From cb32b676fa4d7e95ec32c3e8968d0ccddbfa42fa Mon Sep 17 00:00:00 2001 From: James Walker Date: Mon, 22 Feb 2010 20:56:11 -0500 Subject: moving magicsig.php to classes - to add storage --- plugins/OStatus/classes/Magicsig.php | 155 +++++++++++++++++++++++++++++++++++ 1 file changed, 155 insertions(+) create mode 100644 plugins/OStatus/classes/Magicsig.php (limited to 'plugins/OStatus/classes/Magicsig.php') diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php new file mode 100644 index 000000000..9d9d32744 --- /dev/null +++ b/plugins/OStatus/classes/Magicsig.php @@ -0,0 +1,155 @@ +. + * + * @package StatusNet + * @author James Walker + * @copyright 2010 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 + * @link http://status.net/ + */ + +require_once 'Crypt/RSA.php'; + +class Magicsig +{ + + public $keypair; + + public function __construct($init = null) + { + if (is_null($init)) { + $this->generate(); + } else { + $this->fromString($init); + } + } + + + public function generate($key_length = 512) + { + $keypair = new Crypt_RSA_KeyPair($key_length); + $params['public_key'] = $keypair->getPublicKey(); + $params['private_key'] = $keypair->getPrivateKey(); + + PEAR::pushErrorHandling(PEAR_ERROR_RETURN); + $this->keypair = new Crypt_RSA($params); + PEAR::popErrorHandling(); + } + + + public function toString($full_pair = true) + { + $public_key = $this->keypair->_public_key; + $private_key = $this->keypair->_private_key; + + $mod = base64_url_encode($public_key->getModulus()); + $exp = base64_url_encode($public_key->getExponent()); + $private_exp = ''; + if ($full_pair && $private_key->getExponent()) { + $private_exp = '.' . base64_url_encode($private_key->getExponent()); + } + + return 'RSA.' . $mod . '.' . $exp . $private_exp; + } + + public function fromString($text) + { + PEAR::pushErrorHandling(PEAR_ERROR_RETURN); + + // remove whitespace + $text = preg_replace('/\s+/', '', $text); + + // parse components + if (!preg_match('/RSA\.([^\.]+)\.([^\.]+)(.([^\.]+))?/', $text, $matches)) { + return false; + } + + $mod = base64_url_decode($matches[1]); + $exp = base64_url_decode($matches[2]); + if ($matches[4]) { + $private_exp = base64_url_decode($matches[4]); + } + + $params['public_key'] = new Crypt_RSA_KEY($mod, $exp, 'public'); + if ($params['public_key']->isError()) { + $error = $params['public_key']->getLastError(); + print $error->getMessage(); + exit; + } + if ($private_exp) { + $params['private_key'] = new Crypt_RSA_KEY($mod, $private_exp, 'private'); + if ($params['private_key']->isError()) { + $error = $params['private_key']->getLastError(); + print $error->getMessage(); + exit; + } + } + + $this->keypair = new Crypt_RSA($params); + PEAR::popErrorHandling(); + } + + public function getName() + { + return 'RSA-SHA256'; + } + + public function sign($bytes) + { + $sig = $this->keypair->createSign($bytes, null, 'sha256'); + if ($this->keypair->isError()) { + $error = $this->keypair->getLastError(); + common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); + } + + return $sig; + } + + public function verify($signed_bytes, $signature) + { + $result = $this->keypair->validateSign($signed_bytes, $signature, null, 'sha256'); + if ($this->keypair->isError()) { + $error = $this->keypair->getLastError(); + //common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); + print $error->getMessage(); + } + return $result; + } + +} + +// Define a sha256 function for hashing +// (Crypt_RSA should really be updated to use hash() ) +function sha256($bytes) +{ + return hash('sha256', $bytes); +} + +function base64_url_encode($input) +{ + return strtr(base64_encode($input), '+/', '-_'); +} + +function base64_url_decode($input) +{ + return base64_decode(strtr($input, '-_', '+/')); +} \ No newline at end of file -- cgit v1.2.3-54-g00ecf From 74f5c1e16968110caefeeb8431869897f2f8ddfb Mon Sep 17 00:00:00 2001 From: James Walker Date: Mon, 22 Feb 2010 22:55:26 -0500 Subject: db_objectified magic sig - for persistence of local keypairs --- plugins/OStatus/classes/Magicsig.php | 46 ++++++++++++++++++++++++++++++------ 1 file changed, 39 insertions(+), 7 deletions(-) (limited to 'plugins/OStatus/classes/Magicsig.php') diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 9d9d32744..6d09c54ec 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -29,21 +29,53 @@ require_once 'Crypt/RSA.php'; -class Magicsig +class Magicsig extends Memcached_DataObject { + public $__table = 'magicsig'; + + public $user_id; public $keypair; + public $alg; - public function __construct($init = null) + private $_rsa; + + public /*static*/ function staticGet($k, $v=null) { - if (is_null($init)) { - $this->generate(); - } else { - $this->fromString($init); - } + return parent::staticGet(__CLASS__, $k, $v); + } + + + function table() + { + return array( + 'user_id' => DB_DATAOBJECT_INT, + 'keypair' => DB_DATAOBJECT_STR + DB_DATAOBJECT_NOTNULL, + 'alg' => DB_DATAOBJECT_STR + ); + } + + static function schemaDef() + { + return array(new ColumnDef('user_id', 'integer', + null, true, 'PRI'), + new ColumnDef('keypair', 'varchar', + 255, false), + new ColumnDef('alg', 'varchar', + 64, false)); } + function keys() + { + return array_keys($this->keyTypes()); + } + + function keyTypes() + { + return array('user_id' => 'K'); + } + public function generate($key_length = 512) { $keypair = new Crypt_RSA_KeyPair($key_length); -- cgit v1.2.3-54-g00ecf From f4b34d67c54022b70185e83fe628c17e3656d91f Mon Sep 17 00:00:00 2001 From: James Walker Date: Mon, 22 Feb 2010 23:11:40 -0500 Subject: generate keypairs for users, and put them in the XRD for discovery --- plugins/OStatus/OStatusPlugin.php | 1 + plugins/OStatus/actions/webfinger.php | 11 +++++++ plugins/OStatus/classes/Magicsig.php | 55 +++++++++++++++++++++++++++-------- 3 files changed, 55 insertions(+), 12 deletions(-) (limited to 'plugins/OStatus/classes/Magicsig.php') diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index 472008419..db4a0af35 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -312,6 +312,7 @@ class OStatusPlugin extends Plugin $schema->ensureTable('ostatus_source', Ostatus_source::schemaDef()); $schema->ensureTable('feedsub', FeedSub::schemaDef()); $schema->ensureTable('hubsub', HubSub::schemaDef()); + $schema->ensureTable('magicsig', Magicsig::schemaDef()); return true; } diff --git a/plugins/OStatus/actions/webfinger.php b/plugins/OStatus/actions/webfinger.php index cf60b8069..fbbd8d039 100644 --- a/plugins/OStatus/actions/webfinger.php +++ b/plugins/OStatus/actions/webfinger.php @@ -71,6 +71,17 @@ class WebfingerAction extends Action $xrd->links[] = array('rel' => 'salmon', 'href' => $salmon_url); + // Get this user's keypair + $magickey = Magicsig::staticGet('user_id', $this->user->id); + if (!$magickey) { + // No keypair yet, let's generate one. + $magickey = new Magicsig(); + $magickey->generate(); + } + + $xrd->links[] = array('rel' => Magicsig::PUBLICKEYREL, + 'href' => 'data:application/magic-public-key;'. $magickey->keypair); + // TODO - finalize where the redirect should go on the publisher $url = common_local_url('ostatussub') . '?profile={uri}'; $xrd->links[] = array('rel' => 'http://ostatus.org/schema/1.0/subscribe', diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 6d09c54ec..85664bbf9 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -32,6 +32,8 @@ require_once 'Crypt/RSA.php'; class Magicsig extends Memcached_DataObject { + const PUBLICKEYREL = 'magic-public-key'; + public $__table = 'magicsig'; public $user_id; @@ -40,6 +42,11 @@ class Magicsig extends Memcached_DataObject private $_rsa; + public function __construct($alg = 'RSA-SHA256') + { + $this->alg = $alg; + } + public /*static*/ function staticGet($k, $v=null) { return parent::staticGet(__CLASS__, $k, $v); @@ -75,23 +82,33 @@ class Magicsig extends Memcached_DataObject { return array('user_id' => 'K'); } + + function insert() + { + $this->keypair = $this->toString(); + + return parent::insert(); + } public function generate($key_length = 512) { + PEAR::pushErrorHandling(PEAR_ERROR_RETURN); + $keypair = new