Add optional SHA1 hashing for sign and verify functions base64 encoding and decoding.
This commit is contained in:
parent
3b3271b94f
commit
5eeb06805a
1 changed files with 16 additions and 4 deletions
|
@ -54,7 +54,7 @@ class Cryptography
|
||||||
private static function pemToDer(string $pemKey): string
|
private static function pemToDer(string $pemKey): string
|
||||||
{
|
{
|
||||||
$pemKey = preg_replace('/-----(BEGIN|END) [A-Z ]+-----/', '', $pemKey);
|
$pemKey = preg_replace('/-----(BEGIN|END) [A-Z ]+-----/', '', $pemKey);
|
||||||
return base64_decode(str_replace(["\n", "\r", " "], '', $pemKey));
|
return Utilities::base64decode(str_replace(["\n", "\r", " "], '', $pemKey));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -66,7 +66,7 @@ class Cryptography
|
||||||
*/
|
*/
|
||||||
private static function derToPem(string $derKey, string $type): string
|
private static function derToPem(string $derKey, string $type): string
|
||||||
{
|
{
|
||||||
$formattedKey = chunk_split(base64_encode($derKey), 64);
|
$formattedKey = chunk_split(Utilities::base64encode($derKey), 64);
|
||||||
$headerFooter = strtoupper($type) === self::PEM_PUBLIC_HEADER
|
$headerFooter = strtoupper($type) === self::PEM_PUBLIC_HEADER
|
||||||
? "PUBLIC KEY" : "PRIVATE KEY";
|
? "PUBLIC KEY" : "PRIVATE KEY";
|
||||||
|
|
||||||
|
@ -78,10 +78,11 @@ class Cryptography
|
||||||
*
|
*
|
||||||
* @param string $content The content to be signed.
|
* @param string $content The content to be signed.
|
||||||
* @param string $privateKey The private key used to sign the content.
|
* @param string $privateKey The private key used to sign the content.
|
||||||
|
* @param bool $hashContent Whether to hash the content using SHA1 before signing it. Default is false.
|
||||||
* @return string The Base64 encoded signature of the content.
|
* @return string The Base64 encoded signature of the content.
|
||||||
* @throws CryptographyException If the private key is invalid or if the content signing fails.
|
* @throws CryptographyException If the private key is invalid or if the content signing fails.
|
||||||
*/
|
*/
|
||||||
public static function signContent(string $content, string $privateKey): string
|
public static function signContent(string $content, string $privateKey, bool $hashContent=false): string
|
||||||
{
|
{
|
||||||
$privateKey = openssl_pkey_get_private(self::derToPem(Utilities::base64decode($privateKey), self::PEM_PRIVATE_HEADER));
|
$privateKey = openssl_pkey_get_private(self::derToPem(Utilities::base64decode($privateKey), self::PEM_PRIVATE_HEADER));
|
||||||
if (!$privateKey)
|
if (!$privateKey)
|
||||||
|
@ -89,6 +90,11 @@ class Cryptography
|
||||||
throw new CryptographyException('Invalid private key: ' . openssl_error_string());
|
throw new CryptographyException('Invalid private key: ' . openssl_error_string());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if($hashContent)
|
||||||
|
{
|
||||||
|
$content = hash('sha1', $content);
|
||||||
|
}
|
||||||
|
|
||||||
if (!openssl_sign($content, $signature, $privateKey, self::HASH_ALGORITHM))
|
if (!openssl_sign($content, $signature, $privateKey, self::HASH_ALGORITHM))
|
||||||
{
|
{
|
||||||
throw new CryptographyException('Failed to sign content: ' . openssl_error_string());
|
throw new CryptographyException('Failed to sign content: ' . openssl_error_string());
|
||||||
|
@ -103,10 +109,11 @@ class Cryptography
|
||||||
* @param string $content The content to be verified.
|
* @param string $content The content to be verified.
|
||||||
* @param string $signature The digital signature to verify against.
|
* @param string $signature The digital signature to verify against.
|
||||||
* @param string $publicKey The public key to use for verification.
|
* @param string $publicKey The public key to use for verification.
|
||||||
|
* @param bool $hashContent Whether to hash the content using SHA1 before verifying it. Default is false.
|
||||||
* @return bool Returns true if the content verification is successful, false otherwise.
|
* @return bool Returns true if the content verification is successful, false otherwise.
|
||||||
* @throws CryptographyException If the public key is invalid or if the signature verification fails.
|
* @throws CryptographyException If the public key is invalid or if the signature verification fails.
|
||||||
*/
|
*/
|
||||||
public static function verifyContent(string $content, string $signature, string $publicKey): bool
|
public static function verifyContent(string $content, string $signature, string $publicKey, bool $hashContent=false): bool
|
||||||
{
|
{
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
|
@ -122,6 +129,11 @@ class Cryptography
|
||||||
throw new CryptographyException('Invalid public key: ' . openssl_error_string());
|
throw new CryptographyException('Invalid public key: ' . openssl_error_string());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if($hashContent)
|
||||||
|
{
|
||||||
|
$content = hash('sha1', $content);
|
||||||
|
}
|
||||||
|
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
return openssl_verify($content, Utilities::base64decode($signature), $publicKey, self::HASH_ALGORITHM) === 1;
|
return openssl_verify($content, Utilities::base64decode($signature), $publicKey, self::HASH_ALGORITHM) === 1;
|
||||||
|
|
Loading…
Add table
Reference in a new issue