diaspora sign/verify requires SHA0 hash algorithm
This commit is contained in:
parent
c0be5bea16
commit
a3eb73ed11
2 changed files with 12 additions and 13 deletions
|
@ -9,7 +9,7 @@ function rsa_sign($data,$key,$alg = 'sha256') {
|
||||||
|
|
||||||
$sig = '';
|
$sig = '';
|
||||||
if (version_compare(PHP_VERSION, '5.3.0', '>=') || $alg === 'sha1') {
|
if (version_compare(PHP_VERSION, '5.3.0', '>=') || $alg === 'sha1') {
|
||||||
openssl_sign($data,$sig,$key,(($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : 'sha256'));
|
openssl_sign($data,$sig,$key,(($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : $alg));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if(strlen($key) < 1024 || extension_loaded('gmp')) {
|
if(strlen($key) < 1024 || extension_loaded('gmp')) {
|
||||||
|
@ -31,7 +31,7 @@ function rsa_sign($data,$key,$alg = 'sha256') {
|
||||||
function rsa_verify($data,$sig,$key,$alg = 'sha256') {
|
function rsa_verify($data,$sig,$key,$alg = 'sha256') {
|
||||||
|
|
||||||
if (version_compare(PHP_VERSION, '5.3.0', '>=') || $alg === 'sha1') {
|
if (version_compare(PHP_VERSION, '5.3.0', '>=') || $alg === 'sha1') {
|
||||||
$verify = openssl_verify($data,$sig,$key,(($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : 'sha256'));
|
$verify = openssl_verify($data,$sig,$key,(($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : $alg));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if(strlen($key) <= 300 || extension_loaded('gmp')) {
|
if(strlen($key) <= 300 || extension_loaded('gmp')) {
|
||||||
|
|
|
@ -508,10 +508,9 @@ function diaspora_comment($importer,$xml,$msg) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if(! rsa_verify($author_signed_data,$author_signature,$key,'sha1')) {
|
if(! rsa_verify($author_signed_data,$author_signature,$key,'sha')) {
|
||||||
logger('diaspora_comment: verification failed.');
|
logger('diaspora_comment: verification failed.');
|
||||||
// until we figure out what is different about their signing algorithm, accept it
|
return;
|
||||||
// return;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -522,9 +521,9 @@ function diaspora_comment($importer,$xml,$msg) {
|
||||||
|
|
||||||
$key = $msg['key'];
|
$key = $msg['key'];
|
||||||
|
|
||||||
if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha1')) {
|
if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha')) {
|
||||||
logger('diaspora_comment: owner verification failed.');
|
logger('diaspora_comment: owner verification failed.');
|
||||||
// return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -677,9 +676,9 @@ function diaspora_like($importer,$xml,$msg) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if(! rsa_verify($author_signed_data,$author_signature,$key,'sha1')) {
|
if(! rsa_verify($author_signed_data,$author_signature,$key,'sha')) {
|
||||||
logger('diaspora_like: verification failed.');
|
logger('diaspora_like: verification failed.');
|
||||||
// return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if($parent_author_signature) {
|
if($parent_author_signature) {
|
||||||
|
@ -689,9 +688,9 @@ function diaspora_like($importer,$xml,$msg) {
|
||||||
|
|
||||||
$key = $msg['key'];
|
$key = $msg['key'];
|
||||||
|
|
||||||
if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha1')) {
|
if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha')) {
|
||||||
logger('diaspora_like: owner verification failed.');
|
logger('diaspora_like: owner verification failed.');
|
||||||
// return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -871,7 +870,7 @@ function diaspora_send_followup($item,$owner,$contact) {
|
||||||
else
|
else
|
||||||
$signed_text = $item['guid'] . ';' . $parent_guid . ';' . $text . ';' . $myaddr;
|
$signed_text = $item['guid'] . ';' . $parent_guid . ';' . $text . ';' . $myaddr;
|
||||||
|
|
||||||
$authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey']),'sha1');
|
$authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey']),'sha');
|
||||||
|
|
||||||
$msg = replace_macros($tpl,array(
|
$msg = replace_macros($tpl,array(
|
||||||
'$guid' => xmlify($item['guid']),
|
'$guid' => xmlify($item['guid']),
|
||||||
|
@ -939,7 +938,7 @@ function diaspora_send_relay($item,$owner,$contact) {
|
||||||
else
|
else
|
||||||
$parent_signed_text = $orig_sign['signed_text'];
|
$parent_signed_text = $orig_sign['signed_text'];
|
||||||
|
|
||||||
$parentauthorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha1'));
|
$parentauthorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha'));
|
||||||
|
|
||||||
$msg = replace_macros($tpl,array(
|
$msg = replace_macros($tpl,array(
|
||||||
'$guid' => xmlify($item['guid']),
|
'$guid' => xmlify($item['guid']),
|
||||||
|
|
Loading…
Reference in a new issue