2016-01-14 23:44:39 +00:00
|
|
|
<?php
|
|
|
|
/**
|
2016-02-19 18:09:39 -05:00
|
|
|
* Public/private key encryption.
|
2016-01-14 23:44:39 +00:00
|
|
|
*
|
|
|
|
* @author Alex Bilbie <hello@alexbilbie.com>
|
|
|
|
* @copyright Copyright (c) Alex Bilbie
|
|
|
|
* @license http://mit-license.org/
|
2016-02-19 18:09:39 -05:00
|
|
|
*
|
2016-01-14 23:44:39 +00:00
|
|
|
* @link https://github.com/thephpleague/oauth2-server
|
|
|
|
*/
|
2016-03-17 14:37:21 +00:00
|
|
|
namespace League\OAuth2\Server;
|
2016-01-14 23:44:39 +00:00
|
|
|
|
2016-03-17 14:37:21 +00:00
|
|
|
trait CryptTrait
|
2016-01-14 23:44:39 +00:00
|
|
|
{
|
2016-03-17 14:37:21 +00:00
|
|
|
/**
|
|
|
|
* @var string
|
|
|
|
*/
|
|
|
|
protected $privateKeyPath;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @var string
|
|
|
|
*/
|
|
|
|
protected $publicKeyPath;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set path to private key.
|
|
|
|
*
|
|
|
|
* @param string $privateKeyPath
|
|
|
|
*/
|
|
|
|
public function setPrivateKeyPath($privateKeyPath)
|
|
|
|
{
|
|
|
|
if (strpos($privateKeyPath, 'file://') !== 0) {
|
|
|
|
$privateKeyPath = 'file://' . $privateKeyPath;
|
|
|
|
}
|
|
|
|
|
|
|
|
$this->privateKeyPath = $privateKeyPath;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set path to public key.
|
|
|
|
*
|
|
|
|
* @param string $publicKeyPath
|
|
|
|
*/
|
|
|
|
public function setPublicKeyPath($publicKeyPath)
|
|
|
|
{
|
|
|
|
if (strpos($publicKeyPath, 'file://') !== 0) {
|
|
|
|
$publicKeyPath = 'file://' . $publicKeyPath;
|
|
|
|
}
|
|
|
|
|
|
|
|
$this->publicKeyPath = $publicKeyPath;
|
|
|
|
}
|
|
|
|
|
2016-01-14 23:44:39 +00:00
|
|
|
/**
|
2016-02-19 18:09:39 -05:00
|
|
|
* Encrypt data with a private key.
|
2016-01-14 23:44:39 +00:00
|
|
|
*
|
|
|
|
* @param string $unencryptedData
|
|
|
|
*
|
|
|
|
* @return string
|
|
|
|
*/
|
2016-03-17 14:37:21 +00:00
|
|
|
protected function encrypt($unencryptedData)
|
2016-01-14 23:44:39 +00:00
|
|
|
{
|
2016-03-17 14:37:21 +00:00
|
|
|
$privateKey = openssl_pkey_get_private($this->privateKeyPath);
|
2016-01-14 23:44:39 +00:00
|
|
|
$privateKeyDetails = @openssl_pkey_get_details($privateKey);
|
|
|
|
if ($privateKeyDetails === null) {
|
2016-03-17 14:37:21 +00:00
|
|
|
throw new \LogicException(sprintf('Could not get details of private key: %s', $this->privateKeyPath));
|
2016-01-14 23:44:39 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
$chunkSize = ceil($privateKeyDetails['bits'] / 8) - 11;
|
|
|
|
$output = '';
|
|
|
|
|
|
|
|
while ($unencryptedData) {
|
|
|
|
$chunk = substr($unencryptedData, 0, $chunkSize);
|
|
|
|
$unencryptedData = substr($unencryptedData, $chunkSize);
|
|
|
|
if (openssl_private_encrypt($chunk, $encrypted, $privateKey) === false) {
|
2016-02-12 18:08:27 +00:00
|
|
|
// @codeCoverageIgnoreStart
|
2016-01-14 23:44:39 +00:00
|
|
|
throw new \LogicException('Failed to encrypt data');
|
2016-02-12 18:08:27 +00:00
|
|
|
// @codeCoverageIgnoreEnd
|
2016-01-14 23:44:39 +00:00
|
|
|
}
|
|
|
|
$output .= $encrypted;
|
|
|
|
}
|
|
|
|
openssl_free_key($privateKey);
|
|
|
|
|
|
|
|
return base64_encode($output);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2016-02-19 18:09:39 -05:00
|
|
|
* Decrypt data with a public key.
|
2016-01-14 23:44:39 +00:00
|
|
|
*
|
|
|
|
* @param string $encryptedData
|
|
|
|
*
|
2016-02-12 10:00:41 +00:00
|
|
|
* @throws \LogicException
|
|
|
|
*
|
2016-01-14 23:44:39 +00:00
|
|
|
* @return string
|
|
|
|
*/
|
2016-03-17 14:37:21 +00:00
|
|
|
protected function decrypt($encryptedData)
|
2016-01-14 23:44:39 +00:00
|
|
|
{
|
2016-03-17 14:37:21 +00:00
|
|
|
$publicKey = openssl_pkey_get_public($this->publicKeyPath);
|
2016-01-14 23:44:39 +00:00
|
|
|
$publicKeyDetails = @openssl_pkey_get_details($publicKey);
|
|
|
|
if ($publicKeyDetails === null) {
|
2016-03-17 14:37:21 +00:00
|
|
|
throw new \LogicException(sprintf('Could not get details of public key: %s', $this->publicKeyPath));
|
2016-01-14 23:44:39 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
$chunkSize = ceil($publicKeyDetails['bits'] / 8);
|
|
|
|
$output = '';
|
|
|
|
|
|
|
|
$encryptedData = base64_decode($encryptedData);
|
|
|
|
|
|
|
|
while ($encryptedData) {
|
|
|
|
$chunk = substr($encryptedData, 0, $chunkSize);
|
|
|
|
$encryptedData = substr($encryptedData, $chunkSize);
|
2016-03-17 14:37:21 +00:00
|
|
|
if (openssl_public_decrypt($chunk, $decrypted, $publicKey, OPENSSL_PKCS1_OAEP_PADDING) === false) {
|
2016-02-12 18:08:27 +00:00
|
|
|
// @codeCoverageIgnoreStart
|
2016-01-14 23:44:39 +00:00
|
|
|
throw new \LogicException('Failed to decrypt data');
|
2016-02-12 18:08:27 +00:00
|
|
|
// @codeCoverageIgnoreEnd
|
2016-01-14 23:44:39 +00:00
|
|
|
}
|
|
|
|
$output .= $decrypted;
|
|
|
|
}
|
|
|
|
openssl_free_key($publicKey);
|
|
|
|
|
|
|
|
return $output;
|
|
|
|
}
|
2016-03-17 14:37:21 +00:00
|
|
|
}
|