aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Lib/ActivityStreams.php
diff options
context:
space:
mode:
authorMario <mario@mariovavti.com>2024-01-13 20:38:34 +0000
committerMario <mario@mariovavti.com>2024-01-13 20:38:34 +0000
commitfa7aa6cedb83279252d1e26bb58227a6f99df9ed (patch)
tree5db025c66abd519d20cc6afdb35b32e72f09a0ce /Zotlabs/Lib/ActivityStreams.php
parent6df98f2fad7741af341f4e74fd2e2f28f21bf373 (diff)
downloadvolse-hubzilla-fa7aa6cedb83279252d1e26bb58227a6f99df9ed.tar.gz
volse-hubzilla-fa7aa6cedb83279252d1e26bb58227a6f99df9ed.tar.bz2
volse-hubzilla-fa7aa6cedb83279252d1e26bb58227a6f99df9ed.zip
start checking integrity proofs, remove signature prior to verify, iterate trough the array to find the desired ekey in actor_store()
Diffstat (limited to 'Zotlabs/Lib/ActivityStreams.php')
-rw-r--r--Zotlabs/Lib/ActivityStreams.php56
1 files changed, 50 insertions, 6 deletions
diff --git a/Zotlabs/Lib/ActivityStreams.php b/Zotlabs/Lib/ActivityStreams.php
index c32f82e33..98fc73462 100644
--- a/Zotlabs/Lib/ActivityStreams.php
+++ b/Zotlabs/Lib/ActivityStreams.php
@@ -24,7 +24,7 @@ class ActivityStreams {
public $origin = null;
public $owner = null;
public $signer = null;
- public $ldsig = null;
+ public $sig = null;
public $sigok = false;
public $recips = null;
public $raw_recips = null;
@@ -97,11 +97,19 @@ class ActivityStreams {
$this->origin = $this->get_compound_property('origin');
$this->recips = $this->collect_recips();
- $this->ldsig = $this->get_compound_property('signature');
- if ($this->ldsig) {
- $this->signer = $this->get_actor('creator', $this->ldsig);
- if ($this->signer && is_array($this->signer) && array_key_exists('publicKey', $this->signer) && is_array($this->signer['publicKey']) && $this->signer['publicKey']['publicKeyPem']) {
- $this->sigok = LDSignatures::verify($this->data, $this->signer['publicKey']['publicKeyPem']);
+ $this->sig = $this->get_compound_property('proof');
+ if ($this->sig) {
+ $this->checkEddsaSignature(); // will set signer and sigok if everything works out
+ }
+
+ // Try LDSignatures if edsig failed
+ if (!$this->sigok) {
+ $this->sig = $this->get_compound_property('signature');
+ if ($this->sig) {
+ $this->signer = $this->get_actor('creator', $this->sig);
+ if ($this->signer && is_array($this->signer) && array_key_exists('publicKey', $this->signer) && is_array($this->signer['publicKey']) && $this->signer['publicKey']['publicKeyPem']) {
+ $this->sigok = LDSignatures::verify($this->data, $this->signer['publicKey']['publicKeyPem']);
+ }
}
}
@@ -490,4 +498,40 @@ class ActivityStreams {
}
+ public function checkEddsaSignature() {
+ $signer = $this->get_property_obj('verificationMethod', $this->sig);
+
+ $parseUrl = parse_url($signer);
+ if (!empty($parseUrl['fragment']) && str_starts_with($parseUrl['fragment'],'z6Mk')) {
+ $publicKey = $parseUrl['fragment'];
+ unset($parseUrl['fragment']);
+ unset($parseUrl['query']);
+ }
+
+ $url = unparse_url($parseUrl);
+ //$this->signer = [ 'id' => $url ];
+
+ $hublocs = Activity::get_actor_hublocs($url);
+ $hasStoredKey = false;
+ if ($hublocs) {
+ foreach ($hublocs as $hubloc) {
+ if ($publicKey && $hubloc['xchan_epubkey'] === $publicKey) {
+ $hasStoredKey = true;
+ break;
+ }
+ }
+ }
+ if (!$hasStoredKey) {
+ $this->signer = Activity::get_actor($url);
+ if ($this->signer
+ && !empty($this->signer['assertionMethod'])
+ && !empty($this->signer['assertionMethod']['publicKeyMultibase'])) {
+ $publicKey = $this->signer['assertionMethod']['publicKeyMultibase'];
+ }
+ }
+ if ($publicKey) {
+ $this->sigok = (new JcsEddsa2022)->verify($this->data, $publicKey);
+ }
+ }
+
}