boinc/html/ops/generate_account_ownership_...

86 lines
3.6 KiB
PHP
Raw Normal View History

#!/usr/bin/env php
<?php
// This file is part of BOINC.
// http://boinc.berkeley.edu
// Copyright (C) 2008 University of California
//
// BOINC is free software; you can redistribute it and/or modify it
// under the terms of the GNU Lesser General Public License
// as published by the Free Software Foundation,
// either version 3 of the License, or (at your option) any later version.
//
// BOINC is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
// See the GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with BOINC. If not, see <http://www.gnu.org/licenses/>.
// usage: generate_account_ownership_keys.php [overwrite]
//
// This script generates the public and private keys for the proof of
// account ownership feature of the website that is described
// here: https://github.com/BOINC/boinc/wiki/ProofOfOwnership
//
// If the overwrite option is set, then the existing keys will be deleted and
// new keys generated. This will invalidate all existing account ownership
// proofs so use with caution.
require_once("../inc/boinc_db.inc");
require_once("../inc/user.inc");
require_once("../inc/util.inc");
require_once("../inc/account_ownership.inc");
if ( !function_exists('openssl_pkey_new') ) {
echo "WARNING: OpenSSL functions not available. Not generating account ownership keys.\n";
exit(1);
}
if (php_sapi_name() == "cli") {
if (!empty($argv[1])) {
if ($argv[1] == "overwrite") {
if (file_exists($account_ownership_private_key_file_path)) {
// If the private key exists, delete it.
unlink($account_ownership_private_key);
echo "erased '$account_ownership_private_key_file_name' \n";
}
if (file_exists($account_ownership_public_key_file_path)) {
// If the public key exists, delete it.
unlink($account_ownership_public_key);
echo "erased '$account_ownership_public_key_file_name' \n";
}
}
}
if ((!file_exists($account_ownership_private_key_file_path)) && (!file_exists($account_ownership_public_key_file_path))) {
try {
$generated_pkey = openssl_pkey_new(array(
'digest_alg' => 'sha512',
'private_key_bits' => 4096,
'private_key_type' => OPENSSL_KEYTYPE_RSA
));
$pubkey = openssl_pkey_get_details($generated_pkey); // Get the public key from the generated pkey pair
file_put_contents($account_ownership_public_key, $pubkey['key']); // Save the public key to disk
openssl_pkey_export_to_file($generated_pkey, $account_ownership_private_key); // Save the private key to disk
openssl_pkey_free($generated_pkey); // Free key data securely from memory
if ((file_exists($account_ownership_private_key_file_path)) && (file_exists($account_ownership_public_key_file_path))) {
echo "Successfully generated a new account ownership keypair. \n";
} else {
throw new Exception('Failed to generate account ownership keypair.');
}
} catch (Exception $e) {
echo 'Caught exception during account ownership key generation: ', $e->getMessage(), "\n";
}
} else {
echo "The private and public keys already exist. Repeat the command with the 'overwrite' parameter to replace the existing ownership keys. \n";
}
} else {
echo "This script must be run from the CLI \n";
}
?>