summaryrefslogtreecommitdiff
path: root/plugins
diff options
context:
space:
mode:
authorBrion Vibber <brion@pobox.com>2010-03-22 12:17:45 -0700
committerBrion Vibber <brion@pobox.com>2010-03-22 12:17:45 -0700
commit27bfd1211d64298ee3c3b2d82d7b38ca1e1167ad (patch)
tree487110ff5e0d85e185e842d2d9d1c23087029844 /plugins
parent4168b9cec1f7b2e6421c018e56e3b9a13c14d581 (diff)
Math_BigInteger doesn't correctly handle serialization/deserialization for a value of 0, which can end up spewing notices to output and otherwise intefering with Salmon signature setup and verification when using memcached.
Worked around this with a subclass that fixes the wakeup, used for the stored 0 value in the subclassed Crypt_RSA.
Diffstat (limited to 'plugins')
-rw-r--r--plugins/OStatus/classes/Magicsig.php10
-rw-r--r--plugins/OStatus/lib/safecrypt_rsa.php18
-rw-r--r--plugins/OStatus/lib/safemath_biginteger.php20
3 files changed, 42 insertions, 6 deletions
diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php
index 5705ecc11..87c684c93 100644
--- a/plugins/OStatus/classes/Magicsig.php
+++ b/plugins/OStatus/classes/Magicsig.php
@@ -27,8 +27,6 @@
* @link http://status.net/
*/
-require_once 'Crypt/RSA.php';
-
class Magicsig extends Memcached_DataObject
{
@@ -102,16 +100,16 @@ class Magicsig extends Memcached_DataObject
public function generate($user_id)
{
- $rsa = new Crypt_RSA();
+ $rsa = new SafeCrypt_RSA();
$keypair = $rsa->createKey();
$rsa->loadKey($keypair['privatekey']);
- $this->privateKey = new Crypt_RSA();
+ $this->privateKey = new SafeCrypt_RSA();
$this->privateKey->loadKey($keypair['privatekey']);
- $this->publicKey = new Crypt_RSA();
+ $this->publicKey = new SafeCrypt_RSA();
$this->publicKey->loadKey($keypair['publickey']);
$this->user_id = $user_id;
@@ -163,7 +161,7 @@ class Magicsig extends Memcached_DataObject
{
common_log(LOG_DEBUG, "Adding ".$type." key: (".$mod .', '. $exp .")");
- $rsa = new Crypt_RSA();
+ $rsa = new SafeCrypt_RSA();
$rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1;
$rsa->setHash('sha256');
$rsa->modulus = new Math_BigInteger(base64_url_decode($mod), 256);
diff --git a/plugins/OStatus/lib/safecrypt_rsa.php b/plugins/OStatus/lib/safecrypt_rsa.php
new file mode 100644
index 000000000..f3aa2c928
--- /dev/null
+++ b/plugins/OStatus/lib/safecrypt_rsa.php
@@ -0,0 +1,18 @@
+<?php
+
+require_once 'Crypt/RSA.php';
+
+/**
+ * Crypt_RSA stores a Math_BigInteger with value 0, which triggers a bug
+ * in Math_BigInteger's wakeup function which spews notices to log or output.
+ * This wrapper replaces it with a version that survives serialization.
+ */
+class SafeCrypt_RSA extends Crypt_RSA
+{
+ function __construct()
+ {
+ parent::__construct();
+ $this->zero = new SafeMath_BigInteger();
+ }
+}
+
diff --git a/plugins/OStatus/lib/safemath_biginteger.php b/plugins/OStatus/lib/safemath_biginteger.php
new file mode 100644
index 000000000..c05e24d1e
--- /dev/null
+++ b/plugins/OStatus/lib/safemath_biginteger.php
@@ -0,0 +1,20 @@
+<?php
+
+require_once 'Math/BigInteger.php';
+
+/**
+ * Crypt_RSA stores a Math_BigInteger with value 0, which triggers a bug
+ * in Math_BigInteger's wakeup function which spews notices to log or output.
+ * This wrapper replaces it with a version that survives serialization.
+ */
+class SafeMath_BigInteger extends Math_BigInteger
+{
+ function __wakeup()
+ {
+ if ($this->hex == '') {
+ $this->hex = '0';
+ }
+ parent::__wakeup();
+ }
+}
+