1 import { compare, genSalt, hash } from 'bcrypt'
2 import { createCipheriv, createDecipheriv, createSign, createVerify } from 'crypto'
3 import { Request } from 'express'
4 import { cloneDeep } from 'lodash'
5 import { promisify1, promisify2 } from '@shared/core-utils'
6 import { sha256 } from '@shared/extra-utils'
7 import { BCRYPT_SALT_SIZE, ENCRYPTION, HTTP_SIGNATURE, PRIVATE_RSA_KEY_SIZE } from '../initializers/constants'
8 import { MActor } from '../types/models'
9 import { generateRSAKeyPairPromise, randomBytesPromise, scryptPromise } from './core-utils'
10 import { jsonld } from './custom-jsonld-signature'
11 import { logger } from './logger'
13 const bcryptComparePromise = promisify2<any, string, boolean>(compare)
14 const bcryptGenSaltPromise = promisify1<number, string>(genSalt)
15 const bcryptHashPromise = promisify2<any, string | number, string>(hash)
17 const httpSignature = require('@peertube/http-signature')
19 function createPrivateAndPublicKeys () {
20 logger.info('Generating a RSA key...')
22 return generateRSAKeyPairPromise(PRIVATE_RSA_KEY_SIZE)
25 // ---------------------------------------------------------------------------
26 // User password checks
27 // ---------------------------------------------------------------------------
29 function comparePassword (plainPassword: string, hashPassword: string) {
30 if (!plainPassword) return Promise.resolve(false)
32 return bcryptComparePromise(plainPassword, hashPassword)
35 async function cryptPassword (password: string) {
36 const salt = await bcryptGenSaltPromise(BCRYPT_SALT_SIZE)
38 return bcryptHashPromise(password, salt)
41 // ---------------------------------------------------------------------------
43 // ---------------------------------------------------------------------------
45 function isHTTPSignatureDigestValid (rawBody: Buffer, req: Request): boolean {
46 if (req.headers[HTTP_SIGNATURE.HEADER_NAME] && req.headers['digest']) {
47 return buildDigest(rawBody.toString()) === req.headers['digest']
53 function isHTTPSignatureVerified (httpSignatureParsed: any, actor: MActor): boolean {
54 return httpSignature.verifySignature(httpSignatureParsed, actor.publicKey) === true
57 function parseHTTPSignature (req: Request, clockSkew?: number) {
58 const requiredHeaders = req.method === 'POST'
59 ? [ '(request-target)', 'host', 'digest' ]
60 : [ '(request-target)', 'host' ]
62 const parsed = httpSignature.parse(req, { clockSkew, headers: requiredHeaders })
64 const parsedHeaders = parsed.params.headers
65 if (!parsedHeaders.includes('date') && !parsedHeaders.includes('(created)')) {
66 throw new Error(`date or (created) must be included in signature`)
72 // ---------------------------------------------------------------------------
74 // ---------------------------------------------------------------------------
76 function isJsonLDSignatureVerified (fromActor: MActor, signedDocument: any): Promise<boolean> {
77 if (signedDocument.signature.type === 'RsaSignature2017') {
78 return isJsonLDRSA2017Verified(fromActor, signedDocument)
81 logger.warn('Unknown JSON LD signature %s.', signedDocument.signature.type, signedDocument)
83 return Promise.resolve(false)
86 // Backward compatibility with "other" implementations
87 async function isJsonLDRSA2017Verified (fromActor: MActor, signedDocument: any) {
88 const [ documentHash, optionsHash ] = await Promise.all([
89 createDocWithoutSignatureHash(signedDocument),
90 createSignatureHash(signedDocument.signature)
93 const toVerify = optionsHash + documentHash
95 const verify = createVerify('RSA-SHA256')
96 verify.update(toVerify, 'utf8')
98 return verify.verify(fromActor.publicKey, signedDocument.signature.signatureValue, 'base64')
101 async function signJsonLDObject <T> (byActor: MActor, data: T) {
103 type: 'RsaSignature2017',
104 creator: byActor.url,
105 created: new Date().toISOString()
108 const [ documentHash, optionsHash ] = await Promise.all([
109 createDocWithoutSignatureHash(data),
110 createSignatureHash(signature)
113 const toSign = optionsHash + documentHash
115 const sign = createSign('RSA-SHA256')
116 sign.update(toSign, 'utf8')
118 const signatureValue = sign.sign(byActor.privateKey, 'base64')
119 Object.assign(signature, { signatureValue })
121 return Object.assign(data, { signature })
124 // ---------------------------------------------------------------------------
126 function buildDigest (body: any) {
127 const rawBody = typeof body === 'string' ? body : JSON.stringify(body)
129 return 'SHA-256=' + sha256(rawBody, 'base64')
132 // ---------------------------------------------------------------------------
134 // ---------------------------------------------------------------------------
136 async function encrypt (str: string, secret: string) {
137 const iv = await randomBytesPromise(ENCRYPTION.IV)
139 const key = await scryptPromise(secret, ENCRYPTION.SALT, 32)
140 const cipher = createCipheriv(ENCRYPTION.ALGORITHM, key, iv)
142 let encrypted = iv.toString(ENCRYPTION.ENCODING) + ':'
143 encrypted += cipher.update(str, 'utf8', ENCRYPTION.ENCODING)
144 encrypted += cipher.final(ENCRYPTION.ENCODING)
149 async function decrypt (encryptedArg: string, secret: string) {
150 const [ ivStr, encryptedStr ] = encryptedArg.split(':')
152 const iv = Buffer.from(ivStr, 'hex')
153 const key = await scryptPromise(secret, ENCRYPTION.SALT, 32)
155 const decipher = createDecipheriv(ENCRYPTION.ALGORITHM, key, iv)
157 return decipher.update(encryptedStr, ENCRYPTION.ENCODING, 'utf8') + decipher.final('utf8')
160 // ---------------------------------------------------------------------------
163 isHTTPSignatureDigestValid,
165 isHTTPSignatureVerified,
167 isJsonLDSignatureVerified,
169 createPrivateAndPublicKeys,
177 // ---------------------------------------------------------------------------
179 function hashObject (obj: any): Promise<any> {
180 return jsonld.promises.normalize(obj, {
182 algorithm: 'URDNA2015',
183 format: 'application/n-quads'
184 }).then(res => sha256(res))
187 function createSignatureHash (signature: any) {
188 const signatureCopy = cloneDeep(signature)
189 Object.assign(signatureCopy, {
191 'https://w3id.org/security/v1',
192 { RsaSignature2017: 'https://w3id.org/security#RsaSignature2017' }
196 delete signatureCopy.type
197 delete signatureCopy.id
198 delete signatureCopy.signatureValue
200 return hashObject(signatureCopy)
203 function createDocWithoutSignatureHash (doc: any) {
204 const docWithoutSignature = cloneDeep(doc)
205 delete docWithoutSignature.signature
207 return hashObject(docWithoutSignature)