From 64a5128e1ee309fcc57ccb25e7cc7dfc724f657b Mon Sep 17 00:00:00 2001 From: Matthias Pfefferle Date: Tue, 2 Oct 2018 22:25:40 +0200 Subject: [PATCH] signature class compatible to the salmon plugin --- activitypub.php | 1 + includes/class-activitypub-signature.php | 98 ++++++++++++++++++++++++ templates/json-author.php | 14 ++-- 3 files changed, 105 insertions(+), 8 deletions(-) create mode 100644 includes/class-activitypub-signature.php diff --git a/activitypub.php b/activitypub.php index 0b6ef1a..1d855b2 100644 --- a/activitypub.php +++ b/activitypub.php @@ -16,6 +16,7 @@ * Initialize plugin */ function activitypub_init() { + require_once dirname( __FILE__ ) . '/includes/class-activitypub-signature.php'; require_once dirname( __FILE__ ) . '/includes/class-activitypub-post.php'; require_once dirname( __FILE__ ) . '/includes/functions.php'; diff --git a/includes/class-activitypub-signature.php b/includes/class-activitypub-signature.php new file mode 100644 index 0000000..4470286 --- /dev/null +++ b/includes/class-activitypub-signature.php @@ -0,0 +1,98 @@ + 'sha512', + 'private_key_bits' => 2048, + 'private_key_type' => OPENSSL_KEYTYPE_RSA, + ); + + $key = openssl_pkey_new( $config ); + $priv_key = null; + + openssl_pkey_export( $key, $priv_key ); + + // private key + update_user_meta( $user_id, 'magic_sig_private_key', $priv_key ); + + $detail = openssl_pkey_get_details( $key ); + + // public key + update_user_meta( $user_id, 'magic_sig_public_key', $detail['key'] ); + } + + public static function generate_signature( $user_id, $inbox ) { + $key = self::get_private_key( $user_id ); + + $url_parts = wp_parse_url( $inbox ); + + $host = $url_parts['host']; + $path = '/'; + + // add path + if ( ! empty( $url_parts['path'] ) ) { + $path .= $url_parts['path']; + } + + // add query + if ( ! empty( $url_parts['query'] ) ) { + $path .= '?' . $url_parts['query']; + } + + $date = gmdate( 'D, d M Y H:i:s T' ); + $signed_string = "(request-target): post $path\nhost: $host\ndate: $date"; + + $signature = null; + openssl_sign( $signed_string, $signature, $key, OPENSSL_ALGO_SHA256 ); + + $key_id = get_author_posts_url( $author_id ) . '#main-key'; + + return sprintf( 'keyId="%s",algorithm="rsa-sha256",headers="(request-target) host date",signature="%s"', $key_id, $signature ); + } + + public static function verify_signature() { + + } +} diff --git a/templates/json-author.php b/templates/json-author.php index f5f328b..05b87f1 100644 --- a/templates/json-author.php +++ b/templates/json-author.php @@ -29,14 +29,12 @@ $json->outbox = get_rest_url( null, "/activitypub/1.0/users/$author_id/outbox" ) $json->manuallyApprovesFollowers = apply_filters( 'activitypub_json_manually_approves_followers', __return_false() ); // phpcs:ignore -if ( method_exists( 'Magic_Sig', 'get_public_key' ) ) { - // phpcs:ignore - $json->publicKey = array( - 'id' => get_author_posts_url( $author_id ) . '#main-key', - 'owner' => get_author_posts_url( $author_id ), - 'publicKeyPem' => trim( Magic_Sig::get_public_key( $author_id ) ), - ); -} +// phpcs:ignore +$json->publicKey = array( + 'id' => get_author_posts_url( $author_id ) . '#main-key', + 'owner' => get_author_posts_url( $author_id ), + 'publicKeyPem' => trim( Activitypub_Signature::get_public_key( $author_id ) ), +); $json->tag = array(); $json->attachment = array();