. */ namespace SP\Core\Crypt; use Defuse\Crypto\Exception\CryptoException; use Defuse\Crypto\Key; use SP\Http\Request; use SP\Util\HttpUtil; /** * Class SecureKeyCookie * * @package SP\Core\Crypt */ class SecureKeyCookie extends Cookie { /** * Nombre de la cookie */ const COOKIE_NAME = 'SYSPASS_SK'; /** * Llave usada para encriptar los datos * * @var Key */ protected $securedKey; /** * Obtener una llave de encriptación * * @return Key|false|string */ public static function getKey() { $secureKeyCookie = new self(self::COOKIE_NAME); $key = $secureKeyCookie->getCypher(); if (($cookie = $secureKeyCookie->getCookie())) { $data = $secureKeyCookie->getCookieData($cookie, $key); if ($data === false) { debugLog('Cookie verification error.'); return $secureKeyCookie->saveKey($key); } /** @var Vault $vault */ $vault = unserialize($data); if ($vault !== false && ($vault instanceof Vault) === true ) { try { return Key::loadFromAsciiSafeString($vault->getData($key)); } catch (CryptoException $e) { debugLog($e->getMessage()); return false; } } } elseif (($secureKeyCookie->getSecuredKey() instanceof Key) === true) { return $secureKeyCookie->getSecuredKey(); } else { return $secureKeyCookie->saveKey($key); } return false; } /** * Devolver la llave de cifrado para los datos de la cookie * * @return string */ private function getCypher() { return md5(Request::getRequestHeaders('User-Agent') . HttpUtil::getClientAddress()); } /** * Guardar una llave de encriptación * * @param $key * @return Key|false */ public function saveKey($key) { if (empty($key)) { return false; } try { $this->securedKey = Key::createNewRandomKey(); $vault = new Vault(); $vault->saveData($this->securedKey->saveToAsciiSafeString(), $key); if ($this->setCookie($this->sign(serialize($vault), $key))) { debugLog('Generating a new session key.'); return $this->securedKey; } else { debugLog('Could not generate session key cookie.'); unset($this->securedKey); } } catch (CryptoException $e) { debugLog($e->getMessage()); } return false; } /** * @return Key */ public function getSecuredKey() { return $this->securedKey; } }