- getCertDir: getCertDir,
- certsExist: certsExist,
- cleanForExit: cleanForExit,
- createCerts: createCerts,
- createCertsIfNotExist: createCertsIfNotExist,
- generatePassword: generatePassword,
- makeMultipleRetryRequest: makeMultipleRetryRequest,
- symetricEncrypt: symetricEncrypt,
- symetricDecrypt: symetricDecrypt
- }
-
- function getCertDir () {
- return certDir
- }
-
- function makeMultipleRetryRequest (all_data, pods, callbackEach, callback) {
- if (!callback) {
- callback = callbackEach
- callbackEach = null
- }
-
- var url = http + '://' + host + ':' + port
- var signature
-
- // Add signature if it is specified in the params
- if (all_data.method === 'POST' && all_data.data && all_data.sign === true) {
- var myKey = ursa.createPrivateKey(fs.readFileSync(certDir + 'peertube.key.pem'))
- signature = myKey.hashAndSign('sha256', url, 'utf8', 'hex')
- }
-
- // Make a request for each pod
- async.each(pods, function (pod, callback_each_async) {
- function callbackEachRetryRequest (err, response, body, url, pod) {
- if (callbackEach !== null) {
- callbackEach(err, response, body, url, pod, function () {
- callback_each_async()
- })
- } else {
- callback_each_async()
- }
- }
-
- var params = {
- url: pod.url + all_data.path,
- method: all_data.method
- }
-
- // Add data with POST requst ?
- if (all_data.method === 'POST' && all_data.data) {
- // Encrypt data ?
- if (all_data.encrypt === true) {
- var crt = ursa.createPublicKey(pod.publicKey)
-
- // TODO: ES6 with let
- ;(function (crt_copy, copy_params, copy_url, copy_pod, copy_signature) {
- symetricEncrypt(JSON.stringify(all_data.data), function (err, dataEncrypted) {
- if (err) throw err
-
- var passwordEncrypted = crt_copy.encrypt(dataEncrypted.password, 'utf8', 'hex')
- copy_params.json = {
- data: dataEncrypted.crypted,
- key: passwordEncrypted
- }
-
- makeRetryRequest(copy_params, copy_url, copy_pod, copy_signature, callbackEachRetryRequest)
- })
- })(crt, params, url, pod, signature)
- } else {
- params.json = { data: all_data.data }
- makeRetryRequest(params, url, pod, signature, callbackEachRetryRequest)
- }
- } else {
- makeRetryRequest(params, url, pod, signature, callbackEachRetryRequest)
- }
- }, callback)
- }
-
- function certsExist (callback) {
- fs.exists(certDir + 'peertube.key.pem', function (exists) {
- return callback(exists)
- })
- }
-
- function createCerts (callback) {
- certsExist(function (exist) {
- if (exist === true) {
- var string = 'Certs already exist.'
- logger.warning(string)
- return callback(new Error(string))
- }
-
- logger.info('Generating a RSA key...')
- openssl.exec('genrsa', { 'out': certDir + 'peertube.key.pem', '2048': false }, function (err) {
- if (err) {
- logger.error('Cannot create private key on this pod.', { error: err })
- return callback(err)
- }
- logger.info('RSA key generated.')
-
- logger.info('Manage public key...')
- openssl.exec('rsa', { 'in': certDir + 'peertube.key.pem', 'pubout': true, 'out': certDir + 'peertube.pub' }, function (err) {
- if (err) {
- logger.error('Cannot create public key on this pod .', { error: err })
- return callback(err)
- }
-
- logger.info('Public key managed.')
- return callback(null)
- })
- })
- })
- }
-
- function createCertsIfNotExist (callback) {
- certsExist(function (exist) {
- if (exist === true) {
- return callback(null)
- }
-
- createCerts(function (err) {
- return callback(err)
- })
- })
- }
-
- function generatePassword (callback) {
- crypto.randomBytes(32, function (err, buf) {
- if (err) {
- return callback(err)
- }
-
- callback(null, buf.toString('utf8'))
- })
- }
-
- function symetricEncrypt (text, callback) {
- generatePassword(function (err, password) {
- if (err) {
- return callback(err)
- }
-
- var cipher = crypto.createCipher(algorithm, password)
- var crypted = cipher.update(text, 'utf8', 'hex')
- crypted += cipher.final('hex')
- callback(null, { crypted: crypted, password: password })
- })
- }
-
- function symetricDecrypt (text, password) {
- var decipher = crypto.createDecipher(algorithm, password)
- var dec = decipher.update(text, 'hex', 'utf8')
- dec += decipher.final('utf8')
- return dec