UNPKG

@fedify/fedify

Version:

An ActivityPub server framework

255 lines (251 loc) • 10.6 kB
import { Temporal } from "@js-temporal/polyfill"; import { URLPattern } from "urlpattern-polyfill"; globalThis.addEventListener = () => {}; import { assertEquals } from "../assert_equals-CTYbeopb.js"; import "../assert-DmFG7ppO.js"; import "../assert_instance_of-CF09JHYM.js"; import "../docloader-C8mmLN-Y.js"; import "../url-kTAI6_KP.js"; import "../multibase-DeCHcK8L.js"; import { CryptographicKey, Multikey } from "../vocab-dDpPQ0fF.js"; import "../langstr-DbWheeIS.js"; import "../lookup-Ozuw-rxN.js"; import "../type-D2s5lmbZ.js"; import "../actor-BP-NTJ2m.js"; import { exportJwk, fetchKey, generateCryptoKeyPair, importJwk, validateCryptoKey } from "../key-CPSlDkCj.js"; import { test } from "../testing-BZ0dJ4qn.js"; import "../std__assert-vp0TKMS1.js"; import { assertRejects } from "../assert_rejects-C-sxEMM5.js"; import "../assert_is_error-nrwA1GeT.js"; import "../assert_not_equals-Dc7y-V5Q.js"; import { assertThrows } from "../assert_throws-Cn9C6Jur.js"; import { mockDocumentLoader } from "../docloader-09nVWLAZ.js"; import { ed25519Multikey, rsaPrivateKey2, rsaPublicKey1, rsaPublicKey2, rsaPublicKey3 } from "../keys-CtFc865v.js"; //#region sig/key.test.ts test("validateCryptoKey()", async () => { const pkcs1v15 = await crypto.subtle.generateKey({ name: "RSASSA-PKCS1-v1_5", modulusLength: 2048, publicExponent: new Uint8Array([ 1, 0, 1 ]), hash: "SHA-256" }, true, ["sign", "verify"]); validateCryptoKey(pkcs1v15.privateKey, "private"); validateCryptoKey(pkcs1v15.privateKey); validateCryptoKey(pkcs1v15.publicKey, "public"); validateCryptoKey(pkcs1v15.publicKey); const ed25519 = await crypto.subtle.generateKey("Ed25519", true, ["sign", "verify"]); validateCryptoKey(ed25519.privateKey, "private"); validateCryptoKey(ed25519.privateKey); validateCryptoKey(ed25519.publicKey, "public"); validateCryptoKey(ed25519.publicKey); assertThrows(() => validateCryptoKey(pkcs1v15.privateKey, "public"), TypeError, "The key is not a public key."); assertThrows(() => validateCryptoKey(pkcs1v15.publicKey, "private"), TypeError, "The key is not a private key."); assertThrows(() => validateCryptoKey(ed25519.privateKey, "public"), TypeError, "The key is not a public key."); assertThrows(() => validateCryptoKey(ed25519.publicKey, "private"), TypeError, "The key is not a private key."); const ecdsa = await crypto.subtle.generateKey({ name: "ECDSA", namedCurve: "P-256" }, true, ["sign", "verify"]); assertThrows(() => validateCryptoKey(ecdsa.publicKey), TypeError, "only RSASSA-PKCS1-v1_5 and Ed25519"); const pkcs1v15Sha512 = await crypto.subtle.generateKey({ name: "RSASSA-PKCS1-v1_5", modulusLength: 2048, publicExponent: new Uint8Array([ 1, 0, 1 ]), hash: "SHA-512" }, true, ["sign", "verify"]); assertThrows(() => validateCryptoKey(pkcs1v15Sha512.privateKey), TypeError, "hash algorithm for RSASSA-PKCS1-v1_5 keys must be SHA-256"); }); test("generateCryptoKeyPair()", async () => { const rsaKeyPair = await generateCryptoKeyPair(); assertEquals(rsaKeyPair.privateKey.algorithm, { name: "RSASSA-PKCS1-v1_5", hash: { name: "SHA-256" }, modulusLength: 4096, publicExponent: new Uint8Array([ 1, 0, 1 ]) }); validateCryptoKey(rsaKeyPair.privateKey, "private"); validateCryptoKey(rsaKeyPair.publicKey, "public"); const rsaKeyPair2 = await generateCryptoKeyPair("RSASSA-PKCS1-v1_5"); assertEquals(rsaKeyPair2.privateKey.algorithm, { name: "RSASSA-PKCS1-v1_5", hash: { name: "SHA-256" }, modulusLength: 4096, publicExponent: new Uint8Array([ 1, 0, 1 ]) }); validateCryptoKey(rsaKeyPair2.privateKey, "private"); validateCryptoKey(rsaKeyPair2.publicKey, "public"); const ed25519KeyPair = await generateCryptoKeyPair("Ed25519"); assertEquals(ed25519KeyPair.privateKey.algorithm, { name: "Ed25519" }); validateCryptoKey(ed25519KeyPair.privateKey, "private"); validateCryptoKey(ed25519KeyPair.publicKey, "public"); }); const rsaPublicJwk = { alg: "RS256", kty: "RSA", e: "AQAB", n: "oRmBtnxbdFutoRd1GLGwwGTrsqlRRWUe11hHQaoRLGf5LwQ0tIc6I9q-dynliw-2kxYsLn9SH2je6HcTYOolgW7F_cOWXZQN04b-OiYcU1ConAhLjmn4k1uKawJ614y0ScPNd8PQ-CljsnlPxbq9ofaCMe2BV3B6y09aCuGFJ0nxn1_ubjmIBIWWFTAznoz1J9BhJDGyt3IO3ABy3f9zDVlR32L_n5VIkXnxkjUKdzMAOzYb62kuKOp1iznRTPrV71SNtivJMwSh_LVgBrmZjtIn_oim-KyX_fdLU3tQ7VClyqmJzyAjccOH6Qj6nFTPh-vX07gqN8IlLT2uye4waw", key_ops: ["verify"], ext: true }; const rsaPrivateJwk = { alg: "RS256", kty: "RSA", d: "f-Pa2L7Sb4YUSa1wlSEC-0li35uQ3DFRkY0QTG2xYnpMFGoXWTV9D1epGrqU8pePzias_mCvFiZPx2Y4aRiYm68P2Mu7hCBz9XfWPN1iYTXIFM51BOLVpk3mjdsTICkgOusJI0m9jDR3ZAjwLj14K6qhYvd0VbECmoItLjQoW64Sc9iDgD3CvGoTqv71oTfW70cy-Ve1xQ9CThAmMOTKe6rYCUTA8tMZcPszifZ4iOasOjgvRxyel86LqGNtyslY8k86gQlMtFpR3VeZV_8otAWZn0mDc4vVU8HUO-DzYiIFdAcVxfPJh6tx7snCTsdzze_98OEAK4EWYBn7vsGFeQ", dp: "lrXReSkZQXSmSxQ1TimV5kMt96gSu4_r-OGIabVmoG5irhjMyN08Jjc3qK9oZS3uNM-LxAOg4OdzefjsF9IMfZJl6wuLd85g_l4BHSaEk5zC8l3QugX1IU9XZ7wDxXUrutMoNtZXDtdbveAMtHNZlIu-qmEBDWzkqJiz2WpW-AE", dq: "TCLoYcX0ywuNA9DSU6v94KmBh1e_IELEFVbJb5vvLKlAK-ycMK0rfzC1co9Hhkski1LskTnxnoqwZ5oF-7X10eZvy3Te_FHSl0IsTar8ST2-MRtGh2UjTdvP_nnygj4GcXvKfngjPEfthDzVfVMeR38oDhDxMFD5AaY_v9aMH_U", e: "AQAB", n: "oRmBtnxbdFutoRd1GLGwwGTrsqlRRWUe11hHQaoRLGf5LwQ0tIc6I9q-dynliw-2kxYsLn9SH2je6HcTYOolgW7F_cOWXZQN04b-OiYcU1ConAhLjmn4k1uKawJ614y0ScPNd8PQ-CljsnlPxbq9ofaCMe2BV3B6y09aCuGFJ0nxn1_ubjmIBIWWFTAznoz1J9BhJDGyt3IO3ABy3f9zDVlR32L_n5VIkXnxkjUKdzMAOzYb62kuKOp1iznRTPrV71SNtivJMwSh_LVgBrmZjtIn_oim-KyX_fdLU3tQ7VClyqmJzyAjccOH6Qj6nFTPh-vX07gqN8IlLT2uye4waw", p: "xuDd7tE_47NWwvDTpB403X13EPA3768MlNpl_v_BGiuP-1uvWUnsOVZB0F3HXSVg1sBVNtec46v7OU0P693gvYUhouTmSQpayY_VFqMklprWgs7cfneqbeDzv3C4Fw5waY-vjoINDsE1jYELUnl5cVjXXyxuGFG-IaLJKmHmHX0", q: "z17X2t9zO6WcMp6W04gXdKmniJlxekOrOmWnrX9AwaM8NYCLN3y23r59nqNP9aUAWG1eoGFmav2rYQitWhz_VsEu2pQUsfsYKZYHchu5p_jCYwuM3rIg7aCbhtGv_tBoWAf1NvKMhtp2es0ZaHZCzKDGSOkIYDOB-ZDmNigWigc", qi: "KC6gWhVM_x7iQgl-gEoSh_iM1Jf314ZLJKAAz1DsTHMi5yuCkCMmmY7h6jlkAJVngK3KIf5LPoAeUoGJ26E1kocbRU_nZBftMDVXHCYICz8qMQXR5euN_5SeJnu_VWXH-CY83MKhPYAorWSZ1-G9gh-C16LlRMzJwoE6h5QNeNo", key_ops: ["sign"], ext: true }; test("exportJwk()", async () => { assertEquals(await exportJwk(rsaPrivateKey2), rsaPrivateJwk); assertEquals(await exportJwk(rsaPublicKey2.publicKey), rsaPublicJwk); }); test("importJwk()", async () => { assertEquals(await importJwk(rsaPrivateJwk, "private"), rsaPrivateKey2); assertEquals(await importJwk(rsaPublicJwk, "public"), rsaPublicKey2.publicKey); assertRejects(() => importJwk(rsaPublicJwk, "private")); assertRejects(() => importJwk(rsaPrivateJwk, "public")); }); test("fetchKey()", async () => { const cache = {}; const options = { documentLoader: mockDocumentLoader, contextLoader: mockDocumentLoader, keyCache: { get(keyId) { return Promise.resolve(cache[keyId.href]); }, set(keyId, key) { cache[keyId.href] = key; return Promise.resolve(); } } }; assertEquals(await fetchKey("https://example.com/nothing", CryptographicKey, options), { key: null, cached: false }); assertEquals(cache, { "https://example.com/nothing": null }); assertEquals(await fetchKey("https://example.com/nothing", CryptographicKey, options), { key: null, cached: true }); assertEquals(cache, { "https://example.com/nothing": null }); assertEquals(await fetchKey("https://example.com/object", CryptographicKey, options), { key: null, cached: false }); assertEquals(cache, { "https://example.com/nothing": null, "https://example.com/object": null }); assertEquals(await fetchKey("https://example.com/key", CryptographicKey, options), { key: rsaPublicKey1, cached: false }); assertEquals(cache, { "https://example.com/nothing": null, "https://example.com/object": null, "https://example.com/key": rsaPublicKey1 }); assertEquals(await fetchKey("https://example.com/key", CryptographicKey, options), { key: rsaPublicKey1, cached: true }); assertEquals(cache, { "https://example.com/nothing": null, "https://example.com/object": null, "https://example.com/key": rsaPublicKey1 }); assertEquals(await fetchKey("https://example.com/person#no-key", CryptographicKey, options), { key: null, cached: false }); assertEquals(cache, { "https://example.com/nothing": null, "https://example.com/object": null, "https://example.com/key": rsaPublicKey1, "https://example.com/person#no-key": null }); assertEquals(await fetchKey("https://example.com/person2#key3", CryptographicKey, options), { key: rsaPublicKey3, cached: false }); assertEquals(cache, { "https://example.com/nothing": null, "https://example.com/object": null, "https://example.com/key": rsaPublicKey1, "https://example.com/person#no-key": null, "https://example.com/person2#key3": rsaPublicKey3 }); assertEquals(await fetchKey("https://example.com/person2#key3", CryptographicKey, options), { key: rsaPublicKey3, cached: true }); assertEquals(cache, { "https://example.com/nothing": null, "https://example.com/object": null, "https://example.com/key": rsaPublicKey1, "https://example.com/person#no-key": null, "https://example.com/person2#key3": rsaPublicKey3 }); assertEquals(await fetchKey("https://example.com/person2#key4", Multikey, options), { key: ed25519Multikey, cached: false }); assertEquals(cache, { "https://example.com/nothing": null, "https://example.com/object": null, "https://example.com/key": rsaPublicKey1, "https://example.com/person#no-key": null, "https://example.com/person2#key3": rsaPublicKey3, "https://example.com/person2#key4": ed25519Multikey }); assertEquals(await fetchKey("https://example.com/person2#key4", Multikey, options), { key: ed25519Multikey, cached: true }); assertEquals(await fetchKey("https://example.com/key", CryptographicKey, { ...options, keyCache: void 0 }), { key: rsaPublicKey1, cached: false }); assertEquals(await fetchKey("https://example.com/users/handle", CryptographicKey, options), { key: new CryptographicKey({ id: new URL("https://example.com/users/handle#main-key"), publicKey: await importJwk({ kty: "RSA", alg: "RS256", n: "oRmBtnxbdFutoRd1GLGwwGTrsqlRRWUe11hHQaoRLGf5LwQ0tIc6I9q-dynliw-2kxYsLn9SH2je6HcTYOolgW7F_cOWXZQN04b-OiYcU1ConAhLjmn4k1uKawJ614y0ScPNd8PQ-CljsnlPxbq9ofaCMe2BV3B6y09aCuGFJ0nxn1_ubjmIBIWWFTAznoz1J9BhJDGyt3IO3ABy3f9zDVlR32L_n5VIkXnxkjUKdzMAOzYb62kuKOp1iznRTPrV71SNtivJMwSh_LVgBrmZjtIn_oim-KyX_fdLU3tQ7VClyqmJzyAjccOH6Qj6nFTPh-vX07gqN8IlLT2uye4waw", e: "AQAB", key_ops: ["verify"], ext: true }, "public") }), cached: false }); }); //#endregion