Resources/Documents/_php_backend_8php_source.html

<?php

namespace TYPO3\CMS\Rsaauth\Backend;


/*

 * This file is part of the TYPO3 CMS project.

 *

 * It is free software; you can redistribute it and/or modify it under

 * the terms of the GNU General Public License, either version 2

 * of the License, or any later version.

 *

 * For the full copyright and license information, please read the

 * LICENSE.txt file that was distributed with this source code.

 *

 * The TYPO3 project - inspiring people to share!

 */


class PhpBackend extends AbstractBackend

{

    public function createNewKeyPair()

    {

        $keyPair = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(\TYPO3\CMS\Rsaauth\Keypair::class);

        if ($keyPair->isReady()) {

            return $keyPair;

        }


        $privateKey = @openssl_pkey_new();

        if ($privateKey !== false) {

            // Create private key as string

            $privateKeyStr = '';

            openssl_pkey_export($privateKey, $privateKeyStr);

            // Prepare public key information

            $exportedData = '';

            $csr = openssl_csr_new(array(

                'localityName' => 'foo',

                'organizationName' => 'bar',

            ), $privateKey);

            openssl_csr_export($csr, $exportedData, false);

            // Get public key (in fact modulus) and exponent

            $publicKey = $this->extractPublicKeyModulus($exportedData);

            $exponent = $this->extractExponent($exportedData);


            $keyPair->setExponent($exponent);

            $keyPair->setPrivateKey($privateKeyStr);

            $keyPair->setPublicKey($publicKey);

            // Clean up all resources

            openssl_free_key($privateKey);

        } else {

            $keyPair = null;

        }


        return $keyPair;

    }


    public function decrypt($privateKey, $data)

    {

        $result = '';

        if (!@openssl_private_decrypt(base64_decode($data), $result, $privateKey)) {

            $result = null;

        }

        return $result;

    }


    public function isAvailable()

    {

        $result = false;

        if (is_callable('openssl_pkey_new')) {

            // PHP extension has to be configured properly. It

            // can be installed and available but will not work unless

            // properly configured. So we check if it works.

            $testKey = @openssl_pkey_new();

            if (is_resource($testKey)) {

                openssl_free_key($testKey);

                $result = true;

            }

        }

        return $result;

    }


    protected function extractExponent($data)

    {

        $index = strpos($data, 'Exponent: ');

        // We do not check for '$index === FALSE' because the exponent is

        // always there!

        return (int)substr($data, $index + 10);

    }


    protected function extractPublicKeyModulus($data)

    {

        $fragment = preg_replace('/.*Modulus.*?\\n(.*)Exponent:.*/ms', '\\1', $data);

        $fragment = preg_replace('/[\\s\\n\\r:]/', '', $fragment);

        return trim(strtoupper(substr($fragment, 2)));

    }

}