aboutsummaryrefslogtreecommitdiffstats
path: root/include/diaspora.php
diff options
context:
space:
mode:
authorFriendika <info@friendika.com>2011-08-09 18:55:46 -0700
committerFriendika <info@friendika.com>2011-08-09 18:55:46 -0700
commit1bfe1283aa38454369f29883411a6c012c88df59 (patch)
treeb85f93b9d4c6b40bf4678ccd32fea7b9531f27bb /include/diaspora.php
parent49be3941828668e762141972afa1324045805f20 (diff)
downloadvolse-hubzilla-1bfe1283aa38454369f29883411a6c012c88df59.tar.gz
volse-hubzilla-1bfe1283aa38454369f29883411a6c012c88df59.tar.bz2
volse-hubzilla-1bfe1283aa38454369f29883411a6c012c88df59.zip
crypto stuff
Diffstat (limited to 'include/diaspora.php')
-rw-r--r--include/diaspora.php25
1 files changed, 6 insertions, 19 deletions
diff --git a/include/diaspora.php b/include/diaspora.php
index d25137bf3..e39617aa3 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -1,6 +1,6 @@
<?php
-require_once('include/certfns.php');
+require_once('include/crypto.php');
function receive_return($val) {
@@ -83,9 +83,7 @@ function diaspora_msg_build($msg,$user,$contact,$prvkey,$pubkey) {
$signable_data = $data . '.' . base64url_encode($type) . "\n" . '.'
. base64url_encode($encoding) . "\n" . '.' . base64url_encode($alg) . "\n";
- $signature = '';
- $result = openssl_sign($signable_data,$signature,$prvkey,'SHA256');
-
+ $signature = rsa_sign($signable_data,$prvkey);
$sig = base64url_encode($signature);
$decrypted_header = <<< EOT
@@ -226,7 +224,7 @@ function diaspora_decode($importer,$xml) {
if(! $author_link) {
logger('mod-diaspora: Could not retrieve author URI.');
- receive_return(400);
+ http_status_exit(400);
}
// Once we have the author URI, go to the web and try to find their public key
@@ -239,25 +237,14 @@ function diaspora_decode($importer,$xml) {
if(! $key) {
logger('mod-diaspora: Could not retrieve author key.');
- receive_return(400);
+ http_status_exit(400);
}
- $verify = false;
-
- if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
- $verify = openssl_verify($signed_data,$signature,$key,'sha256');
- }
- else {
- // fallback sha256 verify for PHP < 5.3
- $rawsig = '';
- $hash = hash('sha256',$signed_data,true);
- openssl_public_decrypt($signature,$rawsig,$key);
- $verify = (($rawsig && substr($rawsig,-32) === $hash) ? true : false);
- }
+ $verify = rsa_verify($signed_data,$signature,$key);
if(! $verify) {
logger('mod-diaspora: Message did not verify. Discarding.');
- receive_return(400);
+ http_status_exit(400);
}
logger('mod-diaspora: Message verified.');