Closed DanielRuf closed 8 years ago
Confirmed, I think? With this code:
<?php
require_once dirname(__FILE__).'/../vendor/autoload.php';
require_once dirname(__FILE__).'/../lib/openpgp.php';
require_once dirname(__FILE__).'/../lib/openpgp_crypt_rsa.php';
$rsa = new \phpseclib\Crypt\RSA();
$k = $rsa->createKey(512);
$rsa->loadKey($k['privatekey']);
$nkey = new OpenPGP_SecretKeyPacket(array(
'n' => $rsa->modulus->toBytes(),
'e' => $rsa->publicExponent->toBytes(),
'd' => $rsa->exponent->toBytes(),
'p' => $rsa->primes[1]->toBytes(),
'q' => $rsa->primes[2]->toBytes(),
'u' => $rsa->coefficients[2]->toBytes()
));
var_dump($nkey);
I get this output:
$ php examples/keygen.php
object(OpenPGP_SecretKeyPacket)#15 (15) {
["s2k_useage"]=>
NULL
["s2k"]=>
NULL
["symmetric_algorithm"]=>
NULL
["private_hash"]=>
NULL
["encrypted_data"]=>
NULL
["version"]=>
int(4)
["timestamp"]=>
int(1456318753)
["algorithm"]=>
int(1)
(Output snipped for length.)
That's not what happens for me. To be perfectly clear, the full example I'm using (unchanged from the cloned repository except for adding Composer's autoload.php
and using the full namespace to \phpseclib\Crypt\RSA()
instead of the Crypt_RSA
alias, and without the earlier var_dump
as you asked for) is this code:
<?php
require_once dirname(__FILE__).'/../vendor/autoload.php';
require_once dirname(__FILE__).'/../lib/openpgp.php';
require_once dirname(__FILE__).'/../lib/openpgp_crypt_rsa.php';
$rsa = new \phpseclib\Crypt\RSA();
$k = $rsa->createKey(512);
$rsa->loadKey($k['privatekey']);
$nkey = new OpenPGP_SecretKeyPacket(array(
'n' => $rsa->modulus->toBytes(),
'e' => $rsa->publicExponent->toBytes(),
'd' => $rsa->exponent->toBytes(),
'p' => $rsa->primes[1]->toBytes(),
'q' => $rsa->primes[2]->toBytes(),
'u' => $rsa->coefficients[2]->toBytes()
));
$uid = new OpenPGP_UserIDPacket('Test <test@example.com>');
$wkey = new OpenPGP_Crypt_RSA($nkey);
$m = $wkey->sign_key_userid(array($nkey, $uid));
// Serialize private key
print $m->to_bytes();
// Serialize public key message
$pubm = clone($m);
$pubm[0] = new OpenPGP_PublicKeyPacket($pubm[0]);
$public_bytes = $pubm->to_bytes();
And when I run that, I get this (expected?) output:
$ php examples/keygen.php
??^1?v?(????/g??d??@a????|c???{????:M?ZZ?d??G2??cN`?qH?b??F?(z????????h??KS????g2??ov??n??k?K???1x??q???+?kٙw?L??d??&0l??|_'?}o?z+?͂_?ҮX]??S(??ͩT
??Test <test@example.com>?? ?Vͪ?? ?!??? ??2??2? ???Y?"???s1#~bN?%??yGBb????'CH?v?1\IV?pI?6|?kE̦L@Oы??g
@meitar Wait, I still get the results, even using this code:
include 'vendor/autoload.php';
require_once dirname(__FILE__).'/lib/openpgp.php';
require_once dirname(__FILE__).'/lib/openpgp_crypt_rsa.php';
/* Parse secret key from STDIN, the key must not be password protected */
//$rsa = new Crypt_RSA();
$key=getKey("
-----BEGIN PGP PRIVATE KEY BLOCK-----
*snip*
-----END PGP PRIVATE KEY BLOCK-----
");
$signer = new OpenPGP_Crypt_RSA($key[0]);
$m = $signer->sign("test");
$packets = $m->signatures()[0];
$clearsign = "-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n";
$clearsign .= preg_replace("/^-/", "- -", $packets[0]->data)."\n";
