File "PKCS8.php"
Full Path: /home/vantageo/public_html/cache/cache/cache/.wp-cli/wp-content/plugins/wp-database-backup/includes/admin/Destination/SFTP/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php
File size: 7.95 KB
MIME-type: text/x-php
Charset: utf-8
<?php
/**
* PKCS#8 Formatted EC Key Handler
*
* PHP version 5
*
* Processes keys with the following headers:
*
* -----BEGIN ENCRYPTED PRIVATE KEY-----
* -----BEGIN PRIVATE KEY-----
* -----BEGIN PUBLIC KEY-----
*
* Analogous to ssh-keygen's pkcs8 format (as specified by -m). Although PKCS8
* is specific to private keys it's basically creating a DER-encoded wrapper
* for keys. This just extends that same concept to public keys (much like ssh-keygen)
*
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2015 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib3\Crypt\EC\Formats\Keys;
use phpseclib3\Crypt\Common\Formats\Keys\PKCS8 as Progenitor;
use phpseclib3\Crypt\EC\BaseCurves\Base as BaseCurve;
use phpseclib3\Crypt\EC\BaseCurves\Montgomery as MontgomeryCurve;
use phpseclib3\Crypt\EC\BaseCurves\TwistedEdwards as TwistedEdwardsCurve;
use phpseclib3\Crypt\EC\Curves\Ed25519;
use phpseclib3\Crypt\EC\Curves\Ed448;
use phpseclib3\Exception\UnsupportedCurveException;
use phpseclib3\File\ASN1;
use phpseclib3\File\ASN1\Maps;
use phpseclib3\Math\BigInteger;
/**
* PKCS#8 Formatted EC Key Handler
*
* @author Jim Wigginton <terrafrost@php.net>
*/
abstract class PKCS8 extends Progenitor
{
use Common;
/**
* OID Name
*
* @var array
*/
const OID_NAME = ['id-ecPublicKey', 'id-Ed25519', 'id-Ed448'];
/**
* OID Value
*
* @var string
*/
const OID_VALUE = ['1.2.840.10045.2.1', '1.3.101.112', '1.3.101.113'];
/**
* Break a public or private key down into its constituent components
*
* @param string $key
* @param string $password optional
* @return array
*/
public static function load($key, $password = '')
{
// initialize_static_variables() is defined in both the trait and the parent class
// when it's defined in two places it's the traits one that's called
// the parent one is needed, as well, but the parent one is called by other methods
// in the parent class as needed and in the context of the parent it's the parent
// one that's called
self::initialize_static_variables();
$key = parent::load($key, $password);
$type = isset($key['privateKey']) ? 'privateKey' : 'publicKey';
switch ($key[$type . 'Algorithm']['algorithm']) {
case 'id-Ed25519':
case 'id-Ed448':
return self::loadEdDSA($key);
}
$decoded = ASN1::decodeBER($key[$type . 'Algorithm']['parameters']->element);
if (!$decoded) {
throw new \RuntimeException('Unable to decode BER');
}
$params = ASN1::asn1map($decoded[0], Maps\ECParameters::MAP);
if (!$params) {
throw new \RuntimeException('Unable to decode the parameters using Maps\ECParameters');
}
$components = [];
$components['curve'] = self::loadCurveByParam($params);
if ($type == 'publicKey') {
$components['QA'] = self::extractPoint("\0" . $key['publicKey'], $components['curve']);
return $components;
}
$decoded = ASN1::decodeBER($key['privateKey']);
if (!$decoded) {
throw new \RuntimeException('Unable to decode BER');
}
$key = ASN1::asn1map($decoded[0], Maps\ECPrivateKey::MAP);
if (isset($key['parameters']) && $params != $key['parameters']) {
throw new \RuntimeException('The PKCS8 parameter field does not match the private key parameter field');
}
$components['dA'] = new BigInteger($key['privateKey'], 256);
$components['curve']->rangeCheck($components['dA']);
$components['QA'] = isset($key['publicKey']) ?
self::extractPoint($key['publicKey'], $components['curve']) :
$components['curve']->multiplyPoint($components['curve']->getBasePoint(), $components['dA']);
return $components;
}
/**
* Break a public or private EdDSA key down into its constituent components
*
* @return array
*/
private static function loadEdDSA(array $key)
{
$components = [];
if (isset($key['privateKey'])) {
$components['curve'] = $key['privateKeyAlgorithm']['algorithm'] == 'id-Ed25519' ? new Ed25519() : new Ed448();
// 0x04 == octet string
// 0x20 == length (32 bytes)
if (substr($key['privateKey'], 0, 2) != "\x04\x20") {
throw new \RuntimeException('The first two bytes of the private key field should be 0x0420');
}
$arr = $components['curve']->extractSecret(substr($key['privateKey'], 2));
$components['dA'] = $arr['dA'];
$components['secret'] = $arr['secret'];
}
if (isset($key['publicKey'])) {
if (!isset($components['curve'])) {
$components['curve'] = $key['publicKeyAlgorithm']['algorithm'] == 'id-Ed25519' ? new Ed25519() : new Ed448();
}
$components['QA'] = self::extractPoint($key['publicKey'], $components['curve']);
}
if (isset($key['privateKey']) && !isset($components['QA'])) {
$components['QA'] = $components['curve']->multiplyPoint($components['curve']->getBasePoint(), $components['dA']);
}
return $components;
}
/**
* Convert an EC public key to the appropriate format
*
* @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve
* @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey
* @param array $options optional
* @return string
*/
public static function savePublicKey(BaseCurve $curve, array $publicKey, array $options = [])
{
self::initialize_static_variables();
if ($curve instanceof MontgomeryCurve) {
throw new UnsupportedCurveException('Montgomery Curves are not supported');
}
if ($curve instanceof TwistedEdwardsCurve) {
return self::wrapPublicKey(
$curve->encodePoint($publicKey),
null,
$curve instanceof Ed25519 ? 'id-Ed25519' : 'id-Ed448'
);
}
$params = new ASN1\Element(self::encodeParameters($curve, false, $options));
$key = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes();
return self::wrapPublicKey($key, $params, 'id-ecPublicKey');
}
/**
* Convert a private key to the appropriate format.
*
* @param \phpseclib3\Math\BigInteger $privateKey
* @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve
* @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey
* @param string $secret optional
* @param string $password optional
* @param array $options optional
* @return string
*/
public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, array $publicKey, $secret = null, $password = '', array $options = [])
{
self::initialize_static_variables();
if ($curve instanceof MontgomeryCurve) {
throw new UnsupportedCurveException('Montgomery Curves are not supported');
}
if ($curve instanceof TwistedEdwardsCurve) {
return self::wrapPrivateKey(
"\x04\x20" . $secret,
[],
null,
$password,
$curve instanceof Ed25519 ? 'id-Ed25519' : 'id-Ed448'
);
}
$publicKey = "\4" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes();
$params = new ASN1\Element(self::encodeParameters($curve, false, $options));
$key = [
'version' => 'ecPrivkeyVer1',
'privateKey' => $privateKey->toBytes(),
//'parameters' => $params,
'publicKey' => "\0" . $publicKey
];
$key = ASN1::encodeDER($key, Maps\ECPrivateKey::MAP);
return self::wrapPrivateKey($key, [], $params, $password, 'id-ecPublicKey', '', $options);
}
}