X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FUtil%2FLDSignature.php;h=9762b837f3bca737269d4ca87f78d95d5f45f855;hb=256e845c5dd606d6e0f1d401a0859b6f8728fb2d;hp=6db66a52a5ecdb086c1a7ff0b8a5ad67af29613d;hpb=c083ae047c4259dcfa1c61a3795679bbf1b08d8c;p=friendica.git diff --git a/src/Util/LDSignature.php b/src/Util/LDSignature.php index 6db66a52a5..9762b837f3 100644 --- a/src/Util/LDSignature.php +++ b/src/Util/LDSignature.php @@ -2,10 +2,14 @@ namespace Friendica\Util; -use Friendica\Util\JsonLD; -use Friendica\Util\DateTimeFormat; -use Friendica\Protocol\ActivityPub; - +use Friendica\Core\Logger; +use Friendica\Model\APContact; + +/** + * @brief Implements JSON-LD signatures + * + * Ported from Osada: https://framagit.org/macgirvin/osada + */ class LDSignature { public static function isSigned($data) @@ -19,40 +23,22 @@ class LDSignature return false; } -/* - $creator = $data['signature']['creator']; - $actor = JsonLD::fetchElement($data, 'actor', 'id'); - - $url = (strpos($creator, '#') ? substr($creator, 0, strpos($creator, '#')) : $creator); - - $profile = ActivityPub::fetchprofile($url); - if (!empty($profile)) { - logger('Taking key from creator ' . $creator, LOGGER_DEBUG); - } elseif ($url != $actor) { - $profile = ActivityPub::fetchprofile($actor); - if (empty($profile)) { - return false; - } - logger('Taking key from actor ' . $actor, LOGGER_DEBUG); - } - -*/ $actor = JsonLD::fetchElement($data, 'actor', 'id'); - if (empty($actor)) { + if (empty($actor) || !is_string($actor)) { return false; } - $profile = ActivityPub::fetchprofile($actor); + $profile = APContact::getByURL($actor); if (empty($profile['pubkey'])) { return false; } $pubkey = $profile['pubkey']; - $ohash = self::hash(self::signable_options($data['signature'])); - $dhash = self::hash(self::signable_data($data)); + $ohash = self::hash(self::signableOptions($data['signature'])); + $dhash = self::hash(self::signableData($data)); $x = Crypto::rsaVerify($ohash . $dhash, base64_decode($data['signature']['signatureValue']), $pubkey); - logger('LD-verify: ' . intval($x)); + Logger::log('LD-verify: ' . intval($x)); if (empty($x)) { return false; @@ -65,37 +51,33 @@ class LDSignature { $options = [ 'type' => 'RsaSignature2017', - 'nonce' => random_string(64), + 'nonce' => Strings::getRandomHex(64), 'creator' => $owner['url'] . '#main-key', 'created' => DateTimeFormat::utcNow(DateTimeFormat::ATOM) ]; - $ohash = self::hash(self::signable_options($options)); - $dhash = self::hash(self::signable_data($data)); + $ohash = self::hash(self::signableOptions($options)); + $dhash = self::hash(self::signableData($data)); $options['signatureValue'] = base64_encode(Crypto::rsaSign($ohash . $dhash, $owner['uprvkey'])); return array_merge($data, ['signature' => $options]); } - - private static function signable_data($data) + private static function signableData($data) { unset($data['signature']); return $data; } - - private static function signable_options($options) + private static function signableOptions($options) { $newopts = ['@context' => 'https://w3id.org/identity/v1']; - if (!empty($options)) { - foreach ($options as $k => $v) { - if (!in_array($k, ['type', 'id', 'signatureValue'])) { - $newopts[$k] = $v; - } - } - } - return $newopts; + + unset($options['type']); + unset($options['id']); + unset($options['signatureValue']); + + return array_merge($newopts, $options); } private static function hash($obj)