X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fhelpers%2Fpeertube-crypto.ts;h=89aef99c48e43a0c3d1195de7b86f6380bc97a77;hb=93e1258c7cbc0d1235ca6d2a1f7c1875985328b8;hp=feb32a4cd7a2374425c4342a8bdce0a03b904cb1;hpb=4d4e5cd4dca78480ec7f40e747f424cd107376a4;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/helpers/peertube-crypto.ts b/server/helpers/peertube-crypto.ts index feb32a4cd..89aef99c4 100644 --- a/server/helpers/peertube-crypto.ts +++ b/server/helpers/peertube-crypto.ts @@ -1,7 +1,5 @@ import * as crypto from 'crypto' -import * as bcrypt from 'bcrypt' -import * as fs from 'fs' -import * as openssl from 'openssl-wrapper' +import * as Promise from 'bluebird' import { join } from 'path' import { @@ -12,9 +10,17 @@ import { BCRYPT_SALT_SIZE, PUBLIC_CERT_NAME } from '../initializers' +import { + readFilePromise, + bcryptComparePromise, + bcryptGenSaltPromise, + bcryptHashPromise, + accessPromise, + opensslExecPromise +} from './core-utils' import { logger } from './logger' -function checkSignature (publicKey, data, hexSignature) { +function checkSignature (publicKey: string, data: string, hexSignature: string) { const verify = crypto.createVerify(SIGNATURE_ALGORITHM) let dataString @@ -24,7 +30,7 @@ function checkSignature (publicKey, data, hexSignature) { try { dataString = JSON.stringify(data) } catch (err) { - logger.error('Cannot check signature.', { error: err }) + logger.error('Cannot check signature.', err) return false } } @@ -35,71 +41,54 @@ function checkSignature (publicKey, data, hexSignature) { return isValid } -function sign (data) { +function sign (data: string|Object) { const sign = crypto.createSign(SIGNATURE_ALGORITHM) - let dataString + let dataString: string if (typeof data === 'string') { dataString = data } else { try { dataString = JSON.stringify(data) } catch (err) { - logger.error('Cannot sign data.', { error: err }) - return '' + logger.error('Cannot sign data.', err) + return Promise.resolve('') } } sign.update(dataString, 'utf8') - // TODO: make async - const certPath = join(CONFIG.STORAGE.CERT_DIR, PRIVATE_CERT_NAME) - const myKey = fs.readFileSync(certPath) - const signature = sign.sign(myKey.toString(), SIGNATURE_ENCODING) - - return signature -} - -function comparePassword (plainPassword, hashPassword, callback) { - bcrypt.compare(plainPassword, hashPassword, function (err, isPasswordMatch) { - if (err) return callback(err) - - return callback(null, isPasswordMatch) + return getMyPrivateCert().then(myKey => { + return sign.sign(myKey, SIGNATURE_ENCODING) }) } -function createCertsIfNotExist (callback) { - certsExist(function (err, exist) { - if (err) return callback(err) +function comparePassword (plainPassword: string, hashPassword: string) { + return bcryptComparePromise(plainPassword, hashPassword) +} +function createCertsIfNotExist () { + return certsExist().then(exist => { if (exist === true) { - return callback(null) + return undefined } - createCerts(function (err) { - return callback(err) - }) + return createCerts() }) } -function cryptPassword (password, callback) { - bcrypt.genSalt(BCRYPT_SALT_SIZE, function (err, salt) { - if (err) return callback(err) - - bcrypt.hash(password, salt, function (err, hash) { - return callback(err, hash) - }) - }) +function cryptPassword (password: string) { + return bcryptGenSaltPromise(BCRYPT_SALT_SIZE).then(salt => bcryptHashPromise(password, salt)) } -function getMyPrivateCert (callback) { +function getMyPrivateCert () { const certPath = join(CONFIG.STORAGE.CERT_DIR, PRIVATE_CERT_NAME) - fs.readFile(certPath, 'utf8', callback) + return readFilePromise(certPath, 'utf8') } -function getMyPublicCert (callback) { +function getMyPublicCert () { const certPath = join(CONFIG.STORAGE.CERT_DIR, PUBLIC_CERT_NAME) - fs.readFile(certPath, 'utf8', callback) + return readFilePromise(certPath, 'utf8') } // --------------------------------------------------------------------------- @@ -116,23 +105,21 @@ export { // --------------------------------------------------------------------------- -function certsExist (callback) { +function certsExist () { const certPath = join(CONFIG.STORAGE.CERT_DIR, PRIVATE_CERT_NAME) - fs.access(certPath, function (err) { - // If there is an error the certificates do not exist - const exists = !err - return callback(null, exists) - }) -} -function createCerts (callback) { - certsExist(function (err, exist) { - if (err) return callback(err) + // If there is an error the certificates do not exist + return accessPromise(certPath) + .then(() => true) + .catch(() => false) +} +function createCerts () { + return certsExist().then(exist => { if (exist === true) { - const string = 'Certs already exist.' - logger.warning(string) - return callback(new Error(string)) + const errorMessage = 'Certs already exist.' + logger.warning(errorMessage) + throw new Error(errorMessage) } logger.info('Generating a RSA key...') @@ -142,30 +129,27 @@ function createCerts (callback) { 'out': privateCertPath, '2048': false } - openssl.exec('genrsa', genRsaOptions, function (err) { - if (err) { - logger.error('Cannot create private key on this pod.') - return callback(err) - } - - logger.info('RSA key generated.') - logger.info('Managing public key...') - - const publicCertPath = join(CONFIG.STORAGE.CERT_DIR, 'peertube.pub') - const rsaOptions = { - 'in': privateCertPath, - 'pubout': true, - 'out': publicCertPath - } - openssl.exec('rsa', rsaOptions, function (err) { - if (err) { - logger.error('Cannot create public key on this pod.') - return callback(err) + return opensslExecPromise('genrsa', genRsaOptions) + .then(() => { + logger.info('RSA key generated.') + logger.info('Managing public key...') + + const publicCertPath = join(CONFIG.STORAGE.CERT_DIR, 'peertube.pub') + const rsaOptions = { + 'in': privateCertPath, + 'pubout': true, + 'out': publicCertPath } - - logger.info('Public key managed.') - return callback(null) + return opensslExecPromise('rsa', rsaOptions) + .then(() => logger.info('Public key managed.')) + .catch(err => { + logger.error('Cannot create public key on this pod.') + throw err + }) + }) + .catch(err => { + logger.error('Cannot create private key on this pod.') + throw err }) - }) }) }