‪TYPO3CMS  9.5
CommandLineBackend.php
Go to the documentation of this file.
1 <?php
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
22 
29 {
33  const ‪DEFAULT_EXPONENT = 65537;
34 
40  protected ‪$opensslPath;
41 
49  protected ‪$temporaryDirectory;
50 
55  public function ‪__construct()
56  {
57  $this->opensslPath = ‪CommandUtility::getCommand('openssl');
58  // Get temporary directory from the configuration
59  $path = trim(GeneralUtility::makeInstance(ExtensionConfiguration::class)->get('rsaauth', 'temporaryDirectory'));
60  if ($path !== '' && $path[0] === '/' && @is_dir($path) && is_writable($path)) {
61  $this->temporaryDirectory = $path;
62  } else {
63  $this->temporaryDirectory = ‪Environment::getVarPath() . '/transient';
64  }
65  }
66 
70  public function ‪__wakeup()
71  {
72  $this->opensslPath = null;
73  $this->temporaryDirectory = null;
74 
75  throw new \RuntimeException(
76  __CLASS__ . ' cannot be unserialized',
77  1531336156
78  );
79  }
80 
89  public function ‪createNewKeyPair()
90  {
92  $keyPair = GeneralUtility::makeInstance(\‪TYPO3\CMS\Rsaauth\Keypair::class);
93  if ($keyPair->isReady()) {
94  return $keyPair;
95  }
96 
97  if ($this->opensslPath === false) {
98  return null;
99  }
100 
101  // Create a temporary file. Security: tempnam() sets permissions to 0600
102  $privateKeyFile = tempnam($this->temporaryDirectory, ‪StringUtility::getUniqueId());
103 
104  // Generate the private key.
105  //
106  // PHP generates 1024 bit key files. We force command line version
107  // to do the same and use the F4 (0x10001) exponent. This is the most
108  // secure.
109  $command = $this->opensslPath . ' genrsa -out ' . escapeshellarg($privateKeyFile) . ' 1024';
111  $command .= ' 2>NUL';
112  } else {
113  $command .= ' 2>/dev/null';
114  }
115  ‪CommandUtility::exec($command);
116  // Test that we got a private key
117  $privateKey = file_get_contents($privateKeyFile);
118  if (false !== strpos($privateKey, 'BEGIN RSA PRIVATE KEY')) {
119  // Ok, we got the private key. Get the modulus.
120  $command = $this->opensslPath . ' rsa -noout -modulus -in ' . escapeshellarg($privateKeyFile);
121  $value = ‪CommandUtility::exec($command);
122  if (strpos($value, 'Modulus=') === 0) {
123  $publicKey = substr($value, 8);
124 
125  $keyPair->setExponent(self::DEFAULT_EXPONENT);
126  $keyPair->setPrivateKey($privateKey);
127  $keyPair->setPublicKey($publicKey);
128  }
129  } else {
130  $keyPair = null;
131  }
132 
133  @unlink($privateKeyFile);
134  return $keyPair;
135  }
136 
143  public function ‪decrypt($privateKey, $data)
144  {
145  // Key must be put to the file
146  $privateKeyFile = tempnam($this->temporaryDirectory, ‪StringUtility::getUniqueId());
147  file_put_contents($privateKeyFile, $privateKey);
148  $dataFile = tempnam($this->temporaryDirectory, ‪StringUtility::getUniqueId());
149  file_put_contents($dataFile, base64_decode($data));
150  // Prepare the command
151  $command = $this->opensslPath . ' rsautl -inkey ' . escapeshellarg($privateKeyFile) . ' -in ' . escapeshellarg($dataFile) . ' -decrypt';
152  // Execute the command and capture the result
153  ‪$output = [];
155  // Remove the file
156  @unlink($privateKeyFile);
157  @unlink($dataFile);
158  return implode(LF, ‪$output);
159  }
160 
168  public function ‪isAvailable()
169  {
170  $result = false;
171  if ($this->opensslPath) {
172  // If path exists, test that command runs and can produce output
173  $test = ‪CommandUtility::exec($this->opensslPath . ' version');
174  $result = strpos($test, 'OpenSSL ') === 0;
175  }
176  return $result;
177  }
178 }
‪TYPO3\CMS\Rsaauth\Backend\AbstractBackend
Definition: AbstractBackend.php:35
‪TYPO3\CMS\Core\Configuration\ExtensionConfiguration
Definition: ExtensionConfiguration.php:42
‪TYPO3
‪TYPO3\CMS\Core\Core\Environment\isWindows
‪static bool isWindows()
Definition: Environment.php:266
‪TYPO3\CMS\Rsaauth\Backend\CommandLineBackend\__wakeup
‪__wakeup()
Definition: CommandLineBackend.php:68
‪TYPO3\CMS\Core\Utility\CommandUtility\exec
‪static string exec($command, &$output=null, &$returnValue=0)
Definition: CommandUtility.php:80
‪TYPO3\CMS\Rsaauth\Backend\CommandLineBackend\$temporaryDirectory
‪string $temporaryDirectory
Definition: CommandLineBackend.php:47
‪$output
‪$output
Definition: annotationChecker.php:113
‪TYPO3\CMS\Core\Utility\StringUtility\getUniqueId
‪static string getUniqueId($prefix='')
Definition: StringUtility.php:91
‪TYPO3\CMS\Rsaauth\Backend\CommandLineBackend\DEFAULT_EXPONENT
‪const DEFAULT_EXPONENT
Definition: CommandLineBackend.php:33
‪TYPO3\CMS\Rsaauth\Backend\CommandLineBackend
Definition: CommandLineBackend.php:29
‪TYPO3\CMS\Core\Core\Environment
Definition: Environment.php:39
‪TYPO3\CMS\Rsaauth\Backend\CommandLineBackend\$opensslPath
‪string bool $opensslPath
Definition: CommandLineBackend.php:39
‪TYPO3\CMS\Rsaauth\Backend\CommandLineBackend\decrypt
‪string decrypt($privateKey, $data)
Definition: CommandLineBackend.php:141
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:45
‪TYPO3\CMS\Rsaauth\Backend\CommandLineBackend\__construct
‪__construct()
Definition: CommandLineBackend.php:53
‪TYPO3\CMS\Core\Utility\StringUtility
Definition: StringUtility.php:21
‪TYPO3\CMS\Core\Utility\CommandUtility
Definition: CommandUtility.php:48
‪TYPO3\CMS\Rsaauth\Backend
Definition: AbstractBackend.php:2
‪TYPO3\CMS\Rsaauth\Backend\CommandLineBackend\createNewKeyPair
‪TYPO3 CMS Rsaauth Keypair null createNewKeyPair()
Definition: CommandLineBackend.php:87
‪TYPO3\CMS\Core\Core\Environment\getVarPath
‪static string getVarPath()
Definition: Environment.php:165
‪TYPO3\CMS\Core\Utility\CommandUtility\getCommand
‪static mixed getCommand($cmd, $handler='', $handlerOpt='')
Definition: CommandUtility.php:231
‪TYPO3\CMS\Rsaauth\Backend\CommandLineBackend\isAvailable
‪bool isAvailable()
Definition: CommandLineBackend.php:166