wordpress-activitypub/includes/class-signature.php

106 lines
2.3 KiB
PHP
Raw Permalink Normal View History

<?php
namespace Activitypub;
2019-02-24 13:01:28 +01:00
/**
* ActivityPub Signature Class
*
* @author Matthias Pfefferle
*/
class Signature {
2018-12-08 00:02:18 +01:00
/**
* @param int $user_id
*
* @return mixed
*/
public static function get_public_key( $user_id, $force = false ) {
2019-09-27 10:12:59 +02:00
$key = \get_user_meta( $user_id, 'magic_sig_public_key' );
if ( $key && ! $force ) {
return $key[0];
}
self::generate_key_pair( $user_id );
2019-09-27 10:12:59 +02:00
$key = \get_user_meta( $user_id, 'magic_sig_public_key' );
return $key[0];
}
/**
* @param int $user_id
*
* @return mixed
*/
public static function get_private_key( $user_id, $force = false ) {
2019-09-27 10:12:59 +02:00
$key = \get_user_meta( $user_id, 'magic_sig_private_key' );
if ( $key && ! $force ) {
return $key[0];
}
self::generate_key_pair( $user_id );
2019-09-27 10:12:59 +02:00
$key = \get_user_meta( $user_id, 'magic_sig_private_key' );
return $key[0];
}
/**
* Generates the pair keys
*
* @param int $user_id
*/
public static function generate_key_pair( $user_id ) {
$config = array(
'digest_alg' => 'sha512',
'private_key_bits' => 2048,
'private_key_type' => OPENSSL_KEYTYPE_RSA,
);
2019-09-27 10:12:59 +02:00
$key = \openssl_pkey_new( $config );
$priv_key = null;
2019-09-27 10:12:59 +02:00
\openssl_pkey_export( $key, $priv_key );
// private key
2019-09-27 10:12:59 +02:00
\update_user_meta( $user_id, 'magic_sig_private_key', $priv_key );
2019-09-27 10:12:59 +02:00
$detail = \openssl_pkey_get_details( $key );
// public key
2019-09-27 10:12:59 +02:00
\update_user_meta( $user_id, 'magic_sig_public_key', $detail['key'] );
}
public static function generate_signature( $user_id, $url, $date ) {
$key = self::get_private_key( $user_id );
2019-09-27 10:12:59 +02:00
$url_parts = \wp_parse_url( $url );
$host = $url_parts['host'];
$path = '/';
// add path
if ( ! empty( $url_parts['path'] ) ) {
2018-12-08 00:02:18 +01:00
$path = $url_parts['path'];
}
// add query
if ( ! empty( $url_parts['query'] ) ) {
$path .= '?' . $url_parts['query'];
}
$signed_string = "(request-target): post $path\nhost: $host\ndate: $date";
$signature = null;
2019-09-27 10:12:59 +02:00
\openssl_sign( $signed_string, $signature, $key, OPENSSL_ALGO_SHA256 );
$signature = \base64_encode( $signature ); // phpcs:ignore
2019-09-27 10:12:59 +02:00
$key_id = \get_author_posts_url( $user_id ) . '#main-key';
2019-09-27 10:12:59 +02:00
return \sprintf( 'keyId="%s",algorithm="rsa-sha256",headers="(request-target) host date",signature="%s"', $key_id, $signature );
}
public static function verify_signature( $headers, $signature ) {
}
}