/bin/keychain.php
PHP | 383 lines | 234 code | 44 blank | 105 comment | 20 complexity | 3e34e824fc3ab08af6d429dcb39e5c4a MD5 | raw file
Possible License(s): GPL-2.0, LGPL-2.1
- #!/usr/bin/env php
- <?php
- /**
- * @package Joomla.Platform
- *
- * @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
- * @license GNU General Public License version 2 or later; see LICENSE
- */
- define('_JEXEC', 1);
- define('JPATH_BASE', dirname(__FILE__));
- // Load the Joomla! Platform
- require_once realpath('../libraries/import.php');
- /**
- * Keychain Manager
- *
- * @package Joomla.Platform
- * @since 12.3
- */
- class KeychainManager extends JApplicationCli
- {
- /**
- * @var boolean A flag if the keychain has been updated to trigger saving the keychain
- * @since 12.3
- */
- protected $updated = false;
- /**
- * @var JKeychain The keychain object being manipulated.
- * @since 12.3
- */
- protected $keychain = null;
- /**
- * Execute the application
- *
- * @return void
- *
- * @since 12.3
- */
- public function execute( )
- {
- if (!count($this->input->args))
- {
- // Check if they passed --help in otherwise display short usage summary
- if ($this->input->get('help', false) === false)
- {
- $this->out("usage: {$this->input->executable} [options] [command] [<args>]");
- exit(1);
- }
- else
- {
- $this->displayHelp();
- exit(0);
- }
- }
- // For all tasks but help and init we use the keychain
- if (!in_array($this->input->args[0], array('help', 'init')))
- {
- $this->loadKeychain();
- }
- switch ($this->input->args[0])
- {
- case 'init':
- $this->initPassphraseFile();
- break;
- case 'list':
- $this->listEntries();
- break;
- case 'create':
- $this->create();
- break;
- case 'change':
- $this->change();
- case 'delete':
- $this->delete();
- break;
- case 'read':
- $this->read();
- break;
- case 'help':
- $this->displayHelp();
- break;
- default:
- $this->out('Invalid command.');
- break;
- }
- if ($this->updated)
- {
- $this->saveKeychain();
- }
- exit(0);
- }
- /**
- * Load the keychain from a file.
- *
- * @return void
- *
- * @since 12.3
- */
- protected function loadKeychain()
- {
- $keychain = $this->input->get('keychain', '', 'raw');
- $publicKeyFile = $this->input->get('public-key', '', 'raw');
- $passphraseFile = $this->input->get('passphrase', '', 'raw');
- $this->keychain = new JKeychain;
- if (file_exists($keychain))
- {
- if (file_exists($publicKeyFile))
- {
- $this->keychain->loadKeychain($keychain, $passphraseFile, $publicKeyFile);
- }
- else
- {
- $this->out('Public key not specified or missing!');
- exit(1);
- }
- }
- }
- /**
- * Save this keychain to a file.
- *
- * @return void
- *
- * @since 12.3
- */
- protected function saveKeychain()
- {
- $keychain = $this->input->get('keychain', '', 'raw');
- $publicKeyFile = $this->input->get('public-key', '', 'raw');
- $passphraseFile = $this->input->get('passphrase', '', 'raw');
- if (!file_exists($publicKeyFile))
- {
- $this->out("Public key file specified doesn't exist: $publicKeyFile");
- exit(1);
- }
- $this->keychain->saveKeychain($keychain, $passphraseFile, $publicKeyFile);
- }
- /**
- * Initialise a new passphrase file.
- *
- * @return void
- *
- * @since 12.3
- */
- protected function initPassphraseFile()
- {
- $keychain = new JKeychain;
- $passphraseFile = $this->input->get('passphrase', '', 'raw');
- $privateKeyFile = $this->input->get('private-key', '', 'raw');
- if (!strlen($passphraseFile))
- {
- $this->out('A passphrase file must be specified with --passphrase');
- exit(1);
- }
- if (!file_exists($privateKeyFile))
- {
- $this->out("protected key file specified doesn't exist: $privateKeyFile");
- exit(1);
- }
- $this->out('Please enter the new passphrase:');
- $passphrase = $this->in();
- $this->out('Please enter the passphrase for the protected key:');
- $privateKeyPassphrase = $this->in();
- $keychain->createPassphraseFile($passphrase, $passphraseFile, $privateKeyFile, $privateKeyPassphrase);
- }
- /**
- * Create a new entry
- *
- * @return void
- *
- * @since 12.3
- */
- protected function create()
- {
- if (count($this->input->args) != 3)
- {
- $this->out("usage: {$this->input->executable} [options] create entry_name entry_value");
- exit(1);
- }
- if ($this->keychain->exists($this->input->args[1]))
- {
- $this->out('error: entry already exists. To change this entry, use "change"');
- exit(1);
- }
- $this->change();
- }
- /**
- * Change an existing entry to a new value or create an entry if missing.
