Permalink
Browse files

Added comments

  • Loading branch information...
B Tasker
B Tasker committed Aug 8, 2014
1 parent 931e32d commit d1649cb6811d935d96a9ad8ff10c29a67657d2b4
Showing with 60 additions and 2 deletions.
  1. +10 −0 utils/cli_only.php
  2. +50 −2 utils/rekey.php
@@ -1,4 +1,14 @@
<?php
/** PHPCredLocker CLI Utility functions
*
* Re-Generates Crypto keys and re-encrypts all stored data - Likely to be a long process!
*
* Copyright (C) 2014 B Tasker
* Released under GNU AGPL V3
* See LICENSE
*
*/
// Limit to command line usage
if (!isset($GLOBALS['argv'])){
@@ -28,6 +28,10 @@ function __construct(){
}
/** Write the objects keys to crypto.php
*
*/
function writekeyfile(){
$fh = fopen('conf/crypto.php','w');
@@ -59,6 +63,7 @@ function writekeyfile(){
}
/** Remove keys for any CredTypes that are no longer in the database
*
* @arg credtypeids - array
@@ -88,6 +93,9 @@ function tidyKeys($credtypeids){
/** Utility class
*
*/
class Utils{
static function genKey($len){
$newkey = null;
@@ -142,15 +150,21 @@ static function genKey($len){
}
// Prepare a few bits
$db = new BTDB;
$crypt = new Crypto;
$currentkeys = new cryptokeyscli(); // We use this object to make sure we've got a copy of the original
//$currentkeys = new cryptokeyscli(); // We use this object to make sure we've got a copy of the original
$newkeys = new cryptokeyscli(); // We'll be making the changes in here
$keylength = $newkeys->cipher->keyLength;
// TODO: Do we want to let the user change the keylength (and maybe the cipher?)
/** User Re-Key */
$output->_("Preparing to Re-Key Users");
$db->setQuery("SELECT * FROM #__Users");
@@ -221,6 +235,12 @@ static function genKey($len){
/** Credtypes Re-Key */
// Credtypes are similarly simple, just the name to switch
$output->_("Preparing to Re-Key Credential Types");
@@ -261,6 +281,14 @@ static function genKey($len){
}
/** Customers Re-Key */
// Customers require a little more work!
$output->_("Preparing to Re-Key Customers");
@@ -314,6 +342,13 @@ static function genKey($len){
/** Groups Re-Key */
// Groups next, relatively straight forward
$output->_("Preparing to Re-Key Groups");
@@ -353,6 +388,12 @@ static function genKey($len){
}
/** Credentials Re-Key */
// Now the tricky bit... Creds!
// We already have the credtypes in memory, so we'll work through them one by one.
@@ -380,6 +421,8 @@ static function genKey($len){
$output->_("\tProcessing Credtype ".$credtype->id);
// Work through each of the creds with this credtype
foreach ($creds as $cred){
$cred->Hash = $crypt->decrypt($cred->Hash,'Cre'.$cred->CredType);
$cred->Address = $crypt->decrypt($cred->Address,'Cre'.$cred->CredType);
@@ -389,6 +432,8 @@ static function genKey($len){
$ccreds[] = $cred;
}
// Process the AutoAuth records if any exist
if ($autoauth){
$sql = "SELECT * FROM #__AutoAuth";
$db->setQuery($sql);
@@ -408,6 +453,8 @@ static function genKey($len){
$newkeys->keys->Cre.$credtype->id = Utils::genKey($keylength);
$newkeys->writekeyfile();
// Encrypt and save
foreach ($ccreds as $cred){
$cred->Hash = $crypt->encrypt($cred->Hash,'Cre'.$cred->CredType);
$cred->Address = $crypt->encrypt($cred->Address,'Cre'.$cred->CredType);
@@ -437,6 +484,7 @@ static function genKey($len){
}
// Get rid of any defunct keys
$output->_("Tidying Keys");
$newkeys->tidyKeys($credtypeids);
$newkeys->writekeyfile();

0 comments on commit d1649cb

Please sign in to comment.