1 import * as crypto from 'crypto'
2 import * as Promise from 'bluebird'
3 import { join } from 'path'
12 } from '../initializers'
21 import { logger } from './logger'
23 function checkSignature (publicKey: string, data: string, hexSignature: string) {
24 const verify = crypto.createVerify(SIGNATURE_ALGORITHM)
27 if (typeof data === 'string') {
31 dataString = JSON.stringify(data)
33 logger.error('Cannot check signature.', err)
38 verify.update(dataString, 'utf8')
40 const isValid = verify.verify(publicKey, hexSignature, SIGNATURE_ENCODING)
44 function sign (data: string|Object) {
45 const sign = crypto.createSign(SIGNATURE_ALGORITHM)
47 let dataString: string
48 if (typeof data === 'string') {
52 dataString = JSON.stringify(data)
54 logger.error('Cannot sign data.', err)
55 return Promise.resolve('')
59 sign.update(dataString, 'utf8')
61 return getMyPrivateCert().then(myKey => {
62 return sign.sign(myKey, SIGNATURE_ENCODING)
66 function comparePassword (plainPassword: string, hashPassword: string) {
67 return bcryptComparePromise(plainPassword, hashPassword)
70 function createCertsIfNotExist () {
71 return certsExist().then(exist => {
80 function cryptPassword (password: string) {
81 return bcryptGenSaltPromise(BCRYPT_SALT_SIZE).then(salt => bcryptHashPromise(password, salt))
84 function getMyPrivateCert () {
85 const certPath = join(CONFIG.STORAGE.CERT_DIR, PRIVATE_CERT_NAME)
86 return readFilePromise(certPath, 'utf8')
89 function getMyPublicCert () {
90 const certPath = join(CONFIG.STORAGE.CERT_DIR, PUBLIC_CERT_NAME)
91 return readFilePromise(certPath, 'utf8')
94 // ---------------------------------------------------------------------------
99 createCertsIfNotExist,
106 // ---------------------------------------------------------------------------
108 function certsExist () {
109 const certPath = join(CONFIG.STORAGE.CERT_DIR, PRIVATE_CERT_NAME)
111 // If there is an error the certificates do not exist
112 return accessPromise(certPath)
117 function createCerts () {
118 return certsExist().then(exist => {
119 if (exist === true) {
120 const errorMessage = 'Certs already exist.'
121 logger.warning(errorMessage)
122 throw new Error(errorMessage)
125 logger.info('Generating a RSA key...')
127 const privateCertPath = join(CONFIG.STORAGE.CERT_DIR, PRIVATE_CERT_NAME)
128 const genRsaOptions = {
129 'out': privateCertPath,
132 return opensslExecPromise('genrsa', genRsaOptions)
134 logger.info('RSA key generated.')
135 logger.info('Managing public key...')
137 const publicCertPath = join(CONFIG.STORAGE.CERT_DIR, 'peertube.pub')
139 'in': privateCertPath,
141 'out': publicCertPath
143 return opensslExecPromise('rsa', rsaOptions)
144 .then(() => logger.info('Public key managed.'))
146 logger.error('Cannot create public key on this pod.')
151 logger.error('Cannot create private key on this pod.')