generate keypairs for users, and put them in the XRD for discovery
This commit is contained in:
parent
74f5c1e169
commit
f4b34d67c5
|
@ -312,6 +312,7 @@ class OStatusPlugin extends Plugin
|
||||||
$schema->ensureTable('ostatus_source', Ostatus_source::schemaDef());
|
$schema->ensureTable('ostatus_source', Ostatus_source::schemaDef());
|
||||||
$schema->ensureTable('feedsub', FeedSub::schemaDef());
|
$schema->ensureTable('feedsub', FeedSub::schemaDef());
|
||||||
$schema->ensureTable('hubsub', HubSub::schemaDef());
|
$schema->ensureTable('hubsub', HubSub::schemaDef());
|
||||||
|
$schema->ensureTable('magicsig', Magicsig::schemaDef());
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -71,6 +71,17 @@ class WebfingerAction extends Action
|
||||||
$xrd->links[] = array('rel' => 'salmon',
|
$xrd->links[] = array('rel' => 'salmon',
|
||||||
'href' => $salmon_url);
|
'href' => $salmon_url);
|
||||||
|
|
||||||
|
// Get this user's keypair
|
||||||
|
$magickey = Magicsig::staticGet('user_id', $this->user->id);
|
||||||
|
if (!$magickey) {
|
||||||
|
// No keypair yet, let's generate one.
|
||||||
|
$magickey = new Magicsig();
|
||||||
|
$magickey->generate();
|
||||||
|
}
|
||||||
|
|
||||||
|
$xrd->links[] = array('rel' => Magicsig::PUBLICKEYREL,
|
||||||
|
'href' => 'data:application/magic-public-key;'. $magickey->keypair);
|
||||||
|
|
||||||
// TODO - finalize where the redirect should go on the publisher
|
// TODO - finalize where the redirect should go on the publisher
|
||||||
$url = common_local_url('ostatussub') . '?profile={uri}';
|
$url = common_local_url('ostatussub') . '?profile={uri}';
|
||||||
$xrd->links[] = array('rel' => 'http://ostatus.org/schema/1.0/subscribe',
|
$xrd->links[] = array('rel' => 'http://ostatus.org/schema/1.0/subscribe',
|
||||||
|
|
|
@ -32,6 +32,8 @@ require_once 'Crypt/RSA.php';
|
||||||
class Magicsig extends Memcached_DataObject
|
class Magicsig extends Memcached_DataObject
|
||||||
{
|
{
|
||||||
|
|
||||||
|
const PUBLICKEYREL = 'magic-public-key';
|
||||||
|
|
||||||
public $__table = 'magicsig';
|
public $__table = 'magicsig';
|
||||||
|
|
||||||
public $user_id;
|
public $user_id;
|
||||||
|
@ -40,6 +42,11 @@ class Magicsig extends Memcached_DataObject
|
||||||
|
|
||||||
private $_rsa;
|
private $_rsa;
|
||||||
|
|
||||||
|
public function __construct($alg = 'RSA-SHA256')
|
||||||
|
{
|
||||||
|
$this->alg = $alg;
|
||||||
|
}
|
||||||
|
|
||||||
public /*static*/ function staticGet($k, $v=null)
|
public /*static*/ function staticGet($k, $v=null)
|
||||||
{
|
{
|
||||||
return parent::staticGet(__CLASS__, $k, $v);
|
return parent::staticGet(__CLASS__, $k, $v);
|
||||||
|
@ -75,23 +82,33 @@ class Magicsig extends Memcached_DataObject
|
||||||
{
|
{
|
||||||
return array('user_id' => 'K');
|
return array('user_id' => 'K');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function insert()
|
||||||
|
{
|
||||||
|
$this->keypair = $this->toString();
|
||||||
|
|
||||||
|
return parent::insert();
|
||||||
|
}
|
||||||
|
|
||||||
public function generate($key_length = 512)
|
public function generate($key_length = 512)
|
||||||
{
|
{
|
||||||
|
PEAR::pushErrorHandling(PEAR_ERROR_RETURN);
|
||||||
|
|
||||||
$keypair = new Crypt_RSA_KeyPair($key_length);
|
$keypair = new Crypt_RSA_KeyPair($key_length);
|
||||||
$params['public_key'] = $keypair->getPublicKey();
|
$params['public_key'] = $keypair->getPublicKey();
|
||||||
$params['private_key'] = $keypair->getPrivateKey();
|
$params['private_key'] = $keypair->getPrivateKey();
