PHP openssl_pkey_get_private函数代码示例

 function rsa_decrypt($ciphertext, $private_key, $password)
 {
     // 암호문을 base64로 디코딩한다.
     $ciphertext = @base64_decode($ciphertext, true);
     if ($ciphertext === false) {
         return false;
     }
     // 개인키를 사용하여 복호화한다.
     $privkey_decoded = @openssl_pkey_get_private($private_key, $password);
     if ($privkey_decoded === false) {
         return false;
     }
     $plaintext = false;
     $status = @openssl_private_decrypt($ciphertext, $plaintext, $privkey_decoded);
     @openssl_pkey_free($privkey_decoded);
     if (!$status || $plaintext === false) {
         return false;
     }
     // 압축을 해제하여 평문을 얻는다.
     $plaintext = @gzuncompress($plaintext);
     if ($plaintext === false) {
         return false;
     }
     // 이상이 없는 경우 평문을 반환한다.
     return $plaintext;
 }

 /**
  * Test the plugin configuration form.
  *
  * @group key
  */
 public function testFileContentsKey()
 {
     $form = [];
     // Mock the translation manager translate method. This test does not assert
     // any other translation messages so the return value will always be the
     // same message on each consecutive call to t().
     $this->translationManager->expects($this->any())->method('translate')->withConsecutive(['File location'], ['The location of the file in which the key will be stored. The path may be absolute (e.g., %abs), relative to the Drupal directory (e.g., %rel), or defined using a stream wrapper (e.g., %str).'], ['File does not exist or is not readable.'])->willReturn('File does not exist or is not readable.');
     $form['key_settings'] = $this->plugin->buildConfigurationForm($form, $this->form_state);
     $this->assertNotNull($form['key_settings']['file_location']);
     // Test that the file is validated.
     $this->form_state->setValues(['file_location' => 'bogus']);
     $this->plugin->validateConfigurationForm($form, $this->form_state);
     $this->assertEquals('File does not exist or is not readable.', $this->form_state->getErrors()['file_location']);
     // Set the form state value, and simulate a form submission.
     $this->form_state->clearErrors();
     $this->form_state->setValues(['file_location' => $this->keyFile]);
     $this->plugin->validateConfigurationForm($form, $this->form_state);
     $this->assertEmpty($this->form_state->getErrors());
     // Submission.
     $this->plugin->submitConfigurationForm($form, $this->form_state);
     $this->assertEquals($this->keyFile, $this->plugin->getConfiguration()['file_location']);
     // Make sure that the file contents are valid.
     $resource = openssl_pkey_get_private($this->plugin->getKeyValue());
     $this->assertNotFalse($resource);
 }

 public function sign($data, $key, $passphrase = '')
 {
     $privateKey = openssl_pkey_get_private($key, $passphrase);
     openssl_sign($data, $signature, $privateKey);
     openssl_free_key($privateKey);
     return $signature;
 }

 public function getKey()
 {
     if (false === isset($this->key)) {
         $this->key = openssl_pkey_get_private(file_get_contents($this->getKeylocation()));
     }
     return $this->key;
 }

 /**
  * Converts a string representation of a key into an OpenSSL resource
  *
  * @param string|resource $key
  * @param string          $password
  * @return resource OpenSSL key resource
  */
 protected function getKeyResource($key, $password = null)
 {
     if (is_resource($key)) {
         return $key;
     }
     return openssl_pkey_get_public($key) ?: openssl_pkey_get_private($key, $password);
 }

 public static function privateKey($uri, $ts)
 {
     if (self::privateExists($uri, $ts)) {
         return openssl_pkey_get_private(array('file://' . self::_basePath() . '/' . md5($uri . $ts) . '.pri', ''));
     }
     return false;
 }

