Commit 2e7f67b0 authored by catch's avatar catch

Issue #1826190 by vijaycs85, Lukas von Blarer, alexpott: Covert mac_key() variable to CMI system.

parent ca820c7e
......@@ -356,6 +356,7 @@ function addRedirectedIdentity($identity, $version = 2, $local_id = 'http://exam
* Tests that openid.signed is verified.
*/
function testSignatureValidation() {
module_load_include('inc', 'openid');
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
......@@ -372,7 +373,7 @@ function testSignatureValidation() {
// Sign all mandatory fields and a custom field.
$keys_to_sign = array('op_endpoint', 'claimed_id', 'identity', 'return_to', 'response_nonce', 'assoc_handle', 'foo');
$association = new stdClass();
$association->mac_key = variable_get('mac_key');
$association->mac_key = NULL;
$response = array(
'openid.op_endpoint' => url('openid-test/endpoint', array('absolute' => TRUE)),
'openid.claimed_id' => $identity,
......
<?php
/**
* @file
* Install, update and uninstall functions for the openid_test module.
*/
/**
* Implements hook_install().
*/
function openid_test_install() {
module_load_include('inc', 'openid');
// Generate a MAC key (Message Authentication Code) used for signing messages.
// The variable is base64-encoded, because variables cannot contain non-UTF-8
// data.
variable_set('openid_test_mac_key', base64_encode(_openid_get_bytes(20)));
}
......@@ -271,7 +271,7 @@ function _openid_test_endpoint_associate() {
$shared = _openid_math_powmod($cpub, $private, $mod);
// Encrypt the MAC key using the shared secret.
$enc_mac_key = base64_encode(_openid_dh_xorsecret($shared, base64_decode(variable_get('mac_key'))));
$enc_mac_key = base64_encode(_openid_dh_xorsecret($shared, NULL));
// Generate response including our public key and the MAC key. Using our
// public key and its own private key, the Relying Party can calculate the
......@@ -343,7 +343,7 @@ function _openid_test_endpoint_authenticate() {
// Sign the message using the MAC key that was exchanged during association.
$association = new stdClass();
$association->mac_key = variable_get('mac_key');
$association->mac_key = NULL;
if (!isset($response['openid.sig'])) {
$response['openid.sig'] = _openid_signature($association, $response, $keys_to_sign);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment