diff options
author | Friendika <info@friendika.com> | 2011-08-05 05:37:42 -0700 |
---|---|---|
committer | Friendika <info@friendika.com> | 2011-08-05 05:37:42 -0700 |
commit | 5a5a7bfc4cf551f6353358b961399efcaa8269b3 (patch) | |
tree | 761664960dbd8909f39404ef65c8454b53507ac5 | |
parent | 112fc59e3190d29d95139fda3e861818f828b0d0 (diff) | |
download | volse-hubzilla-5a5a7bfc4cf551f6353358b961399efcaa8269b3.tar.gz volse-hubzilla-5a5a7bfc4cf551f6353358b961399efcaa8269b3.tar.bz2 volse-hubzilla-5a5a7bfc4cf551f6353358b961399efcaa8269b3.zip |
fallback sha256 openssl_verify code for php releases prior to 5.3
-rw-r--r-- | mod/receive.php | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/mod/receive.php b/mod/receive.php index 188f55f21..f5a2eb7b6 100644 --- a/mod/receive.php +++ b/mod/receive.php @@ -194,7 +194,7 @@ function receive_post(&$a) { logger('mod-diaspora: Fetching key for ' . $author_link ); -// Get diaspora public key (pkcs#1) and convert to pkcs#8 + // Get diaspora public key (pkcs#1) and convert to pkcs#8 $key = get_diaspora_key($author_link); if(! $key) { @@ -202,14 +202,17 @@ function receive_post(&$a) { receive_return(400); } + $verify = false; if (version_compare(PHP_VERSION, '5.3.0', '>=')) { $verify = openssl_verify($signed_data,$signature,$key,'sha256'); } else { - // FIXME // fallback sha256 verify for PHP < 5.3 - + $rawsig = ''; + $hash = hash('sha256',$signed_data,true); + openssl_public_decrypt($signature,$rawsig,$key); + $verify = (($rawsig && substr($rawsig,-32) === $hash) ? true : false); } if(! $verify) { |