]> git.mxchange.org Git - quix0rs-gnu-social.git/commitdiff
Check for 0.9.0 bad keys from old Crypt_RSA library
authorJames Walker <walkah@walkah.net>
Wed, 24 Mar 2010 19:15:20 +0000 (15:15 -0400)
committerJames Walker <walkah@walkah.net>
Wed, 24 Mar 2010 19:15:20 +0000 (15:15 -0400)
plugins/OStatus/classes/Magicsig.php

index 87c684c93d87702eac562585797a0167070c4ad9..1a954149584a1b68bed1a54c21b9ac7098ba8a45 100644 (file)
@@ -50,7 +50,15 @@ class Magicsig extends Memcached_DataObject
     {
         $obj =  parent::staticGet(__CLASS__, $k, $v);
         if (!empty($obj)) {
-            return Magicsig::fromString($obj->keypair);
+            $obj = Magicsig::fromString($obj->keypair);
+
+            // Double check keys: Crypt_RSA did not
+            // consistently generate good keypairs.
+            // We've also moved to 1024 bit keys.
+            if (strlen($obj->publicKey->modulus->toBits()) != 1024) {
+                $obj->delete();
+                return false;
+            }
         }
 
         return $obj;