Bug #24877 » rsaauth_446.patch
typo3/sysext/rsaauth/sv1/backends/class.tx_rsaauth_abstract_backend.php (working copy) | ||
---|---|---|
protected $error = '';
|
||
/**
|
||
* Creates a new key pair for the encryption.
|
||
* Creates a new key pair for the encryption. (if necessary).
|
||
*
|
||
* @return tx_rsaauth_keypair A new key pair or null in case of error
|
||
* @deprecated use getKeyPair instead! Reason1: there is no need to create more than one key pare. Reason2: the second private key overwrites the first private key, so the form with the first public key will never work
|
||
*/
|
||
abstract public function createNewKeyPair();
|
||
public function createNewKeyPair(){
|
||
t3lib_div::logDeprecatedFunction();
|
||
return $this->getKeyPair();
|
||
}
|
||
|
||
/**
|
||
* Get a key pair for the encryption.
|
||
*
|
||
* @return tx_rsaauth_keypair A key pair or null in case of error
|
||
*/
|
||
abstract public function getKeyPair();
|
||
/**
|
||
* Decripts the data using the private key.
|
typo3/sysext/rsaauth/sv1/backends/class.tx_rsaauth_cmdline_backend.php (working copy) | ||
---|---|---|
}
|
||
/**
|
||
*
|
||
* Creates a new or get an existing public/private key pair or null in case of error
|
||
*
|
||
* @return tx_rsaauth_keypair A new key pair or null in case of error
|
||
* @see tx_rsaauth_abstract_backend::createNewKeyPair()
|
||
*/
|
||
public function createNewKeyPair() {
|
||
$result = null;
|
||
public function getKeyPair() {
|
||
$result = t3lib_div::makeInstance('tx_rsaauth_keypair');
|
||
// Create a temporary file. Security: tempnam() sets permissions to 0600
|
||
$privateKeyFile = tempnam($this->temporaryDirectory, uniqid());
|
||
// Generate the private key.
|
||
//
|
||
// PHP generates 1024 bit key files. We force command line version
|
||
// to do the same and use the F4 (0x10001) exponent. This is the most
|
||
// secure.
|
||
$command = $this->opensslPath . ' genrsa -out ' .
|
||
escapeshellarg($privateKeyFile) . ' 1024';
|
||
exec($command);
|
||
// Test that we got a private key
|
||
$privateKey = file_get_contents($privateKeyFile);
|
||
if (false !== strpos($privateKey, 'BEGIN RSA PRIVATE KEY')) {
|
||
// Ok, we got the private key. Get the modulus.
|
||
$command = $this->opensslPath . ' rsa -noout -modulus -in ' .
|
||
escapeshellarg($privateKeyFile);
|
||
$value = exec($command);
|
||
if (substr($value, 0, 8) === 'Modulus=') {
|
||
$publicKey = substr($value, 8);
|
||
// Create a result object
|
||
$result = t3lib_div::makeInstance('tx_rsaauth_keypair');
|
||
/* @var $result tx_rsa_keypair */
|
||
$result->setExponent(0x10001);
|
||
$result->setPrivateKey($privateKey);
|
||
$result->setPublicKey($publicKey);
|
||
if(!$result->isReady()){
|
||
// Create a temporary file. Security: tempnam() sets permissions to 0600
|
||
$privateKeyFile = tempnam($this->temporaryDirectory, uniqid());
|
||
|
||
// Generate the private key.
|
||
//
|
||
// PHP generates 1024 bit key files. We force command line version
|
||
// to do the same and use the F4 (0x10001) exponent. This is the most
|
||
// secure.
|
||
$command = $this->opensslPath . ' genrsa -out ' .
|
||
escapeshellarg($privateKeyFile) . ' 1024';
|
||
exec($command);
|
||
|
||
// Test that we got a private key
|
||
$privateKey = file_get_contents($privateKeyFile);
|
||
if (false !== strpos($privateKey, 'BEGIN RSA PRIVATE KEY')) {
|
||
// Ok, we got the private key. Get the modulus.
|
||
$command = $this->opensslPath . ' rsa -noout -modulus -in ' .
|
||
escapeshellarg($privateKeyFile);
|
||
$value = exec($command);
|
||
if (substr($value, 0, 8) === 'Modulus=') {
|
||
$publicKey = substr($value, 8);
|
||
|
||
/* @var $result tx_rsa_keypair */
|
||
$result->setExponent(0x10001);
|
||
$result->setPrivateKey($privateKey);
|
||
$result->setPublicKey($publicKey);
|
||
}
|
||
}
|
||
|
||
@unlink($privateKeyFile);
|
||
}
|
||
@unlink($privateKeyFile);
|
||
return $result;
|
||
}
|
||
typo3/sysext/rsaauth/sv1/backends/class.tx_rsaauth_keypair.php (working copy) | ||
---|---|---|
* @package TYPO3
|
||
* @subpackage tx_rsaauth
|
||
*/
|
||
final class tx_rsaauth_keypair {
|
||
final class tx_rsaauth_keypair implements t3lib_Singleton {
|
||
/**
|
||
* RSA public exponent (3 or 0x10001)
|
||
*
|
||
* @var int
|
||
*/
|
||
protected $exponent = 0x10001;
|
||
protected $exponent;
|
||
/**
|
||
* The private key
|
||
*
|
||
* @var string
|
||
*/
|
||
protected $privateKey = '';
|
||
protected $privateKey;
|
||
/**
|
||
* The public key modulus
|
||
*
|
||
* @var string
|
||
*/
|
||
protected $publicKeyModulus = '';
|
||
protected $publicKeyModulus;
|
||
|
||
/**
|
||
* Check, if there is already a key pair
|
||
*
|
||
* @return bool
|
||
*/
|
||
public function isReady(){
|
||
return (isset($this->exponent) && (isset($this->privateKey) && isset($this->publicKeyModulus));
|
||
}
|
||
/**
|
||
* Retrieves the exponent.
