TYPO3 API  SVNRelease
class.tx_rsaauth_cmdline_backend.php
Go to the documentation of this file.
00001 <?php
00002 /***************************************************************
00003 *  Copyright notice
00004 *
00005 *  (c) 2009-2011 Dmitry Dulepov <dmitry@typo3.org>
00006 *  All rights reserved
00007 *
00008 *  This script is part of the TYPO3 project. The TYPO3 project is
00009 *  free software; you can redistribute it and/or modify
00010 *  it under the terms of the GNU General Public License as published by
00011 *  the Free Software Foundation; either version 2 of the License, or
00012 *  (at your option) any later version.
00013 *
00014 *  The GNU General Public License can be found at
00015 *  http://www.gnu.org/copyleft/gpl.html.
00016 *
00017 *  This script is distributed in the hope that it will be useful,
00018 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
00019 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00020 *  GNU General Public License for more details.
00021 *
00022 *  This copyright notice MUST APPEAR in all copies of the script!
00023 ***************************************************************/
00024 
00025 /**
00026  * [CLASS/FUNCTION INDEX of SCRIPT]
00027  *
00028  * $Id: class.tx_rsaauth_cmdline_backend.php 10120 2011-01-18 20:03:36Z ohader $
00029  */
00030 
00031 require_once(t3lib_extMgm::extPath('rsaauth', 'sv1/backends/class.tx_rsaauth_abstract_backend.php'));
00032 
00033 /**
00034  * This class contains a OpenSSL backend for the TYPO3 RSA authentication
00035  * service. It uses shell version of OpenSSL to perform tasks. See class
00036  * tx_rsaauth_abstract_backend for the information on using backends.
00037  *
00038  * @author  Dmitry Dulepov <dmitry@typo3.org>
00039  * @package TYPO3
00040  * @subpackage  tx_rsaauth
00041  */
00042 class tx_rsaauth_cmdline_backend extends tx_rsaauth_abstract_backend {
00043 
00044     /**
00045      * A path to the openssl binary or false if the binary does not exist
00046      *
00047      * @var mixed
00048      */
00049     protected   $opensslPath;
00050 
00051     /**
00052      * Temporary directory. It is best of it is outside of the web site root and
00053      * not publically readable.
00054      * For now we use typo3temp/.
00055      *
00056      * @var string
00057      */
00058     protected   $temporaryDirectory;
00059 
00060     /**
00061      * Creates an instance of this class. It obtains a path to the OpenSSL
00062      * binary.
00063      *
00064      * @return  void
00065      */
00066     public function __construct() {
00067         $this->opensslPath = t3lib_exec::getCommand('openssl');
00068         $this->temporaryDirectory = PATH_site . 'typo3temp';
00069 
00070         // Get temporary directory from the configuration
00071         $extconf = unserialize($GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['rsaauth']);
00072         if ($extconf['temporaryDirectory'] != '' &&
00073                 $extconf['temporaryDirectory']{0} == '/' &&
00074                 @is_dir($extconf['temporaryDirectory']) &&
00075                 is_writable($extconf['temporaryDirectory'])) {
00076             $this->temporaryDirectory = $extconf['temporaryDirectory'];
00077         }
00078     }
00079 
00080     /**
00081      *
00082      * @return tx_rsaauth_keypair   A new key pair or null in case of error
00083      * @see tx_rsaauth_abstract_backend::createNewKeyPair()
00084      */
00085     public function createNewKeyPair() {
00086         $result = null;
00087 
00088         // Create a temporary file. Security: tempnam() sets permissions to 0600
00089         $privateKeyFile = tempnam($this->temporaryDirectory, uniqid());
00090 
00091         // Generate the private key.
00092         //
00093         // PHP generates 1024 bit key files. We force command line version
00094         // to do the same and use the F4 (0x10001) exponent. This is the most
00095         // secure.
00096         $command = $this->opensslPath . ' genrsa -out ' .
00097             escapeshellarg($privateKeyFile) . ' 1024';
00098         t3lib_utility_Command::exec($command);
00099 
00100         // Test that we got a private key
00101         $privateKey = file_get_contents($privateKeyFile);
00102         if (false !== strpos($privateKey, 'BEGIN RSA PRIVATE KEY')) {
00103             // Ok, we got the private key. Get the modulus.
00104             $command = $this->opensslPath . ' rsa -noout -modulus -in ' .
00105                 escapeshellarg($privateKeyFile);
00106             $value = t3lib_utility_Command::exec($command);
00107             if (substr($value, 0, 8) === 'Modulus=') {
00108                 $publicKey = substr($value, 8);
00109 
00110                 // Create a result object
00111                 $result = t3lib_div::makeInstance('tx_rsaauth_keypair');
00112                 /* @var $result tx_rsa_keypair */
00113                 $result->setExponent(0x10001);
00114                 $result->setPrivateKey($privateKey);
00115                 $result->setPublicKey($publicKey);
00116             }
00117         }
00118 
00119         @unlink($privateKeyFile);
00120 
00121         return $result;
00122     }
00123 
00124     /**
00125      *
00126      * @param string    $privateKey The private key (obtained from a call to createNewKeyPair())
00127      * @param string    $data   Data to decrypt (base64-encoded)
00128      * @return string   Decrypted data or null in case of a error
00129      * @see tx_rsaauth_abstract_backend::decrypt()
00130      */
00131     public function decrypt($privateKey, $data) {
00132         // Key must be put to the file
00133         $privateKeyFile = tempnam($this->temporaryDirectory, uniqid());
00134         file_put_contents($privateKeyFile, $privateKey);
00135 
00136         $dataFile = tempnam($this->temporaryDirectory, uniqid());
00137         file_put_contents($dataFile, base64_decode($data));
00138 
00139         // Prepare the command
00140         $command = $this->opensslPath . ' rsautl -inkey ' .
00141             escapeshellarg($privateKeyFile) . ' -in ' .
00142             escapeshellarg($dataFile) .
00143             ' -decrypt';
00144 
00145         // Execute the command and capture the result
00146         $output = array();
00147         t3lib_utility_Command::exec($command, $output);
00148 
00149         // Remove the file
00150         @unlink($privateKeyFile);
00151         @unlink($dataFile);
00152 
00153         return implode(LF, $output);
00154     }
00155 
00156     /**
00157      * Checks if command line version of the OpenSSL is available and can be
00158      * executed successfully.
00159      *
00160      * @return void
00161      * @see tx_rsaauth_abstract_backend::isAvailable()
00162      */
00163     public function isAvailable() {
00164         $result = false;
00165         if ($this->opensslPath) {
00166             // If path exists, test that command runs and can produce output
00167             $test = t3lib_utility_Command::exec($this->opensslPath . ' version');
00168             $result = (substr($test, 0, 8) == 'OpenSSL ');
00169         }
00170         return $result;
00171     }
00172 }
00173 
00174 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/rsaauth/sv1/backends/class.tx_rsaauth_cmdline_backend.php'])) {
00175     include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/rsaauth/sv1/backends/class.tx_rsaauth_cmdline_backend.php']);
00176 }
00177 
00178 ?>
Generated on Sat May 19 2012 04:21:01 for TYPO3 API by   doxygen 1.8.0