alikon/cajoomla.php

## cajoomla.php
<?php
/**
 * @package    Joomla.Cli
 *
 * @copyright  Copyright (C) 2005 - 2018 Open Source Matters, Inc. All rights reserved.
 * @license    GNU General Public License version 2 or later; see LICENSE.txt
 */

/**
 * This is a CLI script which should be called from the command-line, not the
 * web. For example something like:
 * /usr/bin/php /path/to/site/cli/cajoomla.php
 */

// Initialize Joomla framework
const _JEXEC = 1;

// Load system defines
if (file_exists(dirname(__DIR__) . '/defines.php'))
{
	require_once dirname(__DIR__) . '/defines.php';
}

if (!defined('_JDEFINES'))
{
	define('JPATH_BASE', dirname(__DIR__));
	require_once JPATH_BASE . '/includes/defines.php';
}

// Get the framework.
require_once JPATH_LIBRARIES . '/import.legacy.php';

// Bootstrap the CMS libraries.
require_once JPATH_LIBRARIES . '/cms.php';

/**
 * CLI script to generate an extension developer public key certificate.
 *
 * @since  __DEPLOY_VERSION__
 */
class cajoomla extends JApplicationCli
{
	/**
	 * Entry point for the script
	 *
	 * @return  void
	 *
	 * @since   __DEPLOY_VERSION__
	 */
	public function doExecute()
	{
    		// Suppose that the Joomla CA have generated their keypairs like this for example
    		/*
		  $cajoomla_kp = ParagonIE_Sodium_Compat::crypto_sign_keypair();
 		  $cajoomla_sk = ParagonIE_Sodium_Compat::crypto_sign_secretkey($cajoomla_kp);
		  $cajoomla_pk = ParagonIE_Sodium_Compat::crypto_sign_publickey($cajoomla_kp);
   		 */
    		// Suppose they are or generate your own:
		$cajoomla_sk = "b9a452b4615d78e88d883c0873bbfc515f655a4d1496025743021f5fda1a0da0036c05e30fb67d8b63af027299fca5d37579d16f14cd2670b9045f396e96984e";
		$cajoomla_pk = "036c05e30fb67d8b63af027299fca5d37579d16f14cd2670b9045f396e96984e";

		//  Suppose that the Joomla extension developer have generated their keypairs like this for example
		//$dev_sk='c8ae09b5743ca7acdbc18907dca5803bc0e20b0cc9005833bc14642bbd4cf6d56c46e9505ba78f9fb113b34dace5c095f69d1f693d5a087272cf6d470e5e15c9';
		$dev_pk='6c46e9505ba78f9fb113b34dace5c095f69d1f693d5a087272cf6d470e5e15c9';
		echo 'CApublicKey:' . $cajoomla_pk, PHP_EOL;
		echo '---', PHP_EOL;
		echo 'DevPublicKey:' . $dev_pk, PHP_EOL;

		// sign the extension developer public key
		$cajoomla_sk = ParagonIE_Sodium_Compat::hex2bin($cajoomla_sk);
		$cajoomla_pk = ParagonIE_Sodium_Compat::hex2bin($cajoomla_pk);
		// hash the developer public key
		$digest   = hash("sha384", $dev_pk);
		$dev_hash_pk = ParagonIE_Sodium_Compat::hex2bin($digest);

		$signature = ParagonIE_Sodium_Compat::crypto_sign_detached($dev_hash_pk, $cajoomla_sk);
		// verify the signature
		if (ParagonIE_Sodium_Compat::crypto_sign_verify_detached($signature, $dev_hash_pk, $cajoomla_pk))
		{
 		    echo 'OK', PHP_EOL;
 		}
   		 else
    		{
 		   throw new Exception('Invalid signature');
		}
    		// The Joomla CA give back to the extension developer the Digital Certificate of his public key
		echo 'Certificate:' . ParagonIE_Sodium_Compat::bin2hex($signature), PHP_EOL;
	}
}

