2023-08-15 02:52:38 +09:00
|
|
|
/*
|
|
|
|
* SPDX-FileCopyrightText: syuilo and other misskey contributors
|
|
|
|
* SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
*/
|
|
|
|
|
2021-10-16 17:16:24 +09:00
|
|
|
import * as assert from 'assert';
|
2022-11-24 15:39:00 +09:00
|
|
|
import httpSignature from '@peertube/http-signature';
|
2023-02-24 16:10:48 +09:00
|
|
|
|
|
|
|
import { genRsaKeyPair } from '@/misc/gen-key-pair.js';
|
|
|
|
import { ApRequestCreator } from '@/core/activitypub/ApRequestService.js';
|
2021-10-16 17:16:24 +09:00
|
|
|
|
|
|
|
export const buildParsedSignature = (signingString: string, signature: string, algorithm: string) => {
|
|
|
|
return {
|
|
|
|
scheme: 'Signature',
|
|
|
|
params: {
|
|
|
|
keyId: 'KeyID', // dummy, not used for verify
|
|
|
|
algorithm: algorithm,
|
2023-02-24 16:10:48 +09:00
|
|
|
headers: ['(request-target)', 'date', 'host', 'digest'], // dummy, not used for verify
|
2021-10-16 17:16:24 +09:00
|
|
|
signature: signature,
|
|
|
|
},
|
|
|
|
signingString: signingString,
|
2022-05-21 22:21:41 +09:00
|
|
|
algorithm: algorithm.toUpperCase(),
|
2021-10-16 17:16:24 +09:00
|
|
|
keyId: 'KeyID', // dummy, not used for verify
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
describe('ap-request', () => {
|
2023-02-02 18:18:25 +09:00
|
|
|
test('createSignedPost with verify', async () => {
|
2021-10-16 17:16:24 +09:00
|
|
|
const keypair = await genRsaKeyPair();
|
|
|
|
const key = { keyId: 'x', 'privateKeyPem': keypair.privateKey };
|
|
|
|
const url = 'https://example.com/inbox';
|
|
|
|
const activity = { a: 1 };
|
|
|
|
const body = JSON.stringify(activity);
|
|
|
|
const headers = {
|
2022-05-21 22:21:41 +09:00
|
|
|
'User-Agent': 'UA',
|
2021-10-16 17:16:24 +09:00
|
|
|
};
|
|
|
|
|
2023-02-24 16:10:48 +09:00
|
|
|
const req = ApRequestCreator.createSignedPost({ key, url, body, additionalHeaders: headers });
|
2021-10-16 17:16:24 +09:00
|
|
|
|
|
|
|
const parsed = buildParsedSignature(req.signingString, req.signature, 'rsa-sha256');
|
|
|
|
|
|
|
|
const result = httpSignature.verifySignature(parsed, keypair.publicKey);
|
|
|
|
assert.deepStrictEqual(result, true);
|
|
|
|
});
|
|
|
|
|
2023-02-02 18:18:25 +09:00
|
|
|
test('createSignedGet with verify', async () => {
|
2021-10-16 17:16:24 +09:00
|
|
|
const keypair = await genRsaKeyPair();
|
|
|
|
const key = { keyId: 'x', 'privateKeyPem': keypair.privateKey };
|
|
|
|
const url = 'https://example.com/outbox';
|
|
|
|
const headers = {
|
2022-05-21 22:21:41 +09:00
|
|
|
'User-Agent': 'UA',
|
2021-10-16 17:16:24 +09:00
|
|
|
};
|
|
|
|
|
2023-02-24 16:10:48 +09:00
|
|
|
const req = ApRequestCreator.createSignedGet({ key, url, additionalHeaders: headers });
|
2021-10-16 17:16:24 +09:00
|
|
|
|
|
|
|
const parsed = buildParsedSignature(req.signingString, req.signature, 'rsa-sha256');
|
|
|
|
|
|
|
|
const result = httpSignature.verifySignature(parsed, keypair.publicKey);
|
|
|
|
assert.deepStrictEqual(result, true);
|
|
|
|
});
|
|
|
|
});
|