eliseuamaro
/
gnu-social
forked from GNUsocial/gnu-social
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
18,545 Commits 8 Branches 0 Tags 309 MiB
Commit Graph

54 Commits

Author SHA1 Message Date
Diogo Cordeiro 0c2c3ec862 [CORE] Plugin API now extends a new Module API 2019-08-24 01:59:33 +01:00
Mikael Nordfeldth ad7ebd1a8c Even more phpseclib update related stuff. 2016-06-25 20:34:28 +02:00
Mikael Nordfeldth 3a8ce99a9d Magicsig call for phpseclib\Math\BigInteger fixed 2016-06-17 23:47:00 +02:00
Mikael Nordfeldth 1839082f95 OStatus Magicsig adaptations to new phpseclib 
Some constants have changed and the way to call RSA->sign(...) too.
 2016-06-17 23:43:24 +02:00
Mikael Nordfeldth a1d064129a Handle namespaces for new phpseclib 2016-06-17 23:21:34 +02:00
Mikael Nordfeldth f4ed171397 Make Magicsig capable of loading public PKCS1 keys 2015-10-04 17:22:19 +02:00
Mikael Nordfeldth 57943cad99 Magicsig gets toFingerprint output 
We give this as a lowercase, sha256 hexadecimal digest of the string:
TYPE + "." + BASE64(modulus as bytes) + "." + BASE64(exponent as bytes)

Where TYPE in all our cases up until now at least are "RSA"
 2015-06-06 14:35:48 +02:00
Mikael Nordfeldth c5f79fd2f3 Magicsig gets toFingerprint function. 2015-06-06 14:33:43 +02:00
Mikael Nordfeldth e212f2ae77 Moved Diaspora specific metadata to own plugin 2015-06-06 13:49:27 +02:00
Mikael Nordfeldth cce808b27c const'ifying bits and sigalg 
Also we should move away from 1024 bit keys as soon as we can.
 2015-01-24 12:18:55 +01:00
Mikael Nordfeldth 29ac42addd Diaspora public key published in WebFinger 2014-11-06 21:05:31 +01:00
Mikael Nordfeldth d350a20e1f Less verbose debugging (also don't log private keys) 
Magicsig private keys were logged. That's probably not a good thing.
MagicEnvelope full XML entries no longer spam the log either.
 2014-06-03 12:53:04 +02:00
Mikael Nordfeldth aaef11077d Default of Magicsig keypair toString should be secure 
Prevent crappy coders from leaking private keys.
 2014-06-03 12:51:52 +02:00
Mikael Nordfeldth 0bc122ff58 Magicsig::generate is now static 
This also fixes a problem with "initial salmon slap", which was a
problem for newly registered accounts which would have their first
salmon slap fail to distribute since there was a problem with Magicsig
keys. Apparently we have to re-read them with importKeys so the
Crypt_RSA objects publicKey and privateKey match later instances of them.

I think it may have been that generate() doesn't specify a signatureMode,
but I leave experimentation of that to the future.
 2014-06-02 21:50:40 +02:00
Mikael Nordfeldth 537dff7987 Salmon posts can only be made for local users. More typing! 
Since we of course don't have the remote party's private keys anyway.

I made some small fixes in Magicsig class too, removing unnecessary code.
 2014-06-02 19:46:42 +02:00
Mikael Nordfeldth 56194b3cd9 Magicsig importKeys finetuning and getHash() use 2014-06-02 16:11:15 +02:00
Mikael Nordfeldth 00b2bddc7c Clarify it's not base64, but base64url, encoding in Magicsig 2014-06-02 14:51:15 +02:00
Mikael Nordfeldth c1dc13bef0 Magicsig warning message would fail to get bits 2014-06-02 13:35:29 +02:00
Mikael Nordfeldth 75711ae06a Magicsig is made a bit less cumbersome 2014-05-31 13:41:49 +02:00
Mikael Nordfeldth 41773d3f67 MagicEnvelope object orientation (no passing arrays) 
MagicEnvelope now uses object properties instead of passing arrays
around everywhere.
 2014-05-27 12:01:12 +02:00
Mikael Nordfeldth 2ea5f00666 Success debugging was too much noise 2014-05-05 18:59:44 +02:00
Mikael Nordfeldth 960baae1d1 More debugging in Magicsig class verify method 2014-05-05 17:48:21 +02:00
Mikael Nordfeldth 8b04bcb310 Prepare for >1024 RSA keys for Salmon signatures 2014-03-02 11:47:38 +01:00
Mikael Nordfeldth 6f4c572389 Unnecessary UTF-8 declaration for database 2013-08-20 09:43:23 +02:00
Mikael Nordfeldth 7e4718a4eb IMPORTANT - fixed Magicsig to properly overload getKV (prev. staticGet) 
In commit e95f77d34c Magicsig lost the 'staticGet' function (later renamed to getKV in 2a4dc77a63 ), which was important to properly initialize the Magicsig object (fromString)
 2013-08-18 19:07:18 +02:00
Mikael Nordfeldth 1710a619a8 Magicsig class now Managed_DataObject with nicer schemaDef 2013-08-18 15:31:18 +02:00
Mikael Nordfeldth e95f77d34c Updating all Memcached_DataObject extended classes to Managed_DataObject 
In some brief tests, this causes no problems.

