From fecbd099cda8d71e616ea266255384e3e4cc946a Mon Sep 17 00:00:00 2001
From: Roger Braun <roger@rogerbraun.net>
Date: Fri, 25 Aug 2017 15:09:05 +0200
Subject: [PATCH] Ignore padding for salmon public keys.

---
 lib/pleroma/web/salmon/salmon.ex   | 2 +-
 test/fixtures/friendica_salmon.xml | 7 +++++++
 test/web/salmon/salmon_test.exs    | 6 ++++++
 3 files changed, 14 insertions(+), 1 deletion(-)
 create mode 100644 test/fixtures/friendica_salmon.xml

diff --git a/lib/pleroma/web/salmon/salmon.ex b/lib/pleroma/web/salmon/salmon.ex
index eadf0773b..4f6dfed65 100644
--- a/lib/pleroma/web/salmon/salmon.ex
+++ b/lib/pleroma/web/salmon/salmon.ex
@@ -60,7 +60,7 @@ defmodule Pleroma.Web.Salmon do
 
     [modulus, exponent] = magickey
     |> String.split(".")
-    |> Enum.map(&Base.url_decode64!/1)
+    |> Enum.map(fn (n) -> Base.url_decode64!(n, padding: false) end)
     |> Enum.map(make_integer)
 
