@fedify/fedify 1.0.0-dev.386 → 1.0.0-dev.391

package/CHANGES.md

@@ -8,6 +8,33 @@ Version 1.0.0
 
 To be released.
 
+ -  Fedify now supports [Linked Data Signatures], which is outdated but still
+    widely used in the fediverse.
+
+     -  A `Federation` object became to verify an activity's Linked Data
+        Signatures if it has one.  If Linked Data Signatures are verified,
+        Object Integrity Proofs and HTTP Signatures are not verified.
+     -  `Context.sendActivity()` method became to sign an activity with Linked
+        Data Signatures if there is at least one RSA-PKCS#1-v1.5 key pair.
+     -  Added `Signature` interface.
+     -  Added `signJsonLd()` function.
+     -  Added `SignJsonLdOptions` interface.
+     -  Added `createSignature()` function.
+     -  Added `CreateSignatureOptions` interface.
+     -  Added `verifyJsonLd()` function.
+     -  Added `VerifyJsonLdOptions` interface.
+     -  Added `verifySignature()` function.
+     -  Added `VerifySignatureOptions` interface.
+     -  Added `attachSignature()` function.
+     -  Added `detachSignature()` function.
+
+ -  Added more log messages using the [LogTape] library.  Currently the below
+    logger categories are used:
+
+     -  `["fedify", "sig", "ld"]`
+
+[Linked Data Signatures]: https://web.archive.org/web/20170923124140/https://w3c-dvcg.github.io/ld-signatures/
+
 
 Version 0.15.0
 --------------

package/FEDERATION.md

@@ -9,11 +9,13 @@ Supported federation protocols and standards
  -  [ActivityPub] (S2S)
  -  [WebFinger]
  -  [HTTP Signatures]
+ -  [Linked Data Signatures]
  -  [NodeInfo]
 
 [ActivityPub]: https://www.w3.org/TR/activitypub/
 [WebFinger]: https://datatracker.ietf.org/doc/html/rfc7033
 [HTTP Signatures]: https://datatracker.ietf.org/doc/html/draft-cavage-http-signatures
+[Linked Data Signatures]: https://web.archive.org/web/20170923124140/https://w3c-dvcg.github.io/ld-signatures/
 [NodeInfo]: https://nodeinfo.diaspora.software/
 
 

