Salmon signature checks on incoming slaps now check both old and new signature formats.

This commit is contained in:
Brion Vibber 2011-01-06 00:01:42 +00:00
parent 437ac120b0
commit 1d15145993

View File

@ -52,8 +52,7 @@ class Salmon
return false; return false;
} }
$classes = array('MagicEnvelope', 'MagicEnvelopeCompat'); foreach ($this->formatClasses() as $class) {
foreach ($classes as $class) {
try { try {
$envelope = $this->createMagicEnv($xml, $actor, $class); $envelope = $this->createMagicEnv($xml, $actor, $class);
} catch (Exception $e) { } catch (Exception $e) {
@ -83,6 +82,15 @@ class Salmon
return false; return false;
} }
/**
* List the magic envelope signature class variants in the order we try them.
* Multiples are needed for backwards-compat with StatusNet prior to 0.9.7,
* which used a draft version of the magic envelope spec.
*/
protected function formatClasses() {
return array('MagicEnvelope', 'MagicEnvelopeCompat');
}
/** /**
* Encode the given string as a signed MagicEnvelope XML document, * Encode the given string as a signed MagicEnvelope XML document,
* using the keypair for the given local user profile. * using the keypair for the given local user profile.
@ -129,6 +137,7 @@ class Salmon
/** /**
* Check if the given magic envelope is well-formed and correctly signed. * Check if the given magic envelope is well-formed and correctly signed.
* Needs to have network access to fetch public keys over the web. * Needs to have network access to fetch public keys over the web.
* Both current and back-compat signature formats will be checked.
* *
* Side effects: exceptions and caching updates may occur during network * Side effects: exceptions and caching updates may occur during network
* fetches. * fetches.
@ -141,10 +150,16 @@ class Salmon
*/ */
public function verifyMagicEnv($text) public function verifyMagicEnv($text)
{ {
$magic_env = new MagicEnvelope(); foreach ($this->formatClasses() as $class) {
$magic_env = new $class();
$env = $magic_env->parse($text); $env = $magic_env->parse($text);
return $magic_env->verify($env); if ($magic_env->verify($env)) {
return true;
}
}
return false;
} }
} }