From be2f2e6bb71532cbfef3958636cb57b183caf174 Mon Sep 17 00:00:00 2001 From: Brent Shaffer Date: Mon, 2 May 2022 18:12:05 -0600 Subject: [PATCH 1/6] feat: add support for phpseclib3 --- Core/src/Testing/KeyPairGenerateTrait.php | 12 +++++------- Storage/composer.json | 2 +- Storage/src/EncryptionTrait.php | 17 +++++++++++------ composer.json | 2 +- 4 files changed, 18 insertions(+), 15 deletions(-) diff --git a/Core/src/Testing/KeyPairGenerateTrait.php b/Core/src/Testing/KeyPairGenerateTrait.php index eb7a046a2627..baa97f3452c5 100644 --- a/Core/src/Testing/KeyPairGenerateTrait.php +++ b/Core/src/Testing/KeyPairGenerateTrait.php @@ -18,7 +18,7 @@ namespace Google\Cloud\Core\Testing; use Google\Cloud\Storage\EncryptionTrait; -use phpseclib\Crypt\RSA; +use phpseclib3\Crypt\RSA; /** * Trait KeyPairGenerateTrait implements key pair generation functions used for testing @@ -32,13 +32,11 @@ trait KeyPairGenerateTrait private function getKeyPair() { - $rsa = new RSA; - $rsa->setSignatureMode(RSA::SIGNATURE_PKCS1); - $rsa->setHash('sha256'); + $key = (RSA::createKey()) + ->withPadding(RSA::SIGNATURE_PKCS1) + ->withHash('sha256'); - $key = $rsa->createKey(); - usleep(500); - return [$key['privatekey'], $key['publickey']]; + return [$key->toString('PKCS1'), $key->getPublicKey()]; } private function verifySignature($privateKey, $input, $signature) diff --git a/Storage/composer.json b/Storage/composer.json index e71f4ab71dfe..55430c474f5c 100644 --- a/Storage/composer.json +++ b/Storage/composer.json @@ -12,7 +12,7 @@ "squizlabs/php_codesniffer": "2.*", "phpdocumentor/reflection": "^3.0", "erusev/parsedown": "^1.6", - "phpseclib/phpseclib": "^2", + "phpseclib/phpseclib": "^3.0", "google/cloud-pubsub": "^1.0" }, "suggest": { diff --git a/Storage/src/EncryptionTrait.php b/Storage/src/EncryptionTrait.php index 0287ecf205b3..56b97fdd0aff 100644 --- a/Storage/src/EncryptionTrait.php +++ b/Storage/src/EncryptionTrait.php @@ -17,7 +17,8 @@ namespace Google\Cloud\Storage; -use phpseclib\Crypt\RSA; +use phpseclib\Crypt\RSA as RSA2; +use phpseclib3\Crypt\RSA as RSA3; /** * Trait which provides helper methods for customer-supplied encryption. @@ -127,13 +128,17 @@ protected function signString($privateKey, $data, $forceOpenssl = false) { $signature = ''; - if (class_exists(RSA::class) && !$forceOpenssl) { - $rsa = new RSA; - $rsa->loadKey($privateKey); - $rsa->setSignatureMode(RSA::SIGNATURE_PKCS1); - $rsa->setHash('sha256'); + if (class_exists(RSA3::class) && !$forceOpenssl) { + $rsa = (RSA3::loadPrivateKey($privateKey)) + ->withPadding(RSA3::SIGNATURE_PKCS1) + ->withHash('sha256'); $signature = $rsa->sign($data); + } elseif (class_exists(RSA2::class) && !