/** * * @param <type> $text * @param <type> $mimetype * @param Magicsig $magicsig Magicsig with private key available. * * @return MagicEnvelope object with all properties set * * @throws Exception of various kinds on signing failure */ public function signMessage($text, $mimetype) { if (!$this->actor instanceof Profile) { throw new ServerException('No profile to sign message with is set.'); } elseif (!$this->actor->isLocal()) { throw new ServerException('Cannot sign magic envelopes with remote users since we have no private key.'); } // Find already stored key $magicsig = Magicsig::getKV('user_id', $this->actor->getID()); if (!$magicsig instanceof Magicsig) { // and if it doesn't exist, it is time to create one! $magicsig = Magicsig::generate($this->actor->getUser()); } assert($magicsig instanceof Magicsig); assert($magicsig->privateKey instanceof Crypt_RSA); // Prepare text and metadata for signing $this->data = Magicsig::base64_url_encode($text); $this->data_type = $mimetype; $this->encoding = self::ENCODING; $this->alg = $magicsig->getName(); // Get the actual signature $this->sig = $magicsig->sign($this->signingText()); }
/** * Encode the given string as a signed MagicEnvelope XML document, * using the keypair for the given local user profile. We can of * course not sign a remote profile's slap, since we don't have the * private key. * * Side effects: will create and store a keypair on-demand if one * hasn't already been generated for this user. This can be very slow * on some systems. * * @param string $text XML fragment to sign, assumed to be Atom * @param User $user User who cryptographically signs $text * * @return MagicEnvelope object complete with signature * * @throws Exception on bad profile input or key generation problems */ public static function signAsUser($text, User $user) { // Find already stored key $magicsig = Magicsig::getKV('user_id', $user->id); if (!$magicsig instanceof Magicsig) { $magicsig = Magicsig::generate($user); } assert($magicsig instanceof Magicsig); assert($magicsig->privateKey instanceof Crypt_RSA); $magic_env = new MagicEnvelope(); $magic_env->signMessage($text, 'application/atom+xml', $magicsig); return $magic_env; }
public function onProfileDeleteRelated($profile, &$related) { // Ostatus_profile has a 'profile_id' property, which will be used to find the object $related[] = 'Ostatus_profile'; // Magicsig has a "user_id" column instead, so we have to delete it more manually: $magicsig = Magicsig::getKV('user_id', $profile->id); if ($magicsig instanceof Magicsig) { $magicsig->delete(); } return true; }