/** * Fetch a Magicsig object from the cache or database on a field match. * * @param string $k * @param mixed $v * @return Magicsig */ public function staticGet($k, $v = null) { $obj = parent::staticGet(__CLASS__, $k, $v); if (!empty($obj)) { $obj = Magicsig::fromString($obj->keypair); // Double check keys: Crypt_RSA did not // consistently generate good keypairs. // We've also moved to 1024 bit keys. if (strlen($obj->publicKey->modulus->toBits()) != 1024) { $obj->delete(); return false; } } return $obj; }
public function verify($env) { if ($env['alg'] != 'RSA-SHA256') { common_log(LOG_DEBUG, "Salmon error: bad algorithm"); return false; } if ($env['encoding'] != MagicEnvelope::ENCODING) { common_log(LOG_DEBUG, "Salmon error: bad encoding"); return false; } $text = Magicsig::base64_url_decode($env['data']); $signer_uri = $this->getAuthor($text); try { $keypair = $this->getKeyPair($signer_uri); } catch (Exception $e) { common_log(LOG_DEBUG, "Salmon error: " . $e->getMessage()); return false; } $verifier = Magicsig::fromString($keypair); if (!$verifier) { common_log(LOG_DEBUG, "Salmon error: unable to parse keypair"); return false; } return $verifier->verify($env['data'], $env['sig']); }