Merge pull request #85 from NicolasConstant/develop

0.14.0 PR
NicolasConstant · Feb 6, 2021 · fcc7bba · fcc7bba
2 parents 0bb7e89 + c02b480
commit fcc7bba
Show file tree

Hide file tree

Showing 7 changed files with 103 additions and 30 deletions.
diff --git a/src/BirdsiteLive.Common/Regexes/HeaderRegexes.cs b/src/BirdsiteLive.Common/Regexes/HeaderRegexes.cs
@@ -0,0 +1,9 @@
+using System.Text.RegularExpressions;
+
+namespace BirdsiteLive.Common.Regexes
+{
+    public class HeaderRegexes
+    {
+        public static readonly Regex HeaderSignature = new Regex(@"^([a-zA-Z0-9]+)=""(.+)""$");
+    }
+}
diff --git a/src/BirdsiteLive.Domain/ActivityPubService.cs b/src/BirdsiteLive.Domain/ActivityPubService.cs
@@ -40,7 +40,7 @@ public ActivityPubService(ICryptoService cryptoService, InstanceSettings instanc
         public async Task<Actor> GetUser(string objectId)
         {
             var httpClient = _httpClientFactory.CreateClient();
-            httpClient.DefaultRequestHeaders.Add("Accept", "application/json");
+            httpClient.DefaultRequestHeaders.Add("Accept", "application/activity+json");
             var result = await httpClient.GetAsync(objectId);
             var content = await result.Content.ReadAsStringAsync();
             return JsonConvert.DeserializeObject<Actor>(content);

diff --git a/src/BirdsiteLive.Domain/UserService.cs b/src/BirdsiteLive.Domain/UserService.cs
@@ -7,6 +7,7 @@
 using System.Threading.Tasks;
 using BirdsiteLive.ActivityPub;
 using BirdsiteLive.ActivityPub.Converters;
+using BirdsiteLive.Common.Regexes;
 using BirdsiteLive.Common.Settings;
 using BirdsiteLive.Cryptography;
 using BirdsiteLive.Domain.BusinessUseCases;
@@ -239,55 +240,38 @@ private async Task<SignatureValidationResult> ValidateSignature(string actor, st
             var signature_header = new Dictionary<string, string>();
             foreach (var signature in signatures)
             {
-                var splitSig = signature.Replace("\"", string.Empty).Split('=');
-                signature_header.Add(splitSig[0], splitSig[1]);
+                var m = HeaderRegexes.HeaderSignature.Match(signature);
+                signature_header.Add(m.Groups[1].ToString(), m.Groups[2].ToString());
             }
 
-            signature_header["signature"] = signature_header["signature"] + "==";
-
             var key_id = signature_header["keyId"];
             var headers = signature_header["headers"];
             var algorithm = signature_header["algorithm"];
             var sig = Convert.FromBase64String(signature_header["signature"]);
 
-
+            // Retrieve User
             var remoteUser = await _activityPubService.GetUser(actor);
 
+            // Prepare Key data
             var toDecode = remoteUser.publicKey.publicKeyPem.Trim().Remove(0, remoteUser.publicKey.publicKeyPem.IndexOf('\n'));
             toDecode = toDecode.Remove(toDecode.LastIndexOf('\n')).Replace("\n", "");
             var signKey = ASN1.ToRSA(Convert.FromBase64String(toDecode));
 
             var toSign = new StringBuilder();
-            //var comparisonString = headers.Split(' ').Select(signed_header_name =>
-            //{
-            //    if (signed_header_name == "(request-target)")
-            //        return "(request-target): post /inbox";
-            //    else
-            //        return $"{signed_header_name}: {r.Headers[signed_header_name.ToUpperInvariant()]}";
-            //});
-
             foreach (var headerKey in headers.Split(' '))
             {
                 if (headerKey == "(request-target)") toSign.Append($"(request-target): {method.ToLower()} {path}{queryString}\n");
                 else toSign.Append($"{headerKey}: {string.Join(", ", requestHeaders[headerKey])}\n");
             }
             toSign.Remove(toSign.Length - 1, 1);
 
-            //var signKey = ASN1.ToRSA(Convert.FromBase64String(toDecode));
-
-            //new RSACryptoServiceProvider(keyId.publicKey.publicKeyPem);
-
-            //Create a new instance of RSACryptoServiceProvider.
-            RSACryptoServiceProvider key = new RSACryptoServiceProvider();
-
-            //Get an instance of RSAParameters from ExportParameters function.
-            RSAParameters RSAKeyInfo = key.ExportParameters(false);
-
-            //Set RSAKeyInfo to the public key values.
-            RSAKeyInfo.Modulus = Convert.FromBase64String(toDecode);
-
-            key.ImportParameters(RSAKeyInfo);
+            // Import key
+            var key = new RSACryptoServiceProvider();
+            var rsaKeyInfo = key.ExportParameters(false);
+            rsaKeyInfo.Modulus = Convert.FromBase64String(toDecode);
+            key.ImportParameters(rsaKeyInfo);
 