Crypt_RSA_KeyPair($key_length); $params['public_key'] = $keypair->getPublicKey(); $params['private_key'] = $keypair->getPrivateKey(); - PEAR::pushErrorHandling(PEAR_ERROR_RETURN); - $this->keypair = new Crypt_RSA($params); + $this->_rsa = new Crypt_RSA($params); PEAR::popErrorHandling(); + + $this->insert(); } public function toString($full_pair = true) { - $public_key = $this->keypair->_public_key; - $private_key = $this->keypair->_private_key; + $public_key = $this->_rsa->_public_key; + $private_key = $this->_rsa->_private_key; $mod = base64_url_encode($public_key->getModulus()); $exp = base64_url_encode($public_key->getExponent()); @@ -103,10 +120,12 @@ class Magicsig extends Memcached_DataObject return 'RSA.' . $mod . '.' . $exp . $private_exp; } - public function fromString($text) + public static function fromString($text) { PEAR::pushErrorHandling(PEAR_ERROR_RETURN); + $magic_sig = new Magicsig(); + // remove whitespace $text = preg_replace('/\s+/', '', $text); @@ -136,20 +155,32 @@ class Magicsig extends Memcached_DataObject } } - $this->keypair = new Crypt_RSA($params); + $magic_sig->_rsa = new Crypt_RSA($params); PEAR::popErrorHandling(); + + return $magic_sig; } public function getName() { - return 'RSA-SHA256'; + $this->alg; } + public function getHash() + { + switch ($this->alg) { + + case 'RSA-SHA256': + return 'sha256'; + } + + } + public function sign($bytes) { - $sig = $this->keypair->createSign($bytes, null, 'sha256'); - if ($this->keypair->isError()) { - $error = $this->keypair->getLastError(); + $sig = $this->_rsa->createSign($bytes, null, 'sha256'); + if ($this->_rsa->isError()) { + $error = $this->_rsa->getLastError(); common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); } @@ -158,8 +189,8 @@ class Magicsig extends Memcached_DataObject public function verify($signed_bytes, $signature) { - $result = $this->keypair->validateSign($signed_bytes, $signature, null, 'sha256'); - if ($this->keypair->isError()) { + $result = $this->_rsa->validateSign($signed_bytes, $signature, null, 'sha256'); + if ($this->_rsa->isError()) { $error = $this->keypair->getLastError(); //common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); print $error->getMessage(); -- cgit v1.2.3-54-g00ecf From 17b8020d2585ce248d12ad1a2b8f57a4ab250f82 Mon Sep 17 00:00:00 2001 From: James Walker Date: Mon, 22 Feb 2010 23:30:05 -0500 Subject: clean up error logging --- plugins/OStatus/classes/Magicsig.php | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'plugins/OStatus/classes/Magicsig.php') diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 85664bbf9..c9f6182b5 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -89,7 +89,7 @@ class Magicsig extends Memcached_DataObject return parent::insert(); } - + public function generate($key_length = 512) { PEAR::pushErrorHandling(PEAR_ERROR_RETURN); @@ -143,15 +143,15 @@ class Magicsig extends Memcached_DataObject $params['public_key'] = new Crypt_RSA_KEY($mod, $exp, 'public'); if ($params['public_key']->isError()) { $error = $params['public_key']->getLastError(); - print $error->getMessage(); - exit; + common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); + return false; } if ($private_exp) { $params['private_key'] = new Crypt_RSA_KEY($mod, $private_exp, 'private'); if ($params['private_key']->isError()) { $error = $params['private_key']->getLastError(); - print $error->getMessage(); - exit; + common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); + return false; } } @@ -182,6 +182,7 @@ class Magicsig extends Memcached_DataObject if ($this->_rsa->isError()) { $error = $this->_rsa->getLastError(); common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); + return false; } return $sig; @@ -192,8 +193,8 @@ class Magicsig extends Memcached_DataObject $result = $this->_rsa->validateSign($signed_bytes, $signature, null, 'sha256'); if ($this->_rsa->isError()) { $error = $this->keypair->getLastError(); - //common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); - print $error->getMessage(); + common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); + return false; } return $result; } -- cgit v1.2.3-54-g00ecf From 1fe031844c136d503074e23e0d0a50056dc224dc Mon Sep 17 00:00:00 2001 From: James Walker Date: Mon, 22 Feb 2010 23:44:33 -0500 Subject: er typo --- plugins/OStatus/classes/Magicsig.