projects / github / Chocobozzz / PeerTube.git / blame
| Commit | Line | Data |
|---|---|---|
| 8d468a16 | 1 | import { BCRYPT_SALT_SIZE, PRIVATE_RSA_KEY_SIZE } from '../initializers' |
| e4f97bab | 2 | import { AccountInstance } from '../models/account/account-interface' |
| 8d468a16 | 3 | import { bcryptComparePromise, bcryptGenSaltPromise, bcryptHashPromise, createPrivateKey, getPublicKey } from './core-utils' |
| 9a27cdc2 | 4 | import { jsig } from './custom-jsonld-signature' |
| 8d468a16 | 5 | import { logger } from './logger' |
| 9f10b292 | 6 | |
| e4f97bab C |
7 | async function createPrivateAndPublicKeys () { |
| 8 | logger.info('Generating a RSA key...') | |
| bdfbd4f1 | 9 | |
| e4f97bab C |
10 | const { key } = await createPrivateKey(PRIVATE_RSA_KEY_SIZE) |
| 11 | const { publicKey } = await getPublicKey(key) | |
| bdfbd4f1 | 12 | |
| e4f97bab | 13 | return { privateKey: key, publicKey } |
| 9f10b292 C |
14 | } |
| 15 | ||
| e4f97bab C |
16 | function isSignatureVerified (fromAccount: AccountInstance, signedDocument: object) { |
| 17 | const publicKeyObject = { | |
| 18 | '@context': jsig.SECURITY_CONTEXT_URL, | |
| 19 | '@id': fromAccount.url, | |
| 20 | '@type': 'CryptographicKey', | |
| 21 | owner: fromAccount.url, | |
| 22 | publicKeyPem: fromAccount.publicKey | |
| bdfbd4f1 C |
23 | } |
| 24 | ||
| e4f97bab C |
25 | const publicKeyOwnerObject = { |
| 26 | '@context': jsig.SECURITY_CONTEXT_URL, | |
| 27 | '@id': fromAccount.url, | |
| 28 | publicKey: [ publicKeyObject ] | |
| 29 | } | |
| bdfbd4f1 | 30 | |
| e4f97bab C |
31 | const options = { |
| 32 | publicKey: publicKeyObject, | |
| 33 | publicKeyOwner: publicKeyOwnerObject | |
| 34 | } | |
| bdfbd4f1 | 35 | |
| efc32059 | 36 | return jsig.promises.verify(signedDocument, options) |
| e4f97bab C |
37 | .catch(err => { |
| 38 | logger.error('Cannot check signature.', err) | |
| 39 | return false | |
| 40 | }) | |
| 26d7d31b C |
41 | } |
| 42 | ||
| e4f97bab C |
43 | function signObject (byAccount: AccountInstance, data: any) { |
| 44 | const options = { | |
| 45 | privateKeyPem: byAccount.privateKey, | |
| 46 | creator: byAccount.url | |
| f5028693 | 47 | } |
| 9f10b292 | 48 | |
| efc32059 | 49 | return jsig.promises.sign(data, options) |
| e4f97bab C |
50 | } |
| 51 | ||
| 52 | function comparePassword (plainPassword: string, hashPassword: string) { | |
| 53 | return bcryptComparePromise(plainPassword, hashPassword) | |
| 9f10b292 | 54 | } |
| dac0a531 | 55 | |
| f5028693 C |
56 | async function cryptPassword (password: string) { |
| 57 | const salt = await bcryptGenSaltPromise(BCRYPT_SALT_SIZE) | |
| 58 | ||
| 53abc4c2 | 59 | return bcryptHashPromise(password, salt) |
| 26d7d31b C |
60 | } |
| 61 | ||
| 9f10b292 | 62 | // --------------------------------------------------------------------------- |
| dac0a531 | 63 | |
| 65fcc311 | 64 | export { |
| e4f97bab | 65 | isSignatureVerified, |
| 65fcc311 | 66 | comparePassword, |
| e4f97bab | 67 | createPrivateAndPublicKeys, |
| 65fcc311 | 68 | cryptPassword, |
| e4f97bab | 69 | signObject |
| 9f10b292 | 70 | } |