aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Lib/LDSignatures.php
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2017-08-28 19:06:01 -0700
committerzotlabs <mike@macgirvin.com>2017-08-28 19:06:01 -0700
commitab5e7ad7a20d86dc611988df487b2edb38d14c21 (patch)
treeebe83c35f10bc641837e594f8dd661e20b61317f /Zotlabs/Lib/LDSignatures.php
parent6385d11b5489d3d3cf0c8200e689276824af148e (diff)
downloadvolse-hubzilla-ab5e7ad7a20d86dc611988df487b2edb38d14c21.tar.gz
volse-hubzilla-ab5e7ad7a20d86dc611988df487b2edb38d14c21.tar.bz2
volse-hubzilla-ab5e7ad7a20d86dc611988df487b2edb38d14c21.zip
provide support for json-ld signatures (https://w3c-dvcg.github.io/ld-signatures/)
Diffstat (limited to 'Zotlabs/Lib/LDSignatures.php')
-rw-r--r--Zotlabs/Lib/LDSignatures.php81
1 files changed, 81 insertions, 0 deletions
diff --git a/Zotlabs/Lib/LDSignatures.php b/Zotlabs/Lib/LDSignatures.php
new file mode 100644
index 000000000..7afce7700
--- /dev/null
+++ b/Zotlabs/Lib/LDSignatures.php
@@ -0,0 +1,81 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+require_once('library/jsonld/jsonld.php');
+
+class LDSignatures {
+
+
+ static function verify($data,$pubkey) {
+
+ $ohash = self::hash(self::signable_options($data['signature']));
+ $dhash = self::hash(self::signable_data($data['signature']));
+
+ return rsa_verify($ohash . $dhash,base64_decode($data['signature']['signatureValue']), $pubkey);
+ }
+
+
+
+ static function sign($data,$channel) {
+ $options = [
+ 'type' => 'RsaSignature2017',
+ 'creator' => z_root() . '/channel/' . $channel['channel_address'] . '/public_key_pem',
+ 'created' => datetime_convert('UTC','UTC', 'now', 'Y-m-d\Th:i:s\Z')
+ ];
+
+ $ohash = self::hash(self::signable_options($options));
+ $dhash = self::hash(self::signable_data($data));
+ $options['signatureValue'] = base64_encode(rsa_sign($ohash . $dhash,$channel['channel_prvkey']));
+
+ $signed = array_merge([
+ '@context' => [ 'https://www.w3.org/ns/activitystreams', 'https://w3id.org/security/v1' ],
+ ],$options);
+
+ return $signed;
+ }
+
+
+ static function signable_data($data) {
+
+ $newdata = [];
+ if($data) {
+ foreach($data as $k => $v) {
+ if(! in_array($k,[ 'signature' ])) {
+ $newopts[$k] = $v;
+ }
+ }
+ }
+ return json_encode($newdata,JSON_UNESCAPED_SLASHES);
+ }
+
+
+ static function signable_options($options) {
+
+ $newopts = [ '@context' => 'https://w3id.org/identity/v1' ];
+ if($options) {
+ foreach($options as $k => $v) {
+ if(! in_array($k,[ 'type','id','signatureValue' ])) {
+ $newopts[$k] = $v;
+ }
+ }
+ }
+ return json_encode($newopts,JSON_UNESCAPED_SLASHES);
+ }
+
+ static function hash($obj) {
+ return hash('sha256',self::normalise($obj));
+ }
+
+ static function normalise($data) {
+ if(is_string($data)) {
+ $data = json_decode($data);
+ }
+
+ if(! is_object($data))
+ return '';
+
+ return jsonld_normalize($data,[ 'algorithm' => 'URDNA2015', 'format' => 'application/nquads' ]);
+ }
+
+} \ No newline at end of file