1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
4 import { expect } from 'chai'
5 import { buildRequestStub } from '../../../../shared/extra-utils/miscs/stubs'
6 import { isHTTPSignatureVerified, isJsonLDSignatureVerified, parseHTTPSignature } from '../../../helpers/peertube-crypto'
7 import { cloneDeep } from 'lodash'
8 import { buildSignedActivity } from '../../../helpers/activitypub'
10 describe('Test activity pub helpers', function () {
11 describe('When checking the Linked Signature', function () {
13 it('Should fail with an invalid Mastodon signature', async function () {
14 const body = require('./json/mastodon/create-bad-signature.json')
15 const publicKey = require('./json/mastodon/public-key.json').publicKey
16 const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' }
18 const result = await isJsonLDSignatureVerified(fromActor as any, body)
20 expect(result).to.be.false
23 it('Should fail with an invalid public key', async function () {
24 const body = require('./json/mastodon/create.json')
25 const publicKey = require('./json/mastodon/bad-public-key.json').publicKey
26 const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' }
28 const result = await isJsonLDSignatureVerified(fromActor as any, body)
30 expect(result).to.be.false
33 it('Should succeed with a valid Mastodon signature', async function () {
34 const body = require('./json/mastodon/create.json')
35 const publicKey = require('./json/mastodon/public-key.json').publicKey
36 const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' }
38 const result = await isJsonLDSignatureVerified(fromActor as any, body)
40 expect(result).to.be.true
43 it('Should fail with an invalid PeerTube signature', async function () {
44 const keys = require('./json/peertube/invalid-keys.json')
45 const body = require('./json/peertube/announce-without-context.json')
47 const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey }
48 const signedBody = await buildSignedActivity(actorSignature as any, body)
50 const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' }
51 const result = await isJsonLDSignatureVerified(fromActor as any, signedBody)
53 expect(result).to.be.false
56 it('Should succeed with a valid PeerTube signature', async function () {
57 const keys = require('./json/peertube/keys.json')
58 const body = require('./json/peertube/announce-without-context.json')
60 const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey }
61 const signedBody = await buildSignedActivity(actorSignature as any, body)
63 const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' }
64 const result = await isJsonLDSignatureVerified(fromActor as any, signedBody)
66 expect(result).to.be.true
70 describe('When checking HTTP signature', function () {
71 it('Should fail with an invalid http signature', async function () {
72 const req = buildRequestStub()
74 req.url = '/accounts/ronan/inbox'
76 const mastodonObject = cloneDeep(require('./json/mastodon/bad-http-signature.json'))
77 req.body = mastodonObject.body
78 req.headers = mastodonObject.headers
80 const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
81 const publicKey = require('./json/mastodon/public-key.json').publicKey
83 const actor = { publicKey }
84 const verified = isHTTPSignatureVerified(parsed, actor as any)
86 expect(verified).to.be.false
89 it('Should fail with an invalid public key', async function () {
90 const req = buildRequestStub()
92 req.url = '/accounts/ronan/inbox'
94 const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json'))
95 req.body = mastodonObject.body
96 req.headers = mastodonObject.headers
98 const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
99 const publicKey = require('./json/mastodon/bad-public-key.json').publicKey
101 const actor = { publicKey }
102 const verified = isHTTPSignatureVerified(parsed, actor as any)
104 expect(verified).to.be.false
107 it('Should fail because of clock skew', async function () {
108 const req = buildRequestStub()
110 req.url = '/accounts/ronan/inbox'
112 const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json'))
113 req.body = mastodonObject.body
114 req.headers = mastodonObject.headers
118 parseHTTPSignature(req)
123 expect(errored).to.be.true
126 it('Should with a scheme', async function () {
127 const req = buildRequestStub()
129 req.url = '/accounts/ronan/inbox'
131 const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json'))
132 req.body = mastodonObject.body
133 req.headers = mastodonObject.headers
134 req.headers = 'Signature ' + mastodonObject.headers
138 parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
143 expect(errored).to.be.true
146 it('Should succeed with a valid signature', async function () {
147 const req = buildRequestStub()
149 req.url = '/accounts/ronan/inbox'
151 const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json'))
152 req.body = mastodonObject.body
153 req.headers = mastodonObject.headers
155 const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
156 const publicKey = require('./json/mastodon/public-key.json').publicKey
158 const actor = { publicKey }
159 const verified = isHTTPSignatureVerified(parsed, actor as any)
161 expect(verified).to.be.true
projects / oweals / peertube.git / blob