Home Explore Help
Register Sign In
furao
/
test
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 6850b1a535
Branches Tags
test
/
public
/
themes
/
simple
/
_grunt
/
node_modules
/
http-signature
/
lib
/
verify.js

verify.js 2.0 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556 
  1. // Copyright 2015 Joyent, Inc.
    2. 

  2. 

  3. var assert = require('assert-plus');
    4. 

  4. var crypto = require('crypto');
    5. 

  5. 

  6. 

  7. 

  8. ///--- Exported API
    9. 

  9. 

  10. module.exports = {
    11. 

  11.   /**
    12. 

  12.    * Verify RSA/DSA signature against public key.  You are expected to pass in
    13. 

  13.    * an object that was returned from `parse()`.
    14. 

  14.    *
    15. 

  15.    * @param {Object} parsedSignature the object you got from `parse`.
    16. 

  16.    * @param {String} pubkey RSA/DSA private key PEM.
    17. 

  17.    * @return {Boolean} true if valid, false otherwise.
    18. 

  18.    * @throws {TypeError} if you pass in bad arguments.
    19. 

  19.    */
    20. 

  20.   verifySignature: function verifySignature(parsedSignature, pubkey) {
    21. 

  21.     assert.object(parsedSignature, 'parsedSignature');
    22. 

  22.     assert.string(pubkey, 'pubkey');
    23. 

  23. 

  24.     var alg = parsedSignature.algorithm.match(/^(RSA|DSA)-(\w+)/);
    25. 

  25.     if (!alg || alg.length !== 3)
    26. 

  26.       throw new TypeError('parsedSignature: unsupported algorithm ' +
    27. 

  27.                           parsedSignature.algorithm);
    28. 

  28. 

  29.     var verify = crypto.createVerify(alg[0]);
    30. 

  30.     verify.update(parsedSignature.signingString);
    31. 

  31.     return verify.verify(pubkey, parsedSignature.params.signature, 'base64');
    32. 

  32.   },
    33. 

  33. 

  34.   /**
    35. 

  35.    * Verify HMAC against shared secret.  You are expected to pass in an object
    36. 

  36.    * that was returned from `parse()`.
    37. 

  37.    *
    38. 

  38.    * @param {Object} parsedSignature the object you got from `parse`.
    39. 

  39.    * @param {String} secret HMAC shared secret.
    40. 

  40.    * @return {Boolean} true if valid, false otherwise.
    41. 

  41.    * @throws {TypeError} if you pass in bad arguments.
    42. 

  42.    */
    43. 

  43.   verifyHMAC: function verifyHMAC(parsedSignature, secret) {
    44. 

  44.     assert.object(parsedSignature, 'parsedHMAC');
    45. 

  45.     assert.string(secret, 'secret');
    46. 

  46. 

  47.     var alg = parsedSignature.algorithm.match(/^HMAC-(\w+)/);
    48. 

  48.     if (!alg || alg.length !== 2)
    49. 

  49.       throw new TypeError('parsedSignature: unsupported algorithm ' +
    50. 

  50.                           parsedSignature.algorithm);
    51. 

  51. 

  52.     var hmac = crypto.createHmac(alg[1].toUpperCase(), secret);
    53. 

  53.     hmac.update(parsedSignature.signingString);
    54. 

  54.     return (hmac.digest('base64') === parsedSignature.params.signature);
    55. 

  55.   }
    56. 

  56. };
    57.