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins/OStatus/classes/Magicsig.php') diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index c9f6182b5..681aec184 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -163,7 +163,7 @@ class Magicsig extends Memcached_DataObject public function getName() { - $this->alg; + return $this->alg; } public function getHash() -- cgit v1.2.3-54-g00ecf From 0afb09ad64bec9ea7f9569c73899b2c3fbc1e5a5 Mon Sep 17 00:00:00 2001 From: James Walker Date: Thu, 25 Feb 2010 23:37:59 -0500 Subject: er. right. --- plugins/OStatus/classes/Magicsig.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'plugins/OStatus/classes/Magicsig.php') diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 681aec184..02882d19b 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -90,7 +90,7 @@ class Magicsig extends Memcached_DataObject return parent::insert(); } - public function generate($key_length = 512) + public function generate($user_id, $key_length = 512) { PEAR::pushErrorHandling(PEAR_ERROR_RETURN); @@ -101,6 +101,7 @@ class Magicsig extends Memcached_DataObject $this->_rsa = new Crypt_RSA($params); PEAR::popErrorHandling(); + $this->user_id = $user_id; $this->insert(); } -- cgit v1.2.3-54-g00ecf From 223ebc765c454e030a49df7e2e1b9cdc2b005fe6 Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 26 Feb 2010 14:21:21 -0500 Subject: move signing to take a local actor profile and use local keys --- plugins/OStatus/OStatusPlugin.php | 14 +++++++------- plugins/OStatus/classes/Magicsig.php | 3 ++- plugins/OStatus/classes/Ostatus_profile.php | 11 ++++++----- plugins/OStatus/lib/magicenvelope.php | 12 +----------- plugins/OStatus/lib/ostatusqueuehandler.php | 2 +- plugins/OStatus/lib/salmon.php | 24 ++++++++++++++++++------ plugins/OStatus/lib/salmonqueuehandler.php | 4 +++- 7 files changed, 38 insertions(+), 32 deletions(-) (limited to 'plugins/OStatus/classes/Magicsig.php') diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index 89fa45f91..720dedd0a 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -415,7 +415,7 @@ class OStatusPlugin extends Plugin $act->actor = ActivityObject::fromProfile($subscriber); $act->object = ActivityObject::fromProfile($other); - $oprofile->notifyActivity($act); + $oprofile->notifyActivity($act, $subscriber); return true; } @@ -463,7 +463,7 @@ class OStatusPlugin extends Plugin $act->actor = ActivityObject::fromProfile($profile); $act->object = ActivityObject::fromProfile($other); - $oprofile->notifyActivity($act); + $oprofile->notifyActivity($act, $profile); return true; } @@ -505,7 +505,7 @@ class OStatusPlugin extends Plugin $member->getBestName(), $oprofile->getBestName()); - if ($oprofile->notifyActivity($act)) { + if ($oprofile->notifyActivity($act, $member)) { return true; } else { $oprofile->garbageCollect(); @@ -555,7 +555,7 @@ class OStatusPlugin extends Plugin $member->getBestName(), $oprofile->getBestName()); - $oprofile->notifyActivity($act); + $oprofile->notifyActivity($act, $member); } } @@ -598,7 +598,7 @@ class OStatusPlugin extends Plugin $act->actor = ActivityObject::fromProfile($profile); $act->object = ActivityObject::fromNotice($notice); - $oprofile->notifyActivity($act); + $oprofile->notifyActivity($act, $profile); return true; } @@ -642,7 +642,7 @@ class OStatusPlugin extends Plugin $act->actor = ActivityObject::fromProfile($profile); $act->object = ActivityObject::fromNotice($notice); - $oprofile->notifyActivity($act); + $oprofile->notifyActivity($act, $profile); return true; } @@ -731,7 +731,7 @@ class OStatusPlugin extends Plugin $act->object = $act->actor; while ($oprofile->fetch()) { - $oprofile->notifyDeferred($act); + $oprofile->notifyDeferred($act, $profile); } return true; diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 02882d19b..751527c81 