]>
git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/helpers/peertube-crypto.js
3 const crypto
= require('crypto')
4 const bcrypt
= require('bcrypt')
5 const fs
= require('fs')
6 const openssl
= require('openssl-wrapper')
7 const pathUtils
= require('path')
9 const constants
= require('../initializers/constants')
10 const logger
= require('./logger')
12 const peertubeCrypto
= {
15 createCertsIfNotExist
,
22 function checkSignature (publicKey
, data
, hexSignature
) {
23 const verify
= crypto
.createVerify(constants
.SIGNATURE_ALGORITHM
)
26 if (typeof data
=== 'string') {
30 dataString
= JSON
.stringify(data
)
32 logger
.error('Cannot check signature.', { error: err
})
37 verify
.update(dataString
, 'utf8')
39 const isValid
= verify
.verify(publicKey
, hexSignature
, constants
.SIGNATURE_ENCODING
)
43 function sign (data
) {
44 const sign
= crypto
.createSign(constants
.SIGNATURE_ALGORITHM
)
47 if (typeof data
=== 'string') {
51 dataString
= JSON
.stringify(data
)
53 logger
.error('Cannot sign data.', { error: err
})
58 sign
.update(dataString
, 'utf8')
61 const certPath
= pathUtils
.join(constants
.CONFIG
.STORAGE
.CERT_DIR
, constants
.PRIVATE_CERT_NAME
)
62 const myKey
= fs
.readFileSync(certPath
)
63 const signature
= sign
.sign(myKey
, constants
.SIGNATURE_ENCODING
)
68 function comparePassword (plainPassword
, hashPassword
, callback
) {
69 bcrypt
.compare(plainPassword
, hashPassword
, function (err
, isPasswordMatch
) {
70 if (err
) return callback(err
)
72 return callback(null, isPasswordMatch
)
76 function createCertsIfNotExist (callback
) {
77 certsExist(function (exist
) {
82 createCerts(function (err
) {
88 function cryptPassword (password
, callback
) {
89 bcrypt
.genSalt(constants
.BCRYPT_SALT_SIZE
, function (err
, salt
) {
90 if (err
) return callback(err
)
92 bcrypt
.hash(password
, salt
, function (err
, hash
) {
93 return callback(err
, hash
)
98 function getMyPrivateCert (callback
) {
99 const certPath
= pathUtils
.join(constants
.CONFIG
.STORAGE
.CERT_DIR
, constants
.PRIVATE_CERT_NAME
)
100 fs
.readFile(certPath
, 'utf8', callback
)
103 function getMyPublicCert (callback
) {
104 const certPath
= pathUtils
.join(constants
.CONFIG
.STORAGE
.CERT_DIR
, constants
.PUBLIC_CERT_NAME
)
105 fs
.readFile(certPath
, 'utf8', callback
)
108 // ---------------------------------------------------------------------------
110 module
.exports
= peertubeCrypto
112 // ---------------------------------------------------------------------------
114 function certsExist (callback
) {
115 const certPath
= pathUtils
.join(constants
.CONFIG
.STORAGE
.CERT_DIR
, constants
.PRIVATE_CERT_NAME
)
116 fs
.exists(certPath
, function (exists
) {
117 return callback(exists
)
121 function createCerts (callback
) {
122 certsExist(function (exist
) {
123 if (exist
=== true) {
124 const string
= 'Certs already exist.'
125 logger
.warning(string
)
126 return callback(new Error(string
))
129 logger
.info('Generating a RSA key...')
131 const privateCertPath
= pathUtils
.join(constants
.CONFIG
.STORAGE
.CERT_DIR
, constants
.PRIVATE_CERT_NAME
)
132 const genRsaOptions
= {
133 'out': privateCertPath
,
136 openssl
.exec('genrsa', genRsaOptions
, function (err
) {
138 logger
.error('Cannot create private key on this pod.')
142 logger
.info('RSA key generated.')
143 logger
.info('Managing public key...')
145 const publicCertPath
= pathUtils
.join(constants
.CONFIG
.STORAGE
.CERT_DIR
, 'peertube.pub')
147 'in': privateCertPath
,
149 'out': publicCertPath
151 openssl
.exec('rsa', rsaOptions
, function (err
) {
153 logger
.error('Cannot create public key on this pod.')
157 logger
.info('Public key managed.')
158 return callback(null)