aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/helpers/peertube-crypto.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/helpers/peertube-crypto.ts')
-rw-r--r--server/helpers/peertube-crypto.ts111
1 files changed, 49 insertions, 62 deletions
diff --git a/server/helpers/peertube-crypto.ts b/server/helpers/peertube-crypto.ts
index 0ac875127..8e8001cd6 100644
--- a/server/helpers/peertube-crypto.ts
+++ b/server/helpers/peertube-crypto.ts
@@ -1,7 +1,5 @@
1import * as crypto from 'crypto' 1import * as crypto from 'crypto'
2import * as bcrypt from 'bcrypt'
3import * as fs from 'fs' 2import * as fs from 'fs'
4import * as openssl from 'openssl-wrapper'
5import { join } from 'path' 3import { join } from 'path'
6 4
7import { 5import {
@@ -12,6 +10,14 @@ import {
12 BCRYPT_SALT_SIZE, 10 BCRYPT_SALT_SIZE,
13 PUBLIC_CERT_NAME 11 PUBLIC_CERT_NAME
14} from '../initializers' 12} from '../initializers'
13import {
14 readFilePromise,
15 bcryptComparePromise,
16 bcryptGenSaltPromise,
17 bcryptHashPromise,
18 accessPromise,
19 opensslExecPromise
20} from './core-utils'
15import { logger } from './logger' 21import { logger } from './logger'
16 22
17function checkSignature (publicKey: string, data: string, hexSignature: string) { 23function checkSignature (publicKey: string, data: string, hexSignature: string) {
@@ -60,46 +66,32 @@ function sign (data: string|Object) {
60 return signature 66 return signature
61} 67}
62 68
63function comparePassword (plainPassword: string, hashPassword: string, callback: (err: Error, match?: boolean) => void) { 69function comparePassword (plainPassword: string, hashPassword: string) {
64 bcrypt.compare(plainPassword, hashPassword, function (err, isPasswordMatch) { 70 return bcryptComparePromise(plainPassword, hashPassword)
65 if (err) return callback(err)
66
67 return callback(null, isPasswordMatch)
68 })
69} 71}
70 72
71function createCertsIfNotExist (callback: (err: Error) => void) { 73function createCertsIfNotExist () {
72 certsExist(function (err, exist) { 74 return certsExist().then(exist => {
73 if (err) return callback(err)
74
75 if (exist === true) { 75 if (exist === true) {
76 return callback(null) 76 return undefined
77 } 77 }
78 78
79 createCerts(function (err) { 79 return createCerts()
80 return callback(err)
81 })
82 }) 80 })
83} 81}
84 82
85function cryptPassword (password: string, callback: (err: Error, hash?: string) => void) { 83function cryptPassword (password: string) {
86 bcrypt.genSalt(BCRYPT_SALT_SIZE, function (err, salt) { 84 return bcryptGenSaltPromise(BCRYPT_SALT_SIZE).then(salt => bcryptHashPromise(password, salt))
87 if (err) return callback(err)
88
89 bcrypt.hash(password, salt, function (err, hash) {
90 return callback(err, hash)
91 })
92 })
93} 85}
94 86
95function getMyPrivateCert (callback: (err: Error, privateCert: string) => void) { 87function getMyPrivateCert () {
96 const certPath = join(CONFIG.STORAGE.CERT_DIR, PRIVATE_CERT_NAME) 88 const certPath = join(CONFIG.STORAGE.CERT_DIR, PRIVATE_CERT_NAME)
97 fs.readFile(certPath, 'utf8', callback) 89 return readFilePromise(certPath, 'utf8')
98} 90}
99 91
100function getMyPublicCert (callback: (err: Error, publicCert: string) => void) { 92function getMyPublicCert () {
101 const certPath = join(CONFIG.STORAGE.CERT_DIR, PUBLIC_CERT_NAME) 93 const certPath = join(CONFIG.STORAGE.CERT_DIR, PUBLIC_CERT_NAME)
102 fs.readFile(certPath, 'utf8', callback) 94 return readFilePromise(certPath, 'utf8')
103} 95}
104 96
105// --------------------------------------------------------------------------- 97// ---------------------------------------------------------------------------
@@ -116,23 +108,21 @@ export {
116 108
117// --------------------------------------------------------------------------- 109// ---------------------------------------------------------------------------
118 110
119function certsExist (callback: (err: Error, certsExist: boolean) => void) { 111function certsExist () {
120 const certPath = join(CONFIG.STORAGE.CERT_DIR, PRIVATE_CERT_NAME) 112 const certPath = join(CONFIG.STORAGE.CERT_DIR, PRIVATE_CERT_NAME)
121 fs.access(certPath, function (err) {
122 // If there is an error the certificates do not exist
123 const exists = !err
124 return callback(null, exists)
125 })
126}
127 113
128function createCerts (callback: (err: Error) => void) { 114 // If there is an error the certificates do not exist
129 certsExist(function (err, exist) { 115 return accessPromise(certPath)
130 if (err) return callback(err) 116 .then(() => true)
117 .catch(() => false)
118}
131 119
120function createCerts () {
121 return certsExist().then(exist => {
132 if (exist === true) { 122 if (exist === true) {
133 const errorMessage = 'Certs already exist.' 123 const errorMessage = 'Certs already exist.'
134 logger.warning(errorMessage) 124 logger.warning(errorMessage)
135 return callback(new Error(errorMessage)) 125 throw new Error(errorMessage)
136 } 126 }
137 127
138 logger.info('Generating a RSA key...') 128 logger.info('Generating a RSA key...')
@@ -142,30 +132,27 @@ function createCerts (callback: (err: Error) => void) {
142 'out': privateCertPath, 132 'out': privateCertPath,
143 '2048': false 133 '2048': false
144 } 134 }
145 openssl.exec('genrsa', genRsaOptions, function (err) { 135 return opensslExecPromise('genrsa', genRsaOptions)
146 if (err) { 136 .then(() => {
147 logger.error('Cannot create private key on this pod.') 137 logger.info('RSA key generated.')
148 return callback(err) 138 logger.info('Managing public key...')
149 } 139
150 140 const publicCertPath = join(CONFIG.STORAGE.CERT_DIR, 'peertube.pub')
151 logger.info('RSA key generated.') 141 const rsaOptions = {
152 logger.info('Managing public key...') 142 'in': privateCertPath,
153 143 'pubout': true,
154 const publicCertPath = join(CONFIG.STORAGE.CERT_DIR, 'peertube.pub') 144 'out': publicCertPath
155 const rsaOptions = {
156 'in': privateCertPath,
157 'pubout': true,
158 'out': publicCertPath
159 }
160 openssl.exec('rsa', rsaOptions, function (err) {
161 if (err) {
162 logger.error('Cannot create public key on this pod.')
163 return callback(err)
164 } 145 }
165 146 return opensslExecPromise('rsa', rsaOptions)
166 logger.info('Public key managed.') 147 .then(() => logger.info('Public key managed.'))
167 return callback(null) 148 .catch(err => {
149 logger.error('Cannot create public key on this pod.')
150 throw err
151 })
152 })
153 .catch(err => {
154 logger.error('Cannot create private key on this pod.')
155 throw err
168 }) 156 })
169 })
170 }) 157 })
171} 158}