From 8b04bcb3103197ac441c9df42da2f39105535db8 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 2 Mar 2014 11:47:38 +0100 Subject: [PATCH] Prepare for >1024 RSA keys for Salmon signatures --- plugins/OStatus/classes/Magicsig.php | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 1ef913792b..c07a082495 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -91,13 +91,15 @@ class Magicsig extends Managed_DataObject static function getKV($k, $v=null) { $obj = parent::getKV($k, $v); - if (!empty($obj)) { + if ($obj instanceof Magicsig) { + // Please note we're replacing the $obj + // FIXME: There should be an import-key that modifies the fetched $obj $obj = Magicsig::fromString($obj->keypair); - // Double check keys: Crypt_RSA did not - // consistently generate good keypairs. - // We've also moved to 1024 bit keys. - if (strlen($obj->publicKey->modulus->toBits()) != 1024) { + // Never allow less than 1024 bit keys. + // The only case these show up in would be imported or + // legacy very-old-StatusNet generated keypairs. + if (strlen($obj->publicKey->modulus->toBits()) < 1024) { $obj->delete(); return false; } @@ -144,11 +146,11 @@ class Magicsig extends Managed_DataObject * * @param int $user_id id of local user we're creating a key for */ - public function generate($user_id) + public function generate($user_id, $bits=1024) { $rsa = new Crypt_RSA(); - $keypair = $rsa->createKey(); + $keypair = $rsa->createKey($bits); $rsa->loadKey($keypair['privatekey']); -- 2.39.5