diff options
author | Friendika <info@friendika.com> | 2011-08-20 20:54:03 -0700 |
---|---|---|
committer | Friendika <info@friendika.com> | 2011-08-20 20:54:03 -0700 |
commit | a3eb73ed11fb9940755b2a3e6d996232609c0e7f (patch) | |
tree | 162013b2325eaa7a5b4161edea72798212b2bf49 | |
parent | c0be5bea1698d5e2db140a295731fdce12ba0382 (diff) | |
download | volse-hubzilla-a3eb73ed11fb9940755b2a3e6d996232609c0e7f.tar.gz volse-hubzilla-a3eb73ed11fb9940755b2a3e6d996232609c0e7f.tar.bz2 volse-hubzilla-a3eb73ed11fb9940755b2a3e6d996232609c0e7f.zip |
diaspora sign/verify requires SHA0 hash algorithm
-rw-r--r-- | include/crypto.php | 4 | ||||
-rw-r--r-- | include/diaspora.php | 21 |
2 files changed, 12 insertions, 13 deletions
diff --git a/include/crypto.php b/include/crypto.php index a75a9aa74..a20606db5 100644 --- a/include/crypto.php +++ b/include/crypto.php @@ -9,7 +9,7 @@ function rsa_sign($data,$key,$alg = 'sha256') { $sig = ''; if (version_compare(PHP_VERSION, '5.3.0', '>=') || $alg === 'sha1') { - openssl_sign($data,$sig,$key,(($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : 'sha256')); + openssl_sign($data,$sig,$key,(($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : $alg)); } else { if(strlen($key) < 1024 || extension_loaded('gmp')) { @@ -31,7 +31,7 @@ function rsa_sign($data,$key,$alg = 'sha256') { function rsa_verify($data,$sig,$key,$alg = 'sha256') { if (version_compare(PHP_VERSION, '5.3.0', '>=') || $alg === 'sha1') { - $verify = openssl_verify($data,$sig,$key,(($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : 'sha256')); + $verify = openssl_verify($data,$sig,$key,(($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : $alg)); } else { if(strlen($key) <= 300 || extension_loaded('gmp')) { diff --git a/include/diaspora.php b/include/diaspora.php index d75a91b6d..5ee10901c 100644 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -508,10 +508,9 @@ function diaspora_comment($importer,$xml,$msg) { } } - if(! rsa_verify($author_signed_data,$author_signature,$key,'sha1')) { + if(! rsa_verify($author_signed_data,$author_signature,$key,'sha')) { logger('diaspora_comment: verification failed.'); -// until we figure out what is different about their signing algorithm, accept it -// return; + return; } @@ -522,9 +521,9 @@ function diaspora_comment($importer,$xml,$msg) { $key = $msg['key']; - if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha1')) { + if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha')) { logger('diaspora_comment: owner verification failed.'); -// return; + return; } } @@ -677,9 +676,9 @@ function diaspora_like($importer,$xml,$msg) { } } - if(! rsa_verify($author_signed_data,$author_signature,$key,'sha1')) { + if(! rsa_verify($author_signed_data,$author_signature,$key,'sha')) { logger('diaspora_like: verification failed.'); -// return; + return; } if($parent_author_signature) { @@ -689,9 +688,9 @@ function diaspora_like($importer,$xml,$msg) { $key = $msg['key']; - if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha1')) { + if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha')) { logger('diaspora_like: owner verification failed.'); -// return; + return; } } @@ -871,7 +870,7 @@ function diaspora_send_followup($item,$owner,$contact) { else $signed_text = $item['guid'] . ';' . $parent_guid . ';' . $text . ';' . $myaddr; - $authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey']),'sha1'); + $authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey']),'sha'); $msg = replace_macros($tpl,array( '$guid' => xmlify($item['guid']), @@ -939,7 +938,7 @@ function diaspora_send_relay($item,$owner,$contact) { else $parent_signed_text = $orig_sign['signed_text']; - $parentauthorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha1')); + $parentauthorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha')); $msg = replace_macros($tpl,array( '$guid' => xmlify($item['guid']), |