GNUsocial/gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity

Prepare for >1024 RSA keys for Salmon signatures

Browse Source
This commit is contained in:
Mikael Nordfeldth 2014-03-02 11:47:38 +01:00
parent 5144c0cb78
commit 8b04bcb310
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
plugins/OStatus/classes/Magicsig.php
View File

@ -91,13 +91,15 @@ class Magicsig extends Managed_DataObject
static function getKV($k, $v=null) static function getKV($k, $v=null)
{ {
$obj = parent::getKV($k, $v); $obj = parent::getKV($k, $v);
if (!empty($obj)) { if ($obj instanceof Magicsig) {
// Please note we're replacing the $obj
// FIXME: There should be an import-key that modifies the fetched $obj
$obj = Magicsig::fromString($obj->keypair); $obj = Magicsig::fromString($obj->keypair);
// Double check keys: Crypt_RSA did not // Never allow less than 1024 bit keys.
// consistently generate good keypairs. // The only case these show up in would be imported or
// We've also moved to 1024 bit keys. // legacy very-old-StatusNet generated keypairs.
if (strlen($obj->publicKey->modulus->toBits()) != 1024) { if (strlen($obj->publicKey->modulus->toBits()) < 1024) {
$obj->delete(); $obj->delete();
return false; return false;
} }
@ -144,11 +146,11 @@ class Magicsig extends Managed_DataObject
* *
* @param int $user_id id of local user we're creating a key for * @param int $user_id id of local user we're creating a key for
*/ */
public function generate($user_id) public function generate($user_id, $bits=1024)
{ {
$rsa = new Crypt_RSA(); $rsa = new Crypt_RSA();
$keypair = $rsa->createKey(); $keypair = $rsa->createKey($bits);
$rsa->loadKey($keypair['privatekey']); $rsa->loadKey($keypair['privatekey']);