From: James Walker <walkah@walkah.net>
Date: Wed, 24 Mar 2010 19:15:20 +0000 (-0400)
Subject: Check for 0.9.0 bad keys from old Crypt_RSA library
X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=c4273f0ef32f65267ddf43dc5dc6977659a0697e;p=quix0rs-gnu-social.git

Check for 0.9.0 bad keys from old Crypt_RSA library
---

diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php
index 87c684c93d..1a95414958 100644
--- a/plugins/OStatus/classes/Magicsig.php
+++ b/plugins/OStatus/classes/Magicsig.php
@@ -50,7 +50,15 @@ class Magicsig extends Memcached_DataObject
     {
         $obj =  parent::staticGet(__CLASS__, $k, $v);
         if (!empty($obj)) {
-            return Magicsig::fromString($obj->keypair);
+            $obj = Magicsig::fromString($obj->keypair);
+
+            // Double check keys: Crypt_RSA did not
+            // consistently generate good keypairs.
+            // We've also moved to 1024 bit keys.
+            if (strlen($obj->publicKey->modulus->toBits()) != 1024) {
+                $obj->delete();
+                return false;
+            }
         }
 
         return $obj;