aboutsummaryrefslogblamecommitdiffhomepage
path: root/server/helpers/peertube-crypto.ts
blob: cb5f272401dcd23828c1a2a2cd414108ebb62b20 (plain) (tree) 
41f2ebae4


50d6de9c2

8d468a16f

9a27cdc27

8d468a16f

9f10b2928

41f2ebae4


e4f97babf


bdfbd4f16

e4f97babf


bdfbd4f16

e4f97babf

9f10b2928


41f2ebae4

























e4f97babf


41f2ebae4


50d6de9c2


bdfbd4f16


e4f97babf


41f2ebae4

e4f97babf


bdfbd4f16

e4f97babf




bdfbd4f16

41f2ebae4










26d7d31ba


41f2ebae4

e4f97babf

50d6de9c2

ce33ee01c


f5028693a

9f10b2928

efc32059d

e4f97babf


9f10b2928

dac0a5319

65fcc3119

41f2ebae4



65fcc3119

e4f97babf

65fcc3119

41f2ebae4

9f10b2928

1
2

3

4

5

6

7

8
9

10
11

12

13
14

15

16

17
18

19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43

44
45

46
47

48
49

50
51

52
53

54

55
56

57

58
59
60
61

62

63
64
65
66
67
68
69
70
71
72

73
74

75

76

77

78
79

80

81

82

83
84

85

86

87

88
89
90

91

92

93

94

95


                                                                                        
                                                        
                                                                                                                            
                                                
                                 
 

                                               

                                              
 

                                                              
 
                                       

 
























                                                                                          

                                          

                              

                                     

   

                                          
                      

                                  
 



                                        
 









                                                               

 
                                                            
                   
                                      

                                 
   
 
                                          

 
                                                                              
 
        


                            
                  
                             
                
                  
 
import { Request } from 'express'
import { BCRYPT_SALT_SIZE, HTTP_SIGNATURE, PRIVATE_RSA_KEY_SIZE } from '../initializers'
import { ActorModel } from '../models/activitypub/actor'
import { bcryptComparePromise, bcryptGenSaltPromise, bcryptHashPromise, createPrivateKey, getPublicKey } from './core-utils'
import { jsig } from './custom-jsonld-signature'
import { logger } from './logger'

const httpSignature = require('http-signature')

async function createPrivateAndPublicKeys () {
  logger.info('Generating a RSA key...')

  const { key } = await createPrivateKey(PRIVATE_RSA_KEY_SIZE)
  const { publicKey } = await getPublicKey(key)

  return { privateKey: key, publicKey }
}

// User password checks

function comparePassword (plainPassword: string, hashPassword: string) {
  return bcryptComparePromise(plainPassword, hashPassword)
}

async function cryptPassword (password: string) {
  const salt = await bcryptGenSaltPromise(BCRYPT_SALT_SIZE)

  return bcryptHashPromise(password, salt)
}

// HTTP Signature

function isHTTPSignatureVerified (httpSignatureParsed: any, actor: ActorModel) {
  return httpSignature.verifySignature(httpSignatureParsed, actor.publicKey) === true
}

function parseHTTPSignature (req: Request) {
  return httpSignature.parse(req, { authorizationHeaderName: HTTP_SIGNATURE.HEADER_NAME })
}

// JSONLD

function isJsonLDSignatureVerified (fromActor: ActorModel, signedDocument: any) {
  const publicKeyObject = {
    '@context': jsig.SECURITY_CONTEXT_URL,
    id: fromActor.url,
    type:  'CryptographicKey',
    owner: fromActor.url,
    publicKeyPem: fromActor.publicKey
  }

  const publicKeyOwnerObject = {
    '@context': jsig.SECURITY_CONTEXT_URL,
    id: fromActor.url,
    publicKey: [ publicKeyObject ]
  }

  const options = {
    publicKey: publicKeyObject,
    publicKeyOwner: publicKeyOwnerObject
  }

  return jsig.promises
             .verify(signedDocument, options)
             .then((result: { verified: boolean }) => {
               logger.info('coucou', result)
               return result.verified
             })
             .catch(err => {
               logger.error('Cannot check signature.', { err })
               return false
             })
}

function signJsonLDObject (byActor: ActorModel, data: any) {
  const options = {
    privateKeyPem: byActor.privateKey,
    creator: byActor.url,
    algorithm: 'RsaSignature2017'
  }

  return jsig.promises.sign(data, options)
}

// ---------------------------------------------------------------------------

export {
  parseHTTPSignature,
  isHTTPSignatureVerified,
  isJsonLDSignatureVerified,
  comparePassword,
  createPrivateAndPublicKeys,
  cryptPassword,
  signJsonLDObject
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-27 20:24:09 +0000