1 import { Request } from 'express'
2 import { BCRYPT_SALT_SIZE, HTTP_SIGNATURE, PRIVATE_RSA_KEY_SIZE } from '../initializers'
3 import { ActorModel } from '../models/activitypub/actor'
4 import { bcryptComparePromise, bcryptGenSaltPromise, bcryptHashPromise, createPrivateKey, getPublicKey } from './core-utils'
5 import { jsig } from './custom-jsonld-signature'
6 import { logger } from './logger'
8 const httpSignature = require('http-signature')
10 async function createPrivateAndPublicKeys () {
11 logger.info('Generating a RSA key...')
13 const { key } = await createPrivateKey(PRIVATE_RSA_KEY_SIZE)
14 const { publicKey } = await getPublicKey(key)
16 return { privateKey: key, publicKey }
19 // User password checks
21 function comparePassword (plainPassword: string, hashPassword: string) {
22 return bcryptComparePromise(plainPassword, hashPassword)
25 async function cryptPassword (password: string) {
26 const salt = await bcryptGenSaltPromise(BCRYPT_SALT_SIZE)
28 return bcryptHashPromise(password, salt)
33 function isHTTPSignatureVerified (httpSignatureParsed: any, actor: ActorModel) {
34 return httpSignature.verifySignature(httpSignatureParsed, actor.publicKey) === true
37 function parseHTTPSignature (req: Request) {
38 return httpSignature.parse(req, { authorizationHeaderName: HTTP_SIGNATURE.HEADER_NAME })
43 function isJsonLDSignatureVerified (fromActor: ActorModel, signedDocument: any) {
44 const publicKeyObject = {
45 '@context': jsig.SECURITY_CONTEXT_URL,
47 type: 'CryptographicKey',
49 publicKeyPem: fromActor.publicKey
52 const publicKeyOwnerObject = {
53 '@context': jsig.SECURITY_CONTEXT_URL,
55 publicKey: [ publicKeyObject ]
59 publicKey: publicKeyObject,
60 publicKeyOwner: publicKeyOwnerObject
64 .verify(signedDocument, options)
65 .then((result: { verified: boolean }) => {
66 logger.info('coucou', result)
67 return result.verified
70 logger.error('Cannot check signature.', { err })
75 function signJsonLDObject (byActor: ActorModel, data: any) {
77 privateKeyPem: byActor.privateKey,
79 algorithm: 'RsaSignature2017'
82 return jsig.promises.sign(data, options)
85 // ---------------------------------------------------------------------------
89 isHTTPSignatureVerified,
90 isJsonLDSignatureVerified,
92 createPrivateAndPublicKeys,