forked from phpecc/phpecc
-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #26 from paragonie/better-curve-factory
Better Factories
- Loading branch information
Showing
26 changed files
with
406 additions
and
42 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,61 @@ | ||
| <?php | ||
| declare(strict_types=1); | ||
| namespace Mdanter\Ecc\Curves; | ||
|
|
||
| use Mdanter\Ecc\Exception\InsecureCurveException; | ||
| use Mdanter\Ecc\Primitives\GeneratorPoint; | ||
| use Mdanter\Ecc\Random\RandomNumberGeneratorInterface; | ||
|
|
||
| class SecureBrainpoolCurve extends BrainpoolCurve | ||
| { | ||
| public function curve256r1(): NamedCurveFp | ||
| { | ||
| $curve = parent::curve256r1(); | ||
| if (!$curve->isOpensslAvailable()) { | ||
| throw new InsecureCurveException('Cannot securely use non-optimized brainpoolP256r1 without OpenSSL support'); | ||
| } | ||
| return $curve; | ||
| } | ||
|
|
||
| public function curve384r1(): NamedCurveFp | ||
| { | ||
| $curve = parent::curve384r1(); | ||
| if (!$curve->isOpensslAvailable()) { | ||
| throw new InsecureCurveException('Cannot securely use non-optimized brainpoolP384r1 without OpenSSL support'); | ||
| } | ||
| return $curve; | ||
| } | ||
|
|
||
| public function curve512r1(): NamedCurveFp | ||
| { | ||
| $curve = parent::curve512r1(); | ||
| if (!$curve->isOpensslAvailable()) { | ||
| throw new InsecureCurveException('Cannot securely use non-optimized brainpoolP512r1 without OpenSSL support'); | ||
| } | ||
| return $curve; | ||
| } | ||
|
|
||
| /** | ||
| * @inheritDoc | ||
| */ | ||
| public function generator256r1(RandomNumberGeneratorInterface $randomGenerator = null, bool $optimized = true): GeneratorPoint | ||
| { | ||
| return parent::generator256r1($randomGenerator, $optimized); | ||
| } | ||
|
|
||
| /** | ||
| * @inheritDoc | ||
| */ | ||
| public function generator384r1(RandomNumberGeneratorInterface $randomGenerator = null, bool $optimized = true): GeneratorPoint | ||
| { | ||
| return parent::generator384r1($randomGenerator, $optimized); | ||
| } | ||
|
|
||
| /** | ||
| * @inheritDoc | ||
| */ | ||
| public function generator512r1(RandomNumberGeneratorInterface $randomGenerator = null, bool $optimized = true): GeneratorPoint | ||
| { | ||
| return parent::generator512r1($randomGenerator, $optimized); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| <?php | ||
|
|
||
| namespace Mdanter\Ecc\Curves; | ||
|
|
||
| use Mdanter\Ecc\Math\GmpMathInterface; | ||
| use Mdanter\Ecc\Math\MathAdapterFactory; | ||
|
|
||
| /** | ||
| * Similar to CurveFactory, but only returns secure implementations | ||
| */ | ||
| class SecureCurveFactory extends CurveFactory | ||
| { | ||
| /** | ||
| * @param GmpMathInterface $math | ||
| * @return NistCurve | ||
| */ | ||
| private static function getNistFactory(GmpMathInterface $math): NistCurve | ||
| { | ||
| return new SecureNistCurve($math); | ||
| } | ||
|
|
||
| /** | ||
| * @param GmpMathInterface $math | ||
| * @return BrainpoolCurve | ||
| */ | ||
| private static function getBrainpoolFactory(GmpMathInterface $math): BrainpoolCurve | ||
| { | ||
| return new SecureBrainpoolCurve($math); | ||
| } | ||
|
|
||
| /** | ||
| * @param GmpMathInterface $math | ||
| * @return SecgCurve | ||
| */ | ||
