Class yii\authclient\signature\RsaSha

Inheritanceyii\authclient\signature\RsaSha » yii\authclient\signature\BaseMethod » yii\base\BaseObject
Subclassesyii\authclient\signature\RsaSha1
Available since extension's version2.1.3
Source Code https://github.com/yiisoft/yii2-authclient/blob/master/src/signature/RsaSha.php

RsaSha1 represents 'SHAwithRSA' (also known as RSASSA-PKCS1-V1_5-SIGN with the SHA hash) signature method.

Note: This class requires PHP "OpenSSL" extension(http://php.net/manual/en/book.openssl.php).

Public Properties

Hide inherited properties

Property Type Description Defined By
$_privateCertificate string OpenSSL private key certificate content. yii\authclient\signature\RsaSha
$_publicCertificate string OpenSSL public key certificate content. yii\authclient\signature\RsaSha
$algorithm integer|string Signature hash algorithm, e.g. OPENSSL_ALGO_SHA1, OPENSSL_ALGO_SHA256 and so on. yii\authclient\signature\RsaSha
$privateCertificate string Private key certificate content. yii\authclient\signature\RsaSha
$privateCertificateFile string Path to the file, which holds private key certificate. yii\authclient\signature\RsaSha
$publicCertificate string Public key certificate content. yii\authclient\signature\RsaSha
$publicCertificateFile string Path to the file, which holds public key certificate. yii\authclient\signature\RsaSha

Protected Properties

Hide inherited properties

Property Type Description Defined By

Property Details

Hide inherited properties

$_privateCertificate protected property

OpenSSL private key certificate content. This value can be fetched from file specified by $privateCertificateFile.

protected string $_privateCertificate null
$_publicCertificate protected property

OpenSSL public key certificate content. This value can be fetched from file specified by $publicCertificateFile.

protected string $_publicCertificate null
$algorithm public property

Signature hash algorithm, e.g. OPENSSL_ALGO_SHA1, OPENSSL_ALGO_SHA256 and so on.

See also http://php.net/manual/en/openssl.signature-algos.php.

public integer|string $algorithm null
$privateCertificate public property

Private key certificate content.

$privateCertificateFile public property

Path to the file, which holds private key certificate.

$publicCertificate public property

Public key certificate content.

public string $publicCertificate null
$publicCertificateFile public property

Path to the file, which holds public key certificate.

Method Details

Hide inherited methods

generateSignature() public method

Generates OAuth request signature.

public string generateSignature ( $baseString, $key )
$baseString string

Signature base string.

$key string

Signature key.

return string

Signature string.

                public function generateSignature($baseString, $key)
{
    $privateCertificateContent = $this->getPrivateCertificate();
    // Pull the private key ID from the certificate
    $privateKeyId = openssl_pkey_get_private($privateCertificateContent, $key);
    // Sign using the key
    openssl_sign($baseString, $signature, $privateKeyId, $this->algorithm);
    // Release the key resource
    openssl_free_key($privateKeyId);
    return base64_encode($signature);
}

            
getName() public method

Return the canonical name of the Signature Method.

public string getName ( )
return string

Method name.

                public function getName()
{
    if (is_int($this->algorithm)) {
        $constants = get_defined_constants(true);
        if (isset($constants['openssl'])) {
            foreach ($constants['openssl'] as $name => $value) {
                if (strpos($name, 'OPENSSL_ALGO_') !== 0) {
                    continue;
                }
                if ($value === $this->algorithm) {
                    $algorithmName = substr($name, strlen('OPENSSL_ALGO_'));
                    break;
                }
            }
        }
        if (!isset($algorithmName)) {
            throw new InvalidConfigException("Unable to determine name of algorithm '{$this->algorithm}'");
        }
    } else {
        $algorithmName = strtoupper($this->algorithm);
    }
    return 'RSA-' . $algorithmName;
}

            
getPrivateCertificate() public method

public string getPrivateCertificate ( )
return string

Private key certificate content.

                public function getPrivateCertificate()
{
    if ($this->_privateCertificate === null) {
        $this->_privateCertificate = $this->initPrivateCertificate();
    }
    return $this->_privateCertificate;
}

            
getPublicCertificate() public method

public string getPublicCertificate ( )
return string

Public key certificate content.

                public function getPublicCertificate()
{
    if ($this->_publicCertificate === null) {
        $this->_publicCertificate = $this->initPublicCertificate();
    }
    return $this->_publicCertificate;
}

            
init() public method

public void init ( )

                public function init()
{
    if (!function_exists('openssl_sign')) {
        throw new NotSupportedException('PHP "OpenSSL" extension is required.');
    }
}

            
initPrivateCertificate() protected method

Creates initial value for $privateCertificate.

This method will attempt to fetch the certificate value from $privateCertificateFile file.

protected string initPrivateCertificate ( )
return string

Private certificate content.

throws \yii\base\InvalidConfigException

on failure.

                protected function initPrivateCertificate()
{
    if (!empty($this->privateCertificateFile)) {
        if (!file_exists($this->privateCertificateFile)) {
            throw new InvalidConfigException("Private certificate file '{$this->privateCertificateFile}' does not exist!");
        }
        return file_get_contents($this->privateCertificateFile);
    }
    return '';
}

            
initPublicCertificate() protected method

Creates initial value for $publicCertificate.

This method will attempt to fetch the certificate value from $publicCertificateFile file.

protected string initPublicCertificate ( )
return string

Public certificate content.

throws \yii\base\InvalidConfigException

on failure.

                protected function initPublicCertificate()
{
    if (!empty($this->publicCertificateFile)) {
        if (!file_exists($this->publicCertificateFile)) {
            throw new InvalidConfigException("Public certificate file '{$this->publicCertificateFile}' does not exist!");
        }
        return file_get_contents($this->publicCertificateFile);
    }
    return '';
}

            
setPrivateCertificate() public method

public void setPrivateCertificate ( $privateCertificate )
$privateCertificate string

Private key certificate content.

                public function setPrivateCertificate($privateCertificate)
{
    $this->_privateCertificate = $privateCertificate;
}

            
setPublicCertificate() public method

public void setPublicCertificate ( $publicCertificate )
$publicCertificate string

Public key certificate content.

                public function setPublicCertificate($publicCertificate)
{
    $this->_publicCertificate = $publicCertificate;
}

            
verify() public method

Verifies given OAuth request.

public boolean verify ( $signature, $baseString, $key )
$signature string

Signature to be verified.

$baseString string

Signature base string.

$key string

Signature key.

return boolean

Success.

                public function verify($signature, $baseString, $key)
{
    $decodedSignature = base64_decode($signature);
    // Fetch the public key cert based on the request
    $publicCertificate = $this->getPublicCertificate();
    // Pull the public key ID from the certificate
    $publicKeyId = openssl_pkey_get_public($publicCertificate);
    // Check the computed signature against the one passed in the query
    $verificationResult = openssl_verify($baseString, $decodedSignature, $publicKeyId, $this->algorithm);
    // Release the key resource
    openssl_free_key($publicKeyId);
    return ($verificationResult == 1);
}