rsaauth_trunk2.patch

Administrator Admin, 2011-01-28 14:43

Download (9.6 KB)

View differences:

typo3/sysext/rsaauth/sv1/backends/class.tx_rsaauth_abstract_backend.php (working copy)
62 62
	protected	$error = '';
63 63

  
64 64
	/**
65
	 * Creates a new key pair for the encryption.
65
	 * Creates a new key pair for the encryption (if necessary).
66 66
	 *
67 67
	 * @return	tx_rsaauth_keypair	A new key pair or null in case of error
68
	 * @deprecated use getKeyPair instead! Reason1: there is no need to create more than one key pare. Reason2: the second private key overwrites the first private key, so the form with the first public key will never work
68 69
	 */
69
	abstract public function createNewKeyPair();
70
	public function createNewKeyPair() {
71
		t3lib_div::logDeprecatedFunction();
72
		return $this->getKeyPair();
73
	}
70 74

  
71 75
	/**
76
	 * Get a key pair for the encryption.
77
	 *
78
	 * @return	tx_rsaauth_keypair	A key pair or null in case of error
79
	 */	
80
	abstract public function getKeyPair();
81

  
82
	/**
72 83
	 * Decripts the data using the private key.
73 84
	 *
74 85
	 * @param	string	$privateKey	The private key (obtained from a call to createNewKeyPair())
typo3/sysext/rsaauth/sv1/backends/class.tx_rsaauth_cmdline_backend.php (working copy)
78 78
	}
79 79

  
80 80
	/**
81
	 * Creates a new or get an existing public/private key pair or null in case of error
81 82
	 *
82 83
	 * @return tx_rsaauth_keypair	A new key pair or null in case of error
83 84
	 * @see tx_rsaauth_abstract_backend::createNewKeyPair()
84 85
	 */
85
	public function createNewKeyPair() {
86
		$result = null;
86
	public function getKeyPair() {
87
		// Create result object
88
		$result = t3lib_div::makeInstance('tx_rsaauth_keypair');
87 89

  
88
		// Create a temporary file. Security: tempnam() sets permissions to 0600
89
		$privateKeyFile = tempnam($this->temporaryDirectory, uniqid());
90

  
91
		// Generate the private key.
92
		//
93
		// PHP generates 1024 bit key files. We force command line version
94
		// to do the same and use the F4 (0x10001) exponent. This is the most
95
		// secure.
96
		$command = $this->opensslPath . ' genrsa -out ' .
97
			escapeshellarg($privateKeyFile) . ' 1024';
98
		t3lib_utility_Command::exec($command);
99

  
100
		// Test that we got a private key
101
		$privateKey = file_get_contents($privateKeyFile);
102
		if (false !== strpos($privateKey, 'BEGIN RSA PRIVATE KEY')) {
103
			// Ok, we got the private key. Get the modulus.
104
			$command = $this->opensslPath . ' rsa -noout -modulus -in ' .
105
				escapeshellarg($privateKeyFile);
106
			$value = t3lib_utility_Command::exec($command);
107
			if (substr($value, 0, 8) === 'Modulus=') {
108
				$publicKey = substr($value, 8);
109

  
110
				// Create a result object
111
				$result = t3lib_div::makeInstance('tx_rsaauth_keypair');
112
				/* @var $result tx_rsa_keypair */
113
				$result->setExponent(0x10001);
114
				$result->setPrivateKey($privateKey);
115
				$result->setPublicKey($publicKey);
116
			}
90
		if(!$result->isReady()){
91
  		// Create a temporary file. Security: tempnam() sets permissions to 0600
92
  		$privateKeyFile = tempnam($this->temporaryDirectory, uniqid());
93
  