+            // Trust and Verify
             var result = signKey.VerifyData(Encoding.UTF8.GetBytes(toSign.ToString()), sig, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
 
             return new SignatureValidationResult()

diff --git a/src/BirdsiteLive.sln b/src/BirdsiteLive.sln
@@ -39,7 +39,9 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "BirdsiteLive.Domain.Tests",
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "BirdsiteLive.Pipeline.Tests", "Tests\BirdsiteLive.Pipeline.Tests\BirdsiteLive.Pipeline.Tests.csproj", "{BF51CA81-5A7A-46F8-B4FB-861C6BE59298}"
 EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "BirdsiteLive.DAL.Tests", "Tests\BirdsiteLive.DAL.Tests\BirdsiteLive.DAL.Tests.csproj", "{5A1E3EB5-6CBB-470D-8A0D-10F8C18353D5}"
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "BirdsiteLive.DAL.Tests", "Tests\BirdsiteLive.DAL.Tests\BirdsiteLive.DAL.Tests.csproj", "{5A1E3EB5-6CBB-470D-8A0D-10F8C18353D5}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "BirdsiteLive.Common.Tests", "Tests\BirdsiteLive.Common.Tests\BirdsiteLive.Common.Tests.csproj", "{C69F7582-6050-44DC-BAAB-7C8F0BDA525C}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
@@ -107,6 +109,10 @@ Global
 		{5A1E3EB5-6CBB-470D-8A0D-10F8C18353D5}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{5A1E3EB5-6CBB-470D-8A0D-10F8C18353D5}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{5A1E3EB5-6CBB-470D-8A0D-10F8C18353D5}.Release|Any CPU.Build.0 = Release|Any CPU
+		{C69F7582-6050-44DC-BAAB-7C8F0BDA525C}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{C69F7582-6050-44DC-BAAB-7C8F0BDA525C}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{C69F7582-6050-44DC-BAAB-7C8F0BDA525C}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{C69F7582-6050-44DC-BAAB-7C8F0BDA525C}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -126,6 +132,7 @@ Global
 		{F544D745-89A8-4DEA-B61C-A7E6C53C1D63} = {A32D3458-09D0-4E0A-BA4B-8C411B816B94}
 		{BF51CA81-5A7A-46F8-B4FB-861C6BE59298} = {A32D3458-09D0-4E0A-BA4B-8C411B816B94}
 		{5A1E3EB5-6CBB-470D-8A0D-10F8C18353D5} = {A32D3458-09D0-4E0A-BA4B-8C411B816B94}
+		{C69F7582-6050-44DC-BAAB-7C8F0BDA525C} = {A32D3458-09D0-4E0A-BA4B-8C411B816B94}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {69E8DCAD-4C37-4010-858F-5F94E6FBABCE}

diff --git a/src/BirdsiteLive/BirdsiteLive.csproj b/src/BirdsiteLive/BirdsiteLive.csproj
@@ -4,7 +4,7 @@
     <TargetFramework>netcoreapp3.1</TargetFramework>
     <UserSecretsId>d21486de-a812-47eb-a419-05682bb68856</UserSecretsId>
     <DockerDefaultTargetOS>Linux</DockerDefaultTargetOS>
-    <Version>0.13.1</Version>
+    <Version>0.14.0</Version>
   </PropertyGroup>
 
