]>
Commit | Line | Data |
---|---|---|
a1587156 | 1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ |
df66d815 C |
2 | |
3 | import 'mocha' | |
4 | import { expect } from 'chai' | |
94565d52 | 5 | import { buildRequestStub } from '../../../../shared/extra-utils/miscs/stubs' |
df66d815 C |
6 | import { isHTTPSignatureVerified, isJsonLDSignatureVerified, parseHTTPSignature } from '../../../helpers/peertube-crypto' |
7 | import { cloneDeep } from 'lodash' | |
8 | import { buildSignedActivity } from '../../../helpers/activitypub' | |
3d470a53 | 9 | import { buildAbsoluteFixturePath } from '@shared/extra-utils' |
df66d815 C |
10 | |
11 | describe('Test activity pub helpers', function () { | |
12 | describe('When checking the Linked Signature', function () { | |
13 | ||
14 | it('Should fail with an invalid Mastodon signature', async function () { | |
3d470a53 C |
15 | const body = require(buildAbsoluteFixturePath('./ap-json/mastodon/create-bad-signature.json')) |
16 | const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/public-key.json')).publicKey | |
df66d815 C |
17 | const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' } |
18 | ||
19 | const result = await isJsonLDSignatureVerified(fromActor as any, body) | |
20 | ||
21 | expect(result).to.be.false | |
22 | }) | |
23 | ||
24 | it('Should fail with an invalid public key', async function () { | |
3d470a53 C |
25 | const body = require(buildAbsoluteFixturePath('./ap-json/mastodon/create.json')) |
26 | const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/bad-public-key.json')).publicKey | |
df66d815 C |
27 | const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' } |
28 | ||
29 | const result = await isJsonLDSignatureVerified(fromActor as any, body) | |
30 | ||
31 | expect(result).to.be.false | |
32 | }) | |
33 | ||
34 | it('Should succeed with a valid Mastodon signature', async function () { | |
3d470a53 C |
35 | const body = require(buildAbsoluteFixturePath('./ap-json/mastodon/create.json')) |
36 | const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/public-key.json')).publicKey | |
df66d815 C |
37 | const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' } |
38 | ||
39 | const result = await isJsonLDSignatureVerified(fromActor as any, body) | |
40 | ||
41 | expect(result).to.be.true | |
42 | }) | |
43 | ||
44 | it('Should fail with an invalid PeerTube signature', async function () { | |
3d470a53 C |
45 | const keys = require(buildAbsoluteFixturePath('./ap-json/peertube/invalid-keys.json')) |
46 | const body = require(buildAbsoluteFixturePath('./ap-json/peertube/announce-without-context.json')) | |
df66d815 C |
47 | |
48 | const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey } | |
49 | const signedBody = await buildSignedActivity(actorSignature as any, body) | |
50 | ||
51 | const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' } | |
52 | const result = await isJsonLDSignatureVerified(fromActor as any, signedBody) | |
53 | ||
54 | expect(result).to.be.false | |
55 | }) | |
56 | ||
df66d815 | 57 | it('Should succeed with a valid PeerTube signature', async function () { |
3d470a53 C |
58 | const keys = require(buildAbsoluteFixturePath('./ap-json/peertube/keys.json')) |
59 | const body = require(buildAbsoluteFixturePath('./ap-json/peertube/announce-without-context.json')) | |
df66d815 C |
60 | |
61 | const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey } | |
62 | const signedBody = await buildSignedActivity(actorSignature as any, body) | |
63 | ||
64 | const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' } | |
65 | const result = await isJsonLDSignatureVerified(fromActor as any, signedBody) | |
66 | ||
67 | expect(result).to.be.true | |
68 | }) | |
69 | }) | |
70 | ||
71 | describe('When checking HTTP signature', function () { | |
72 | it('Should fail with an invalid http signature', async function () { | |
