1 | <?php |
||||
2 | /** |
||||
3 | * sysPass |
||||
4 | * |
||||
5 | * @author nuxsmin |
||||
6 | * @link https://syspass.org |
||||
7 | * @copyright 2012-2019, Rubén Domínguez nuxsmin@$syspass.org |
||||
8 | * |
||||
9 | * This file is part of sysPass. |
||||
10 | * |
||||
11 | * sysPass is free software: you can redistribute it and/or modify |
||||
12 | * it under the terms of the GNU General Public License as published by |
||||
13 | * the Free Software Foundation, either version 3 of the License, or |
||||
14 | * (at your option) any later version. |
||||
15 | * |
||||
16 | * sysPass is distributed in the hope that it will be useful, |
||||
17 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
18 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
19 | * GNU General Public License for more details. |
||||
20 | * |
||||
21 | * You should have received a copy of the GNU General Public License |
||||
22 | * along with sysPass. If not, see <http://www.gnu.org/licenses/>. |
||||
23 | */ |
||||
24 | |||||
25 | namespace SP\Core\Crypt; |
||||
26 | |||||
27 | defined('APP_ROOT') || die(); |
||||
28 | |||||
29 | use phpseclib\Crypt\RSA; |
||||
30 | use SP\Core\Exceptions\SPException; |
||||
31 | use SP\Storage\File\FileException; |
||||
32 | use SP\Storage\File\FileHandler; |
||||
33 | |||||
34 | /** |
||||
35 | * Class CryptPKI para el manejo de las funciones para PKI |
||||
36 | * |
||||
37 | * @package SP |
||||
38 | */ |
||||
39 | final class CryptPKI |
||||
40 | { |
||||
41 | const KEY_SIZE = 1024; |
||||
42 | const PUBLIC_KEY_FILE = CONFIG_PATH . DIRECTORY_SEPARATOR . 'pubkey.pem'; |
||||
43 | const PRIVATE_KEY_FILE = CONFIG_PATH . DIRECTORY_SEPARATOR . 'key.pem'; |
||||
44 | |||||
45 | /** |
||||
46 | * @var RSA |
||||
47 | */ |
||||
48 | protected $rsa; |
||||
49 | /** |
||||
50 | * @var FileHandler |
||||
51 | */ |
||||
52 | private $publicKeyFile; |
||||
53 | /** |
||||
54 | * @var FileHandler |
||||
55 | */ |
||||
56 | private $privateKeyFile; |
||||
57 | |||||
58 | /** |
||||
59 | * @param RSA $rsa |
||||
60 | * |
||||
61 | * @throws SPException |
||||
62 | */ |
||||
63 | public function __construct(RSA $rsa) |
||||
64 | { |
||||
65 | $this->rsa = $rsa; |
||||
66 | |||||
67 | $this->setUp(); |
||||
68 | } |
||||
69 | |||||
70 | /** |
||||
71 | * Check if private and public keys exist |
||||
72 | * |
||||
73 | * @return void |
||||
74 | * @throws SPException |
||||
75 | */ |
||||
76 | private function setUp() |
||||
77 | { |
||||
78 | $this->publicKeyFile = new FileHandler(self::PUBLIC_KEY_FILE); |
||||
79 | $this->privateKeyFile = new FileHandler(self::PRIVATE_KEY_FILE); |
||||
80 | |||||
81 | try { |
||||
82 | $this->publicKeyFile->checkFileExists(); |
||||
83 | $this->privateKeyFile->checkFileExists(); |
||||
84 | } catch (FileException $e) { |
||||
85 | processException($e); |
||||
86 | |||||
87 | $this->createKeys(); |
||||
88 | } |
||||
89 | } |
||||
90 | |||||
91 | /** |
||||
92 | * Crea el par de claves pública y privada |
||||
93 | * |
||||
94 | * @throws FileException |
||||
95 | */ |
||||
96 | public function createKeys() |
||||
97 | { |
||||
98 | $keys = $this->rsa->createKey(self::KEY_SIZE); |
