[TASK] Remove function index
[Packages/TYPO3.CMS.git] / typo3 / sysext / rsaauth / sv1 / backends / class.tx_rsaauth_php_backend.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 2009-2011 Dmitry Dulepov <dmitry@typo3.org>
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 *
17 * This script is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * This copyright notice MUST APPEAR in all copies of the script!
23 ***************************************************************/
24
25 require_once(t3lib_extMgm::extPath('rsaauth', 'sv1/backends/class.tx_rsaauth_abstract_backend.php'));
26
27 /**
28 * This class contains a PHP OpenSSL backend for the TYPO3 RSA authentication
29 * service. See class tx_rsaauth_abstract_backend for the information on using
30 * backends.
31 *
32 * @author Dmitry Dulepov <dmitry@typo3.org>
33 * @package TYPO3
34 * @subpackage tx_rsaauth
35 */
36 class tx_rsaauth_php_backend extends tx_rsaauth_abstract_backend {
37
38 /**
39 * Creates a new public/private key pair using PHP OpenSSL extension.
40 *
41 * @return tx_rsaauth_keypair A new key pair or NULL in case of error
42 * @see tx_rsaauth_abstract_backend::createNewKeyPair()
43 */
44 public function createNewKeyPair() {
45 $result = NULL;
46 $privateKey = @openssl_pkey_new();
47 if ($privateKey) {
48 // Create private key as string
49 $privateKeyStr = '';
50 openssl_pkey_export($privateKey, $privateKeyStr);
51
52 // Prepare public key information
53 $exportedData = '';
54 $csr = openssl_csr_new(array(), $privateKey);
55 openssl_csr_export($csr, $exportedData, FALSE);
56
57 // Get public key (in fact modulus) and exponent
58 $publicKey = $this->extractPublicKeyModulus($exportedData);
59 $exponent = $this->extractExponent($exportedData);
60
61 // Create result object
62 $result = t3lib_div::makeInstance('tx_rsaauth_keypair');
63 /* @var $result tx_rsaauth_keypair */
64 $result->setExponent($exponent);
65 $result->setPrivateKey($privateKeyStr);
66 $result->setPublicKey($publicKey);
67
68 // Clean up all resources
69 openssl_free_key($privateKey);
70 }
71 return $result;
72 }
73
74 /**
75 * Decrypts data using the private key. This implementation uses PHP OpenSSL
76 * extension.
77 *
78 * @param string $privateKey The private key (obtained from a call to createNewKeyPair())
79 * @param string $data Data to decrypt (base64-encoded)
80 * @return string Decrypted data or NULL in case of a error
81 * @see tx_rsaauth_abstract_backend::decrypt()
82 */
83 public function decrypt($privateKey, $data) {
84 $result = '';
85 if (!@openssl_private_decrypt(base64_decode($data), $result, $privateKey)) {
86 $result = NULL;
87 }
88 return $result;
89 }
90
91 /**
92 * Checks if this backend is available for calling. In particular checks if
93 * PHP OpenSSl extension is installed and functional.
94 *
95 * @return void
96 * @see tx_rsaauth_abstract_backend::isAvailable()
97 */
98 public function isAvailable() {
99 $result = FALSE;
100 if (is_callable('openssl_pkey_new')) {
101 if (TYPO3_OS !== 'WIN') {
102 // If the server does not run Windows, we can be sure than
103 // OpenSSL will work
104 $result = TRUE;
105 }
106 else {
107 // On Windows PHP extension has to be configured properly. It
108 // can be installed and available but will not work unless
109 // configured. So we check if it works.
110 $testKey = @openssl_pkey_new();
111 if ($testKey) {
112 openssl_free_key($testKey);
113 $result = TRUE;
114 }
115 }
116 }
117 return $result;
118 }
119
120 /**
121 * Extracts the exponent from the OpenSSL CSR
122 *
123 * @param string $data The result of openssl_csr_export()
124 * @return int The exponent as a number
125 */
126 protected function extractExponent($data) {
127 $index = strpos($data, 'Exponent: ');
128 // We do not check for '$index === FALSE' because the exponent is
129 // always there!
130 return intval(substr($data, $index + 10));
131 }
132
133 /**
134 * Extracts public key modulus from the OpenSSL CSR.
135 *
136 * @param string $data The result of openssl_csr_export()
137 * @return string Modulus as uppercase hex string
138 */
139 protected function extractPublicKeyModulus($data) {
140 $fragment = preg_replace('/.*Modulus.*?\n(.*)Exponent:.*/ms', '\1', $data);
141 $fragment = preg_replace('/[\s\n\r:]/', '', $fragment);
142 $result = trim(strtoupper(substr($fragment, 2)));
143
144 return $result;
145 }
146 }
147
148 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/rsaauth/sv1/backends/class.tx_rsaauth_php_backend.php'])) {
149 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/rsaauth/sv1/backends/class.tx_rsaauth_php_backend.php']);
150 }
151
152 ?>