package/esm/federation/handler.js

@@ -2,6 +2,7 @@ import * as dntShim from "../_dnt.shims.js";
 import { getLogger } from "@logtape/logtape";
 import { accepts } from "../deps/jsr.io/@std/http/0.224.5/negotiation.js";
 import { verifyRequest } from "../sig/http.js";
+import { detachSignature, verifyJsonLd } from "../sig/ld.js";
 import { doesActorOwnKey } from "../sig/owner.js";
 import { verifyObject } from "../sig/proof.js";
 import { Activity, CryptographicKey, Link, Multikey, Object, OrderedCollection, OrderedCollectionPage, } from "../vocab/vocab.js";
@@ -229,26 +230,49 @@ export async function handleInbox(request, { handle, context, kv, kvPrefixes, qu
             await kv.set([...kvPrefixes.publicKey, keyId.href], serialized);
         },
     };
-    let activity;
-    try {
-        activity = await verifyObject(Activity, json, {
-            contextLoader: context.contextLoader,
-            documentLoader: context.documentLoader,
-            keyCache,
-        });
+    const ldSigVerified = await verifyJsonLd(json, {
+        contextLoader: context.contextLoader,
+        documentLoader: context.documentLoader,
+        keyCache,
+    });
+    const jsonWithoutSig = detachSignature(json);
+    let activity = null;
+    if (ldSigVerified) {
+        logger.debug("Linked Data Signatures are verified.", { handle, json });
+        activity = await Activity.fromJsonLd(jsonWithoutSig, context);
     }
-    catch (error) {
-        logger.error("Failed to parse activity:\n{error}", { handle, json, error });
+    else {
+        logger.debug("Linked Data Signatures are not verified.", { handle, json });
         try {
-            await inboxErrorHandler?.(context, error);
+            activity = await verifyObject(Activity, jsonWithoutSig, {
+                contextLoader: context.contextLoader,
+                documentLoader: context.documentLoader,
+                keyCache,
+            });
         }
         catch (error) {
-            logger.error("An unexpected error occurred in inbox error handler:\n{error}", { error, activity: json });
+            logger.error("Failed to parse activity:\n{error}", {
+                handle,
+                json,
+                error,
+            });
+            try {
+                await inboxErrorHandler?.(context, error);
+            }
+            catch (error) {
+                logger.error("An unexpected error occurred in inbox error handler:\n{error}", { error, activity: json });
+            }
+            return new Response("Invalid activity.", {
+                status: 400,
+                headers: { "Content-Type": "text/plain; charset=utf-8" },
+            });
+        }
+        if (activity == null) {
+            logger.debug("Object Integrity Proofs are not verified.", { handle, json });
+        }
+        else {
+            logger.debug("Object Integrity Proofs are verified.", { handle, json });
         }
-        return new Response("Invalid activity.", {
-            status: 400,
-            headers: { "Content-Type": "text/plain; charset=utf-8" },
-        });
     }
     let httpSigKey = null;
     if (activity == null) {
@@ -260,16 +284,19 @@ export async function handleInbox(request, { handle, context, kv, kvPrefixes, qu
                 keyCache,
             });
             if (key == null) {
-                logger.error("Failed to verify the request signature.", { handle });
+                logger.error("Failed to verify the request's HTTP Signatures.", { handle });
                 const response = new Response("Failed to verify the request signature.", {
                     status: 401,
                     headers: { "Content-Type": "text/plain; charset=utf-8" },
                 });
                 return response;
             }
+            else {
