Bitrix-D7 23.9
 
Загрузка...
Поиск...
Не найдено
signer.php
1<?php
2namespace Bitrix\Main\Security\Sign;
3
4use Bitrix\Main\ArgumentTypeException;
5use Bitrix\Main\Config;
6
12class Signer
13{
15 protected $algorithm = null;
16 protected $separator = '.';
18 protected $key = null;
19
25 public function __construct(SigningAlgorithm $algorithm = null)
26 {
27 if ($algorithm !== null)
28 $this->algorithm = $algorithm;
29 else
30 $this->algorithm = new HmacAlgorithm();
31 }
32
40 public function setKey($value)
41 {
42 if (!is_string($value))
43 throw new ArgumentTypeException('value', 'string');
44
45 $this->key = $value;
46 return $this;
47 }
48
54 public function getSeparator()
55 {
56 return $this->separator;
57 }
58
66 public function setSeparator($value)
67 {
68 if (!is_string($value))
69 throw new ArgumentTypeException('value', 'string');
70
71 $this->separator = $value;
72 return $this;
73 }
74
83 public function getSignature($value, $salt = null)
84 {
85 if (!is_string($value))
86 throw new ArgumentTypeException('value', 'string');
87
88 $key = $this->getKey($salt);
89 $signature = $this->algorithm->getSignature($value, $key);
90 $signature = $this->encodeSignature($signature);
91 return $signature;
92 }
93
111 public function sign($value, $salt = null)
112 {
113 if (!is_string($value))
114 throw new ArgumentTypeException('value', 'string');
115
116 $signature = $this->getSignature($value, $salt);
117 return $this->pack(array($value, $signature));
118 }
119
153 public function unsign($signedValue, $salt = null)
154 {
155 if (!is_string($signedValue))
156 throw new ArgumentTypeException('signedValue', 'string');
157
158 list($value, $signature) = $this->unpack($signedValue);
159 if (!$this->verifySignature($value, $signature, $salt))
160 throw new BadSignatureException('Signature does not match');
161
162 return $value;
163 }
164
173 public function validate($value, $signature, $salt = null)
174 {
175 return $this->verifySignature($value, $signature, $salt);
176 }
177
186 protected function verifySignature($value, $sig, $salt = null)
187 {
188 $key = $this->getKey($salt);
189 $signature = $this->decodeSignature($sig);
190 return $this->algorithm->verify($value, $key, $signature);
191 }
192
202 protected function getKey($salt = null)
203 {
204 if ($salt !== null && !preg_match('#^[a-zA-Z0-9_.-]{3,50}$#D', $salt))
205 throw new BadSignatureException('Malformed salt, only [a-zA-Z0-9_.-]{3,50} characters are acceptable');
206
207 if ($this->key !== null)
208 $key = $this->key;
209 else
210 $key = $this->getDefaultKey();
211
212 return strval($salt).$key;
213 }
214
220 protected function getDefaultKey()
221 {
222 static $defaultKey = null;
223 if ($defaultKey === null)
224 {
225 $defaultKey = Config\Option::get('main', 'signer_default_key', false);
226 if (!$defaultKey)
227 {
228 $defaultKey = hash('sha512', \Bitrix\Main\Security\Random::getString(64));
229 Config\Option::set('main', 'signer_default_key', $defaultKey);
230 }
231
232 $options = Config\Configuration::getValue("crypto");
233 if(isset($options["crypto_key"]))
234 {
235 $defaultKey .= $options["crypto_key"];
236 }
237 }
238
239 return $defaultKey;
240 }
241
242
250 public function pack(array $values)
251 {
252 return join($this->separator, $values);
253 }
254
274 public function unpack($value, $limit = 2)
275 {
276 // Some kind of optimization
277 if ($limit === 0)
278 {
279 if (strpos($value, $this->separator) === false)
280 throw new BadSignatureException('Separator not found in value');
281
282 return explode($this->separator, $value);
283 }
284
285 $result = array();
286 while(--$limit > 0)
287 {
288 $pos = bxstrrpos($value, $this->separator);
289 if ($pos === false)
290 throw new BadSignatureException('Separator not found in value');
291
292 $result[] = mb_substr($value, $pos + 1);
293 $value = mb_substr($value, 0, $pos);
294 }
295 $result[] = $value;
296
297 return array_reverse($result);
298 }
299
306 protected function encodeSignature($value)
307 {
308 return bin2hex($value);
309 }
310
318 protected function decodeSignature($value)
319 {
320 if (preg_match('#[^[:xdigit:]]#', $value))
321 throw new BadSignatureException('Signature must be hexadecimal string');
322
323 // ToDo: use hex2bin instead pack for PHP > 5.4.0
324 return pack('H*', $value);
325 }
326}
Bitrix\Main\Security\Random\getString
static getString($length, $caseSensitive=false)
Definition random.php:76
Bitrix\Main\Security\Sign\Signer\validate
validate($value, $signature, $salt=null)
Definition signer.php:173
Bitrix\Main\Security\Sign\Signer\getSignature
getSignature($value, $salt=null)
Definition signer.php:83
Bitrix\Main\Security\Sign\Signer\sign
sign($value, $salt=null)
Definition signer.php:111
Bitrix\Main\Security\Sign\Signer\unsign
unsign($signedValue, $salt=null)
Definition signer.php:153
Bitrix\Main\Security\Sign\Signer\verifySignature
verifySignature($value, $sig, $salt=null)
Definition signer.php:186
Bitrix\Main\Security\Sign\Signer\__construct
__construct(SigningAlgorithm $algorithm=null)
Definition signer.php:25