server/tests/api/activitypub/helpers.ts

   1 /* tslint:disable:no-unused-expression */
   2
   3 import 'mocha'
   4 import { expect } from 'chai'
   5 import { buildRequestStub } from '../../../../shared/extra-utils/miscs/stubs'
   6 import { isHTTPSignatureVerified, isJsonLDSignatureVerified, parseHTTPSignature } from '../../../helpers/peertube-crypto'
   7 import { cloneDeep } from 'lodash'
   8 import { buildSignedActivity } from '../../../helpers/activitypub'
   9
  10 describe('Test activity pub helpers', function () {
  11   describe('When checking the Linked Signature', function () {
  12
  13     it('Should fail with an invalid Mastodon signature', async function () {
  14       const body = require('./json/mastodon/create-bad-signature.json')
  15       const publicKey = require('./json/mastodon/public-key.json').publicKey
  16       const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' }
  17
  18       const result = await isJsonLDSignatureVerified(fromActor as any, body)
  19
  20       expect(result).to.be.false
  21     })
  22
  23     it('Should fail with an invalid public key', async function () {
  24       const body = require('./json/mastodon/create.json')
  25       const publicKey = require('./json/mastodon/bad-public-key.json').publicKey
  26       const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' }
  27
  28       const result = await isJsonLDSignatureVerified(fromActor as any, body)
  29
  30       expect(result).to.be.false
  31     })
  32
  33     it('Should succeed with a valid Mastodon signature', async function () {
  34       const body = require('./json/mastodon/create.json')
  35       const publicKey = require('./json/mastodon/public-key.json').publicKey
  36       const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' }
  37
  38       const result = await isJsonLDSignatureVerified(fromActor as any, body)
  39
  40       expect(result).to.be.true
  41     })
  42
  43     it('Should fail with an invalid PeerTube signature', async function () {
  44       const keys = require('./json/peertube/invalid-keys.json')
  45       const body = require('./json/peertube/announce-without-context.json')
  46
  47       const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey }
  48       const signedBody = await buildSignedActivity(actorSignature as any, body)
  49
  50       const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' }
  51       const result = await isJsonLDSignatureVerified(fromActor as any, signedBody)
  52
  53       expect(result).to.be.false
  54     })
  55
  56     it('Should succeed with a valid PeerTube signature', async function () {
  57       const keys = require('./json/peertube/keys.json')
  58       const body = require('./json/peertube/announce-without-context.json')
  59
  60       const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey }
  61       const signedBody = await buildSignedActivity(actorSignature as any, body)
  62
  63       const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' }
  64       const result = await isJsonLDSignatureVerified(fromActor as any, signedBody)
  65
  66       expect(result).to.be.true
  67     })
  68   })
  69
  70   describe('When checking HTTP signature', function () {
  71     it('Should fail with an invalid http signature', async function () {
  72       const req = buildRequestStub()
  73       req.method = 'POST'
  74       req.url = '/accounts/ronan/inbox'
  75
  76       const mastodonObject = cloneDeep(require('./json/mastodon/bad-http-signature.json'))
  77       req.body = mastodonObject.body
  78       req.headers = mastodonObject.headers
  79       req.headers.signature = 'Signature ' + req.headers.signature
  80
  81       const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
  82       const publicKey = require('./json/mastodon/public-key.json').publicKey
  83
  84       const actor = { publicKey }
  85       const verified = isHTTPSignatureVerified(parsed, actor as any)
  86
  87       expect(verified).to.be.false
  88     })
  89
  90     it('Should fail with an invalid public key', async function () {
  91       const req = buildRequestStub()
  92       req.method = 'POST'
  93       req.url = '/accounts/ronan/inbox'
  94
  95       const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json'))
  96       req.body = mastodonObject.body
  97       req.headers = mastodonObject.headers
  98       req.headers.signature = 'Signature ' + req.headers.signature
  99
 100       const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
 101       const publicKey = require('./json/mastodon/bad-public-key.json').publicKey
 102
 103       const actor = { publicKey }
 104       const verified = isHTTPSignatureVerified(parsed, actor as any)
 105
 106       expect(verified).to.be.false
 107     })
 108
 109     it('Should fail because of clock skew', async function () {
 110       const req = buildRequestStub()
 111       req.method = 'POST'
 112       req.url = '/accounts/ronan/inbox'
 113
 114       const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json'))
 115       req.body = mastodonObject.body
 116       req.headers = mastodonObject.headers
 117       req.headers.signature = 'Signature ' + req.headers.signature
 118
 119       let errored = false
 120       try {
 121         parseHTTPSignature(req)
 122       } catch {
 123         errored = true
 124       }
 125
 126       expect(errored).to.be.true
 127     })
 128
 129     it('Should fail without scheme', async function () {
 130       const req = buildRequestStub()
 131       req.method = 'POST'
 132       req.url = '/accounts/ronan/inbox'
 133
 134       const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json'))
 135       req.body = mastodonObject.body
 136       req.headers = mastodonObject.headers
 137
 138       let errored = false
 139       try {
 140         parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
 141       } catch {
 142         errored = true
 143       }
 144
 145       expect(errored).to.be.true
 146     })
 147
 148     it('Should succeed with a valid signature', async function () {
 149       const req = buildRequestStub()
 150       req.method = 'POST'
 151       req.url = '/accounts/ronan/inbox'
 152
 153       const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json'))
 154       req.body = mastodonObject.body
 155       req.headers = mastodonObject.headers
 156       req.headers.signature = 'Signature ' + req.headers.signature
 157
 158       const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
 159       const publicKey = require('./json/mastodon/public-key.json').publicKey
 160
 161       const actor = { publicKey }
 162       const verified = isHTTPSignatureVerified(parsed, actor as any)
 163
 164       expect(verified).to.be.true
 165     })
 166
 167   })
 168
 169 })