 /**
  * Returns a private key from file path or content
  *
  * @param string $key
  * @param string $passphrase
  *
  * @return resource
  *
  * @throws InvalidArgumentException
  */
 public function getPrivateKey($key, $passphrase = '')
 {
     if ($privateKey = openssl_pkey_get_private($key, $passphrase)) {
         return $privateKey;
     }
     throw new InvalidArgumentException('You should provid a valid private key (with its passphrase when used)');
 }

 protected function fetch_private_cert(&$request)
 {
     $file = Shindig_Config::get('private_key_file');
     if (!(file_exists($file) && is_readable($file))) {
         throw new Exception("Error loding private key");
     }
     $private_key = @file_get_contents($file);
     if (!$private_key) {
         throw new Exception("Error loding private key");
     }
     $phrase = Shindig_Config::get('private_key_phrase');
     if (strpos($private_key, '-----BEGIN') === false) {
         $tmp .= "-----BEGIN PRIVATE KEY-----\n";
         $chunks .= str_split($private_key, 64);
         foreach ($chunks as $chunk) {
             $tmp .= $chunk . "\n";
         }
         $tmp .= "-----END PRIVATE KEY-----";
         $private_key = $tmp;
     }
     if (!($rsa_private_key = @openssl_pkey_get_private($private_key, $phrase))) {
         throw new Exception("Could not create the key");
     }
     return $rsa_private_key;
 }

 public function __construct()
 {
     $strCoreKey = "";
     $strPackageKey = "";
     //==================================================================
     $objPackages = $this->db->query("SELECT * FROM __repo_packages WHERE category");
     if ($objPackages) {
         while ($row = $objPackages->fetchAssoc()) {
             if (intval($row['category']) == 8) {
                 $privateKey = $strCoreKey;
             } else {
                 $privateKey = $strPackageKey;
             }
             if ($row['filehash'] != "") {
                 $strHash = $row['filehash'];
                 // fetch private key from file and ready it
                 $strKey = "file://" . $privateKey;
                 $pkeyid = openssl_pkey_get_private($strKey);
                 // compute signature
                 openssl_sign($strHash, $signature, $pkeyid, "sha1WithRSAEncryption");
                 // free the key from memory
                 openssl_free_key($pkeyid);
                 $signature = base64_encode($signature);
                 echo "UPDATE eqdkp20_repo_packages SET signature = '" . $signature . "' WHERE id=" . $row['id'] . "; ";
             }
         }
     }
 }

function decryptPrivate($path, $cText)
{
    $fcontents = file_get_contents($path);
    $privateKey = openssl_pkey_get_private($fcontents, "symelosh");
    openssl_private_decrypt($cText, $decrypted, $privateKey);
    return $decrypted;
}

 /**
  * {@inheritdoc}
  */
 public function decrypt($data, $key, $passphrase = '')
 {
     $privateKey = openssl_pkey_get_private($key, $passphrase);
     openssl_private_decrypt($data, $messageDecrypted, $privateKey);
     openssl_free_key($privateKey);
     return $messageDecrypted;
 }

function gal_service_account_upgrade(&$option, $gal_option_name, &$existing_sa_options, $gal_sa_option_name)
{
    /* Convert ga_serviceemail ga_keyfilepath
     * into new separate sa options:
     * ga_sakey, ga_serviceemail, ga_pkey_print
     */
    if (count($existing_sa_options)) {
        return;
    }
    $existing_sa_options = array('ga_serviceemail' => isset($option['ga_serviceemail']) ? $option['ga_serviceemail'] : '', 'ga_sakey' => '', 'ga_pkey_print' => '<unspecified>');
    try {
        if (version_compare(PHP_VERSION, '5.3.0') >= 0 && function_exists('openssl_x509_read')) {
            if (isset($option['ga_keyfilepath']) && $option['ga_keyfilepath'] != '' && file_exists($option['ga_keyfilepath'])) {
                $p12key = @file_get_contents($option['ga_keyfilepath']);
                $certs = array();
                if (openssl_pkcs12_read($p12key, $certs, 'notasecret')) {
                    if (array_key_exists("pkey", $certs) && $certs["pkey"]) {
                        $privateKey = openssl_pkey_get_private($certs['pkey']);
                        $pemString = '';
                        if (openssl_pkey_export($privateKey, $pemString)) {
                            $existing_sa_options['ga_sakey'] = $pemString;
                        }
                        openssl_pkey_free($privateKey);
                        @unlink($options['ga_keyfilepath']);
                    }
                }
            }
        }
    } catch (Exception $e) {
        // Never mind
    }
    // Remove redundant parts of regular options
    unset($option['ga_serviceemail']);
    unset($option['ga_keyfilepath']);
}

