/** * Retrieve Salmon keypair first by checking local database, but * if it's not found, attempt discovery if it has been requested. * * @param Profile $profile The profile we're looking up keys for. * @param boolean $discovery Network discovery if no local cache? */ public function getKeyPair(Profile $profile, $discovery = false) { $magicsig = Magicsig::getKV('user_id', $profile->id); if ($discovery && !$magicsig instanceof Magicsig) { // Throws exception on failure, but does not try to _load_ the keypair string. $keypair = $this->discoverKeyPair($profile); $magicsig = new Magicsig(); $magicsig->user_id = $profile->id; $magicsig->importKeys($keypair); // save the public key for this profile in our database. // TODO: If the profile generates a new key remotely, we must be able to replace // this (of course after callback-verification). $magicsig->insert(); } elseif (!$magicsig instanceof Magicsig) { // No discovery request, so we'll give up. throw new ServerException(sprintf('No public key found for profile (id==%d)', $profile->id)); } assert($magicsig->publicKey instanceof Crypt_RSA); return $magicsig; }
/** * Generate a new keypair for a local user and store in the database. * * Warning: this can be very slow on systems without the GMP module. * Runtimes of 20-30 seconds are not unheard-of. * * FIXME: More than 1024 bits please. But StatusNet _discards_ non-1024 bits, * so we'll have to wait the last mohican out before switching defaults. * * @param User $user the local user (since we don't have remote private keys) */ public static function generate(User $user, $bits = self::DEFAULT_KEYLEN, $alg = self::DEFAULT_SIGALG) { $magicsig = new Magicsig($alg); $magicsig->user_id = $user->id; $rsa = new Crypt_RSA(); $keypair = $rsa->createKey($bits); $magicsig->privateKey = new Crypt_RSA(); $magicsig->privateKey->loadKey($keypair['privatekey']); $magicsig->publicKey = new Crypt_RSA(); $magicsig->publicKey->loadKey($keypair['publickey']); $magicsig->insert(); // will do $this->keypair = $this->toString(true); $magicsig->importKeys(); // seems it's necessary to re-read keys from text keypair return $magicsig; }