X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FUtil%2FLDSignature.php;h=7776ec96c26f320b8c4cb8f4b217c3b0cf11e088;hb=5456ef01855f7f6bda4f137980df5a1793712bb1;hp=a52d84e478a36e803ccb8401e3b564d43fa258df;hpb=355346298bc99c97fa98157701c3fe7ef4905e5c;p=friendica.git diff --git a/src/Util/LDSignature.php b/src/Util/LDSignature.php index a52d84e478..7776ec96c2 100644 --- a/src/Util/LDSignature.php +++ b/src/Util/LDSignature.php @@ -5,7 +5,13 @@ namespace Friendica\Util; use Friendica\Util\JsonLD; use Friendica\Util\DateTimeFormat; use Friendica\Protocol\ActivityPub; +use Friendica\Model\APContact; +/** + * @brief Implements JSON-LD signatures + * + * Ported from Osada: https://framagit.org/macgirvin/osada + */ class LDSignature { public static function isSigned($data) @@ -13,50 +19,34 @@ class LDSignature return !empty($data['signature']); } - public static function isVerified($data, $pubkey = null) + public static function getSigner($data) { if (!self::isSigned($data)) { return false; } - if (empty($pubkey)) { -/* - $creator = $data['signature']['creator']; - $actor = JsonLD::fetchElement($data, 'actor', 'id'); - - $url = (strpos($creator, '#') ? substr($creator, 0, strpos($creator, '#')) : $creator); - - $profile = ActivityPub::fetchprofile($url); - if (!empty($profile)) { - logger('Taking key from creator ' . $creator, LOGGER_DEBUG); - } elseif ($url != $actor) { - $profile = ActivityPub::fetchprofile($actor); - if (empty($profile)) { - return false; - } - logger('Taking key from actor ' . $actor, LOGGER_DEBUG); - } - -*/ - $actor = JsonLD::fetchElement($data, 'actor', 'id'); - if (empty($actor)) { - return false; - } - - $profile = ActivityPub::fetchprofile($actor); - if (empty($profile['pubkey'])) { - return false; - } - $pubkey = $profile['pubkey']; + $actor = JsonLD::fetchElement($data, 'actor', 'id'); + if (empty($actor)) { + return false; + } + + $profile = APContact::getByURL($actor); + if (empty($profile['pubkey'])) { + return false; } + $pubkey = $profile['pubkey']; - $ohash = self::hash(self::signable_options($data['signature'])); - $dhash = self::hash(self::signable_data($data)); + $ohash = self::hash(self::signableOptions($data['signature'])); + $dhash = self::hash(self::signableData($data)); $x = Crypto::rsaVerify($ohash . $dhash, base64_decode($data['signature']['signatureValue']), $pubkey); logger('LD-verify: ' . intval($x)); - return $x; + if (empty($x)) { + return false; + } else { + return $actor; + } } public static function sign($data, $owner) @@ -65,42 +55,31 @@ class LDSignature 'type' => 'RsaSignature2017', 'nonce' => random_string(64), 'creator' => $owner['url'] . '#main-key', - 'created' => DateTimeFormat::utcNow() + 'created' => DateTimeFormat::utcNow(DateTimeFormat::ATOM) ]; - $ohash = self::hash(self::signable_options($options)); - $dhash = self::hash(self::signable_data($data)); + $ohash = self::hash(self::signableOptions($options)); + $dhash = self::hash(self::signableData($data)); $options['signatureValue'] = base64_encode(Crypto::rsaSign($ohash . $dhash, $owner['uprvkey'])); return array_merge($data, ['signature' => $options]); } - - private static function signable_data($data) + private static function signableData($data) { - $newdata = []; - if (!empty($data)) { - foreach ($data as $k => $v) { - if (!in_array($k, ['signature'])) { - $newdata[$k] = $v; - } - } - } - return $newdata; + unset($data['signature']); + return $data; } - - private static function signable_options($options) + private static function signableOptions($options) { $newopts = ['@context' => 'https://w3id.org/identity/v1']; - if (!empty($options)) { - foreach ($options as $k => $v) { - if (!in_array($k, ['type','id','signatureValue'])) { - $newopts[$k] = $v; - } - } - } - return $newopts; + + unset($options['type']); + unset($options['id']); + unset($options['signatureValue']); + + return array_merge($newopts, $options); } private static function hash($obj)