|
||
... | ... | |
}
|
||
/**
|
||
* Sets the private key
|
||
* Sets the exponent if not already set
|
||
*
|
||
* @param string $privateKey The new private key
|
||
* @param string $exponent The new exponent
|
||
* @return void
|
||
*/
|
||
public function setExponent($exponent) {
|
||
$this->exponent = $exponent;
|
||
if(!$this->isReady()) {
|
||
$this->exponent = $exponent;
|
||
} else {
|
||
throw new Exception(
|
||
'TYPO3 Fatal Error: tx_rsaauth_keypair::setExponent() don\'t set the exponent two times!',
|
||
1296062838
|
||
);
|
||
}
|
||
}
|
||
/**
|
||
... | ... | |
/**
|
||
* Sets the private key
|
||
*
|
||
* @param string $privateKey The new private key
|
||
* @param string $privateKey The new private key if not already set
|
||
* @return void
|
||
*/
|
||
public function setPrivateKey($privateKey) {
|
||
$this->privateKey = $privateKey;
|
||
if(!$this->isReady()) {
|
||
$this->privateKey = $privateKey;
|
||
} else {
|
||
throw new Exception(
|
||
'TYPO3 Fatal Error: tx_rsaauth_keypair::setPrivateKey() don\'t set the private key two times!',
|
||
1296062838
|
||
);
|
||
}
|
||
}
|
||
/**
|
||
* Retrieves the public key modulus
|
||
*
|
||
* @return string The public key modulus
|
||
* @return string The public key modulus if not already set
|
||
*/
|
||
public function getPublicKeyModulus() {
|
||
return $this->publicKeyModulus;
|
||
if(!$this->isReady()) {
|
||
$this->publicKeyModulus = $publicKeyModulus;
|
||
} else {
|
||
throw new Exception(
|
||
'TYPO3 Fatal Error: tx_rsaauth_keypair::setPublicKey() don\'t set the public key two times!',
|
||
1296062838
|
||
);
|
||
}
|
||
}
|
||
/**
|
typo3/sysext/rsaauth/sv1/backends/class.tx_rsaauth_php_backend.php (working copy) | ||
---|---|---|
class tx_rsaauth_php_backend extends tx_rsaauth_abstract_backend {
|
||
/**
|
||
* Creates a new public/private key pair using PHP OpenSSL extension.
|
||
* Creates a new or get an existing public/private key pair using PHP OpenSSL extension.
|
||
*
|
||
* @return tx_rsaauth_keypair A new key pair or null in case of error
|
||
* @see tx_rsaauth_abstract_backend::createNewKeyPair()
|
||
*/
|
||
public function createNewKeyPair() {
|
||
$result = null;
|
||
$privateKey = @openssl_pkey_new();
|
||
if ($privateKey) {
|
||
// Create private key as string
|
||
$privateKeyStr = '';
|
||
openssl_pkey_export($privateKey, $privateKeyStr);
|
||
// Prepare public key information
|
||
$exportedData = '';
|
||
$csr = openssl_csr_new(array(), $privateKey);
|
||
openssl_csr_export($csr, $exportedData, false);
|
||
// Get public key (in fact modulus) and exponent
|
||
$publicKey = $this->extractPublicKeyModulus($exportedData);
|
||
$exponent = $this->extractExponent($exportedData);
|
||
// Create result object
|
||
$result = t3lib_div::makeInstance('tx_rsaauth_keypair');
|
||
/* @var $result tx_rsaauth_keypair */
|
||
$result->setExponent($exponent);
|
||
$result->setPrivateKey($privateKeyStr);
|
||
$result->setPublicKey($publicKey);
|
||
// Clean up all resources
|
||
openssl_free_key($privateKey);
|
||
$result = t3lib_div::makeInstance('tx_rsaauth_keypair');
|
||
if(!$result->isReady()){
|
||
$privateKey = @openssl_pkey_new();
|
||
if ($privateKey) {
|
||
// Create private key as string
|
||
$privateKeyStr = '';
|
||
openssl_pkey_export($privateKey, $privateKeyStr);
|
||
|
||
// Prepare public key information
|
||
$exportedData = '';
|
||
$csr = openssl_csr_new(array(), $privateKey);
|
||
openssl_csr_export($csr, $exportedData, false);
|
||
|
||
// Get public key (in fact modulus) and exponent
|
||
$publicKey = $this->extractPublicKeyModulus($exportedData);
|
||
$exponent = $this->extractExponent($exportedData);
|
||
|
||
/* @var $result tx_rsaauth_keypair */
|
||
$result->setExponent($exponent);
|
||
$result->setPrivateKey($privateKeyStr);
|
||
$result->setPublicKey($publicKey);
|
||
|
||
// Clean up all resources
|
||
openssl_free_key($privateKey);
|
||
}
|
||
}
|
||
return $result;
|
||
}
|
- « Previous
- 1
- 2
- 3
- 4
- Next »