certificateString;
 311      }
 312  
 313      public function getCertificatePath()
 314      {
 315          return $this->_certificatePath;
 316      }
 317  
 318      public function getHashAlgorithm()
 319      {
 320          return $this->_hashAlgorithm;
 321      }
 322  
 323      protected function _parseConfigArgs(array $config = null)
 324      {
 325          $configs = array();
 326          if (isset($config['private_key_bits'])) {
 327              $configs['private_key_bits'] = $config['private_key_bits'];
 328          }
 329          if (isset($config['privateKeyBits'])) {
 330              $configs['private_key_bits'] = $config['privateKeyBits'];
 331          }
 332          if (!empty($configs)) {
 333              return $configs;
 334          }
 335          return null;
 336      }
 337  
 338  }