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -49,7 +49,8 @@ class Magicsig extends Memcached_DataObject public /*static*/ function staticGet($k, $v=null) { - return parent::staticGet(__CLASS__, $k, $v); + $obj = parent::staticGet(__CLASS__, $k, $v); + return Magicsig::fromString($obj->keypair); } diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index c6f7378c4..35539bff7 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -357,7 +357,7 @@ class Ostatus_profile extends Memcached_DataObject common_log(LOG_INFO, "Posting to Salmon endpoint $this->salmonuri: $xml"); $salmon = new Salmon(); // ? - return $salmon->post($this->salmonuri, $xml); + return $salmon->post($this->salmonuri, $xml, $actor); } return false; } @@ -369,11 +369,11 @@ class Ostatus_profile extends Memcached_DataObject * @param mixed $entry XML string, Notice, or Activity * @return boolean success */ - public function notifyActivity($entry) + public function notifyActivity($entry, $actor) { if ($this->salmonuri) { $salmon = new Salmon(); - return $salmon->post($this->salmonuri, $this->notifyPrepXml($entry)); + return $salmon->post($this->salmonuri, $this->notifyPrepXml($entry), $actor); } return false; @@ -386,11 +386,12 @@ class Ostatus_profile extends Memcached_DataObject * @param mixed $entry XML string, Notice, or Activity * @return boolean success */ - public function notifyDeferred($entry) + public function notifyDeferred($entry, $actor) { if ($this->salmonuri) { $data = array('salmonuri' => $this->salmonuri, - 'entry' => $this->notifyPrepXml($entry)); + 'entry' => $this->notifyPrepXml($entry), + 'actor' => $actor->id); $qm = QueueManager::get(); return $qm->enqueue($data, 'salmon'); diff --git a/plugins/OStatus/lib/magicenvelope.php b/plugins/OStatus/lib/magicenvelope.php index 457c0fba2..f33119b8f 100644 --- a/plugins/OStatus/lib/magicenvelope.php +++ b/plugins/OStatus/lib/magicenvelope.php @@ -67,18 +67,8 @@ class MagicEnvelope } - public function signMessage($text, $mimetype, $signer_uri) + public function signMessage($text, $mimetype, $keypair) { - $signer_uri = $this->normalizeUser($signer_uri); - - if (!$this->checkAuthor($text, $signer_uri)) { - throw new Exception("Unable to determine entry author."); - } - - $keypair = $this->getKeyPair($signer_uri); - if (!$keypair) { - throw new Exception("Unable to retrive keypair for ". $signer_uri); - } $signature_alg = Magicsig::fromString($keypair); $armored_text = base64_encode($text); diff --git a/plugins/OStatus/lib/ostatusqueuehandler.php b/plugins/OStatus/lib/ostatusqueuehandler.php index 0da85600f..6ca31c485 100644 --- a/plugins/OStatus/lib/ostatusqueuehandler.php +++ b/plugins/OStatus/lib/ostatusqueuehandler.php @@ -87,7 +87,7 @@ class OStatusQueueHandler extends QueueHandler // remote user or group. // @fixme as an optimization we can skip this if the // remote profile is subscribed to the author. - $oprofile->notifyDeferred($this->notice); + $oprofile->notifyDeferred($this->notice, $this->user); } } diff --git a/plugins/OStatus/lib/salmon.php b/plugins/OStatus/lib/salmon.php index c59de2a14..6e2459544 100644 --- a/plugins/OStatus/lib/salmon.php +++ b/plugins/OStatus/lib/salmon.php @@ -42,14 +42,14 @@ class Salmon * @param string $xml * @return boolean success */ - public function post($endpoint_uri, $xml) + public function post($endpoint_uri, $xml, $actor) { if (empty($endpoint_uri)) { return false; } if (!common_config('ostatus', 'skip_signatures')) { - $xml = $this->createMagicEnv($xml); + $xml = $this->createMagicEnv($xml, $actor); } $headers = array('Content-Type: application/atom+xml'); @@ -70,15 +70,27 @@ class Salmon return true; } - public function createMagicEnv($text) + public function createMagicEnv($text, $actor) { + common_log(LOG_DEBUG, "Got actor as : ". print_r($actor, true)); $magic_env = new MagicEnvelope(); - // TODO: Should probably be getting the signer uri as an argument? - $signer_uri = $magic_env->getAuthor($text); + $user = User::staticGet('id', $actor->id); + if ($user->id) { + // Use local key + $magickey = Magicsig::staticGet('user_id', $user->id); + if (!