aboutsummaryrefslogtreecommitdiffhomepage
path: root/helpers
diff options
context:
space:
mode:
authorChocobozzz <florian.bigard@gmail.com>2016-02-05 18:03:20 +0100
committerChocobozzz <florian.bigard@gmail.com>2016-02-05 18:03:20 +0100
commitdac0a5319ab1c52a0958647b1593f85339b77e29 (patch)
tree716bc9e7e0b9fd3a7066530e50e73991fb278d05 /helpers
parenta5fa04b0cce851f680a45055f57ed2c3d22f1c82 (diff)
downloadPeerTube-dac0a5319ab1c52a0958647b1593f85339b77e29.tar.gz
PeerTube-dac0a5319ab1c52a0958647b1593f85339b77e29.tar.zst
PeerTube-dac0a5319ab1c52a0958647b1593f85339b77e29.zip
Split utils file
Diffstat (limited to 'helpers')
-rw-r--r--helpers/peertubeCrypto.js152
-rw-r--r--helpers/requests.js111
-rw-r--r--helpers/utils.js199
3 files changed, 264 insertions, 198 deletions
diff --git a/helpers/peertubeCrypto.js b/helpers/peertubeCrypto.js
new file mode 100644
index 000000000..3e757659b
--- /dev/null
+++ b/helpers/peertubeCrypto.js
@@ -0,0 +1,152 @@
1;(function () {
2 'use strict'
3
4 var config = require('config')
5 var crypto = require('crypto')
6 var fs = require('fs')
7 var openssl = require('openssl-wrapper')
8 var ursa = require('ursa')
9
10 var logger = require('./logger')
11
12 var certDir = __dirname + '/../' + config.get('storage.certs')
13 var algorithm = 'aes-256-ctr'
14
15 var peertubeCrypto = {
16 checkSignature: checkSignature,
17 createCertsIfNotExist: createCertsIfNotExist,
18 decrypt: decrypt,
19 encrypt: encrypt,
20 getCertDir: getCertDir,
21 sign: sign
22 }
23
24 function checkSignature (public_key, raw_data, hex_signature) {
25 var crt = ursa.createPublicKey(public_key)
26 var is_valid = crt.hashAndVerify('sha256', new Buffer(raw_data).toString('hex'), hex_signature, 'hex')
27 return is_valid
28 }
29
30 function createCertsIfNotExist (callback) {
31 certsExist(function (exist) {
32 if (exist === true) {
33 return callback(null)
34 }
35
36 createCerts(function (err) {
37 return callback(err)
38 })
39 })
40 }
41
42 function decrypt (key, data, callback) {
43 fs.readFile(getCertDir() + 'peertube.key.pem', function (err, file) {
44 if (err) return callback(err)
45
46 var my_private_key = ursa.createPrivateKey(file)
47 var decrypted_key = my_private_key.decrypt(key, 'hex', 'utf8')
48 var decrypted_data = symetricDecrypt(data, decrypted_key)
49
50 return callback(null, decrypted_data)
51 })
52 }
53
54 function encrypt (public_key, data, callback) {
55 var crt = ursa.createPublicKey(public_key)
56
57 symetricEncrypt(data, function (err, dataEncrypted) {
58 if (err) return callback(err)
59
60 var key = crt.encrypt(dataEncrypted.password, 'utf8', 'hex')
61 var encrypted = {
62 data: dataEncrypted.crypted,
63 key: key
64 }
65
66 callback(null, encrypted)
67 })
68 }
69
70 function getCertDir () {
71 return certDir
72 }
73
74 function sign (data) {
75 var myKey = ursa.createPrivateKey(fs.readFileSync(certDir + 'peertube.key.pem'))
76 var signature = myKey.hashAndSign('sha256', data, 'utf8', 'hex')
77
78 return signature
79 }
80
81 // ---------------------------------------------------------------------------
82
83 module.exports = peertubeCrypto
84
85 // ---------------------------------------------------------------------------
86
87 function certsExist (callback) {
88 fs.exists(certDir + 'peertube.key.pem', function (exists) {
89 return callback(exists)
90 })
91 }
92
93 function createCerts (callback) {
94 certsExist(function (exist) {
95 if (exist === true) {
96 var string = 'Certs already exist.'
97 logger.warning(string)
98 return callback(new Error(string))
99 }
100
101 logger.info('Generating a RSA key...')
