generate keypairs for users, and put them in the XRD for discovery

This commit is contained in:
James Walker 2010-02-22 23:11:40 -05:00
parent 74f5c1e169
commit f4b34d67c5
3 changed files with 55 additions and 12 deletions

View File

@ -312,6 +312,7 @@ class OStatusPlugin extends Plugin
$schema->ensureTable('ostatus_source', Ostatus_source::schemaDef()); $schema->ensureTable('ostatus_source', Ostatus_source::schemaDef());
$schema->ensureTable('feedsub', FeedSub::schemaDef()); $schema->ensureTable('feedsub', FeedSub::schemaDef());
$schema->ensureTable('hubsub', HubSub::schemaDef()); $schema->ensureTable('hubsub', HubSub::schemaDef());
$schema->ensureTable('magicsig', Magicsig::schemaDef());
return true; return true;
} }

View File

@ -71,6 +71,17 @@ class WebfingerAction extends Action
$xrd->links[] = array('rel' => 'salmon', $xrd->links[] = array('rel' => 'salmon',
'href' => $salmon_url); 'href' => $salmon_url);
// Get this user's keypair
$magickey = Magicsig::staticGet('user_id', $this->user->id);
if (!$magickey) {
// No keypair yet, let's generate one.
$magickey = new Magicsig();
$magickey->generate();
}
$xrd->links[] = array('rel' => Magicsig::PUBLICKEYREL,
'href' => 'data:application/magic-public-key;'. $magickey->keypair);
// TODO - finalize where the redirect should go on the publisher // TODO - finalize where the redirect should go on the publisher
$url = common_local_url('ostatussub') . '?profile={uri}'; $url = common_local_url('ostatussub') . '?profile={uri}';
$xrd->links[] = array('rel' => 'http://ostatus.org/schema/1.0/subscribe', $xrd->links[] = array('rel' => 'http://ostatus.org/schema/1.0/subscribe',

View File

@ -32,6 +32,8 @@ require_once 'Crypt/RSA.php';
class Magicsig extends Memcached_DataObject class Magicsig extends Memcached_DataObject
{ {
const PUBLICKEYREL = 'magic-public-key';
public $__table = 'magicsig'; public $__table = 'magicsig';
public $user_id; public $user_id;
@ -40,6 +42,11 @@ class Magicsig extends Memcached_DataObject
private $_rsa; private $_rsa;
public function __construct($alg = 'RSA-SHA256')
{
$this->alg = $alg;
}
public /*static*/ function staticGet($k, $v=null) public /*static*/ function staticGet($k, $v=null)
{ {
return parent::staticGet(__CLASS__, $k, $v); return parent::staticGet(__CLASS__, $k, $v);
@ -75,23 +82,33 @@ class Magicsig extends Memcached_DataObject
{ {
return array('user_id' => 'K'); return array('user_id' => 'K');
} }
function insert()
{
$this->keypair = $this->toString();
return parent::insert();
}
public function generate($key_length = 512) public function generate($key_length = 512)
{ {
PEAR::pushErrorHandling(PEAR_ERROR_RETURN);
$keypair = new Crypt_RSA_KeyPair($key_length); $keypair = new Crypt_RSA_KeyPair($key_length);
$params['public_key'] = $keypair->getPublicKey(); $params['public_key'] = $keypair->getPublicKey();
$params['private_key'] = $keypair->getPrivateKey(); $params['private_key'] = $keypair->getPrivateKey();
PEAR::pushErrorHandling(PEAR_ERROR_RETURN); $this->_rsa = new Crypt_RSA($params);
$this->keypair = new Crypt_RSA($params);
PEAR::popErrorHandling(); PEAR::popErrorHandling();
$this->insert();
} }
public function toString($full_pair = true) public function toString($full_pair = true)
{ {
$public_key = $this->keypair->_public_key; $public_key = $this->_rsa->_public_key;
$private_key = $this->keypair->_private_key; $private_key = $this->_rsa->_private_key;
$mod = base64_url_encode($public_key->getModulus()); $mod = base64_url_encode($public_key->getModulus());
$exp = base64_url_encode($public_key->getExponent()); $exp = base64_url_encode($public_key->getExponent());
@ -103,10 +120,12 @@ class Magicsig extends Memcached_DataObject
return 'RSA.' . $mod . '.' . $exp . $private_exp; return 'RSA.' . $mod . '.' . $exp . $private_exp;
} }
public function fromString($text) public static function fromString($text)
{ {
PEAR::pushErrorHandling(PEAR_ERROR_RETURN); PEAR::pushErrorHandling(PEAR_ERROR_RETURN);
$magic_sig = new Magicsig();
// remove whitespace // remove whitespace
$text = preg_replace('/\s+/', '', $text); $text = preg_replace('/\s+/', '', $text);
@ -136,20 +155,32 @@ class Magicsig extends Memcached_DataObject
} }
} }
$this->keypair = new Crypt_RSA($params); $magic_sig->_rsa = new Crypt_RSA($params);
PEAR::popErrorHandling(); PEAR::popErrorHandling();
return $magic_sig;
} }
public function getName() public function getName()
{ {
return 'RSA-SHA256'; $this->alg;
} }
public function getHash()
{
switch ($this->alg) {
case 'RSA-SHA256':
return 'sha256';
}
}
public function sign($bytes) public function sign($bytes)
{ {
$sig = $this->keypair->createSign($bytes, null, 'sha256'); $sig = $this->_rsa->createSign($bytes, null, 'sha256');
if ($this->keypair->isError()) { if ($this->_rsa->isError()) {
$error = $this->keypair->getLastError(); $error = $this->_rsa->getLastError();
common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage());
} }
@ -158,8 +189,8 @@ class Magicsig extends Memcached_DataObject
public function verify($signed_bytes, $signature) public function verify($signed_bytes, $signature)
{ {
$result = $this->keypair->validateSign($signed_bytes, $signature, null, 'sha256'); $result = $this->_rsa->validateSign($signed_bytes, $signature, null, 'sha256');
if ($this->keypair->isError()) { if ($this->_rsa->isError()) {
$error = $this->keypair->getLastError(); $error = $this->keypair->getLastError();
//common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); //common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage());
print $error->getMessage(); print $error->getMessage();