aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Lib/Activity.php6
-rw-r--r--Zotlabs/Lib/Keyutils.php82
-rw-r--r--Zotlabs/Module/Channel.php2
-rw-r--r--Zotlabs/Module/Display.php2
-rw-r--r--Zotlabs/Module/Hq.php2
-rw-r--r--Zotlabs/Module/Network.php2
-rw-r--r--Zotlabs/Module/Pubstream.php2
-rw-r--r--Zotlabs/Module/Rpost.php2
-rw-r--r--Zotlabs/Web/HTTPSig.php14
9 files changed, 67 insertions, 47 deletions
diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php
index 717219761..64588f9e3 100644
--- a/Zotlabs/Lib/Activity.php
+++ b/Zotlabs/Lib/Activity.php
@@ -3555,15 +3555,15 @@ class Activity {
// TODO: implement FEP-fb2a at the sending side and deprecate PropertyValue
if ((isset($t['type']) && $t['type'] === 'PropertyValue') &&
(isset($t['name']) && $t['name'] === 'Protocol') &&
- (isset($t['value']) && in_array($t['value'], ['zot6', 'activitypub', 'diaspora']))
+ isset($t['value'])
) {
- $ret[] = $t['value'];
+ $ret[] = trim($t['value']);
}
// FEP-fb2a - actor metadata
if ((isset($t['type']) && $t['type'] === 'Note') &&
(isset($t['name']) && $t['name'] === 'Protocols') &&
- (isset($t['content']) && (str_contains($t['content'], 'zot6') || str_contains($t['content'], 'activitypub') || str_contains($t['content'], 'diaspora')))
+ isset($t['content'])
) {
$ret = array_map('trim', explode(',', $t['content']));
}
diff --git a/Zotlabs/Lib/Keyutils.php b/Zotlabs/Lib/Keyutils.php
index 616ecfcf6..33f910236 100644
--- a/Zotlabs/Lib/Keyutils.php
+++ b/Zotlabs/Lib/Keyutils.php
@@ -2,8 +2,8 @@
namespace Zotlabs\Lib;
-use phpseclib\Crypt\RSA;
-use phpseclib\Math\BigInteger;
+use phpseclib3\Crypt\PublicKeyLoader;
+use phpseclib3\Math\BigInteger;
/**
* Keyutils
@@ -16,41 +16,42 @@ class Keyutils {
* @param string $e exponent
* @return string
*/
- public static function meToPem($m, $e) {
-
- $rsa = new RSA();
- $rsa->loadKey([
+ public static function meToPem(string $m, string $e): string
+ {
+ $parsedKey = PublicKeyLoader::load([
'e' => new BigInteger($e, 256),
'n' => new BigInteger($m, 256)
]);
- return $rsa->getPublicKey();
-
+ if (method_exists($parsedKey, 'getPublicKey')) {
+ $parsedKey = $parsedKey->getPublicKey();
+ }
+ return $parsedKey->toString('PKCS8');
}
/**
* @param string key
* @return string
*/
- public static function rsaToPem($key) {
-
- $rsa = new RSA();
- $rsa->setPublicKey($key);
-
- return $rsa->getPublicKey(RSA::PUBLIC_FORMAT_PKCS8);
-
+ public static function rsaToPem(string $key): string
+ {
+ $parsedKey = PublicKeyLoader::load($key);
+ if (method_exists($parsedKey, 'getPublicKey')) {
+ $parsedKey = $parsedKey->getPublicKey();
+ }
+ return $parsedKey->toString('PKCS8');
}
/**
* @param string key
* @return string
*/
- public static function pemToRsa($key) {
-
- $rsa = new RSA();
- $rsa->setPublicKey($key);
-
- return $rsa->getPublicKey(RSA::PUBLIC_FORMAT_PKCS1);
-
+ public static function pemToRsa(string $key): string
+ {
+ $parsedKey = PublicKeyLoader::load($key);
+ if (method_exists($parsedKey, 'getPublicKey')) {
+ $parsedKey = $parsedKey->getPublicKey();
+ }
+ return $parsedKey->toString('PKCS1');
}
/**
@@ -58,23 +59,28 @@ class Keyutils {
* @param string $m reference modulo
* @param string $e reference exponent
*/
- public static function pemToMe($key, &$m, &$e) {
-
- $rsa = new RSA();
- $rsa->loadKey($key);
- $rsa->setPublicKey();
-
- $m = $rsa->modulus->toBytes();
- $e = $rsa->exponent->toBytes();
-
+ public static function pemToMe(string $key): array
+ {
+ $parsedKey = PublicKeyLoader::load($key);
+ if (method_exists($parsedKey, 'getPublicKey')) {
+ $parsedKey = $parsedKey->getPublicKey();
+ }
+ $raw = $parsedKey->toString('Raw');
+
+ $m = $raw['n'];
+ $e = $raw['e'];
+
+ return [$m->toBytes(), $e->toBytes()];
}
/**
* @param string $pubkey
* @return string
*/
- public static function salmonKey($pubkey) {
- self::pemToMe($pubkey, $m, $e);
+ public static function salmonKey(string $pubkey): string
+ {
+ [$m, $e] = self::pemToMe($pubkey);
+ /** @noinspection PhpRedundantOptionalArgumentInspection */
return 'RSA' . '.' . base64url_encode($m, true) . '.' . base64url_encode($e, true);
}
@@ -82,11 +88,13 @@ class Keyutils {
* @param string $key
* @return string
*/
- public static function convertSalmonKey($key) {
- if (strstr($key, ','))
+ public static function convertSalmonKey(string $key): string
+ {
+ if (str_contains($key, ',')) {
$rawkey = substr($key, strpos($key, ',') + 1);
- else
+ } else {
$rawkey = substr($key, 5);
+ }
$key_info = explode('.', $rawkey);
@@ -96,4 +104,4 @@ class Keyutils {
return self::meToPem($m, $e);
}
-} \ No newline at end of file
+}
diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php
index e35a611d0..a72e70b79 100644
--- a/Zotlabs/Module/Channel.php
+++ b/Zotlabs/Module/Channel.php
@@ -266,7 +266,7 @@ class Channel extends Controller {
'default_location' => (($is_owner) ? App::$profile['channel_location'] : ''),
'nickname' => App::$profile['channel_address'],
