]>
Commit | Line | Data |
---|---|---|
1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ | |
2 | ||
3 | import 'mocha' | |
4 | import { expect } from 'chai' | |
5 | import { buildRequestStub } from '../../../../shared/extra-utils/miscs/stubs' | |
6 | import { isHTTPSignatureVerified, isJsonLDSignatureVerified, parseHTTPSignature } from '../../../helpers/peertube-crypto' | |
7 | import { cloneDeep } from 'lodash' | |
8 | import { buildSignedActivity } from '../../../helpers/activitypub' | |
9 | ||
10 | describe('Test activity pub helpers', function () { | |
11 | describe('When checking the Linked Signature', function () { | |
12 | ||
13 | it('Should fail with an invalid Mastodon signature', async function () { | |
14 | const body = require('./json/mastodon/create-bad-signature.json') | |
15 | const publicKey = require('./json/mastodon/public-key.json').publicKey | |
16 | const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' } | |
17 | ||
18 | const result = await isJsonLDSignatureVerified(fromActor as any, body) | |
19 | ||
20 | expect(result).to.be.false | |
21 | }) | |
22 | ||
23 | it('Should fail with an invalid public key', async function () { | |
24 | const body = require('./json/mastodon/create.json') | |
25 | const publicKey = require('./json/mastodon/bad-public-key.json').publicKey | |
26 | const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' } | |
27 | ||
28 | const result = await isJsonLDSignatureVerified(fromActor as any, body) | |
29 | ||
30 | expect(result).to.be.false | |
31 | }) | |
32 | ||
33 | it('Should succeed with a valid Mastodon signature', async function () { | |
34 | const body = require('./json/mastodon/create.json') | |
35 | const publicKey = require('./json/mastodon/public-key.json').publicKey | |
36 | const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' } | |
37 | ||
38 | const result = await isJsonLDSignatureVerified(fromActor as any, body) | |
39 | ||
40 | expect(result).to.be.true | |
41 | }) | |
42 | ||
43 | it('Should fail with an invalid PeerTube signature', async function () { | |
44 | const keys = require('./json/peertube/invalid-keys.json') | |
45 | const body = require('./json/peertube/announce-without-context.json') | |
46 | ||
47 | const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey } | |
48 | const signedBody = await buildSignedActivity(actorSignature as any, body) | |
49 | ||
50 | const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' } | |
51 | const result = await isJsonLDSignatureVerified(fromActor as any, signedBody) | |
52 | ||
53 | expect(result).to.be.false | |
54 | }) | |
55 | ||
56 | it('Should succeed with a valid PeerTube signature', async function () { | |
57 | const keys = require('./json/peertube/keys.json') | |
58 | const body = require('./json/peertube/announce-without-context.json') | |
59 | ||
60 | const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey } | |
61 | const signedBody = await buildSignedActivity(actorSignature as any, body) | |
62 | ||
63 | const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' } | |
64 | const result = await isJsonLDSignatureVerified(fromActor as any, signedBody) | |
65 | ||
66 | expect(result).to.be.true | |
67 | }) | |
68 | }) | |
69 | ||
70 | describe('When checking HTTP signature', function () { | |
71 | it('Should fail with an invalid http signature', async function () { | |
72 | const req = buildRequestStub() | |
73 | req.method = 'POST' | |
74 | req.url = '/accounts/ronan/inbox' | |
75 | ||
76 | const mastodonObject = cloneDeep(require('./json/mastodon/bad-http-signature.json')) | |
77 | req.body = mastodonObject.body | |
78 | req.headers = mastodonObject.headers | |
79 | ||
80 | const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10) | |
81 | const publicKey = require('./json/mastodon/public-key.json').publicKey | |
82 | ||
83 | const actor = { publicKey } | |
84 | const verified = isHTTPSignatureVerified(parsed, actor as any) | |
85 | ||
86 | expect(verified).to.be.false | |
87 | }) | |
88 | ||
89 | it('Should fail with an invalid public key', async function () { | |
90 | const req = buildRequestStub() | |
91 | req.method = 'POST' | |
92 | req.url = '/accounts/ronan/inbox' | |
93 | ||
94 | const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json')) | |
95 | req.body = mastodonObject.body | |
96 | req.headers = mastodonObject.headers | |
97 | ||
98 | const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10) | |
99 | const publicKey = require('./json/mastodon/bad-public-key.json').publicKey | |
100 | ||
101 | const actor = { publicKey } | |
102 | const verified = isHTTPSignatureVerified(parsed, actor as any) | |
103 | ||
104 | expect(verified).to.be.false | |
105 | }) | |
106 | ||
107 | it('Should fail because of clock skew', async function () { | |
108 | const req = buildRequestStub() | |
109 | req.method = 'POST' | |
110 | req.url = '/accounts/ronan/inbox' | |
111 | ||
112 | const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json')) | |
113 | req.body = mastodonObject.body | |
114 | req.headers = mastodonObject.headers | |
115 | ||
116 | let errored = false | |
117 | try { | |
118 | parseHTTPSignature(req) | |
119 | } catch { | |
120 | errored = true | |
121 | } | |
122 | ||
123 | expect(errored).to.be.true | |
124 | }) | |
125 | ||
126 | it('Should with a scheme', async function () { | |
127 | const req = buildRequestStub() | |
128 | req.method = 'POST' | |
129 | req.url = '/accounts/ronan/inbox' | |
130 | ||
131 | const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json')) | |
132 | req.body = mastodonObject.body | |
133 | req.headers = mastodonObject.headers | |
134 | req.headers = 'Signature ' + mastodonObject.headers | |
135 | ||
136 | let errored = false | |
137 | try { | |
138 | parseHTTPSignature(req, 3600 * 1000 * 365 * 10) | |
139 | } catch { | |
140 | errored = true | |
141 | } | |
142 | ||
143 | expect(errored).to.be.true | |
144 | }) | |
145 | ||
146 | it('Should succeed with a valid signature', async function () { | |
147 | const req = buildRequestStub() | |
148 | req.method = 'POST' | |
149 | req.url = '/accounts/ronan/inbox' | |
150 | ||
151 | const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json')) | |
152 | req.body = mastodonObject.body | |
153 | req.headers = mastodonObject.headers | |
154 | ||
155 | const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10) | |
156 | const publicKey = require('./json/mastodon/public-key.json').publicKey | |
157 | ||
158 | const actor = { publicKey } | |
159 | const verified = isHTTPSignatureVerified(parsed, actor as any) | |
160 | ||
161 | expect(verified).to.be.true | |
162 | }) | |
163 | ||
164 | }) | |
165 | ||
166 | }) |