Diogo Cordeiro
20a6f1d4f4
[CORE] Plugin API now extends a new Module API
2021-07-16 19:44:33 +01:00
Mikael Nordfeldth
ad7ebd1a8c
Even more phpseclib update related stuff.
2016-06-25 20:34:28 +02:00
Mikael Nordfeldth
3a8ce99a9d
Magicsig call for phpseclib\Math\BigInteger fixed
2016-06-17 23:47:00 +02:00
Mikael Nordfeldth
1839082f95
OStatus Magicsig adaptations to new phpseclib
...
Some constants have changed and the way to call RSA->sign(...) too.
2016-06-17 23:43:24 +02:00
Mikael Nordfeldth
a1d064129a
Handle namespaces for new phpseclib
2016-06-17 23:21:34 +02:00
Mikael Nordfeldth
f4ed171397
Make Magicsig capable of loading public PKCS1 keys
2015-10-04 17:22:19 +02:00
Mikael Nordfeldth
57943cad99
Magicsig gets toFingerprint output
...
We give this as a lowercase, sha256 hexadecimal digest of the string:
TYPE + "." + BASE64(modulus as bytes) + "." + BASE64(exponent as bytes)
Where TYPE in all our cases up until now at least are "RSA"
2015-06-06 14:35:48 +02:00
Mikael Nordfeldth
c5f79fd2f3
Magicsig gets toFingerprint function.
2015-06-06 14:33:43 +02:00
Mikael Nordfeldth
e212f2ae77
Moved Diaspora specific metadata to own plugin
2015-06-06 13:49:27 +02:00
Mikael Nordfeldth
cce808b27c
const'ifying bits and sigalg
...
Also we should move away from 1024 bit keys as soon as we can.
2015-01-24 12:18:55 +01:00
Mikael Nordfeldth
29ac42addd
Diaspora public key published in WebFinger
2014-11-06 21:05:31 +01:00
Mikael Nordfeldth
d350a20e1f
Less verbose debugging (also don't log private keys)
...
Magicsig private keys were logged. That's probably not a good thing.
MagicEnvelope full XML entries no longer spam the log either.
2014-06-03 12:53:04 +02:00
Mikael Nordfeldth
aaef11077d
Default of Magicsig keypair toString should be secure
...
Prevent crappy coders from leaking private keys.
2014-06-03 12:51:52 +02:00
Mikael Nordfeldth
0bc122ff58
Magicsig::generate is now static
...
This also fixes a problem with "initial salmon slap", which was a
problem for newly registered accounts which would have their first
salmon slap fail to distribute since there was a problem with Magicsig
keys. Apparently we have to re-read them with importKeys so the
Crypt_RSA objects publicKey and privateKey match later instances of them.
I think it may have been that generate() doesn't specify a signatureMode,
but I leave experimentation of that to the future.
2014-06-02 21:50:40 +02:00
Mikael Nordfeldth
537dff7987
Salmon posts can only be made for local users. More typing!
...
Since we of course don't have the remote party's private keys anyway.
I made some small fixes in Magicsig class too, removing unnecessary code.
2014-06-02 19:46:42 +02:00
Mikael Nordfeldth
56194b3cd9
Magicsig importKeys finetuning and getHash() use
2014-06-02 16:11:15 +02:00
Mikael Nordfeldth
00b2bddc7c
Clarify it's not base64, but base64url, encoding in Magicsig
2014-06-02 14:51:15 +02:00
Mikael Nordfeldth
c1dc13bef0
Magicsig warning message would fail to get bits
2014-06-02 13:35:29 +02:00
Mikael Nordfeldth
75711ae06a
Magicsig is made a bit less cumbersome
2014-05-31 13:41:49 +02:00
Mikael Nordfeldth
41773d3f67
MagicEnvelope object orientation (no passing arrays)
...
MagicEnvelope now uses object properties instead of passing arrays
around everywhere.
2014-05-27 12:01:12 +02:00
Mikael Nordfeldth
2ea5f00666
Success debugging was too much noise
2014-05-05 18:59:44 +02:00
Mikael Nordfeldth
960baae1d1
More debugging in Magicsig class verify method
2014-05-05 17:48:21 +02:00
Mikael Nordfeldth
8b04bcb310
Prepare for >1024 RSA keys for Salmon signatures
2014-03-02 11:47:38 +01:00
Mikael Nordfeldth
6f4c572389
Unnecessary UTF-8 declaration for database
2013-08-20 09:43:23 +02:00
Mikael Nordfeldth
7e4718a4eb
IMPORTANT - fixed Magicsig to properly overload getKV (prev. staticGet)
...
