aboutsummaryrefslogtreecommitdiffhomepage
path: root/middlewares
diff options
context:
space:
mode:
Diffstat (limited to 'middlewares')
-rw-r--r--middlewares/misc.js7
-rw-r--r--middlewares/reqValidators/remote.js2
2 files changed, 3 insertions, 6 deletions
diff --git a/middlewares/misc.js b/middlewares/misc.js
index 69e8d78c1..9755eeff0 100644
--- a/middlewares/misc.js
+++ b/middlewares/misc.js
@@ -25,15 +25,13 @@
25 } 25 }
26 26
27 misc.decryptBody = function (req, res, next) { 27 misc.decryptBody = function (req, res, next) {
28 logger.debug('Decrypting body.')
29
30 PodsDB.findOne({ url: req.body.signature.url }, function (err, pod) { 28 PodsDB.findOne({ url: req.body.signature.url }, function (err, pod) {
31 if (err) { 29 if (err) {
32 logger.error('Cannot get signed url in decryptBody.', { error: err }) 30 logger.error('Cannot get signed url in decryptBody.', { error: err })
33 res.sendStatus(500) 31 res.sendStatus(500)
34 } 32 }
35 33
36 logger.debug('Found one pod which could send the message.', { pod: pod.publicKey, url: req.body.signature.url }) 34 logger.debug('Decrypting body from %s.', req.body.signature.url)
37 35
38 var crt = ursa.createPublicKey(pod.publicKey) 36 var crt = ursa.createPublicKey(pod.publicKey)
39 var signature_ok = crt.hashAndVerify('sha256', new Buffer(req.body.signature.url).toString('hex'), req.body.signature.signature, 'hex') 37 var signature_ok = crt.hashAndVerify('sha256', new Buffer(req.body.signature.url).toString('hex'), req.body.signature.signature, 'hex')
@@ -41,9 +39,8 @@
41 if (signature_ok === true) { 39 if (signature_ok === true) {
42 var myKey = ursa.createPrivateKey(fs.readFileSync(utils.certDir + 'peertube.key.pem')) 40 var myKey = ursa.createPrivateKey(fs.readFileSync(utils.certDir + 'peertube.key.pem'))
43 var decryptedKey = myKey.decrypt(req.body.key, 'hex', 'utf8') 41 var decryptedKey = myKey.decrypt(req.body.key, 'hex', 'utf8')
44 logger.debug(decryptedKey)
45 req.body.data = JSON.parse(utils.symetricDecrypt(req.body.data, decryptedKey)) 42 req.body.data = JSON.parse(utils.symetricDecrypt(req.body.data, decryptedKey))
46 logger.debug('Decrypted.', { body: req.body }) 43 delete req.body.key
47 } else { 44 } else {
48 logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url) 45 logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url)
49 res.sendStatus(500) 46 res.sendStatus(500)
diff --git a/middlewares/reqValidators/remote.js b/middlewares/reqValidators/remote.js
index 642dad1c7..a9d2cdf20 100644
--- a/middlewares/reqValidators/remote.js
+++ b/middlewares/reqValidators/remote.js
@@ -12,7 +12,7 @@
12 req.checkBody('key', 'Should have a key').notEmpty() 12 req.checkBody('key', 'Should have a key').notEmpty()
13 req.checkBody('data', 'Should have data').notEmpty() 13 req.checkBody('data', 'Should have data').notEmpty()
14 14
15 logger.debug('Checking secureRequest parameters', { parameters: req.body }) 15 logger.debug('Checking secureRequest parameters', { parameters: { data: req.body.data, keyLength: req.body.key.length } })
16 16
17 checkErrors(req, res, next) 17 checkErrors(req, res, next)
18 } 18 }