3 * StatusNet - the distributed open-source microblogging tool
4 * Copyright (C) 2010, StatusNet, Inc.
6 * A sample module to show best practices for StatusNet plugins
10 * This program is free software: you can redistribute it and/or modify
11 * it under the terms of the GNU Affero General Public License as published by
12 * the Free Software Foundation, either version 3 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU Affero General Public License for more details.
20 * You should have received a copy of the GNU Affero General Public License
21 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * @author James Walker <james@status.net>
25 * @copyright 2010 StatusNet, Inc.
26 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
27 * @link http://status.net/
32 const ENCODING = 'base64url';
34 const NS = 'http://salmon-protocol.org/ns/magic-env';
36 private function normalizeUser($user_id)
38 if (substr($user_id, 0, 5) == 'http:' ||
39 substr($user_id, 0, 6) == 'https:' ||
40 substr($user_id, 0, 5) == 'acct:') {
44 if (strpos($user_id, '@') !== FALSE) {
45 return 'acct:' . $user_id;
48 return 'http://' . $user_id;
51 public function getKeyPair($signer_uri)
53 $disco = new Discovery();
56 $xrd = $disco->lookup($signer_uri);
57 } catch (Exception $e) {
61 if ($link = Discovery::getService($xrd->links, Magicsig::PUBLICKEYREL)) {
62 list($type, $keypair) = explode(',', $link['href']);
63 if (empty($keypair)) {
64 // Backwards compatibility check for separator bug in 0.9.0
65 list($type, $keypair) = explode(';', $link['href']);
70 throw new Exception('Unable to locate signer public key');
74 public function signMessage($text, $mimetype, $keypair)
76 $signature_alg = Magicsig::fromString($keypair);
77 $armored_text = base64_url_encode($text);
80 'data' => $armored_text,
81 'encoding' => MagicEnvelope::ENCODING,
82 'data_type' => $mimetype,
83 'sig' => $signature_alg->sign($armored_text),
84 'alg' => $signature_alg->getName()
90 public function toXML($env) {
91 $dom = new DOMDocument();
93 $envelope = $dom->createElementNS(MagicEnvelope::NS, 'me:env');
94 $envelope->setAttribute('xmlns:me', MagicEnvelope::NS);
95 $data = $dom->createElementNS(MagicEnvelope::NS, 'me:data', $env['data']);
96 $data->setAttribute('type', $env['data_type']);
97 $envelope->appendChild($data);
98 $enc = $dom->createElementNS(MagicEnvelope::NS, 'me:encoding', $env['encoding']);
99 $envelope->appendChild($enc);
100 $alg = $dom->createElementNS(MagicEnvelope::NS, 'me:alg', $env['alg']);
101 $envelope->appendChild($alg);
102 $sig = $dom->createElementNS(MagicEnvelope::NS, 'me:sig', $env['sig']);
103 $envelope->appendChild($sig);
105 $dom->appendChild($envelope);
108 return $dom->saveXML();
112 public function unfold($env)
114 $dom = new DOMDocument();
115 $dom->loadXML(base64_url_decode($env['data']));
117 if ($dom->documentElement->tagName != 'entry') {
121 $prov = $dom->createElementNS(MagicEnvelope::NS, 'me:provenance');
122 $prov->setAttribute('xmlns:me', MagicEnvelope::NS);
123 $data = $dom->createElementNS(MagicEnvelope::NS, 'me:data', $env['data']);
124 $data->setAttribute('type', $env['data_type']);
125 $prov->appendChild($data);
126 $enc = $dom->createElementNS(MagicEnvelope::NS, 'me:encoding', $env['encoding']);
127 $prov->appendChild($enc);
128 $alg = $dom->createElementNS(MagicEnvelope::NS, 'me:alg', $env['alg']);
129 $prov->appendChild($alg);
130 $sig = $dom->createElementNS(MagicEnvelope::NS, 'me:sig', $env['sig']);
131 $prov->appendChild($sig);
133 $dom->documentElement->appendChild($prov);
135 return $dom->saveXML();
138 public function getAuthor($text) {
139 $doc = new DOMDocument();
140 if (!$doc->loadXML($text)) {
144 if ($doc->documentElement->tagName == 'entry') {
145 $authors = $doc->documentElement->getElementsByTagName('author');
146 foreach ($authors as $author) {
147 $uris = $author->getElementsByTagName('uri');
148 foreach ($uris as $uri) {
149 return $this->normalizeUser($uri->nodeValue);
155 public function checkAuthor($text, $signer_uri)
157 return ($this->getAuthor($text) == $signer_uri);
160 public function verify($env)
162 if ($env['alg'] != 'RSA-SHA256') {
163 common_log(LOG_DEBUG, "Salmon error: bad algorithm");
167 if ($env['encoding'] != MagicEnvelope::ENCODING) {
168 common_log(LOG_DEBUG, "Salmon error: bad encoding");
172 $text = base64_url_decode($env['data']);
173 $signer_uri = $this->getAuthor($text);
176 $keypair = $this->getKeyPair($signer_uri);
177 } catch (Exception $e) {
178 common_log(LOG_DEBUG, "Salmon error: ".$e->getMessage());
182 $verifier = Magicsig::fromString($keypair);
185 common_log(LOG_DEBUG, "Salmon error: unable to parse keypair");
189 return $verifier->verify($env['data'], $env['sig']);
192 public function parse($text)
194 $dom = DOMDocument::loadXML($text);
195 return $this->fromDom($dom);
198 public function fromDom($dom)
200 $env_element = $dom->getElementsByTagNameNS(MagicEnvelope::NS, 'env')->item(0);
202 $env_element = $dom->getElementsByTagNameNS(MagicEnvelope::NS, 'provenance')->item(0);
209 $data_element = $env_element->getElementsByTagNameNS(MagicEnvelope::NS, 'data')->item(0);
212 'data' => trim($data_element->nodeValue),
213 'data_type' => $data_element->getAttribute('type'),
214 'encoding' => $env_element->getElementsByTagNameNS(MagicEnvelope::NS, 'encoding')->item(0)->nodeValue,
215 'alg' => $env_element->getElementsByTagNameNS(MagicEnvelope::NS, 'alg')->item(0)->nodeValue,
216 'sig' => $env_element->getElementsByTagNameNS(MagicEnvelope::NS, 'sig')->item(0)->nodeValue,