In commit e95f77d34c
Magicsig lost the 'staticGet' function (later renamed to getKV in 2a4dc77a63
), which was important to properly initialize the Magicsig object (fromString)
2013-08-18 19:07:18 +02:00
Mikael Nordfeldth
1710a619a8
Magicsig class now Managed_DataObject with nicer schemaDef
2013-08-18 15:31:18 +02:00
Mikael Nordfeldth
e95f77d34c
Updating all Memcached_DataObject extended classes to Managed_DataObject
...
In some brief tests, this causes no problems.
In this state however, you would need to modify DB_DataObject to have a static declaration of staticget (and probably pkeyGet). The next commit will change the staticGet overload to a unique function name (like getKV for getKeyValue), which means we can properly call the function by PHP Strict Standards.
2013-08-18 12:32:32 +02:00
Brion Vibber
51d1535f15
Added doc comments on Salmon magicsig-related stuff to help in figuring out what's going on
2011-01-05 14:05:59 -08:00
Brion Vibber
69b13cb279
Normalize execution guards on OStatus php files; mostly helps cut down on annoying 'class not found' errors when something spiders the dirs. :P
2010-10-08 10:42:59 -07:00
Siebrand Mazeland
5a6f616206
* i18n/L10n update
...
* translator comments added
* remove superfluous whitespace
2010-09-19 15:17:36 +02:00
Siebrand Mazeland
1bfbe9badf
* i18n/L10n updates and FIXMEs added
...
* whitespace fixes
2010-09-03 01:35:04 +02:00
James Walker
3227122ac3
move base64_url_(encode|decode) to static functions in Magicsig
2010-03-26 10:43:41 -07:00
James Walker
9e0b9857f4
Make sure we're requiring the library
2010-03-24 15:26:03 -04:00
James Walker
cfca789b34
Updated Math_Biginteger from upstream - removing safe* workarounds
2010-03-24 15:18:41 -04:00
James Walker
c4273f0ef3
Check for 0.9.0 bad keys from old Crypt_RSA library
2010-03-24 15:15:20 -04:00
Brion Vibber
27bfd1211d
Math_BigInteger doesn't correctly handle serialization/deserialization for a value of 0, which can end up spewing notices to output and otherwise intefering with Salmon signature setup and verification when using memcached.
...
Worked around this with a subclass that fixes the wakeup, used for the stored 0 value in the subclassed Crypt_RSA.
2010-03-22 12:17:45 -07:00
James Walker
99ca84e68e
changing keypair to text to hold a full 1024bit keypair
2010-03-13 15:46:54 -05:00
James Walker
135c0c8a7f
cleaning up key generation
2010-03-12 21:44:18 -05:00
James Walker
4e44cf906b
converting key generation to new crypt library
2010-03-12 20:02:00 -05:00
James Walker
c5bb41176e
converted toString to new crypt library
2010-03-12 19:42:48 -05:00
James Walker
23d44c7d59
converted sign, verify and fromString to new crypt lib
2010-03-12 19:34:45 -05:00
Brion Vibber
9e9ab23e1f
Fixes for updating indices, charset/collation and engine type on plugin-created tables.
...
Under MySQL, new tables will be created as InnoDB with UTF-8 (utf8/utf8_bin) same as core tables.
Existing plugin tables will have table engine and default charset/collation updated, and string columns will have charset updated, at checkschema time.
Switched from 'DESCRIBE' to INFORMATION_SCHEMA for pulling column information in order to get charset. A second hit to INFORMATION_SCHEMA is also needed to get table properties.
Indices were only being created at table creation time, which ain't so hot. Now also adding/dropping indices when they change.
Fixed up some schema defs in OStatus plugin that were a bit flaky, causing extra alter tables to be run.
TODO: Generalize this infrastructure a bit more up to base schema & pg schema classes.
2010-03-12 13:16:32 -08:00
Brion Vibber
45e8819c1b
Fix a bunch of notice & warning-level messages that were breaking my inter-instance communications
2010-03-01 16:35:36 -08:00
James Walker
831eb0d2b6
renaming sha256 to prevent conflict
2010-02-26 18:27:13 -05:00
James Walker
ee7603b09f
better return check in Magicsig::staticGet()
2010-02-26 17:53:27 -05:00
James Walker
6ee7660a58
should be sequenceKey (singular)
2010-02-26 16:51:50 -05:00
James Walker
0ecf435dc5
adding sequenceKeys() to magicsig
2010-02-26 16:50:00 -05:00
James Walker
223ebc765c
move signing to take a local actor profile and use local keys
2010-02-26 14:22:49 -05:00
James Walker
0afb09ad64
er. right.
2010-02-25 23:37:59 -05:00
James Walker
1fe031844c
er typo
2010-02-22 23:44:33 -05:00