CWIS Developer Documentation
SPTUser.php
Go to the documentation of this file.
1 <?PHP
2 
3 #
4 # FILE: SPT--SPTUser.php
5 #
6 # Part of the Collection Workflow Integration System (CWIS)
7 # Copyright 2004-2013 Edward Almasy and Internet Scout Research Group
8 # http://scout.wisc.edu/cwis/
9 #
10 
11 class SPTUser extends CWUser {
12 
13  # ---- PUBLIC INTERFACE --------------------------------------------------
14 
15  # object constructor
16  function SPTUser($UserInfo = NULL)
17  {
18  # call parent constructor
19  $this->User($UserInfo);
20  }
21 
31  static function GetCryptKey()
32  {
33  $DB = new Database();
34 
35  # Clear all keys more than two days old
36  $DB->Query("DELETE FROM LoginKeys WHERE NOW() - CreationTime > 172800");
37  $DB->Query("DELETE FROM UsedLoginTokens WHERE NOW()-KeyCTime > 172800");
38 
39  # Get the most recently generated key
40  $DB->Query("SELECT NOW()-CreationTime as Age,"
41  ."KeyPair FROM LoginKeys "
42  ."ORDER BY Age ASC LIMIT 1");
43  $Row = $DB->FetchRow();
44 
45  # If there is no key in the database, or the key is too old
46  if ( ($Row===FALSE) || ($Row["Age"]>=86400) )
47  {
48  # Generate a new OpenSSL format keypair
49  $KeyPair = openssl_pkey_new(
50  array(
51  'private_key_bits' => 512, # Make this a Sysadmin pref later?
52  'private_key_type' => OPENSSL_KEYTYPE_RSA
53  ));
54 
55  # Serialize it for storage
56  openssl_pkey_export($KeyPair, $KeyPairDBFormat);
57 
58  # And stick it into the database
59  $DB->Query("INSERT INTO LoginKeys "
60  ."(KeyPair, CreationTime) VALUES ("
61  ."\"".addslashes($KeyPairDBFormat)."\","
62  ."NOW())");
63  }
64  else
65  {
66  # If we do have a current key in the database,
67  # Convert it to openssl format for usage
68  $KeyPair = openssl_pkey_get_private( $Row["KeyPair"] );
69  }
70 
71  return $KeyPair;
72  }
73 
80  static function ExtractPubKeyParameters($KeyPair)
81  {
82  # Export the keypair as an ASCII signing request (which contains the data we want)
83  openssl_csr_export(openssl_csr_new(array(), $KeyPair), $Export, FALSE);
84 
85  $Modulus = "";
86  $Exponent = "";
87 
88  $Patterns = array(
89  '/Modulus \([0-9]+ bit\):(.*)Exponent: [0-9]+ \(0x([0-9a-f]+)\)/ms',
90  '/Public-Key: \([0-9]+ bit\).*Modulus:(.*)Exponent: [0-9]+ \(0x([0-9a-f]+)\)/ms',
91  );
92 
93  foreach ($Patterns as $Pattern)
94  {
95  if (preg_match($Pattern, $Export, $Matches))
96  {
97  $Modulus = $Matches[1];
98  $Exponent = $Matches[2];
99  break;
100  }
101  }
102 
103  # Clean newlines and whitespace out of the modulus
104  $Modulus = preg_replace("/[^0-9a-f]/", "", $Modulus);
105 
106  # Return key material
107  return array( "Modulus" => $Modulus, "Exponent" => $Exponent );
108  }
109 
110 }
SQL database abstraction object with smart query caching.
static ExtractPubKeyParameters($KeyPair)
Extract the modulus and exponent of the public key from an OpenSSL format keypair to send in login fo...
Definition: SPTUser.php:80
User($UserInfoOne=NULL, $UserInfoTwo=NULL)
Definition: Axis--User.php:47
PHP
Definition: OAIClient.php:39
SPTUser($UserInfo=NULL)
Definition: SPTUser.php:16
static GetCryptKey()
Get/generate a cryptographic keypair for user login.
Definition: SPTUser.php:31
CWIS-specific user class.
Definition: CWUser.php:13