1<?php 2/** 3 * Crypt_RSA allows to do following operations: 4 * - key pair generation 5 * - encryption and decryption 6 * - signing and sign validation 7 * 8 * This module requires the big_int PECL package, which is available at 9 * http://pecl.php.net/packages/big_int 10 * 11 * PHP versions 4 and 5 12 * 13 * LICENSE: This source file is subject to version 3.0 of the PHP license 14 * that is available through the world-wide-web at the following URI: 15 * http://www.php.net/license/3_0.txt. If you did not receive a copy of 16 * the PHP License and are unable to obtain it through the web, please 17 * send a note to license@php.net so we can mail you a copy immediately. 18 * 19 * @category Encryption 20 * @package Crypt_RSA 21 * @author Alexander Valyalkin <valyala@gmail.com> 22 * @copyright 2005, 2006 Alexander Valyalkin 23 * @license http://www.php.net/license/3_0.txt PHP License 3.0 24 * @version 1.2.0b 25 * @link http://pear.php.net/package/Crypt_RSA 26 */ 27 28/** 29 * this is a sample script, which shows the usage of Crypt_RSA package 30 */ 31 32require_once 'Crypt/RSA.php'; 33 34 35$task = isset($_GET['task']) ? $_GET['task'] : ''; 36 37session_start(); 38switch ($task) { 39case 'generate_key_pair' : generate_key_pair(); break; 40case 'create_sign' : create_sign(); break; 41case 'validate_sign' : validate_sign(); break; 42case 'encrypt' : encrypt(); break; 43case 'decrypt' : decrypt(); break; 44} 45 46print_layout(); 47 48exit; 49 50/***********************************************************/ 51function generate_key_pair() 52{ 53 $key_length = $_POST['key_length']; 54 55 $key_pair = new Crypt_RSA_KeyPair($key_length); 56 check_error($key_pair); 57 58 $public_key = $key_pair->getPublicKey(); 59 $private_key = $key_pair->getPrivateKey(); 60 $_SESSION['public_key'] = $public_key->toString(); 61 $_SESSION['private_key'] = $private_key->toString(); 62 $_SESSION['enc_text'] = ''; 63 $_SESSION['signature'] = ''; 64 $_SESSION['is_sign_valid'] = 'undefined'; 65 header('Location: ' . $_SERVER['PHP_SELF']); 66} 67 68function create_sign() 69{ 70 $document = $_POST['document']; 71 $private_key = $_POST['private_key']; 72 73 $rsa_obj = new Crypt_RSA( 74 array( 75 'private_key' => Crypt_RSA_Key::fromString($private_key), 76 ) 77 ); 78 check_error($rsa_obj); 79 80 $_SESSION['document'] = $document; 81 $_SESSION['private_key'] = $private_key; 82 $_SESSION['signature'] = $rsa_obj->createSign($document); 83 check_error($rsa_obj); 84 header('Location: ' . $_SERVER['PHP_SELF']); 85} 86 87function validate_sign() 88{ 89 $document = $_POST['document']; 90 $signature = $_POST['signature']; 91 $public_key = $_POST['public_key']; 92 93 $key = Crypt_RSA_Key::fromString($public_key); 94 check_error($key); 95 $rsa_obj = new Crypt_RSA; 96 check_error($rsa_obj); 97 98 $_SESSION['is_sign_valid'] = $rsa_obj->validateSign($document, $signature, $key) ? 'valid' : 'invalid'; 99 check_error($rsa_obj); 100 $_SESSION['document'] = $document; 101 $_SESSION['public_key'] = $public_key; 102 $_SESSION['signature'] = $signature; 103 header('Location: ' . $_SERVER['PHP_SELF']); 104} 105 106function encrypt() 107{ 108 $plain_text = $_POST['plain_text']; 109 $public_key = $_POST['public_key']; 110 111 $key = Crypt_RSA_Key::fromString($public_key); 112 check_error($key); 113 $rsa_obj = new Crypt_RSA; 114 check_error($rsa_obj); 115 116 $_SESSION['plain_text'] = $plain_text; 117 $_SESSION['public_key'] = $public_key; 118 $_SESSION['enc_text'] = $rsa_obj->encrypt($plain_text, $key); 119 check_error($rsa_obj); 120 header('Location: ' . $_SERVER['PHP_SELF']); 121} 122 123function decrypt() 124{ 125 $enc_text = $_POST['enc_text']; 126 $private_key = $_POST['private_key']; 127 128 $key = Crypt_RSA_Key::fromString($private_key); 129 check_error($key); 130 $rsa_obj = new Crypt_RSA; 131 check_error($rsa_obj); 132 $rsa_obj->setParams(array('dec_key' => $key)); 133 check_error($rsa_obj); 134 135 $_SESSION['plain_text'] = $rsa_obj->decrypt($enc_text); 136 check_error($rsa_obj); 137 $_SESSION['private_key'] = $private_key; 138 $_SESSION['enc_text'] = $enc_text; 139 header('Location: ' . $_SERVER['PHP_SELF']); 140} 141 142function print_layout() 143{ 144 $php_self = $_SERVER['PHP_SELF']; 145 $public_key = get_session_var('public_key', true); 146 $private_key = get_session_var('private_key', true); 147 $document = get_session_var('document', true); 148 $signature = get_session_var('signature', true); 149 $plain_text = get_session_var('plain_text', true); 150 $enc_text = get_session_var('enc_text', true); 151 $is_sign_valid = get_session_var('is_sign_valid', true); 152 153 echo <<<END 154 155<html> 156<head> 157 <title>Crypt_RSA example of usage</title> 158 <style type="text/css"> 159 form { margin: 10px; padding: 10px; background: #ccc; border: 1px solid; } 160 textarea { margin-bottom: 10px; } 161 </style> 162</head> 163 164<body> 165<h1>Crypt_RSA example of usage</h1> 166<form action="{$php_self}?task=generate_key_pair" method="POST"> 167 <div> 168 <h1>Key generation</h1> 169 170 Select key length: 171 <select name="key_length"> 172 <option value="32">32 bit</option> 173 <option value="64">64 bit</option> 174 <option value="128">128 bit</option> 175 <option value="256">256 bit</option> 176 <option value="512">512 bit</option> 177 <option value="1024">1024 bit</option> 178 <option value="2048">2048 bit</option> 179 </select><br/> 180 181 Public key:<br/> 182 <textarea style="height:100px;width:90%">{$public_key}</textarea><br/> 183 184 Private key:<br/> 185 <textarea style="height:100px;width:90%">{$private_key}</textarea><br/> 186 187 <input type="submit" value="Start"> 188 </div> 189</form> 190 191<form action="{$php_self}?task=create_sign" method="POST"> 192 <div> 193 <h1>Signing document</h1> 194 195 Document:<br/> 196 <textarea style="height:100px;width:90%" name="document">{$document}</textarea><br/> 197 198 Private key:<br/> 199 <textarea style="height:100px;width:90%" name="private_key">{$private_key}</textarea><br/> 200 201 Signature:<br/> 202 <textarea style="height:100px;width:90%">{$signature}</textarea><br/> 203 204 <input type="submit" value="Sign"> 205 </div> 206</form> 207 208<form action="{$php_self}?task=validate_sign" method="POST"> 209 <div> 210 <h1>Validating document sign</h1> 211 212 Document:<br/> 213 <textarea style="height:100px;width:90%" name="document">{$document}</textarea><br/> 214 215 Signature:<br/> 216 <textarea style="height:100px;width:90%" name="signature">{$signature}</textarea><br/> 217 218 Public key:<br/> 219 <textarea style="height:100px;width:90%" name="public_key">{$public_key}</textarea><br/> 220 221 Result: <span style="font-size:2em">{$is_sign_valid}</span><br/> 222 223 <input type="submit" value="Validate"> 224 </div> 225</form> 226 227<form action="{$php_self}?task=encrypt" method="POST"> 228 <div> 229 <h1>Encrypting</h1> 230 231 Plain text:<br/> 232 <textarea style="height:100px;width:90%" name="plain_text">{$plain_text}</textarea><br/> 233 234 Public key:<br/> 235 <textarea style="height:100px;width:90%" name="public_key">{$public_key}</textarea><br/> 236 237 Encrypted text:<br/> 238 <textarea style="height:100px;width:90%">{$enc_text}</textarea><br/> 239 240 <input type="submit" value="Encrypt"> 241 </div> 242</form> 243 244<form action="{$php_self}?task=decrypt" method="POST"> 245 <div> 246 <h1>Decrypting</h1> 247 248 Encrypted text:<br/> 249 <textarea style="height:100px;width:90%" name="enc_text">{$enc_text}</textarea><br/> 250 251 Private key:<br/> 252 <textarea style="height:100px;width:90%" name="private_key">{$private_key}</textarea><br/> 253 254 Plain text:<br/> 255 <textarea style="height:100px;width:90%">{$plain_text}</textarea><br/> 256 257 <input type="submit" value="Decrypt"> 258 </div> 259</form> 260END; 261 262} 263 264function get_session_var($name, $is_html_encode) 265{ 266 $value = ''; 267 if (isset($_SESSION[$name])) { 268 $value = $_SESSION[$name]; 269 } 270 $_SESSION[$name] = $value; 271 272 return $is_html_encode ? htmlspecialchars($value) : $value; 273} 274 275// error handler 276function check_error(&$obj) 277{ 278 if ($obj->isError()) { 279 $error = $obj->getLastError(); 280 switch ($error->getCode()) { 281 case CRYPT_RSA_ERROR_WRONG_TAIL : 282 // nothing to do 283 break; 284 default: 285 // echo error message and exit 286 echo 'error: ', $error->getMessage(); 287 exit; 288 } 289 } 290} 291 292?>