wamo/gnu-social
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
16,083 Commits 8 Branches 0 Tags 330 MiB
95751331de
Commit Graph

45 Commits

Author SHA1 Message Date
Mikael Nordfeldth
cce808b27c const'ifying bits and sigalg 
Also we should move away from 1024 bit keys as soon as we can.
 2015-01-24 12:18:55 +01:00
Mikael Nordfeldth
29ac42addd Diaspora public key published in WebFinger 2014-11-06 21:05:31 +01:00
Mikael Nordfeldth
d350a20e1f Less verbose debugging (also don't log private keys) 
Magicsig private keys were logged. That's probably not a good thing.
MagicEnvelope full XML entries no longer spam the log either.
 2014-06-03 12:53:04 +02:00
Mikael Nordfeldth
aaef11077d Default of Magicsig keypair toString should be secure 
Prevent crappy coders from leaking private keys.
 2014-06-03 12:51:52 +02:00
Mikael Nordfeldth
0bc122ff58 Magicsig::generate is now static 
This also fixes a problem with "initial salmon slap", which was a
problem for newly registered accounts which would have their first
salmon slap fail to distribute since there was a problem with Magicsig
keys. Apparently we have to re-read them with importKeys so the
Crypt_RSA objects publicKey and privateKey match later instances of them.

I think it may have been that generate() doesn't specify a signatureMode,
but I leave experimentation of that to the future.
 2014-06-02 21:50:40 +02:00
Mikael Nordfeldth
537dff7987 Salmon posts can only be made for local users. More typing! 
Since we of course don't have the remote party's private keys anyway.

I made some small fixes in Magicsig class too, removing unnecessary code.
 2014-06-02 19:46:42 +02:00
Mikael Nordfeldth
56194b3cd9 Magicsig importKeys finetuning and getHash() use 2014-06-02 16:11:15 +02:00
Mikael Nordfeldth
00b2bddc7c Clarify it's not base64, but base64url, encoding in Magicsig 2014-06-02 14:51:15 +02:00
Mikael Nordfeldth
c1dc13bef0 Magicsig warning message would fail to get bits 2014-06-02 13:35:29 +02:00
Mikael Nordfeldth
75711ae06a Magicsig is made a bit less cumbersome 2014-05-31 13:41:49 +02:00
Mikael Nordfeldth
41773d3f67 MagicEnvelope object orientation (no passing arrays) 
MagicEnvelope now uses object properties instead of passing arrays
around everywhere.
 2014-05-27 12:01:12 +02:00
Mikael Nordfeldth
2ea5f00666 Success debugging was too much noise 2014-05-05 18:59:44 +02:00
Mikael Nordfeldth
960baae1d1 More debugging in Magicsig class verify method 2014-05-05 17:48:21 +02:00
Mikael Nordfeldth
8b04bcb310 Prepare for >1024 RSA keys for Salmon signatures 2014-03-02 11:47:38 +01:00
Mikael Nordfeldth
6f4c572389 Unnecessary UTF-8 declaration for database 2013-08-20 09:43:23 +02:00
Mikael Nordfeldth
7e4718a4eb IMPORTANT - fixed Magicsig to properly overload getKV (prev. staticGet) 
In commit e95f77d34c Magicsig lost the 'staticGet' function (later renamed to getKV in 2a4dc77a63 ), which was important to properly initialize the Magicsig object (fromString)
 2013-08-18 19:07:18 +02:00
Mikael Nordfeldth
1710a619a8 Magicsig class now Managed_DataObject with nicer schemaDef 2013-08-18 15:31:18 +02:00
Mikael Nordfeldth
e95f77d34c Updating all Memcached_DataObject extended classes to Managed_DataObject 
In some brief tests, this causes no problems.

