Cleanup: Updated copyright comments
[Packages/TYPO3.CMS.git] / typo3 / sysext / rsaauth / sv1 / backends / class.tx_rsaauth_php_backend.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 2009-2011 Dmitry Dulepov <dmitry@typo3.org>
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 *
17 * This script is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * This copyright notice MUST APPEAR in all copies of the script!
23 ***************************************************************/
24
25 /**
26 * [CLASS/FUNCTION INDEX of SCRIPT]
27 *
28 * $Id$
29 */
30
31 require_once(t3lib_extMgm::extPath('rsaauth', 'sv1/backends/class.tx_rsaauth_abstract_backend.php'));
32
33 /**
34 * This class contains a PHP OpenSSL backend for the TYPO3 RSA authentication
35 * service. See class tx_rsaauth_abstract_backend for the information on using
36 * backends.
37 *
38 * @author Dmitry Dulepov <dmitry@typo3.org>
39 * @package TYPO3
40 * @subpackage tx_rsaauth
41 */
42 class tx_rsaauth_php_backend extends tx_rsaauth_abstract_backend {
43
44 /**
45 * Creates a new public/private key pair using PHP OpenSSL extension.
46 *
47 * @return tx_rsaauth_keypair A new key pair or null in case of error
48 * @see tx_rsaauth_abstract_backend::createNewKeyPair()
49 */
50 public function createNewKeyPair() {
51 $result = null;
52 $privateKey = @openssl_pkey_new();
53 if ($privateKey) {
54 // Create private key as string
55 $privateKeyStr = '';
56 openssl_pkey_export($privateKey, $privateKeyStr);
57
58 // Prepare public key information
59 $exportedData = '';
60 $csr = openssl_csr_new(array(), $privateKey);
61 openssl_csr_export($csr, $exportedData, false);
62
63 // Get public key (in fact modulus) and exponent
64 $publicKey = $this->extractPublicKeyModulus($exportedData);
65 $exponent = $this->extractExponent($exportedData);
66
67 // Create result object
68 $result = t3lib_div::makeInstance('tx_rsaauth_keypair');
69 /* @var $result tx_rsaauth_keypair */
70 $result->setExponent($exponent);
71 $result->setPrivateKey($privateKeyStr);
72 $result->setPublicKey($publicKey);
73
74 // Clean up all resources
75 openssl_free_key($privateKey);
76 }
77 return $result;
78 }
79
80 /**
81 * Decrypts data using the private key. This implementation uses PHP OpenSSL
82 * extension.
83 *
84 * @param string $privateKey The private key (obtained from a call to createNewKeyPair())
85 * @param string $data Data to decrypt (base64-encoded)
86 * @return string Decrypted data or null in case of a error
87 * @see tx_rsaauth_abstract_backend::decrypt()
88 */
89 public function decrypt($privateKey, $data) {
90 $result = '';
91 if (!@openssl_private_decrypt(base64_decode($data), $result, $privateKey)) {
92 $result = null;
93 }
94 return $result;
95 }
96
97 /**
98 * Checks if this backend is available for calling. In particular checks if
99 * PHP OpenSSl extension is installed and functional.
100 *
101 * @return void
102 * @see tx_rsaauth_abstract_backend::isAvailable()
103 */
104 public function isAvailable() {
105 $result = false;
106 if (is_callable('openssl_pkey_new')) {
107 if (TYPO3_OS !== 'WIN') {
108 // If the server does not run Windows, we can be sure than
109 // OpenSSL will work
110 $result = true;
111 }
112 else {
113 // On Windows PHP extension has to be configured properly. It
114 // can be installed and available but will not work unless
115 // configured. So we check if it works.
116 $testKey = @openssl_pkey_new();
117 if ($testKey) {
118 openssl_free_key($testKey);
119 $result = true;
120 }
121 }
122 }
123 return $result;
124 }
125
126 /**
127 * Extracts the exponent from the OpenSSL CSR
128 *
129 * @param string $data The result of openssl_csr_export()
130 * @return int The exponent as a number
131 */
132 protected function extractExponent($data) {
133 $index = strpos($data, 'Exponent: ');
134 // We do not check for '$index === false' because the exponent is
135 // always there!
136 return intval(substr($data, $index + 10));
137 }
138
139 /**
140 * Extracts public key modulus from the OpenSSL CSR.
141 *
142 * @param string $data The result of openssl_csr_export()
143 * @return string Modulus as uppercase hex string
144 */
145 protected function extractPublicKeyModulus($data) {
146 $fragment = preg_replace('/.*Modulus.*?\n(.*)Exponent:.*/ms', '\1', $data);
147 $fragment = preg_replace('/[\s\n\r:]/', '', $fragment);
148 $result = trim(strtoupper(substr($fragment, 2)));
149
150 return $result;
151 }
152 }
153
154 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/rsaauth/sv1/backends/class.tx_rsaauth_php_backend.php'])) {
155 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/rsaauth/sv1/backends/class.tx_rsaauth_php_backend.php']);
156 }
157
158 ?>