$magickey) { + // No keypair yet, let's generate one. + $magickey = new Magicsig(); + $magickey->generate($user->id); + } + common_log(LOG_DEBUG, "Salmon: Loaded key for ". $user->id); + } else { + throw new Exception("Salmon invalid actor for signing"); + } try { - $env = $magic_env->signMessage($text, 'application/atom+xml', $signer_uri); + $env = $magic_env->signMessage($text, 'application/atom+xml', $magickey->toString()); } catch (Exception $e) { common_log(LOG_ERR, "Salmon signing failed: ". $e->getMessage()); return $text; diff --git a/plugins/OStatus/lib/salmonqueuehandler.php b/plugins/OStatus/lib/salmonqueuehandler.php index aa97018dc..7eeb5f8e9 100644 --- a/plugins/OStatus/lib/salmonqueuehandler.php +++ b/plugins/OStatus/lib/salmonqueuehandler.php @@ -35,8 +35,10 @@ class SalmonQueueHandler extends QueueHandler assert(is_string($data['salmonuri'])); assert(is_string($data['entry'])); + $actor = Profile::staticGet($data['actor']); + $salmon = new Salmon(); - $salmon->post($data['salmonuri'], $data['entry']); + $salmon->post($data['salmonuri'], $data['entry'], $actor); // @fixme detect failure and attempt to resend return true; -- cgit v1.2.3-54-g00ecf From 0ecf435dc5df3d6424fc7bd0438d2856aa07c1da Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 26 Feb 2010 16:50:00 -0500 Subject: adding sequenceKeys() to magicsig --- plugins/OStatus/classes/Magicsig.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'plugins/OStatus/classes/Magicsig.php') diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 751527c81..dee193cd5 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -84,6 +84,10 @@ class Magicsig extends Memcached_DataObject return array('user_id' => 'K'); } + function sequenceKeys() { + return array(false, false, false); + } + function insert() { $this->keypair = $this->toString(); -- cgit v1.2.3-54-g00ecf From 6ee7660a585faf290dc1650a714d280b40ac3a2d Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 26 Feb 2010 16:51:50 -0500 Subject: should be sequenceKey (singular) --- plugins/OStatus/classes/HubSub.php | 2 +- plugins/OStatus/classes/Magicsig.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'plugins/OStatus/classes/Magicsig.php') diff --git a/plugins/OStatus/classes/HubSub.php b/plugins/OStatus/classes/HubSub.php index 1ac181fee..e599d83a9 100644 --- a/plugins/OStatus/classes/HubSub.php +++ b/plugins/OStatus/classes/HubSub.php @@ -99,7 +99,7 @@ class HubSub extends Memcached_DataObject return array_keys($this->keyTypes()); } - function sequenceKeys() + function sequenceKey() { return array(false, false, false); } diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index dee193cd5..d47dcf143 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -84,7 +84,7 @@ class Magicsig extends Memcached_DataObject return array('user_id' => 'K'); } - function sequenceKeys() { + function sequenceKey() { return array(false, false, false); } -- cgit v1.2.3-54-g00ecf From ee7603b09f162188caaf1d319a70e7fd5d6aa385 Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 26 Feb 2010 17:52:12 -0500 Subject: better return check in Magicsig::staticGet() --- plugins/OStatus/classes/Magicsig.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'plugins/OStatus/classes/Magicsig.php') diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index d47dcf143..30da63c36 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -50,7 +50,11 @@ class Magicsig extends Memcached_DataObject public /*static*/ function staticGet($k, $v=null) { $obj = parent::staticGet(__CLASS__, $k, $v); - return Magicsig::fromString($obj->keypair); + if (!empty($obj)) { + return Magicsig::fromString($obj->keypair); + } + + return $obj; } -- cgit v1.2.3-54-g00ecf From 831eb0d2b6e35073992106a792f2878bb98e6aa4 Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 26 Feb 2010 18:22:08 -0500 Subject: renaming sha256 to prevent conflict --- plugins/OStatus/classes/Magicsig.