Merge branch 'develop' into show_image_upload_limit

# Conflicts: # src/Util/Strings.php # view/lang/C/messages.po
2025-04-30 07:04:23 +02:00 · 2022-11-27 23:52:58 +01:00 · 2022-11-27 23:52:58 +01:00 · a01872a117
commit a01872a117
parent 719c294fb5 a60467ed78
72 changed files with 1605 additions and 1038 deletions
--- a/src/Util/Crypto.php
+++ b/src/Util/Crypto.php
@ -21,14 +21,11 @@

 namespace Friendica\Util;

-use Exception;
 use Friendica\Core\Hook;
 use Friendica\Core\Logger;
 use Friendica\Core\System;
 use Friendica\DI;
-use ParagonIE\ConstantTime\Base64UrlSafe;
-use phpseclib\Crypt\RSA;
-use phpseclib\Math\BigInteger;
+use phpseclib3\Crypt\PublicKeyLoader;

 /**
 * Crypto class
@ -66,22 +63,6 @@ class Crypto
 		return openssl_verify($data, $sig, $key, (($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : $alg));
 	}

-	/**
-	/**
-	 * @param string $m modulo
-	 * @param string $e exponent
-	 * @return string
-	 */
-	public static function meToPem($m, $e)
-	{
-		$rsa = new RSA();
-		$rsa->loadKey([
-			'e' => new BigInteger($e, 256),
-			'n' => new BigInteger($m, 256)
-		]);
-		return $rsa->getPublicKey();
-	}
-
 	/**
 	 * Transform RSA public keys to standard PEM output
 	 *
@ -91,29 +72,7 @@ class Crypto
 	 */
 	public static function rsaToPem(string $key)
 	{
-		$rsa = new RSA();
-		$rsa->setPublicKey($key);
-
-		return $rsa->getPublicKey(RSA::PUBLIC_FORMAT_PKCS8);
-	}
-
-	/**
-	 * Extracts the modulo and exponent reference from a public PEM key
-	 *
-	 * @param string $key      public PEM key
-	 * @param string $modulus  (ref) modulo reference
-	 * @param string $exponent (ref) exponent reference
-	 *
-	 * @return void
-	 */
-	public static function pemToMe(string $key, &$modulus, &$exponent)
-	{
-		$rsa = new RSA();
-		$rsa->loadKey($key);
-		$rsa->setPublicKey();
-
-		$modulus  = $rsa->modulus->toBytes();
-		$exponent = $rsa->exponent->toBytes();
+		return (string)PublicKeyLoader::load($key);
 	}

 	/**
@ -152,50 +111,6 @@ class Crypto
 		return $response;
 	}

-	/**
-	 * Create a new elliptic curve key pair
-	 *
-	 * @return array with the elements "prvkey", "pubkey", "vapid-public" and "vapid-private"
-	 */
-	public static function newECKeypair()
-	{
-		$openssl_options = [
-			'curve_name'       => 'prime256v1',
-			'private_key_type' => OPENSSL_KEYTYPE_EC
-		];
-
-		$conf = DI::config()->get('system', 'openssl_conf_file');
-		if ($conf) {
-			$openssl_options['config'] = $conf;
-		}
-		$result = openssl_pkey_new($openssl_options);
-
-		if (empty($result)) {
-			throw new Exception('Key creation failed');
-		}
-
-		$response = ['prvkey' => '', 'pubkey' => ''];
-
-		// Get private key
-		openssl_pkey_export($result, $response['prvkey']);
-
-		// Get public key
-		$pkey = openssl_pkey_get_details($result);
-		$response['pubkey'] = $pkey['key'];
-
-		// Create VAPID keys
-		// @see https://github.com/web-push-libs/web-push-php/blob/256a18b2a2411469c94943725fb6eccb9681bd75/src/Utils.php#L60-L62
-		$hexString = '04';
-		$hexString .= str_pad(bin2hex($pkey['ec']['x']), 64, '0', STR_PAD_LEFT);
-		$hexString .= str_pad(bin2hex($pkey['ec']['y']), 64, '0', STR_PAD_LEFT);
-		$response['vapid-public'] = Base64UrlSafe::encode(hex2bin($hexString));
-
-		// @see https://github.com/web-push-libs/web-push-php/blob/256a18b2a2411469c94943725fb6eccb9681bd75/src/VAPID.php
-		$response['vapid-private'] = Base64UrlSafe::encode(hex2bin(str_pad(bin2hex($pkey['ec']['d']), 64, '0', STR_PAD_LEFT)));
-
-		return $response;
-	}
-
 	/**
 	 * Encrypt a string with 'aes-256-cbc' cipher method.
 	 *
--- a/src/Util/Proxy.php
+++ b/src/Util/Proxy.php
@ -24,6 +24,7 @@ namespace Friendica\Util;
 use Friendica\Core\Logger;
 use Friendica\Core\System;
 use Friendica\DI;
+use GuzzleHttp\Psr7\Uri;

 /**
 * Proxy utilities class
@ -173,12 +174,15 @@ class Proxy
 	 */
 	private static function parseQuery(string $url): array
 	{
-		$query = parse_url($url, PHP_URL_QUERY);
-		$query = html_entity_decode($query);
+		try {
+			$uri = new Uri($url);

-		parse_str($query, $arr);
+			parse_str($uri->getQuery(), $arr);

-		return $arr;
+			return $arr;
+		} catch (\Throwable $e) {
+			return [];
+		}
 	}

 	/**
--- a/src/Util/Strings.php
+++ b/src/Util/Strings.php
@ -23,6 +23,7 @@ namespace Friendica\Util;

 use Friendica\Content\ContactSelector;
 use Friendica\Core\Logger;
+use ParagonIE\ConstantTime\Base64;

 /**
 * This class handles string functions
@ -245,16 +246,17 @@ class Strings
 	 * @param string $s					URL to encode
 	 * @param boolean $strip_padding	Optional. Default false
 	 * @return string	Encoded URL
+	 * @see https://web.archive.org/web/20160506073138/http://salmon-protocol.googlecode.com:80/svn/trunk/draft-panzer-magicsig-01.html#params
 	 */
 	public static function base64UrlEncode(string $s, bool $strip_padding = false): string
 	{
-		$s = strtr(base64_encode($s), '+/', '-_');
-
 		if ($strip_padding) {
-			$s = str_replace('=', '', $s);
+			$s = Base64::encodeUnpadded($s);
+		} else {
+			$s = Base64::encode($s);
 		}

-		return $s;
+		return strtr($s, '+/', '-_');
 	}

 	/**
@ -263,26 +265,11 @@ class Strings
 	 * @param string $s URL to decode
 	 * @return string	Decoded URL
 	 * @throws \Exception
+	 * @see https://web.archive.org/web/20160506073138/http://salmon-protocol.googlecode.com:80/svn/trunk/draft-panzer-magicsig-01.html#params
 	 */
 	public static function base64UrlDecode(string $s): string
 	{
-		/*
-		*  // Placeholder for new rev of salmon which strips base64 padding.
-		*  // PHP base64_decode handles the un-padded input without requiring this step
-		*  // Uncomment if you find you need it.
-		*
-		*	$l = strlen($s);
-		*	if (!strpos($s,'=')) {
-		*		$m = $l % 4;
-		*		if ($m == 2)
-		*			$s .= '==';
-		*		if ($m == 3)
-		*			$s .= '=';
-		*	}
-		*
-		*/
-
-		return base64_decode(strtr($s, '-_', '+/'));
+		return Base64::decode(strtr($s, '-_', '+/'));
 	}

 	/**