chinwagsocial/app/lib/activitypub/linked_data_signature.rb

# frozen_string_literal: true

class ActivityPub::LinkedDataSignature
  include JsonLdHelper

  CONTEXT = 'https://w3id.org/identity/v1'

  def initialize(json)
    @json = json.with_indifferent_access
  end

  def verify_actor!
    return unless @json['signature'].is_a?(Hash)

    type        = @json['signature']['type']
    creator_uri = @json['signature']['creator']
    signature   = @json['signature']['signatureValue']

    return unless type == 'RsaSignature2017'

    creator   = ActivityPub::TagManager.instance.uri_to_actor(creator_uri)
    creator ||= ActivityPub::FetchRemoteKeyService.new.call(creator_uri, id: false)

    return if creator.nil?

    options_hash   = hash(@json['signature'].without('type', 'id', 'signatureValue').merge('@context' => CONTEXT))
    document_hash  = hash(@json.without('signature'))
    to_be_verified = options_hash + document_hash

    creator if creator.keypair.public_key.verify(OpenSSL::Digest.new('SHA256'), Base64.decode64(signature), to_be_verified)
  end

  def sign!(creator, sign_with: nil)
    options = {
      'type' => 'RsaSignature2017',
      'creator' => ActivityPub::TagManager.instance.key_uri_for(creator),
      'created' => Time.now.utc.iso8601,
    }

    options_hash  = hash(options.without('type', 'id', 'signatureValue').merge('@context' => CONTEXT))
    document_hash = hash(@json.without('signature'))
    to_be_signed  = options_hash + document_hash
    keypair       = sign_with.present? ? OpenSSL::PKey::RSA.new(sign_with) : creator.keypair

    signature = Base64.strict_encode64(keypair.sign(OpenSSL::Digest.new('SHA256'), to_be_signed))

    @json.merge('signature' => options.merge('signatureValue' => signature))
  end

  private

  def hash(obj)
    Digest::SHA256.hexdigest(canonicalize(obj))
  end
end
Add handling of Linked Data Signatures in payloads (#4687) * Add handling of Linked Data Signatures in payloads * Add a way to sign JSON, fix canonicalization of signature options * Fix signatureValue encoding, send out signed JSON when distributing * Add missing security context 2017-08-26 21:47:38 +10:00			`# frozen_string_literal: true`

			`class ActivityPub::LinkedDataSignature`
			`include JsonLdHelper`

			`CONTEXT = 'https://w3id.org/identity/v1'`

			`def initialize(json)`
Allow Symbol keyed Hash in LinkedDataSignature (#4715) SerializarbleResource#as_json serializes to Symbol keyed Hash, but current implementation of LinkedDataSignature expects String keyed Hash. So it generates broken payload. 2017-08-27 21:35:01 +10:00			`@json = json.with_indifferent_access`
Add handling of Linked Data Signatures in payloads (#4687) * Add handling of Linked Data Signatures in payloads * Add a way to sign JSON, fix canonicalization of signature options * Fix signatureValue encoding, send out signed JSON when distributing * Add missing security context 2017-08-26 21:47:38 +10:00			`end`

Refactor ActivityPub handling to prepare for non-Account actors (#19212) * Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is specifically required to be an Account * Refactor SignatureVerification to allow non-Account actors * fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService * Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors * Refactor inbound ActivityPub payload processing to accept non-Account actors * Refactor inbound ActivityPub processing to accept activities relayed through non-Account * Refactor how Account key URIs are built * Refactor Request and drop unused key_id_format parameter * Rename ActivityPub::Dereferencer `signature_account` to `signature_actor` 2022-09-22 06:45:57 +10:00			`def verify_actor!`
Add handling of Linked Data Signatures in payloads (#4687) * Add handling of Linked Data Signatures in payloads * Add a way to sign JSON, fix canonicalization of signature options * Fix signatureValue encoding, send out signed JSON when distributing * Add missing security context 2017-08-26 21:47:38 +10:00			`return unless @json['signature'].is_a?(Hash)`

			`type = @json['signature']['type']`
			`creator_uri = @json['signature']['creator']`
			`signature = @json['signature']['signatureValue']`

			`return unless type == 'RsaSignature2017'`

Refactor ActivityPub handling to prepare for non-Account actors (#19212) * Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is specifically required to be an Account * Refactor SignatureVerification to allow non-Account actors * fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService * Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors * Refactor inbound ActivityPub payload processing to accept non-Account actors * Refactor inbound ActivityPub processing to accept activities relayed through non-Account * Refactor how Account key URIs are built * Refactor Request and drop unused key_id_format parameter * Rename ActivityPub::Dereferencer `signature_account` to `signature_actor` 2022-09-22 06:45:57 +10:00			`creator = ActivityPub::TagManager.instance.uri_to_actor(creator_uri)`
Validate id of ActivityPub representations (#5114) Additionally, ActivityPub::FetchRemoteStatusService no longer parses activities. OStatus::Activity::Creation no longer delegates to ActivityPub because the provided ActivityPub representations are not signed while OStatus representations are. 2017-10-04 10:13:48 +11:00			`creator \|\|= ActivityPub::FetchRemoteKeyService.new.call(creator_uri, id: false)`
Add handling of Linked Data Signatures in payloads (#4687) * Add handling of Linked Data Signatures in payloads * Add a way to sign JSON, fix canonicalization of signature options * Fix signatureValue encoding, send out signed JSON when distributing * Add missing security context 2017-08-26 21:47:38 +10:00
			`return if creator.nil?`