| private static function getSecpFactory(GmpMathInterface $math): SecgCurve | ||
| { | ||
| return new SecureSecgCurve($math); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,116 @@ | ||
| <?php | ||
| declare(strict_types=1); | ||
| namespace Mdanter\Ecc\Curves; | ||
|
|
||
| use Mdanter\Ecc\Exception\InsecureCurveException; | ||
| use Mdanter\Ecc\Primitives\GeneratorPoint; | ||
| use Mdanter\Ecc\Random\RandomNumberGeneratorInterface; | ||
|
|
||
| /** | ||
| * Selects secure NIST curves | ||
| */ | ||
| class SecureNistCurve extends NistCurve | ||
| { | ||
| public function curve192(): NamedCurveFp | ||
| { | ||
| throw new InsecureCurveException('P-192 is not a secure elliptic curve'); | ||
| } | ||
|
|
||
| public function curve224(): NamedCurveFp | ||
| { | ||
| throw new InsecureCurveException('P-224 is not a secure elliptic curve'); | ||
| } | ||
|
|
||
| /** | ||
| * @return NamedCurveFp | ||
| * @throws InsecureCurveException | ||
| */ | ||
| public function curve256(): NamedCurveFp | ||
| { | ||
| $curve = parent::curve256(); | ||
| if (!$curve->isOpensslAvailable()) { | ||
| throw new InsecureCurveException('Cannot securely use non-optimized P-256 without OpenSSL support'); | ||
| } | ||
| return $curve; | ||
| } | ||
|
|
||
| /** | ||
| * @return NamedCurveFp | ||
| * @throws InsecureCurveException | ||
| */ | ||
| public function curve384(): NamedCurveFp | ||
| { | ||
| $curve = parent::curve384(); | ||
| if (!$curve->isOpensslAvailable()) { | ||
| throw new InsecureCurveException('Cannot securely use non-optimized P-384 without OpenSSL support'); | ||
| } | ||
| return $curve; | ||
| } | ||
|
|
||
| /** | ||
| * @return NamedCurveFp | ||
| * @throws InsecureCurveException | ||
| */ | ||
| public function curve521(): NamedCurveFp | ||
| { | ||
| $curve = parent::curve521(); | ||
| if (!$curve->isOpensslAvailable()) { | ||
| throw new InsecureCurveException('Cannot securely use non-optimized P-521 without OpenSSL support'); | ||
| } | ||
| return $curve; | ||
| } | ||
|
|
||
| /** | ||
| * @param RandomNumberGeneratorInterface|null $randomGenerator | ||
| * @throws InsecureCurveException | ||
| */ | ||
| public function generator192(?RandomNumberGeneratorInterface $randomGenerator = null): GeneratorPoint | ||
| { | ||
| throw new InsecureCurveException('P-192 is not a secure elliptic curve'); | ||
| } | ||
|
|
||
| /** | ||
| * @param RandomNumberGeneratorInterface|null $randomGenerator | ||
| * @throws InsecureCurveException | ||
| */ | ||
| public function generator224(?RandomNumberGeneratorInterface $randomGenerator = null): GeneratorPoint | ||
| { | ||
| throw new InsecureCurveException('P-224 is not a secure elliptic curve'); | ||
| } | ||
|
|
||
| /** | ||
| * Returns an NIST P-256 generator. | ||
| * | ||
| * @param ?RandomNumberGeneratorInterface $randomGenerator | ||
| * @param bool $optimized | ||
| * @return GeneratorPoint | ||
| */ | ||
| public function generator256(?RandomNumberGeneratorInterface $randomGenerator = null, bool $optimized = true): GeneratorPoint | ||
| { | ||
| return parent::generator256($randomGenerator, $optimized); | ||
| } | ||
|
|
||
| /** | ||
| * Returns an NIST P-384 generator. | ||
| * | ||
| * @param ?RandomNumberGeneratorInterface $randomGenerator | ||
