import * as crypto from 'crypto'
-import * as bcrypt from 'bcrypt'
-import * as fs from 'fs'
-import * as openssl from 'openssl-wrapper'
+import * as Promise from 'bluebird'
import { join } from 'path'
import {
BCRYPT_SALT_SIZE,
PUBLIC_CERT_NAME
} from '../initializers'
+import {
+ readFilePromise,
+ bcryptComparePromise,
+ bcryptGenSaltPromise,
+ bcryptHashPromise,
+ accessPromise,
+ opensslExecPromise
+} from './core-utils'
import { logger } from './logger'
-function checkSignature (publicKey, data, hexSignature) {
+function checkSignature (publicKey: string, data: string, hexSignature: string) {
const verify = crypto.createVerify(SIGNATURE_ALGORITHM)
let dataString
try {
dataString = JSON.stringify(data)
} catch (err) {
- logger.error('Cannot check signature.', { error: err })
+ logger.error('Cannot check signature.', err)
return false
}
}
return isValid
}
-function sign (data) {
+function sign (data: string|Object) {
const sign = crypto.createSign(SIGNATURE_ALGORITHM)
- let dataString
+ let dataString: string
if (typeof data === 'string') {
dataString = data
} else {
try {
dataString = JSON.stringify(data)
} catch (err) {
- logger.error('Cannot sign data.', { error: err })
- return ''
+ logger.error('Cannot sign data.', err)
+ return Promise.resolve('')
}
}
sign.update(dataString, 'utf8')
- // TODO: make async
- const certPath = join(CONFIG.STORAGE.CERT_DIR, PRIVATE_CERT_NAME)
- const myKey = fs.readFileSync(certPath)
- const signature = sign.sign(myKey.toString(), SIGNATURE_ENCODING)
-
- return signature
-}
-
-function comparePassword (plainPassword, hashPassword, callback) {
- bcrypt.compare(plainPassword, hashPassword, function (err, isPasswordMatch) {
- if (err) return callback(err)
-
- return callback(null, isPasswordMatch)
+ return getMyPrivateCert().then(myKey => {
+ return sign.sign(myKey, SIGNATURE_ENCODING)
})
}
-function createCertsIfNotExist (callback) {
- certsExist(function (err, exist) {
- if (err) return callback(err)
+function comparePassword (plainPassword: string, hashPassword: string) {
+ return bcryptComparePromise(plainPassword, hashPassword)
+}
+function createCertsIfNotExist () {
+ return certsExist().then(exist => {
if (exist === true) {
- return callback(null)
+ return undefined
}
- createCerts(function (err) {
- return callback(err)
- })
+ return createCerts()
})
}
-function cryptPassword (password, callback) {
- bcrypt.genSalt(BCRYPT_SALT_SIZE, function (err, salt) {
- if (err) return callback(err)
-
- bcrypt.hash(password, salt, function (err, hash) {
- return callback(err, hash)
- })
- })
+function cryptPassword (password: string) {
+ return bcryptGenSaltPromise(BCRYPT_SALT_SIZE).then(salt => bcryptHashPromise(password, salt))
}
-function getMyPrivateCert (callback) {
+function getMyPrivateCert () {
const certPath = join(CONFIG.STORAGE.CERT_DIR, PRIVATE_CERT_NAME)
- fs.readFile(certPath, 'utf8', callback)
+ return readFilePromise(certPath, 'utf8')
}
-function getMyPublicCert (callback) {
+function getMyPublicCert () {
const certPath = join(CONFIG.STORAGE.CERT_DIR, PUBLIC_CERT_NAME)
- fs.readFile(certPath, 'utf8', callback)
+ return readFilePromise(certPath, 'utf8')
}
// ---------------------------------------------------------------------------
// ---------------------------------------------------------------------------
-function certsExist (callback) {
+function certsExist () {
const certPath = join(CONFIG.STORAGE.CERT_DIR, PRIVATE_CERT_NAME)
- fs.access(certPath, function (err) {
- // If there is an error the certificates do not exist
- const exists = !err
- return callback(null, exists)
- })
-}
-function createCerts (callback) {
- certsExist(function (err, exist) {
- if (err) return callback(err)
+ // If there is an error the certificates do not exist
+ return accessPromise(certPath)
+ .then(() => true)
+ .catch(() => false)
+}
+function createCerts () {
+ return certsExist().then(exist => {
if (exist === true) {
- const string = 'Certs already exist.'
- logger.warning(string)
- return callback(new Error(string))
+ const errorMessage = 'Certs already exist.'
+ logger.warning(errorMessage)
+ throw new Error(errorMessage)
}
logger.info('Generating a RSA key...')
'out': privateCertPath,
'2048': false
}
- openssl.exec('genrsa', genRsaOptions, function (err) {
- if (err) {
- logger.error('Cannot create private key on this pod.')
- return callback(err)
- }
-
- logger.info('RSA key generated.')
- logger.info('Managing public key...')
-
- const publicCertPath = join(CONFIG.STORAGE.CERT_DIR, 'peertube.pub')
- const rsaOptions = {
- 'in': privateCertPath,
- 'pubout': true,
- 'out': publicCertPath
- }
- openssl.exec('rsa', rsaOptions, function (err) {
- if (err) {
- logger.error('Cannot create public key on this pod.')
- return callback(err)
+ return opensslExecPromise('genrsa', genRsaOptions)
+ .then(() => {
+ logger.info('RSA key generated.')
+ logger.info('Managing public key...')
+
+ const publicCertPath = join(CONFIG.STORAGE.CERT_DIR, 'peertube.pub')
+ const rsaOptions = {
+ 'in': privateCertPath,
+ 'pubout': true,
+ 'out': publicCertPath
}
-
- logger.info('Public key managed.')
- return callback(null)
+ return opensslExecPromise('rsa', rsaOptions)
+ .then(() => logger.info('Public key managed.'))
+ .catch(err => {
+ logger.error('Cannot create public key on this pod.')
+ throw err
+ })
+ })
+ .catch(err => {
+ logger.error('Cannot create private key on this pod.')
+ throw err
})
- })
})
}