Class yii\authclient\signature\RsaSha
Inheritance | yii\authclient\signature\RsaSha » yii\authclient\signature\BaseMethod » yii\base\BaseObject |
---|---|
Subclasses | yii\authclient\signature\RsaSha1 |
Available since extension's version | 2.1.3 |
Source Code | https://github.com/yiisoft/yii2-authclient/blob/master/src/signature/RsaSha.php |
RsaSha1 represents 'SHAwithRSA' (also known as RSASSA-PKCS1-V1_5-SIGN with the SHA hash) signature method.
Note: This class requires PHP "OpenSSL" extension(https://php.net/manual/en/book.openssl.php).
Public Properties
Property | Type | Description | Defined By |
---|---|---|---|
$_privateCertificate | string | OpenSSL private key certificate content. | yii\authclient\signature\RsaSha |
$_publicCertificate | string | OpenSSL public key certificate content. | yii\authclient\signature\RsaSha |
$algorithm | integer|string | Signature hash algorithm, e.g. OPENSSL_ALGO_SHA1 , OPENSSL_ALGO_SHA256 and so on. |
yii\authclient\signature\RsaSha |
$privateCertificate | string | Private key certificate content. | yii\authclient\signature\RsaSha |
$privateCertificateFile | string | Path to the file, which holds private key certificate. | yii\authclient\signature\RsaSha |
$publicCertificate | string | Public key certificate content. | yii\authclient\signature\RsaSha |
$publicCertificateFile | string | Path to the file, which holds public key certificate. | yii\authclient\signature\RsaSha |
Public Methods
Method | Description | Defined By |
---|---|---|
generateSignature() | Generates OAuth request signature. | yii\authclient\signature\RsaSha |
getName() | Return the canonical name of the Signature Method. | yii\authclient\signature\RsaSha |
getPrivateCertificate() | yii\authclient\signature\RsaSha | |
getPublicCertificate() | yii\authclient\signature\RsaSha | |
init() | yii\authclient\signature\RsaSha | |
setPrivateCertificate() | yii\authclient\signature\RsaSha | |
setPublicCertificate() | yii\authclient\signature\RsaSha | |
verify() | Verifies given OAuth request. | yii\authclient\signature\RsaSha |
Protected Methods
Method | Description | Defined By |
---|---|---|
initPrivateCertificate() | Creates initial value for $privateCertificate. | yii\authclient\signature\RsaSha |
initPublicCertificate() | Creates initial value for $publicCertificate. | yii\authclient\signature\RsaSha |
Property Details
OpenSSL private key certificate content. This value can be fetched from file specified by $privateCertificateFile.
OpenSSL public key certificate content. This value can be fetched from file specified by $publicCertificateFile.
Signature hash algorithm, e.g. OPENSSL_ALGO_SHA1
, OPENSSL_ALGO_SHA256
and so on.
See also https://php.net/manual/en/openssl.signature-algos.php.
Private key certificate content.
Path to the file, which holds private key certificate.
Public key certificate content.
Path to the file, which holds public key certificate.
Method Details
Generates OAuth request signature.
public string generateSignature ( $baseString, $key ) | ||
$baseString | string |
Signature base string. |
$key | string |
Signature key. |
return | string |
Signature string. |
---|
public function generateSignature($baseString, $key)
{
$privateCertificateContent = $this->getPrivateCertificate();
// Pull the private key ID from the certificate
$privateKeyId = openssl_pkey_get_private($privateCertificateContent, $key);
// Sign using the key
openssl_sign($baseString, $signature, $privateKeyId, $this->algorithm);
if (\PHP_VERSION_ID < 80000) {
// Release the key resource. Done automatically in PHP 8
openssl_free_key($privateKeyId);
}
return base64_encode($signature);
}
Return the canonical name of the Signature Method.
