Startseite Erkunden Hilfe
Anmelden
RISCI_ATOM
/
mastodon
Mirror von https://github.com/tootsuite/mastodon.git
1
0
Fork 0
Dateien Issues 8 Wiki
Struktur: de59e7e6a0
Branches Tags
mastodon
/
spec
/
lib
/
activitypub
/
linked_data_signature_spec.rb

linked_data_signature_spec.rb 2.3 KB
Verlauf Originalformat

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586 
  1. require 'rails_helper'
    2. 

  2. 

  3. RSpec.describe ActivityPub::LinkedDataSignature do
    4. 

  4.   include JsonLdHelper
    5. 

  5. 

  6.   let!(:sender) { Fabricate(:account, uri: 'http://example.com/alice') }
    7. 

  7. 

  8.   let(:raw_json) do
    9. 

  9.     {
    10. 

  10.       '@context' => 'https://www.w3.org/ns/activitystreams',
    11. 

  11.       'id' => 'http://example.com/hello-world',
    12. 

  12.     }
    13. 

  13.   end
    14. 

  14. 

  15.   let(:json) { raw_json.merge('signature' => signature) }
    16. 

  16. 

  17.   subject { described_class.new(json) }
    18. 

  18. 

  19.   before do
    20. 

  20.     stub_jsonld_contexts!
    21. 

  21.   end
    22. 

  22. 

  23.   describe '#verify_account!' do
    24. 

  24.     context 'when signature matches' do
    25. 

  25.       let(:raw_signature) do
    26. 

  26.         {
    27. 

  27.           'creator' => 'http://example.com/alice',
    28. 

  28.           'created' => '2017-09-23T20:21:34Z',
    29. 

  29.         }
    30. 

  30.       end
    31. 

  31. 

  32.       let(:signature) { raw_signature.merge('type' => 'RsaSignature2017', 'signatureValue' => sign(sender, raw_signature, raw_json)) }
    33. 

  33. 

  34.       it 'returns creator' do
    35. 

  35.         expect(subject.verify_account!).to eq sender
    36. 

  36.       end
    37. 

  37.     end
    38. 

  38. 

  39.     context 'when signature is missing' do
    40. 

  40.       let(:signature) { nil }
    41. 

  41. 

  42.       it 'returns nil' do
    43. 

  43.         expect(subject.verify_account!).to be_nil
    44. 

  44.       end
    45. 

  45.     end
    46. 

  46. 

  47.     context 'when signature is tampered' do
    48. 

  48.       let(:raw_signature) do
    49. 

  49.         {
    50. 

  50.           'creator' => 'http://example.com/alice',
    51. 

  51.           'created' => '2017-09-23T20:21:34Z',
    52. 

  52.         }
    53. 

  53.       end
    54. 

  54. 

  55.       let(:signature) { raw_signature.merge('type' => 'RsaSignature2017', 'signatureValue' => 's69F3mfddd99dGjmvjdjjs81e12jn121Gkm1') }
    56. 

  56. 

  57.       it 'returns nil' do
    58. 

  58.         expect(subject.verify_account!).to be_nil
    59. 

  59.       end
    60. 

  60.     end
    61. 

  61.   end
    62. 

  62. 

  63.   describe '#sign!' do
    64. 

  64.     subject { described_class.new(raw_json).sign!(sender) }
    65. 

  65. 

  66.     it 'returns a hash' do
    67. 

  67.       expect(subject).to be_a Hash
    68. 

  68.     end
    69. 

  69. 

  70.     it 'contains signature' do
    71. 

  71.       expect(subject['signature']).to be_a Hash
    72. 

  72.       expect(subject['signature']['signatureValue']).to be_present
    73. 

  73.     end
    74. 

  74. 

  75.     it 'can be verified again' do
    76. 

  76.       expect(described_class.new(subject).verify_account!).to eq sender
    77. 

  77.     end
    78. 

  78.   end
    79. 

  79. 

  80.   def sign(from_account, options, document)
    81. 

  81.     options_hash   = Digest::SHA256.hexdigest(canonicalize(options.merge('@context' => ActivityPub::LinkedDataSignature::CONTEXT)))
    82. 

  82.     document_hash  = Digest::SHA256.hexdigest(canonicalize(document))
    83. 

  83.     to_be_verified = options_hash + document_hash
    84. 

  84.     Base64.strict_encode64(from_account.keypair.sign(OpenSSL::Digest::SHA256.new, to_be_verified))
    85. 

  85.   end
    86. 

  86. end
    87.