102 openssl.exec('genrsa', { 'out': certDir + 'peertube.key.pem', '2048': false }, function (err) {
103 if (err) {
104 logger.error('Cannot create private key on this pod.', { error: err })
105 return callback(err)
106 }
107 logger.info('RSA key generated.')
108
109 logger.info('Manage public key...')
110 openssl.exec('rsa', { 'in': certDir + 'peertube.key.pem', 'pubout': true, 'out': certDir + 'peertube.pub' }, function (err) {
111 if (err) {
112 logger.error('Cannot create public key on this pod .', { error: err })
113 return callback(err)
114 }
115
116 logger.info('Public key managed.')
117 return callback(null)
118 })
119 })
120 })
121 }
122
123 function generatePassword (callback) {
124 crypto.randomBytes(32, function (err, buf) {
125 if (err) {
126 return callback(err)
127 }
128
129 callback(null, buf.toString('utf8'))
130 })
131 }
132
133 function symetricDecrypt (text, password) {
134 var decipher = crypto.createDecipher(algorithm, password)
135 var dec = decipher.update(text, 'hex', 'utf8')
136 dec += decipher.final('utf8')
137 return dec
138 }
139
140 function symetricEncrypt (text, callback) {
141 generatePassword(function (err, password) {
142 if (err) {
143 return callback(err)
144 }
145
146 var cipher = crypto.createCipher(algorithm, password)
147 var crypted = cipher.update(text, 'utf8', 'hex')
148 crypted += cipher.final('hex')
149 callback(null, { crypted: crypted, password: password })
150 })
151 }
152})()
diff --git a/helpers/requests.js b/helpers/requests.js
new file mode 100644
index 000000000..0e301da79
--- /dev/null
+++ b/helpers/requests.js
@@ -0,0 +1,111 @@
1;(function () {
2 'use strict'
3
4 var async = require('async')
5 var config = require('config')
6 var request = require('request')
7 var replay = require('request-replay')
8
9 var constants = require('../initializers/constants')
10 var logger = require('./logger')
11 var peertubeCrypto = require('./peertubeCrypto')
12
13 var http = config.get('webserver.https') ? 'https' : 'http'
14 var host = config.get('webserver.host')
15 var port = config.get('webserver.port')
16
17 var requests = {
18 makeMultipleRetryRequest: makeMultipleRetryRequest
19 }
20
21 function makeMultipleRetryRequest (all_data, pods, callbackEach, callback) {
22 if (!callback) {
23 callback = callbackEach
24 callbackEach = null
25 }
26
27 var url = http + '://' + host + ':' + port
28 var signature
29
30 // Add signature if it is specified in the params
31 if (all_data.method === 'POST' && all_data.data && all_data.sign === true) {
32 signature = peertubeCrypto.sign(url)
33 }
34
35 // Make a request for each pod
36 async.each(pods, function (pod, callback_each_async) {
37 function callbackEachRetryRequest (err, response, body, url, pod) {
38 if (callbackEach !== null) {
39 callbackEach(err, response, body, url, pod, function () {
40 callback_each_async()
41 })
42 } else {
43 callback_each_async()
44 }
45 }
46
47 var params = {
48 url: pod.url + all_data.path,
49 method: all_data.method
50 }
51
52 // Add data with POST requst ?
53 if (all_data.method === 'POST' && all_data.data) {
54 // Encrypt data ?