+                logger.debug("HTTP Signatures are verified.", { handle });
+            }
             httpSigKey = key;
         }
-        activity = await Activity.fromJsonLd(json, context);
+        activity = await Activity.fromJsonLd(jsonWithoutSig, context);
     }
     const cacheKey = activity.id == null
         ? null

package/esm/federation/send.js

@@ -1,6 +1,7 @@
 import { getLogger } from "@logtape/logtape";
 import { signRequest } from "../sig/http.js";
 import { validateCryptoKey } from "../sig/key.js";
+import { signJsonLd } from "../sig/ld.js";
 import { signObject } from "../sig/proof.js";
 /**
  * Extracts the inbox URLs from recipients.
@@ -45,8 +46,13 @@ export async function sendActivity({ activity, keys, inbox, contextLoader, docum
     }
     const activityId = activity.id.href;
     let proofCreated = false;
+    let rsaKey = null;
     for (const { keyId, privateKey } of keys) {
         validateCryptoKey(privateKey, "private");
+        if (rsaKey == null && privateKey.algorithm.name === "RSASSA-PKCS1-v1_5") {
+            rsaKey = { keyId, privateKey };
+            continue;
+        }
         if (privateKey.algorithm.name === "Ed25519") {
             activity = await signObject(activity, privateKey, keyId, {
                 documentLoader,
@@ -55,6 +61,27 @@ export async function sendActivity({ activity, keys, inbox, contextLoader, docum
             proofCreated = true;
         }
     }
+    let jsonLd = await activity.toJsonLd({
+        format: "compact",
+        contextLoader,
+    });
+    if (rsaKey == null) {
+        logger.warn("No supported key found to create a Linked Data signature for " +
+            "the activity {activityId}.  The activity will be sent without " +
+            "a Linked Data signature.  In order to create a Linked Data " +
+            "signature, at least one RSASSA-PKCS1-v1_5 key must be provided.", {
+            activityId,
+            keys: keys.map((pair) => ({
+                keyId: pair.keyId.href,
+                privateKey: pair.privateKey,
+            })),
+        });
+    }
+    else {
+        jsonLd = await signJsonLd(jsonLd, rsaKey.privateKey, rsaKey.keyId, {
+            contextLoader,
+        });
+    }
     if (!proofCreated) {
         logger.warn("No supported key found to create a proof for the activity {activityId}.  " +
             "The activity will be sent without a proof.  " +
@@ -66,10 +93,6 @@ export async function sendActivity({ activity, keys, inbox, contextLoader, docum
             })),
         });
     }
-    const jsonLd = await activity.toJsonLd({
-        format: "compact",
-        contextLoader,
-    });
     headers = new Headers(headers);
     headers.set("Content-Type", "application/activity+json");
     let request = new Request(inbox, {
@@ -77,15 +100,7 @@ export async function sendActivity({ activity, keys, inbox, contextLoader, docum
         headers,
         body: JSON.stringify(jsonLd),
     });
-    let requestSigned = false;
-    for (const { privateKey, keyId } of keys) {
-        if (privateKey.algorithm.name === "RSASSA-PKCS1-v1_5") {
-            request = await signRequest(request, privateKey, keyId);
-            requestSigned = true;
-            break;
-        }
-    }
-    if (!requestSigned) {
+    if (rsaKey == null) {
         logger.warn("No supported key found to sign the request to {inbox}.  " +
             "The request will be sent without a signature.  " +
             "In order to sign the request, at least one RSASSA-PKCS1-v1_5 key " +
@@ -97,6 +112,9 @@ export async function sendActivity({ activity, keys, inbox, contextLoader, docum
             })),
         });
     }
+    else {
+        request = await signRequest(request, rsaKey.privateKey, rsaKey.keyId);
+    }
     const response = await fetch(request);
     if (!response.ok) {
         let error;