public string getName ( ) | ||
return | string |
Method name. |
---|
public function getName()
{
if (is_int($this->algorithm)) {
$constants = get_defined_constants(true);
if (isset($constants['openssl'])) {
foreach ($constants['openssl'] as $name => $value) {
if (strpos($name, 'OPENSSL_ALGO_') !== 0) {
continue;
}
if ($value === $this->algorithm) {
$algorithmName = substr($name, strlen('OPENSSL_ALGO_'));
break;
}
}
}
if (!isset($algorithmName)) {
throw new InvalidConfigException("Unable to determine name of algorithm '{$this->algorithm}'");
}
} else {
$algorithmName = strtoupper($this->algorithm);
}
return 'RSA-' . $algorithmName;
}
public string getPrivateCertificate ( ) | ||
return | string |
Private key certificate content. |
---|
public function getPrivateCertificate()
{
if ($this->_privateCertificate === null) {
$this->_privateCertificate = $this->initPrivateCertificate();
}
return $this->_privateCertificate;
}
public string getPublicCertificate ( ) | ||
return | string |
Public key certificate content. |
---|
public function getPublicCertificate()
{
if ($this->_publicCertificate === null) {
$this->_publicCertificate = $this->initPublicCertificate();
}
return $this->_publicCertificate;
}
public void init ( ) |
public function init()
{
if (!function_exists('openssl_sign')) {
throw new NotSupportedException('PHP "OpenSSL" extension is required.');
}
}
Creates initial value for $privateCertificate.
This method will attempt to fetch the certificate value from $privateCertificateFile file.
protected string initPrivateCertificate ( ) | ||
return | string |
Private certificate content. |
---|---|---|
throws | \yii\base\InvalidConfigException |
on failure. |
protected function initPrivateCertificate()
{
if (!empty($this->privateCertificateFile)) {
if (!file_exists($this->privateCertificateFile)) {
throw new InvalidConfigException("Private certificate file '{$this->privateCertificateFile}' does not exist!");
}
return file_get_contents($this->privateCertificateFile);
}
return '';
}
Creates initial value for $publicCertificate.
This method will attempt to fetch the certificate value from $publicCertificateFile file.
protected string initPublicCertificate ( ) | ||
return | string |
Public certificate content. |
---|---|---|
throws | \yii\base\InvalidConfigException |
on failure. |
protected function initPublicCertificate()
{
if (!empty($this->publicCertificateFile)) {
if (!file_exists($this->publicCertificateFile)) {
throw new InvalidConfigException("Public certificate file '{$this->publicCertificateFile}' does not exist!");
}
return file_get_contents($this->publicCertificateFile);
}
return '';
}
public void setPrivateCertificate ( $privateCertificate ) | ||
$privateCertificate | string |
Private key certificate content. |
public function setPrivateCertificate($privateCertificate)
{
$this->_privateCertificate = $privateCertificate;
}
public void setPublicCertificate ( $publicCertificate ) | ||
$publicCertificate | string |
Public key certificate content. |
public function setPublicCertificate($publicCertificate)
{
$this->_publicCertificate = $publicCertificate;
}
Verifies given OAuth request.
public boolean verify ( $signature, $baseString, $key ) | ||
$signature | string |
Signature to be verified. |
$baseString | string |
Signature base string. |
$key | string |
Signature key. |
return | boolean |
Success. |
---|
public function verify($signature, $baseString, $key)
{
$decodedSignature = base64_decode($signature);
// Fetch the public key cert based on the request
$publicCertificate = $this->getPublicCertificate();
// Pull the public key ID from the certificate
$publicKeyId = openssl_pkey_get_public($publicCertificate);
// Check the computed signature against the one passed in the query
$verificationResult = openssl_verify($baseString, $decodedSignature, $publicKeyId, $this->algorithm);
if (\PHP_VERSION_ID < 80000) {
// Release the key resource. Done automatically in PHP 8
openssl_free_key($publicKeyId);
}
return ($verificationResult == 1);
}