Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
bc77d7c0 | 4 | | Copyright CiviCRM LLC. All rights reserved. | |
6a488035 | 5 | | | |
bc77d7c0 TO |
6 | | This work is published under the GNU AGPLv3 license with some | |
7 | | permitted exceptions and without any warranty. For full license | | |
8 | | and copyright information, see https://civicrm.org/licensing | | |
6a488035 | 9 | +--------------------------------------------------------------------+ |
d25dd0ee | 10 | */ |
6a488035 TO |
11 | |
12 | /** | |
13 | * | |
14 | * @package CRM | |
ca5cec67 | 15 | * @copyright CiviCRM LLC https://civicrm.org/licensing |
6a488035 TO |
16 | */ |
17 | ||
18 | /** | |
19 | * A utility which signs and verifies a list of key-value pairs | |
20 | * | |
21 | * FIXME: Add TTL support? | |
22 | * | |
0b882a86 | 23 | * ``` |
6a488035 TO |
24 | * $signer = new CRM_Utils_Signer('myprivatekey', array('param1','param2')); |
25 | * $params = array( | |
26 | * 'param1' => 'hello', | |
27 | * 'param2' => 'world', | |
28 | * ); | |
29 | * $token = $signer->sign($params); | |
30 | * ... | |
31 | * assertTrue($signer->validate($token, $params)); | |
0b882a86 | 32 | * ``` |
6a488035 TO |
33 | */ |
34 | class CRM_Utils_Signer { | |
35 | /** | |
36 | * Expected length of the salt | |
37 | * | |
38 | * @var int | |
39 | */ | |
40 | const SALT_LEN = 4; | |
41 | ||
42 | /** | |
43 | * Instantiate a signature-processor | |
44 | * | |
5a4f6742 CW |
45 | * @param string $secret |
46 | * private. | |
47 | * @param array $paramNames | |
77855840 | 48 | * Array, fields which should be part of the signature. |
6a488035 | 49 | */ |
00be9182 | 50 | public function __construct($secret, $paramNames) { |
6714d8d2 SL |
51 | // ensure consistent serialization of payloads |
52 | sort($paramNames); | |
6a488035 TO |
53 | $this->secret = $secret; |
54 | $this->paramNames = $paramNames; | |
6714d8d2 SL |
55 | // chosen to be valid in URLs but not in salt or md5 |
56 | $this->signDelim = "_"; | |
6a488035 TO |
57 | $this->defaultSalt = CRM_Utils_String::createRandom(self::SALT_LEN, CRM_Utils_String::ALPHANUMERIC); |
58 | } | |
59 | ||
60 | /** | |
61 | * Generate a signature for a set of key-value pairs | |
62 | * | |
5a4f6742 | 63 | * @param array $params |
77855840 | 64 | * Array, key-value pairs. |
5a4f6742 CW |
65 | * @param string $salt |
66 | * the salt (if known) or NULL (for auto-generated). | |
6a488035 TO |
67 | * @return string, the full public token representing the signature |
68 | */ | |
00be9182 | 69 | public function sign($params, $salt = NULL) { |
be2fb01f | 70 | $message = []; |
6a488035 | 71 | $message['secret'] = $this->secret; |
be2fb01f | 72 | $message['payload'] = []; |
6a488035 TO |
73 | if (empty($salt)) { |
74 | $message['salt'] = $this->createSalt(); | |
0db6c3e1 TO |
75 | } |
76 | else { | |
e7292422 | 77 | $message['salt'] = $salt; |
6a488035 TO |
78 | } |
79 | // recall: paramNames is pre-sorted for stability | |
80 | foreach ($this->paramNames as $paramName) { | |
81 | if (isset($params[$paramName])) { | |
82 | if (is_numeric($params[$paramName])) { | |
83 | $params[$paramName] = (string) $params[$paramName]; | |
84 | } | |
0db6c3e1 | 85 | } |
50bfb460 SB |
86 | else { |
87 | // $paramName is not included or ===NULL | |
6a488035 TO |
88 | $params[$paramName] = ''; |
89 | } | |
e7292422 TO |
90 | $message['payload'][$paramName] = $params[$paramName]; |
91 | } | |
6a488035 TO |
92 | $token = $message['salt'] . $this->signDelim . md5(serialize($message)); |
93 | return $token; | |
94 | } | |
95 | ||
96 | /** | |
97 | * Determine whether a token represents a proper signature for $params | |
98 | * | |
5a4f6742 CW |
99 | * @param string $token |
100 | * the full public token representing the signature. | |
101 | * @param array $params | |
77855840 | 102 | * Array, key-value pairs. |
f4aaa82a EM |
103 | * |
104 | * @throws Exception | |
6a488035 TO |
105 | * @return bool, TRUE iff all $paramNames for the submitted validate($params) and the original sign($params) |
106 | */ | |
00be9182 | 107 | public function validate($token, $params) { |
6a488035 TO |
108 | list ($salt, $signature) = explode($this->signDelim, $token); |
109 | if (strlen($salt) != self::SALT_LEN) { | |
ed6a28a1 | 110 | throw new Exception("Token contains invalid salt [" . urlencode($token) . "]"); |
6a488035 TO |
111 | } |
112 | $newToken = $this->sign($params, $salt); | |
113 | return ($token == $newToken); | |
114 | } | |
115 | ||
5bc392e6 EM |
116 | /** |
117 | * @return string | |
118 | */ | |
00be9182 | 119 | public function createSalt() { |
6a488035 TO |
120 | // It would be more secure to generate a new value but liable to run this |
121 | // many times on certain admin pages; so instead we'll re-use the hash. | |
122 | return $this->defaultSalt; | |
123 | } | |
96025800 | 124 | |
6a488035 | 125 | } |