include/salmon.php

   1 <?php
   2
   3 require_once('library/asn1.php');
   4
   5 function salmon_key($pubkey) {
   6         $lines = explode("\n",$pubkey);
   7         unset($lines[0]);
   8         unset($lines[count($lines)]);
   9         $x = base64_decode(implode('',$lines));
  10
  11         $r = ASN_BASE::parseASNString($x);
  12
  13         $m = $r[0]->asnData[1]->asnData[0]->asnData[0]->asnData;
  14         $e = $r[0]->asnData[1]->asnData[0]->asnData[1]->asnData;
  15
  16
  17         return 'RSA' . '.' . $m . '.' . $e ;
  18 }
  19
  20
  21 function base64url_encode($s) {
  22         return strtr(base64_encode($s),'+/','-_');
  23 }
  24
  25 function base64url_decode($s) {
  26         return base64_decode(strtr($s,'-_','+/'));
  27 }
  28
  29 function get_salmon_key($uri,$keyhash) {
  30         $ret = array();
  31
  32         $debugging = get_config('system','debugging');
  33         if($debugging)
  34                 file_put_contents('salmon.out', "\n" . 'Fetch key' . "\n", FILE_APPEND);
  35
  36         $arr = lrdd($uri);
  37
  38         if(is_array($arr)) {
  39                 foreach($arr as $a) {
  40                         if($a['@attributes']['rel'] === 'magic-public-key') {
  41                                 $ret[] = $a['@attributes']['href'];
  42                         }
  43                 }
  44         }
  45         else {
  46                 return '';
  47         }
  48
  49         // We have found at least one key URL
  50         // If it's inline, parse it - otherwise get the key
  51
  52         if(count($ret)) {
  53                 for($x = 0; $x < count($ret); $x ++) {
  54                         if(substr($ret[$x],0,5) === 'data:') {
  55                                 if(strstr($ret[$x],','))
  56                                         $ret[$x] = substr($ret[$x],strpos($ret[$x],',')+1);
  57                                 else
  58                                         $ret[$x] = substr($ret[$x],5);
  59                         }
  60                         else
  61                                 $ret[$x] = fetch_url($ret[$x]);
  62                 }
  63         }
  64
  65         if($debugging)
  66                 file_put_contents('salmon.out', "\n" . 'Key located: ' . print_r($ret,true) . "\n", FILE_APPEND);
  67
  68         if(count($ret) == 1) {
  69
  70                 // We only found one one key so we don't care if the hash matches.
  71                 // If it's the wrong key we'll find out soon enough because
  72                 // message verification will fail. This also covers some older
  73                 // software which don't supply a keyhash. As long as they only
  74                 // have one key we'll be right.
  75
  76                 return $ret[0];
  77         }
  78         else {
  79                 foreach($ret as $a) {
  80                         $hash = base64url_encode(hash('sha256',$a));
  81                         if($hash == $keyhash)
  82                                 return $a;
  83                 }
  84         }
  85
  86         return '';
  87 }
  88
  89
  90
  91 function slapper($owner,$contact,$slap) {
  92
  93
  94         // does contact have a salmon endpoint?
  95
  96         if(! strlen($contact['notify']))
  97                 return;
  98
  99         // add all namespaces to item
 100
 101 $namespaces = <<< EOT
 102 <entry xmlns="http://www.w3.org/2005/Atom"
 103       xmlns:thr="http://purl.org/syndication/thread/1.0"
 104       xmlns:at="http://purl.org/atompub/tombstones/1.0"
 105       xmlns:media="http://purl.org/syndication/atommedia"
 106       xmlns:dfrn="http://purl.org/macgirvin/dfrn/1.0"
 107       xmlns:as="http://activitystrea.ms/spec/1.0/"
 108       xmlns:georss="http://www.georss.org/georss" >
 109 EOT;
 110
 111         $slap = str_replace('<entry>',$namespaces,$slap);
 112
 113         // create a magic envelope
 114
 115         $data      = base64url_encode($slap);
 116         $data_type = 'application/atom+xml';
 117         $encoding  = 'base64url';
 118         $algorithm = 'RSA-SHA256';
 119         $keyhash   = base64url_encode(hash('sha256',salmon_key($owner['spubkey'])));
 120
 121         // Setup RSA stuff to PKCS#1 sign the data
 122
 123         set_include_path(get_include_path() . PATH_SEPARATOR . 'phpsec');
 124
 125         require_once('phpsec/Crypt/RSA.php');
 126
 127     $rsa = new CRYPT_RSA();
 128     $rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1;
 129     $rsa->setHash('sha256');
 130         $rsa->loadKey($owner['sprvkey']);
 131
 132     $signature = $rsa->sign($data);
 133
 134         $salmon_tpl = load_view_file('view/magicsig.tpl');
 135         $salmon = replace_macros($salmon_tpl,array(
 136                 '$data'      => $data,
 137                 '$encoding'  => $encoding,
 138                 '$algorithm' => $algorithm,
 139                 '$keyhash'   => $keyhash,
 140                 '$signature' => $signature
 141         ));
 142
 143         // slap them
 144         post_url($contact['notify'],$salmon);
 145
 146         return;
 147 }