In this state however, you would need to modify DB_DataObject to have a static declaration of staticget (and probably pkeyGet). The next commit will change the staticGet overload to a unique function name (like getKV for getKeyValue), which means we can properly call the function by PHP Strict Standards.
 2013-08-18 12:32:32 +02:00
Brion Vibber
51d1535f15 Added doc comments on Salmon magicsig-related stuff to help in figuring out what's going on 2011-01-05 14:05:59 -08:00
Brion Vibber
69b13cb279 Normalize execution guards on OStatus php files; mostly helps cut down on annoying 'class not found' errors when something spiders the dirs. :P 2010-10-08 10:42:59 -07:00
Siebrand Mazeland
5a6f616206 * i18n/L10n update 
* translator comments added
* remove superfluous whitespace
 2010-09-19 15:17:36 +02:00
Siebrand Mazeland
1bfbe9badf * i18n/L10n updates and FIXMEs added 
* whitespace fixes
 2010-09-03 01:35:04 +02:00
James Walker
3227122ac3 move base64_url_(encode|decode) to static functions in Magicsig 2010-03-26 10:43:41 -07:00
James Walker
9e0b9857f4 Make sure we're requiring the library 2010-03-24 15:26:03 -04:00
James Walker
cfca789b34 Updated Math_Biginteger from upstream - removing safe* workarounds 2010-03-24 15:18:41 -04:00
James Walker
c4273f0ef3 Check for 0.9.0 bad keys from old Crypt_RSA library 2010-03-24 15:15:20 -04:00
Brion Vibber
27bfd1211d Math_BigInteger doesn't correctly handle serialization/deserialization for a value of 0, which can end up spewing notices to output and otherwise intefering with Salmon signature setup and verification when using memcached. 
Worked around this with a subclass that fixes the wakeup, used for the stored 0 value in the subclassed Crypt_RSA.
 2010-03-22 12:17:45 -07:00
James Walker
99ca84e68e changing keypair to text to hold a full 1024bit keypair 2010-03-13 15:46:54 -05:00
James Walker
135c0c8a7f cleaning up key generation 2010-03-12 21:44:18 -05:00
James Walker
4e44cf906b converting key generation to new crypt library 2010-03-12 20:02:00 -05:00
James Walker
c5bb41176e converted toString to new crypt library 2010-03-12 19:42:48 -05:00
James Walker
23d44c7d59 converted sign, verify and fromString to new crypt lib 2010-03-12 19:34:45 -05:00
Brion Vibber
9e9ab23e1f Fixes for updating indices, charset/collation and engine type on plugin-created tables. 
Under MySQL, new tables will be created as InnoDB with UTF-8 (utf8/utf8_bin) same as core tables.
Existing plugin tables will have table engine and default charset/collation updated, and string columns will have charset updated, at checkschema time.

Switched from 'DESCRIBE' to INFORMATION_SCHEMA for pulling column information in order to get charset. A second hit to INFORMATION_SCHEMA is also needed to get table properties.

Indices were only being created at table creation time, which ain't so hot. Now also adding/dropping indices when they change.

Fixed up some schema defs in OStatus plugin that were a bit flaky, causing extra alter tables to be run.

TODO: Generalize this infrastructure a bit more up to base schema & pg schema classes.
 2010-03-12 13:16:32 -08:00
Brion Vibber
45e8819c1b Fix a bunch of notice & warning-level messages that were breaking my inter-instance communications 2010-03-01 16:35:36 -08:00
James Walker
831eb0d2b6 renaming sha256 to prevent conflict 2010-02-26 18:27:13 -05:00
James Walker
ee7603b09f better return check in Magicsig::staticGet() 2010-02-26 17:53:27 -05:00
James Walker
6ee7660a58 should be sequenceKey (singular) 2010-02-26 16:51:50 -05:00
James Walker
0ecf435dc5 adding sequenceKeys() to magicsig 2010-02-26 16:50:00 -05:00
James Walker
223ebc765c move signing to take a local actor profile and use local keys 2010-02-26 14:22:49 -05:00
James Walker
0afb09ad64 er. right. 2010-02-25 23:37:59 -05:00
James Walker
1fe031844c er typo 2010-02-22 23:44:33 -05:00
James Walker
17b8020d25 clean up error logging 2010-02-22 23:30:31 -05:00
James Walker
f4b34d67c5 generate keypairs for users, and put them in the XRD for discovery 2010-02-22 23:30:31 -05:00
James Walker
74f5c1e169 db_objectified magic sig - for persistence of local keypairs 2010-02-22 23:30:31 -05:00
James Walker
cb32b676fa moving magicsig.php to classes - to add storage 2010-02-22 23:30:31 -05:00