GNUsocial/gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity

Check for 0.9.0 bad keys from old Crypt_RSA library

Browse Source
This commit is contained in:
James Walker 2010-03-24 15:15:20 -04:00
parent 10410907a0
commit c4273f0ef3
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
plugins/OStatus/classes/Magicsig.php
View File

@ -50,7 +50,15 @@ class Magicsig extends Memcached_DataObject
{ {
$obj = parent::staticGet(__CLASS__, $k, $v); $obj = parent::staticGet(__CLASS__, $k, $v);
if (!empty($obj)) { if (!empty($obj)) {
return Magicsig::fromString($obj->keypair); $obj = Magicsig::fromString($obj->keypair);
// Double check keys: Crypt_RSA did not
// consistently generate good keypairs.
// We've also moved to 1024 bit keys.
if (strlen($obj->publicKey->modulus->toBits()) != 1024) {
$obj->delete();
return false;
}
} }
return $obj; return $obj;