TYPO3 CMS  TYPO3_6-2
CommandLineBackend.php
Go to the documentation of this file.
1 <?php
3 
18 
30  const DEFAULT_EXPONENT = 65537;
31 
37  protected $opensslPath;
38 
47 
52  public function __construct() {
53  $this->opensslPath = \TYPO3\CMS\Core\Utility\CommandUtility::getCommand('openssl');
54  $this->temporaryDirectory = PATH_site . 'typo3temp';
55  // Get temporary directory from the configuration
56  $extconf = unserialize($GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['rsaauth']);
57  if ($extconf['temporaryDirectory'] != '' && $extconf['temporaryDirectory'][0] == '/' && @is_dir($extconf['temporaryDirectory']) && is_writable($extconf['temporaryDirectory'])) {
58  $this->temporaryDirectory = $extconf['temporaryDirectory'];
59  }
60  }
61 
70  public function createNewKeyPair() {
72  $keyPair = GeneralUtility::makeInstance('TYPO3\\CMS\\Rsaauth\\Keypair');
73  if ($keyPair->isReady()) {
74  return $keyPair;
75  }
76 
77  if ($this->opensslPath === FALSE) {
78  return NULL;
79  }
80 
81  // Create a temporary file. Security: tempnam() sets permissions to 0600
82  $privateKeyFile = tempnam($this->temporaryDirectory, uniqid('', TRUE));
83 
84  // Generate the private key.
85  //
86  // PHP generates 1024 bit key files. We force command line version
87  // to do the same and use the F4 (0x10001) exponent. This is the most
88  // secure.
89  $command = $this->opensslPath . ' genrsa -out ' . escapeshellarg($privateKeyFile) . ' 1024';
90  if (TYPO3_OS === 'WIN') {
91  $command .= ' 2>NUL';
92  } else {
93  $command .= ' 2>/dev/null';
94  }
96  // Test that we got a private key
97  $privateKey = file_get_contents($privateKeyFile);
98  if (FALSE !== strpos($privateKey, 'BEGIN RSA PRIVATE KEY')) {
99  // Ok, we got the private key. Get the modulus.
100  $command = $this->opensslPath . ' rsa -noout -modulus -in ' . escapeshellarg($privateKeyFile);
102  if (substr($value, 0, 8) === 'Modulus=') {
103  $publicKey = substr($value, 8);
104 
105  $keyPair->setExponent(self::DEFAULT_EXPONENT);
106  $keyPair->setPrivateKey($privateKey);
107  $keyPair->setPublicKey($publicKey);
108  }
109  } else {
110  $keyPair = NULL;
111  }
112 
113  @unlink($privateKeyFile);
114  return $keyPair;
115  }
116 
123  public function decrypt($privateKey, $data) {
124  // Key must be put to the file
125  $privateKeyFile = tempnam($this->temporaryDirectory, uniqid('', TRUE));
126  file_put_contents($privateKeyFile, $privateKey);
127  $dataFile = tempnam($this->temporaryDirectory, uniqid('', TRUE));
128  file_put_contents($dataFile, base64_decode($data));
129  // Prepare the command
130  $command = $this->opensslPath . ' rsautl -inkey ' . escapeshellarg($privateKeyFile) . ' -in ' . escapeshellarg($dataFile) . ' -decrypt';
131  // Execute the command and capture the result
132  $output = array();
134  // Remove the file
135  @unlink($privateKeyFile);
136  @unlink($dataFile);
137  return implode(LF, $output);
138  }
139 
147  public function isAvailable() {
148  $result = FALSE;
149  if ($this->opensslPath) {
150  // If path exists, test that command runs and can produce output
151  $test = \TYPO3\CMS\Core\Utility\CommandUtility::exec($this->opensslPath . ' version');
152  $result = substr($test, 0, 8) == 'OpenSSL ';
153  }
154  return $result;
155  }
156 
157 }
static getCommand($cmd, $handler='', $handlerOpt='')
if($list_of_literals) if(!empty($literals)) if(!empty($literals)) $result
Analyse literals to prepend the N char to them if their contents aren&#39;t numeric.
if(!defined('TYPO3_MODE')) $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['logoff_pre_processing'][]
static exec($command, &$output=NULL, &$returnValue=0)