Esempio n. 1
0
 protected function verifySignature()
 {
     $publicAccountKey = PublicKey::formatPEM(SocialRecordManager::retrieveSocialRecord($this->headers[SONIC_HEADER__SOURCE_GID])->getAccountPublicKey());
     if (!Signature::verifySignature($this->getStringForRequestSignature(), $publicAccountKey, $this->headers[SONIC_HEADER__SIGNATURE])) {
         throw new MalformedRequestHeaderException("Invalid request signature!");
     } else {
         return true;
     }
 }
Esempio n. 2
0
 /**
  * Creates a GlobalID from a $key and $salt.
  * 
  * @param $key the publicKey
  * @param $salt the salt
  * 
  * @return the GlobalID
  */
 public static function createGID($key, $salt)
 {
     $gid = null;
     $key = PublicKey::exportKey($key);
     // headers, trailers, and linebreaks have to be deleted
     $gid = strtoupper(hash_pbkdf2(self::$HASH_ALGORITHM, $key, $salt, self::$ITERATIONS));
     $gid = self::convBase($gid, "0123456789ABCDEF", "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ");
     return $gid;
 }
Esempio n. 3
0
 /**
  * Serialization method for SocialRecord
  * 
  * @return The serialized SocialRecord (String)
  */
 public function getJSONString()
 {
     $json = '{' . '"@context":"' . SocialRecord::JSONLD_CONTEXT . '",' . '"@type":"' . SocialRecord::JSONLD_TYPE . '",' . '"type":"' . $this->type . '",' . '"globalID":"' . $this->globalID . '",' . '"platformGID":"' . $this->platformGID . '",' . '"displayName":"' . $this->displayName . '",' . '"profileLocation":"' . $this->profileLocation . '",' . '"personalPublicKey":"' . PublicKey::exportKey($this->personalPublicKey) . '",' . '"accountPublicKey":"' . PublicKey::exportKey($this->accountPublicKey) . '",' . '"salt":"' . $this->salt . '",' . '"datetime":"' . $this->datetime . '",' . '"active":' . $this->active . ',' . '"keyRevocationList":[';
     foreach ($this->keyRevocationList as $krc) {
         $json .= $krc->getJSONString();
         if ($krc !== end($this->keyRevocationList)) {
             $json .= ',';
         }
     }
     $json .= ']}';
     return $json;
 }
Esempio n. 4
0
 /**
  * Retrieves a SocialRecord for a given GlobalID from the GSLS. The signed JWT stored in the GSLS will be retrieved, the payloads verified, and the enclosed SocialRecord object will be returned.
  * 
  * @param $gid The GlobalID to resolve
  * @param $raw If set to true, the signed JWT will be returned instead of the SocialRecrod
  * 
  * @throws SocialRecordNotFoundException
  * @throws SocialRecordIntegrityException
  * @throws Exception
  * 
  * @return SocialRecord object
  */
 public static function getSocialRecord($gid, $raw = false)
 {
     $ch = curl_init(Configuration::getPrimaryGSLSNode() . '/' . $gid);
     if (Configuration::getCurlVerbose() >= 2) {
         curl_setopt($ch, CURLOPT_VERBOSE, 1);
     }
     curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
     curl_setopt($ch, CURLOPT_HTTPGET, 1);
     curl_setopt($ch, CURLOPT_TIMEOUT, Configuration::getGSLSTimeout());
     $result = curl_exec($ch);
     if (curl_errno($ch) != CURLE_OK) {
         $ch = curl_init(Configuration::getSecondaryGSLSNode() . '/' . $gid);
         if (Configuration::getCurlVerbose() >= 2) {
             curl_setopt($ch, CURLOPT_VERBOSE, 1);
         }
         curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
         curl_setopt($ch, CURLOPT_HTTPGET, 1);
         $result = curl_exec($ch);
         if (curl_errno($ch) != CURLE_OK) {
             throw new \Exception('Connection error: ' . curl_error($ch));
         }
     }
     $result = json_decode($result);
     curl_close($ch);
     if ($result->responseCode != 200) {
         if ($result->responseCode == 404) {
             throw new SocialRecordNotFoundException($result->message);
         } else {
             throw new \Exception($result->message);
         }
     } else {
         // verify JWT and extract SocialRecord
         $signer = new Sha512();
         $token = (new Parser())->parse((string) $result->socialRecord);
         $socialRecord = json_decode(base64_decode($token->getClaim('socialRecord')));
         $personalPublicKey = PublicKey::formatPEM($socialRecord->personalPublicKey);
         try {
             $token->verify($signer, $personalPublicKey);
         } catch (\Exception $e) {
             throw new SocialRecordIntegrityException('SocialRecord integrity compromised: ' . $e->getMessage());
         }
         if ($raw) {
             return $token;
         } else {
             return SocialRecordBuilder::buildFromJSON(json_encode($socialRecord, JSON_UNESCAPED_SLASHES));
         }
     }
 }
Esempio n. 5
0
 /**
  * Creates a SocialRecord object from a JSON String
  * 
  * @param $json (String) The serialized SocialRecord
  * 
  * @return SocialRecord
  */
 public static function buildFromJSON($json)
 {
     $jsonObject = json_decode($json);
     if (!property_exists($jsonObject, 'platformGID')) {
         throw new SocialRecordFormatException('SocialRecord: Property platformGID missing!');
     }
     if (!property_exists($jsonObject, 'globalID')) {
         throw new SocialRecordFormatException('SocialRecord: Property globalID missing!');
     }
     if (!property_exists($jsonObject, 'type')) {
         throw new SocialRecordFormatException('SocialRecord: Property type missing!');
     }
     if (!property_exists($jsonObject, 'displayName')) {
         throw new SocialRecordFormatException('SocialRecord: Property displayName missing!');
     }
     if (!property_exists($jsonObject, 'profileLocation')) {
         throw new SocialRecordFormatException('SocialRecord: Property profileLocation missing!');
     }
     if (!property_exists($jsonObject, 'personalPublicKey')) {
         throw new SocialRecordFormatException('SocialRecord: Property personalPublicKey missing!');
     }
     if (!property_exists($jsonObject, 'accountPublicKey')) {
         throw new SocialRecordFormatException('SocialRecord: Property accountPublicKey missing!');
     }
     if (!property_exists($jsonObject, 'salt')) {
         throw new SocialRecordFormatException('SocialRecord: Property salt missing!');
     }
     if (!property_exists($jsonObject, 'datetime')) {
         throw new SocialRecordFormatException('SocialRecord: Property datetime missing!');
     }
     if (!property_exists($jsonObject, 'active')) {
         throw new SocialRecordFormatException('SocialRecord: Property active missing!');
     }
     if (!property_exists($jsonObject, 'keyRevocationList')) {
         throw new SocialRecordFormatException('SocialRecord: Property keyRevocationList missing!');
     }
     $krl = array();
     foreach ($jsonObject->keyRevocationList as $krc) {
         $krl[] = KeyRevocationCertificateBuilder::buildFromJSON($krc);
     }
     return (new SocialRecordBuilder())->type($jsonObject->type)->globalID($jsonObject->globalID)->platformGID($jsonObject->platformGID)->displayName($jsonObject->displayName)->profileLocation($jsonObject->profileLocation)->personalPublicKey(PublicKey::formatPEM($jsonObject->personalPublicKey))->accountPublicKey(PublicKey::formatPEM($jsonObject->accountPublicKey))->salt($jsonObject->salt)->datetime($jsonObject->datetime)->active($jsonObject->active)->keyRevocationList($krl)->build();
 }