4 # FILE: SPT--SPTUser.php 6 # Part of the Collection Workflow Integration System (CWIS) 7 # Copyright 2004-2013 Edward Almasy and Internet Scout Research Group 8 # http://scout.wisc.edu/cwis/ 14 # ---- PUBLIC INTERFACE -------------------------------------------------- 29 # Clear all keys more than two days old 30 $DB->Query(
"DELETE FROM UsedLoginTokens WHERE NOW()-KeyCTime > 172800");
32 $DB->Query(
"LOCK TABLES LoginKeys WRITE");
33 $DB->Query(
"DELETE FROM LoginKeys WHERE NOW() - CreationTime > 172800");
35 # Get the most recently generated key 36 $DB->Query(
"SELECT NOW()-CreationTime as Age," 37 .
"KeyPair FROM LoginKeys " 38 .
"ORDER BY Age ASC LIMIT 1");
39 $Row =
$DB->FetchRow();
41 # If there is no key in the database, or the key is too old 42 if ( ($Row===FALSE) || ($Row[
"Age"]>=86400) )
44 # Generate a new OpenSSL format keypair 45 $KeyPair = openssl_pkey_new(
47 'private_key_bits' => 512, # Make
this a Sysadmin pref later?
48 'private_key_type' => OPENSSL_KEYTYPE_RSA ));
50 # Serialize it for storage 51 openssl_pkey_export($KeyPair, $KeyPairDBFormat);
53 # And stick it into the database 54 $DB->Query(
"INSERT INTO LoginKeys " 55 .
"(KeyPair, CreationTime) VALUES (" 56 .
"\"".addslashes($KeyPairDBFormat).
"\"," 61 # If we do have a current key in the database, 62 # Convert it to openssl format for usage 63 $KeyPair = openssl_pkey_get_private( $Row[
"KeyPair"] );
65 $DB->Query(
"UNLOCK TABLES");
79 # Export the keypair as an ASCII signing request (which contains the data we want) 80 openssl_csr_export(openssl_csr_new(array(), $KeyPair), $Export, FALSE);
87 '/Modulus \([0-9]+ bit\):(.*)Exponent: [0-9]+ \(0x([0-9a-f]+)\)/ms',
88 '/Public-Key: \([0-9]+ bit\).*Modulus:(.*)Exponent: [0-9]+ \(0x([0-9a-f]+)\)/ms',
92 foreach ($Patterns as $Pattern)
94 if (preg_match($Pattern, $Export, $Matches))
96 $Modulus = $Matches[1];
97 $Exponent = $Matches[2];
102 # Clean newlines and whitespace out of the modulus 103 $Modulus = preg_replace(
"/[^0-9a-f]/",
"", $Modulus);
105 # Return key material 106 return array(
"Modulus" => $Modulus,
"Exponent" => $Exponent );
SQL database abstraction object with smart query caching.
static ExtractPubKeyParameters($KeyPair)
Extract the modulus and exponent of the public key from an OpenSSL format keypair to send in login fo...
static GetCryptKey()
Get/generate a cryptographic keypair for user login.
CWIS-specific user class.