			`options_hash = hash(@json['signature'].without('type', 'id', 'signatureValue').merge('@context' => CONTEXT))`
			`document_hash = hash(@json.without('signature'))`
			`to_be_verified = options_hash + document_hash`

Autofix Rubocop Style/IfUnlessModifier (#23697) 2023-02-18 22:37:47 +11:00			`creator if creator.keypair.public_key.verify(OpenSSL::Digest.new('SHA256'), Base64.decode64(signature), to_be_verified)`
Add handling of Linked Data Signatures in payloads (#4687) * Add handling of Linked Data Signatures in payloads * Add a way to sign JSON, fix canonicalization of signature options * Fix signatureValue encoding, send out signed JSON when distributing * Add missing security context 2017-08-26 21:47:38 +10:00			`end`

Add CLI task for rotating keys (#8466) * If an Update is signed with known key, skip re-following procedure Because it means the remote actor did not lose their database * Add CLI method for rotating keys bin/tootctl accounts rotate [USERNAME] Generates a new RSA key per account and sends out an Update activity signed with the old key. * Key rotation: Space out Update fan-outs every 5 minutes per 1000 accounts * Skip suspended accounts in key rotation 2018-08-27 04:21:03 +10:00			`def sign!(creator, sign_with: nil)`
Add handling of Linked Data Signatures in payloads (#4687) * Add handling of Linked Data Signatures in payloads * Add a way to sign JSON, fix canonicalization of signature options * Fix signatureValue encoding, send out signed JSON when distributing * Add missing security context 2017-08-26 21:47:38 +10:00			`options = {`
Autofix Rubocop remaining Layout rules (#23679) 2023-02-20 16:58:28 +11:00			`'type' => 'RsaSignature2017',`
Refactor ActivityPub handling to prepare for non-Account actors (#19212) * Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is specifically required to be an Account * Refactor SignatureVerification to allow non-Account actors * fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService * Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors * Refactor inbound ActivityPub payload processing to accept non-Account actors * Refactor inbound ActivityPub processing to accept activities relayed through non-Account * Refactor how Account key URIs are built * Refactor Request and drop unused key_id_format parameter * Rename ActivityPub::Dereferencer `signature_account` to `signature_actor` 2022-09-22 06:45:57 +10:00			`'creator' => ActivityPub::TagManager.instance.key_uri_for(creator),`
Add handling of Linked Data Signatures in payloads (#4687) * Add handling of Linked Data Signatures in payloads * Add a way to sign JSON, fix canonicalization of signature options * Fix signatureValue encoding, send out signed JSON when distributing * Add missing security context 2017-08-26 21:47:38 +10:00			`'created' => Time.now.utc.iso8601,`
			`}`

			`options_hash = hash(options.without('type', 'id', 'signatureValue').merge('@context' => CONTEXT))`
			`document_hash = hash(@json.without('signature'))`
			`to_be_signed = options_hash + document_hash`
Add CLI task for rotating keys (#8466) * If an Update is signed with known key, skip re-following procedure Because it means the remote actor did not lose their database * Add CLI method for rotating keys bin/tootctl accounts rotate [USERNAME] Generates a new RSA key per account and sends out an Update activity signed with the old key. * Key rotation: Space out Update fan-outs every 5 minutes per 1000 accounts * Skip suspended accounts in key rotation 2018-08-27 04:21:03 +10:00			`keypair = sign_with.present? ? OpenSSL::PKey::RSA.new(sign_with) : creator.keypair`
Add handling of Linked Data Signatures in payloads (#4687) * Add handling of Linked Data Signatures in payloads * Add a way to sign JSON, fix canonicalization of signature options * Fix signatureValue encoding, send out signed JSON when distributing * Add missing security context 2017-08-26 21:47:38 +10:00
Bump rubocop from 0.86.0 to 0.88.0 (#14412) * Bump rubocop from 0.86.0 to 0.88.0 Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.86.0 to 0.88.0. - [Release notes](https://github.com/rubocop-hq/rubocop/releases) - [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.86.0...v0.88.0) Signed-off-by: dependabot[bot] <support@github.com> * Fix for latest RuboCop Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh> 2020-09-01 11:04:00 +10:00			`signature = Base64.strict_encode64(keypair.sign(OpenSSL::Digest.new('SHA256'), to_be_signed))`
Add handling of Linked Data Signatures in payloads (#4687) * Add handling of Linked Data Signatures in payloads * Add a way to sign JSON, fix canonicalization of signature options * Fix signatureValue encoding, send out signed JSON when distributing * Add missing security context 2017-08-26 21:47:38 +10:00
Remove identity context from output of LinkedDataSignature (#4753) 2017-09-01 05:32:09 +10:00			`@json.merge('signature' => options.merge('signatureValue' => signature))`
Add handling of Linked Data Signatures in payloads (#4687) * Add handling of Linked Data Signatures in payloads * Add a way to sign JSON, fix canonicalization of signature options * Fix signatureValue encoding, send out signed JSON when distributing * Add missing security context 2017-08-26 21:47:38 +10:00			`end`

			`private`

			`def hash(obj)`
			`Digest::SHA256.hexdigest(canonicalize(obj))`
			`end`
			`end`