browserify-sign - npm Package Compare versions

Comparing version 2.5.2 to 2.6.0

algos.js

@@ -31,2 +31,7 @@ exports['RSA-SHA224'] = exports.sha224WithRSAEncryption = {
 };
+exports.DSA = exports['DSA-SHA1'] = exports['DSA-SHA'] = {
+  sign: 'dsa',
+  hash: 'sha1',
+  id: new Buffer('', 'hex')
+};
 exports['RSA-RIPEMD160'] = exports.ripemd160WithRSA = {
@@ -33,0 +38,0 @@ sign: 'rsa',

package.json

 {
   "name": "browserify-sign",
-  "version": "2.5.2",
+  "version": "2.6.0",
   "description": "",
@@ -19,3 +19,3 @@ "main": "index.js",
     "inherits": "^2.0.1",
-    "parse-asn1": "^1.0.0",
+    "parse-asn1": "^1.2.0",
     "readable-stream": "^1.0.33"
@@ -22,0 +22,0 @@ },

sign.js

@@ -10,2 +10,4 @@ // much of this based on https://github.com/indutny/self-signed/blob/gh-pages/lib/rsa.js
     return ecSign(hash, priv, crypto);
+  } else if (priv.type === 'dsa') {
+    return dsaSign(hash, priv, crypto);
   }
@@ -37,3 +39,3 @@ var len = priv.modulus.byteLength();
   var q = new bn(priv.prime2);
-  var m1 = c1.redPow(priv.exponent1)
+  var m1 = c1.redPow(priv.exponent1);
   var m2 = c2.redPow(priv.exponent2);
@@ -57,2 +59,51 @@ m1 = m1.fromRed();
   return new Buffer(out.toDER());
+}
+function dsaSign(hash, priv, crypto) {
+  var x = priv.params.priv_key;
+  var p = priv.params.p;
+  var q = priv.params.q;
+  var montq = bn.mont(q);
+  var g = priv.params.g;
+  var r = new bn(0);
+  var k;
+  var H = new bn(hash);
+  var s = false;
+  while (s === false) {
+    while (!r.cmpn(0)) {
+      k = getKay(q, crypto);
+      r = makeR(g, k, p, q);
+    }
+    s = k.invm(q).imul(H.add(x.imul(r).mod(q)).mod(q)).mod(q);
+    if (!s.cmpn(0)) {
+      s = false;
+      r = new bn(0);
+    }
+  }
+  return toDER(r,s);
+}
+function toDER(r, s) {
+  r = r.toArray();
+  s = s.toArray();
+
+  // Pad values
+  if (r[0] & 0x80)
+    r = [ 0 ].concat(r);
+  // Pad values
+  if (s[0] & 0x80)
+    s = [ 0 ].concat(s);
+
+  var total = r.length + s.length + 4;
+  var res = [ 0x30, total, 0x02, r.length ];
+  res = res.concat(r, [ 0x02, s.length ], s);
+  return new Buffer(res);
+}
+function getKay(q, crypto) {
+  var k = new bn(crypto.randomBytes(q.byteLength()));
+  while (k.cmp(q) >= 0) {
+    k = new bn(crypto.randomBytes(q.byteLength()));
+  }
+  return k;
+}
+function makeR(g, k, p, q) {
+  return g.toRed(bn.mont(p)).redPow(k).fromRed().mod(q);
 }

