From: James Walker Date: Wed, 24 Mar 2010 19:15:20 +0000 (-0400) Subject: Check for 0.9.0 bad keys from old Crypt_RSA library X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=c4273f0ef32f65267ddf43dc5dc6977659a0697e;p=quix0rs-gnu-social.git Check for 0.9.0 bad keys from old Crypt_RSA library --- diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 87c684c93d..1a95414958 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -50,7 +50,15 @@ class Magicsig extends Memcached_DataObject { $obj = parent::staticGet(__CLASS__, $k, $v); if (!empty($obj)) { - return Magicsig::fromString($obj->keypair); + $obj = Magicsig::fromString($obj->keypair); + + // Double check keys: Crypt_RSA did not + // consistently generate good keypairs. + // We've also moved to 1024 bit keys. + if (strlen($obj->publicKey->modulus->toBits()) != 1024) { + $obj->delete(); + return false; + } } return $obj;