JApplicationCli::getInstance('cajoomla')->execute();
	<?php
	/**
	* @package Joomla.Cli
	*
	* @copyright Copyright (C) 2005 - 2018 Open Source Matters, Inc. All rights reserved.
	* @license GNU General Public License version 2 or later; see LICENSE.txt
	*/

	/**
	* This is a CLI script which should be called from the command-line, not the
	* web. For example something like:
	* /usr/bin/php /path/to/site/cli/cajoomla.php
	*/

	// Initialize Joomla framework
	const _JEXEC = 1;

	// Load system defines
	if (file_exists(dirname(__DIR__) . '/defines.php'))
	{
	require_once dirname(__DIR__) . '/defines.php';
	}

	if (!defined('_JDEFINES'))
	{
	define('JPATH_BASE', dirname(__DIR__));
	require_once JPATH_BASE . '/includes/defines.php';
	}

	// Get the framework.
	require_once JPATH_LIBRARIES . '/import.legacy.php';

	// Bootstrap the CMS libraries.
	require_once JPATH_LIBRARIES . '/cms.php';

	/**
	* CLI script to generate an extension developer public key certificate.
	*
	* @since __DEPLOY_VERSION__
	*/
	class cajoomla extends JApplicationCli
	{
	/**
	* Entry point for the script
	*
	* @return void
	*
	* @since __DEPLOY_VERSION__
	*/
	public function doExecute()
	{
	// Suppose that the Joomla CA have generated their keypairs like this for example
	/*
	$cajoomla_kp = ParagonIE_Sodium_Compat::crypto_sign_keypair();
	$cajoomla_sk = ParagonIE_Sodium_Compat::crypto_sign_secretkey($cajoomla_kp);
	$cajoomla_pk = ParagonIE_Sodium_Compat::crypto_sign_publickey($cajoomla_kp);
	*/
	// Suppose they are or generate your own:
	$cajoomla_sk = "b9a452b4615d78e88d883c0873bbfc515f655a4d1496025743021f5fda1a0da0036c05e30fb67d8b63af027299fca5d37579d16f14cd2670b9045f396e96984e";
	$cajoomla_pk = "036c05e30fb67d8b63af027299fca5d37579d16f14cd2670b9045f396e96984e";

	// Suppose that the Joomla extension developer have generated their keypairs like this for example
	//$dev_sk='c8ae09b5743ca7acdbc18907dca5803bc0e20b0cc9005833bc14642bbd4cf6d56c46e9505ba78f9fb113b34dace5c095f69d1f693d5a087272cf6d470e5e15c9';
	$dev_pk='6c46e9505ba78f9fb113b34dace5c095f69d1f693d5a087272cf6d470e5e15c9';
	echo 'CApublicKey:' . $cajoomla_pk, PHP_EOL;
	echo '---', PHP_EOL;
	echo 'DevPublicKey:' . $dev_pk, PHP_EOL;

	// sign the extension developer public key
	$cajoomla_sk = ParagonIE_Sodium_Compat::hex2bin($cajoomla_sk);
	$cajoomla_pk = ParagonIE_Sodium_Compat::hex2bin($cajoomla_pk);
	// hash the developer public key
	$digest = hash("sha384", $dev_pk);
	$dev_hash_pk = ParagonIE_Sodium_Compat::hex2bin($digest);

	$signature = ParagonIE_Sodium_Compat::crypto_sign_detached($dev_hash_pk, $cajoomla_sk);
	// verify the signature
	if (ParagonIE_Sodium_Compat::crypto_sign_verify_detached($signature, $dev_hash_pk, $cajoomla_pk))
	{
	echo 'OK', PHP_EOL;
	}
	else
	{
	throw new Exception('Invalid signature');
	}
	// The Joomla CA give back to the extension developer the Digital Certificate of his public key
	echo 'Certificate:' . ParagonIE_Sodium_Compat::bin2hex($signature), PHP_EOL;
	}
	}

	JApplicationCli::getInstance('cajoomla')->execute();