notfire/Iceshrimp.NET
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Improve HTTP signature handling, proper logging

Browse source
This commit is contained in:
Laura Hausmann 2024-01-06 17:11:36 +01:00
parent 3bea6254b3
commit a3a330f559
No known key found for this signature in database
GPG key ID: D044E84C5BE01605
4 changed files with 16 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
Iceshrimp.Backend/Controllers/SignatureTestController.cs
View file

@ -17,27 +17,12 @@ namespace Iceshrimp.Backend.Controllers;
public class SignatureTestController : Controller {
[HttpPost]
[Consumes(MediaTypeNames.Application.Json)]
public async Task<IActionResult> Inbox() {
var sig = new HttpSignature(Request, ["(request-target)", "digest", "host", "date"]);
//TODO: fetch key from db (duh)
const string key = """
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCFuaufkSCpsDZ2twSrH
GAFcJTGQ7ZspaFekVM7gBP1GQ/jfjwO3qT9fMgbsCuQXNTIw0U9zlsTIPB91yNPw
w5UpbqQ3dnpnYnwXg1BsqfX7EOLR1Dlnw6dk+5yeginJsNno15SRQ7CDqbEXj7Nc
lhNOGgU+LaXHhN59Paye3sfsvUHu4fmTp/rALWGPl/Rvx7RVRcR76CcTfTaHPYdb
OQAtqPJBfWgHpPLAUjRypzZoN/ExMgiCbFuxI7UFNNXxU3te8GNZaaob8bSwyUB6
Xuq7Rw+Me3eYiDxrYHQ99ZytsgoHBNVrVh/X7wIl0AlpjyWeGug3uIUjXR0twuGj
wwIDAQAB
-----END PUBLIC KEY-----
""";
return Ok(new ErrorResponse {
StatusCode = 200,
Error = "null",
Message = sig.Verify(key).ToString()
});
public async Task<IActionResult> Inbox([FromServices] ILogger<SignatureTestController> logger,
[FromServices] DatabaseContext db) {
var sig = new HttpSignature(Request, ["(request-target)", "digest", "host", "date"]);
var key = await db.UserPublickeys.SingleOrDefaultAsync(p => p.KeyId == sig.KeyId);
var verified = key != null && sig.Verify(key.KeyPem);
logger.LogInformation("sig.Verify returned {result} for key {keyId}", verified, sig.KeyId);
return verified ? Ok() : StatusCode(StatusCodes.Status403Forbidden);
}
}

4
Iceshrimp.Backend/Core/Federation/Cryptography/HttpSignature.cs
View file

@ -5,7 +5,7 @@ using System.Text;
namespace Iceshrimp.Backend.Core.Federation.Cryptography;
public class HttpSignature {
private readonly string _keyId;
public readonly string KeyId;
private readonly string _algo;
private readonly byte[] _signature;
private readonly byte[] _signatureData;
@ -23,7 +23,7 @@ public class HttpSignature {
var signatureBase64 = sig["signature"] ?? throw new ConstraintException("Signature string is missing the signature field");
_keyId = sig["keyId"] ?? throw new ConstraintException("Signature string is missing the keyId field");
KeyId = sig["keyId"] ?? throw new ConstraintException("Signature string is missing the keyId field");
_algo = sig["algorithm"] ?? throw new ConstraintException("Signature string is missing the algorithm field");
_signature = Convert.FromBase64String(signatureBase64);

1
Iceshrimp.Backend/Core/Federation/Fetch.cs
View file

@ -13,6 +13,7 @@ public class Fetch {
//TODO: required attribute doesn't work with Newtonsoft.Json it appears
//TODO: enforce @type values
//TODO: firstordefault -> singleordefault
public static void Test2() {
var thing = FetchActivity("https://staging.e2net.social/users/9esresfwle/outbox?page=true");

9
Iceshrimp.Backend/Startup.cs
View file

@ -1,9 +1,7 @@
using Asp.Versioning;
using Iceshrimp.Backend.Core.Database;
using Vite.AspNetCore.Extensions;
//TODO: Add proper logger
Console.WriteLine("-- Iceshrimp.NET (alpha) --");
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddControllers().AddNewtonsoftJson();
@ -22,10 +20,15 @@ builder.Services.AddViteServices(options => {
options.Server.UseFullDevUrl = true;
options.Base = "frontend"; // relative to wwwroot
});
builder.Services.AddLogging(logging => logging.AddSimpleConsole(options => {
options.SingleLine = true;
}));
builder.Services.AddDbContext<DatabaseContext>();
//TODO: load built assets in production
var app = builder.Build();
app.Logger.LogInformation("Initializing, please wait...");
app.UseSwagger();
app.UseSwaggerUI(options => { options.DocumentTitle = "Iceshrimp API documentation"; });