     {:RSAPublicKey, modulus, exponent}
diff --git a/test/fixtures/friendica_salmon.xml b/test/fixtures/friendica_salmon.xml
new file mode 100644
index 000000000..8a01d04e6
--- /dev/null
+++ b/test/fixtures/friendica_salmon.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0"?>
+<me:env xmlns:me="http://salmon-protocol.org/ns/magic-env">
+  <me:data type="application/atom+xml">PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4KPGVudHJ5IHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDA1L0F0b20iIHhtbG5zOnRocj0iaHR0cDovL3B1cmwub3JnL3N5bmRpY2F0aW9uL3RocmVhZC8xLjAiIHhtbG5zOmdlb3Jzcz0iaHR0cDovL3d3dy5nZW9yc3Mub3JnL2dlb3JzcyIgeG1sbnM6YWN0aXZpdHk9Imh0dHA6Ly9hY3Rpdml0eXN0cmVhLm1zL3NwZWMvMS4wLyIgeG1sbnM6bWVkaWE9Imh0dHA6Ly9wdXJsLm9yZy9zeW5kaWNhdGlvbi9hdG9tbWVkaWEiIHhtbG5zOnBvY289Imh0dHA6Ly9wb3J0YWJsZWNvbnRhY3RzLm5ldC9zcGVjLzEuMCIgeG1sbnM6b3N0YXR1cz0iaHR0cDovL29zdGF0dXMub3JnL3NjaGVtYS8xLjAiIHhtbG5zOnN0YXR1c25ldD0iaHR0cDovL3N0YXR1cy5uZXQvc2NoZW1hL2FwaS8xLyIgeG1sbnM6bWFzdG9kb249Imh0dHA6Ly9tYXN0b2Rvbi5zb2NpYWwvc2NoZW1hLzEuMCI-CiAgPGF1dGhvcj4KICAgIDxpZD5odHRwczovL3NxdWVldC5tZS9wcm9maWxlL2xhaW48L2lkPgogICAgPGFjdGl2aXR5Om9iamVjdC10eXBlPmh0dHA6Ly9hY3Rpdml0eXN0cmVhLm1zL3NjaGVtYS8xLjAvcGVyc29uPC9hY3Rpdml0eTpvYmplY3QtdHlwZT4KICAgIDx1cmk-aHR0cHM6Ly9zcXVlZXQubWUvcHJvZmlsZS9sYWluPC91cmk-CiAgICA8bmFtZT5sYWluPC9uYW1lPgogICAgPGVtYWlsPmxhaW5Ac3F1ZWV0Lm1lPC9lbWFpbD4KICAgIDxzdW1tYXJ5Lz4KICAgIDxsaW5rIHJlbD0iYWx0ZXJuYXRlIiB0eXBlPSJ0ZXh0L2h0bWwiIGhyZWY9Imh0dHBzOi8vc3F1ZWV0Lm1lL3Byb2ZpbGUvbGFpbiIvPgogICAgPGxpbmsgcmVsPSJhdmF0YXIiIHR5cGU9ImltYWdlL2pwZWciIG1lZGlhOndpZHRoPSIxNzUiIG1lZGlhOmhlaWdodD0iMTc1IiBocmVmPSJodHRwczovL3NxdWVldC5tZS9waG90by9hYmYyZWU0MGJmY2IwNDRhYzdmZDFkMTQzYzgyZjYzYS00LmpwZyIvPgogICAgPGxpbmsgcmVsPSJhdmF0YXIiIHR5cGU9ImltYWdlL2pwZWciIG1lZGlhOndpZHRoPSI4MCIgbWVkaWE6aGVpZ2h0PSI4MCIgaHJlZj0iaHR0cHM6Ly9zcXVlZXQubWUvcGhvdG8vYWJmMmVlNDBiZmNiMDQ0YWM3ZmQxZDE0M2M4MmY2M2EtNS5qcGciLz4KICAgIDxwb2NvOnByZWZlcnJlZFVzZXJuYW1lPmxhaW48L3BvY286cHJlZmVycmVkVXNlcm5hbWU-CiAgICA8cG9jbzpkaXNwbGF5TmFtZT5MYWluIEl3YWt1cmE8L3BvY286ZGlzcGxheU5hbWU-CiAgICA8cG9jbzpub3RlLz4KICAgIDxmb2xsb3dlcnMgdXJsPSJodHRwczovL3NxdWVldC5tZS92aWV3Y29udGFjdHMvbGFpbiIvPgogICAgPHN0YXR1c25ldDpwcm9maWxlX2luZm8gbG9jYWxfaWQ9IjMwMSIvPgogICAgPG1hc3RvZG9uOnNjb3BlPnB1YmxpYzwvbWFzdG9kb246c2NvcGU-CiAgPC9hdXRob3I-CiAgPGlkPnRhZzpzcXVlZXQubWUsMjAxNy0wOC0yNTpzdWJzY3JpcHRpb246MzAxOnBlcnNvbjoyMTYwOTc6MjAxNy0wOC0yNVQwODo0NTowOCswMDowMDwvaWQ-CiAgPHRpdGxlPmZvbGxvd2luZzwvdGl0bGU-CiAgPGNvbnRlbnQgdHlwZT0iaHRtbCI-bGFpbiBpcyBub3cgZm9sbG93aW5nIGxhaW4uPC9jb250ZW50PgogIDxsaW5rIHJlbD0iYWx0ZXJuYXRlIiB0eXBlPSJ0ZXh0L2h0bWwiIGhyZWY9Imh0dHBzOi8vc3F1ZWV0Lm1lL2Rpc3BsYXkvIi8-CiAgPGFjdGl2aXR5OnZlcmI-aHR0cDovL2FjdGl2aXR5c3RyZWEubXMvc2NoZW1hLzEuMC9mb2xsb3c8L2FjdGl2aXR5OnZlcmI-CiAgPHB1Ymxpc2hlZD4yMDE3LTA4LTI1VDA4OjQ1OjA4WjwvcHVibGlzaGVkPgogIDx1cGRhdGVkPjIwMTctMDgtMjVUMDg6NDU6MDhaPC91cGRhdGVkPgogIDxhY3Rpdml0eTpvYmplY3Q-CiAgICA8YWN0aXZpdHk6b2JqZWN0LXR5cGU-aHR0cDovL2FjdGl2aXR5c3RyZWEubXMvc2NoZW1hLzEuMC9wZXJzb248L2FjdGl2aXR5Om9iamVjdC10eXBlPgogICAgPGlkPmh0dHBzOi8vcGxlcm9tYS5zb3lrYWYuY29tL3VzZXJzL2xhaW48L2lkPgogICAgPHRpdGxlPmxhaW48L3RpdGxlPgogICAgPGxpbmsgcmVsPSJhbHRlcm5hdGUiIHR5cGU9InRleHQvaHRtbCIgaHJlZj0iaHR0cHM6Ly9wbGVyb21hLnNveWthZi5jb20vdXNlcnMvbGFpbiIvPgogICAgPGxpbmsgcmVsPSJhdmF0YXIiIHR5cGU9ImltYWdlL2pwZWciIG1lZGlhOndpZHRoPSIxNzUiIG1lZGlhOmhlaWdodD0iMTc1IiBocmVmPSJodHRwczovL3BsZXJvbWEuc295a2FmLmNvbS9tZWRpYS82NTE5YzhmOS1iMmFkLTQ5YjAtOTZlOC1lMjg4NWUxNjNmNTQvNERBMzUwNkVBMTBBRTc0QTZDREU2MTI3NzgxOEE0RTg4RkVDNjY1QTk4NEU4Njc4OUM0NDBDOEJCRERDNEI1OS5naWYiLz4KICAgIDxwb2NvOnByZWZlcnJlZFVzZXJuYW1lPmxhaW48L3BvY286cHJlZmVycmVkVXNlcm5hbWU-CiAgICA8cG9jbzpkaXNwbGF5TmFtZT5MYWluIEl3YWt1cmE8L3BvY286ZGlzcGxheU5hbWU-CiAgPC9hY3Rpdml0eTpvYmplY3Q-CjwvZW50cnk-</me:data>
+  <me:encoding>base64url</me:encoding>
+  <me:alg>RSA-SHA256</me:alg>
+  <me:sig key_id="MTU1ODkzNjliMGE4MzQ5NmEwMjkyMGJiNjUwMTg1ODZkMTdjOWQ0MWVhZTBmOGM3ZTYwNzU5Y2I1NWU1OTZjMw">l5O0lORlg5chdRQZkb-1GiEPU6OLY6FI-IBP84FwbOKY_hjy9on_VBxXcvcLN5r32VDbma0Ra4r933wQuATu1Q==</me:sig>
+</me:env>
diff --git a/test/web/salmon/salmon_test.exs b/test/web/salmon/salmon_test.exs
index e722f08ef..f2b729da9 100644
--- a/test/web/salmon/salmon_test.exs
+++ b/test/web/salmon/salmon_test.exs
@@ -8,6 +8,8 @@ defmodule Pleroma.Web.Salmon.SalmonTest do
 