package/esm/runtime/contexts.js

@@ -625,5 +625,157 @@ const preloadedContexts = {
             },
         },
     },
+    "https://w3id.org/identity/v1": {
+        "@context": {
+            "id": "@id",
+            "type": "@type",
+            "cred": "https://w3id.org/credentials#",
+            "dc": "http://purl.org/dc/terms/",
+            "identity": "https://w3id.org/identity#",
+            "perm": "https://w3id.org/permissions#",
+            "ps": "https://w3id.org/payswarm#",
+            "rdf": "http://www.w3.org/1999/02/22-rdf-syntax-ns#",
+            "rdfs": "http://www.w3.org/2000/01/rdf-schema#",
+            "sec": "https://w3id.org/security#",
+            "schema": "http://schema.org/",
+            "xsd": "http://www.w3.org/2001/XMLSchema#",
+            "Group": "https://www.w3.org/ns/activitystreams#Group",
+            "claim": {
+                "@id": "cred:claim",
+                "@type": "@id",
+            },
+            "credential": {
+                "@id": "cred:credential",
+                "@type": "@id",
+            },
+            "issued": {
+                "@id": "cred:issued",
+                "@type": "xsd:dateTime",
+            },
+            "issuer": {
+                "@id": "cred:issuer",
+                "@type": "@id",
+            },
+            "recipient": {
+                "@id": "cred:recipient",
+                "@type": "@id",
+            },
+            "Credential": "cred:Credential",
+            "CryptographicKeyCredential": "cred:CryptographicKeyCredential",
+            "about": {
+                "@id": "schema:about",
+                "@type": "@id",
+            },
+            "address": {
+                "@id": "schema:address",
+                "@type": "@id",
+            },
+            "addressCountry": "schema:addressCountry",
+            "addressLocality": "schema:addressLocality",
+            "addressRegion": "schema:addressRegion",
+            "comment": "rdfs:comment",
+            "created": {
+                "@id": "dc:created",
+                "@type": "xsd:dateTime",
+            },
+            "creator": {
+                "@id": "dc:creator",
+                "@type": "@id",
+            },
+            "description": "schema:description",
+            "email": "schema:email",
+            "familyName": "schema:familyName",
+            "givenName": "schema:givenName",
+            "image": {
+                "@id": "schema:image",
+                "@type": "@id",
+            },
+            "label": "rdfs:label",
+            "name": "schema:name",
+            "postalCode": "schema:postalCode",
+            "streetAddress": "schema:streetAddress",
+            "title": "dc:title",
+            "url": {
+                "@id": "schema:url",
+                "@type": "@id",
+            },
+            "Person": "schema:Person",
+            "PostalAddress": "schema:PostalAddress",
+            "Organization": "schema:Organization",
+            "identityService": {
+                "@id": "identity:identityService",
+                "@type": "@id",
+            },
+            "idp": {
+                "@id": "identity:idp",
+                "@type": "@id",
+            },
+            "Identity": "identity:Identity",
+            "paymentProcessor": "ps:processor",
+            "preferences": {
+                "@id": "ps:preferences",
+                "@type": "@vocab",
+            },
+            "cipherAlgorithm": "sec:cipherAlgorithm",
+            "cipherData": "sec:cipherData",
+            "cipherKey": "sec:cipherKey",
+            "digestAlgorithm": "sec:digestAlgorithm",
+            "digestValue": "sec:digestValue",
+            "domain": "sec:domain",
+            "expires": {
+                "@id": "sec:expiration",
+                "@type": "xsd:dateTime",
+            },
+            "initializationVector": "sec:initializationVector",
+            "member": {
+                "@id": "schema:member",
+                "@type": "@id",
+            },
+            "memberOf": {
+                "@id": "schema:memberOf",
+                "@type": "@id",
+            },
+            "nonce": "sec:nonce",
+            "normalizationAlgorithm": "sec:normalizationAlgorithm",
+            "owner": {
+                "@id": "sec:owner",
+                "@type": "@id",
+            },
+            "password": "sec:password",
+            "privateKey": {
+                "@id": "sec:privateKey",
+                "@type": "@id",
+            },
+            "privateKeyPem": "sec:privateKeyPem",
+            "publicKey": {
+                "@id": "sec:publicKey",
+                "@type": "@id",
+            },
+            "publicKeyPem": "sec:publicKeyPem",
+            "publicKeyService": {
+                "@id": "sec:publicKeyService",
+                "@type": "@id",
+            },
+            "revoked": {
+                "@id": "sec:revoked",
+                "@type": "xsd:dateTime",
+            },
+            "signature": "sec:signature",
+            "signatureAlgorithm": "sec:signatureAlgorithm",
+            "signatureValue": "sec:signatureValue",
+            "CryptographicKey": "sec:Key",
+            "EncryptedMessage": "sec:EncryptedMessage",
+            "GraphSignature2012": "sec:GraphSignature2012",
+            "LinkedDataSignature2015": "sec:LinkedDataSignature2015",
+            "accessControl": {
+                "@id": "perm:accessControl",
+                "@type": "@id",
+            },
+            "writePermission": {
+                "@id": "perm:writePermission",
+                "@type": "@id",
+            },
+        },
+    },
 };
 export default preloadedContexts;

