aboutsummaryrefslogtreecommitdiffstats
path: root/include/salmon.php
diff options
context:
space:
mode:
authorMike Macgirvin <mike@macgirvin.com>2010-10-21 04:53:43 -0700
committerMike Macgirvin <mike@macgirvin.com>2010-10-21 04:53:43 -0700
commit5edee3c4d1f84c07c1c54775072601188075a542 (patch)
treec3b8167923bbb4c77eee9a727b38b1c93ad3d26b /include/salmon.php
parent39b19cd0890754c947414ed9eb6d688e12702e0d (diff)
downloadvolse-hubzilla-5edee3c4d1f84c07c1c54775072601188075a542.tar.gz
volse-hubzilla-5edee3c4d1f84c07c1c54775072601188075a542.tar.bz2
volse-hubzilla-5edee3c4d1f84c07c1c54775072601188075a542.zip
magic-envelope verification, status.net appears to do it wrong.
Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects.
Diffstat (limited to 'include/salmon.php')
-rw-r--r--include/salmon.php109
1 files changed, 109 insertions, 0 deletions
diff --git a/include/salmon.php b/include/salmon.php
index 7198f07c6..bd2d620a8 100644
--- a/include/salmon.php
+++ b/include/salmon.php
@@ -16,3 +16,112 @@ function salmon_key($pubkey) {
return 'RSA' . '.' . $m . '.' . $e ;
}
+
+
+function base64url_encode($s) {
+ return strtr(base64_encode($s),'+/','-_');
+}
+
+function base64url_decode($s) {
+ return base64_decode(strtr($s,'-_','+/'));
+}
+
+function get_salmon_key($uri,$keyhash) {
+ $ret = array();
+
+ $debugging = get_config('system','debugging');
+ if($debugging)
+ file_put_contents('salmon.out', "\n" . 'Fetch key' . "\n", FILE_APPEND);
+
+ if(strstr($uri,'@')) {
+ $arr = webfinger($uri);
+ if($debugging)
+ file_put_contents('salmon.out', "\n" . 'Fetch key from webfinger' . "\n", FILE_APPEND);
+ }
+ else {
+ $html = fetch_url($uri);
+ $a = get_app();
+ $h = $a->get_curl_headers();
+ if($debugging)
+ file_put_contents('salmon.out', "\n" . 'Fetch key via HTML header: ' . $h . "\n", FILE_APPEND);
+
+ $l = explode("\n",$h);
+ if(count($l)) {
+ foreach($l as $line) {
+
+ if($debugging)
+ file_put_contents('salmon.out', "\n" . $line . "\n", FILE_APPEND);
+ if((stristr($line,'link:')) && preg_match('/<([^>].*)>.*rel\=[\'\"]lrdd[\'\"]/',$line,$matches)) {
+ $link = $matches[1];
+ if($debugging)
+ file_put_contents('salmon.out', "\n" . 'Fetch key via Link from header: ' . $link . "\n", FILE_APPEND);
+ break;
+ }
+ }
+ }
+ }
+
+ if(! isset($link)) {
+ require_once('library/HTML5/Parser.php');
+ $dom = HTML5_Parser::parse($html);
+
+ if(! $dom)
+ return '';
+
+ $items = $dom->getElementsByTagName('link');
+
+ foreach($items as $item) {
+ $x = $item->getAttribute('rel');
+ if($x == "lrdd") {
+ $link = $item->getAttribute('href');
+ if($debugging)
+ file_put_contents('salmon.out', "\n" . 'Fetch key via HTML body' . $link . "\n", FILE_APPEND);
+ break;
+ }
+ }
+ }
+
+ if(! isset($link))
+ return '';
+
+ $arr = fetch_xrd_links($link);
+
+ if($arr) {
+ foreach($arr as $a) {
+ if($a['@attributes']['rel'] === 'magic-public-key') {
+ $ret[] = $a['@attributes']['href'];
+ }
+ }
+ }
+ if(count($ret)) {
+ for($x = 0; $x < count($ret); $x ++) {
+ if(substr($ret[$x],0,5) === 'data:') {
+ if(strstr($ret[$x],','))
+ $ret[$x] = substr($ret[$x],strpos($ret[$x],',')+1);
+ else
+ $ret[$x] = substr($ret[$x],5);
+ }
+ else
+ $ret[$x] = fetch_url($ret[$x]);
+ }
+ }
+ if($debugging)
+ file_put_contents('salmon.out', "\n" . 'Key located: ' . print_r($ret,true) . "\n", FILE_APPEND);
+
+ if(count($ret) == 1) {
+ return $ret[0];
+ }
+ else {
+ foreach($ret as $a) {
+ $hash = base64url_encode(hash('sha256',$a));
+ if($hash == $keyhash)
+ return $a;
+ }
+ }
+
+ return '';
+}
+
+
+
+ \ No newline at end of file