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'plugins/OStatus/classes/Magicsig.php') diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 30da63c36..96900d876 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -181,14 +181,15 @@ class Magicsig extends Memcached_DataObject switch ($this->alg) { case 'RSA-SHA256': - return 'sha256'; + return 'magicsig_sha256'; } } public function sign($bytes) { - $sig = $this->_rsa->createSign($bytes, null, 'sha256'); + $hash = $this->getHash(); + $sig = $this->_rsa->createSign($bytes, null, $hash); if ($this->_rsa->isError()) { $error = $this->_rsa->getLastError(); common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); @@ -200,7 +201,8 @@ class Magicsig extends Memcached_DataObject public function verify($signed_bytes, $signature) { - $result = $this->_rsa->validateSign($signed_bytes, $signature, null, 'sha256'); + $hash = $this->getHash(); + $result = $this->_rsa->validateSign($signed_bytes, $signature, null, $hash); if ($this->_rsa->isError()) { $error = $this->keypair->getLastError(); common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); @@ -213,7 +215,7 @@ class Magicsig extends Memcached_DataObject // Define a sha256 function for hashing // (Crypt_RSA should really be updated to use hash() ) -function sha256($bytes) +function magicsig_sha256($bytes) { return hash('sha256', $bytes); } -- cgit v1.2.3-54-g00ecf From 45e8819c1b9cc618e9b2d6678b0ff14c653a09d3 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 1 Mar 2010 16:35:36 -0800 Subject: Fix a bunch of notice & warning-level messages that were breaking my inter-instance communications --- plugins/OStatus/classes/Magicsig.php | 4 +++- plugins/OStatus/classes/Ostatus_profile.php | 2 +- plugins/OStatus/lib/discovery.php | 2 +- plugins/OStatus/lib/xrd.php | 11 ++++++++--- 4 files changed, 13 insertions(+), 6 deletions(-) (limited to 'plugins/OStatus/classes/Magicsig.php') diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 96900d876..5a46aeeb6 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -146,8 +146,10 @@ class Magicsig extends Memcached_DataObject $mod = base64_url_decode($matches[1]); $exp = base64_url_decode($matches[2]); - if ($matches[4]) { + if (!empty($matches[4])) { $private_exp = base64_url_decode($matches[4]); + } else { + $private_exp = false; } $params['public_key'] = new Crypt_RSA_KEY($mod, $exp, 'public'); diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index 7b1aec76b..93e8934c9 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -1145,7 +1145,7 @@ class Ostatus_profile extends Memcached_DataObject if (!empty($poco)) { $url = $poco->getPrimaryURL(); - if ($url->type == 'homepage') { + if ($url && $url->type == 'homepage') { $homepage = $url->value; } } diff --git a/plugins/OStatus/lib/discovery.php b/plugins/OStatus/lib/discovery.php index 388df0a28..f8449b309 100644 --- a/plugins/OStatus/lib/discovery.php +++ b/plugins/OStatus/lib/discovery.php @@ -94,7 +94,7 @@ class Discovery $links = call_user_func(array($class, 'discover'), $uri); if ($link = Discovery::getService($links, Discovery::LRDD_REL)) { // Load the LRDD XRD - if ($link['template']) { + if (!empty($link['template'])) { $xrd_uri = Discovery::applyTemplate($link['template'], $uri); } else { $xrd_uri = $link['href']; diff --git a/plugins/OStatus/lib/xrd.php b/plugins/OStatus/lib/xrd.php index 16d27f8eb..1de065db9 100644 --- a/plugins/OStatus/lib/xrd.php +++ b/plugins/OStatus/lib/xrd.php @@ -53,17 +53,22 @@ class XRD $xrd = new XRD(); $dom = new DOMDocument(); - $dom->loadXML($xml); + if (!$dom->loadXML($xml)) { + throw new Exception("Invalid XML"); + } $xrd_element = $dom->getElementsByTagName('XRD')->item(0); // Check for host-meta host - $host = $xrd_element->getElementsByTagName('Host')->item(0)->nodeValue; + $host = $xrd_element->getElementsByTagName('Host')->item(0); if ($host) { - $xrd->host = $host; + $xrd->host = $host->nodeValue; } // Loop through other elements foreach ($xrd_element->childNodes as $node) { + if (!($node instanceof DOMElement)) { + continue; + } switch ($node->tagName) { case 'Expires': $xrd->expires = $node->nodeValue; -- cgit v1.2.3-54-g00ecf