logo

mastofe

My custom branche(s) on git.pleroma.social/pleroma/mastofe git clone https://hacktivis.me/git/mastofe.git

linked_data_signature_spec.rb (2335B)

    

  1. require 'rails_helper'

  2. 

  3. RSpec.describe ActivityPub::LinkedDataSignature do

  4.   include JsonLdHelper

  5. 

  6.   let!(:sender) { Fabricate(:account, uri: 'http://example.com/alice') }

  7. 

  8.   let(:raw_json) do

  9.     {

  10.       '@context' => 'https://www.w3.org/ns/activitystreams',

  11.       'id' => 'http://example.com/hello-world',

  12.     }

  13.   end

  14. 

  15.   let(:json) { raw_json.merge('signature' => signature) }

  16. 

  17.   subject { described_class.new(json) }

  18. 

  19.   describe '#verify_account!' do

  20.     context 'when signature matches' do

  21.       let(:raw_signature) do

  22.         {

  23.           'creator' => 'http://example.com/alice',

  24.           'created' => '2017-09-23T20:21:34Z',

  25.         }

  26.       end

  27. 

  28.       let(:signature) { raw_signature.merge('type' => 'RsaSignature2017', 'signatureValue' => sign(sender, raw_signature, raw_json)) }

  29. 

  30.       it 'returns creator' do

  31.         expect(subject.verify_account!).to eq sender

  32.       end

  33.     end

  34. 

  35.     context 'when signature is missing' do

  36.       let(:signature) { nil }

  37. 

  38.       it 'returns nil' do

  39.         expect(subject.verify_account!).to be_nil

  40.       end

  41.     end

  42. 

  43.     context 'when signature is tampered' do

  44.       let(:raw_signature) do

  45.         {

  46.           'creator' => 'http://example.com/alice',

  47.           'created' => '2017-09-23T20:21:34Z',

  48.         }

  49.       end

  50. 

  51.       let(:signature) { raw_signature.merge('type' => 'RsaSignature2017', 'signatureValue' => 's69F3mfddd99dGjmvjdjjs81e12jn121Gkm1') }

  52. 

  53.       it 'returns nil' do

  54.         expect(subject.verify_account!).to be_nil

  55.       end

  56.     end

  57.   end

  58. 

  59.   describe '#sign!' do

  60.     subject { described_class.new(raw_json).sign!(sender) }

  61. 

  62.     it 'returns a hash' do

  63.       expect(subject).to be_a Hash

  64.     end

  65. 

  66.     it 'contains signature' do

  67.       expect(subject['signature']).to be_a Hash

  68.       expect(subject['signature']['signatureValue']).to be_present

  69.     end

  70. 

  71.     it 'can be verified again' do

  72.       expect(described_class.new(subject).verify_account!).to eq sender

  73.     end

  74.   end

  75. 

  76.   def sign(from_account, options, document)

  77.     options_hash   = Digest::SHA256.hexdigest(canonicalize(options.merge('@context' => ActivityPub::LinkedDataSignature::CONTEXT)))

  78.     document_hash  = Digest::SHA256.hexdigest(canonicalize(document))

  79.     to_be_verified = options_hash + document_hash

  80.     Base64.strict_encode64(from_account.keypair.sign(OpenSSL::Digest::SHA256.new, to_be_verified))

  81.   end

  82. end