Merge branch 'master' into nightly

[quix0rs-gnu-social.git] / plugins / Diaspora / DiasporaPlugin.php

diff --git a/plugins/Diaspora/DiasporaPlugin.php b/plugins/Diaspora/DiasporaPlugin.php
index c4385e87e3e457ae02ec1223aa94f95a37c7afc3..c054d3b767658cfd32cd5629e428569bb402bb62 100644 (file)
--- a/plugins/Diaspora/DiasporaPlugin.php
+++ b/plugins/Diaspora/DiasporaPlugin.php
@@ -33,9 +33,6 @@ if (!defined('GNUSOCIAL')) { exit(1); }
 // Depends on OStatus of course.
 addPlugin('OStatus');
 
-//Since Magicsig hasn't loaded yet
-require_once('Crypt/AES.php');
-
 class DiasporaPlugin extends Plugin
 {
     const REL_SEED_LOCATION = 'http://joindiaspora.com/seed_location';
@@ -46,7 +43,7 @@ class DiasporaPlugin extends Plugin
     {
         // So far we've only handled RSA keys, but it can change in the future,
         // so be prepared. And remember to change the statically assigned type attribute below!
-        assert($magicsig->publicKey instanceof Crypt_RSA);
+        assert($magicsig->publicKey instanceof \phpseclib\Crypt\RSA);
         $xrd->links[] = new XML_XRD_Element_Link(self::REL_PUBLIC_KEY,
                                     base64_encode($magicsig->exportPublicKey()), 'RSA');
 
@@ -82,7 +79,7 @@ class DiasporaPlugin extends Plugin
     public function onPluginVersion(array &$versions)
     {
         $versions[] = array('name' => 'Diaspora',
-                            'version' => '0.1',
+                            'version' => '0.2',
                             'author' => 'Mikael Nordfeldth',
                             'homepage' => 'https://gnu.io/social',
                             // TRANS: Plugin description.
@@ -153,7 +150,7 @@ class DiasporaPlugin extends Plugin
          * and “outer iv” (using the aes-256-cbc cipher). This encrypted
          * blob shall be referred to as “the ciphertext”. 
          */
-        $ciphertext = $outer_key->encrypt($decrypted_header);
+        $ciphertext = $outer_key->encrypt($decrypted_header, \phpseclib\Crypt\RSA::PADDING_PKCS1);
 
         /**
          * Construct the following JSON object, which shall be referred to
@@ -174,7 +171,7 @@ class DiasporaPlugin extends Plugin
         common_debug('Diaspora creating "outer aes key bundle", will require magic-public-key');
         $key_fetcher = new MagicEnvelope();
         $remote_keys = $key_fetcher->getKeyPair($target, true); // actually just gets the public key
-        $enc_outer = $remote_keys->publicKey->encrypt($outer_bundle);
+        $enc_outer = $remote_keys->publicKey->encrypt($outer_bundle, \phpseclib\Crypt\RSA::PADDING_PKCS1);
 
         /**
          * Construct the following JSON object, which I shall refer to as
@@ -204,7 +201,7 @@ class DiasporaPlugin extends Plugin
          *      chose earlier.
          * 2. Base64-encode the encrypted payload message.
          */
-        $payload = $inner_key->encrypt($magic_env->getData());
+        $payload = $inner_key->encrypt($magic_env->getData(), \phpseclib\Crypt\RSA::PADDING_PKCS1);
         //FIXME: This means we don't actually put an <atom:entry> in the payload,
         // since Diaspora has its own update method! Silly me. Read up on:
         // https://wiki.diasporafoundation.org/Federation_Message_Semantics
@@ -228,7 +225,12 @@ class DiasporaPlugin extends Plugin
 
     public function onSalmonSlap($endpoint_uri, MagicEnvelope $magic_env, Profile $target=null)
     {
-        $envxml = $magic_env->toXML($target, 'diaspora');
+        try {
+            $envxml = $magic_env->toXML($target, 'diaspora');
+        } catch (Exception $e) {
+            common_log(LOG_ERR, sprintf('Could not generate Magic Envelope XML (diaspora flavour) for profile id=='.$target->getID().': '.$e->getMessage()));
+            return false;
+        }
 
         // Diaspora wants another POST format (base64url-encoded POST variable 'xml')
         $headers = array('Content-Type: application/x-www-form-urlencoded');