$forceOpenssl) { + $rsa = new RSA2; + $rsa->loadKey($privateKey); + $rsa->setSignatureMode(RSA2::SIGNATURE_PKCS1); + $rsa->setHash('sha256'); } elseif (extension_loaded('openssl')) { openssl_sign($data, $signature, $privateKey, 'sha256WithRSAEncryption'); } else { diff --git a/composer.json b/composer.json index d374b0a9fcfd..cd331084298e 100644 --- a/composer.json +++ b/composer.json @@ -63,7 +63,7 @@ "erusev/parsedown": "^1.6", "vierbergenlars/php-semver": "^3.0", "symfony/lock": "3.3.x-dev#1ba6ac9", - "phpseclib/phpseclib": "^2", + "phpseclib/phpseclib": "^3.0", "google/cloud-tools": "^0.12.0", "opis/closure": "^3.0", "swaggest/json-schema": "^0.12.0", From cd741796e42049e82d883221fa6631e1d48ae8f9 Mon Sep 17 00:00:00 2001 From: Brent Shaffer Date: Mon, 2 May 2022 18:14:04 -0600 Subject: [PATCH 2/6] sign data for phpseclib2 --- Storage/src/EncryptionTrait.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Storage/src/EncryptionTrait.php b/Storage/src/EncryptionTrait.php index 56b97fdd0aff..227729e304a2 100644 --- a/Storage/src/EncryptionTrait.php +++ b/Storage/src/EncryptionTrait.php @@ -139,6 +139,8 @@ protected function signString($privateKey, $data, $forceOpenssl = false) $rsa->loadKey($privateKey); $rsa->setSignatureMode(RSA2::SIGNATURE_PKCS1); $rsa->setHash('sha256'); + + $signature = $rsa->sign($data); } elseif (extension_loaded('openssl')) { openssl_sign($data, $signature, $privateKey, 'sha256WithRSAEncryption'); } else { From d700c755cc563b1b0caa44f98a67f1df3726dac5 Mon Sep 17 00:00:00 2001 From: Brent Shaffer Date: Tue, 3 May 2022 12:36:47 -0600 Subject: [PATCH 3/6] fixes for php 5 --- Storage/composer.json | 2 +- Storage/src/EncryptionTrait.php | 4 ++-- composer.json | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Storage/composer.json b/Storage/composer.json index 55430c474f5c..eb344c52c966 100644 --- a/Storage/composer.json +++ b/Storage/composer.json @@ -12,7 +12,7 @@ "squizlabs/php_codesniffer": "2.*", "phpdocumentor/reflection": "^3.0", "erusev/parsedown": "^1.6", - "phpseclib/phpseclib": "^3.0", + "phpseclib/phpseclib": "^2.0||^3.0", "google/cloud-pubsub": "^1.0" }, "suggest": { diff --git a/Storage/src/EncryptionTrait.php b/Storage/src/EncryptionTrait.php index 227729e304a2..4ffe8ca1b168 100644 --- a/Storage/src/EncryptionTrait.php +++ b/Storage/src/EncryptionTrait.php @@ -129,8 +129,8 @@ protected function signString($privateKey, $data, $forceOpenssl = false) $signature = ''; if (class_exists(RSA3::class) && !$forceOpenssl) { - $rsa = (RSA3::loadPrivateKey($privateKey)) - ->withPadding(RSA3::SIGNATURE_PKCS1) + $rsa = RSA3::loadPrivateKey($privateKey); + $rsa = $rsa->withPadding(RSA3::SIGNATURE_PKCS1) ->withHash('sha256'); $signature = $rsa->sign($data); diff --git a/composer.json b/composer.json index cd331084298e..e8a153de7129 100644 --- a/composer.json +++ b/composer.json @@ -63,7 +63,7 @@ "erusev/parsedown": "^1.6", "vierbergenlars/php-semver": "^3.0", "symfony/lock": "3.3.x-dev#1ba6ac9", - "phpseclib/phpseclib": "^3.0", + "phpseclib/phpseclib": "^2.0||^3.0", "google/cloud-tools": "^0.12.0", "opis/closure": "^3.0", "swaggest/json-schema": "^0.12.0", From a71ff33a5d341024a6786d06edb34209dddbe004 Mon Sep 17 00:00:00 2001 From: Brent Shaffer Date: Tue, 3 May 2022 12:48:56 -0600 Subject: [PATCH 4/6] syntax fix for php 5 --- Core/src/Testing/KeyPairGenerateTrait.