55 if (all_data.encrypt === true) {
56 // TODO: ES6 with let
57 ;(function (copy_params, copy_url, copy_pod, copy_signature) {
58 peertubeCrypto.encrypt(pod.publicKey, JSON.stringify(all_data.data), function (err, encrypted) {
59 if (err) return callback(err)
60
61 copy_params.json = {
62 data: encrypted.data,
63 key: encrypted.key
64 }
65
66 makeRetryRequest(copy_params, copy_url, copy_pod, copy_signature, callbackEachRetryRequest)
67 })
68 })(params, url, pod, signature)
69 } else {
70 params.json = { data: all_data.data }
71 makeRetryRequest(params, url, pod, signature, callbackEachRetryRequest)
72 }
73 } else {
74 makeRetryRequest(params, url, pod, signature, callbackEachRetryRequest)
75 }
76 }, callback)
77 }
78
79 // ---------------------------------------------------------------------------
80
81 module.exports = requests
82
83 // ---------------------------------------------------------------------------
84
85 function makeRetryRequest (params, from_url, to_pod, signature, callbackEach) {
86 // Append the signature
87 if (signature) {
88 params.json.signature = {
89 url: from_url,
90 signature: signature
91 }
92 }
93
94 logger.debug('Make retry requests to %s.', to_pod.url)
95
96 replay(
97 request.post(params, function (err, response, body) {
98 callbackEach(err, response, body, params.url, to_pod)
99 }),
100 {
101 retries: constants.REQUEST_RETRIES,
102 factor: 3,
103 maxTimeout: Infinity,
104 errorCodes: [ 'EADDRINFO', 'ETIMEDOUT', 'ECONNRESET', 'ESOCKETTIMEDOUT', 'ENOTFOUND', 'ECONNREFUSED' ]
105 }
106 ).on('replay', function (replay) {
107 logger.info('Replaying request to %s. Request failed: %d %s. Replay number: #%d. Will retry in: %d ms.',
108 params.url, replay.error.code, replay.error.message, replay.number, replay.delay)
109 })
110 }
111})()
diff --git a/helpers/utils.js b/helpers/utils.js
index ec46631b1..bd0557977 100644
--- a/helpers/utils.js
+++ b/helpers/utils.js
@@ -1,178 +1,10 @@
1;(function () { 1;(function () {
2 'use strict' 2 'use strict'
3 3
4 var async = require('async')
5 var config = require('config')
6 var crypto = require('crypto')
7 var fs = require('fs')
8 var openssl = require('openssl-wrapper')
9 var request = require('request')
10 var replay = require('request-replay')
11 var ursa = require('ursa')
12
13 var constants = require('../initializers/constants')
14 var logger = require('./logger') 4 var logger = require('./logger')
15 5
16 var certDir = __dirname + '/../' + config.get('storage.certs')
17 var http = config.get('webserver.https') ? 'https' : 'http'
18 var host = config.get('webserver.host')
19 var port = config.get('webserver.port')
20 var algorithm = 'aes-256-ctr'
21
22 var utils = { 6 var utils = {
23 getCertDir: getCertDir, 7 cleanForExit: cleanForExit
24 certsExist: certsExist,
25 cleanForExit: cleanForExit,
26 createCerts: createCerts,
27 createCertsIfNotExist: createCertsIfNotExist,
28 generatePassword: generatePassword,
29 makeMultipleRetryRequest: makeMultipleRetryRequest,
30 symetricEncrypt: symetricEncrypt,
31 symetricDecrypt: symetricDecrypt
32 }
33
34 function getCertDir () {
35 return certDir
36 }
37
38 function makeMultipleRetryRequest (all_data, pods, callbackEach, callback) {
39 if (!callback) {
40 callback = callbackEach
41 callbackEach = null
42 }
43
44 var url = http + '://' + host + ':' + port
45 var signature
46
47 // Add signature if it is specified in the params
48 if (all_data.method === 'POST' && all_data.data && all_data.sign === true) {
49 var myKey = ursa.createPrivateKey(fs.readFileSync(certDir + 'peertube.key.pem'))
50 signature = myKey.hashAndSign('sha256', url, 'utf8', 'hex')
51 }
52
53 // Make a request for each pod
54 async.each(pods, function (pod, callback_each_async) {
55 function callbackEachRetryRequest (err, response, body, url, pod) {
56 if (callbackEach !== null) {
57 callbackEach(err, response, body, url, pod, function () {
58 callback_each_async()
59 })
60 } else {
61 callback_each_async()
62 }
63 }
64
65 var params = {
66 url: pod.url + all_data.path,
67 method: all_data.method
68 }
69
70 // Add data with POST requst ?
71 if (all_data.method === 'POST' && all_data.data) {
72 // Encrypt data ?