'lockstate' => (((strlen(App::$profile['channel_allow_cid'])) || (strlen(App::$profile['channel_allow_gid'])) || (strlen(App::$profile['channel_deny_cid'])) || (strlen(App::$profile['channel_deny_gid']))) ? 'lock' : 'unlock'),
- 'acl' => (($is_owner) ? populate_acl($channel_acl, true, PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : ''),
+ 'acl' => (($is_owner) ? populate_acl($channel_acl, true, PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'member/permissions') : ''),
'permissions' => $channel_acl,
'showacl' => (($is_owner) ? 'yes' : ''),
'bang' => '',
diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php
index 094466665..15aff9a84 100644
--- a/Zotlabs/Module/Display.php
+++ b/Zotlabs/Module/Display.php
@@ -81,7 +81,7 @@ class Display extends Controller {
'default_location' => $channel['channel_location'],
'nickname' => $channel['channel_address'],
'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
- 'acl' => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
+ 'acl' => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'member/permissions'),
'permissions' => $channel_acl,
'bang' => '',
'visitor' => true,
diff --git a/Zotlabs/Module/Hq.php b/Zotlabs/Module/Hq.php
index 241a5101a..31faf9dfc 100644
--- a/Zotlabs/Module/Hq.php
+++ b/Zotlabs/Module/Hq.php
@@ -88,7 +88,7 @@ class Hq extends \Zotlabs\Web\Controller {
'default_location' => $channel['channel_location'],
'nickname' => $channel['channel_address'],
'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
- 'acl' => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
+ 'acl' => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'member/permissions'),
'permissions' => $channel_acl,
'bang' => '',
'visitor' => true,
diff --git a/Zotlabs/Module/Network.php b/Zotlabs/Module/Network.php
index f95d92fe2..18f52591d 100644
--- a/Zotlabs/Module/Network.php
+++ b/Zotlabs/Module/Network.php
@@ -203,7 +203,7 @@ class Network extends \Zotlabs\Web\Controller {
'default_location' => $channel['channel_location'],
'nickname' => $channel['channel_address'],
'lockstate' => (($private_editing || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
- 'acl' => populate_acl((($private_editing) ? $def_acl : $channel_acl), true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
+ 'acl' => populate_acl((($private_editing) ? $def_acl : $channel_acl), true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'member/permissions'),
'permissions' => (($private_editing) ? $def_acl : $channel_acl),
'bang' => (($private_editing) ? $bang : ''),
'visitor' => true,
diff --git a/Zotlabs/Module/Pubstream.php b/Zotlabs/Module/Pubstream.php
index 99b8ab587..879d98216 100644
--- a/Zotlabs/Module/Pubstream.php
+++ b/Zotlabs/Module/Pubstream.php
@@ -84,7 +84,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
'default_location' => $channel['channel_location'],
'nickname' => $channel['channel_address'],
'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
- 'acl' => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
+ 'acl' => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'member/permissions'),
'permissions' => $channel_acl,
'bang' => '',
'visitor' => true,
diff --git a/Zotlabs/Module/Rpost.php b/Zotlabs/Module/Rpost.php
index 45f19d7e7..09513a44e 100644
--- a/Zotlabs/Module/Rpost.php
+++ b/Zotlabs/Module/Rpost.php
@@ -94,7 +94,7 @@ class Rpost extends \Zotlabs\Web\Controller {
'default_location' => $channel['channel_location'],
'nickname' => $channel['channel_address'],
'lockstate' => (($acl->is_private()) ? 'lock' : 'unlock'),
- 'acl' => populate_acl($channel_acl, true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
+ 'acl' => populate_acl($channel_acl, true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'member/permissions'),
'permissions' => $channel_acl,
'bang' => '',
'visitor' => true,
diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php
index f6228da5c..e53bcb3e9 100644
--- a/Zotlabs/Web/HTTPSig.php
+++ b/Zotlabs/Web/HTTPSig.php
@@ -13,6 +13,8 @@ use Zotlabs\Lib\Webfinger;
use Zotlabs\Lib\Zotfinger;
use Zotlabs\Lib\Libzot;
use HttpSignature\HttpMessageSigner;
+use HttpSignature\UnProcessableSignatureException;
+
/**
* @brief Implements HTTP Signatures per draft-cavage-http-signatures-10.
@@ -135,7 +137,17 @@ class HTTPSig {
$messageSigner->setCreated(preg_match('/created=([0-9]+)/', $headers['signature-input'], $matches) ? $matches[1] : '');
$messageSigner->setExpires(preg_match('/expires=([0-9]+)/', $headers['signature-input'], $matches) ? $matches[1] : '');
- $verified = $messageSigner->verifyRequest(App::$request);
+ try {
+ $verified = $messageSigner->verifyRequest(App::$request);
+ if (!$verified) {
+ btlogger('RFC9421: Unable to verify request: ' . print_r($headers, true), LOGGER_DATA);
+ }
+ }
+ catch (\Exception $exception) {
+ btlogger($exception->getMessage(), LOGGER_DATA);
+ $verified = false;
+ }
+
logger('verified (RFC9421): ' . (($verified) ? 'true' : 'false'), LOGGER_DEBUG);
return [
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-15 18:50:33 +0000