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Core/src/Testing/KeyPairGenerateTrait.php b/Core/src/Testing/KeyPairGenerateTrait.php index baa97f3452c5..830c6d6ac46c 100644 --- a/Core/src/Testing/KeyPairGenerateTrait.php +++ b/Core/src/Testing/KeyPairGenerateTrait.php @@ -32,8 +32,8 @@ trait KeyPairGenerateTrait private function getKeyPair() { - $key = (RSA::createKey()) - ->withPadding(RSA::SIGNATURE_PKCS1) + $key = RSA::createKey(); + $key = $key->withPadding(RSA::SIGNATURE_PKCS1) ->withHash('sha256'); return [$key->toString('PKCS1'), $key->getPublicKey()]; From d01b36eac604e5eec024ee191a3d9d6cbf7ec152 Mon Sep 17 00:00:00 2001 From: Brent Shaffer Date: Tue, 3 May 2022 12:55:41 -0600 Subject: [PATCH 5/6] add support for phpseclib2 in tests --- Core/src/Testing/KeyPairGenerateTrait.php | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/Core/src/Testing/KeyPairGenerateTrait.php b/Core/src/Testing/KeyPairGenerateTrait.php index 830c6d6ac46c..197c73f46e9b 100644 --- a/Core/src/Testing/KeyPairGenerateTrait.php +++ b/Core/src/Testing/KeyPairGenerateTrait.php @@ -18,7 +18,8 @@ namespace Google\Cloud\Core\Testing; use Google\Cloud\Storage\EncryptionTrait; -use phpseclib3\Crypt\RSA; +use phpseclib\Crypt\RSA as RSA2; +use phpseclib3\Crypt\RSA as RSA3; /** * Trait KeyPairGenerateTrait implements key pair generation functions used for testing @@ -32,11 +33,21 @@ trait KeyPairGenerateTrait private function getKeyPair() { - $key = RSA::createKey(); - $key = $key->withPadding(RSA::SIGNATURE_PKCS1) - ->withHash('sha256'); + if (class_exists(RSA3::class)) { + $key = (RSA3::createKey()) + ->withPadding(RSA3::SIGNATURE_PKCS1) + ->withHash('sha256'); - return [$key->toString('PKCS1'), $key->getPublicKey()]; + return [$key->toString('PKCS1'), $key->getPublicKey()]; + } + + $rsa = new RSA2; + $rsa->setSignatureMode(RSA2::SIGNATURE_PKCS1); + $rsa->setHash('sha256'); + + $key = $rsa->createKey(); + usleep(500); + return [$key['privatekey'], $key['publickey']]; } private function verifySignature($privateKey, $input, $signature) From 4a8b1c457037a17a8d9a28add4c31ce90fa7091c Mon Sep 17 00:00:00 2001 From: Brent Shaffer Date: Tue, 3 May 2022 19:49:19 -0500 Subject: [PATCH 6/6] fix php5 syntax again --- Core/src/Testing/KeyPairGenerateTrait.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Core/src/Testing/KeyPairGenerateTrait.php b/Core/src/Testing/KeyPairGenerateTrait.php index 197c73f46e9b..4dab7f6d551f 100644 --- a/Core/src/Testing/KeyPairGenerateTrait.php +++ b/Core/src/Testing/KeyPairGenerateTrait.php @@ -34,8 +34,8 @@ trait KeyPairGenerateTrait private function getKeyPair() { if (class_exists(RSA3::class)) { - $key = (RSA3::createKey()) - ->withPadding(RSA3::SIGNATURE_PKCS1) + $key = RSA3::createKey(); + $key = $key->withPadding(RSA3::SIGNATURE_PKCS1) ->withHash('sha256'); return [$key->toString('PKCS1'), $key->getPublicKey()];