diff options
Diffstat (limited to 'internal/ap')
| -rw-r--r-- | internal/ap/contextkey.go | 36 | ||||
| -rw-r--r-- | internal/ap/extract.go | 63 | 
2 files changed, 44 insertions, 55 deletions
| diff --git a/internal/ap/contextkey.go b/internal/ap/contextkey.go deleted file mode 100644 index af9b62d0e..000000000 --- a/internal/ap/contextkey.go +++ /dev/null @@ -1,36 +0,0 @@ -// GoToSocial -// Copyright (C) GoToSocial Authors admin@gotosocial.org -// SPDX-License-Identifier: AGPL-3.0-or-later -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU Affero General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the -// GNU Affero General Public License for more details. -// -// You should have received a copy of the GNU Affero General Public License -// along with this program.  If not, see <http://www.gnu.org/licenses/>. - -package ap - -// ContextKey is a type used specifically for settings values on contexts within go-fed AP request chains -type ContextKey string - -const ( -	// ContextReceivingAccount can be used the set and retrieve the account being interacted with / receiving an activity in their inbox. -	ContextReceivingAccount ContextKey = "receivingAccount" -	// ContextRequestingAccount can be used to set and retrieve the account of an incoming federation request. -	// This will often be the actor of the instance that's posting the request. -	ContextRequestingAccount ContextKey = "requestingAccount" -	// ContextOtherInvolvedIRIs can be used to set and retrieve a slice of all IRIs that are 'involved' in an Activity without being -	// the receivingAccount or the requestingAccount. In other words, people or notes who are CC'ed or Replied To by an Activity. -	ContextOtherInvolvedIRIs ContextKey = "otherInvolvedIRIs" -	// ContextRequestingPublicKeyVerifier can be used to set and retrieve the public key verifier of an incoming federation request. -	ContextRequestingPublicKeyVerifier ContextKey = "requestingPublicKeyVerifier" -	// ContextRequestingPublicKeySignature can be used to set and retrieve the value of the signature header of an incoming federation request. -	ContextRequestingPublicKeySignature ContextKey = "requestingPublicKeySignature" -) diff --git a/internal/ap/extract.go b/internal/ap/extract.go index ce7c03901..ee6a513f6 100644 --- a/internal/ap/extract.go +++ b/internal/ap/extract.go @@ -32,6 +32,7 @@ import (  	"time"  	"github.com/superseriousbusiness/activity/pub" +	"github.com/superseriousbusiness/gotosocial/internal/gtserror"  	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"  	"github.com/superseriousbusiness/gotosocial/internal/util"  ) @@ -343,42 +344,59 @@ func ExtractURL(i WithURL) (*url.URL, error) {  	return nil, errors.New("could not extract url")  } -// ExtractPublicKeyForOwner extracts the public key from an interface, as long as it belongs to the specified owner. -// It will return the public key itself, the id/URL of the public key, or an error if something goes wrong. -func ExtractPublicKeyForOwner(i WithPublicKey, forOwner *url.URL) (*rsa.PublicKey, *url.URL, error) { -	publicKeyProp := i.GetW3IDSecurityV1PublicKey() -	if publicKeyProp == nil { -		return nil, nil, errors.New("public key property was nil") +// ExtractPublicKey extracts the public key, public key ID, and public +// key owner ID from an interface, or an error if something goes wrong. +func ExtractPublicKey(i WithPublicKey) ( +	*rsa.PublicKey, // pubkey +	*url.URL, // pubkey ID +	*url.URL, // pubkey owner +	error, +) { +	pubKeyProp := i.GetW3IDSecurityV1PublicKey() +	if pubKeyProp == nil { +		return nil, nil, nil, gtserror.New("public key property was nil")  	} -	for iter := publicKeyProp.Begin(); iter != publicKeyProp.End(); iter = iter.Next() { +	for iter := pubKeyProp.Begin(); iter != pubKeyProp.End(); iter = iter.Next() { +		if !iter.IsW3IDSecurityV1PublicKey() { +			continue +		} +  		pkey := iter.Get()  		if pkey == nil {  			continue  		} -		pkeyID, err := pub.GetId(pkey) -		if err != nil || pkeyID == nil { +		pubKeyID, err := pub.GetId(pkey) +		if err != nil { +			continue +		} + +		pubKeyOwnerProp := pkey.GetW3IDSecurityV1Owner() +		if pubKeyOwnerProp == nil {  			continue  		} -		if pkey.GetW3IDSecurityV1Owner() == nil || pkey.GetW3IDSecurityV1Owner().Get() == nil || pkey.GetW3IDSecurityV1Owner().Get().String() != forOwner.String() { +		pubKeyOwner := pubKeyOwnerProp.GetIRI() +		if pubKeyOwner == nil {  			continue  		} -		if pkey.GetW3IDSecurityV1PublicKeyPem() == nil { +		pubKeyPemProp := pkey.GetW3IDSecurityV1PublicKeyPem() +		if pubKeyPemProp == nil {  			continue  		} -		pkeyPem := pkey.GetW3IDSecurityV1PublicKeyPem().Get() +		pkeyPem := pubKeyPemProp.Get()  		if pkeyPem == "" {  			continue  		}  		block, _ := pem.Decode([]byte(pkeyPem))  		if block == nil { -			return nil, nil, errors.New("could not decode publicKeyPem: no PEM data") +			continue  		} +  		var p crypto.PublicKey  		switch block.Type {  		case "PUBLIC KEY": @@ -386,19 +404,26 @@ func ExtractPublicKeyForOwner(i WithPublicKey, forOwner *url.URL) (*rsa.PublicKe  		case "RSA PUBLIC KEY":  			p, err = x509.ParsePKCS1PublicKey(block.Bytes)  		default: -			return nil, nil, fmt.Errorf("could not parse public key: unknown block type: %q", block.Type) +			err = fmt.Errorf("unknown block type: %q", block.Type)  		}  		if err != nil { -			return nil, nil, fmt.Errorf("could not parse public key from block bytes: %s", err) +			err = gtserror.Newf("could not parse public key from block bytes: %w", err) +			return nil, nil, nil, err  		} +  		if p == nil { -			return nil, nil, errors.New("returned public key was empty") +			return nil, nil, nil, gtserror.New("returned public key was empty")  		} -		if publicKey, ok := p.(*rsa.PublicKey); ok { -			return publicKey, pkeyID, nil + +		pubKey, ok := p.(*rsa.PublicKey) +		if !ok { +			continue  		} + +		return pubKey, pubKeyID, pubKeyOwner, nil  	} -	return nil, nil, errors.New("couldn't find public key") + +	return nil, nil, nil, gtserror.New("couldn't find public key")  }  // ExtractContent returns a string representation of the interface's Content property, | 