In this state however, you would need to modify DB_DataObject to have a static declaration of staticget (and probably pkeyGet). The next commit will change the staticGet overload to a unique function name (like getKV for getKeyValue), which means we can properly call the function by PHP Strict Standards.
 2013-08-18 12:32:32 +02:00
Brion Vibber 51d1535f15 Added doc comments on Salmon magicsig-related stuff to help in figuring out what's going on 2011-01-05 14:05:59 -08:00
Brion Vibber 69b13cb279 Normalize execution guards on OStatus php files; mostly helps cut down on annoying 'class not found' errors when something spiders the dirs. :P 2010-10-08 10:42:59 -07:00
Siebrand Mazeland 5a6f616206 * i18n/L10n update 
* translator comments added
* remove superfluous whitespace
 2010-09-19 15:17:36 +02:00
Siebrand Mazeland 1bfbe9badf * i18n/L10n updates and FIXMEs added 
* whitespace fixes
 2010-09-03 01:35:04 +02:00
James Walker 3227122ac3 move base64_url_(encode|decode) to static functions in Magicsig 2010-03-26 10:43:41 -07:00
James Walker 9e0b9857f4 Make sure we're requiring the library 2010-03-24 15:26:03 -04:00
James Walker cfca789b34 Updated Math_Biginteger from upstream - removing safe* workarounds 2010-03-24 15:18:41 -04:00
James Walker c4273f0ef3 Check for 0.9.0 bad keys from old Crypt_RSA library 2010-03-24 15:15:20 -04:00
Brion Vibber 27bfd1211d Math_BigInteger doesn't correctly handle serialization/deserialization for a value of 0, which can end up spewing notices to output and otherwise intefering with Salmon signature setup and verification when using memcached. 
Worked around this with a subclass that fixes the wakeup, used for the stored 0 value in the subclassed Crypt_RSA.
 2010-03-22 12:17:45 -07:00
James Walker 99ca84e68e changing keypair to text to hold a full 1024bit keypair 2010-03-13 15:46:54 -05:00
James Walker 135c0c8a7f cleaning up key generation 2010-03-12 21:44:18 -05:00
James Walker 4e44cf906b converting key generation to new crypt library 2010-03-12 20:02:00 -05:00
James Walker c5bb41176e converted toString to new crypt library 2010-03-12 19:42:48 -05:00
James Walker 23d44c7d59 converted sign, verify and fromString to new crypt lib 2010-03-12 19:34:45 -05:00
Brion Vibber 9e9ab23e1f Fixes for updating indices, charset/collation and engine type on plugin-created tables. 
Under MySQL, new tables will be created as InnoDB with UTF-8 (utf8/utf8_bin) same as core tables.
Existing plugin tables will have table engine and default charset/collation updated, and string columns will have charset updated, at checkschema time.

Switched from 'DESCRIBE' to INFORMATION_SCHEMA for pulling column information in order to get charset. A second hit to INFORMATION_SCHEMA is also needed to get table properties.

Indices were only being created at table creation time, which ain't so hot. Now also adding/dropping indices when they change.

Fixed up some schema defs in OStatus plugin that were a bit flaky, causing extra alter tables to be run.

TODO: Generalize this infrastructure a bit more up to base schema & pg schema classes.
 2010-03-12 13:16:32 -08:00
Brion Vibber 45e8819c1b Fix a bunch of notice & warning-level messages that were breaking my inter-instance communications 2010-03-01 16:35:36 -08:00
James Walker 831eb0d2b6 renaming sha256 to prevent conflict 2010-02-26 18:27:13 -05:00
James Walker ee7603b09f better return check in Magicsig::staticGet() 2010-02-26 17:53:27 -05:00
James Walker 6ee7660a58 should be sequenceKey (singular) 2010-02-26 16:51:50 -05:00
James Walker 0ecf435dc5 adding sequenceKeys() to magicsig 2010-02-26 16:50:00 -05:00
James Walker 223ebc765c move signing to take a local actor profile and use local keys 2010-02-26 14:22:49 -05:00
James Walker 0afb09ad64 er. right. 2010-02-25 23:37:59 -05:00
James Walker 1fe031844c er typo 2010-02-22 23:44:33 -05:00