73 | const req = buildRequestStub() | |
74 | req.method = 'POST' | |
75 | req.url = '/accounts/ronan/inbox' | |
76 | ||
3d470a53 | 77 | const mastodonObject = cloneDeep(require(buildAbsoluteFixturePath('./ap-json/mastodon/bad-http-signature.json'))) |
df66d815 C |
78 | req.body = mastodonObject.body |
79 | req.headers = mastodonObject.headers | |
df66d815 | 80 | |
f3e4d594 | 81 | const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10) |
3d470a53 | 82 | const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/public-key.json')).publicKey |
df66d815 C |
83 | |
84 | const actor = { publicKey } | |
85 | const verified = isHTTPSignatureVerified(parsed, actor as any) | |
86 | ||
87 | expect(verified).to.be.false | |
88 | }) | |
89 | ||
90 | it('Should fail with an invalid public key', async function () { | |
91 | const req = buildRequestStub() | |
92 | req.method = 'POST' | |
93 | req.url = '/accounts/ronan/inbox' | |
94 | ||
3d470a53 | 95 | const mastodonObject = cloneDeep(require(buildAbsoluteFixturePath('./ap-json/mastodon/http-signature.json'))) |
df66d815 C |
96 | req.body = mastodonObject.body |
97 | req.headers = mastodonObject.headers | |
df66d815 | 98 | |
f3e4d594 | 99 | const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10) |
3d470a53 | 100 | const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/bad-public-key.json')).publicKey |
df66d815 C |
101 | |
102 | const actor = { publicKey } | |
103 | const verified = isHTTPSignatureVerified(parsed, actor as any) | |
104 | ||
105 | expect(verified).to.be.false | |
106 | }) | |
107 | ||
108 | it('Should fail because of clock skew', async function () { | |
109 | const req = buildRequestStub() | |
110 | req.method = 'POST' | |
111 | req.url = '/accounts/ronan/inbox' | |
112 | ||
3d470a53 | 113 | const mastodonObject = cloneDeep(require(buildAbsoluteFixturePath('./ap-json/mastodon/http-signature.json'))) |
df66d815 C |
114 | req.body = mastodonObject.body |
115 | req.headers = mastodonObject.headers | |
df66d815 C |
116 | |
117 | let errored = false | |
118 | try { | |
119 | parseHTTPSignature(req) | |
120 | } catch { | |
121 | errored = true | |
122 | } | |
123 | ||
124 | expect(errored).to.be.true | |
125 | }) | |
126 | ||
e6122097 | 127 | it('Should with a scheme', async function () { |
df66d815 C |
128 | const req = buildRequestStub() |
129 | req.method = 'POST' | |
130 | req.url = '/accounts/ronan/inbox' | |
131 | ||
3d470a53 | 132 | const mastodonObject = cloneDeep(require(buildAbsoluteFixturePath('./ap-json/mastodon/http-signature.json'))) |
df66d815 C |
133 | req.body = mastodonObject.body |
134 | req.headers = mastodonObject.headers | |
e6122097 | 135 | req.headers = 'Signature ' + mastodonObject.headers |
df66d815 C |
136 | |
137 | let errored = false | |
138 | try { | |
f3e4d594 | 139 | parseHTTPSignature(req, 3600 * 1000 * 365 * 10) |
df66d815 C |
140 | } catch { |
141 | errored = true | |
142 | } | |
143 | ||
144 | expect(errored).to.be.true | |
145 | }) | |
146 | ||
147 | it('Should succeed with a valid signature', async function () { | |
148 | const req = buildRequestStub() | |
149 | req.method = 'POST' | |
150 | req.url = '/accounts/ronan/inbox' | |
151 | ||
3d470a53 | 152 | const mastodonObject = cloneDeep(require(buildAbsoluteFixturePath('./ap-json/mastodon/http-signature.json'))) |
df66d815 C |
153 | req.body = mastodonObject.body |
154 | req.headers = mastodonObject.headers | |
df66d815 | 155 | |
f3e4d594 | 156 | const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10) |
3d470a53 | 157 | const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/public-key.json')).publicKey |
df66d815 C |
158 | |
159 | const actor = { publicKey } | |
160 | const verified = isHTTPSignatureVerified(parsed, actor as any) | |
161 | ||
162 | expect(verified).to.be.true | |
163 | }) | |
164 | ||
165 | }) | |
166 | ||
167 | }) |