1 import * as crypto from 'crypto'
2 import { join } from 'path'
11 } from '../initializers'
20 import { logger } from './logger'
22 function checkSignature (publicKey: string, data: string, hexSignature: string) {
23 const verify = crypto.createVerify(SIGNATURE_ALGORITHM)
26 if (typeof data === 'string') {
30 dataString = JSON.stringify(data)
32 logger.error('Cannot check signature.', err)
37 verify.update(dataString, 'utf8')
39 const isValid = verify.verify(publicKey, hexSignature, SIGNATURE_ENCODING)
43 async function sign (data: string|Object) {
44 const sign = crypto.createSign(SIGNATURE_ALGORITHM)
46 let dataString: string
47 if (typeof data === 'string') {
51 dataString = JSON.stringify(data)
53 logger.error('Cannot sign data.', err)
58 sign.update(dataString, 'utf8')
60 const myKey = await getMyPrivateCert()
61 return await sign.sign(myKey, SIGNATURE_ENCODING)
64 function comparePassword (plainPassword: string, hashPassword: string) {
65 return bcryptComparePromise(plainPassword, hashPassword)
68 async function createCertsIfNotExist () {
69 const exist = await certsExist()
74 return await createCerts()
77 async function cryptPassword (password: string) {
78 const salt = await bcryptGenSaltPromise(BCRYPT_SALT_SIZE)
80 return await bcryptHashPromise(password, salt)
83 function getMyPrivateCert () {
84 const certPath = join(CONFIG.STORAGE.CERT_DIR, PRIVATE_CERT_NAME)
85 return readFilePromise(certPath, 'utf8')
88 function getMyPublicCert () {
89 const certPath = join(CONFIG.STORAGE.CERT_DIR, PUBLIC_CERT_NAME)
90 return readFilePromise(certPath, 'utf8')
93 // ---------------------------------------------------------------------------
98 createCertsIfNotExist,
105 // ---------------------------------------------------------------------------
107 async function certsExist () {
108 const certPath = join(CONFIG.STORAGE.CERT_DIR, PRIVATE_CERT_NAME)
110 // If there is an error the certificates do not exist
112 await accessPromise(certPath)
120 async function createCerts () {
121 const exist = await certsExist()
122 if (exist === true) {
123 const errorMessage = 'Certs already exist.'
124 logger.warning(errorMessage)
125 throw new Error(errorMessage)
128 logger.info('Generating a RSA key...')
130 const privateCertPath = join(CONFIG.STORAGE.CERT_DIR, PRIVATE_CERT_NAME)
131 const genRsaOptions = {
132 'out': privateCertPath,
136 await opensslExecPromise('genrsa', genRsaOptions)
137 logger.info('RSA key generated.')
138 logger.info('Managing public key...')
140 const publicCertPath = join(CONFIG.STORAGE.CERT_DIR, 'peertube.pub')
142 'in': privateCertPath,
144 'out': publicCertPath
147 await opensslExecPromise('rsa', rsaOptions)