SHARE
TWEET

Untitled

a guest Jan 19th, 2017 128 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. public function register($username, $email, $password)
  2.     {
  3.         $password_hash = password_hash($password, PASSWORD_DEFAULT);
  4.  
  5.         $user = User::create(['username' => $username, 'password' => $password_hash, 'email' => $email]);
  6.  
  7.         //Random and secure master key used for encryption / decryption of data.
  8.         $master_key = Key::createNewRandomKey();
  9.         $master_key_ascii = $master_key->saveToAsciiSafeString(); //Save to encrypt.
  10.  
  11.         //Password protected key.
  12.         $keyProtectedbyPassword = KeyProtectedByPassword::createRandomPasswordProtectedKey($password);
  13.         $user->locked_key = $keyProtectedbyPassword->saveToAsciiSafeString();
  14.  
  15.         //Unlock to use for encryption.
  16.         $unlocked_key = $keyProtectedbyPassword->unlockKey($password);
  17.         $user->encrypted_master_key = Crypto::encrypt($master_key_ascii, $unlocked_key);
  18.  
  19.         //keypair
  20.         $keyPair = KeyPair::generateKeyPair(2048);
  21.         $privateKey = $keyPair->getPrivateKey();
  22.         $publicKey = $keyPair->getPublicKey();
  23.  
  24.         $user->public_key = $publicKey;
  25.         $user->encrypted_private_key = Crypto::encrypt($privateKey, $master_key);
  26.     }
  27.  
  28.     public function addPassword($password)
  29.     {
  30.         //get the current logged in user object/model
  31.         $user = $this->getCurrentUser();
  32.  
  33.         $locked_key = KeyProtectedByPassword::loadFromAsciiSafeString($user->locked_key);
  34.         $unlocked_key = $locked_key->unlockKey($user->plaintextPassword); //Important! Don't use the hashed password. Use the Password Input (Maybe from login?)
  35.  
  36.         $decrypted_master_key = Crypto::decrypt($user->encrypted_master_key, $unlocked_key);
  37.         $master_key = Key::loadFromAsciiSafeString($decrypted_master_key);
  38.  
  39.         $user_private_key = Crypto::decrypt($user->encrypted_private_key, $master_key);
  40.  
  41.         $encrypted_password_to_add = Crypto::encrypt($password, $master_key);
  42.     }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top