From d1c5e9b8670af4dfcf69ef56ab4358c3db8d04f0 Mon Sep 17 00:00:00 2001
From: Daniel Supernault <danielsupernault@gmail.com>
Date: Fri, 12 Feb 2021 22:25:34 -0700
Subject: [PATCH] Update InboxPipeline, fail earlier for invalid public keys.
 Fixes #2648

---
 app/Jobs/InboxPipeline/InboxValidator.php | 3 +++
 app/Jobs/InboxPipeline/InboxWorker.php    | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/app/Jobs/InboxPipeline/InboxValidator.php b/app/Jobs/InboxPipeline/InboxValidator.php
index ab153e384..bfcb4d6d0 100644
--- a/app/Jobs/InboxPipeline/InboxValidator.php
+++ b/app/Jobs/InboxPipeline/InboxValidator.php
@@ -173,6 +173,9 @@ class InboxValidator implements ShouldQueue
             return;
         }
         $pkey = openssl_pkey_get_public($actor->public_key);
+        if(!$pkey) {
+            return 0;
+        }
         $inboxPath = "/users/{$profile->username}/inbox";
         list($verified, $headers) = HttpSignature::verify($pkey, $signatureData, $headers, $inboxPath, $body);
         if($verified == 1) { 
diff --git a/app/Jobs/InboxPipeline/InboxWorker.php b/app/Jobs/InboxPipeline/InboxWorker.php
index ab1683e58..acc72f16f 100644
--- a/app/Jobs/InboxPipeline/InboxWorker.php
+++ b/app/Jobs/InboxPipeline/InboxWorker.php
@@ -161,6 +161,9 @@ class InboxWorker implements ShouldQueue
             return;
         }
         $pkey = openssl_pkey_get_public($actor->public_key);
+        if(!$pkey) {
+            return 0;
+        }
         $inboxPath = "/f/inbox";
         list($verified, $headers) = HttpSignature::verify($pkey, $signatureData, $headers, $inboxPath, $body);
         if($verified == 1) {