aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFriendika <info@friendika.com>2011-08-20 20:54:03 -0700
committerFriendika <info@friendika.com>2011-08-20 20:54:03 -0700
commita3eb73ed11fb9940755b2a3e6d996232609c0e7f (patch)
tree162013b2325eaa7a5b4161edea72798212b2bf49
parentc0be5bea1698d5e2db140a295731fdce12ba0382 (diff)
downloadvolse-hubzilla-a3eb73ed11fb9940755b2a3e6d996232609c0e7f.tar.gz
volse-hubzilla-a3eb73ed11fb9940755b2a3e6d996232609c0e7f.tar.bz2
volse-hubzilla-a3eb73ed11fb9940755b2a3e6d996232609c0e7f.zip
diaspora sign/verify requires SHA0 hash algorithm
-rw-r--r--include/crypto.php4
-rw-r--r--include/diaspora.php21
2 files changed, 12 insertions, 13 deletions
diff --git a/include/crypto.php b/include/crypto.php
index a75a9aa74..a20606db5 100644
--- a/include/crypto.php
+++ b/include/crypto.php
@@ -9,7 +9,7 @@ function rsa_sign($data,$key,$alg = 'sha256') {
$sig = '';
if (version_compare(PHP_VERSION, '5.3.0', '>=') || $alg === 'sha1') {
- openssl_sign($data,$sig,$key,(($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : 'sha256'));
+ openssl_sign($data,$sig,$key,(($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : $alg));
}
else {
if(strlen($key) < 1024 || extension_loaded('gmp')) {
@@ -31,7 +31,7 @@ function rsa_sign($data,$key,$alg = 'sha256') {
function rsa_verify($data,$sig,$key,$alg = 'sha256') {
if (version_compare(PHP_VERSION, '5.3.0', '>=') || $alg === 'sha1') {
- $verify = openssl_verify($data,$sig,$key,(($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : 'sha256'));
+ $verify = openssl_verify($data,$sig,$key,(($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : $alg));
}
else {
if(strlen($key) <= 300 || extension_loaded('gmp')) {
diff --git a/include/diaspora.php b/include/diaspora.php
index d75a91b6d..5ee10901c 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -508,10 +508,9 @@ function diaspora_comment($importer,$xml,$msg) {
}
}
- if(! rsa_verify($author_signed_data,$author_signature,$key,'sha1')) {
+ if(! rsa_verify($author_signed_data,$author_signature,$key,'sha')) {
logger('diaspora_comment: verification failed.');
-// until we figure out what is different about their signing algorithm, accept it
-// return;
+ return;
}
@@ -522,9 +521,9 @@ function diaspora_comment($importer,$xml,$msg) {
$key = $msg['key'];
- if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha1')) {
+ if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha')) {
logger('diaspora_comment: owner verification failed.');
-// return;
+ return;
}
}
@@ -677,9 +676,9 @@ function diaspora_like($importer,$xml,$msg) {
}
}
- if(! rsa_verify($author_signed_data,$author_signature,$key,'sha1')) {
+ if(! rsa_verify($author_signed_data,$author_signature,$key,'sha')) {
logger('diaspora_like: verification failed.');
-// return;
+ return;
}
if($parent_author_signature) {
@@ -689,9 +688,9 @@ function diaspora_like($importer,$xml,$msg) {
$key = $msg['key'];
- if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha1')) {
+ if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha')) {
logger('diaspora_like: owner verification failed.');
-// return;
+ return;
}
}
@@ -871,7 +870,7 @@ function diaspora_send_followup($item,$owner,$contact) {
else
$signed_text = $item['guid'] . ';' . $parent_guid . ';' . $text . ';' . $myaddr;
- $authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey']),'sha1');
+ $authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey']),'sha');
$msg = replace_macros($tpl,array(
'$guid' => xmlify($item['guid']),
@@ -939,7 +938,7 @@ function diaspora_send_relay($item,$owner,$contact) {
else
$parent_signed_text = $orig_sign['signed_text'];
- $parentauthorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha1'));
+ $parentauthorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha'));
$msg = replace_macros($tpl,array(
'$guid' => xmlify($item['guid']),