 function __construct($clientcrt, $clientkey, $clientpw = NULL, $logging = false)
 {
     if (is_bool($logging)) {
         $this->logging = $logging;
     }
     if (!openssl_pkey_get_private(is_file($clientkey) ? "file://" . $clientkey : $clientkey, $clientpw)) {
         $this->log("Invalid client private key.", true);
     }
     if (!openssl_pkey_get_public(is_file($clientcrt) ? "file://" . $clientcrt : $clientcrt)) {
         $this->log("Invalid client public key.", true);
     }
     $this->log("Certificate / key looks valid.");
     $handle = curl_init();
     curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
     curl_setopt($handle, CURLOPT_HEADER, true);
     curl_setopt($handle, CURLOPT_USERAGENT, sprintf("StartSSL-PHP-API/%s", self::VERSION));
     curl_setopt($handle, CURLOPT_URL, $this->authUrl);
     curl_setopt($handle, CURLOPT_SSLCERT, $clientcrt);
     curl_setopt($handle, CURLOPT_SSLKEY, $clientkey);
     if (!is_null($clientpw)) {
         curl_setopt($handle, CURLOPT_SSLKEYPASSWD, $clientpw);
     }
     $this->log("Authenticating...");
     $result = curl_exec($handle);
     preg_match('/^Set-Cookie: (MyStartSSLCookie=.*)$/m', $result, $matches);
     if (isset($matches[1])) {
         $this->cookie = $matches[1];
         $this->log("User authenticated.");
     } else {
         $this->log("Unable to authenticate. Check certificate/key.", true);
     }
 }

 private function setPrivateKey($key, $passPhrase)
 {
     $this->privateKey = @openssl_pkey_get_private($key, $passPhrase);
     if (!$this->validateOpenSslKey($this->privateKey)) {
         throw new InvalidArgumentException('Unable to create private key' . ' from provided key. Key must be a PEM encoded private key or' . ' a path to a file containing a PEM encoded private key.');
     }
 }

 /**
  * getSignMsg 计算前面
  *
  * @param array $pay_params
  *        	计算前面数据
  * @param string $sign_type
  *        	签名类型
  * @return string $signMsg 返回密文
  */
 function getSignMsg($pay_params = array(), $sign_type)
 {
     $params_str = "";
     $signMsg = "";
     $sina_config = \System\Entrance::config('SINA_FUND_MANAGED');
     foreach ($pay_params as $key => $val) {
         if ($key != "sign" && $key != "sign_type" && $key != "sign_version" && isset($val) && @$val != "") {
             $params_str .= $key . "=" . $val . "&";
         }
     }
     $params_str = substr($params_str, 0, -1);
     switch (@$sign_type) {
         case 'RSA':
             //签名私钥
             $private_key = $sina_config['private_key'];
             $priv_key = file_get_contents($private_key);
             $pkeyid = openssl_pkey_get_private($priv_key);
             openssl_sign($params_str, $signMsg, $pkeyid, OPENSSL_ALGO_SHA1);
             openssl_free_key($pkeyid);
             $signMsg = base64_encode($signMsg);
             break;
         case 'MD5':
         default:
             $params_str = $params_str . $sina_config['md5_key'];
             $signMsg = strtolower(md5($params_str));
             break;
     }
     return $signMsg;
 }