artnum
diff --git a/‎Crypto.php
Lines changed: 105 additions & 0 deletions b/‎Crypto.php
Lines changed: 105 additions & 0 deletions
diff --git a/‎Files.php
Lines changed: 41 additions & 8 deletions b/‎Files.php
Lines changed: 41 additions & 8 deletions
diff --git a/‎JStore/Auth.php
Lines changed: 100 additions & 0 deletions b/‎JStore/Auth.php
Lines changed: 100 additions & 0 deletions
@@ -0,0 +1,105 @@
+<?PHP
+/*- 
+* Copyright (c) 2018 Etienne Bagnoud <[email protected]>
+* All rights reserved.
+*
+* Redistribution and use in source and binary forms, with or without
+* modification, are permitted provided that the following conditions
+* are met:
+* 1. Redistributions of source code must retain the above copyright
+*    notice, this list of conditions and the following disclaimer.
+* 2. Redistributions in binary form must reproduce the above copyright
+*    notice, this list of conditions and the following disclaimer in the
+*    documentation and/or other materials provided with the distribution.
+*
+* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+* ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+* SUCH DAMAGE.
+*/
+Namespace artnum;
+
+/* Mainly to initialize and abstract algo while using algo available in Stanford Javascript Crypto Library https://bitwiseshiftleft.github.io/sjcl/ */
+class Crypto {
+   private $HAlgo;
+   private $CAlgo;
+
+   function __construct($halgo = NULL, $calgo = NULL) {
+      if (is_null($halgo)) {
+         $this->HAlgo = 'sha1';
+         $algos = hash_algos();
+         /* select strongest hash function */
+         foreach (array('sha512', 'sha256') as $hash) {
+            if (in_array($hash, $algos)) {
+               $this->HAlgo = $hash;
+               break;
+            }
+         }
+      } else {
+         $this->HAlgo = $halgo;
+      }
+
+      if (is_null($calgo)) {
+         $this->CAlgo = 'aes-128-cbc';
+         $algos = openssl_get_cipher_methods();
+         foreach (array('aes-256-cbc', 'aes-192-cbc') as $cipher) {
+            if (in_array($cipher, $algos)) {
+               $this->CAlgo = $cipher;
+               break;
+            } 
+         }
+      } else {
+         $this->CAlgo = $calgo; 
+      }
+   }
+
+   function gethalgo() {
+      return $this->HAlgo;
+   }
+
+   function getcalgo() {
+      return $this->CAlgo;
+   }
+
+   /* hmac */
+   function hmac($value, $key) {
+      $signed = hash_hmac($this->HAlgo, $value, $key, true);
+      return array(base64_encode($signed), $this->HAlgo);
+   }
+
+   function hash($value) {
+      $hashed = hash($this->HAlgo, $value, true);
+      return array(base64_encode($hashed), $this->HAlgo);
+   }
+
+   function compare($value1, $value2) {
+      if (function_exists('hash_equals')) {
+         return hash_equals($value1, $value2);
+      } else {
+         return strcmp($value1, $value2) == 0;
+      }
+   }
+
+   /* Symmetric encryption/decryption */
+   function sencrypt($value, $key) {
+      $iv = '';
+      if (openssl_cipher_iv_length($this->CAlgo)) {
+         $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length($this->CAlgo));
+      }
+      $crypted = openssl_encrypt($value, $this->CAlgo, $key, OPENSSL_RAW_DATA, $iv);
+      return array($crypted, $iv, $this->CAlgo);
+   }
+
+   function sdecrypt($crypted, $key, $iv = '') {
+      $value = openssl_decrypt($crypted, $this->CAlgo, $key, OPENSSL_RAW_DATA, $iv);
+      return $value;
+   }
+}
+?>
@@ -29,19 +29,52 @@
 class Files {
    /* Write data to file if it's writable */
    function toFile ($content, $file) {
-      $write = false;
-      if (!file_exists($file)) {
+      if ($this->writable($file)) {
+         return file_put_contents($file, $content);
+      }
+      return false;
+   }
+
+   /* check if file is writable, if file doesn't exist, check if the directory is writable */
+   function writable($file) {
+      if (file_exists($file) && is_file($file) && is_writable($file)) {
+         return true;
+      } else {
