Home Explore Help
Sign In
RISCI_ATOM
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Files Issues 23 Wiki
Tree: 397885adfa
Branches Tags
nextcloud-serve...
/
core
/
Command
/
User
/
Keys
/
Verify.php

Verify.php 2.3 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283 
  1. <?php
    2. 

  2. 

  3. declare(strict_types=1);
    4. 

  4. 

  5. /**
    6. 

  6.  * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
    7. 

  7.  * SPDX-License-Identifier: AGPL-3.0-or-later
    8. 

  8.  */
    9. 

  9. 

  10. namespace OC\Core\Command\User\Keys;
    11. 

  11. 

  12. use OC\Security\IdentityProof\Manager;
    13. 

  13. use OCP\IUser;
    14. 

  14. use OCP\IUserManager;
    15. 

  15. use Symfony\Component\Console\Command\Command;
    16. 

  16. use Symfony\Component\Console\Input\InputArgument;
    17. 

  17. use Symfony\Component\Console\Input\InputInterface;
    18. 

  18. use Symfony\Component\Console\Output\OutputInterface;
    19. 

  19. 

  20. class Verify extends Command {
    21. 

  21. 	public function __construct(
    22. 

  22. 		protected IUserManager $userManager,
    23. 

  23. 		protected Manager $keyManager,
    24. 

  24. 	) {
    25. 

  25. 		parent::__construct();
    26. 

  26. 	}
    27. 

  27. 

  28. 	protected function configure(): void {
    29. 

  29. 		$this
    30. 

  30. 			->setName('user:keys:verify')
    31. 

  31. 			->setDescription('Verify if the stored public key matches the stored private key')
    32. 

  32. 			->addArgument(
    33. 

  33. 				'user-id',
    34. 

  34. 				InputArgument::REQUIRED,
    35. 

  35. 				'User ID of the user to verify'
    36. 

  36. 			)
    37. 

  37. 		;
    38. 

  38. 	}
    39. 

  39. 

  40. 	/**
    41. 

  41. 	 * @param InputInterface $input
    42. 

  42. 	 * @param OutputInterface $output
    43. 

  43. 	 * @return int
    44. 

  44. 	 */
    45. 

  45. 	protected function execute(InputInterface $input, OutputInterface $output): int {
    46. 

  46. 		$userId = $input->getArgument('user-id');
    47. 

  47. 

  48. 		$user = $this->userManager->get($userId);
    49. 

  49. 		if (!$user instanceof IUser) {
    50. 

  50. 			$output->writeln('Unknown user');
    51. 

  51. 			return static::FAILURE;
    52. 

  52. 		}
    53. 

  53. 

  54. 		$key = $this->keyManager->getKey($user);
    55. 

  55. 		$publicKey = $key->getPublic();
    56. 

  56. 		$privateKey = $key->getPrivate();
    57. 

  57. 

  58. 		$output->writeln('User public key size: ' . strlen($publicKey));
    59. 

  59. 		$output->writeln('User private key size: ' . strlen($privateKey));
    60. 

  60. 

  61. 		// Derive the public key from the private key again to validate the stored public key
    62. 

  62. 		$opensslPrivateKey = openssl_pkey_get_private($privateKey);
    63. 

  63. 		$publicKeyDerived = openssl_pkey_get_details($opensslPrivateKey);
    64. 

  64. 		$publicKeyDerived = $publicKeyDerived['key'];
    65. 

  65. 		$output->writeln('User derived public key size: ' . strlen($publicKeyDerived));
    66. 

  66. 

  67. 		$output->writeln('');
    68. 

  68. 

  69. 		$output->writeln('Stored public key:');
    70. 

  70. 		$output->writeln($publicKey);
    71. 

  71. 		$output->writeln('Derived public key:');
    72. 

  72. 		$output->writeln($publicKeyDerived);
    73. 

  73. 

  74. 		if ($publicKey != $publicKeyDerived) {
    75. 

  75. 			$output->writeln('<error>Stored public key does not match stored private key</error>');
    76. 

  76. 			return static::FAILURE;
    77. 

  77. 		}
    78. 

  78. 

  79. 		$output->writeln('<info>Stored public key matches stored private key</info>');
    80. 

  80. 

  81. 		return static::SUCCESS;
    82. 

  82. 	}
    83. 

  83. }
    84.