   <ItemGroup>

diff --git a/src/Tests/BirdsiteLive.Common.Tests/BirdsiteLive.Common.Tests.csproj b/src/Tests/BirdsiteLive.Common.Tests/BirdsiteLive.Common.Tests.csproj
@@ -0,0 +1,20 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>netcoreapp3.1</TargetFramework>
+
+    <IsPackable>false</IsPackable>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.7.1" />
+    <PackageReference Include="MSTest.TestAdapter" Version="2.1.1" />
+    <PackageReference Include="MSTest.TestFramework" Version="2.1.1" />
+    <PackageReference Include="coverlet.collector" Version="1.3.0" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\..\BirdsiteLive.Common\BirdsiteLive.Common.csproj" />
+  </ItemGroup>
+
+</Project>
diff --git a/src/Tests/BirdsiteLive.Common.Tests/Regexes/HeaderRegexTests.cs b/src/Tests/BirdsiteLive.Common.Tests/Regexes/HeaderRegexTests.cs
@@ -0,0 +1,53 @@
+using BirdsiteLive.Common.Regexes;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+
+namespace BirdsiteLive.Common.Tests
+{
+    [TestClass]
+    public class HeaderRegexTests
+    {
+        [TestMethod]
+        public void KeyId_Test()
+        {
+            var input = @"keyId=""https://misskey.tdl/users/8hwf6zy2k1#main-key""";
+
+            Assert.IsTrue(HeaderRegexes.HeaderSignature.IsMatch(input));
+            var result = HeaderRegexes.HeaderSignature.Match(input);
+            Assert.AreEqual("keyId", result.Groups[1].ToString());
+            Assert.AreEqual("https://misskey.tdl/users/8hwf6zy2k1#main-key", result.Groups[2].ToString());
+        }
+
+        [TestMethod]
+        public void Algorithm_Test()
+        {
+            var input = @"algorithm=""rsa-sha256""";
+
+            Assert.IsTrue(HeaderRegexes.HeaderSignature.IsMatch(input));
+            var result = HeaderRegexes.HeaderSignature.Match(input);
+            Assert.AreEqual("algorithm", result.Groups[1].ToString());
+            Assert.AreEqual("rsa-sha256", result.Groups[2].ToString());
+        }
+
+        [TestMethod]
+        public void Target_Test()
+        {
+            var input = @"headers=""(request-target) date host digest""";
+
+            Assert.IsTrue(HeaderRegexes.HeaderSignature.IsMatch(input));
+            var result = HeaderRegexes.HeaderSignature.Match(input);
+            Assert.AreEqual("headers", result.Groups[1].ToString());
+            Assert.AreEqual("(request-target) date host digest", result.Groups[2].ToString());
+        }
+
+        [TestMethod]
+        public void Signature_Test()
+        {
+            var input = @"signature=""ISxp4HYhkGc83SsCC3zNZMVKBota7HqgWVg6KwaQVTQcUqt+UsWXPxB0XPhaYkqLnH3hJ+KVMdoEn3rbzcw8XZpjVt48o9OAKd0rsEZYkLoERnnFFhEw0GmVDEhdoU7gyoeOreWGsIca6Pf7TC0vGTtqez31zmvoeXvxHgqRhWQvlZM/ovFR2xN+vhmF7rZdkd6UaKOzy21K8B/Q84J7PWdbJ8i0rKieVPDIuTCy5B0iQpgs1TMaz6xKZR/KVzAr207m9Gkku2gnJ4YZHFuoa2ct5M5AtIPMPCsWTU8yaimTkPdNNezSOKV5a7T55HSvFeopLNcQKsWNMioKGpZP5hCIRKNk0Ekx0yDReE6xF/qliT7eSAGVJ/6sLQjBpBFMPKBNOrYTxueBJGtISjCZlxaIyTtJ1ErNuCrKHGjImpNvvJzTJOtu+vWnjTcUJL7N1Mw7PEreCZrNUyNuAldDWSMAFuD4HVA3+KZjpWCfjAbyelzVy2gs96CyE56o9FqJEaM5XVQhsMTpa8OSHdr2QZtKYw7Wng0d8vmbKEX1pdTVeEIhi4M9js39ZdzB4mb8JXSBE/GA6PoE5s+oH3+GoufzJYINCpk0Ulwo9g7HKm9NATnwEZZPq4NKto5mSYZKYRtqjZaa8lIALNhdvzv2+8+ifPLHlOigAUVqoupd9Aq=""";
+
+            Assert.IsTrue(HeaderRegexes.HeaderSignature.IsMatch(input));
+            var result = HeaderRegexes.HeaderSignature.Match(input);
+            Assert.AreEqual("signature", result.Groups[1].ToString());
+            Assert.AreEqual("ISxp4HYhkGc83SsCC3zNZMVKBota7HqgWVg6KwaQVTQcUqt+UsWXPxB0XPhaYkqLnH3hJ+KVMdoEn3rbzcw8XZpjVt48o9OAKd0rsEZYkLoERnnFFhEw0GmVDEhdoU7gyoeOreWGsIca6Pf7TC0vGTtqez31zmvoeXvxHgqRhWQvlZM/ovFR2xN+vhmF7rZdkd6UaKOzy21K8B/Q84J7PWdbJ8i0rKieVPDIuTCy5B0iQpgs1TMaz6xKZR/KVzAr207m9Gkku2gnJ4YZHFuoa2ct5M5AtIPMPCsWTU8yaimTkPdNNezSOKV5a7T55HSvFeopLNcQKsWNMioKGpZP5hCIRKNk0Ekx0yDReE6xF/qliT7eSAGVJ/6sLQjBpBFMPKBNOrYTxueBJGtISjCZlxaIyTtJ1ErNuCrKHGjImpNvvJzTJOtu+vWnjTcUJL7N1Mw7PEreCZrNUyNuAldDWSMAFuD4HVA3+KZjpWCfjAbyelzVy2gs96CyE56o9FqJEaM5XVQhsMTpa8OSHdr2QZtKYw7Wng0d8vmbKEX1pdTVeEIhi4M9js39ZdzB4mb8JXSBE/GA6PoE5s+oH3+GoufzJYINCpk0Ulwo9g7HKm9NATnwEZZPq4NKto5mSYZKYRtqjZaa8lIALNhdvzv2+8+ifPLHlOigAUVqoupd9Aq=", result.Groups[2].ToString());
+        }
+    }
+}