Mikael Nordfeldth
9b461db4da
Send the entire XMLStringer object in MagicEnvelope events.
2015-10-04 09:59:01 +02:00
Mikael Nordfeldth
184293c634
Break out MagicEnvelope->toXML() functionality to allow for plugin flexibility
2015-10-04 00:17:07 +02:00
Mikael Nordfeldth
30a4393afa
Move around some code related to Magic_envelope and signing
2015-10-03 23:35:46 +02:00
Mikael Nordfeldth
24b1e26406
MagicEnvelope called DOMDocument::loadXML statically
...
but apparently we shouldn't do this, despite recommended on https://secure.php.net/manual/en/domdocument.loadxml.php
2015-07-10 23:24:50 +02:00
Mikael Nordfeldth
aeaee388bf
Store remote magicsig public keys locally
2015-01-24 13:06:09 +01:00
Mikael Nordfeldth
d350a20e1f
Less verbose debugging (also don't log private keys)
...
Magicsig private keys were logged. That's probably not a good thing.
MagicEnvelope full XML entries no longer spam the log either.
2014-06-03 12:53:04 +02:00
Mikael Nordfeldth
0bc122ff58
Magicsig::generate is now static
...
This also fixes a problem with "initial salmon slap", which was a
problem for newly registered accounts which would have their first
salmon slap fail to distribute since there was a problem with Magicsig
keys. Apparently we have to re-read them with importKeys so the
Crypt_RSA objects publicKey and privateKey match later instances of them.
I think it may have been that generate() doesn't specify a signatureMode,
but I leave experimentation of that to the future.
2014-06-02 21:50:40 +02:00
Mikael Nordfeldth
537dff7987
Salmon posts can only be made for local users. More typing!
...
Since we of course don't have the remote party's private keys anyway.
I made some small fixes in Magicsig class too, removing unnecessary code.
2014-06-02 19:46:42 +02:00
Mikael Nordfeldth
78805d113a
MagicEnvelope discoverKeyPair now returns string
...
getKeyPair fills in missing data so it's a complete Magicsig.
We may use insert() here in the future so the Magicsig is cached locally.
2014-06-02 18:31:48 +02:00
Mikael Nordfeldth
d44588f98b
Only use a Profile in MagicEnvelope keypair retrieval
...
So we _know_ there is a profile for the submitter we're about to verify.
2014-06-02 16:12:26 +02:00
Mikael Nordfeldth
993ad00333
Improve debugging for Salmon slaps
2014-06-02 14:20:58 +02:00
Mikael Nordfeldth
75711ae06a
Magicsig is made a bit less cumbersome
2014-05-31 13:41:49 +02:00
Mikael Nordfeldth
411f3b86a4
Use locally cached Salmon keys for profiles
...
Please note that we're not yet actually caching them ourselves.
2014-05-31 12:51:51 +02:00
Mikael Nordfeldth
0c2134f9ad
Last objectification of MagicEnvelope. Smarter SalmonAction
2014-05-31 12:00:46 +02:00
Mikael Nordfeldth
03fc02c26f
Bad variable names (fixes last commit)
2014-05-27 13:02:26 +02:00
Mikael Nordfeldth
41773d3f67
MagicEnvelope object orientation (no passing arrays)
...
MagicEnvelope now uses object properties instead of passing arrays
around everywhere.
2014-05-27 12:01:12 +02:00
Mikael Nordfeldth
14251d26ad
Make MagicEnvelope self-reference
...
Also, a stricer typing for DOMDocument in fromDom parsing function.
2014-05-27 10:18:36 +02:00
Mikael Nordfeldth
54ae0ed3cc
Removed MagicEnvelopeCompat, legacy from SN <0.9.7
2014-05-26 23:54:22 +02:00
Mikael Nordfeldth
ba10da27da
Should not normalize Salmon author URIs.
...
It's normalized in Discovery->lookup later anyway.
2014-05-26 14:20:42 +02:00
Mikael Nordfeldth
8c348c96e7
getAuthorUri is a more appropriate function name
2014-05-26 14:14:54 +02:00
Mikael Nordfeldth
fac102a50a
checkAuthor not used anywhere
2014-05-26 14:13:35 +02:00
Mikael Nordfeldth
1a0171ef61
MagicEnvelope class now throws exception on XRD fail
2014-05-06 13:11:29 +02:00
Mikael Nordfeldth
a7e748479c
Fixed regression in OStatus sub from WebFinger/XML_XRD update
...
