From 23d44c7d5980fb096aeec62c600b71cfb9fac167 Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 12 Mar 2010 19:34:45 -0500 Subject: converted sign, verify and fromString to new crypt lib --- plugins/OStatus/classes/Magicsig.php | 86 +++++++++++++----------------------- 1 file changed, 31 insertions(+), 55 deletions(-) (limited to 'plugins/OStatus/classes') diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index b0a411e5d..d25b150e8 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -40,8 +40,9 @@ class Magicsig extends Memcached_DataObject public $keypair; public $alg; - private $_rsa; - + private $publicKey; + private $privateKey; + public function __construct($alg = 'RSA-SHA256') { $this->alg = $alg; @@ -101,15 +102,7 @@ class Magicsig extends Memcached_DataObject public function generate($user_id, $key_length = 512) { - PEAR::pushErrorHandling(PEAR_ERROR_RETURN); - - $keypair = new Crypt_RSA_KeyPair($key_length); - $params['public_key'] = $keypair->getPublicKey(); - $params['private_key'] = $keypair->getPrivateKey(); - - $this->_rsa = new Crypt_RSA($params); - PEAR::popErrorHandling(); - + // @fixme new key generation $this->user_id = $user_id; $this->insert(); } @@ -132,8 +125,6 @@ class Magicsig extends Memcached_DataObject public static function fromString($text) { - PEAR::pushErrorHandling(PEAR_ERROR_RETURN); - $magic_sig = new Magicsig(); // remove whitespace @@ -144,35 +135,40 @@ class Magicsig extends Memcached_DataObject return false; } - $mod = base64_url_decode($matches[1]); - $exp = base64_url_decode($matches[2]); + $mod = $matches[1]; + $exp = $matches[2]; if (!empty($matches[4])) { - $private_exp = base64_url_decode($matches[4]); + $private_exp = $matches[4]; } else { $private_exp = false; } - $params['public_key'] = new Crypt_RSA_KEY($mod, $exp, 'public'); - if ($params['public_key']->isError()) { - $error = $params['public_key']->getLastError(); - common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); - return false; - } + $magic_sig->loadKey($mod, $exp, 'public'); if ($private_exp) { - $params['private_key'] = new Crypt_RSA_KEY($mod, $private_exp, 'private'); - if ($params['private_key']->isError()) { - $error = $params['private_key']->getLastError(); - common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); - return false; - } + $magic_sig->loadKey($mod, $private_exp, 'private'); } - $magic_sig->_rsa = new Crypt_RSA($params); - PEAR::popErrorHandling(); - return $magic_sig; } + public function loadKey($mod, $exp, $type = 'public') + { + common_log(LOG_DEBUG, "Adding ".$type." key: (".$mod .', '. $exp .")"); + + $rsa = new Crypt_RSA(); + $rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1; + $rsa->setHash('sha256'); + $rsa->modulus = new Math_BigInteger(base64_url_decode($mod), 256); + $rsa->k = strlen($rsa->modulus->toBytes()); + $rsa->exponent = new Math_BigInteger(base64_url_decode($exp), 256); + + if ($type == 'private') { + $this->privateKey = $rsa; + } else { + $this->publicKey = $rsa; + } + } + public function getName() { return $this->alg; @@ -190,38 +186,18 @@ class Magicsig extends Memcached_DataObject public function sign($bytes) { - $hash = $this->getHash(); - $sig = $this->_rsa->createSign($bytes, null, $hash); - if ($this->_rsa->isError()) { - $error = $this->_rsa->getLastError(); - common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); - return false; - } - - return $sig; + $sig = $this->privateKey->sign($bytes); + return base64_url_encode($sig); } public function verify($signed_bytes, $signature) { - $hash = $this->getHash(); - $result = $this->_rsa->validateSign($signed_bytes, $signature, null, $hash); - if ($this->_rsa->isError()) { - $error = $this->keypair->getLastError(); - common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); - return false; - } - return $result; + $signature = base64_url_decode($signature); + return $this->publicKey->verify($signed_bytes, $signature); } } -// Define a sha256 function for hashing -// (Crypt_RSA should really be updated to use hash() ) -function magicsig_sha256($bytes) -{ - return hash('sha256', $bytes); -} - function base64_url_encode($input) { return strtr(base64_encode($input), '+/', '-_'); -- cgit v1.2.3-54-g00ecf From c5bb41176ee246369e05b932f031f40e38087f23 Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 12 Mar 2010 19:42:48 -0500 Subject: converted toString to new crypt library --- plugins/OStatus/classes/Magicsig.php | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) (limited to 'plugins/OStatus/classes') diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index d25b150e8..d1d6a6d45 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -110,14 +110,11 @@ class Magicsig extends Memcached_DataObject public function toString($full_pair = true) { - $public_key = $this->_rsa->_public_key; - $private_key = $this->_rsa->_private_key; - - $mod = base64_url_encode($public_key->getModulus()); - $exp = base64_url_encode($public_key->getExponent()); + $mod = base64_url_encode($this->publicKey->modulus->toBytes()); + $exp = base64_url_encode($this->publicKey->exponent->toBytes()); $private_exp = ''; if ($full_pair && $private_key->getExponent()) { - $private_exp = '.' . base64_url_encode($private_key->getExponent()); + $private_exp = '.' . base64_url_encode($this->privateKey->exponent->toBytes()); } return 'RSA.' . $mod . '.' . $exp . $private_exp; -- cgit v1.2.3-54-g00ecf From 4e44cf906bb4fc884f645388c2c90ca1bad9a88f Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 12 Mar 2010 20:02:00 -0500 Subject: converting key generation to new crypt library --- plugins/OStatus/classes/Magicsig.php | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'plugins/OStatus/classes') diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index d1d6a6d45..82b6017de 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -102,7 +102,17 @@ class Magicsig extends Memcached_DataObject public function generate($user_id, $key_length = 512) { - // @fixme new key generation + $rsa = new Crypt_RSA(); + + extract($rsa->createKey()); + + $rsa->loadKey($privatekey); + + $this->privateKey = $rsa; + + $this->publicKey = new Crypt_RSA(); + $this->publicKey->loadKey($publickey); + $this->user_id = $user_id; $this->insert(); } @@ -113,7 +123,7 @@ class Magicsig extends Memcached_DataObject $mod = base64_url_encode($this->publicKey->modulus->toBytes()); $exp = base64_url_encode($this->publicKey->exponent->toBytes()); $private_exp = ''; - if ($full_pair && $private_key->getExponent()) { + if ($full_pair && $this->privateKey->exponent->toBytes()) { $private_exp = '.' . base64_url_encode($this->privateKey->exponent->toBytes()); } -- cgit v1.2.3-54-g00ecf From 135c0c8a7fa56a6d4008f73314bb6f18551e869a Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 12 Mar 2010 21:44:18 -0500 Subject: cleaning up key generation --- plugins/OStatus/classes/Magicsig.php | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) (limited to 'plugins/OStatus/classes') diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 82b6017de..73690965f 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -40,8 +40,8 @@ class Magicsig extends Memcached_DataObject public $keypair; public $alg; - private $publicKey; - private $privateKey; + public $publicKey; + public $privateKey; public function __construct($alg = 'RSA-SHA256') { @@ -100,18 +100,19 @@ class Magicsig extends Memcached_DataObject return parent::insert(); } - public function generate($user_id, $key_length = 512) + public function generate($user_id) { $rsa = new Crypt_RSA(); + + $keypair = $rsa->createKey(); - extract($rsa->createKey()); - - $rsa->loadKey($privatekey); + $rsa->loadKey($keypair['privatekey']); - $this->privateKey = $rsa; + $this->privateKey = new Crypt_RSA(); + $this->privateKey->loadKey($keypair['privatekey']); $this->publicKey = new Crypt_RSA(); - $this->publicKey->loadKey($publickey); + $this->publicKey->loadKey($keypair['publickey']); $this->user_id = $user_id; $this->insert(); @@ -186,7 +187,7 @@ class Magicsig extends Memcached_DataObject switch ($this->alg) { case 'RSA-SHA256': - return 'magicsig_sha256'; + return 'sha256'; } } -- cgit v1.2.3-54-g00ecf From 99ca84e68ed8cce97caa605fad04110d420c41b3 Mon Sep 17 00:00:00 2001 From: James Walker Date: Sat, 13 Mar 2010 15:46:54 -0500 Subject: changing keypair to text to hold a full 1024bit keypair --- plugins/OStatus/classes/Magicsig.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'plugins/OStatus/classes') diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 73690965f..5705ecc11 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -72,8 +72,8 @@ class Magicsig extends Memcached_DataObject { return array(new ColumnDef('user_id', 'integer', null, false, 'PRI'), - new ColumnDef('keypair', 'varchar', - 255, false), + new ColumnDef('keypair', 'text', + false, false), new ColumnDef('alg', 'varchar', 64, false)); } -- cgit v1.2.3-54-g00ecf