Merge branch 'nightly' into deletenotice_form_fix

[quix0rs-gnu-social.git] / plugins / OStatus / classes / Magicsig.php

diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php
index 289865a97f692eaad1fc4951e85302304cc9e4bb..890f525862ead99c7aa997a7f9b3fcbc70d1b27e 100644 (file)
--- a/plugins/OStatus/classes/Magicsig.php
+++ b/plugins/OStatus/classes/Magicsig.php
@@ -37,6 +37,9 @@ class Magicsig extends Managed_DataObject
 {
     const PUBLICKEYREL = 'magic-public-key';
 
+    const DEFAULT_KEYLEN = 1024;
+    const DEFAULT_SIGALG = 'RSA-SHA256';
+
     public $__table = 'magicsig';
 
     /**
@@ -76,7 +79,7 @@ class Magicsig extends Managed_DataObject
      */
     public $privateKey;
 
-    public function __construct($alg = 'RSA-SHA256')
+    public function __construct($alg=self::DEFAULT_SIGALG)
     {
         $this->alg = $alg;
     }
@@ -143,9 +146,12 @@ class Magicsig extends Managed_DataObject
      * Warning: this can be very slow on systems without the GMP module.
      * Runtimes of 20-30 seconds are not unheard-of.
      *
+     * FIXME: More than 1024 bits please. But StatusNet _discards_ non-1024 bits,
+     *        so we'll have to wait the last mohican out before switching defaults.
+     *
      * @param User $user the local user (since we don't have remote private keys)
      */
-    public static function generate(User $user, $bits=1024, $alg='RSA-SHA256')
+    public static function generate(User $user, $bits=self::DEFAULT_KEYLEN, $alg=self::DEFAULT_SIGALG)
     {
         $magicsig = new Magicsig($alg);
         $magicsig->user_id = $user->id;
@@ -172,18 +178,37 @@ class Magicsig extends Managed_DataObject
      * @param boolean $full_pair set to true to include the private key.
      * @return string
      */
-    public function toString($full_pair=false)
+    public function toString($full_pair=false, $base64url=true)
     {
-        $mod = Magicsig::base64_url_encode($this->publicKey->modulus->toBytes());
-        $exp = Magicsig::base64_url_encode($this->publicKey->exponent->toBytes());
+        $base64_func = $base64url ? 'Magicsig::base64_url_encode' : 'base64_encode';
+        $mod = call_user_func($base64_func, $this->publicKey->modulus->toBytes());
+        $exp = call_user_func($base64_func, $this->publicKey->exponent->toBytes());
+
         $private_exp = '';
         if ($full_pair && $this->privateKey instanceof Crypt_RSA && $this->privateKey->exponent->toBytes()) {
-            $private_exp = '.' . Magicsig::base64_url_encode($this->privateKey->exponent->toBytes());
+            $private_exp = '.' . call_user_func($base64_func, $this->privateKey->exponent->toBytes());
         }
 
         return 'RSA.' . $mod . '.' . $exp . $private_exp;
     }
 
+    public function toFingerprint()
+    {
+        // This assumes a specific behaviour from toString, to format as such:
+        //    "RSA." + base64(pubkey.modulus_as_bytes) + "." + base64(pubkey.exponent_as_bytes)
+        // We don't want the base64 string to be the "url encoding" version because it is not
+        // as common in programming libraries. And we want it to be base64 encoded since ASCII
+        // representation avoids any problems with NULL etc. in less forgiving languages and also
+        // just easier to debug...
+        return strtolower(hash('sha256', $this->toString(false, false)));
+    }
+
+    public function exportPublicKey($format=CRYPT_RSA_PUBLIC_FORMAT_PKCS1)
+    {
+        $this->publicKey->setPublicKey();
+        return $this->publicKey->getPublicKey($format);
+    }
+
     /**
      * importKeys will load the object's keypair string, which initiates
      * loadKey() and configures Crypt_RSA objects.