||||
99 | |||||
100 | $this->publicKeyFile->save($keys['publickey']); |
||||
101 | $this->privateKeyFile->save($keys['privatekey']); |
||||
102 | |||||
103 | chmod(CryptPKI::PRIVATE_KEY_FILE, 0600); |
||||
104 | } |
||||
105 | |||||
106 | /** |
||||
107 | * @return int |
||||
108 | */ |
||||
109 | public static function getMaxDataSize() |
||||
110 | { |
||||
111 | return (self::KEY_SIZE / 8) - 11; |
||||
112 | } |
||||
113 | |||||
114 | /** |
||||
115 | * Encriptar datos con la clave pública |
||||
116 | * |
||||
117 | * @param string $data los datos a encriptar |
||||
118 | * |
||||
119 | * @return string |
||||
120 | * @throws FileException |
||||
121 | */ |
||||
122 | public function encryptRSA($data) |
||||
123 | { |
||||
124 | $this->rsa->setEncryptionMode(RSA::ENCRYPTION_PKCS1); |
||||
125 | $this->rsa->loadKey($this->getPublicKey(), RSA::PUBLIC_FORMAT_PKCS1); |
||||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||||
126 | |||||
127 | return $this->rsa->encrypt($data); |
||||
128 | } |
||||
129 | |||||
130 | /** |
||||
131 | * Devuelve la clave pública desde el archivo |
||||
132 | * |
||||
133 | * @return string |
||||
134 | * @throws FileException |
||||
135 | */ |
||||
136 | public function getPublicKey() |
||||
137 | { |
||||
138 | return $this->publicKeyFile |
||||
139 | ->checkFileExists() |
||||
140 | ->readToString(); |
||||
141 | } |
||||
142 | |||||
143 | /** |
||||
144 | * Desencriptar datos cifrados con la clave pública |
||||
145 | * |
||||
146 | * @param string $data los datos a desencriptar |
||||
147 | * |
||||
148 | * @return string |
||||
149 | * @throws FileException |
||||
150 | */ |
||||
151 | public function decryptRSA($data) |
||||
152 | { |
||||
153 | $this->rsa->setEncryptionMode(RSA::ENCRYPTION_PKCS1); |
||||
154 | $this->rsa->loadKey($this->getPrivateKey(), RSA::PRIVATE_FORMAT_PKCS1); |
||||
0 ignored issues
–
show
phpseclib\Crypt\RSA::PRIVATE_FORMAT_PKCS1 of type integer is incompatible with the type boolean expected by parameter $type of phpseclib\Crypt\RSA::loadKey() .
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||
155 | |||||
156 | return @$this->rsa->decrypt($data); |
||||
157 | } |
||||
158 | |||||
159 | /** |
||||
160 | * Devuelve la clave privada desde el archivo |
||||
161 | * |
||||
162 | * @return string |
||||
163 | * @throws FileException |
||||
164 | */ |
||||
165 | public function getPrivateKey() |
||||
166 | { |
||||
167 | return $this->privateKeyFile |
||||
168 | ->checkFileExists() |
||||
169 | ->readToString(); |
||||
170 | } |
||||
171 | |||||
172 | /** |
||||
173 | * @return int |
||||
174 | * @throws FileException |
||||
175 | */ |
||||
176 | public function getKeySize() |
||||
177 | { |
||||
178 | $this->rsa->setEncryptionMode(RSA::ENCRYPTION_PKCS1); |
||||
179 | $this->rsa->loadKey($this->getPrivateKey(), RSA::PRIVATE_FORMAT_PKCS1); |
||||
0 ignored issues
–
show
phpseclib\Crypt\RSA::PRIVATE_FORMAT_PKCS1 of type integer is incompatible with the type boolean expected by parameter $type of phpseclib\Crypt\RSA::loadKey() .
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||
180 | |||||
181 | return $this->rsa->getSize(); |
||||
182 | } |
||||
183 | } |