logo

mastofe

My custom branche(s) on git.pleroma.social/pleroma/mastofe git clone https://hacktivis.me/git/mastofe.git

linked_data_signature_spec.rb (2335B)


  1. require 'rails_helper'
  2. RSpec.describe ActivityPub::LinkedDataSignature do
  3. include JsonLdHelper
  4. let!(:sender) { Fabricate(:account, uri: 'http://example.com/alice') }
  5. let(:raw_json) do
  6. {
  7. '@context' => 'https://www.w3.org/ns/activitystreams',
  8. 'id' => 'http://example.com/hello-world',
  9. }
  10. end
  11. let(:json) { raw_json.merge('signature' => signature) }
  12. subject { described_class.new(json) }
  13. describe '#verify_account!' do
  14. context 'when signature matches' do
  15. let(:raw_signature) do
  16. {
  17. 'creator' => 'http://example.com/alice',
  18. 'created' => '2017-09-23T20:21:34Z',
  19. }
  20. end
  21. let(:signature) { raw_signature.merge('type' => 'RsaSignature2017', 'signatureValue' => sign(sender, raw_signature, raw_json)) }
  22. it 'returns creator' do
  23. expect(subject.verify_account!).to eq sender
  24. end
  25. end
  26. context 'when signature is missing' do
  27. let(:signature) { nil }
  28. it 'returns nil' do
  29. expect(subject.verify_account!).to be_nil
  30. end
  31. end
  32. context 'when signature is tampered' do
  33. let(:raw_signature) do
  34. {
  35. 'creator' => 'http://example.com/alice',
  36. 'created' => '2017-09-23T20:21:34Z',
  37. }
  38. end
  39. let(:signature) { raw_signature.merge('type' => 'RsaSignature2017', 'signatureValue' => 's69F3mfddd99dGjmvjdjjs81e12jn121Gkm1') }
  40. it 'returns nil' do
  41. expect(subject.verify_account!).to be_nil
  42. end
  43. end
  44. end
  45. describe '#sign!' do
  46. subject { described_class.new(raw_json).sign!(sender) }
  47. it 'returns a hash' do
  48. expect(subject).to be_a Hash
  49. end
  50. it 'contains signature' do
  51. expect(subject['signature']).to be_a Hash
  52. expect(subject['signature']['signatureValue']).to be_present
  53. end
  54. it 'can be verified again' do
  55. expect(described_class.new(subject).verify_account!).to eq sender
  56. end
  57. end
  58. def sign(from_account, options, document)
  59. options_hash = Digest::SHA256.hexdigest(canonicalize(options.merge('@context' => ActivityPub::LinkedDataSignature::CONTEXT)))
  60. document_hash = Digest::SHA256.hexdigest(canonicalize(document))
  61. to_be_verified = options_hash + document_hash
  62. Base64.strict_encode64(from_account.keypair.sign(OpenSSL::Digest::SHA256.new, to_be_verified))
  63. end
  64. end