From: Lukas Reschke Date: Thu, 17 Nov 2016 16:35:43 +0000 (+0100) Subject: Add private X-Git-Tag: v11.0RC2~191^2~24 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=53c8391e9691ac9eb92adf5b80436f5065944a1f;p=nextcloud-server.git Add private Signed-off-by: Lukas Reschke --- diff --git a/lib/private/Security/IdentityProof/Key.php b/lib/private/Security/IdentityProof/Key.php new file mode 100644 index 00000000000..9739a9571bb --- /dev/null +++ b/lib/private/Security/IdentityProof/Key.php @@ -0,0 +1,46 @@ + + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OC\Security\IdentityProof; + +class Key { + /** @var string */ + private $publicKey; + /** @var string */ + private $privateKey; + + /** + * @param string $publicKey + * @param string $privateKey + */ + public function __construct($publicKey, $privateKey) { + $this->publicKey = $publicKey; + $this->privateKey = $privateKey; + } + + public function getPrivate() { + return $this->privateKey; + } + + public function getPublic() { + return $this->publicKey; + } +} diff --git a/lib/private/Security/IdentityProof/Manager.php b/lib/private/Security/IdentityProof/Manager.php new file mode 100644 index 00000000000..b3dba5f278f --- /dev/null +++ b/lib/private/Security/IdentityProof/Manager.php @@ -0,0 +1,90 @@ + + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OC\Security\IdentityProof; + +use OCP\Files\IAppData; +use OCP\Files\SimpleFS\ISimpleFolder; +use OCP\IUser; +use OCP\Security\ICrypto; + +class Manager { + /** @var ISimpleFolder */ + private $folder; + /** @var ICrypto */ + private $crypto; + + /** + * @param IAppData $appData + * @param ICrypto $crypto + */ + public function __construct(IAppData $appData, + ICrypto $crypto) { + $this->folder = $appData->getFolder('identityproof'); + $this->crypto = $crypto; + } + + /** + * Generate a key for $user + * Note: If a key already exists it will be overwritten + * + * @param IUser $user + * @return Key + */ + public function generateKey(IUser $user) { + $config = [ + 'digest_alg' => 'sha512', + 'private_key_bits' => 2048, + ]; + + // Generate new key + $res = openssl_pkey_new($config); + openssl_pkey_export($res, $privateKey); + + // Extract the public key from $res to $pubKey + $publicKey = openssl_pkey_get_details($res); + $publicKey = $publicKey['key']; + + // Write the private and public key to the disk + $this->folder->newFile($user->getUID() . '.private') + ->putContent($this->crypto->encrypt($privateKey)); + $this->folder->newFile($user->getUID() . '.public') + ->putContent($publicKey); + + return new Key($publicKey, $privateKey); + } + + /** + * Get public and private key for $user + * + * @param IUser $user + * @return Key + */ + public function getKey(IUser $user) { + try { + $privateKey = $this->crypto->decrypt($this->folder->getFile($user->getUID() . '.private')->getContent()); + $publicKey = $this->folder->getFile($user->getUID() . '.public')->getContent(); + return new Key($publicKey, $privateKey); + } catch (\Exception $e) { + return $this->generateKey($user); + } + } +}