Math_BigInteger doesn't correctly handle serialization/deserialization for a value of 0, which can end up spewing notices to output and otherwise intefering with Salmon signature setup and verification when using memcached.
Worked around this with a subclass that fixes the wakeup, used for the stored 0 value in the subclassed Crypt_RSA.
This commit is contained in:
parent
4168b9cec1
commit
27bfd1211d
|
@ -27,8 +27,6 @@
|
||||||
* @link http://status.net/
|
* @link http://status.net/
|
||||||
*/
|
*/
|
||||||
|
|
||||||
require_once 'Crypt/RSA.php';
|
|
||||||
|
|
||||||
class Magicsig extends Memcached_DataObject
|
class Magicsig extends Memcached_DataObject
|
||||||
{
|
{
|
||||||
|
|
||||||
|
@ -102,16 +100,16 @@ class Magicsig extends Memcached_DataObject
|
||||||
|
|
||||||
public function generate($user_id)
|
public function generate($user_id)
|
||||||
{
|
{
|
||||||
$rsa = new Crypt_RSA();
|
$rsa = new SafeCrypt_RSA();
|
||||||
|
|
||||||
$keypair = $rsa->createKey();
|
$keypair = $rsa->createKey();
|
||||||
|
|
||||||
$rsa->loadKey($keypair['privatekey']);
|
$rsa->loadKey($keypair['privatekey']);
|
||||||
|
|
||||||
$this->privateKey = new Crypt_RSA();
|
$this->privateKey = new SafeCrypt_RSA();
|
||||||
$this->privateKey->loadKey($keypair['privatekey']);
|
$this->privateKey->loadKey($keypair['privatekey']);
|
||||||
|
|
||||||
$this->publicKey = new Crypt_RSA();
|
$this->publicKey = new SafeCrypt_RSA();
|
||||||
$this->publicKey->loadKey($keypair['publickey']);
|
$this->publicKey->loadKey($keypair['publickey']);
|
||||||
|
|
||||||
$this->user_id = $user_id;
|
$this->user_id = $user_id;
|
||||||
|
@ -163,7 +161,7 @@ class Magicsig extends Memcached_DataObject
|
||||||
{
|
{
|
||||||
common_log(LOG_DEBUG, "Adding ".$type." key: (".$mod .', '. $exp .")");
|
common_log(LOG_DEBUG, "Adding ".$type." key: (".$mod .', '. $exp .")");
|
||||||
|
|
||||||
$rsa = new Crypt_RSA();
|
$rsa = new SafeCrypt_RSA();
|
||||||
$rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1;
|
$rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1;
|
||||||
$rsa->setHash('sha256');
|
$rsa->setHash('sha256');
|
||||||
$rsa->modulus = new Math_BigInteger(base64_url_decode($mod), 256);
|
$rsa->modulus = new Math_BigInteger(base64_url_decode($mod), 256);
|
||||||
|
|
18
plugins/OStatus/lib/safecrypt_rsa.php
Normal file
18
plugins/OStatus/lib/safecrypt_rsa.php
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
require_once 'Crypt/RSA.php';
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Crypt_RSA stores a Math_BigInteger with value 0, which triggers a bug
|
||||||
|
* in Math_BigInteger's wakeup function which spews notices to log or output.
|
||||||
|
* This wrapper replaces it with a version that survives serialization.
|
||||||
|
*/
|
||||||
|
class SafeCrypt_RSA extends Crypt_RSA
|
||||||
|
{
|
||||||
|
function __construct()
|
||||||
|
{
|
||||||
|
parent::__construct();
|
||||||
|
$this->zero = new SafeMath_BigInteger();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
20
plugins/OStatus/lib/safemath_biginteger.php
Normal file
20
plugins/OStatus/lib/safemath_biginteger.php
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
require_once 'Math/BigInteger.php';
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Crypt_RSA stores a Math_BigInteger with value 0, which triggers a bug
|
||||||
|
* in Math_BigInteger's wakeup function which spews notices to log or output.
|
||||||
|
* This wrapper replaces it with a version that survives serialization.
|
||||||
|
*/
|
||||||
|
class SafeMath_BigInteger extends Math_BigInteger
|
||||||
|
{
|
||||||
|
function __wakeup()
|
||||||
|
{
|
||||||
|
if ($this->hex == '') {
|
||||||
|
$this->hex = '0';
|
||||||
|
}
|
||||||
|
parent::__wakeup();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user