diff options
Diffstat (limited to 'internal/ap')
| -rw-r--r-- | internal/ap/contextkey.go | 36 | ||||
| -rw-r--r-- | internal/ap/extract.go | 63 |
2 files changed, 44 insertions, 55 deletions
diff --git a/internal/ap/contextkey.go b/internal/ap/contextkey.go deleted file mode 100644 index af9b62d0e..000000000 --- a/internal/ap/contextkey.go +++ /dev/null @@ -1,36 +0,0 @@ -// GoToSocial -// Copyright (C) GoToSocial Authors admin@gotosocial.org -// SPDX-License-Identifier: AGPL-3.0-or-later -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU Affero General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU Affero General Public License for more details. -// -// You should have received a copy of the GNU Affero General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -package ap - -// ContextKey is a type used specifically for settings values on contexts within go-fed AP request chains -type ContextKey string - -const ( - // ContextReceivingAccount can be used the set and retrieve the account being interacted with / receiving an activity in their inbox. - ContextReceivingAccount ContextKey = "receivingAccount" - // ContextRequestingAccount can be used to set and retrieve the account of an incoming federation request. - // This will often be the actor of the instance that's posting the request. - ContextRequestingAccount ContextKey = "requestingAccount" - // ContextOtherInvolvedIRIs can be used to set and retrieve a slice of all IRIs that are 'involved' in an Activity without being - // the receivingAccount or the requestingAccount. In other words, people or notes who are CC'ed or Replied To by an Activity. - ContextOtherInvolvedIRIs ContextKey = "otherInvolvedIRIs" - // ContextRequestingPublicKeyVerifier can be used to set and retrieve the public key verifier of an incoming federation request. - ContextRequestingPublicKeyVerifier ContextKey = "requestingPublicKeyVerifier" - // ContextRequestingPublicKeySignature can be used to set and retrieve the value of the signature header of an incoming federation request. - ContextRequestingPublicKeySignature ContextKey = "requestingPublicKeySignature" -) diff --git a/internal/ap/extract.go b/internal/ap/extract.go index ce7c03901..ee6a513f6 100644 --- a/internal/ap/extract.go +++ b/internal/ap/extract.go @@ -32,6 +32,7 @@ import ( "time" "github.com/superseriousbusiness/activity/pub" + "github.com/superseriousbusiness/gotosocial/internal/gtserror" "github.com/superseriousbusiness/gotosocial/internal/gtsmodel" "github.com/superseriousbusiness/gotosocial/internal/util" ) @@ -343,42 +344,59 @@ func ExtractURL(i WithURL) (*url.URL, error) { return nil, errors.New("could not extract url") } -// ExtractPublicKeyForOwner extracts the public key from an interface, as long as it belongs to the specified owner. -// It will return the public key itself, the id/URL of the public key, or an error if something goes wrong. -func ExtractPublicKeyForOwner(i WithPublicKey, forOwner *url.URL) (*rsa.PublicKey, *url.URL, error) { - publicKeyProp := i.GetW3IDSecurityV1PublicKey() - if publicKeyProp == nil { - return nil, nil, errors.New("public key property was nil") +// ExtractPublicKey extracts the public key, public key ID, and public +// key owner ID from an interface, or an error if something goes wrong. +func ExtractPublicKey(i WithPublicKey) ( + *rsa.PublicKey, // pubkey + *url.URL, // pubkey ID + *url.URL, // pubkey owner + error, +) { + pubKeyProp := i.GetW3IDSecurityV1PublicKey() + if pubKeyProp == nil { + return nil, nil, nil, gtserror.New("public key property was nil") } - for iter := publicKeyProp.Begin(); iter != publicKeyProp.End(); iter = iter.Next() { + for iter := pubKeyProp.Begin(); iter != pubKeyProp.End(); iter = iter.Next() { + if !iter.IsW3IDSecurityV1PublicKey() { + continue + } + pkey := iter.Get() if pkey == nil { continue } - pkeyID, err := pub.GetId(pkey) - if err != nil || pkeyID == nil { + pubKeyID, err := pub.GetId(pkey) + if err != nil { + continue + } + + pubKeyOwnerProp := pkey.GetW3IDSecurityV1Owner() + if pubKeyOwnerProp == nil { continue } - if pkey.GetW3IDSecurityV1Owner() == nil || pkey.GetW3IDSecurityV1Owner().Get() == nil || pkey.GetW3IDSecurityV1Owner().Get().String() != forOwner.String() { + pubKeyOwner := pubKeyOwnerProp.GetIRI() + if pubKeyOwner == nil { continue } - if pkey.GetW3IDSecurityV1PublicKeyPem() == nil { + pubKeyPemProp := pkey.GetW3IDSecurityV1PublicKeyPem() + if pubKeyPemProp == nil { continue } - pkeyPem := pkey.GetW3IDSecurityV1PublicKeyPem().Get() + pkeyPem := pubKeyPemProp.Get() if pkeyPem == "" { continue } block, _ := pem.Decode([]byte(pkeyPem)) if block == nil { - return nil, nil, errors.New("could not decode publicKeyPem: no PEM data") + continue } + var p crypto.PublicKey switch block.Type { case "PUBLIC KEY": @@ -386,19 +404,26 @@ func ExtractPublicKeyForOwner(i WithPublicKey, forOwner *url.URL) (*rsa.PublicKe case "RSA PUBLIC KEY": p, err = x509.ParsePKCS1PublicKey(block.Bytes) default: - return nil, nil, fmt.Errorf("could not parse public key: unknown block type: %q", block.Type) + err = fmt.Errorf("unknown block type: %q", block.Type) } if err != nil { - return nil, nil, fmt.Errorf("could not parse public key from block bytes: %s", err) + err = gtserror.Newf("could not parse public key from block bytes: %w", err) + return nil, nil, nil, err } + if p == nil { - return nil, nil, errors.New("returned public key was empty") + return nil, nil, nil, gtserror.New("returned public key was empty") } - if publicKey, ok := p.(*rsa.PublicKey); ok { - return publicKey, pkeyID, nil + + pubKey, ok := p.(*rsa.PublicKey) + if !ok { + continue } + + return pubKey, pubKeyID, pubKeyOwner, nil } - return nil, nil, errors.New("couldn't find public key") + + return nil, nil, nil, gtserror.New("couldn't find public key") } // ExtractContent returns a string representation of the interface's Content property, |