1 files changed, 38 insertions, 10 deletions

diff --git a/plugins/OStatus/lib/magicenvelope.php b/plugins/OStatus/lib/magicenvelope.php
index 230d81ba1..f39686b71 100644
--- a/plugins/OStatus/lib/magicenvelope.php
+++ b/plugins/OStatus/lib/magicenvelope.php
@@ -59,8 +59,21 @@ class MagicEnvelope
         }
         if ($xrd->links) {
             if ($link = Discovery::getService($xrd->links, Magicsig::PUBLICKEYREL)) {
-                list($type, $keypair) = explode(';', $link['href']);
-                return $keypair;
+                $keypair = false;
+                $parts = explode(',', $link['href']);
+                if (count($parts) == 2) {
+                    $keypair = $parts[1];
+                } else {
+                    // Backwards compatibility check for separator bug in 0.9.0
+                    $parts = explode(';', $link['href']);
+                    if (count($parts) == 2) {
+                        $keypair = $parts[1];
+                    }
+                }
+                
+                if ($keypair) {
+                    return $keypair;
+                }
             }
         }
         throw new Exception('Unable to locate signer public key');
@@ -70,7 +83,7 @@ class MagicEnvelope
     public function signMessage($text, $mimetype, $keypair)
     {
         $signature_alg = Magicsig::fromString($keypair);
-        $armored_text = base64_encode($text);
+        $armored_text = Magicsig::base64_url_encode($text);
 
         return array(
             'data' => $armored_text,
@@ -108,7 +121,7 @@ class MagicEnvelope
     public function unfold($env)
     {
         $dom = new DOMDocument();
-        $dom->loadXML(base64_decode($env['data']));
+        $dom->loadXML(Magicsig::base64_url_decode($env['data']));
 
         if ($dom->documentElement->tagName != 'entry') {
             return false;
@@ -156,18 +169,32 @@ class MagicEnvelope
     public function verify($env)
     {
         if ($env['alg'] != 'RSA-SHA256') {
+            common_log(LOG_DEBUG, "Salmon error: bad algorithm");
             return false;
         }
 
         if ($env['encoding'] != MagicEnvelope::ENCODING) {
+            common_log(LOG_DEBUG, "Salmon error: bad encoding");
             return false;
         }
 
-        $text = base64_decode($env['data']);
+        $text = Magicsig::base64_url_decode($env['data']);
         $signer_uri = $this->getAuthor($text);
 
-        $verifier = Magicsig::fromString($this->getKeyPair($signer_uri));
+        try {
+            $keypair = $this->getKeyPair($signer_uri);
+        } catch (Exception $e) {
+            common_log(LOG_DEBUG, "Salmon error: ".$e->getMessage());
+            return false;
+        }
+        
+        $verifier = Magicsig::fromString($keypair);
 
+        if (!$verifier) {
+            common_log(LOG_DEBUG, "Salmon error: unable to parse keypair");
+            return false;
+        }
+        
         return $verifier->verify($env['data'], $env['sig']);
     }
 
@@ -179,11 +206,12 @@ class MagicEnvelope
 
     public function fromDom($dom)
     {
-        if ($dom->documentElement->tagName == 'entry') {
+        $env_element = $dom->getElementsByTagNameNS(MagicEnvelope::NS, 'env')->item(0);
+        if (!$env_element) {
             $env_element = $dom->getElementsByTagNameNS(MagicEnvelope::NS, 'provenance')->item(0);
-        } else if ($dom->documentElement->tagName == 'me:env') {
-            $env_element = $dom->documentElement;
-        } else {
+        }
+
+        if (!$env_element) {
             return false;
         }