// print $clearsign.apply_filters('openpgp_enarmor', $packets[1][0]->to_bytes(), 'PGP SIGNATURE');
function getKey ($key, $ascii = true) {
if ($ascii) {
preg_match('/-----BEGIN ([A-Za-z ]+)-----/', $key, $matches);
$marker = (empty($matches[1])) ? 'MESSAGE' : $matches[1];
$key = OpenPGP::unarmor($key, $marker);
}
$openpgp_msg = OpenPGP_Message::parse($key);
return (is_null($openpgp_msg)) ? false : $openpgp_msg;
}
But why? =(
I still can't reproduce that. There is no output on that code for me. When I call OpenPGP_Crypt_RSA::sign()
I get a result returned ($m = $signer->sign("test"); var_dump($m);
) like the following, but otherwise no printed output:
object(OpenPGP_Message)#21 (2) {
["uri"]=>
NULL
["packets"]=>
array(2) {
[0]=>
object(OpenPGP_SignaturePacket)#17 (11) {
["version"]=>
int(4)
["signature_type"]=>
int(0)
["hash_algorithm"]=>
int(8)
["key_algorithm"]=>
int(1)
["hashed_subpackets"]=>
array(2) {
[0]=>
object(OpenPGP_SignaturePacket_SignatureCreationTimePacket)#19 (3) {
["tag"]=>
int(2)
["size"]=>
NULL
["data"]=>
int(1456320408)
}
[1]=>
object(OpenPGP_SignaturePacket_IssuerPacket)#20 (3) {
["tag"]=>
int(16)
["size"]=>
NULL
["data"]=>
string(16) "A82A452E866F5565"
}
}
["unhashed_subpackets"]=>
NULL
["hash_head"]=>
int(20137)
["trailer"]=>
string(36) ?Vͯ?? ?*E.?oUe?"
["tag"]=>
int(2)
["size"]=>
NULL
["data"]=>
array(1) {
[0]=>
7??_W?-??ߺ?\7e?&b???L?ɽ͇8?j?,&܊?M??{z*??<?"??W9l?e@?F?????wLt)?XqS&??V0?v?<*^?B\?6???;:U?àD՝l??t?1??]?:
fQ???w+ܴ?%?#o" ????f}?Ϟ֢?O
}
}
[1]=>
object(OpenPGP_LiteralDataPacket)#10 (6) {
["format"]=>
string(1) "b"
["filename"]=>
string(4) "data"
["timestamp"]=>
int(1456320408)
["tag"]=>
int(11)
["size"]=>
NULL
["data"]=>
string(4) "test"
}
}
}
Weird.Running the code under XAMPP with PHP 5.6. Why is the returned code printed to the output like print / var_dump? Hm. @singpolyma, any idea? Also used the example code directly.
<?php
require 'vendor/autoload.php';
require_once dirname(__FILE__).'/lib/openpgp.php';
require_once dirname(__FILE__).'/lib/openpgp_crypt_rsa.php';
$rsa = new \phpseclib\Crypt\RSA();
$k = $rsa->createKey(512);
$rsa->loadKey($k['privatekey']);
$nkey = new OpenPGP_SecretKeyPacket(array(
'n' => $rsa->modulus->toBytes(),
'e' => $rsa->publicExponent->toBytes(),
'd' => $rsa->exponent->toBytes(),
'p' => $rsa->primes[1]->toBytes(),
'q' => $rsa->primes[2]->toBytes(),
'u' => $rsa->coefficients[2]->toBytes()
));
$uid = new OpenPGP_UserIDPacket('Test <test@example.com>');
$wkey = new OpenPGP_Crypt_RSA($nkey);
$m = $wkey->sign_key_userid(array($nkey, $uid));
// Serialize private key
print $m->to_bytes();
// Serialize public key message
$pubm = clone($m);
$pubm[0] = new OpenPGP_PublicKeyPacket($pubm[0]);
$public_bytes = $pubm->to_bytes();
maybe a weird XAMPP-ism? Code looks reasonable to me
Hm, ok. But getting the same result even with Bitnami WAMP Stack and cleared cache. Very weird.
Does not reproduce on my system (I was running the clearsign example just now and it worked as expected)
Ok. Will check the system, there is definitely something causing problems on a higher level.
I get
object(OpenPGP_SecretKeyPacket)#15 (15) { ...
output when I sign something using OpenPGP_Crypt_RSA->sign(), but why?