1C-Bitrix 25.700.0
Загрузка...
Поиск...
Не найдено
rsasecurity.php
См. документацию.
1<?php
2
3use Bitrix\Main\Web\Json;
4
5abstract class CRsaProvider
6{
7 //$_M, $_E - public components
8 //$_D - secret component
9 //$_chunk - key length in bytes
10 protected $_M = '';
11 protected $_E = '';
12 protected $_D = '';
13 protected $_chunk = 0;
14
15 public function SetKeys($arKeys)
16 {
17 $this->_M = $arKeys["M"];
18 $this->_E = $arKeys["E"];
19 $this->_D = $arKeys["D"];
20 $this->_chunk = $arKeys["chunk"];
21 }
22
23 public function GetPublicKey()
24 {
25 return array("M"=>$this->_M, "E"=>$this->_E, "chunk"=>$this->_chunk);
26 }
27
28 abstract public function LoadKeys();
29 abstract public function SaveKeys($arKeys);
30 abstract public function Decrypt($data);
31 abstract public function Keygen($keylen=false);
32}
33
34class CRsaSecurity
35{
36 //max size of encrypted packet against DOS attacks.
37 const MAX_ENCRIPTED_DATA = 40120;
38
39 //error codes
40 const ERROR_NO_LIBRARY = 1; //no crypto library found
41 const ERROR_EMPTY_DATA = 2; //no encrypted data
42 const ERROR_BIG_DATA = -3; //too big encrypted data
43 const ERROR_DECODE = -4; //decoding error
44 const ERROR_INTEGRITY = -5; //integrity check error
45 const ERROR_SESS_VALUE = -6; //no session control value
46 const ERROR_SESS_CHECK = -7; //session control value does not match
47
48 protected $provider = false;
49 protected $lib = '';
50
51 public function __construct($lib=false)
52 {
53 if(extension_loaded('openssl') && ($lib == false || $lib == 'openssl'))
54 {
55 $this->provider = new CRsaOpensslProvider();
56 $this->lib = 'openssl';
57 }
58 elseif(extension_loaded('bcmath') && ($lib == false || $lib == 'bcmath'))
59 {
60 $this->provider = new CRsaBcmathProvider();
61 $this->lib = 'bcmath';
62 }
63 }
64
65 public static function Possible()
66 {
67 return (extension_loaded('openssl') || extension_loaded('bcmath'));
68 }
69
70 public function SetKeys($arKeys)
71 {
72 if($this->provider)
73 $this->provider->SetKeys($arKeys);
74 }
75
76 public function LoadKeys()
77 {
78 if($this->provider)
79 {
80 $arKeys = $this->provider->LoadKeys();
81 if(is_array($arKeys) && $arKeys["M"] <> '' && $arKeys["E"] <> '' && $arKeys["D"] <> '')
82 return $arKeys;
83 }
84 return false;
85 }
86
87 public function SaveKeys($arKeys)
88 {
89 if($this->provider)
90 $this->provider->SaveKeys($arKeys);
91 }
92
93 public function Keygen($keylen=false)
94 {
95 if($this->provider)
96 return $this->provider->Keygen($keylen);
97 return false;
98 }
99
100 public function AddToForm($formid, $arParams)
101 {
102 if(!$this->provider)
103 return;
104
105 $formid = preg_replace("/[^a-z0-9_]/is", "", $formid);
106
107 $session = \Bitrix\Main\Application::getInstance()->getSession();
108
109 if($session['__STORED_RSA_RAND'] == '')
110 {
111 $session['__STORED_RSA_RAND'] = $this->GetNewRsaRand();
112 }
113
114 $arSafeParams = array();
115 foreach($arParams as $param)
116 $arSafeParams[] = preg_replace("/[^a-z0-9_\\[\\]]/is", "", $param);
117
118 $arData = array(
119 "formid" => $formid,
120 "key" => $this->provider->GetPublicKey(),
121 "rsa_rand" => $session['__STORED_RSA_RAND'],
122 "params" => $arSafeParams,
123 );
124
125 CJSCore::Init();
126 $GLOBALS["APPLICATION"]->AddHeadScript("/bitrix/js/main/rsasecurity.js");
127
128 echo '
129<script>
130top.BX.defer(top.rsasec_form_bind)('.Json::encode($arData).');
131</script>
132';
133 }
134
135 public function AcceptFromForm($arParams)
136 {
137 if(!$this->provider)
138 return self::ERROR_NO_LIBRARY; //no crypto library found
139
140 $data = $_REQUEST['__RSA_DATA'] ?? '';
141
142 unset($_POST['__RSA_DATA']);
143 unset($_REQUEST['__RSA_DATA']);
144 unset($GLOBALS['__RSA_DATA']);
145
146 if($data == '')
147 return self::ERROR_EMPTY_DATA; //no encrypted data
148
149 if(mb_strlen($data) >= self::MAX_ENCRIPTED_DATA)
150 return self::ERROR_BIG_DATA; //too big encrypted data
151
152 $data = $this->provider->Decrypt($data);
153 if($data == '')
154 return self::ERROR_DECODE; //decoding error
155
156 $data1 = mb_substr($data, 0, -47);