   @wrong_magickey "RSA.pu0s-halox4tu7wmES1FVSx6u-4wc0YrUFXcqWXZG4-27UmbCOpMQftRCldNRfyA-qLbz-eqiwQhh-1EwUvjsD4cYbAHNGHwTvDOyx5AKthQUP44ykPv7kjKGh3DWKySJvcs9tlUG87hlo7AvnMo9pwRS_Zz2CacQ-MKaXyDepk=.AQAA"
 
+  @magickey_friendica "RSA.AMwa8FUs2fWEjX0xN7yRQgegQffhBpuKNC6fa5VNSVorFjGZhRrlPMn7TQOeihlc9lBz2OsHlIedbYn2uJ7yCs0.AQAB"
+
   test "decodes a salmon" do
     {:ok, salmon} = File.read("test/fixtures/salmon.xml")
     {:ok, doc} = Salmon.decode_and_validate(@magickey, salmon)
@@ -32,6 +34,10 @@ defmodule Pleroma.Web.Salmon.SalmonTest do
     assert @magickey == magic_key
   end
 
+  test "it decodes a friendica public key" do
+    key = Salmon.decode_key(@magickey_friendica)
+  end
+
   test "returns a public and private key from a pem" do
     pem = File.read!("test/fixtures/private_key.pem")
     {:ok, private, public} = Salmon.keys_from_pem(pem)