harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

simplify the message signing spaghetti

Browse Source
This commit is contained in:
zotlabs 2017-03-16 18:19:03 -07:00
parent 446b5550a2
commit cf11ba1147
2 changed files with 27 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
include/items.php
View File

@ -1408,6 +1408,26 @@ function get_profile_elements($x) {
} }
function item_sign(&$item) {
if(array_key_exists('sig',$item) && $item['sig'])
return;
$r = q("select channel_prvkey from channel where channel_id = %d and channel_hash = '%s' ",
intval($item['uid']),
dbesc($item['author_xchan'])
);
if(! $r)
return;
$item['sig'] = base64url_encode(rsa_sign($item['body'],$r[0]['channel_prvkey']));
$item['item_verified'] = 1;
}
/** /**
* @brief * @brief
* *
@ -1487,24 +1507,12 @@ function item_store($arr, $allow_exec = false, $deliver = true) {
$arr['lang'] = detect_language($arr['body']); $arr['lang'] = detect_language($arr['body']);
// apply the input filter here // apply the input filter here
if(array_key_exists('input_filtered_signed',$arr)) { $arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec));
unset($arr['input_filtered_signed']);
}
else {
$arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec));
if(local_channel() && (local_channel() == $arr['uid'])) { item_sign($arr);
if(! $arr['sig']) {
$channel = App::get_channel();
if($channel['channel_hash'] === $arr['author_xchan']) {
$arr['sig'] = base64url_encode(rsa_sign($arr['body'],$channel['channel_prvkey']));
$arr['item_verified'] = 1;
}
}
}
}
if(! array_key_exists('sig',$arr)) if(! array_key_exists('sig',$arr))
$arr['sig'] = ''; $arr['sig'] = '';
@ -1917,22 +1925,11 @@ function item_store_update($arr,$allow_exec = false, $deliver = true) {
$arr['lang'] = detect_language($arr['body']); $arr['lang'] = detect_language($arr['body']);
if(array_key_exists('input_filtered_signed',$arr)) { // apply the input filter here
unset($arr['input_filtered_signed']);
}
else {
$arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec));
if(local_channel() && (local_channel() == $arr['uid'])) { $arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec));
if(! $arr['sig']) {
$channel = App::get_channel(); item_sign($arr);
if($channel['channel_hash'] === $arr['author_xchan']) {
$arr['sig'] = base64url_encode(rsa_sign($arr['body'],$channel['channel_prvkey']));
$arr['item_verified'] = 1;
}
}
}
}
$allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages'); $allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages');

15
include/photos.php
View File

@ -340,21 +340,6 @@ function photo_upload($channel, $observer, $args) {
$item['tgt_type'] = ACTIVITY_OBJ_ALBUM; $item['tgt_type'] = ACTIVITY_OBJ_ALBUM;
$item['target'] = json_encode($target); $item['target'] = json_encode($target);
$item['body'] = trim(z_input_filter($item['body'],$item['mimetype'],false));
if($item['author_xchan'] === $channel['channel_hash']) {
$item['sig'] = base64url_encode(rsa_sign($item['body'],$channel['channel_prvkey']));
$item['item_verified'] = 1;
}
else {
$item['sig'] = '';
}
// notify item_store or item_store_update that the input has been filtered and signed already.
// The signing procedure in those functions uses local_channel() which may not apply here.
$item['input_filtered_signed'] = true;
$force = true; $force = true;
} }