|
||||||
|
|
||||||
PEAR::pushErrorHandling(PEAR_ERROR_RETURN);
|
$this->_rsa = new Crypt_RSA($params);
|
||||||
$this->keypair = new Crypt_RSA($params);
|
|
||||||
PEAR::popErrorHandling();
|
PEAR::popErrorHandling();
|
||||||
|
|
||||||
|
$this->insert();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public function toString($full_pair = true)
|
public function toString($full_pair = true)
|
||||||
{
|
{
|
||||||
$public_key = $this->keypair->_public_key;
|
$public_key = $this->_rsa->_public_key;
|
||||||
$private_key = $this->keypair->_private_key;
|
$private_key = $this->_rsa->_private_key;
|
||||||
|
|
||||||
$mod = base64_url_encode($public_key->getModulus());
|
$mod = base64_url_encode($public_key->getModulus());
|
||||||
$exp = base64_url_encode($public_key->getExponent());
|
$exp = base64_url_encode($public_key->getExponent());
|
||||||
|
@ -103,10 +120,12 @@ class Magicsig extends Memcached_DataObject
|
||||||
return 'RSA.' . $mod . '.' . $exp . $private_exp;
|
return 'RSA.' . $mod . '.' . $exp . $private_exp;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function fromString($text)
|
public static function fromString($text)
|
||||||
{
|
{
|
||||||
PEAR::pushErrorHandling(PEAR_ERROR_RETURN);
|
PEAR::pushErrorHandling(PEAR_ERROR_RETURN);
|
||||||
|
|
||||||
|
$magic_sig = new Magicsig();
|
||||||
|
|
||||||
// remove whitespace
|
// remove whitespace
|
||||||
$text = preg_replace('/\s+/', '', $text);
|
$text = preg_replace('/\s+/', '', $text);
|
||||||
|
|
||||||
|
@ -136,20 +155,32 @@ class Magicsig extends Memcached_DataObject
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->keypair = new Crypt_RSA($params);
|
$magic_sig->_rsa = new Crypt_RSA($params);
|
||||||
PEAR::popErrorHandling();
|
PEAR::popErrorHandling();
|
||||||
|
|
||||||
|
return $magic_sig;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getName()
|
public function getName()
|
||||||
{
|
{
|
||||||
return 'RSA-SHA256';
|
$this->alg;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function getHash()
|
||||||
|
{
|
||||||
|
switch ($this->alg) {
|
||||||
|
|
||||||
|
case 'RSA-SHA256':
|
||||||
|
return 'sha256';
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
public function sign($bytes)
|
public function sign($bytes)
|
||||||
{
|
{
|
||||||
$sig = $this->keypair->createSign($bytes, null, 'sha256');
|
$sig = $this->_rsa->createSign($bytes, null, 'sha256');
|
||||||
if ($this->keypair->isError()) {
|
if ($this->_rsa->isError()) {
|
||||||
$error = $this->keypair->getLastError();
|
$error = $this->_rsa->getLastError();
|
||||||
common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage());
|
common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -158,8 +189,8 @@ class Magicsig extends Memcached_DataObject
|
||||||
|
|
||||||
public function verify($signed_bytes, $signature)
|
public function verify($signed_bytes, $signature)
|
||||||
{
|
{
|
||||||
$result = $this->keypair->validateSign($signed_bytes, $signature, null, 'sha256');
|
$result = $this->_rsa->validateSign($signed_bytes, $signature, null, 'sha256');
|
||||||
if ($this->keypair->isError()) {
|
if ($this->_rsa->isError()) {
|
||||||
$error = $this->keypair->getLastError();
|
$error = $this->keypair->getLastError();
|
||||||
//common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage());
|
//common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage());
|
||||||
print $error->getMessage();
|
print $error->getMessage();
|
||||||
|
|
Loading…
Reference in New Issue
Block a user