signature class

compatible to the salmon plugin
2018-10-02 22:25:40 +02:00 · 2018-10-02 22:25:40 +02:00 · 64a5128e1e
commit 64a5128e1e
parent 557d5ae763
3 changed files with 105 additions and 8 deletions
--- a/activitypub.php
+++ b/activitypub.php
@ -16,6 +16,7 @@
 * Initialize plugin
 */
 function activitypub_init() {
+	require_once dirname( __FILE__ ) . '/includes/class-activitypub-signature.php';
 	require_once dirname( __FILE__ ) . '/includes/class-activitypub-post.php';
 	require_once dirname( __FILE__ ) . '/includes/functions.php';

--- a/includes/class-activitypub-signature.php
+++ b/includes/class-activitypub-signature.php
@ -0,0 +1,98 @@
+<?php
+
+class Activitypub_Signature {
+	/**
+	 * @param int $user_id
+	 *
+	 * @return mixed
+	 */
+	public static function get_public_key( $user_id, $force = false ) {
+		$key = get_user_meta( $user_id, 'magic_sig_public_key' );
+
+		if ( $key && ! $force ) {
+			return $key[0];
+		}
+
+		self::generate_key_pair( $user_id );
+		$key = get_user_meta( $user_id, 'magic_sig_public_key' );
+
+		return $key[0];
+	}
+
+	/**
+	 * @param int $user_id
+	 *
+	 * @return mixed
+	 */
+	public static function get_private_key( $user_id, $force = false ) {
+		$key = get_user_meta( $user_id, 'magic_sig_private_key' );
+
+		if ( $key && ! $force ) {
+			return $key[0];
+		}
+
+		self::generate_key_pair( $user_id );
+		$key = get_user_meta( $user_id, 'magic_sig_private_key' );
+
+		return $key[0];
+	}
+
+	/**
+	 * Generates the pair keys
+	 *
+	 * @param int $user_id
+	 */
+	public static function generate_key_pair( $user_id ) {
+		$config = array(
+			'digest_alg' => 'sha512',
+			'private_key_bits' => 2048,
+			'private_key_type' => OPENSSL_KEYTYPE_RSA,
+		);
+
+		$key = openssl_pkey_new( $config );
+		$priv_key = null;
+
+		openssl_pkey_export( $key, $priv_key );
+
+		// private key
+		update_user_meta( $user_id, 'magic_sig_private_key', $priv_key );
+
+		$detail = openssl_pkey_get_details( $key );
+
+		// public key
+		update_user_meta( $user_id, 'magic_sig_public_key', $detail['key'] );
+	}
+
+	public static function generate_signature( $user_id, $inbox ) {
+		$key = self::get_private_key( $user_id );
+
+		$url_parts = wp_parse_url( $inbox );
+
+		$host = $url_parts['host'];
+		$path = '/';
+
+		// add path
+		if ( ! empty( $url_parts['path'] ) ) {
+			$path .= $url_parts['path'];
+		}
+
+		// add query
+		if ( ! empty( $url_parts['query'] ) ) {
+			$path .= '?' . $url_parts['query'];
+		}
+
+		$date = gmdate( 'D, d M Y H:i:s T' );
+		$signed_string = "(request-target): post $path\nhost: $host\ndate: $date";
+
+		$signature = null;
+		openssl_sign( $signed_string, $signature, $key, OPENSSL_ALGO_SHA256 );
+
+		$key_id = get_author_posts_url( $author_id ) . '#main-key';
+
+		return sprintf( 'keyId="%s",algorithm="rsa-sha256",headers="(request-target) host date",signature="%s"', $key_id, $signature );
+	}
+
+	public static function verify_signature() {
+
+	}
+}
--- a/templates/json-author.php
+++ b/templates/json-author.php
@ -29,14 +29,12 @@ $json->outbox = get_rest_url( null, "/activitypub/1.0/users/$author_id/outbox" )

 $json->manuallyApprovesFollowers = apply_filters( 'activitypub_json_manually_approves_followers', __return_false() ); // phpcs:ignore

-if ( method_exists( 'Magic_Sig', 'get_public_key' ) ) {
-	// phpcs:ignore
-	$json->publicKey = array(
-		'id' => get_author_posts_url( $author_id ) . '#main-key',
-		'owner' => get_author_posts_url( $author_id ),
-		'publicKeyPem' => trim( Magic_Sig::get_public_key( $author_id ) ),
-	);
-}
+// phpcs:ignore
+$json->publicKey = array(
+	'id' => get_author_posts_url( $author_id ) . '#main-key',
+	'owner' => get_author_posts_url( $author_id ),
+	'publicKeyPem' => trim( Activitypub_Signature::get_public_key( $author_id ) ),
+);

 $json->tag = array();
 $json->attachment = array();