]>
Commit | Line | Data |
---|---|---|
df66d815 C |
1 | /* tslint:disable:no-unused-expression */ |
2 | ||
3 | import 'mocha' | |
4 | import { expect } from 'chai' | |
94565d52 | 5 | import { buildRequestStub } from '../../../../shared/extra-utils/miscs/stubs' |
df66d815 C |
6 | import { isHTTPSignatureVerified, isJsonLDSignatureVerified, parseHTTPSignature } from '../../../helpers/peertube-crypto' |
7 | import { cloneDeep } from 'lodash' | |
8 | import { buildSignedActivity } from '../../../helpers/activitypub' | |
9 | ||
10 | describe('Test activity pub helpers', function () { | |
11 | describe('When checking the Linked Signature', function () { | |
12 | ||
13 | it('Should fail with an invalid Mastodon signature', async function () { | |
14 | const body = require('./json/mastodon/create-bad-signature.json') | |
15 | const publicKey = require('./json/mastodon/public-key.json').publicKey | |
16 | const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' } | |
17 | ||
18 | const result = await isJsonLDSignatureVerified(fromActor as any, body) | |
19 | ||
20 | expect(result).to.be.false | |
21 | }) | |
22 | ||
23 | it('Should fail with an invalid public key', async function () { | |
24 | const body = require('./json/mastodon/create.json') | |
25 | const publicKey = require('./json/mastodon/bad-public-key.json').publicKey | |
26 | const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' } | |
27 | ||
28 | const result = await isJsonLDSignatureVerified(fromActor as any, body) | |
29 | ||
30 | expect(result).to.be.false | |
31 | }) | |
32 | ||
33 | it('Should succeed with a valid Mastodon signature', async function () { | |
34 | const body = require('./json/mastodon/create.json') | |
35 | const publicKey = require('./json/mastodon/public-key.json').publicKey | |
36 | const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' } | |
37 | ||
38 | const result = await isJsonLDSignatureVerified(fromActor as any, body) | |
39 | ||
40 | expect(result).to.be.true | |
41 | }) | |
42 | ||
43 | it('Should fail with an invalid PeerTube signature', async function () { | |
44 | const keys = require('./json/peertube/invalid-keys.json') | |
45 | const body = require('./json/peertube/announce-without-context.json') | |
46 | ||
47 | const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey } | |
48 | const signedBody = await buildSignedActivity(actorSignature as any, body) | |
49 | ||
50 | const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' } | |
51 | const result = await isJsonLDSignatureVerified(fromActor as any, signedBody) | |
52 | ||
53 | expect(result).to.be.false | |
54 | }) | |
55 | ||
df66d815 C |
56 | it('Should succeed with a valid PeerTube signature', async function () { |
57 | const keys = require('./json/peertube/keys.json') | |
58 | const body = require('./json/peertube/announce-without-context.json') | |
59 | ||
60 | const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey } | |
61 | const signedBody = await buildSignedActivity(actorSignature as any, body) | |
62 | ||
63 | const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' } | |
64 | const result = await isJsonLDSignatureVerified(fromActor as any, signedBody) | |
65 | ||
66 | expect(result).to.be.true | |
67 | }) | |
68 | }) | |
69 | ||
70 | describe('When checking HTTP signature', function () { | |
71 | it('Should fail with an invalid http signature', async function () { | |
72 | const req = buildRequestStub() | |
73 | req.method = 'POST' | |
74 | req.url = '/accounts/ronan/inbox' | |
75 | ||
76 | const mastodonObject = cloneDeep(require('./json/mastodon/bad-http-signature.json')) | |
77 | req.body = mastodonObject.body | |
78 | req.headers = mastodonObject.headers | |
79 | req.headers.signature = 'Signature ' + req.headers.signature | |
80 | ||
f3e4d594 | 81 | const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10) |
df66d815 C |
82 | const publicKey = require('./json/mastodon/public-key.json').publicKey |
83 | ||
84 | const actor = { publicKey } | |
85 | const verified = isHTTPSignatureVerified(parsed, actor as any) | |
86 | ||
87 | expect(verified).to.be.false | |
88 | }) | |
89 | ||
90 | it('Should fail with an invalid public key', async function () { | |
91 | const req = buildRequestStub() | |
92 | req.method = 'POST' | |
93 | req.url = '/accounts/ronan/inbox' | |
94 | ||
95 | const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json')) | |
96 | req.body = mastodonObject.body | |
97 | req.headers = mastodonObject.headers | |
98 | req.headers.signature = 'Signature ' + req.headers.signature | |
99 | ||
f3e4d594 | 100 | const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10) |
df66d815 C |
101 | const publicKey = require('./json/mastodon/bad-public-key.json').publicKey |
102 | ||
103 | const actor = { publicKey } | |
104 | const verified = isHTTPSignatureVerified(parsed, actor as any) | |
105 | ||
106 | expect(verified).to.be.false | |
107 | }) | |
108 | ||
109 | it('Should fail because of clock skew', async function () { | |
110 | const req = buildRequestStub() | |
111 | req.method = 'POST' | |
112 | req.url = '/accounts/ronan/inbox' | |
113 | ||
114 | const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json')) | |
115 | req.body = mastodonObject.body | |
116 | req.headers = mastodonObject.headers | |
117 | req.headers.signature = 'Signature ' + req.headers.signature | |
118 | ||
119 | let errored = false | |
120 | try { | |
121 | parseHTTPSignature(req) | |
122 | } catch { | |
123 | errored = true | |
124 | } | |
125 | ||
126 | expect(errored).to.be.true | |
127 | }) | |
128 | ||
129 | it('Should fail without scheme', async function () { | |
130 | const req = buildRequestStub() | |
131 | req.method = 'POST' | |
132 | req.url = '/accounts/ronan/inbox' | |
133 | ||
134 | const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json')) | |
135 | req.body = mastodonObject.body | |
136 | req.headers = mastodonObject.headers | |
137 | ||
138 | let errored = false | |
139 | try { | |
f3e4d594 | 140 | parseHTTPSignature(req, 3600 * 1000 * 365 * 10) |
df66d815 C |
141 | } catch { |
142 | errored = true | |
143 | } | |
144 | ||
145 | expect(errored).to.be.true | |
146 | }) | |
147 | ||
148 | it('Should succeed with a valid signature', async function () { | |
149 | const req = buildRequestStub() | |
150 | req.method = 'POST' | |
151 | req.url = '/accounts/ronan/inbox' | |
152 | ||
153 | const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json')) | |
154 | req.body = mastodonObject.body | |
155 | req.headers = mastodonObject.headers | |
156 | req.headers.signature = 'Signature ' + req.headers.signature | |
157 | ||
f3e4d594 | 158 | const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10) |
df66d815 C |
159 | const publicKey = require('./json/mastodon/public-key.json').publicKey |
160 | ||
161 | const actor = { publicKey } | |
162 | const verified = isHTTPSignatureVerified(parsed, actor as any) | |
163 | ||
164 | expect(verified).to.be.true | |
165 | }) | |
166 | ||
167 | }) | |
168 | ||
169 | }) |