/**
*
* @param <type> $text
* @param <type> $mimetype
* @param Magicsig $magicsig Magicsig with private key available.
*
* @return MagicEnvelope object with all properties set
*
* @throws Exception of various kinds on signing failure
*/
public function signMessage($text, $mimetype)
{
if (!$this->actor instanceof Profile) {
throw new ServerException('No profile to sign message with is set.');
} elseif (!$this->actor->isLocal()) {
throw new ServerException('Cannot sign magic envelopes with remote users since we have no private key.');
}
// Find already stored key
$magicsig = Magicsig::getKV('user_id', $this->actor->getID());
if (!$magicsig instanceof Magicsig) {
// and if it doesn't exist, it is time to create one!
$magicsig = Magicsig::generate($this->actor->getUser());
}
assert($magicsig instanceof Magicsig);
assert($magicsig->privateKey instanceof Crypt_RSA);
// Prepare text and metadata for signing
$this->data = Magicsig::base64_url_encode($text);
$this->data_type = $mimetype;
$this->encoding = self::ENCODING;
$this->alg = $magicsig->getName();
// Get the actual signature
$this->sig = $magicsig->sign($this->signingText());
}
/**
* Encode the given string as a signed MagicEnvelope XML document,
* using the keypair for the given local user profile. We can of
* course not sign a remote profile's slap, since we don't have the
* private key.
*
* Side effects: will create and store a keypair on-demand if one
* hasn't already been generated for this user. This can be very slow
* on some systems.
*
* @param string $text XML fragment to sign, assumed to be Atom
* @param User $user User who cryptographically signs $text
*
* @return MagicEnvelope object complete with signature
*
* @throws Exception on bad profile input or key generation problems
*/
public static function signAsUser($text, User $user)
{
// Find already stored key
$magicsig = Magicsig::getKV('user_id', $user->id);
if (!$magicsig instanceof Magicsig) {
$magicsig = Magicsig::generate($user);
}
assert($magicsig instanceof Magicsig);
assert($magicsig->privateKey instanceof Crypt_RSA);
$magic_env = new MagicEnvelope();
$magic_env->signMessage($text, 'application/atom+xml', $magicsig);
return $magic_env;
}
public function onProfileDeleteRelated($profile, &$related)
{
// Ostatus_profile has a 'profile_id' property, which will be used to find the object
$related[] = 'Ostatus_profile';
// Magicsig has a "user_id" column instead, so we have to delete it more manually:
$magicsig = Magicsig::getKV('user_id', $profile->id);
if ($magicsig instanceof Magicsig) {
$magicsig->delete();
}
return true;
}
