首页 发现 帮助
注册 登录
oleg
/
pixelfed
镜像自地址 https://github.com/pixelfed/pixelfed.git
1
0
派生 0
文件 工单管理 0 Wiki
浏览代码

Update HttpSignature, add signRaw method and improve error checking

Daniel Supernault 10 月之前
父节点
991b3e5792
当前提交
d4cf918120
共有 1 个文件被更改,包括 34 次插入0 次删除
分列视图 显示文件统计
  1. 34 0
      app/Util/ActivityPub/HttpSignature.php

+ 34 - 0
app/Util/ActivityPub/HttpSignature.php
查看文件 

@@ -25,7 +25,13 @@ class HttpSignature
 
         $stringToSign = self::_headersToSigningString($headers);
 
         $signedHeaders = implode(' ', array_map('strtolower', array_keys($headers)));
 
         $key = openssl_pkey_get_private($user->private_key);
 
+        if (empty($key)) {
 
+            return [];
 
+        }
 
         openssl_sign($stringToSign, $signature, $key, OPENSSL_ALGO_SHA256);
 
+        if (empty($signature)) {
 
+            return [];
 
+        }
 
         $signature = base64_encode($signature);
 
         $signatureHeader = 'keyId="'.$user->keyId().'",headers="'.$signedHeaders.'",algorithm="rsa-sha256",signature="'.$signature.'"';
 
         unset($headers['(request-target)']);
 
@@ -34,6 +40,34 @@ class HttpSignature
 
         return self::_headersToCurlArray($headers);
 
     }
 
 
+    public static function signRaw($privateKey, $keyId, $url, $body = false, $addlHeaders = [])
 
+    {
 
+        if (empty($privateKey) || empty($keyId)) {
 
+            return [];
 
+        }
 
+        if ($body) {
 
+            $digest = self::_digest($body);
 
+        }
 
+        $headers = self::_headersToSign($url, $body ? $digest : false);
 
+        $headers = array_merge($headers, $addlHeaders);
 
+        $stringToSign = self::_headersToSigningString($headers);
 
+        $signedHeaders = implode(' ', array_map('strtolower', array_keys($headers)));
 
+        $key = openssl_pkey_get_private($privateKey);
 
+        if (empty($key)) {
 
+            return [];
 
+        }
 
+        openssl_sign($stringToSign, $signature, $key, OPENSSL_ALGO_SHA256);
 
+        if (empty($signature)) {
 
+            return [];
 
+        }
 
+        $signature = base64_encode($signature);
 
+        $signatureHeader = 'keyId="'.$keyId.'",headers="'.$signedHeaders.'",algorithm="rsa-sha256",signature="'.$signature.'"';
 
+        unset($headers['(request-target)']);
 
+        $headers['Signature'] = $signatureHeader;
 
+
 
+        return self::_headersToCurlArray($headers);
 
+    }
 
+
 
     public static function instanceActorSign($url, $body = false, $addlHeaders = [], $method = 'post')
 
     {
 
         $keyId = config('app.url').'/i/actor#main-key';