3 * StatusNet - the distributed open-source microblogging tool
4 * Copyright (C) 2010, StatusNet, Inc.
6 * A sample module to show best practices for StatusNet plugins
10 * This program is free software: you can redistribute it and/or modify
11 * it under the terms of the GNU Affero General Public License as published by
12 * the Free Software Foundation, either version 3 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU Affero General Public License for more details.
20 * You should have received a copy of the GNU Affero General Public License
21 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * @author James Walker <james@status.net>
25 * @copyright 2010 StatusNet, Inc.
26 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
27 * @link http://status.net/
32 const ENCODING = 'base64url';
34 const NS = 'http://salmon-protocol.org/ns/magic-env';
36 private function normalizeUser($user_id)
38 if (substr($user_id, 0, 5) == 'http:' ||
39 substr($user_id, 0, 6) == 'https:' ||
40 substr($user_id, 0, 5) == 'acct:') {
44 if (strpos($user_id, '@') !== FALSE) {
45 return 'acct:' . $user_id;
48 return 'http://' . $user_id;
51 public function getKeyPair($signer_uri)
53 $disco = new Discovery();
56 $xrd = $disco->lookup($signer_uri);
57 } catch (Exception $e) {
61 if ($link = Discovery::getService($xrd->links, Magicsig::PUBLICKEYREL)) {
63 $parts = explode(',', $link['href']);
64 if (count($parts) == 2) {
67 // Backwards compatibility check for separator bug in 0.9.0
68 $parts = explode(';', $link['href']);
69 if (count($parts) == 2) {
79 throw new Exception('Unable to locate signer public key');
83 public function signMessage($text, $mimetype, $keypair)
85 $signature_alg = Magicsig::fromString($keypair);
86 $armored_text = Magicsig::base64_url_encode($text);
89 'data' => $armored_text,
90 'encoding' => MagicEnvelope::ENCODING,
91 'data_type' => $mimetype,
92 'sig' => $signature_alg->sign($armored_text),
93 'alg' => $signature_alg->getName()
99 public function toXML($env) {
100 $dom = new DOMDocument();
102 $envelope = $dom->createElementNS(MagicEnvelope::NS, 'me:env');
103 $envelope->setAttribute('xmlns:me', MagicEnvelope::NS);
104 $data = $dom->createElementNS(MagicEnvelope::NS, 'me:data', $env['data']);
105 $data->setAttribute('type', $env['data_type']);
106 $envelope->appendChild($data);
107 $enc = $dom->createElementNS(MagicEnvelope::NS, 'me:encoding', $env['encoding']);
108 $envelope->appendChild($enc);
109 $alg = $dom->createElementNS(MagicEnvelope::NS, 'me:alg', $env['alg']);
110 $envelope->appendChild($alg);
111 $sig = $dom->createElementNS(MagicEnvelope::NS, 'me:sig', $env['sig']);
112 $envelope->appendChild($sig);
114 $dom->appendChild($envelope);
117 return $dom->saveXML();
121 public function unfold($env)
123 $dom = new DOMDocument();
124 $dom->loadXML(Magicsig::base64_url_decode($env['data']));
126 if ($dom->documentElement->tagName != 'entry') {
130 $prov = $dom->createElementNS(MagicEnvelope::NS, 'me:provenance');
131 $prov->setAttribute('xmlns:me', MagicEnvelope::NS);
132 $data = $dom->createElementNS(MagicEnvelope::NS, 'me:data', $env['data']);
133 $data->setAttribute('type', $env['data_type']);
134 $prov->appendChild($data);
135 $enc = $dom->createElementNS(MagicEnvelope::NS, 'me:encoding', $env['encoding']);
136 $prov->appendChild($enc);
137 $alg = $dom->createElementNS(MagicEnvelope::NS, 'me:alg', $env['alg']);
138 $prov->appendChild($alg);
139 $sig = $dom->createElementNS(MagicEnvelope::NS, 'me:sig', $env['sig']);
140 $prov->appendChild($sig);
142 $dom->documentElement->appendChild($prov);
144 return $dom->saveXML();
147 public function getAuthor($text) {
148 $doc = new DOMDocument();
149 if (!$doc->loadXML($text)) {
153 if ($doc->documentElement->tagName == 'entry') {
154 $authors = $doc->documentElement->getElementsByTagName('author');
155 foreach ($authors as $author) {
156 $uris = $author->getElementsByTagName('uri');
157 foreach ($uris as $uri) {
158 return $this->normalizeUser($uri->nodeValue);
164 public function checkAuthor($text, $signer_uri)
166 return ($this->getAuthor($text) == $signer_uri);
169 public function verify($env)
171 if ($env['alg'] != 'RSA-SHA256') {
172 common_log(LOG_DEBUG, "Salmon error: bad algorithm");
176 if ($env['encoding'] != MagicEnvelope::ENCODING) {
177 common_log(LOG_DEBUG, "Salmon error: bad encoding");
181 $text = Magicsig::base64_url_decode($env['data']);
182 $signer_uri = $this->getAuthor($text);
185 $keypair = $this->getKeyPair($signer_uri);
186 } catch (Exception $e) {
187 common_log(LOG_DEBUG, "Salmon error: ".$e->getMessage());
191 $verifier = Magicsig::fromString($keypair);
194 common_log(LOG_DEBUG, "Salmon error: unable to parse keypair");
198 return $verifier->verify($env['data'], $env['sig']);
201 public function parse($text)
203 $dom = DOMDocument::loadXML($text);
204 return $this->fromDom($dom);
207 public function fromDom($dom)
209 $env_element = $dom->getElementsByTagNameNS(MagicEnvelope::NS, 'env')->item(0);
211 $env_element = $dom->getElementsByTagNameNS(MagicEnvelope::NS, 'provenance')->item(0);
218 $data_element = $env_element->getElementsByTagNameNS(MagicEnvelope::NS, 'data')->item(0);
221 'data' => trim($data_element->nodeValue),
222 'data_type' => $data_element->getAttribute('type'),
223 'encoding' => $env_element->getElementsByTagNameNS(MagicEnvelope::NS, 'encoding')->item(0)->nodeValue,
224 'alg' => $env_element->getElementsByTagNameNS(MagicEnvelope::NS, 'alg')->item(0)->nodeValue,
225 'sig' => $env_element->getElementsByTagNameNS(MagicEnvelope::NS, 'sig')->item(0)->nodeValue,