CWIS Developer Documentation
SPTUser.php
Go to the documentation of this file.
1 <?PHP
2 
3 #
4 # FILE: SPT--SPTUser.php
5 #
6 # Part of the Collection Workflow Integration System (CWIS)
7 # Copyright 2004-2013 Edward Almasy and Internet Scout Research Group
8 # http://scout.wisc.edu/cwis/
9 #
10 
11 class SPTUser extends CWUser {
12 
13  # ---- PUBLIC INTERFACE --------------------------------------------------
14 
15  # object constructor
16  function __construct($UserInfo = NULL)
17  {
18  # call parent constructor
19  $this->User($UserInfo);
20  }
21 
31  static function GetCryptKey()
32  {
33  $DB = new Database();
34 
35  # Clear all keys more than two days old
36  $DB->Query("DELETE FROM UsedLoginTokens WHERE NOW()-KeyCTime > 172800");
37 
38  $DB->Query("LOCK TABLES LoginKeys WRITE");
39  $DB->Query("DELETE FROM LoginKeys WHERE NOW() - CreationTime > 172800");
40 
41  # Get the most recently generated key
42  $DB->Query("SELECT NOW()-CreationTime as Age,"
43  ."KeyPair FROM LoginKeys "
44  ."ORDER BY Age ASC LIMIT 1");
45  $Row = $DB->FetchRow();
46 
47  # If there is no key in the database, or the key is too old
48  if ( ($Row===FALSE) || ($Row["Age"]>=86400) )
49  {
50  # Generate a new OpenSSL format keypair
51  $KeyPair = openssl_pkey_new(
52  array(
53  'private_key_bits' => 512, # Make this a Sysadmin pref later?
54  'private_key_type' => OPENSSL_KEYTYPE_RSA
55  ));
56 
57  # Serialize it for storage
58  openssl_pkey_export($KeyPair, $KeyPairDBFormat);
59 
60  # And stick it into the database
61  $DB->Query("INSERT INTO LoginKeys "
62  ."(KeyPair, CreationTime) VALUES ("
63  ."\"".addslashes($KeyPairDBFormat)."\","
64  ."NOW())");
65  }
66  else
67  {
68  # If we do have a current key in the database,
69  # Convert it to openssl format for usage
70  $KeyPair = openssl_pkey_get_private( $Row["KeyPair"] );
71  }
72  $DB->Query("UNLOCK TABLES");
73 
74  return $KeyPair;
75  }
76 
84  static function ExtractPubKeyParameters($KeyPair)
85  {
86  # Export the keypair as an ASCII signing request (which contains the data we want)
87  openssl_csr_export(openssl_csr_new(array(), $KeyPair), $Export, FALSE);
88 
89  $Modulus = "";
90  $Exponent = "";
91 
92  // @codingStandardsIgnoreStart
93  $Patterns = array(
94  '/Modulus \([0-9]+ bit\):(.*)Exponent: [0-9]+ \(0x([0-9a-f]+)\)/ms',
95  '/Public-Key: \([0-9]+ bit\).*Modulus:(.*)Exponent: [0-9]+ \(0x([0-9a-f]+)\)/ms',
96  );
97  // @codingStandardsIgnoreEnd
98 
99  foreach ($Patterns as $Pattern)
100  {
101  if (preg_match($Pattern, $Export, $Matches))
102  {
103  $Modulus = $Matches[1];
104  $Exponent = $Matches[2];
105  break;
106  }
107  }
108 
109  # Clean newlines and whitespace out of the modulus
110  $Modulus = preg_replace("/[^0-9a-f]/", "", $Modulus);
111 
112  # Return key material
113  return array( "Modulus" => $Modulus, "Exponent" => $Exponent );
114  }
115 
116 }
SQL database abstraction object with smart query caching.
static ExtractPubKeyParameters($KeyPair)
Extract the modulus and exponent of the public key from an OpenSSL format keypair to send in login fo...
Definition: SPTUser.php:84
User($UserInfoOne=NULL, $UserInfoTwo=NULL)
Definition: Axis--User.php:47
__construct($UserInfo=NULL)
Definition: SPTUser.php:16
static GetCryptKey()
Get/generate a cryptographic keypair for user login.
Definition: SPTUser.php:31
CWIS-specific user class.
Definition: CWUser.php:13