Update HttpSignature, add signRaw method and improve error checking

6 months ago · d4cf918120
parent 991b3e5792
commit d4cf918120
1 changed files with 34 additions and 0 deletions
--- a/app/Util/ActivityPub/HttpSignature.php
+++ b/app/Util/ActivityPub/HttpSignature.php
@ -25,7 +25,13 @@ class HttpSignature
        $stringToSign = self::_headersToSigningString($headers);
        $signedHeaders = implode(' ', array_map('strtolower', array_keys($headers)));
        $key = openssl_pkey_get_private($user->private_key);
+        if (empty($key)) {
+            return [];
+        }
        openssl_sign($stringToSign, $signature, $key, OPENSSL_ALGO_SHA256);
+        if (empty($signature)) {
+            return [];
+        }
        $signature = base64_encode($signature);
        $signatureHeader = 'keyId="'.$user->keyId().'",headers="'.$signedHeaders.'",algorithm="rsa-sha256",signature="'.$signature.'"';
        unset($headers['(request-target)']);
@ -34,6 +40,34 @@ class HttpSignature
        return self::_headersToCurlArray($headers);
    }

+    public static function signRaw($privateKey, $keyId, $url, $body = false, $addlHeaders = [])
+    {
+        if (empty($privateKey) || empty($keyId)) {
+            return [];
+        }
+        if ($body) {
+            $digest = self::_digest($body);
+        }
+        $headers = self::_headersToSign($url, $body ? $digest : false);
+        $headers = array_merge($headers, $addlHeaders);
+        $stringToSign = self::_headersToSigningString($headers);
+        $signedHeaders = implode(' ', array_map('strtolower', array_keys($headers)));
+        $key = openssl_pkey_get_private($privateKey);
+        if (empty($key)) {
+            return [];
+        }
+        openssl_sign($stringToSign, $signature, $key, OPENSSL_ALGO_SHA256);
+        if (empty($signature)) {
+            return [];
+        }
+        $signature = base64_encode($signature);
+        $signatureHeader = 'keyId="'.$keyId.'",headers="'.$signedHeaders.'",algorithm="rsa-sha256",signature="'.$signature.'"';
+        unset($headers['(request-target)']);
+        $headers['Signature'] = $signatureHeader;
+
+        return self::_headersToCurlArray($headers);
+    }
+
    public static function instanceActorSign($url, $body = false, $addlHeaders = [], $method = 'post')
    {
        $keyId = config('app.url').'/i/actor#main-key';