From 1d9bdea13de8f41b213ae90f5bbc9577762cc070 Mon Sep 17 00:00:00 2001
From: markus <mhofmann@b-factor.de>
Date: Wed, 29 Apr 2020 23:44:09 +0200
Subject: [PATCH] [FEATURE] Add openSSL encrypted transport

---
 Classes/Client.php    |  8 ++++++++
 ext_conf_template.txt | 11 ++++++++++-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/Classes/Client.php b/Classes/Client.php
index 0766bb0..30a40a3 100644
--- a/Classes/Client.php
+++ b/Classes/Client.php
@@ -56,6 +56,14 @@ public function run(ServerRequestInterface $request): ResponseInterface
 
         // Generate json
         if ($output = json_encode($data)) {
+            if (
+                extension_loaded('openssl')
+                && $settings['enableSSLsecuredConnection']
+                && is_file($settings['privateKeyFile'])
+                && in_array($settings, openssl_get_cipher_methods())
+            ) {
+                $output = openssl_encrypt($output, $settings['openSSLcipher'], $settings['privateKeyFile']);
+            }
             $response = $response->withHeader('Content-Type', 'application/json; charset=utf-8');
             $response->getBody()->write($output);
 
diff --git a/ext_conf_template.txt b/ext_conf_template.txt
index 7c34928..1ca58dc 100644
--- a/ext_conf_template.txt
+++ b/ext_conf_template.txt
@@ -6,4 +6,13 @@ secret =
 allowedIps = *
 
 # cat=features/enable/3; type=boolean; label=Enable debugging: Instead of silently stopping the endpoint call, the error is outputted. Just enable this to debug if a connection is not possible!
-enableDebugForErrors = 0
\ No newline at end of file
+enableDebugForErrors = 0
+
+# cat=features/enable/4; type=string; label=Path to users private key file, eg. ~/.ssh/id_rsa
+privateKeyFile = ~/.ssh/id_rsa
+
+# cat=features/enable/5; type=boolean; label=Enable the private key file secure transport
+enableSSLsecuredConnection = 0
+
+# cat=features/enable/6; type=string; label=Cipher for secure transport
+openSSLcipher = aes-256-gcm
\ No newline at end of file