From 2de1285121b5f0260699a93249bab11dc74edec5 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 16 Jan 2018 18:15:58 -0800 Subject: z6 deliver --- Zotlabs/Web/HTTPSig.php | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'Zotlabs') diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index 63033ce5e..ef03dac94 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -137,6 +137,21 @@ class HTTPSig { } } + + if(in_array('x-zot-digest',$signed_headers)) { + $result['content_signed'] = true; + $digest = explode('=', $headers['x-zot-digest']); + if($digest[0] === 'SHA-256') + $hashalg = 'sha256'; + if($digest[0] === 'SHA-512') + $hashalg = 'sha512'; + + // The explode operation will have stripped the '=' padding, so compare against unpadded base64 + if(rtrim(base64_encode(hash($hashalg,$_POST['data'],true)),'=') === $digest[1]) { + $result['content_valid'] = true; + } + } + logger('Content_Valid: ' . $result['content_valid']); return $result; -- cgit v1.2.3 From 05de59d4ad174cb106c3a5b5890732af51730384 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 16 Jan 2018 20:08:10 -0800 Subject: initial z6 delivery --- Zotlabs/Daemon/Queue.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Daemon/Queue.php b/Zotlabs/Daemon/Queue.php index 17d150250..1bab582bc 100644 --- a/Zotlabs/Daemon/Queue.php +++ b/Zotlabs/Daemon/Queue.php @@ -13,8 +13,8 @@ class Queue { require_once('include/bbcode.php'); - if(argc() > 1) - $queue_id = argv(1); + if($argc > 1) + $queue_id = $argv[1]; else $queue_id = 0; -- cgit v1.2.3 From 3a0db39fa05668831e7661ac6edaabfd09d864e2 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 7 Feb 2018 18:38:10 -0800 Subject: more zot6 delivery work --- Zotlabs/Daemon/Notifier.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Daemon/Notifier.php b/Zotlabs/Daemon/Notifier.php index b168db5ae..957b859af 100644 --- a/Zotlabs/Daemon/Notifier.php +++ b/Zotlabs/Daemon/Notifier.php @@ -618,8 +618,8 @@ class Notifier { $packet = zot_build_packet($channel,$packet_type,(($packet_recips) ? $packet_recips : null)); } if($packet_type === 'keychange') { - $packet = zot_build_packet($channel,$packet_type,(($packet_recips) ? $packet_recips : null)); $pmsg = get_pconfig($channel['channel_id'],'system','keychange'); + $packet = zot_build_packet($channel,$packet_type,(($packet_recips) ? $packet_recips : null)); } elseif($packet_type === 'request') { $env = (($hub_env && $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']]) ? $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']] : ''); @@ -640,7 +640,7 @@ class Notifier { } else { $env = (($hub_env && $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']]) ? $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']] : ''); - $packet = zot_build_packet($channel,'notify',$env,(($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'],$hash); + $packet = zot6_build_packet($channel,'notify',$env, json_encode($encoded_item), (($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'],$hash); queue_insert( [ 'hash' => $hash, -- cgit v1.2.3 From 4c27fa5c37fbe4fc6debaadeaf3b4b134bc9068b Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 7 Feb 2018 22:04:53 -0800 Subject: debug the crypto function --- Zotlabs/Web/HTTPSig.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'Zotlabs') diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index ef03dac94..8c94a4ff0 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -210,6 +210,9 @@ class HTTPSig { if($crypt_key) { $x = crypto_encapsulate($headerval,$crypt_key,$crypt_alg); + +logger(cryptosig: ' . print_r($x,true)); + $headerval = 'iv="' . $x['iv'] . '",key="' . $x['key'] . '",alg="' . $x['alg'] . '",data="' . $x['data']; } -- cgit v1.2.3 From 635c5e532bd945fe50dc3fae73e4da005158e3de Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 8 Feb 2018 15:32:54 -0800 Subject: z6 testing --- Zotlabs/Web/HTTPSig.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index 8c94a4ff0..dba5c4687 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -209,7 +209,7 @@ class HTTPSig { . '",headers="' . $x['headers'] . '",signature="' . $x['signature'] . '"'; if($crypt_key) { - $x = crypto_encapsulate($headerval,$crypt_key,$crypt_alg); + $x = crypto_encapsulate($headerval,$crypt_key,$crypt_algo); logger(cryptosig: ' . print_r($x,true)); -- cgit v1.2.3 From e4503f743e0a51ebb91401746bcfa800dd890dc9 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 8 Feb 2018 15:36:22 -0800 Subject: logging --- Zotlabs/Web/HTTPSig.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index dba5c4687..a6b8d67a4 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -194,6 +194,8 @@ class HTTPSig { static function create_sig($request,$head,$prvkey,$keyid = 'Key',$send_headers = false,$auth = false,$alg = 'sha256', $crypt_key = null, $crypt_algo = 'aes256ctr') { +logger('cryptkey' . $crypt_key); + $return_headers = []; if($alg === 'sha256') { @@ -211,7 +213,7 @@ class HTTPSig { if($crypt_key) { $x = crypto_encapsulate($headerval,$crypt_key,$crypt_algo); -logger(cryptosig: ' . print_r($x,true)); +logger('cryptosig: ' . print_r($x,true)); $headerval = 'iv="' . $x['iv'] . '",key="' . $x['key'] . '",alg="' . $x['alg'] . '",data="' . $x['data']; } -- cgit v1.2.3 From beec49847f54d89f15b205482cbf375782553527 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 8 Feb 2018 15:45:33 -0800 Subject: missing quote --- Zotlabs/Web/HTTPSig.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index a6b8d67a4..0b264ca7a 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -215,7 +215,7 @@ logger('cryptkey' . $crypt_key); logger('cryptosig: ' . print_r($x,true)); - $headerval = 'iv="' . $x['iv'] . '",key="' . $x['key'] . '",alg="' . $x['alg'] . '",data="' . $x['data']; + $headerval = 'iv="' . $x['iv'] . '",key="' . $x['key'] . '",alg="' . $x['alg'] . '",data="' . $x['data'] . '"'; } if($auth) { -- cgit v1.2.3 From cd1e5d417167836ee5ac64d042815b377c22b694 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 8 Feb 2018 16:22:10 -0800 Subject: zot6 testing --- Zotlabs/Web/HTTPSig.php | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index 0b264ca7a..a27edb73d 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -152,7 +152,7 @@ class HTTPSig { } } - logger('Content_Valid: ' . $result['content_valid']); + logger('Content_Valid: ' . (($result['content_valid']) ? 'true' : 'false')); return $result; @@ -194,8 +194,6 @@ class HTTPSig { static function create_sig($request,$head,$prvkey,$keyid = 'Key',$send_headers = false,$auth = false,$alg = 'sha256', $crypt_key = null, $crypt_algo = 'aes256ctr') { -logger('cryptkey' . $crypt_key); - $return_headers = []; if($alg === 'sha256') { @@ -212,9 +210,6 @@ logger('cryptkey' . $crypt_key); if($crypt_key) { $x = crypto_encapsulate($headerval,$crypt_key,$crypt_algo); - -logger('cryptosig: ' . print_r($x,true)); - $headerval = 'iv="' . $x['iv'] . '",key="' . $x['key'] . '",alg="' . $x['alg'] . '",data="' . $x['data'] . '"'; } -- cgit v1.2.3