]>
git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - helpers/peertubeCrypto.js
4 var config
= require('config')
5 var crypto
= require('crypto')
7 var openssl
= require('openssl-wrapper')
8 var path
= require('path')
9 var ursa
= require('ursa')
11 var logger
= require('./logger')
13 var certDir
= path
.join(__dirname
, '..', config
.get('storage.certs'))
14 var algorithm
= 'aes-256-ctr'
16 var peertubeCrypto
= {
17 checkSignature: checkSignature
,
18 createCertsIfNotExist: createCertsIfNotExist
,
21 getCertDir: getCertDir
,
25 function checkSignature (public_key
, raw_data
, hex_signature
) {
26 var crt
= ursa
.createPublicKey(public_key
)
27 var is_valid
= crt
.hashAndVerify('sha256', new Buffer(raw_data
).toString('hex'), hex_signature
, 'hex')
31 function createCertsIfNotExist (callback
) {
32 certsExist(function (exist
) {
37 createCerts(function (err
) {
43 function decrypt (key
, data
, callback
) {
44 fs
.readFile(getCertDir() + 'peertube.key.pem', function (err
, file
) {
45 if (err
) return callback(err
)
47 var my_private_key
= ursa
.createPrivateKey(file
)
48 var decrypted_key
= my_private_key
.decrypt(key
, 'hex', 'utf8')
49 var decrypted_data
= symetricDecrypt(data
, decrypted_key
)
51 return callback(null, decrypted_data
)
55 function encrypt (public_key
, data
, callback
) {
56 var crt
= ursa
.createPublicKey(public_key
)
58 symetricEncrypt(data
, function (err
, dataEncrypted
) {
59 if (err
) return callback(err
)
61 var key
= crt
.encrypt(dataEncrypted
.password
, 'utf8', 'hex')
63 data: dataEncrypted
.crypted
,
67 callback(null, encrypted
)
71 function getCertDir () {
75 function sign (data
) {
76 var myKey
= ursa
.createPrivateKey(fs
.readFileSync(certDir
+ 'peertube.key.pem'))
77 var signature
= myKey
.hashAndSign('sha256', data
, 'utf8', 'hex')
82 // ---------------------------------------------------------------------------
84 module
.exports
= peertubeCrypto
86 // ---------------------------------------------------------------------------
88 function certsExist (callback
) {
89 fs
.exists(certDir
+ 'peertube.key.pem', function (exists
) {
90 return callback(exists
)
94 function createCerts (callback
) {
95 certsExist(function (exist
) {
97 var string
= 'Certs already exist.'
98 logger
.warning(string
)
99 return callback(new Error(string
))
102 logger
.info('Generating a RSA key...')
103 openssl
.exec('genrsa', { 'out': certDir
+ 'peertube.key.pem', '2048': false }, function (err
) {
105 logger
.error('Cannot create private key on this pod.')
108 logger
.info('RSA key generated.')
110 logger
.info('Manage public key...')
111 openssl
.exec('rsa', { 'in': certDir
+ 'peertube.key.pem', 'pubout': true, 'out': certDir
+ 'peertube.pub' }, function (err
) {
113 logger
.error('Cannot create public key on this pod.')
117 logger
.info('Public key managed.')
118 return callback(null)
124 function generatePassword (callback
) {
125 crypto
.randomBytes(32, function (err
, buf
) {
126 if (err
) return callback(err
)
128 callback(null, buf
.toString('utf8'))
132 function symetricDecrypt (text
, password
) {
133 var decipher
= crypto
.createDecipher(algorithm
, password
)
134 var dec
= decipher
.update(text
, 'hex', 'utf8')
135 dec
+= decipher
.final('utf8')
139 function symetricEncrypt (text
, callback
) {
140 generatePassword(function (err
, password
) {
141 if (err
) return callback(err
)
143 var cipher
= crypto
.createCipher(algorithm
, password
)
144 var crypted
= cipher
.update(text
, 'utf8', 'hex')
145 crypted
+= cipher
.final('hex')
146 callback(null, { crypted: crypted
, password: password
})