function initKeys()
{
- $d = $this->storedir;
+ // return false when fail
+
+ $dir = $this->getKeyDirectory();
if(
- file_exists("{$d}/pub.key") ||
- file_exists("{$d}/pri.key")
+ file_exists("{$dir}/pub.key") ||
+ file_exists("{$dir}/pri.key")
){
return;
}
$pub_key = openssl_pkey_get_details($ssl);
$pub_key = $pub_key["key"];
- file_put_contents("{$d}/pub.key",$pub_key);
- file_put_contents("{$d}/pri.key",$pri_key);
+ file_put_contents("{$dir}/pub.key",$pub_key);
+ file_put_contents("{$dir}/pri.key",$pri_key);
}
- function getSetting($m,$n)
+ function lookup($m,$n)
{
$s = DB_DataObject::factory('core_setting');
$s->setFrom(array(
function beforeInsert($q, $roo)
{
exit;
-
- return;
}
- function initSetting($a, $dir)
+ function getKeyDirectory()
+ {
+ $client_dir = HTML_FlexyFramework::get()->Pman['storedir'];
+ $key_dir = $client_dir.'/keys';
+ if(!file_exists($key_dir)) {
+ $this->checkWritable(get_class($this),__FUNCTION__,$client_dir);
+ exec("mkdir -m775 {$key_dir}");
+ }
+ return $key_dir;
+ }
+
+ // FIXME - this needs to go in beforeInsert/beforeUpdate
+ // should not be sending this the values..
+ function initSetting($a)
{
- if(empty($a) || empty($dir)) {
+ if(empty($a)) {
return;
}
- $c = $this->getSetting($a['module'], $a['name']);
+ $c = $this->lookup($a['module'], $a['name']);
if($c) {
return;
}
- //$ff->pman['storedir']/key generic for all projects?
-
- $this->setStoreDir($dir);
-
$this->initKeys();
- $val = $a['val'];
- if(!isset($a['is_encrypt']) || $a['is_encrypt'] == 1) {
- $val = $this->encrypt($val);
- }
-
$s = DB_DataObject::factory('core_setting');
+
$s->setFrom(array(
- 'module' => $a['module'],
- 'name' => $a['name'],
- 'description' => $a['description'],
- 'val' =>$val,
+ 'module' => $a['module'],
+ 'name' => $a['name'],
+ 'description' => $a['description'],
+ 'val' => (!isset($a['is_encrypt']) || $a['is_encrypt'] == 1) ?
+ $this->encrypt($a['val']) : $a['val'],
'is_encrypt' => isset($a['is_encrypt']) ? $a['is_encrypt'] : 1
));
$s->insert();
}
+ //one key for encrypting all the settings
function encrypt($v)
{
- $pub_key = file_get_contents("{$this->storedir}/pub.key");
+ $key_dir = "{$this->getKeyDirectory()}/pub.key";
+
+ if(!file_exists($key_dir)) {
+ print_r("Cannot find {$key_dir}");
+ exit;
+ }
+
+ $pub_key = file_get_contents($key_dir);
if(!$pub_key) {
return;
}
- openssl_public_encrypt($v, $cipher, $pub_key);
- return $cipher;
+ openssl_public_encrypt($v, $ciphertext, $pub_key);
+ return $ciphertext;
+ }
+
+ function decrypt($v)
+ {
+ $key_dir = "{$this->getKeyDirectory()}/pri.key";
+
+ if(!file_exists($key_dir)) {
+ print_r("Cannot find {$key_dir}");
+ exit;
+ }
+
+ $pri_key = file_get_contents($key_dir);
+ if(!$pri_key) {
+ return;
+ }
+
+ openssl_private_decrypt($v, $plaintext, $pri_key);
+ return $plaintext;
}
- function setStoreDir($dir)
+ function checkWritable($cls_name,$func_name,$dir)
{
- if(!file_exists($dir)) {
- $oldumask = umask(0);
- mkdir($dir, 0775, true);
- umask($oldumask);
+ if(!is_writable($dir)) {
+ print_r("Cannot run {$cls_name} :: {$func_name}\n");
+ print_r("Directory: {$dir} is not writable by current user\n");
+ exit;
}
- $this->storedir = $dir;
+
+ return true;
}
}