00001 <?php
00026 require_once 'Zend/Crypt/Rsa/Key/Private.php';
00027
00031 require_once 'Zend/Crypt/Rsa/Key/Public.php';
00032
00039 class Zend_Crypt_Rsa
00040 {
00041
00042 const BINARY = 'binary';
00043 const BASE64 = 'base64';
00044
00045 protected $_privateKey = null;
00046
00047 protected $_publicKey = null;
00048
00052 protected $_pemString = null;
00053
00054 protected $_pemPath = null;
00055
00056 protected $_certificateString = null;
00057
00058 protected $_certificatePath = null;
00059
00060 protected $_hashAlgorithm = OPENSSL_ALGO_SHA1;
00061
00062 protected $_passPhrase = null;
00063
00064 public function __construct(array $options = null)
00065 {
00066 if (isset($options)) {
00067 $this->setOptions($options);
00068 }
00069 }
00070
00071 public function setOptions(array $options)
00072 {
00073 if (isset($options['passPhrase'])) {
00074 $this->_passPhrase = $options['passPhrase'];
00075 }
00076 foreach ($options as $option=>$value) {
00077 switch ($option) {
00078 case 'pemString':
00079 $this->setPemString($value);
00080 break;
00081 case 'pemPath':
00082 $this->setPemPath($value);
00083 break;
00084 case 'certificateString':
00085 $this->setCertificateString($value);
00086 break;
00087 case 'certificatePath':
00088 $this->setCertificatePath($value);
00089 break;
00090 case 'hashAlgorithm':
00091 $this->setHashAlgorithm($value);
00092 break;
00093 }
00094 }
00095 }
00096
00097 public function getPrivateKey()
00098 {
00099 return $this->_privateKey;
00100 }
00101
00102 public function getPublicKey()
00103 {
00104 return $this->_publicKey;
00105 }
00106
00113 public function sign($data, Zend_Crypt_Rsa_Key_Private $privateKey = null, $format = null)
00114 {
00115 $signature = '';
00116 if (isset($privateKey)) {
00117 $opensslKeyResource = $privateKey->getOpensslKeyResource();
00118 } else {
00119 $opensslKeyResource = $this->_privateKey->getOpensslKeyResource();
00120 }
00121 $result = openssl_sign(
00122 $data, $signature,
00123 $opensslKeyResource,
00124 $this->getHashAlgorithm()
00125 );
00126 if ($format == self::BASE64) {
00127 return base64_encode($signature);
00128 }
00129 return $signature;
00130 }
00131
00138 public function verifySignature($data, $signature, $format = null)
00139 {
00140 if ($format == self::BASE64) {
00141 $signature = base64_decode($signature);
00142 }
00143 $result = openssl_verify($data, $signature,
00144 $this->getPublicKey()->getOpensslKeyResource(),
00145 $this->getHashAlgorithm());
00146 return $result;
00147 }
00148
00155 public function encrypt($data, Zend_Crypt_Rsa_Key $key, $format = null)
00156 {
00157 $encrypted = '';
00158 $function = 'openssl_public_encrypt';
00159 if ($key instanceof Zend_Crypt_Rsa_Key_Private) {
00160 $function = 'openssl_private_encrypt';
00161 }
00162 $function($data, $encrypted, $key->getOpensslKeyResource());
00163 if ($format == self::BASE64) {
00164 return base64_encode($encrypted);
00165 }
00166 return $encrypted;
00167 }
00168
00175 public function decrypt($data, Zend_Crypt_Rsa_Key $key, $format = null)
00176 {
00177 $decrypted = '';
00178 if ($format == self::BASE64) {
00179 $data = base64_decode($data);
00180 }
00181 $function = 'openssl_private_decrypt';
00182 if ($key instanceof Zend_Crypt_Rsa_Key_Public) {
00183 $function = 'openssl_public_decrypt';
00184 }
00185 $function($data, $decrypted, $key->getOpensslKeyResource());
00186 return $decrypted;
00187 }
00188
00189 public function generateKeys(array $configargs = null)
00190 {
00191 $config = null;
00192 $passPhrase = null;
00193 if (!is_null($configargs)) {
00194 if (isset($configargs['passPhrase'])) {
00195 $passPhrase = $configargs['passPhrase'];
00196 unset($configargs['passPhrase']);
00197 }
00198 $config = $this->_parseConfigArgs($configargs);
00199 }
00200 $privateKey = null;
00201 $publicKey = null;
00202 $resource = openssl_pkey_new($config);
00203
00204 openssl_pkey_export($resource, $private, $passPhrase);
00205 $privateKey = new Zend_Crypt_Rsa_Key_Private($private, $passPhrase);
00206 $details = openssl_pkey_get_details($resource);
00207 $publicKey = new Zend_Crypt_Rsa_Key_Public($details['key']);
00208 $return = new ArrayObject(array(
00209 'privateKey'=>$privateKey,
00210 'publicKey'=>$publicKey
00211 ), ArrayObject::ARRAY_AS_PROPS);
00212 return $return;
00213 }
00214
00218 public function setPemString($value)
00219 {
00220 $this->_pemString = $value;
00221 $this->_privateKey = new Zend_Crypt_Rsa_Key_Private($this->_pemString, $this->_passPhrase);
00222 $this->_publicKey = $this->_privateKey->getPublicKey();
00223 }
00224
00225 public function setPemPath($value)
00226 {
00227 $this->_pemPath = $value;
00228 $this->setPemString(file_get_contents($this->_pemPath));
00229 }
00230
00231 public function setCertificateString($value)
00232 {
00233 $this->_certificateString = $value;
00234 $this->_publicKey = new Zend_Crypt_Rsa_Key_Public($this->_certificateString, $this->_passPhrase);
00235 }
00236
00237 public function setCertificatePath($value)
00238 {
00239 $this->_certificatePath = $value;
00240 $this->setCertificateString(file_get_contents($this->_certificatePath));
00241 }
00242
00243 public function setHashAlgorithm($name)
00244 {
00245 switch ($name) {
00246 case 'md2':
00247 $this->_hashAlgorithm = OPENSSL_ALGO_MD2;
00248 break;
00249 case 'md4':
00250 $this->_hashAlgorithm = OPENSSL_ALGO_MD4;
00251 break;
00252 case 'md5':
00253 $this->_hashAlgorithm = OPENSSL_ALGO_MD5;
00254 break;
00255 }
00256 }
00257
00261 public function getPemString()
00262 {
00263 return $this->_pemString;
00264 }
00265
00266 public function getPemPath()
00267 {
00268 return $this->_pemPath;
00269 }
00270
00271 public function getCertificateString()
00272 {
00273 return $this->_certificateString;
00274 }
00275
00276 public function getCertificatePath()
00277 {
00278 return $this->_certificatePath;
00279 }
00280
00281 public function getHashAlgorithm()
00282 {
00283 return $this->_hashAlgorithm;
00284 }
00285
00286 protected function _parseConfigArgs(array $config = null)
00287 {
00288 $configs = array();
00289 if (isset($config['privateKeyBits'])) {
00290 $configs['private_key_bits'] = $config['privateKeyBits'];
00291 }
00292 if (!empty($configs)) {
00293 return $configs;
00294 }
00295 return null;
00296 }
00297
00298 }