Plume/plume-common/src/activity_pub/request.rs

use base64;
use openssl::hash::{Hasher, MessageDigest};
use reqwest::{
    mime::Mime,
    header::{Accept, Date, Headers, UserAgent, qitem}
};
use std::ops::Deref;
use std::time::SystemTime;

use activity_pub::ap_accept_header;
use activity_pub::sign::Signer;

const USER_AGENT: &'static str = concat!("Plume/", env!("CARGO_PKG_VERSION"));

header! {
    (Signature, "Signature") => [String]
}

header! {
    (Digest, "Digest") => [String]
}

impl Digest {
    pub fn digest(body: String) -> Self {
        let mut hasher = Hasher::new(MessageDigest::sha256()).unwrap();
        hasher.update(&body.into_bytes()[..]).unwrap();
        let res = base64::encode(&hasher.finish().unwrap());
        Digest(format!("SHA-256={}", res))
    }

    pub fn verify(&self, body: String) -> bool {
        if self.algorithm()=="SHA-256" {
            let mut hasher = Hasher::new(MessageDigest::sha256()).unwrap();
            hasher.update(&body.into_bytes()).unwrap();
            self.value().deref()==hasher.finish().unwrap().deref()
        } else {
            false //algorithm not supported
        }
    }

    pub fn algorithm(&self) -> &str {
        let pos = self.0.find('=').unwrap();
        &self.0[..pos]
    }

    pub fn value(&self) -> Vec<u8> {
        let pos = self.0.find('=').unwrap()+1;
        base64::decode(&self.0[pos..]).unwrap()
    }

    pub fn from_header(dig: &str) -> Result<Self, ()> {
        if let Some(pos) = dig.find('=') {
            let pos = pos+1;
            if let Ok(_) = base64::decode(&dig[pos..]) {
                Ok(Digest(dig.to_owned()))
            } else {
                Err(())
            }
        } else {
            Err(())
        }
    }
}

pub fn headers() -> Headers {
    let mut headers = Headers::new();
    headers.set(UserAgent::new(USER_AGENT));
    headers.set(Date(SystemTime::now().into()));
    headers.set(Accept(ap_accept_header().into_iter().map(|h| qitem(h.parse::<Mime>().expect("Invalid Content-Type"))).collect()));
    headers
}

pub fn signature<S: Signer>(signer: &S, headers: Headers) -> Signature {
    let signed_string = headers.iter().map(|h| format!("{}: {}", h.name().to_lowercase(), h.value_string())).collect::<Vec<String>>().join("\n");
    let signed_headers = headers.iter().map(|h| h.name().to_string()).collect::<Vec<String>>().join(" ").to_lowercase();

    let data = signer.sign(signed_string);
    let sign = base64::encode(&data[..]);

    Signature(format!(
        "keyId=\"{key_id}\",algorithm=\"rsa-sha256\",headers=\"{signed_headers}\",signature=\"{signature}\"",
        key_id = signer.get_key_id(),
        signed_headers = signed_headers,
        signature = sign
    ))
}
HTTP signature when sending activites 2018-05-04 17:18:00 +02:00			`use base64;`
			`use openssl::hash::{Hasher, MessageDigest};`
Send the 'Content-Type: application/activity+json' header for ActivityPub request Should fix #76 2018-06-23 13:23:37 +02:00			`use reqwest::{`
			`mime::Mime,`
Correctly parse HTTP Accept headers 2018-07-18 16:58:28 +02:00			`header::{Accept, Date, Headers, UserAgent, qitem}`
Send the 'Content-Type: application/activity+json' header for ActivityPub request Should fix #76 2018-06-23 13:23:37 +02:00			`};`
Verify http signatures 2018-10-03 09:31:38 +02:00			`use std::ops::Deref;`
Update the WebFinger crate Fixes an issue with some Mastodon accounts 2018-07-26 21:35:35 +02:00			`use std::time::SystemTime;`
HTTP signature when sending activites 2018-05-04 17:18:00 +02:00
Correctly parse HTTP Accept headers 2018-07-18 16:58:28 +02:00			`use activity_pub::ap_accept_header;`
HTTP signature when sending activites 2018-05-04 17:18:00 +02:00			`use activity_pub::sign::Signer;`

