diff options
| author | Bjoern Schiessle <bjoern@schiessle.org> | 2017-07-25 11:54:14 +0200 |
|---|---|---|
| committer | Roeland Jago Douma <roeland@famdouma.nl> | 2017-08-10 14:27:35 +0200 |
| commit | 9524badccc6fd1e9d423f8dd8316b32ea576863b (patch) | |
| tree | bc29bc207dc561d1132085d1cf547d1c0b1e60a6 /lib/private/Security | |
| parent | 073216e8278983abef6ac51d6e0a900f95af0024 (diff) | |
| download | nextcloud-server-9524badccc6fd1e9d423f8dd8316b32ea576863b.tar.gz nextcloud-server-9524badccc6fd1e9d423f8dd8316b32ea576863b.zip | |
extend the identity proof manager to allow system wide key pairs
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
Diffstat (limited to 'lib/private/Security')
| -rw-r--r-- | lib/private/Security/IdentityProof/Manager.php | 55 |
1 files changed, 44 insertions, 11 deletions
diff --git a/lib/private/Security/IdentityProof/Manager.php b/lib/private/Security/IdentityProof/Manager.php index 73edac5f747..a8c204c84b9 100644 --- a/lib/private/Security/IdentityProof/Manager.php +++ b/lib/private/Security/IdentityProof/Manager.php @@ -23,6 +23,7 @@ namespace OC\Security\IdentityProof; use OC\Files\AppData\Factory; use OCP\Files\IAppData; +use OCP\IConfig; use OCP\IUser; use OCP\Security\ICrypto; @@ -31,15 +32,21 @@ class Manager { private $appData; /** @var ICrypto */ private $crypto; + /** @var IConfig */ + private $config; /** * @param Factory $appDataFactory * @param ICrypto $crypto + * @param IConfig $config */ public function __construct(Factory $appDataFactory, - ICrypto $crypto) { + ICrypto $crypto, + IConfig $config + ) { $this->appData = $appDataFactory->get('identityproof'); $this->crypto = $crypto; + $this->config = $config; } /** @@ -66,20 +73,20 @@ class Manager { } /** - * Generate a key for $user + * Generate a key for a given ID * Note: If a key already exists it will be overwritten * - * @param IUser $user + * @param string $id key id * @return Key */ - protected function generateKey(IUser $user) { + protected function generateKey($id) { list($publicKey, $privateKey) = $this->generateKeyPair(); // Write the private and public key to the disk try { - $this->appData->newFolder($user->getUID()); + $this->appData->newFolder($id); } catch (\Exception $e) {} - $folder = $this->appData->getFolder($user->getUID()); + $folder = $this->appData->getFolder($id); $folder->newFile('private') ->putContent($this->crypto->encrypt($privateKey)); $folder->newFile('public') @@ -89,21 +96,47 @@ class Manager { } /** - * Get public and private key for $user + * Get key for a specific id * - * @param IUser $user + * @param string $id * @return Key */ - public function getKey(IUser $user) { + protected function retrieveKey($id) { try { - $folder = $this->appData->getFolder($user->getUID()); + $folder = $this->appData->getFolder($id); $privateKey = $this->crypto->decrypt( $folder->getFile('private')->getContent() ); $publicKey = $folder->getFile('public')->getContent(); return new Key($publicKey, $privateKey); } catch (\Exception $e) { - return $this->generateKey($user); + return $this->generateKey($id); + } + } + + /** + * Get public and private key for $user + * + * @param IUser $user + * @return Key + */ + public function getKey(IUser $user) { + return $this->retrieveKey($user->getUID()); + } + + /** + * Get instance wide public and private key + * + * @return Key + * @throws \RuntimeException + */ + public function getSystemKey() { + $instanceId = $this->config->getSystemValue('instanceid', null); + if ($instanceId === null) { + throw new \RuntimeException('no instance id!'); } + return $this->retrieveKey($instanceId); } + + } |