XML_XRD::getAll requires arguments (at least relation). If one really
want all links, just get the 'links' array. It's public!
Also, not all XML_XRD_Element_Link were migrated from the previous
array style.
2013-09-30 23:33:28 +02:00
Mikael Nordfeldth
a0e107f17f
Implemented WebFinger and replaced our XRD with PEAR XML_XRD
...
New plugins:
* LRDD
LRDD implements client-side RFC6415 and RFC7033 resource descriptor
discovery procedures. I.e. LRDD, host-meta and WebFinger stuff.
OStatus and OpenID now depend on the LRDD plugin (XML_XRD).
* WebFinger
This plugin implements the server-side of RFC6415 and RFC7033. Note:
WebFinger technically doesn't handle XRD, but we serve both that and
JRD (JSON Resource Descriptor), depending on Accept header and one
ugly hack to check for old StatusNet installations.
WebFinger depends on LRDD.
We might make this even prettier by using Net_WebFinger, but it is not
currently RFC7033 compliant (no /.well-known/webfinger resource GETs).
Disabling the WebFinger plugin would effectively render your site non-
federated (which might be desired on a private site).
Disabling the LRDD plugin would make your site unable to do modern web
URI lookups (making life just a little bit harder).
2013-09-30 22:04:52 +02:00
Siebrand Mazeland
b83e0fd0e8
Update translator documentation.
...
i18n fixes (gettext domain).
L10n updates.
Whitespace updates.
Some tabs to spaces.
2011-04-11 00:39:51 +02:00
Brion Vibber
946a4ac17b
Add test cases for internal change in Salmon signing; fix for the new code.
...
Updated sig passes Tuomas's verifier, which is a good sign
2011-01-05 23:26:39 +00:00
Brion Vibber
51d1535f15
Added doc comments on Salmon magicsig-related stuff to help in figuring out what's going on
2011-01-05 14:05:59 -08:00
Siebrand Mazeland
5a6f616206
* i18n/L10n update
...
* translator comments added
* remove superfluous whitespace
2010-09-19 15:17:36 +02:00
Siebrand Mazeland
1bfbe9badf
* i18n/L10n updates and FIXMEs added
...
* whitespace fixes
2010-09-03 01:35:04 +02:00
James Walker
c8a706081e
strip whitespace from me:data and me:sig (per spec)
2010-08-07 09:48:21 -04:00
James Walker
8120842780
Fix for #2429 - move OStatus XML writing to XMLStringer
2010-08-02 16:42:28 -04:00
James Walker
3227122ac3
move base64_url_(encode|decode) to static functions in Magicsig
2010-03-26 10:43:41 -07:00
James Walker
10410907a0
A bit safer checking in the keypair parsing
2010-03-24 14:27:35 -04:00
James Walker
512e511053
fix invalid separator in magic-public-key XRD and matching parsing.
2010-03-11 14:49:12 -05:00
James Walker
06612e35e4
remove hard-coded me:env check in magicenvelope
2010-03-11 14:49:12 -05:00
James Walker
89582e7226
base64_encode/decode -> base64_url_encode/decode
2010-03-11 14:49:12 -05:00
James Walker
ddc4a7d2ff
Catch a previously uncaught exception and add some additional debug logs for signature verification
2010-03-04 01:46:34 -05:00
James Walker
e4c462570f
move salmon posting to send application/magic-envelope+xml per http://salmon-protocol.googlecode.com/svn/trunk/draft-panzer-salmon-00.html#RPF
2010-02-26 15:39:58 -05:00
James Walker
223ebc765c
move signing to take a local actor profile and use local keys
2010-02-26 14:22:49 -05:00
James Walker
ab8bb4d79e
more cleanup
2010-02-26 04:07:58 -05:00
James Walker
84d0c865c4
salmon actually fetching remote keypairs
2010-02-26 03:25:51 -05:00
James Walker
855692141d
use a real keypair from discovery
2010-02-25 23:38:25 -05:00
James Walker
e62e49ed3b
adding some exception handling for magicenv parsing
2010-02-25 17:09:54 -05:00
James Walker
9494b0e5d7
magicsig shuffling
2010-02-22 23:30:32 -05:00
James Walker
e0388cc1d3
adding magic sig stuff
2010-02-22 09:05:32 -05:00