157 $sha1 = mb_substr($data, -40);
158
159 if($sha1 <> sha1($data1))
160 return self::ERROR_INTEGRITY; //integrity check error
161
162 parse_str($data, $accepted_params);
163 if($accepted_params['__RSA_RAND'] == '')
164 return self::ERROR_SESS_VALUE; //no session control value
165
166 $session = \Bitrix\Main\Application::getInstance()->getSession();
167
168 if($accepted_params['__RSA_RAND'] <> $session['__STORED_RSA_RAND'])
169 return self::ERROR_SESS_CHECK; //session control value does not match
170
171 foreach($arParams as $k)
172 {
173 if(isset($accepted_params[$k]))
174 {
175 if(is_array($accepted_params[$k]))
176 {
177 foreach($accepted_params[$k] as $key=>$val)
178 $GLOBALS[$k][$key] = $_REQUEST[$k][$key] = $_POST[$k][$key] = $val;
179 }
180 else
181 {
182 $GLOBALS[$k] = $_REQUEST[$k] = $_POST[$k] = $accepted_params[$k];
183 }
184 }
185 }
186
187 return 0; //OK
188 }
189
190 public function GetLib()
191 {
192 return $this->lib;
193 }
194
195 protected function GetNewRsaRand()
196 {
197 return \Bitrix\Main\Security\Random::getString(20);
198 }
199}
$arParams
$arParams
Определения access_dialog.php:21
Bitrix\Main\Application\getInstance
static getInstance()
Определения application.php:98
Bitrix\Main\Web\Json
Определения json.php:9
CJSCore\Init
static Init($arExt=array(), $bReturn=false)
Определения jscore.php:66
CRsaBcmathProvider
Определения rsabcmath.php:3
CRsaProvider
Определения rsasecurity.php:6
CRsaProvider\Decrypt
Decrypt($data)
CRsaProvider\$_chunk
$_chunk
Определения rsasecurity.php:13
CRsaProvider\$_M
$_M
Определения rsasecurity.php:10
CRsaProvider\GetPublicKey
GetPublicKey()
Определения rsasecurity.php:23
CRsaProvider\SetKeys
SetKeys($arKeys)
Определения rsasecurity.php:15
CRsaProvider\$_E
$_E
Определения rsasecurity.php:11
CRsaProvider\Keygen
Keygen($keylen=false)
CRsaProvider\$_D
$_D
Определения rsasecurity.php:12
CRsaProvider\SaveKeys
SaveKeys($arKeys)
CRsaSecurity
Определения rsasecurity.php:35
CRsaSecurity\GetNewRsaRand
GetNewRsaRand()
Определения rsasecurity.php:195
CRsaSecurity\MAX_ENCRIPTED_DATA
const MAX_ENCRIPTED_DATA
Определения rsasecurity.php:37
CRsaSecurity\ERROR_NO_LIBRARY
const ERROR_NO_LIBRARY
Определения rsasecurity.php:40
CRsaSecurity\$lib
$lib
Определения rsasecurity.php:49
CRsaSecurity\ERROR_INTEGRITY
const ERROR_INTEGRITY
Определения rsasecurity.php:44
CRsaSecurity\ERROR_EMPTY_DATA
const ERROR_EMPTY_DATA
Определения rsasecurity.php:41
CRsaSecurity\$provider
$provider
Определения rsasecurity.php:48
CRsaSecurity\ERROR_SESS_CHECK
const ERROR_SESS_CHECK
Определения rsasecurity.php:46
CRsaSecurity\ERROR_DECODE
const ERROR_DECODE
Определения rsasecurity.php:43
CRsaSecurity\ERROR_BIG_DATA
const ERROR_BIG_DATA
Определения rsasecurity.php:42
CRsaSecurity\SetKeys
SetKeys($arKeys)
Определения rsasecurity.php:70
CRsaSecurity\ERROR_SESS_VALUE
const ERROR_SESS_VALUE
Определения rsasecurity.php:45
CRsaSecurity\GetLib
GetLib()
Определения rsasecurity.php:190
CRsaSecurity\AddToForm
AddToForm($formid, $arParams)
Определения rsasecurity.php:100
CRsaSecurity\LoadKeys
LoadKeys()
Определения rsasecurity.php:76
CRsaSecurity\Keygen
Keygen($keylen=false)
Определения rsasecurity.php:93
CRsaSecurity\AcceptFromForm
AcceptFromForm($arParams)
Определения rsasecurity.php:135
CRsaSecurity\__construct
__construct($lib=false)
Определения rsasecurity.php:51
CRsaSecurity\SaveKeys
SaveKeys($arKeys)
Определения rsasecurity.php:87
CRsaSecurity\Possible
static Possible()
Определения rsasecurity.php:65
$data
$data['IS_AVAILABLE']
Определения .description.php:13
array
</td ></tr ></table ></td ></tr >< tr >< td class="bx-popup-label bx-width30"><?=GetMessage("PAGE_NEW_TAGS")?> array( $site)
Определения file_new.php:804
$_REQUEST
$_REQUEST["admin_mnu_menu_id"]
Определения get_menu.php:8
elseif
if( $daysToExpire >=0 &&$daysToExpire< 60 elseif)( $daysToExpire< 0)
Определения prolog_main_admin.php:393
$key
if(empty($signedUserToken)) $key
Определения quickway.php:257
$val
$val
Определения options.php:1793
$k
$k
Определения template_pdf.php:567
$GLOBALS
$GLOBALS['_____370096793']
Определения update_client.php:1