94
  		// Generate the private key.
95
  		//
96
  		// PHP generates 1024 bit key files. We force command line version
97
  		// to do the same and use the F4 (0x10001) exponent. This is the most
98
  		// secure.
99
  		$command = $this->opensslPath . ' genrsa -out ' .
100
  			escapeshellarg($privateKeyFile) . ' 1024';
101
  		t3lib_utility_Command::exec($command);
102
  
103
  		// Test that we got a private key
104
  		$privateKey = file_get_contents($privateKeyFile);
105
  		if (false !== strpos($privateKey, 'BEGIN RSA PRIVATE KEY')) {
106
  			// Ok, we got the private key. Get the modulus.
107
  			$command = $this->opensslPath . ' rsa -noout -modulus -in ' .
108
  				escapeshellarg($privateKeyFile);
109
  			$value = t3lib_utility_Command::exec($command);
110
  			if (substr($value, 0, 8) === 'Modulus=') {
111
  				$publicKey = substr($value, 8);
112
  
113
  				/* @var $result tx_rsa_keypair */
114
  				$result->setExponent(0x10001);
115
  				$result->setPrivateKey($privateKey);
116
  				$result->setPublicKey($publicKey);
117
  			}
118
  		}
119
	
120
			@unlink($privateKeyFile);
117 121
		}
118 122

  
119
		@unlink($privateKeyFile);
120

  
121 123
		return $result;
122 124
	}
123 125

  
typo3/sysext/rsaauth/sv1/backends/class.tx_rsaauth_keypair.php (working copy)
37 37
 * @package	TYPO3
38 38
 * @subpackage	tx_rsaauth
39 39
 */
40
final class tx_rsaauth_keypair {
40
final class tx_rsaauth_keypair implements t3lib_Singleton {
41 41

  
42 42
	/**
43 43
	 * RSA public exponent (3 or 0x10001)
44 44
	 *
45 45
	 * @var	int
46 46
	 */
47
	protected	$exponent = 0x10001;
47
	protected	$exponent;
48 48

  
49 49
	/**
50 50
	 * The private key
51 51
	 *
52 52
	 * @var	string
53 53
	 */
54
	protected	$privateKey = '';
54
	protected	$privateKey;
55 55

  
56 56
	/**
57 57
	 * The public key modulus
58 58
	 *
59 59
	 * @var	string
60 60
	 */
61
	protected	$publicKeyModulus = '';
61
	protected	$publicKeyModulus;
62 62

  
63 63
	/**
64
	 * Check, if there is already a key pair
65
	 *
66
	 * @return bool
67
	 */
68
	public function isReady(){
69
		return (isset($this->exponent) && (isset($this->privateKey) && isset($this->publicKeyModulus));
70
	}
71

  
72
	/**
64 73
	 * Retrieves the exponent.
65 74
	 *
66 75
	 * @return	string	The exponent
......
70 79
	}
71 80

  
72 81
	/**
73
	 * Sets the private key
82
	 * Sets the exponent if not already set
74 83
	 *
75
	 * @param	string	$privateKey	The new private key
84
	 * @param	string	$privateKey	The new exponent
76 85
	 * @return	void
77 86
	 */
78 87
	public function setExponent($exponent) {
79
		$this->exponent = $exponent;
88
		if(!$this->isReady()) {
89
			$this->exponent = $exponent;
90
		} else {
91
			throw new Exception(
92
				'TYPO3 Fatal Error: tx_rsaauth_keypair::setExponent() don\'t set the exponent two times!',
93
				1296062838
94
			);
95
		}
80 96
	}
81 97

  
82 98
	/**
......
89 105
	}
90 106

  
91 107
	/**
92
	 * Sets the private key
108
	 * Sets the private key if not already set
93 109
	 *
94 110
	 * @param	string	$privateKey	The new private key
95 111
	 * @return	void
96 112
	 */
97 113
	public function setPrivateKey($privateKey) {
98
		$this->privateKey = $privateKey;
114
		if(!$this->isReady()) {
115
			$this->privateKey = $privateKey;
116
		} else {
117
			throw new Exception(
118
				'TYPO3 Fatal Error: tx_rsaauth_keypair::setPrivateKey() don\'t set the private key two times!',
119
				1296062838
120
			);
121
		}
99 122
	}
100 123

