1
0
Fork 0
peertube/server/helpers/peertube-crypto.ts

93 lines
2.6 KiB
TypeScript
Raw Normal View History

import { Request } from 'express'
import { BCRYPT_SALT_SIZE, HTTP_SIGNATURE, PRIVATE_RSA_KEY_SIZE } from '../initializers'
2017-12-14 11:38:41 -05:00
import { ActorModel } from '../models/activitypub/actor'
2017-11-23 11:53:38 -05:00
import { bcryptComparePromise, bcryptGenSaltPromise, bcryptHashPromise, createPrivateKey, getPublicKey } from './core-utils'
2017-11-17 09:20:42 -05:00
import { jsig } from './custom-jsonld-signature'
2017-11-23 11:53:38 -05:00
import { logger } from './logger'
const httpSignature = require('http-signature')
2017-11-09 11:51:58 -05:00
async function createPrivateAndPublicKeys () {
logger.info('Generating a RSA key...')
2017-11-09 11:51:58 -05:00
const { key } = await createPrivateKey(PRIVATE_RSA_KEY_SIZE)
const { publicKey } = await getPublicKey(key)
2017-11-09 11:51:58 -05:00
return { privateKey: key, publicKey }
}
// User password checks
function comparePassword (plainPassword: string, hashPassword: string) {
return bcryptComparePromise(plainPassword, hashPassword)
}
async function cryptPassword (password: string) {
const salt = await bcryptGenSaltPromise(BCRYPT_SALT_SIZE)
return bcryptHashPromise(password, salt)
}
// HTTP Signature
function isHTTPSignatureVerified (httpSignatureParsed: any, actor: ActorModel) {
return httpSignature.verifySignature(httpSignatureParsed, actor.publicKey) === true
}
function parseHTTPSignature (req: Request) {
return httpSignature.parse(req, { authorizationHeaderName: HTTP_SIGNATURE.HEADER_NAME })
}
// JSONLD
function isJsonLDSignatureVerified (fromActor: ActorModel, signedDocument: any) {
2017-11-09 11:51:58 -05:00
const publicKeyObject = {
'@context': jsig.SECURITY_CONTEXT_URL,
id: fromActor.url,
type: 'CryptographicKey',
2017-12-14 11:38:41 -05:00
owner: fromActor.url,
publicKeyPem: fromActor.publicKey
}
2017-11-09 11:51:58 -05:00
const publicKeyOwnerObject = {
'@context': jsig.SECURITY_CONTEXT_URL,
id: fromActor.url,
2017-11-09 11:51:58 -05:00
publicKey: [ publicKeyObject ]
}
2017-11-09 11:51:58 -05:00
const options = {
publicKey: publicKeyObject,
publicKeyOwner: publicKeyOwnerObject
}
return jsig.promises
.verify(signedDocument, options)
2018-10-19 06:42:13 -04:00
.then((result: { verified: boolean }) => result.verified)
.catch(err => {
logger.error('Cannot check signature.', { err })
return false
})
2016-08-25 11:57:37 -04:00
}
function signJsonLDObject (byActor: ActorModel, data: any) {
2017-11-09 11:51:58 -05:00
const options = {
2017-12-14 11:38:41 -05:00
privateKeyPem: byActor.privateKey,
2017-12-18 05:53:04 -05:00
creator: byActor.url,
algorithm: 'RsaSignature2017'
}
return jsig.promises.sign(data, options)
2017-11-09 11:51:58 -05:00
}
// ---------------------------------------------------------------------------
2016-02-05 12:03:20 -05:00
2017-05-15 16:22:03 -04:00
export {
parseHTTPSignature,
isHTTPSignatureVerified,
isJsonLDSignatureVerified,
2017-05-15 16:22:03 -04:00
comparePassword,
2017-11-09 11:51:58 -05:00
createPrivateAndPublicKeys,
2017-05-15 16:22:03 -04:00
cryptPassword,
signJsonLDObject
}