*/
function insert()
{
- $this->keypair = $this->toString();
+ $this->keypair = $this->toString(true);
return parent::insert();
}
*
* @param User $user the local user (since we don't have remote private keys)
*/
- public function generate(User $user, $bits=1024)
+ public static function generate(User $user, $bits=1024, $alg='RSA-SHA256')
{
+ $magicsig = new Magicsig($alg);
+ $magicsig->user_id = $user->id;
+
$rsa = new Crypt_RSA();
$keypair = $rsa->createKey($bits);
- $this->privateKey = new Crypt_RSA();
- $this->privateKey->loadKey($keypair['privatekey']);
+ $magicsig->privateKey = new Crypt_RSA();
+ $magicsig->privateKey->loadKey($keypair['privatekey']);
+
+ $magicsig->publicKey = new Crypt_RSA();
+ $magicsig->publicKey->loadKey($keypair['publickey']);
- $this->publicKey = new Crypt_RSA();
- $this->publicKey->loadKey($keypair['publickey']);
+ $magicsig->insert(); // will do $this->keypair = $this->toString(true);
+ $magicsig->importKeys(); // seems it's necessary to re-read keys from text keypair
- $this->user_id = $user->id;
- $this->insert();
+ return $magicsig;
}
/**
$mod = Magicsig::base64_url_encode($this->publicKey->modulus->toBytes());
$exp = Magicsig::base64_url_encode($this->publicKey->exponent->toBytes());
$private_exp = '';
- if ($full_pair && $this->privateKey->exponent->toBytes()) {
+ if ($full_pair && $this->privateKey instanceof Crypt_RSA && $this->privateKey->exponent->toBytes()) {
$private_exp = '.' . Magicsig::base64_url_encode($this->privateKey->exponent->toBytes());
}
* @param <type> $text
* @param <type> $mimetype
* @param Magicsig $magicsig Magicsig with private key available.
+ *
* @return MagicEnvelope object with all properties set
+ *
+ * @throws Exception of various kinds on signing failure
*/
- public static function signMessage($text, $mimetype, Magicsig $magicsig)
+ public function signMessage($text, $mimetype, Magicsig $magicsig)
{
- $magic_env = new MagicEnvelope();
+ assert($magicsig->privateKey instanceof Crypt_RSA);
// Prepare text and metadata for signing
- $magic_env->data = Magicsig::base64_url_encode($text);
- $magic_env->data_type = $mimetype;
- $magic_env->encoding = self::ENCODING;
- $magic_env->alg = $magicsig->getName();
- // Get the actual signature
- $magic_env->sig = $magicsig->sign($magic_env->signingText());
+ $this->data = Magicsig::base64_url_encode($text);
+ $this->data_type = $mimetype;
+ $this->encoding = self::ENCODING;
+ $this->alg = $magicsig->getName();
- return $magic_env;
+ // Get the actual signature
+ $this->sig = $magicsig->sign($this->signingText());
}
/**
$xs->element('me:data', array('type' => $this->data_type), $this->data);
$xs->element('me:encoding', null, $this->encoding);
$xs->element('me:alg', null, $this->alg);
- $xs->element('me:sig', null, $this->sig);
+ $xs->element('me:sig', null, $this->getSignature());
$xs->elementEnd('me:env');
$string = $xs->getString();
$prov->appendChild($enc);
$alg = $dom->createElementNS(self::NS, 'me:alg', $this->alg);
$prov->appendChild($alg);
- $sig = $dom->createElementNS(self::NS, 'me:sig', $this->sig);
+ $sig = $dom->createElementNS(self::NS, 'me:sig', $this->getSignature());
$prov->appendChild($sig);
$dom->documentElement->appendChild($prov);
return $dom;
}
+ public function getSignature()
+ {
+ return $this->sig;
+ }
+
/**
* Find the author URI referenced in the payload Atom entry.
*
return false;
}
- return $magicsig->verify($this->signingText(), $this->sig);
+ return $magicsig->verify($this->signingText(), $this->getSignature());
}
/**
* @param string $text XML fragment to sign, assumed to be Atom
* @param User $user User who cryptographically signs $text
*
- * @return string XML string representation of magic envelope
+ * @return MagicEnvelope object complete with signature
*
* @throws Exception on bad profile input or key generation problems
- * @fixme if signing fails, this seems to return the original text without warning. Is there a reason for this?
*/
public static function signAsUser($text, User $user)
{
// Find already stored key
$magicsig = Magicsig::getKV('user_id', $user->id);
if (!$magicsig instanceof Magicsig) {
- // No keypair yet, let's generate one.
- $magicsig = new Magicsig();
- $magicsig->generate($user);
+ $magicsig = Magicsig::generate($user);
}
+ assert($magicsig instanceof Magicsig);
+ assert($magicsig->privateKey instanceof Crypt_RSA);
- $magic_env = self::signMessage($text, 'application/atom+xml', $magicsig);
-
- assert($magic_env instanceof MagicEnvelope);
+ $magic_env = new MagicEnvelope();
+ $magic_env->signMessage($text, 'application/atom+xml', $magicsig);
return $magic_env;
}