PHP Class SimpleSAML\Utils\Crypto

Show file Open project: simplesamlphp/simplesamlphp Class Usage Examples

Public Methods

Method Description
aesDecrypt ( string $ciphertext ) : string Decrypt data using AES-256-CBC and the system-wide secret salt as key.
aesEncrypt ( string $data ) : string Encrypt data using AES-256-CBC and the system-wide secret salt as key.
loadPrivateKey ( SimpleSAML_Configuration $metadata, boolean $required = false, string $prefix = '' ) : array | null Load a private key from metadata.
loadPublicKey ( SimpleSAML_Configuration $metadata, boolean $required = false, string $prefix = '' ) : array | null Get public key or certificate from metadata.
pwHash ( string $password, string $algorithm, string $salt = null ) : string This function hashes a password with a given algorithm.
pwValid ( string $hash, string $password ) : boolean This function checks if a password is valid

Private Methods

Method Description
_aesDecrypt ( string $ciphertext, string $secret ) : string Decrypt data using AES-256-CBC and the key provided as a parameter.
_aesEncrypt ( string $data, string $secret ) : string Encrypt data using AES-256-CBC and the key provided as a parameter.

Method Details

aesDecrypt() public static method

Decrypt data using AES-256-CBC and the system-wide secret salt as key.
Author: Andreas Solberg, UNINETT AS ([email protected])
Author: Jaime Perez, UNINETT AS ([email protected])
public static aesDecrypt ( string $ciphertext ) : string
$ciphertext string The IV used and the encrypted data, concatenated.
return string The decrypted data.

aesEncrypt() public static method

Encrypt data using AES-256-CBC and the system-wide secret salt as key.
Author: Andreas Solberg, UNINETT AS ([email protected])
Author: Jaime Perez, UNINETT AS ([email protected])
public static aesEncrypt ( string $data ) : string
$data string The data to encrypt.
return string The IV and encrypted data concatenated.

loadPrivateKey() public static method

This function loads a private key from a metadata array. It looks for the following elements: - 'privatekey': Name of a private key file in the cert-directory. - 'privatekey_pass': Password for the private key. It returns and array with the following elements: - 'PEM': Data for the private key, in PEM-format. - 'password': Password for the private key.
Author: Andreas Solberg, UNINETT AS ([email protected])
Author: Olav Morken, UNINETT AS ([email protected])
public static loadPrivateKey ( SimpleSAML_Configuration $metadata, boolean $required = false, string $prefix = '' ) : array | null
$metadata SimpleSAML_Configuration The metadata array the private key should be loaded from.
$required boolean Whether the private key is required. If this is true, a missing key will cause an exception. Defaults to false.
$prefix string The prefix which should be used when reading from the metadata array. Defaults to ''.
return array | null Extracted private key, or NULL if no private key is present.

loadPublicKey() public static method

This function implements a function to retrieve the public key or certificate from a metadata array. It will search for the following elements in the metadata: - 'certData': The certificate as a base64-encoded string. - 'certificate': A file with a certificate or public key in PEM-format. - 'certFingerprint': The fingerprint of the certificate. Can be a single fingerprint, or an array of multiple valid fingerprints. (deprecated) This function will return an array with these elements: - 'PEM': The public key/certificate in PEM-encoding. - 'certData': The certificate data, base64 encoded, on a single line. (Only present if this is a certificate.) - 'certFingerprint': Array of valid certificate fingerprints. (Deprecated. Only present if this is a certificate.)
Author: Andreas Solberg, UNINETT AS ([email protected])
Author: Olav Morken, UNINETT AS ([email protected])
Author: Lasse Birnbaum Jensen
public static loadPublicKey ( SimpleSAML_Configuration $metadata, boolean $required = false, string $prefix = '' ) : array | null
$metadata SimpleSAML_Configuration The metadata.
$required boolean Whether the private key is required. If this is TRUE, a missing key will cause an exception. Default is FALSE.
$prefix string The prefix which should be used when reading from the metadata array. Defaults to ''.
return array | null Public key or certificate data, or NULL if no public key or certificate was found.

pwHash() public static method

This function hashes a password with a given algorithm.
See also: hash_algos()
Author: Dyonisius Visser, TERENA ([email protected])
Author: Jaime Perez, UNINETT AS ([email protected])
public static pwHash ( string $password, string $algorithm, string $salt = null ) : string
$password string The password to hash.
$algorithm string The hashing algorithm, uppercase, optionally prepended with 'S' (salted). See hash_algos() for a complete list of hashing algorithms.
$salt string An optional salt to use.
return string The hashed password.

pwValid() public static method

This function checks if a password is valid
Author: Dyonisius Visser, TERENA ([email protected])
public static pwValid ( string $hash, string $password ) : boolean
$hash string The password as it appears in password file, optionally prepended with algorithm.
$password string The password to check in clear.
return boolean True if the hash corresponds with the given password, false otherwise.