Use env!("CARGO_PKG_VERSION") instead of hardcoding version when possible See https://doc.rust-lang.org/cargo/reference/environment-variables.html#environment-variables-cargo-sets-for-crates 2018-10-06 19:33:10 +02:00			`const USER_AGENT: &'static str = concat!("Plume/", env!("CARGO_PKG_VERSION"));`
HTTP signature when sending activites 2018-05-04 17:18:00 +02:00
			`header! {`
			`(Signature, "Signature") => [String]`
			`}`

			`header! {`
			`(Digest, "Digest") => [String]`
			`}`

Verify http signatures 2018-10-03 09:31:38 +02:00			`impl Digest {`
			`pub fn digest(body: String) -> Self {`
			`let mut hasher = Hasher::new(MessageDigest::sha256()).unwrap();`
			`hasher.update(&body.into_bytes()[..]).unwrap();`
			`let res = base64::encode(&hasher.finish().unwrap());`
			`Digest(format!("SHA-256={}", res))`
			`}`

			`pub fn verify(&self, body: String) -> bool {`
			`if self.algorithm()=="SHA-256" {`
			`let mut hasher = Hasher::new(MessageDigest::sha256()).unwrap();`
			`hasher.update(&body.into_bytes()).unwrap();`
			`self.value().deref()==hasher.finish().unwrap().deref()`
			`} else {`
			`false //algorithm not supported`
			`}`
			`}`

			`pub fn algorithm(&self) -> &str {`
			`let pos = self.0.find('=').unwrap();`
			`&self.0[..pos]`
			`}`

			`pub fn value(&self) -> Vec<u8> {`
			`let pos = self.0.find('=').unwrap()+1;`
			`base64::decode(&self.0[pos..]).unwrap()`
			`}`

			`pub fn from_header(dig: &str) -> Result<Self, ()> {`
			`if let Some(pos) = dig.find('=') {`
			`let pos = pos+1;`
			`if let Ok(_) = base64::decode(&dig[pos..]) {`
			`Ok(Digest(dig.to_owned()))`
			`} else {`
			`Err(())`
			`}`
			`} else {`
			`Err(())`
			`}`
			`}`
			`}`

HTTP signature when sending activites 2018-05-04 17:18:00 +02:00			`pub fn headers() -> Headers {`
			`let mut headers = Headers::new();`
			`headers.set(UserAgent::new(USER_AGENT));`
			`headers.set(Date(SystemTime::now().into()));`
Correctly parse HTTP Accept headers 2018-07-18 16:58:28 +02:00			`headers.set(Accept(ap_accept_header().into_iter().map(\|h\| qitem(h.parse::<Mime>().expect("Invalid Content-Type"))).collect()));`
HTTP signature when sending activites 2018-05-04 17:18:00 +02:00			`headers`
			`}`

Remove PgConnection when we don't need it Massive simplification in the ActivityPub module! 2018-06-21 17:31:42 +02:00			`pub fn signature<S: Signer>(signer: &S, headers: Headers) -> Signature {`
HTTP signature when sending activites 2018-05-04 17:18:00 +02:00			`let signed_string = headers.iter().map(\|h\| format!("{}: {}", h.name().to_lowercase(), h.value_string())).collect::<Vec<String>>().join("\n");`
			`let signed_headers = headers.iter().map(\|h\| h.name().to_string()).collect::<Vec<String>>().join(" ").to_lowercase();`
Version bump 0.1.x was the pre-alpha. The first Alpha will be 0.2.x 2018-09-11 20:53:14 +02:00
HTTP signature when sending activites 2018-05-04 17:18:00 +02:00			`let data = signer.sign(signed_string);`
Fix request signatures We don't need to sha256 actually 2018-05-08 21:38:37 +02:00			`let sign = base64::encode(&data[..]);`
HTTP signature when sending activites 2018-05-04 17:18:00 +02:00
			`Signature(format!(`
Fix request signatures We don't need to sha256 actually 2018-05-08 21:38:37 +02:00			`"keyId=\"{key_id}\",algorithm=\"rsa-sha256\",headers=\"{signed_headers}\",signature=\"{signature}\"",`
Remove PgConnection when we don't need it Massive simplification in the ActivityPub module! 2018-06-21 17:31:42 +02:00			`key_id = signer.get_key_id(),`
HTTP signature when sending activites 2018-05-04 17:18:00 +02:00			`signed_headers = signed_headers,`
			`signature = sign`
			`))`
			`}`