package/esm/sig/http.js

@@ -96,7 +96,17 @@ export async function verifyRequest(request, { documentLoader, contextLoader, ti
             algo = algo.trim().toLowerCase();
             if (!(algo in supportedHashAlgorithms))
                 continue;
-            const digest = decodeBase64(digestBase64);
+            let digest;
+            try {
+                digest = decodeBase64(digestBase64);
+            }
+            catch (error) {
+                logger.debug("Failed to verify; invalid base64 encoding: {digest}.", {
+                    digest: digestBase64,
+                    error,
+                });
+                return null;
+            }
             const expectedDigest = await dntShim.crypto.subtle.digest(supportedHashAlgorithms[algo], body);
             if (!equals(digest, new Uint8Array(expectedDigest))) {
                 logger.debug("Failed to verify; digest mismatch ({algorithm}): " +

package/esm/sig/ld.js

@@ -0,0 +1,203 @@
+import * as dntShim from "../_dnt.shims.js";
+import { getLogger } from "@logtape/logtape";
+import { decodeBase64, encodeBase64 } from "../deps/jsr.io/@std/encoding/0.224.3/base64.js";
+import { encodeHex } from "../deps/jsr.io/@std/encoding/0.224.3/hex.js";
+// @ts-ignore TS7016
+import jsonld from "jsonld";
+import { fetchDocumentLoader, } from "../runtime/docloader.js";
+import { Activity, CryptographicKey, Object } from "../vocab/vocab.js";
+import { fetchKey, validateCryptoKey } from "./key.js";
+const logger = getLogger(["fedify", "sig", "ld"]);
+/**
+ * Attaches a LD signature to the given JSON-LD document.
+ * @param jsonLd The JSON-LD document to attach the signature to.  It is not
+ *               modified.
+ * @param signature The signature to attach.
+ * @returns The JSON-LD document with the attached signature.
+ * @throws {TypeError} If the input document is not a valid JSON-LD document.
+ * @since 1.0.0
+ */
+export function attachSignature(jsonLd, signature) {
+    if (typeof jsonLd !== "object" || jsonLd == null) {
+        throw new TypeError("Failed to attach signature; invalid JSON-LD document.");
+    }
+    return { ...jsonLd, signature };
+}
+/**
+ * Creates a LD signature for the given JSON-LD document.
+ * @param jsonLd The JSON-LD document to sign.
+ * @param privateKey The private key to sign the document.
+ * @param keyId The ID of the public key that corresponds to the private key.
+ * @param options Additional options for creating the signature.
+ *                See also {@link CreateSignatureOptions}.
+ * @return The created signature.
+ * @throws {TypeError} If the private key is invalid or unsupported.
+ * @since 1.0.0
+ */
+export async function createSignature(jsonLd, privateKey, keyId, { contextLoader, created } = {}) {
+    validateCryptoKey(privateKey, "private");
+    if (privateKey.algorithm.name !== "RSASSA-PKCS1-v1_5") {
+        throw new TypeError("Unsupported algorithm: " + privateKey.algorithm.name);
+    }
+    const options = {
+        "@context": "https://w3id.org/identity/v1",
+        creator: keyId.href,
+        created: created?.toString() ?? new Date().toISOString(),
+    };
+    const optionsHash = await hashJsonLd(options, contextLoader);
+    const docHash = await hashJsonLd(jsonLd, contextLoader);
+    const message = optionsHash + docHash;
+    const encoder = new TextEncoder();
+    const messageBytes = encoder.encode(message);
+    const signature = await dntShim.crypto.subtle.sign("RSASSA-PKCS1-v1_5", privateKey, messageBytes);
+    return {
+        ...options,
+        type: "RsaSignature2017",
+        signatureValue: encodeBase64(signature),
+    };
+}
+/**
+ * Signs the given JSON-LD document with the private key and returns the signed
+ * JSON-LD document.
+ * @param jsonLd The JSON-LD document to sign.
+ * @param privateKey The private key to sign the document.
+ * @param keyId The key ID to use in the signature.  It will be used by the
+ *              verifier to fetch the corresponding public key.
+ * @param options Additional options for signing the document.
+ *                See also {@link SignJsonLdOptions}.
+ * @returns The signed JSON-LD document.
+ * @throws {TypeError} If the private key is invalid or unsupported.
+ * @since 1.0.0
+ */
+export async function signJsonLd(jsonLd, privateKey, keyId, options) {
+    const signature = await createSignature(jsonLd, privateKey, keyId, options);
+    return attachSignature(jsonLd, signature);
+}
+function hasSignature(jsonLd) {
+    if (typeof jsonLd !== "object" || jsonLd == null)
+        return false;
+    if ("signature" in jsonLd) {
+        const signature = jsonLd.signature;
+        if (typeof signature !== "object" || signature == null)
+            return false;
+        return "type" in signature && signature.type === "RsaSignature2017" &&
+            "creator" in signature && typeof signature.creator === "string" &&
+            "created" in signature && typeof signature.created === "string" &&
+            "signatureValue" in signature &&
+            typeof signature.signatureValue === "string";
+    }
