From a77884b98032bde77cb3667da03809b2b9858de6 Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Thu, 7 Apr 2022 20:15:28 +0300 Subject: ActivityPub: handle public key issues --- src/main/java/com/juick/KeystoreManager.java | 2 +- src/main/java/com/juick/SignatureManager.java | 40 +++++++++++++++------------ 2 files changed, 23 insertions(+), 19 deletions(-) (limited to 'src/main/java/com') diff --git a/src/main/java/com/juick/KeystoreManager.java b/src/main/java/com/juick/KeystoreManager.java index 32596170..e6979a5c 100644 --- a/src/main/java/com/juick/KeystoreManager.java +++ b/src/main/java/com/juick/KeystoreManager.java @@ -85,7 +85,7 @@ public class KeystoreManager { return kf.generatePublic(X509publicKey); } catch(Exception e){ - e.printStackTrace(); + logger.error("Public key error", e); } return null; } diff --git a/src/main/java/com/juick/SignatureManager.java b/src/main/java/com/juick/SignatureManager.java index 0c6acb4a..49c8c7dd 100644 --- a/src/main/java/com/juick/SignatureManager.java +++ b/src/main/java/com/juick/SignatureManager.java @@ -129,26 +129,30 @@ public class SignatureManager { if (context.isPresent() && context.get() instanceof Actor) { Actor actor = (Actor) context.get(); Key key = KeystoreManager.publicKeyOf(actor); - - Verifier verifier = new Verifier(key, signature); - try { - boolean result = verifier.verify(method, path, headers); - if (result) { - User user = new User(); - user.setUri(URI.create(actor.getId())); - if (key.equals(keystoreManager.getPublicKey())) { - return userService.getUserByName(actor.getName()); - } - if (actor.isSuspended()) { - logger.info("{} is suspended, deleting", actor.getId()); - applicationEventPublisher.publishEvent(new DeleteUserEvent(this, actor.getId())); + if (key != null) { + Verifier verifier = new Verifier(key, signature); + try { + boolean result = verifier.verify(method, path, headers); + if (result) { + User user = new User(); + user.setUri(URI.create(actor.getId())); + if (key.equals(keystoreManager.getPublicKey())) { + return userService.getUserByName(actor.getName()); + } + if (actor.isSuspended()) { + logger.info("{} is suspended, deleting", actor.getId()); + applicationEventPublisher.publishEvent(new DeleteUserEvent(this, actor.getId())); + } + return user; + } else { + return AnonymousUser.INSTANCE; } - return user; - } else { - return AnonymousUser.INSTANCE; + } catch (NoSuchAlgorithmException | SignatureException | MissingRequiredHeaderException + | IOException e) { + logger.warn("Invalid signature {}: {}", signatureString, e.getMessage()); } - } catch (NoSuchAlgorithmException | SignatureException | MissingRequiredHeaderException | IOException e) { - logger.warn("Invalid signature {}: {}", signatureString, e.getMessage()); + } else { + logger.warn("Unknown actor"); } } else { logger.warn("Unknown keyId"); -- cgit v1.2.3