PHP Civi\Cxn\Rpc AesHelper示例

示例#1

文件： RegistrationMessage.php 项目： riyadennis/my_civicrm

 /**
  * @param AppStoreInterface $appStore
  * @param string $blob
  * @return array
  *   Decoded data.
  */
 public static function decode($appStore, $blob)
 {
     $parts = explode(Constants::PROTOCOL_DELIM, $blob, 5);
     if (count($parts) != 5) {
         throw new InvalidMessageException('Invalid message: insufficient parameters');
     }
     list($wireProt, $wireAppId, $rsaCiphertextB64, $signature, $body) = $parts;
     if ($wireProt !== self::NAME) {
         throw new InvalidMessageException('Invalid message: wrong protocol name');
     }
     $appPrivKey = $appStore->getPrivateKey($wireAppId);
     if (!$appPrivKey) {
         throw new InvalidMessageException('Received message intended for unknown app.');
     }
     $rsaCiphertext = base64_decode($rsaCiphertextB64);
     if (strlen($rsaCiphertext) !== Constants::RSA_MSG_BYTES) {
         throw new InvalidMessageException("RSA ciphertext has incorrect length");
     }
     $secret = UserError::adapt('Civi\\Cxn\\Rpc\\Exception\\InvalidMessageException', function () use($rsaCiphertext, $appPrivKey) {
         return RegistrationMessage::getRsa($appPrivKey, 'private')->decrypt($rsaCiphertext);
     });
     if (empty($secret)) {
         throw new InvalidMessageException("Invalid message: decryption produced empty secret");
     }
     $plaintext = AesHelper::authenticateThenDecrypt($secret, $body, $signature);
     return json_decode($plaintext, TRUE);
 }

示例#2

文件： StdMessage.php 项目： riyadennis/my_civicrm

 /**
  * @param CxnStoreInterface $cxnStore
  *   A repository that contains shared secrets.
  * @param string $message
  *   Ciphertext.
  * @return static
  * @throws InvalidMessageException
  */
 public static function decode($cxnStore, $message)
 {
     list($parsedProt, $parsedCxnId, $parsedHmac, $parsedBody) = explode(Constants::PROTOCOL_DELIM, $message, 4);
     if ($parsedProt != self::NAME) {
         throw new InvalidMessageException('Incorrect coding. Expected: ' . self::NAME);
     }
     $cxn = $cxnStore->getByCxnId($parsedCxnId);
     if (empty($cxn)) {
         throw new InvalidMessageException('Unknown connection ID');
     }
     $jsonPlaintext = AesHelper::authenticateThenDecrypt($cxn['secret'], $parsedBody, $parsedHmac);
     return new StdMessage($parsedCxnId, $cxn['secret'], json_decode($jsonPlaintext, TRUE));
 }

示例#3

文件： AesHelper.php 项目： kidaa30/yes

 /**
  * Encrypt $plaintext with $secret, then date and sign the message.
  *
  * @param string $secret
  * @param string $plaintext
  * @return array
  *   Array(string $body, string $signature).
  *   Note that $body begins with an unencrypted envelope (ttl, iv).
  * @throws InvalidMessageException
  */
 public static function encryptThenSign($secret, $plaintext)
 {
     $iv = crypt_random_string(Constants::AES_BYTES);
     $keys = AesHelper::deriveAesKeys($secret);
     $cipher = new \Crypt_AES(CRYPT_AES_MODE_CBC);
     $cipher->setKeyLength(Constants::AES_BYTES);
     $cipher->setKey($keys['enc']);
     $cipher->setIV($iv);
     // JSON string; this will be signed but not encrypted
     $jsonEnvelope = json_encode(array('ttl' => Time::getTime() + Constants::REQUEST_TTL, 'iv' => BinHex::bin2hex($iv)));
     // JSON string; this will be signed and encrypted
     $jsonEncrypted = $cipher->encrypt($plaintext);
     $body = $jsonEnvelope . Constants::PROTOCOL_DELIM . $jsonEncrypted;
     $signature = hash_hmac('sha256', $body, $keys['auth']);
     return array($body, $signature);
 }

示例#4

文件： RegistrationClient.php 项目： riyadennis/my_civicrm

 /**
  * @param array $appMeta
  * @return array
  *   Array($cxnId, $isOk).
  */
 public function register($appMeta)
 {
     AppMeta::validate($appMeta);
     if ($this->certValidator) {
         $this->certValidator->validateCert($appMeta['appCert']);
     }
     $cxn = $this->cxnStore->getByAppId($appMeta['appId']);
     if (!$cxn) {
         $cxn = array('cxnId' => Cxn::createId(), 'secret' => AesHelper::createSecret(), 'appId' => $appMeta['appId']);
     }
     $cxn['appUrl'] = $appMeta['appUrl'];
     $cxn['siteUrl'] = $this->siteUrl;
     $cxn['perm'] = $appMeta['perm'];
     Cxn::validate($cxn);
     $this->cxnStore->add($cxn);
     list($respCode, $respData) = $this->doCall($appMeta, 'Cxn', 'register', array(), $cxn);
     $success = $respCode == 200 && $respData['is_error'] == 0;
     $this->log->info($success ? 'Registered cxnId={cxnId} ({appId}, {appUrl})' : 'Failed to register cxnId={cxnId} ({appId}, {appUrl})', array('cxnId' => $cxn['cxnId'], 'appId' => $cxn['appId'], 'appUrl' => $cxn['appUrl']));
     return array($cxn['cxnId'], $respData);
 }

示例#5

文件： RegistrationServerTest.php 项目： civicrm/civicrm-cxn-rpc

 public function invalidInputExamples()
 {
     $appKeyPair = KeyPair::create();
     $otherKeyPair = KeyPair::create();
     return array(array($appKeyPair, new InsecureMessage(array('sldjkfasdf'))), array($appKeyPair, new InsecureMessage(array('cxn' => array('abcd')))), array($appKeyPair, new StdMessage(Cxn::createId(), AesHelper::createSecret(), array('whatever'))), array($appKeyPair, new RegistrationMessage('app:org.civicrm.other', $appKeyPair['publickey'], array('whatever'))), array($appKeyPair, new RegistrationMessage(self::APP_ID, $otherKeyPair['publickey'], array('whatever'))));
 }