From 53c8391e9691ac9eb92adf5b80436f5065944a1f Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Thu, 17 Nov 2016 17:35:43 +0100
Subject: Add private

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
---
 lib/private/Security/IdentityProof/Key.php     | 46 +++++++++++++
 lib/private/Security/IdentityProof/Manager.php | 90 ++++++++++++++++++++++++++
 2 files changed, 136 insertions(+)
 create mode 100644 lib/private/Security/IdentityProof/Key.php
 create mode 100644 lib/private/Security/IdentityProof/Manager.php

(limited to 'lib/private/Security')

diff --git a/lib/private/Security/IdentityProof/Key.php b/lib/private/Security/IdentityProof/Key.php
new file mode 100644
index 00000000000..9739a9571bb
--- /dev/null
+++ b/lib/private/Security/IdentityProof/Key.php
@@ -0,0 +1,46 @@
+<?php
+/**
+ * @copyright Copyright (c) 2016 Lukas Reschke <lukas@statuscode.ch>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Security\IdentityProof;
+
+class Key {
+	/** @var string */
+	private $publicKey;
+	/** @var string */
+	private $privateKey;
+
+	/**
+	 * @param string $publicKey
+	 * @param string $privateKey
+	 */
+	public function __construct($publicKey, $privateKey) {
+		$this->publicKey = $publicKey;
+		$this->privateKey = $privateKey;
+	}
+
+	public function getPrivate() {
+		return $this->privateKey;
+	}
+
+	public function getPublic() {
+		return $this->publicKey;
+	}
+}
diff --git a/lib/private/Security/IdentityProof/Manager.php b/lib/private/Security/IdentityProof/Manager.php
new file mode 100644
index 00000000000..b3dba5f278f
--- /dev/null
+++ b/lib/private/Security/IdentityProof/Manager.php
@@ -0,0 +1,90 @@
+<?php
+/**
+ * @copyright Copyright (c) 2016 Lukas Reschke <lukas@statuscode.ch>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Security\IdentityProof;
+
+use OCP\Files\IAppData;
+use OCP\Files\SimpleFS\ISimpleFolder;
+use OCP\IUser;
+use OCP\Security\ICrypto;
+
+class Manager {
+	/** @var ISimpleFolder */
+	private $folder;
+	/** @var ICrypto */
+	private $crypto;
+
+	/**
+	 * @param IAppData $appData
+	 * @param ICrypto $crypto
+	 */
+	public function __construct(IAppData $appData,
+								ICrypto $crypto) {
+		$this->folder = $appData->getFolder('identityproof');
+		$this->crypto = $crypto;
+	}
+
+	/**
+	 * Generate a key for $user
+	 * Note: If a key already exists it will be overwritten
+	 *
+	 * @param IUser $user
+	 * @return Key
+	 */
+	public function generateKey(IUser $user) {
+		$config = [
+			'digest_alg' => 'sha512',
+			'private_key_bits' => 2048,
+		];
+
+		// Generate new key
+		$res = openssl_pkey_new($config);
+		openssl_pkey_export($res, $privateKey);
+
+		// Extract the public key from $res to $pubKey
+		$publicKey = openssl_pkey_get_details($res);
+		$publicKey = $publicKey['key'];
+
+		// Write the private and public key to the disk
+		$this->folder->newFile($user->getUID() . '.private')
+			->putContent($this->crypto->encrypt($privateKey));
+		$this->folder->newFile($user->getUID() . '.public')
+			->putContent($publicKey);
+
+		return new Key($publicKey, $privateKey);
+	}
+
+	/**
+	 * Get public and private key for $user
+	 *
+	 * @param IUser $user
+	 * @return Key
+	 */
+	public function getKey(IUser $user) {
+		try {
+			$privateKey = $this->crypto->decrypt($this->folder->getFile($user->getUID() . '.private')->getContent());
+			$publicKey = $this->folder->getFile($user->getUID() . '.public')->getContent();
+			return new Key($publicKey, $privateKey);
+		} catch (\Exception $e) {
+			return $this->generateKey($user);
+		}
+	}
+}
-- 
cgit v1.2.3