[TASK] Clean up phpDoc comments in typo3/sysext/rsaauth
[Packages/TYPO3.CMS.git] / typo3 / sysext / rsaauth / sv1 / backends / class.tx_rsaauth_php_backend.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 2009-2011 Dmitry Dulepov <dmitry@typo3.org>
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 *
17 * This script is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * This copyright notice MUST APPEAR in all copies of the script!
23 ***************************************************************/
24
25 /**
26 * This class contains a PHP OpenSSL backend for the TYPO3 RSA authentication
27 * service. See class tx_rsaauth_abstract_backend for the information on using
28 * backends.
29 *
30 * @author Dmitry Dulepov <dmitry@typo3.org>
31 * @package TYPO3
32 * @subpackage tx_rsaauth
33 */
34 class tx_rsaauth_php_backend extends tx_rsaauth_abstract_backend {
35
36 /**
37 * Creates a new public/private key pair using PHP OpenSSL extension.
38 *
39 * @return tx_rsaauth_keypair A new key pair or NULL in case of error
40 * @see tx_rsaauth_abstract_backend::createNewKeyPair()
41 */
42 public function createNewKeyPair() {
43 $result = NULL;
44 $privateKey = @openssl_pkey_new();
45 if ($privateKey) {
46 // Create private key as string
47 $privateKeyStr = '';
48 openssl_pkey_export($privateKey, $privateKeyStr);
49
50 // Prepare public key information
51 $exportedData = '';
52 $csr = openssl_csr_new(array(), $privateKey);
53 openssl_csr_export($csr, $exportedData, FALSE);
54
55 // Get public key (in fact modulus) and exponent
56 $publicKey = $this->extractPublicKeyModulus($exportedData);
57 $exponent = $this->extractExponent($exportedData);
58
59 // Create result object
60 $result = t3lib_div::makeInstance('tx_rsaauth_keypair');
61 /** @var $result tx_rsaauth_keypair */
62 $result->setExponent($exponent);
63 $result->setPrivateKey($privateKeyStr);
64 $result->setPublicKey($publicKey);
65
66 // Clean up all resources
67 openssl_free_key($privateKey);
68 }
69 return $result;
70 }
71
72 /**
73 * Decrypts data using the private key. This implementation uses PHP OpenSSL
74 * extension.
75 *
76 * @param string $privateKey The private key (obtained from a call to createNewKeyPair())
77 * @param string $data Data to decrypt (base64-encoded)
78 * @return string Decrypted data or NULL in case of a error
79 * @see tx_rsaauth_abstract_backend::decrypt()
80 */
81 public function decrypt($privateKey, $data) {
82 $result = '';
83 if (!@openssl_private_decrypt(base64_decode($data), $result, $privateKey)) {
84 $result = NULL;
85 }
86 return $result;
87 }
88
89 /**
90 * Checks if this backend is available for calling. In particular checks if
91 * PHP OpenSSl extension is installed and functional.
92 *
93 * @return void
94 * @see tx_rsaauth_abstract_backend::isAvailable()
95 */
96 public function isAvailable() {
97 $result = FALSE;
98 if (is_callable('openssl_pkey_new')) {
99 // PHP extension has to be configured properly. It
100 // can be installed and available but will not work unless
101 // properly configured. So we check if it works.
102 $testKey = @openssl_pkey_new();
103 if (is_resource($testKey)) {
104 openssl_free_key($testKey);
105 $result = TRUE;
106 }
107 }
108 return $result;
109 }
110
111 /**
112 * Extracts the exponent from the OpenSSL CSR
113 *
114 * @param string $data The result of openssl_csr_export()
115 * @return integer The exponent as a number
116 */
117 protected function extractExponent($data) {
118 $index = strpos($data, 'Exponent: ');
119 // We do not check for '$index === FALSE' because the exponent is
120 // always there!
121 return intval(substr($data, $index + 10));
122 }
123
124 /**
125 * Extracts public key modulus from the OpenSSL CSR.
126 *
127 * @param string $data The result of openssl_csr_export()
128 * @return string Modulus as uppercase hex string
129 */
130 protected function extractPublicKeyModulus($data) {
131 $fragment = preg_replace('/.*Modulus.*?\n(.*)Exponent:.*/ms', '\1', $data);
132 $fragment = preg_replace('/[\s\n\r:]/', '', $fragment);
133 $result = trim(strtoupper(substr($fragment, 2)));
134
135 return $result;
136 }
137 }
138 ?>