- *
- * @return void
- *
- * @since 12.3
- */
- protected function change()
- {
- if (count($this->input->args) != 3)
- {
- $this->out("usage: {$this->input->executable} [options] change entry_name entry_value");
- exit(1);
- }
- $this->updated = true;
- $this->keychain->setValue($this->input->args[1], $this->input->args[2]);
- }
- /**
- * Read an entry from the keychain
- *
- * @return void
- *
- * @since 12.3
- */
- protected function read()
- {
- if (count($this->input->args) != 2)
- {
- $this->out("usage: {$this->input->executable} [options] read entry_name");
- exit(1);
- }
- $key = $this->input->args[1];
- $this->out($key . ': ' . $this->dumpVar($this->keychain->get($key)));
- }
- /**
- * Get the string from var_dump
- *
- * @param mixed $var The variable you want to have dumped.
- *
- * @return string The result of var_dump
- *
- * @since 12.3
- */
- private function dumpVar($var)
- {
- ob_start();
- var_dump($var);
- $result = trim(ob_get_contents());
- ob_end_clean();
- return $result;
- }
- /**
- * Delete an entry from the keychain
- *
- * @return void
- *
- * @since 12.3
- */
- protected function delete()
- {
- if (count($this->input->args) != 2)
- {
- $this->out("usage: {$this->input->executable} [options] delete entry_name");
- exit(1);
- }
- $this->updated = true;
- $this->keychain->deleteValue($this->input->args[1], null);
- }
- /**
- * List entries in the keychain
- *
- * @return void
- *
- * @since 12.3
- */
- protected function listEntries()
- {
- foreach ($this->keychain->toArray() as $key => $value)
- {
- $line = $key;
- if ($this->input->get('print-values'))
- {
- $line .= ': ' . $this->dumpVar($value);
- }
- $this->out($line);
- }
- }
- /**
- * Display the help information
- *
- * @return void
- *
- * @since 12.3
- */
- protected function displayHelp()
- {
- /*
- COMMANDS
- - list
- - create entry_name entry_value
- - change entry_name entry_value
- - delete entry_name
- - read entry_name
- */
- $help = <<<HELP
- Keychain Management Utility
- usage: {$this->input->executable} [--keychain=/path/to/keychain]
- [--passphrase=/path/to/passphrase.dat] [--public-key=/path/to/public.pem]
- [command] [<args>]
- OPTIONS
- --keychain=/path/to/keychain
- Path to a keychain file to manipulate.
- --passphrase=/path/to/passphrase.dat
- Path to a passphrase file containing the encryption/decryption key.
- --public-key=/path/to/public.pem
- Path to a public key file to decrypt the passphrase file.
- COMMANDS
- list:
- Usage: list [--print-values]
- Lists all entries in the keychain. Optionally pass --print-values to print the values as well.
- create:
- Usage: create entry_name entry_value
- Creates a new entry in the keychain called "entry_name" with the plaintext value "entry_value".
- NOTE: This is an alias for change.
- change:
- Usage: change entry_name entry_value
- Updates the keychain entry called "entry_name" with the value "entry_value".
- delete:
- Usage: delete entry_name
- Removes an entry called "entry_name" from the keychain.
- read:
- Usage: read entry_name
- Outputs the plaintext value of "entry_name" from the keychain.
- init:
- Usage: init
- Creates a new passphrase file and prompts for a new passphrase.
- HELP;
- $this->out($help);
- }
- }
- try
- {
- JApplicationCli::getInstance('KeychainManager')->execute();
- }
- catch (Exception $e)
- {
- echo $e->getMessage() . "\n";
- exit(1);
- }