\r
$return = false;\r
\r
- $res = \OCA\Encryption\Helper::getOpenSSLPkey();\r
- $res = openssl_pkey_new(array('private_key_bits' => 4096));\r
+ $res = Helper::getOpenSSLPkey();\r
\r
if ($res === false) {\r
\OCP\Util::writeLog('Encryption library', 'couldn\'t generate users key-pair for ' . \OCP\User::getUser(), \OCP\Util::ERROR);\r
while ($msg = openssl_error_string()) {\r
\OCP\Util::writeLog('Encryption library', 'openssl_pkey_new() fails: ' . $msg, \OCP\Util::ERROR);\r
}\r
- } elseif (openssl_pkey_export($res, $privateKey)) {\r
+ } elseif (openssl_pkey_export($res, $privateKey, null, Helper::getOpenSSLConfig())) {\r
// Get public key\r
$keyDetails = openssl_pkey_get_details($res);\r
$publicKey = $keyDetails['key'];\r
);\r
} else {\r
\OCP\Util::writeLog('Encryption library', 'couldn\'t export users private key, please check your servers openSSL configuration.' . \OCP\User::getUser(), \OCP\Util::ERROR);\r
- \OCP\Util::writeLog('Encryption library', openssl_error_string(), \OCP\Util::ERROR);\r
+ while($errMsg = openssl_error_string()) {\r
+ \OCP\Util::writeLog('Encryption library', $errMsg, \OCP\Util::ERROR);\r
+ }\r
}\r
\r
return $return;\r
* @return resource The pkey resource created
*/
public static function getOpenSSLPkey() {
+ static $res = null;
+ if (is_null($res)) {
+ $res = openssl_pkey_new(self::getOpenSSLConfig());
+ }
+ return $res;
+ }
+
+ /**
+ * Return an array of OpenSSL config options, default + config
+ * Used for multiple OpenSSL functions
+ * @return array The combined defaults and config settings
+ */
+ public static function getOpenSSLConfig() {
$config = array('private_key_bits' => 4096);
- $config = array_merge(\OCP\Config::getSystemValue('openssl'), $config);
- return openssl_pkey_new($config);
+ $config = array_merge(\OCP\Config::getSystemValue('openssl', array()), $config);
+ return $config;
}
/**
// Extra SSL options to be used for configuration
'openssl' => array(
- //'config' => '/path/to/openssl.cnf',
+ //'config' => '/absolute/location/of/openssl.cnf',
),
);