nextcloud_server/lib/private/Security/IdentityProof/Signer.php

<?php

declare(strict_types=1);

/**
 * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */
namespace OC\Security\IdentityProof;

use OCP\AppFramework\Utility\ITimeFactory;
use OCP\IUser;
use OCP\IUserManager;

class Signer {
	public function __construct(
		private Manager $keyManager,
		private ITimeFactory $timeFactory,
		private IUserManager $userManager,
	) {
	}

	/**
	 * Returns a signed blob for $data
	 *
	 * @return array ['message', 'signature']
	 */
	public function sign(string $type, array $data, IUser $user): array {
		$privateKey = $this->keyManager->getKey($user)->getPrivate();
		$data = [
			'data' => $data,
			'type' => $type,
			'signer' => $user->getCloudId(),
			'timestamp' => $this->timeFactory->getTime(),
		];
		openssl_sign(json_encode($data), $signature, $privateKey, OPENSSL_ALGO_SHA512);

		return [
			'message' => $data,
			'signature' => base64_encode($signature),
		];
	}

	/**
	 * Whether the data is signed properly
	 *
	 */
	public function verify(array $data): bool {
		if (isset($data['message']['signer'])
			&& isset($data['signature'])
		) {
			$location = strrpos($data['message']['signer'], '@');
			$userId = substr($data['message']['signer'], 0, $location);

			$user = $this->userManager->get($userId);
			if ($user !== null) {
				$key = $this->keyManager->getKey($user);
				return openssl_verify(
					json_encode($data['message']),
					base64_decode($data['signature']),
					$key->getPublic(),
					OPENSSL_ALGO_SHA512
				) === 1;
			}
		}

		return false;
	}
}
Add a signer class for signing Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2016-11-18 10:10:05 +01:00			`<?php`
Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at> 2019-12-03 19:57:53 +01:00
Make \OC\Security\IdentityProof strict Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> 2018-03-05 19:33:16 +01:00			`declare(strict_types=1);`
Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at> 2019-12-03 19:57:53 +01:00
Add a signer class for signing Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2016-11-18 10:10:05 +01:00			`/**`
chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de> 2024-05-23 09:26:56 +02:00			`* SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors`
			`* SPDX-License-Identifier: AGPL-3.0-or-later`
Add a signer class for signing Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2016-11-18 10:10:05 +01:00			`*/`
			`namespace OC\Security\IdentityProof;`

			`use OCP\AppFramework\Utility\ITimeFactory;`
			`use OCP\IUser;`
			`use OCP\IUserManager;`

			`class Signer {`
Refactors lib/private/Security. Mainly using PHP8's constructor property promotion. Signed-off-by: Faraz Samapoor <fsa@adlas.at> 2023-06-26 15:03:13 +03:30			`public function __construct(`
			`private Manager $keyManager,`
			`private ITimeFactory $timeFactory,`
			`private IUserManager $userManager,`
			`) {`
Add a signer class for signing Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2016-11-18 10:10:05 +01:00			`}`

			`/**`
			`* Returns a signed blob for $data`
			`*`
			`* @return array ['message', 'signature']`
			`*/`
Make \OC\Security\IdentityProof strict Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> 2018-03-05 19:33:16 +01:00			`public function sign(string $type, array $data, IUser $user): array {`
Add a signer class for signing Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2016-11-18 10:10:05 +01:00			`$privateKey = $this->keyManager->getKey($user)->getPrivate();`
			`$data = [`
			`'data' => $data,`
			`'type' => $type,`
			`'signer' => $user->getCloudId(),`
			`'timestamp' => $this->timeFactory->getTime(),`
			`];`
			`openssl_sign(json_encode($data), $signature, $privateKey, OPENSSL_ALGO_SHA512);`

			`return [`
			`'message' => $data,`
			`'signature' => base64_encode($signature),`
			`];`
			`}`

			`/**`
			`* Whether the data is signed properly`
			`*`
			`*/`
Make \OC\Security\IdentityProof strict Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> 2018-03-05 19:33:16 +01:00			`public function verify(array $data): bool {`
Refactors lib/private/Security. Mainly using PHP8's constructor property promotion. Signed-off-by: Faraz Samapoor <fsa@adlas.at> 2023-06-26 15:03:13 +03:30			`if (isset($data['message']['signer'])`
Add a signer class for signing Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2016-11-18 10:10:05 +01:00			`&& isset($data['signature'])`
			`) {`
Add Identityproof tests * Add tests for Key * Add tests for Manager * Add tests for Signer * Removed URLGenerator from Signer Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> 2016-11-22 14:53:09 +01:00			`$location = strrpos($data['message']['signer'], '@');`
			`$userId = substr($data['message']['signer'], 0, $location);`
Add a signer class for signing Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2016-11-18 10:10:05 +01:00
			`$user = $this->userManager->get($userId);`
			`if ($user !== null) {`
			`$key = $this->keyManager->getKey($user);`
fix: Correctly check result of function Signed-off-by: Joas Schilling <coding@schilljs.com> 2024-05-15 10:11:31 +02:00			`return openssl_verify(`
Add a signer class for signing Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2016-11-18 10:10:05 +01:00			`json_encode($data['message']),`
			`base64_decode($data['signature']),`
Add Identityproof tests * Add tests for Key * Add tests for Manager * Add tests for Signer * Removed URLGenerator from Signer Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> 2016-11-22 14:53:09 +01:00			`$key->getPublic(),`
			`OPENSSL_ALGO_SHA512`
fix: Correctly check result of function Signed-off-by: Joas Schilling <coding@schilljs.com> 2024-05-15 10:11:31 +02:00			`) === 1;`
Add a signer class for signing Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2016-11-18 10:10:05 +01:00			`}`
			`}`

			`return false;`
			`}`
			`}`
No results found.