test/index.js

@@ -7,11 +7,11 @@ var test = require('tape');
 	public: fs.readFileSync(__dirname + '/rsa.1024.pub')
-}
+};
 var rsa2028 = {
 	private: fs.readFileSync(__dirname + '/rsa.2028.priv'),
 	public: fs.readFileSync(__dirname + '/rsa.2028.pub')
-}
+};
 var nonrsa1024 = {
 	private: fs.readFileSync(__dirname + '/1024.priv'),
 	public: fs.readFileSync(__dirname + '/1024.pub')
-}
+};
 var pass1024 = {
@@ -23,7 +23,7 @@ private: {
 	public: fs.readFileSync(__dirname + '/pass.1024.pub')
-}
+};
 var ec = {
 	private: fs.readFileSync(__dirname + '/ec.priv'),
 	public: fs.readFileSync(__dirname + '/ec.pub')
-}
+};
 var ecpass = {
@@ -35,3 +35,39 @@ private: {
 	public: fs.readFileSync(__dirname + '/ec.pub')
-}
+};
+var dsa = {
+	private: fs.readFileSync(__dirname + '/dsa.1024.priv'),
+	public: fs.readFileSync(__dirname + '/dsa.1024.pub')
+};
+var dsa2 = {
+	private: fs.readFileSync(__dirname + '/dsa.2048.priv'),
+	public: fs.readFileSync(__dirname + '/dsa.2048.pub')
+};
+var dsapass = {
+	private: {
+		key:fs.readFileSync(__dirname + '/pass.dsa.1024.priv'),
+		passphrase:'password'
+	},
+	public: fs.readFileSync(__dirname + '/pass.dsa.1024.pub')
+};
+var dsapass2 = {
+	private: {
+		key:fs.readFileSync(__dirname + '/pass2.dsa.1024.priv'),
+		passphrase:'password'
+	},
+	public: fs.readFileSync(__dirname + '/pass2.dsa.1024.pub')
+};
+var rsapass = {
+	private: {
+		key:fs.readFileSync(__dirname + '/pass.rsa.1024.priv'),
+		passphrase:'password'
+	},
+	public: fs.readFileSync(__dirname + '/pass.rsa.1024.pub')
+};
+var rsapass2 = {
+	private: {
+		key:fs.readFileSync(__dirname + '/pass.rsa.2028.priv'),
+		passphrase:'password'
+	},
+	public: fs.readFileSync(__dirname + '/pass.rsa.2028.pub')
+};
 function isNode10() {
@@ -76,2 +112,4 @@ return process.version && process.version.split('.').length === 3 && parseInt(process.version.split('.')[1], 10) <= 10;
 }
+ectestIt(dsa, new Buffer('dsa with 1024 keys'), 'DSA');
+ectestIt(dsa2, new Buffer('dsa with 2048 keys'), 'DSA-SHA1');
 testIt(rsa1024, new Buffer('md5 with 1024 keys'), 'RSA-MD5');
@@ -102,2 +140,18 @@ ectestIt(ec, new Buffer('ecdsa with sha1'), 'ecdsa-with-SHA1');
 	ectestIt(ecpass, new Buffer('ecdsa with password'), 'ecdsa-with-SHA1');
+	ectestIt(dsapass, new Buffer('dsa with 1024 keys and a password'), 'DSA-SHA');
+	ectestIt(dsapass2, new Buffer('dsa with 1024 keys and a password varient'), 'DSA-SHA');
+	testIt(rsapass, new Buffer('sha1 with 1024 keys and password, varient'), 'RSA-SHA1');
+	testIt(rsapass2, new Buffer('sha1 with 2024 keys and password, varient'), 'RSA-SHA1');
+	testIt(rsapass, new Buffer('sha224 with 1024 keys and password, varient'), 'RSA-SHA224');
+	testIt(rsapass2, new Buffer('sha224 with 2024 keys and password, varient'), 'RSA-SHA224');
+	testIt(rsapass, new Buffer('sha256 with 1024 keys and password, varient'), 'RSA-SHA256');
+	testIt(rsapass2, new Buffer('sha256 with 2024 keys and password, varient'), 'RSA-SHA256');
+	testIt(rsapass, new Buffer('sha384 with 1024 keys and password, varient'), 'RSA-SHA384');
+	testIt(rsapass2, new Buffer('sha384 with 2024 keys and password, varient'), 'RSA-SHA384');
+	testIt(rsapass, new Buffer('sha512 with 1024 keys and password, varient'), 'RSA-SHA512');
+	testIt(rsapass2, new Buffer('sha512 with 2024 keys and password, varient'), 'RSA-SHA512');
+	testIt(rsapass, new Buffer('rmd160 with 1024 keys and password, varient'), 'RSA-RIPEMD160');
+	testIt(rsapass2, new Buffer('rmd160 with 2024 keys and password, varient'), 'RSA-RIPEMD160');
+	testIt(rsapass, new Buffer('md5 with 1024 keys and password, varient'), 'RSA-MD5');
+	testIt(rsapass2, new Buffer('md5 with 2024 keys and password, varient'), 'RSA-MD5');
 	testIt(pass1024, new Buffer('sha1 with 1024 keys and password'), 'RSA-SHA1');
@@ -104,0 +158,0 @@ testIt(pass1024, new Buffer('sha224 with 1024 keys and password'), 'RSA-SHA224');

verify.js

@@ -10,2 +10,4 @@ // much of this based on https://github.com/indutny/self-signed/blob/gh-pages/lib/rsa.js
     return ecVerify(sig, hash, pub);
+  } else if (pub.type === 'dsa') {
+    return dsaVerify(sig, hash, pub);
   }
@@ -46,1 +48,32 @@ var len = pub.modulus.byteLength();
 }
+function dsaVerify(sig, hash, pub) {
+  var p = pub.data.p;
+  var q = pub.data.q;
+  var g = pub.data.g;
+  var y = pub.data.pub_key;
+  var unpacked = parseKeys.signature.decode(sig, 'der');
+  var s = unpacked.s;
+  var r = unpacked.r;
+  checkValue(s, q);
+  checkValue(r, q);
+  var montq = bn.mont(q);
+  var montp = bn.mont(p);
+  var w =  s.invm(q);
+  var v = g.toRed(montp)
+  .redPow(new bn(hash).mul(w).mod(q))
+  .fromRed()
+  .mul(
+    y.toRed(montp)
+    .redPow(r.mul(w).mod(q))
+    .fromRed()
+  ).mod(p).mod(q);
+  return !v.cmp(r);
+}
+function checkValue(b, q) {
+  if (b.cmpn(0) <= 0) {
+    throw new Error('invalid sig');
+  }
+  if (b.cmp(q) >= q) {
+    throw new Error('invalid sig');
+  }
+}

No alert changes

Improved metrics

Total package byte prevSize

37488

increased by64.99%

Number of package files

42

increased by44.83%

Lines of code

488

increased by40.23%

Dependency changes

• Updatedparse-asn1@^1.2.0