  
101 124
	/**
......
108 131
	}
109 132

  
110 133
	/**
111
	 * Sets the public key modulus
134
	 * Sets the public key modulus if not already set
112 135
	 *
113 136
	 * @param	string	$publicKeyModulus	The new public key modulus
114 137
	 * @return	void
115 138
	 */
116 139
	public function setPublicKey($publicKeyModulus) {
117
		$this->publicKeyModulus = $publicKeyModulus;
140
		if(!$this->isReady()) {
141
			$this->publicKeyModulus = $publicKeyModulus;
142
		} else {
143
			throw new Exception(
144
				'TYPO3 Fatal Error: tx_rsaauth_keypair::setPublicKey() don\'t set the public key two times!',
145
				1296062838
146
			);
147
		}
118 148
	}
119 149
}
120 150

  
typo3/sysext/rsaauth/sv1/backends/class.tx_rsaauth_php_backend.php (working copy)
42 42
class tx_rsaauth_php_backend extends tx_rsaauth_abstract_backend {
43 43

  
44 44
	/**
45
	 * Creates a new public/private key pair using PHP OpenSSL extension.
45
	 * Creates a new or get an existing public/private key pair using PHP OpenSSL extension.
46 46
	 *
47 47
	 * @return tx_rsaauth_keypair	A new key pair or null in case of error
48 48
	 * @see tx_rsaauth_abstract_backend::createNewKeyPair()
49 49
	 */
50
	public function createNewKeyPair() {
51
		$result = null;
52
		$privateKey = @openssl_pkey_new();
53
		if ($privateKey) {
54
			// Create private key as string
55
			$privateKeyStr = '';
56
			openssl_pkey_export($privateKey, $privateKeyStr);
57

  
58
			// Prepare public key information
59
			$exportedData = '';
60
			$csr = openssl_csr_new(array(), $privateKey);
61
			openssl_csr_export($csr, $exportedData, false);
62

  
63
			// Get public key (in fact modulus) and exponent
64
			$publicKey = $this->extractPublicKeyModulus($exportedData);
65
			$exponent = $this->extractExponent($exportedData);
66

  
67
			// Create result object
68
			$result = t3lib_div::makeInstance('tx_rsaauth_keypair');
69
			/* @var $result tx_rsaauth_keypair */
70
			$result->setExponent($exponent);
71
			$result->setPrivateKey($privateKeyStr);
72
			$result->setPublicKey($publicKey);
73

  
74
			// Clean up all resources
75
			openssl_free_key($privateKey);
50
	public function getKeyPair() {
51
		// Create result object
52
		$result = t3lib_div::makeInstance('tx_rsaauth_keypair');
53
		if(!$result->isReady()){
54
			$privateKey = @openssl_pkey_new();
55
			if ($privateKey) {
56
				// Create private key as string
57
				$privateKeyStr = '';
58
				openssl_pkey_export($privateKey, $privateKeyStr);
59
	
60
				// Prepare public key information
61
				$exportedData = '';
62
				$csr = openssl_csr_new(array(), $privateKey);
63
				openssl_csr_export($csr, $exportedData, false);
64
	
65
				// Get public key (in fact modulus) and exponent
66
				$publicKey = $this->extractPublicKeyModulus($exportedData);
67
				$exponent = $this->extractExponent($exportedData);
68
	
69
				/* @var $result tx_rsaauth_keypair */
70
				$result->setExponent($exponent);
71
				$result->setPrivateKey($privateKeyStr);
72
				$result->setPublicKey($publicKey);
73
	
74
				// Clean up all resources
75
				openssl_free_key($privateKey);
76
			}
76 77
		}
77 78
		return $result;
78 79
	}