/usr/share/php/Horde/Oauth/SignatureMethod/RsaSha1.php is in php-horde-oauth 2.0.1-4.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 | <?php
/**
* Copyright 2008-2012 Horde LLC (http://www.horde.org/)
*
* @author Chuck Hagenbuch <chuck@horde.org>
* @license http://www.horde.org/licenses/bsd BSD
* @category Horde
* @package Oauth
*/
/**
* OAuth RSA-SHA1 signature method
*
* @author Chuck Hagenbuch <chuck@horde.org>
* @license http://www.horde.org/licenses/bsd BSD
* @category Horde
* @package Oauth
*/
class Horde_Oauth_SignatureMethod_RsaSha1 extends Horde_Oauth_SignatureMethod
{
public function __construct($publicKey = null, $privateKey = null)
{
$this->_publicKey = $publicKey;
$this->_privateKey = $privateKey;
}
public function getName()
{
return 'RSA-SHA1';
}
public function sign($request, $consumer, $token)
{
$baseString = $request->getSignatureBaseString();
$pkeyid = openssl_pkey_get_private($this->_privateKey);
$ok = openssl_sign($baseString, $signature, $pkeyid);
openssl_free_key($pkeyid);
return base64_encode($signature);
}
public function verify($signature, $request, $consumer, $token)
{
$decodedSignature = base64_decode($signature);
$baseString = $request->getSignatureBaseString();
$pubkeyid = openssl_pkey_get_public($this->_publicKey);
$result = openssl_verify($baseString, $decodedSignature, $pubkeyid);
openssl_free_key($pubkeyid);
return $result == 1;
}
}
|