aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2017-09-20 21:20:00 -0700
committerzotlabs <mike@macgirvin.com>2017-09-20 21:20:00 -0700
commit24a9c3ba79cc7639a9cc6082c13dfedbc989bc8d (patch)
tree5479aaf0310fe44dbc2f10ddf1f7db1c8704aeff
parentc4261b9c4b234cd3b2f377160c38a3aac5186690 (diff)
downloadvolse-hubzilla-24a9c3ba79cc7639a9cc6082c13dfedbc989bc8d.tar.gz
volse-hubzilla-24a9c3ba79cc7639a9cc6082c13dfedbc989bc8d.tar.bz2
volse-hubzilla-24a9c3ba79cc7639a9cc6082c13dfedbc989bc8d.zip
add more signature logging
-rw-r--r--Zotlabs/Lib/LDSignatures.php5
-rw-r--r--Zotlabs/Web/HTTPSig.php8
2 files changed, 11 insertions, 2 deletions
diff --git a/Zotlabs/Lib/LDSignatures.php b/Zotlabs/Lib/LDSignatures.php
index 31ffd71f1..d500799c0 100644
--- a/Zotlabs/Lib/LDSignatures.php
+++ b/Zotlabs/Lib/LDSignatures.php
@@ -12,7 +12,10 @@ class LDSignatures {
$ohash = self::hash(self::signable_options($data['signature']));
$dhash = self::hash(self::signable_data($data));
- return rsa_verify($ohash . $dhash,base64_decode($data['signature']['signatureValue']), $pubkey);
+ $x = rsa_verify($ohash . $dhash,base64_decode($data['signature']['signatureValue']), $pubkey);
+ logger('LD-verify: ' . intval($x));
+
+ return $x;
}
static function dopplesign(&$data,$channel) {
diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php
index 6526fa7c8..28a7b3b55 100644
--- a/Zotlabs/Web/HTTPSig.php
+++ b/Zotlabs/Web/HTTPSig.php
@@ -48,7 +48,7 @@ class HTTPSig {
else {
$headers = [];
$headers['(request-target)'] =
- $_SERVER['REQUEST_METHOD'] . ' ' .
+ strtolower($_SERVER['REQUEST_METHOD']) . ' ' .
$_SERVER['REQUEST_URI'];
foreach($_SERVER as $k => $v) {
if(strpos($k,'HTTP_') === 0) {
@@ -70,6 +70,8 @@ class HTTPSig {
if(! $sig_block)
return $result;
+ logger('sig_block: ' . print_r($sig_block,true), LOGGER_DATA);
+
$result['header_signed'] = true;
$signed_headers = $sig_block['headers'];
@@ -110,6 +112,8 @@ class HTTPSig {
$x = rsa_verify($signed_data,$sig_block['signature'],$key,$algorithm);
+ logger('verified: ' . $x, LOGGER_DEBUG);
+
if($x === false)
return $result;
@@ -130,6 +134,8 @@ class HTTPSig {
}
}
+ logger('Content_Valid: ' . $result['content_valid']);
+
return $result;
}