+    return false;
+}
+/**
+ * Detaches Linked Data Signatures from the given JSON-LD document.
+ * @param jsonLd The JSON-LD document to modify.
+ * @returns The modified JSON-LD document.  If the input document does not
+ *          contain a signature, the original document is returned.
+ * @since 1.0.0
+ */
+export function detachSignature(jsonLd) {
+    if (typeof jsonLd !== "object" || jsonLd == null)
+        return jsonLd;
+    const doc = { ...jsonLd };
+    delete doc.signature;
+    return doc;
+}
+/**
+ * Verifies Linked Data Signatures of the given JSON-LD document.
+ * @param jsonLd The JSON-LD document to verify.
+ * @param options Options for verifying the signature.
+ * @returns The public key that signed the document or `null` if the signature
+ *          is invalid or the key is not found.
+ * @since 1.0.0
+ */
+export async function verifySignature(jsonLd, options = {}) {
+    if (!hasSignature(jsonLd))
+        return null;
+    const sig = jsonLd.signature;
+    let signature;
+    try {
+        signature = decodeBase64(sig.signatureValue);
+    }
+    catch (error) {
+        logger.debug("Failed to verify; invalid base64 signatureValue: {signatureValue}", { ...sig, error });
+        return null;
+    }
+    const keyResult = await fetchKey(new URL(sig.creator), CryptographicKey, options);
+    if (keyResult == null)
+        return null;
+    const { key, cached } = keyResult;
+    const sigOpts = {
+        ...sig,
+        "@context": "https://w3id.org/identity/v1",
+    };
+    delete sigOpts.type;
+    delete sigOpts.id;
+    delete sigOpts.signatureValue;
+    const sigOptsHash = await hashJsonLd(sigOpts, options.contextLoader);
+    const document = { ...jsonLd };
+    delete document.signature;
+    const docHash = await hashJsonLd(document, options.contextLoader);
+    const encoder = new TextEncoder();
+    const message = sigOptsHash + docHash;
+    const messageBytes = encoder.encode(message);
+    const verified = await dntShim.crypto.subtle.verify("RSASSA-PKCS1-v1_5", key.publicKey, signature, messageBytes);
+    if (verified)
+        return key;
+    if (cached) {
+        logger.debug("Failed to verify with the cached key {keyId}; " +
+            "signature {signatureValue} is invalid.  " +
+            "Retrying with the freshly fetched key...", { keyId: sig.creator, ...sig });
+        const keyResult = await fetchKey(new URL(sig.creator), CryptographicKey, { ...options, keyCache: undefined });
+        if (keyResult == null)
+            return null;
+        const { key } = keyResult;
+        const verified = await dntShim.crypto.subtle.verify("RSASSA-PKCS1-v1_5", key.publicKey, signature, messageBytes);
+        return verified ? key : null;
+    }
+    logger.debug("Failed to verify with the fetched key {keyId}; " +
+        "signature {signatureValue} is invalid.  " +
+        "Check if the key is correct or if the signed message is correct.  " +
+        "The message to sign is:\n{message}", { keyId: sig.creator, ...sig, message });
+    return null;
+}
+/**
+ * Verify the authenticity of the given JSON-LD document using Linked Data
+ * Signatures.  If the document is signed, this function verifies the signature
+ * and checks if the document is attributed to the owner of the public key.
+ * If the document is not signed, this function returns `false`.
+ * @param jsonLd The JSON-LD document to verify.
+ * @param options Options for verifying the document.
+ * @returns `true` if the document is authentic; `false` otherwise.
+ */
+export async function verifyJsonLd(jsonLd, options = {}) {
+    const object = await Object.fromJsonLd(jsonLd, options);
+    const attributions = new Set(object.attributionIds.map((uri) => uri.href));
+    if (object instanceof Activity) {
+        for (const uri of object.actorIds)
+            attributions.add(uri.href);
+    }
+    const key = await verifySignature(jsonLd, options);
+    if (key == null)
+        return false;
+    if (key.ownerId == null) {
+        logger.debug("Key {keyId} has no owner.", { keyId: key.id?.href });
+        return false;
+    }
+    attributions.delete(key.ownerId.href);
+    if (attributions.size > 0) {
+        logger.debug("Some attributions are not authenticated by the Linked Data Signatures" +
+            ": {attributions}.", { attributions: [...attributions] });
+        return false;
+    }
+    return true;
+}
+async function hashJsonLd(jsonLd, contextLoader) {
+    const canon = await jsonld.canonize(jsonLd, {
+        format: "application/n-quads",
+        documentLoader: contextLoader ?? fetchDocumentLoader,
+    });
+    const encoder = new TextEncoder();
+    const hash = await dntShim.crypto.subtle.digest("SHA-256", encoder.encode(canon));
+    return encodeHex(hash);
+}
+// cSpell: ignore URGNA2012

package/esm/sig/mod.js

@@ -5,5 +5,6 @@
  */
 export { signRequest, verifyRequest, } from "./http.js";
 export { exportJwk, generateCryptoKeyPair, importJwk, } from "./key.js";
+export * from "./ld.js";
 export { doesActorOwnKey, getKeyOwner, } from "./owner.js";
 export * from "./proof.js";