Merge pull request #4567 from annando/diaspora-key

Diaspora: Avoid warning "supplied key param cannot be coerced  …"
This commit is contained in:
Tobias Diekershoff 2018-03-09 10:10:39 +01:00 committed by GitHub
commit 518ee6595c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -221,11 +221,20 @@ class Diaspora
$signable_data = $msg.".".base64url_encode($type).".".base64url_encode($encoding).".".base64url_encode($alg); $signable_data = $msg.".".base64url_encode($type).".".base64url_encode($encoding).".".base64url_encode($alg);
if ($handle == '') {
logger('No author could be decoded. Discarding. Message: ' . $envelope);
return false;
}
$key = self::key($handle); $key = self::key($handle);
if ($key == '') {
logger("Couldn't get a key for handle " . $handle . ". Discarding.");
return false;
}
$verify = Crypto::rsaVerify($signable_data, $sig, $key); $verify = Crypto::rsaVerify($signable_data, $sig, $key);
if (!$verify) { if (!$verify) {
logger('Message did not verify. Discarding.'); logger('Message from ' . $handle . ' did not verify. Discarding.');
return false; return false;
} }
@ -321,7 +330,16 @@ class Diaspora
// Get the senders' public key // Get the senders' public key
$key_id = $base->sig[0]->attributes()->key_id[0]; $key_id = $base->sig[0]->attributes()->key_id[0];
$author_addr = base64_decode($key_id); $author_addr = base64_decode($key_id);
if ($author_addr == '') {
logger('No author could be decoded. Discarding. Message: ' . $xml);
System::httpExit(400);
}
$key = self::key($author_addr); $key = self::key($author_addr);
if ($key == '') {
logger("Couldn't get a key for handle " . $author_addr . ". Discarding.");
System::httpExit(400);
}
$verify = Crypto::rsaVerify($signed_data, $signature, $key); $verify = Crypto::rsaVerify($signed_data, $signature, $key);
if (!$verify) { if (!$verify) {