| * @param bool $optimized | ||
| * @return GeneratorPoint | ||
| */ | ||
| public function generator384(?RandomNumberGeneratorInterface $randomGenerator = null, bool $optimized = true): GeneratorPoint | ||
| { | ||
| return parent::generator384($randomGenerator, $optimized); | ||
| } | ||
|
|
||
| /** | ||
| * Returns an NIST P-521 generator. | ||
| * | ||
| * @param ?RandomNumberGeneratorInterface $randomGenerator | ||
| * @param bool $optimized | ||
| * @return GeneratorPoint | ||
| */ | ||
| public function generator521(?RandomNumberGeneratorInterface $randomGenerator = null, bool $optimized = true): GeneratorPoint | ||
| { | ||
| return parent::generator521($randomGenerator, $optimized); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,81 @@ | ||
| <?php | ||
| declare(strict_types=1); | ||
| namespace Mdanter\Ecc\Curves; | ||
|
|
||
| use Mdanter\Ecc\Exception\InsecureCurveException; | ||
| use Mdanter\Ecc\Primitives\GeneratorPoint; | ||
| use Mdanter\Ecc\Random\RandomNumberGeneratorInterface; | ||
|
|
||
| class SecureSecgCurve extends SecgCurve | ||
| { | ||
|
|
||
| public function curve112r1(): NamedCurveFp | ||
| { | ||
| throw new InsecureCurveException('secp112r1 is not a secure elliptic curve'); | ||
| } | ||
|
|
||
| public function curve192k1(): NamedCurveFp | ||
| { | ||
| throw new InsecureCurveException('secp192r1 is not a secure elliptic curve'); | ||
| } | ||
|
|
||
| /** | ||
| * @inheritDoc | ||
| */ | ||
| public function curve256k1(): NamedCurveFp | ||
| { | ||
| $curve = parent::curve256k1(); | ||
| if (!$curve->isOpensslAvailable()) { | ||
| throw new InsecureCurveException('Cannot securely use non-optimized secp256k1 without OpenSSL support'); | ||
| } | ||
| return $curve; | ||
| } | ||
|
|
||
| /** | ||
| * @inheritDoc | ||
| */ | ||
| public function curve256r1(): NamedCurveFp | ||
| { | ||
| $curve = parent::curve256r1(); | ||
| if (!$curve->isOpensslAvailable()) { | ||
| throw new InsecureCurveException('Cannot securely use non-optimized secp256k1 without OpenSSL support'); | ||
| } | ||
| return $curve; | ||
| } | ||
|
|
||
| /** | ||
| * @inheritDoc | ||
| */ | ||
| public function curve384r1(): NamedCurveFp | ||
| { | ||
| $curve = parent::curve384r1(); | ||
| if (!$curve->isOpensslAvailable()) { | ||
| throw new InsecureCurveException('Cannot securely use non-optimized secp256k1 without OpenSSL support'); | ||
| } | ||
| return $curve; | ||
| } | ||
|
|
||
| /** | ||
| * @inheritDoc | ||
| */ | ||
| public function generator256k1(?RandomNumberGeneratorInterface $randomGenerator = null, bool $optimized = true): GeneratorPoint | ||
| { | ||
| return parent::generator256k1($randomGenerator, $optimized); | ||
| } | ||
|
|
||
| /** | ||
| * @inheritDoc | ||
| */ | ||
| public function generator256r1(?RandomNumberGeneratorInterface $randomGenerator = null, bool $optimized = true): GeneratorPoint | ||
| { | ||
| return parent::generator256r1($randomGenerator, $optimized); | ||
| } | ||
|
|
||
| /** | ||
| * @inheritDoc | ||
| */ | ||
| public function generator384r1(?RandomNumberGeneratorInterface $randomGenerator = null, bool $optimized = true): GeneratorPoint | ||
| { | ||
| return parent::generator384r1($randomGenerator, $optimized); | ||
| } | ||
| } |
Oops, something went wrong.