public function sOAuthSignatureMethod_RSA_SHA1::check_signature in jQuery social stream 7
Same name and namespace in other branches
- 7.2 jquery_social_stream.js.inc \sOAuthSignatureMethod_RSA_SHA1::check_signature()
Verifies that a given signature is correct
Parameters
sOAuthRequest $request:
sOAuthConsumer $consumer:
sOAuthToken $token:
string $signature:
Return value
bool
Overrides sOAuthSignatureMethod::check_signature
File
- ./
jquery_social_stream.js.inc, line 524 - JS callbacks.
Class
- sOAuthSignatureMethod_RSA_SHA1
- The RSA-SHA1 signature method uses the RSASSA-PKCS1-v1_5 signature algorithm as defined in [RFC3447] section 8.2 (more simply known as PKCS#1), using SHA-1 as the hash function for EMSA-PKCS1-v1_5. It is assumed that the Consumer has provided its RSA…
Code
public function check_signature($request, $consumer, $token, $signature) {
$decoded_sig = base64_decode($signature);
$base_string = $request
->get_signature_base_string();
// Fetch the public key cert based on the request
$cert = $this
->fetch_public_cert($request);
// Pull the public key ID from the certificate
$publickeyid = openssl_get_publickey($cert);
// Check the computed signature against the one passed in the query
$ok = openssl_verify($base_string, $decoded_sig, $publickeyid);
// Release the key resource
openssl_free_key($publickeyid);
return $ok == 1;
}