import * as assert from "assert"; import httpSignature from "@peertube/http-signature"; import { genRsaKeyPair } from "../src/misc/gen-key-pair.js"; import { createSignedPost, createSignedGet, } from "../src/remote/activitypub/ap-request.js"; export const buildParsedSignature = ( signingString: string, signature: string, algorithm: string, ) => { return { scheme: "Signature", params: { keyId: "KeyID", // dummy, not used for verify algorithm: algorithm, headers: ["(request-target)", "date", "host", "digest"], // dummy, not used for verify signature: signature, }, signingString: signingString, algorithm: algorithm.toUpperCase(), keyId: "KeyID", // dummy, not used for verify }; }; describe("ap-request", () => { it("createSignedPost with verify", async () => { const keypair = await genRsaKeyPair(); const key = { keyId: "x", privateKeyPem: keypair.privateKey }; const url = "https://example.com/inbox"; const activity = { a: 1 }; const body = JSON.stringify(activity); const headers = { "User-Agent": "UA", }; const req = createSignedPost({ key, url, body, additionalHeaders: headers, }); const parsed = buildParsedSignature( req.signingString, req.signature, "rsa-sha256", ); const result = httpSignature.verifySignature(parsed, keypair.publicKey); assert.deepStrictEqual(result, true); }); it("createSignedGet with verify", async () => { const keypair = await genRsaKeyPair(); const key = { keyId: "x", privateKeyPem: keypair.privateKey }; const url = "https://example.com/outbox"; const headers = { "User-Agent": "UA", }; const req = createSignedGet({ key, url, additionalHeaders: headers }); const parsed = buildParsedSignature( req.signingString, req.signature, "rsa-sha256", ); const result = httpSignature.verifySignature(parsed, keypair.publicKey); assert.deepStrictEqual(result, true); }); });