Merge pull request #16 from phl0/reCodePrivateKeys

This re-encrypts the private keys with wavelog string

application/config/migration.php

@@ -22,7 +22,7 @@ $config['migration_enabled'] = TRUE;
 |
 */
 
-$config['migration_version'] = 174;
+$config['migration_version'] = 175;
 
 /*
 |--------------------------------------------------------------------------

application/controllers/Lotw.php

@@ -262,6 +262,11 @@ class Lotw extends CI_Controller {
 
 				// Build File to save
 				$adif_to_save = $this->load->view('lotw_views/adif_views/adif_export', $data, TRUE);
+				if (strpos($adif_to_save, '<SIGN_LOTW_V2.0:1:6>')) {
+					// Signing failed
+					echo "Signing failed.";
+					continue;
+				}
 
 				// create folder to store upload file
 				if (!file_exists('./uploads/lotw')) {
@@ -409,7 +414,7 @@ class Lotw extends CI_Controller {
 
 		if($worked) {
 			// Reading p12 successful
-		    $new_password = "cloudlog"; // set default password
+			$new_password = "wavelog"; // set default password
 			$result = null;
 			$worked = openssl_pkey_export($results['pkey'], $result, $new_password);
 
@@ -957,17 +962,21 @@ class Lotw extends CI_Controller {
 
 		$key = $sign_key;
 
-		$pkeyid = openssl_pkey_get_private($key, 'cloudlog');
-		//openssl_sign($plaintext, $signature, $pkeyid, OPENSSL_ALGO_SHA1 );
-		//openssl_free_key($pkeyid);
+		$pkeyid = openssl_pkey_get_private($key, 'wavelog');
+		if ($pkeyid) {
+			//openssl_sign($plaintext, $signature, $pkeyid, OPENSSL_ALGO_SHA1 );
+			//openssl_free_key($pkeyid);
 
-
-		if(openssl_sign($qso_string, $signature, $pkeyid, OPENSSL_ALGO_SHA1)) {
-		  if (defined('PHP_MAJOR_VERSION') && PHP_MAJOR_VERSION < 8) {
-		    openssl_free_key($pkeyid);
-		  }
-		  $signature_b64 = base64_encode($signature);
-		  return $signature_b64;
+			if(openssl_sign($qso_string, $signature, $pkeyid, OPENSSL_ALGO_SHA1)) {
+				if (defined('PHP_MAJOR_VERSION') && PHP_MAJOR_VERSION < 8) {
+					openssl_free_key($pkeyid);
+				}
+				$signature_b64 = base64_encode($signature);
+				return $signature_b64;
+			}
+		} else {
+			log_message('error', 'Error signing LoTW log.');
+			return null;
 		}
 
 

application/migrations/175_recode_lotw_keys.php

@@ -0,0 +1,48 @@
+<?php
+
+defined('BASEPATH') OR exit('No direct script access allowed');
+
+class Migration_recode_lotw_keys extends CI_Migration {
+
+	public function up() {
+		$this->db->select('lotw_cert_id, cert_key');
+		$query = $this->db->get('lotw_certs');
+		foreach ($query->result() as $row) {
+			$pkeyid = openssl_pkey_get_private(trim($row->cert_key), 'cloudlog');
+			if (!$pkeyid) {
+				log_message('error', 'Extracting private key of LoTW cert '.$row->lotw_cert_id.' failed.');
+			} else {
+				$pkey = null;
+				$worked = openssl_pkey_export($pkeyid, $pkey, 'wavelog');
+				if ($worked) {
+					$this->db->set('cert_key', $pkey);
+					$this->db->where('lotw_cert_id', $row->lotw_cert_id);
+					$this->db->update('lotw_certs');
+				} else {
+					log_message('error', 'Updating LoTW key id '.$row->lotw_cert_id.' failed.');
+				}
+			}
+		}
+	}
+
+	public function down() {
+		$this->db->select('lotw_cert_id, cert_key');
+		$query = $this->db->get('lotw_certs');
+		foreach ($query->result() as $row) {
+			$pkeyid = openssl_pkey_get_private(trim($row->cert_key), 'wavelog');
+			if (!$pkeyid) {
+				log_message('error', 'Extracting private key of LoTW cert '.$row->lotw_cert_id.' failed.');
+			} else {
+				$pkey = null;
+				$worked = openssl_pkey_export($pkeyid, $pkey, 'cloudlog');
+				if ($worked) {
+					$this->db->set('cert_key', $pkey);
+					$this->db->where('lotw_cert_id', $row->lotw_cert_id);
+					$this->db->update('lotw_certs');
+				} else {
+					log_message('error', 'Updating LoTW key id '.$row->lotw_cert_id.' failed.');
+				}
+			}
+		}
+	}
+}