73 if (all_data.encrypt === true) {
74 var crt = ursa.createPublicKey(pod.publicKey)
75
76 // TODO: ES6 with let
77 ;(function (crt_copy, copy_params, copy_url, copy_pod, copy_signature) {
78 symetricEncrypt(JSON.stringify(all_data.data), function (err, dataEncrypted) {
79 if (err) throw err
80
81 var passwordEncrypted = crt_copy.encrypt(dataEncrypted.password, 'utf8', 'hex')
82 copy_params.json = {
83 data: dataEncrypted.crypted,
84 key: passwordEncrypted
85 }
86
87 makeRetryRequest(copy_params, copy_url, copy_pod, copy_signature, callbackEachRetryRequest)
88 })
89 })(crt, params, url, pod, signature)
90 } else {
91 params.json = { data: all_data.data }
92 makeRetryRequest(params, url, pod, signature, callbackEachRetryRequest)
93 }
94 } else {
95 makeRetryRequest(params, url, pod, signature, callbackEachRetryRequest)
96 }
97 }, callback)
98 }
99
100 function certsExist (callback) {
101 fs.exists(certDir + 'peertube.key.pem', function (exists) {
102 return callback(exists)
103 })
104 }
105
106 function createCerts (callback) {
107 certsExist(function (exist) {
108 if (exist === true) {
109 var string = 'Certs already exist.'
110 logger.warning(string)
111 return callback(new Error(string))
112 }
113
114 logger.info('Generating a RSA key...')
115 openssl.exec('genrsa', { 'out': certDir + 'peertube.key.pem', '2048': false }, function (err) {
116 if (err) {
117 logger.error('Cannot create private key on this pod.', { error: err })
118 return callback(err)
119 }
120 logger.info('RSA key generated.')
121
122 logger.info('Manage public key...')
123 openssl.exec('rsa', { 'in': certDir + 'peertube.key.pem', 'pubout': true, 'out': certDir + 'peertube.pub' }, function (err) {
124 if (err) {
125 logger.error('Cannot create public key on this pod .', { error: err })
126 return callback(err)
127 }
128
129 logger.info('Public key managed.')
130 return callback(null)
131 })
132 })
133 })
134 }
135
136 function createCertsIfNotExist (callback) {
137 certsExist(function (exist) {
138 if (exist === true) {
139 return callback(null)
140 }
141
142 createCerts(function (err) {
143 return callback(err)
144 })
145 })
146 }
147
148 function generatePassword (callback) {
149 crypto.randomBytes(32, function (err, buf) {
150 if (err) {
151 return callback(err)
152 }
153
154 callback(null, buf.toString('utf8'))
155 })
156 }
157
158 function symetricEncrypt (text, callback) {
159 generatePassword(function (err, password) {
160 if (err) {
161 return callback(err)
162 }
163
164 var cipher = crypto.createCipher(algorithm, password)
165 var crypted = cipher.update(text, 'utf8', 'hex')
166 crypted += cipher.final('hex')
167 callback(null, { crypted: crypted, password: password })
168 })
169 }
170
171 function symetricDecrypt (text, password) {
172 var decipher = crypto.createDecipher(algorithm, password)
173 var dec = decipher.update(text, 'hex', 'utf8')
174 dec += decipher.final('utf8')
175 return dec
176 } 8 }
177 9
178 function cleanForExit (webtorrent_process) { 10 function cleanForExit (webtorrent_process) {
@@ -183,33 +15,4 @@
183 // --------------------------------------------------------------------------- 15 // ---------------------------------------------------------------------------
184 16
185 module.exports = utils 17 module.exports = utils
186
187 // ---------------------------------------------------------------------------
188
189 function makeRetryRequest (params, from_url, to_pod, signature, callbackEach) {
190 // Append the signature
191 if (signature) {
192 params.json.signature = {
193 url: from_url,
194 signature: signature
195 }
196 }
197
198 logger.debug('Make retry requests to %s.', to_pod.url)
199
200 replay(
201 request.post(params, function (err, response, body) {
202 callbackEach(err, response, body, params.url, to_pod)
203 }),
204 {
205 retries: constants.REQUEST_RETRIES,
206 factor: 3,
207 maxTimeout: Infinity,
208 errorCodes: [ 'EADDRINFO', 'ETIMEDOUT', 'ECONNRESET', 'ESOCKETTIMEDOUT', 'ENOTFOUND', 'ECONNREFUSED' ]
209 }
210 ).on('replay', function (replay) {
211 logger.info('Replaying request to %s. Request failed: %d %s. Replay number: #%d. Will retry in: %d ms.',
212 params.url, replay.error.code, replay.error.message, replay.number, replay.delay)
213 })
214 }
215})() 18})()