diff --git a/app/Util/ActivityPub/HttpSignature.php b/app/Util/ActivityPub/HttpSignature.php index 35facb82b..e6834aaef 100644 --- a/app/Util/ActivityPub/HttpSignature.php +++ b/app/Util/ActivityPub/HttpSignature.php @@ -25,7 +25,13 @@ class HttpSignature $stringToSign = self::_headersToSigningString($headers); $signedHeaders = implode(' ', array_map('strtolower', array_keys($headers))); $key = openssl_pkey_get_private($user->private_key); + if (empty($key)) { + return []; + } openssl_sign($stringToSign, $signature, $key, OPENSSL_ALGO_SHA256); + if (empty($signature)) { + return []; + } $signature = base64_encode($signature); $signatureHeader = 'keyId="'.$user->keyId().'",headers="'.$signedHeaders.'",algorithm="rsa-sha256",signature="'.$signature.'"'; unset($headers['(request-target)']); @@ -34,6 +40,34 @@ class HttpSignature return self::_headersToCurlArray($headers); } + public static function signRaw($privateKey, $keyId, $url, $body = false, $addlHeaders = []) + { + if (empty($privateKey) || empty($keyId)) { + return []; + } + if ($body) { + $digest = self::_digest($body); + } + $headers = self::_headersToSign($url, $body ? $digest : false); + $headers = array_merge($headers, $addlHeaders); + $stringToSign = self::_headersToSigningString($headers); + $signedHeaders = implode(' ', array_map('strtolower', array_keys($headers))); + $key = openssl_pkey_get_private($privateKey); + if (empty($key)) { + return []; + } + openssl_sign($stringToSign, $signature, $key, OPENSSL_ALGO_SHA256); + if (empty($signature)) { + return []; + } + $signature = base64_encode($signature); + $signatureHeader = 'keyId="'.$keyId.'",headers="'.$signedHeaders.'",algorithm="rsa-sha256",signature="'.$signature.'"'; + unset($headers['(request-target)']); + $headers['Signature'] = $signatureHeader; + + return self::_headersToCurlArray($headers); + } + public static function instanceActorSign($url, $body = false, $addlHeaders = [], $method = 'post') { $keyId = config('app.url').'/i/actor#main-key';