          if (is_dir(dirname($file)) && is_writable(dirname($file))) {
-            $write = true;
+            return true;
          }
-      } else {
-         if (is_writable($file) && is_file($file)) {
-            $write = true;
+      }
+      return false;
+   }
+
+   /* alias */
+   function writeable($file) {
+      return $this->writable($file);
+   }
+
+   /* verify if file exists and is readable but if file doesn't exist, check if it could be written */
+   function mayExist($file) {
+      if (file_exists($file)) {
+         if ($this->readable($file)) {
+            return true;
          }
       }
+      if ($this->writeable($file)) {
+         return true;
+      }
+      return false;
+   }
+
+   function readable($file) {
+      if (file_exists($file) && is_file($file) && is_readable($file)) {
+         return true;
+      }
+      return false;
+   }
 
-      if ($write) {
-         return file_put_contents($file, $content);
+   function fromFile($file) {
+      if ($this->readable($file)) {
+         return file_get_contents($file);
       }
       return false;
    }
 
@@ -0,0 +1,100 @@
+<?PHP
+/*- 
+* Copyright (c) 2018 Etienne Bagnoud <[email protected]>
+* All rights reserved.
+*
+* Redistribution and use in source and binary forms, with or without
+* modification, are permitted provided that the following conditions
+* are met:
+* 1. Redistributions of source code must retain the above copyright
+*    notice, this list of conditions and the following disclaimer.
+* 2. Redistributions in binary form must reproduce the above copyright
+*    notice, this list of conditions and the following disclaimer in the
+*    documentation and/or other materials provided with the distribution.
+*
+* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+* ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+* SUCH DAMAGE.
+*/
+Namespace artnum\JStore;
+
+class Auth {
+   function __construct($session, $user) {
+      $this->Session = $session;
+      $this->UserInterface = $user;
+      $this->Random = new \artnum\Random();
+      $this->Crypto = new \artnum\Crypto('sha256');
+   }
+
+   function getName() {
+      return 'Artnum.GenericAuth';
+   }
+
+   function handle($request) {
+      switch($request->getVerb()) {
+         case 'POST':
+         case 'GET':
+            return $this->authenticate($request);
+         case 'PATCH':
+            return $this->update($request);
+      }
+
+      return false;
+   }
+
+   function verify($request) {
+      return $this->Session->set('auth-valid');
+   }
+
+   function authorize($request) {
+      /* todo autorization part */
+      return $this->verify($request);
+   }
+
+   /* set password */
+   function update($request) {
+      return;
+   }
+
+   function authenticate($request) {
+      if ($request->getVerb() == 'GET') {
+         $challenge = $this->Random->str(128);
+         if (!$challenge) {
+            return -1;
+         }
+         $this->Session->set('auth-challenge', $challenge);
+
+         $sleep = $this->UserInterface->fail('get', $request->getItem());
+         usleep(10000 * $sleep);
+
+         return array('challenge' => $challenge);
+      } else if ($request->getVerb() == 'POST') {
+         /* second pass */
+         $key = $this->Random->str(256);
+         $_key = $this->UserInterface->getkey($request->getItem());
+         if (!is_null($_key)) {
+            $key = $_key;
+         }
+         
+         if ($this->Crypto->compare($this->Crypto->hmac($this->Session->get('auth-challenge'), $key)[0], $request->getParameter('response'))) { 
+            $this->UserInterface->fail('reset', $request->getItem());
+            $this->Session->set('auth-valid', true);
+            return array('auth-success' => true);
+         } else {
+            $this->UserInterface->fail('inc', $request->getItem());
+            $this->Session->set('auth-valid', true);
+            return array('auth-success' => false);
+         }
+      }
+   }      
+}
+
+?>