diff options
| author | Maxence Lange <maxence@artificial-owl.com> | 2019-01-04 10:37:59 -0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-01-04 10:37:59 -0100 |
| commit | 42f482fa346745c021803c102792de2d55f94c00 (patch) | |
| tree | f8d8b848ff5b87a1318e091bfccafd4e421b5aea /lib/Model | |
| parent | 3051f69e2886f8b6d0380c04a5733b27bf5b2834 (diff) | |
| parent | 89cd8fa88c6fbafa75e69535911f713e9c56c946 (diff) | |
Merge pull request #304 from nextcloud/bugfix/noid/compat-friendicav0.1.2
Compat friendica
Diffstat (limited to 'lib/Model')
| -rw-r--r-- | lib/Model/LinkedDataSignature.php | 50 |
1 files changed, 45 insertions, 5 deletions
diff --git a/lib/Model/LinkedDataSignature.php b/lib/Model/LinkedDataSignature.php index 689a5091..abf4406d 100644 --- a/lib/Model/LinkedDataSignature.php +++ b/lib/Model/LinkedDataSignature.php @@ -57,6 +57,9 @@ class LinkedDataSignature implements JsonSerializable { private $created = ''; /** @var string */ + private $nonce = ''; + + /** @var string */ private $signatureValue = ''; /** @var string */ @@ -111,6 +114,26 @@ class LinkedDataSignature implements JsonSerializable { return $this; } + + /** + * @return string + */ + public function getNonce(): string { + return $this->nonce; + } + + /** + * @param string $nonce + * + * @return LinkedDataSignature + */ + public function setNonce(string $nonce): LinkedDataSignature { + $this->nonce = $nonce; + + return $this; + } + + /** * @return string */ @@ -237,19 +260,24 @@ class LinkedDataSignature implements JsonSerializable { $header = [ '@context' => 'https://w3id.org/identity/v1', + 'nonce' => $this->getNonce(), 'creator' => $this->getCreator(), 'created' => $this->getCreated() ]; - $hash = $this->hashedCanonicalize($header) . $this->hashedCanonicalize($this->getObject()); - $signed = base64_decode($this->getSignatureValue()); + $hashHeader = $this->hashedCanonicalize($header, true); + $hashObject = $this->hashedCanonicalize($this->getObject()); $algo = OPENSSL_ALGO_SHA256; if ($this->getType() === 'RsaSignature2017') { $algo = OPENSSL_ALGO_SHA256; } - if (openssl_verify($hash, $signed, $this->getPublicKey(), $algo) === 1) { + $signed = base64_decode($this->getSignatureValue()); + if ($signed !== false + && openssl_verify( + $hashHeader . $hashObject, $signed, $this->getPublicKey(), $algo + ) === 1) { return true; } @@ -259,10 +287,21 @@ class LinkedDataSignature implements JsonSerializable { /** * @param array $data * + * @param bool $removeEmptyValue + * * @return string */ - private function hashedCanonicalize(array $data): string { - $object = json_decode(json_encode($data), false); + private function hashedCanonicalize(array $data, bool $removeEmptyValue = false): string { + if ($removeEmptyValue) { + $data = array_filter( + $data, + function($v) { + return ($v !== ''); + } + ); + } + + $object = json_decode(json_encode($data, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE)); $res = jsonld_normalize( $object, [ @@ -293,6 +332,7 @@ class LinkedDataSignature implements JsonSerializable { $this->setType($this->get('type', $signature, '')); $this->setCreator($this->get('creator', $signature, '')); + $this->setNonce($this->get('nonce', $signature, '')); $this->setCreated($this->get('created', $signature, '')); $this->setSignatureValue($this->get('signatureValue', $signature, '')); |