X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=plugins%2FOStatus%2Fclasses%2FMagicsig.php;h=e057deb144d981611face4b6eb00c8c6d76586a6;hb=4101de7dd7cf059816c29c666c816f260a84c252;hp=87c684c93d87702eac562585797a0167070c4ad9;hpb=7277b59734cf0e39c8c77e01b13e8d997533bacf;p=quix0rs-gnu-social.git

diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php
index 87c684c93d..e057deb144 100644
--- a/plugins/OStatus/classes/Magicsig.php
+++ b/plugins/OStatus/classes/Magicsig.php
@@ -27,30 +27,43 @@
  * @link      http://status.net/
  */
 
+if (!defined('STATUSNET')) {
+    exit(1);
+}
+
+require_once 'Crypt/RSA.php';
+
 class Magicsig extends Memcached_DataObject
 {
-
     const PUBLICKEYREL = 'magic-public-key';
-    
+
     public $__table = 'magicsig';
 
     public $user_id;
     public $keypair;
     public $alg;
-    
+
     public $publicKey;
     public $privateKey;
-    
+
     public function __construct($alg = 'RSA-SHA256')
     {
         $this->alg = $alg;
     }
-    
+
     public /*static*/ function staticGet($k, $v=null)
     {
         $obj =  parent::staticGet(__CLASS__, $k, $v);
         if (!empty($obj)) {
-            return Magicsig::fromString($obj->keypair);
+            $obj = Magicsig::fromString($obj->keypair);
+
+            // Double check keys: Crypt_RSA did not
+            // consistently generate good keypairs.
+            // We've also moved to 1024 bit keys.
+            if (strlen($obj->publicKey->modulus->toBits()) != 1024) {
+                $obj->delete();
+                return false;
+            }
         }
 
         return $obj;
@@ -76,7 +89,6 @@ class Magicsig extends Memcached_DataObject
                                    64, false));
     }
 
-
     function keys()
     {
         return array_keys($this->keyTypes());
@@ -100,39 +112,38 @@ class Magicsig extends Memcached_DataObject
 
     public function generate($user_id)
     {
-        $rsa = new SafeCrypt_RSA();
-        
+        $rsa = new Crypt_RSA();
+
         $keypair = $rsa->createKey();
 
         $rsa->loadKey($keypair['privatekey']);
 
-        $this->privateKey = new SafeCrypt_RSA();
+        $this->privateKey = new Crypt_RSA();
         $this->privateKey->loadKey($keypair['privatekey']);
 
-        $this->publicKey = new SafeCrypt_RSA();
+        $this->publicKey = new Crypt_RSA();
         $this->publicKey->loadKey($keypair['publickey']);
-        
+
         $this->user_id = $user_id;
         $this->insert();
     }
 
-
     public function toString($full_pair = true)
     {
-        $mod = base64_url_encode($this->publicKey->modulus->toBytes());
-        $exp = base64_url_encode($this->publicKey->exponent->toBytes());
+        $mod = Magicsig::base64_url_encode($this->publicKey->modulus->toBytes());
+        $exp = Magicsig::base64_url_encode($this->publicKey->exponent->toBytes());
         $private_exp = '';
         if ($full_pair && $this->privateKey->exponent->toBytes()) {
-            $private_exp = '.' . base64_url_encode($this->privateKey->exponent->toBytes());
+            $private_exp = '.' . Magicsig::base64_url_encode($this->privateKey->exponent->toBytes());
         }
 
-        return 'RSA.' . $mod . '.' . $exp . $private_exp; 
+        return 'RSA.' . $mod . '.' . $exp . $private_exp;
     }
-    
+
     public static function fromString($text)
     {
         $magic_sig = new Magicsig();
-        
+
         // remove whitespace
         $text = preg_replace('/\s+/', '', $text);
 
@@ -140,7 +151,7 @@ class Magicsig extends Memcached_DataObject
         if (!preg_match('/RSA\.([^\.]+)\.([^\.]+)(.([^\.]+))?/', $text, $matches)) {
             return false;
         }
-        
+
         $mod = $matches[1];
         $exp = $matches[2];
         if (!empty($matches[4])) {
@@ -161,12 +172,12 @@ class Magicsig extends Memcached_DataObject
     {
         common_log(LOG_DEBUG, "Adding ".$type." key: (".$mod .', '. $exp .")");
 
-        $rsa = new SafeCrypt_RSA();
+        $rsa = new Crypt_RSA();
         $rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1;
         $rsa->setHash('sha256');
-        $rsa->modulus = new Math_BigInteger(base64_url_decode($mod), 256);
+        $rsa->modulus = new Math_BigInteger(Magicsig::base64_url_decode($mod), 256);
         $rsa->k = strlen($rsa->modulus->toBytes());
-        $rsa->exponent = new Math_BigInteger(base64_url_decode($exp), 256);
+        $rsa->exponent = new Math_BigInteger(Magicsig::base64_url_decode($exp), 256);
 
         if ($type == 'private') {
             $this->privateKey = $rsa;
@@ -174,7 +185,7 @@ class Magicsig extends Memcached_DataObject
             $this->publicKey = $rsa;
         }
     }
-    
+
     public function getName()
     {
         return $this->alg;
@@ -187,29 +198,28 @@ class Magicsig extends Memcached_DataObject
         case 'RSA-SHA256':
             return 'sha256';
         }
-
     }
-    
+
     public function sign($bytes)
     {
         $sig = $this->privateKey->sign($bytes);
-        return base64_url_encode($sig);
+        return Magicsig::base64_url_encode($sig);
     }
 
     public function verify($signed_bytes, $signature)
     {
-        $signature = base64_url_decode($signature);
+        $signature = Magicsig::base64_url_decode($signature);
         return $this->publicKey->verify($signed_bytes, $signature);
     }
-        
-}
 
-function base64_url_encode($input)
-{
-    return strtr(base64_encode($input), '+/', '-_');
-}
 
-function base64_url_decode($input)
-{
-    return base64_decode(strtr($input, '-_', '+/'));
+    public static function base64_url_encode($input)
+    {
+        return strtr(base64_encode($input), '+/', '-_');
+    }
+
+    public static function base64_url_decode($input)
+    {
+        return base64_decode(strtr($input, '-_', '+/'));
+    }
 }