1 /* tslint:disable:no-unused-expression */
4 import { expect } from 'chai'
5 import { buildRequestStub } from '../../../../shared/extra-utils/miscs/stubs'
6 import { isHTTPSignatureVerified, isJsonLDSignatureVerified, parseHTTPSignature } from '../../../helpers/peertube-crypto'
7 import { cloneDeep } from 'lodash'
8 import { buildSignedActivity } from '../../../helpers/activitypub'
10 describe('Test activity pub helpers', function () {
11 describe('When checking the Linked Signature', function () {
13 it('Should fail with an invalid Mastodon signature', async function () {
14 const body = require('./json/mastodon/create-bad-signature.json')
15 const publicKey = require('./json/mastodon/public-key.json').publicKey
16 const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' }
18 const result = await isJsonLDSignatureVerified(fromActor as any, body)
20 expect(result).to.be.false
23 it('Should fail with an invalid public key', async function () {
24 const body = require('./json/mastodon/create.json')
25 const publicKey = require('./json/mastodon/bad-public-key.json').publicKey
26 const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' }
28 const result = await isJsonLDSignatureVerified(fromActor as any, body)
30 expect(result).to.be.false
33 it('Should succeed with a valid Mastodon signature', async function () {
34 const body = require('./json/mastodon/create.json')
35 const publicKey = require('./json/mastodon/public-key.json').publicKey
36 const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' }
38 const result = await isJsonLDSignatureVerified(fromActor as any, body)
40 expect(result).to.be.true
43 it('Should fail with an invalid PeerTube signature', async function () {
44 const keys = require('./json/peertube/invalid-keys.json')
45 const body = require('./json/peertube/announce-without-context.json')
47 const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey }
48 const signedBody = await buildSignedActivity(actorSignature as any, body)
50 const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' }
51 const result = await isJsonLDSignatureVerified(fromActor as any, signedBody)
53 expect(result).to.be.false
56 it('Should succeed with a valid PeerTube signature', async function () {
57 const keys = require('./json/peertube/keys.json')
58 const body = require('./json/peertube/announce-without-context.json')
60 const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey }
61 const signedBody = await buildSignedActivity(actorSignature as any, body)
63 const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' }
64 const result = await isJsonLDSignatureVerified(fromActor as any, signedBody)
66 expect(result).to.be.true
70 describe('When checking HTTP signature', function () {
71 it('Should fail with an invalid http signature', async function () {
72 const req = buildRequestStub()
74 req.url = '/accounts/ronan/inbox'
76 const mastodonObject = cloneDeep(require('./json/mastodon/bad-http-signature.json'))
77 req.body = mastodonObject.body
78 req.headers = mastodonObject.headers
79 req.headers.signature = 'Signature ' + req.headers.signature
81 const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
82 const publicKey = require('./json/mastodon/public-key.json').publicKey
84 const actor = { publicKey }
85 const verified = isHTTPSignatureVerified(parsed, actor as any)
87 expect(verified).to.be.false
90 it('Should fail with an invalid public key', async function () {
91 const req = buildRequestStub()
93 req.url = '/accounts/ronan/inbox'
95 const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json'))
96 req.body = mastodonObject.body
97 req.headers = mastodonObject.headers
98 req.headers.signature = 'Signature ' + req.headers.signature
100 const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
101 const publicKey = require('./json/mastodon/bad-public-key.json').publicKey
103 const actor = { publicKey }
104 const verified = isHTTPSignatureVerified(parsed, actor as any)
106 expect(verified).to.be.false
109 it('Should fail because of clock skew', async function () {
110 const req = buildRequestStub()
112 req.url = '/accounts/ronan/inbox'
114 const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json'))
115 req.body = mastodonObject.body
116 req.headers = mastodonObject.headers
117 req.headers.signature = 'Signature ' + req.headers.signature
121 parseHTTPSignature(req)
126 expect(errored).to.be.true
129 it('Should fail without scheme', async function () {
130 const req = buildRequestStub()
132 req.url = '/accounts/ronan/inbox'
134 const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json'))
135 req.body = mastodonObject.body
136 req.headers = mastodonObject.headers
140 parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
145 expect(errored).to.be.true
148 it('Should succeed with a valid signature', async function () {
149 const req = buildRequestStub()
151 req.url = '/accounts/ronan/inbox'
153 const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json'))
154 req.body = mastodonObject.body
155 req.headers = mastodonObject.headers
156 req.headers.signature = 'Signature ' + req.headers.signature
158 const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
159 const publicKey = require('./json/mastodon/public-key.json').publicKey
161 const actor = { publicKey }
162 const verified = isHTTPSignatureVerified(parsed, actor as any)
164 expect(verified).to.be.true