Friendica/friendica-github
1
0
Fork 0
mirror of https://github.com/friendica/friendica synced 2025-04-28 17:44:22 +02:00
Code Issues Projects Releases Packages Wiki Activity

[Composer] Upgrade to phpseclib version 3

Browse source 
- Create custom Key file format for Salmon Magic key
- Remove obsolete pemToME and MEtoPem Crypto methods
- Remove unused newECKeypair Crypto method
- Switch to constant-time Base64 encode/decode in Base64Url Strings methods
This commit is contained in:
Hypolite Petovan 2022-11-23 13:45:58 -05:00
parent a3fb499735
commit 55640eec87
13 changed files with 241 additions and 173 deletions
Download patch file Download diff file Expand all files Collapse all files

77
src/Protocol/Salmon/Format/Magic.php Normal file
View file

@ -0,0 +1,77 @@
<?php
/**
* @copyright Copyright (C) 2010-2022, the Friendica project
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
*/
namespace Friendica\Protocol\Salmon\Format;
use Friendica\Util\Strings;
use phpseclib3\Math\BigInteger;
/**
* This custom public RSA key format class is meant to be used with the \phpseclib3\Crypto\RSA::addFileFormat method.
*
* It handles Salmon's specific magic key string starting with "RSA." and which MIME type is application/magic-key or
* application/magic-public-key
*
* @see https://web.archive.org/web/20160506073138/http://salmon-protocol.googlecode.com:80/svn/trunk/draft-panzer-magicsig-01.html#anchor13
*/
class Magic
{
public static function load($key, $password = ''): array
{
if (!is_string($key)) {
throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key));
}
$key_info = explode('.', $key);
if (count($key_info) !== 3) {
throw new \UnexpectedValueException('Key should have three components separated by periods');
}
if ($key_info[0] !== 'RSA') {
throw new \UnexpectedValueException('Key first component should be "RSA"');
}
if (preg_match('#[+/]#', $key_info[1])
|| preg_match('#[+/]#', $key_info[1])
) {
throw new \UnexpectedValueException('Wrong encoding, expecting Base64URLencoding');
}
$m = Strings::base64UrlDecode($key_info[1]);
$e = Strings::base64UrlDecode($key_info[2]);
if (!$m || !$e) {
throw new \UnexpectedValueException('Base64 decoding produced an error');
}
return [
'modulus' => new BigInteger($m, 256),
'publicExponent' => new BigInteger($e, 256),
'isPublicKey' => true,
];
}
public static function savePublicKey(BigInteger $n, BigInteger $e, array $options = []): string
{
return 'RSA.' . Strings::base64UrlEncode($n->toBytes(), true) . '.' . Strings::base64UrlEncode($e->toBytes(), true);
}
}