Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
browserify-sign
Advanced tools
browserify-sign - npm Package Compare versions
Comparing version 2.8.0 to 3.0.0
29
algos.js
@@ -0,1 +1,2 @@ | ||
| 'use strict' | ||
| exports['RSA-SHA224'] = exports.sha224WithRSAEncryption = { | ||
@@ -5,3 +6,3 @@ sign: 'rsa', | ||
| id: new Buffer('302d300d06096086480165030402040500041c', 'hex') | ||
| }; | ||
| } | ||
| exports['RSA-SHA256'] = exports.sha256WithRSAEncryption = { | ||
@@ -11,3 +12,3 @@ sign: 'rsa', | ||
| id: new Buffer('3031300d060960864801650304020105000420', 'hex') | ||
| }; | ||
| } | ||
| exports['RSA-SHA384'] = exports.sha384WithRSAEncryption = { | ||
@@ -17,3 +18,3 @@ sign: 'rsa', | ||
| id: new Buffer('3041300d060960864801650304020205000430', 'hex') | ||
| }; | ||
| } | ||
| exports['RSA-SHA512'] = exports.sha512WithRSAEncryption = { | ||
@@ -23,3 +24,3 @@ sign: 'rsa', | ||
| id: new Buffer('3051300d060960864801650304020305000440', 'hex') | ||
| }; | ||
| } | ||
| exports['RSA-SHA1'] = { | ||
@@ -29,3 +30,3 @@ sign: 'rsa', | ||
| id: new Buffer('3021300906052b0e03021a05000414', 'hex') | ||
| }; | ||
| } | ||
| exports['ecdsa-with-SHA1'] = { | ||
@@ -35,3 +36,3 @@ sign: 'ecdsa', | ||
| id: new Buffer('', 'hex') | ||
| }; | ||
| } | ||
| exports.DSA = exports['DSA-SHA1'] = exports['DSA-SHA'] = { | ||
@@ -41,3 +42,3 @@ sign: 'dsa', | ||
| id: new Buffer('', 'hex') | ||
| }; | ||
| } | ||
| exports['DSA-SHA224'] = exports['DSA-WITH-SHA224'] = { | ||
@@ -47,3 +48,3 @@ sign: 'dsa', | ||
| id: new Buffer('', 'hex') | ||
| }; | ||
| } | ||
| exports['DSA-SHA256'] = exports['DSA-WITH-SHA256'] = { | ||
@@ -53,3 +54,3 @@ sign: 'dsa', | ||
| id: new Buffer('', 'hex') | ||
| }; | ||
| } | ||
| exports['DSA-SHA384'] = exports['DSA-WITH-SHA384'] = { | ||
@@ -59,3 +60,3 @@ sign: 'dsa', | ||
| id: new Buffer('', 'hex') | ||
| }; | ||
| } | ||
| exports['DSA-SHA512'] = exports['DSA-WITH-SHA512'] = { | ||
@@ -65,3 +66,3 @@ sign: 'dsa', | ||
| id: new Buffer('', 'hex') | ||
| }; | ||
| } | ||
| exports['DSA-RIPEMD160'] = { | ||
@@ -71,3 +72,3 @@ sign: 'dsa', | ||
| id: new Buffer('', 'hex') | ||
| }; | ||
| } | ||
| exports['RSA-RIPEMD160'] = exports.ripemd160WithRSA = { | ||
@@ -77,3 +78,3 @@ sign: 'rsa', | ||
| id: new Buffer('3021300906052b2403020105000414', 'hex') | ||
| }; | ||
| } | ||
| exports['RSA-MD5'] = exports.md5WithRSAEncryption = { | ||
@@ -83,2 +84,2 @@ sign: 'rsa', | ||
| id: new Buffer('3020300c06082a864886f70d020505000410', 'hex') | ||
| }; | ||
| } |
@@ -1,1 +0,7 @@ | ||
| require('./inject')(module.exports, require('crypto')); | ||
| var crypto = require('crypto') | ||
| exports.createSign = crypto.createSign | ||
| exports.Sign = crypto.Sign | ||
| exports.createVerify = crypto.createVerify | ||
| exports.Verify = crypto.Verify |
| { | ||
| "name": "browserify-sign", | ||
| "version": "2.8.0", | ||
| "version": "3.0.0", | ||
| "description": "", | ||
| "main": "index.js", | ||
| "browser": "browser.js", | ||
| "scripts": { | ||
@@ -11,3 +12,3 @@ "test": "node test/index.js | tspec" | ||
| "type": "git", | ||
| "url": "git://github.com/calvinmetcalf/browserify-sign.git" | ||
| "url": "git://github.com/crypto-browserify/browserify-sign.git" | ||
| }, | ||
@@ -18,6 +19,8 @@ "author": "", | ||
| "bn.js": "^1.0.0", | ||
| "browserify-rsa": "^1.1.0", | ||
| "browserify-rsa": "^2.0.0", | ||
| "create-hash": "^1.1.0", | ||
| "create-hmac": "^1.1.2", | ||
| "elliptic": "^1.0.0", | ||
| "inherits": "^2.0.1", | ||
| "parse-asn1": "^2.0.0" | ||
| "parse-asn1": "^3.0.0" | ||
| }, | ||
@@ -24,0 +27,0 @@ "devDependencies": { |
@@ -1,2 +0,2 @@ | ||
| browserify-sign [](https://travis-ci.org/calvinmetcalf/browserify-sign) | ||
| browserify-sign [](https://travis-ci.org/crypto-browserify/browserify-sign) | ||
| === | ||
@@ -3,0 +3,0 @@ |
216
sign.js
| // much of this based on https://github.com/indutny/self-signed/blob/gh-pages/lib/rsa.js | ||
| var parseKeys = require('parse-asn1'); | ||
| var bn = require('bn.js'); | ||
| var elliptic = require('elliptic'); | ||
| var crt = require("browserify-rsa"); | ||
| module.exports = sign; | ||
| function sign(hash, key, hashType, crypto) { | ||
| var priv = parseKeys(key, crypto); | ||
| var parseKeys = require('parse-asn1') | ||
| var BN = require('bn.js') | ||
| var elliptic = require('elliptic') | ||
| var crt = require('browserify-rsa') | ||
| var createHmac = require('create-hmac') | ||
| var curves = require('./curves') | ||
| module.exports = sign | ||
| function sign (hash, key, hashType) { | ||
| var priv = parseKeys(key) | ||
| if (priv.curve) { | ||
| return ecSign(hash, priv, crypto); | ||
| return ecSign(hash, priv) | ||
| } else if (priv.type === 'dsa') { | ||
| return dsaSign(hash, priv, hashType, crypto); | ||
| return dsaSign(hash, priv, hashType) | ||
| } | ||
| var len = priv.modulus.byteLength(); | ||
| var pad = [ 0, 1 ]; | ||
| var len = priv.modulus.byteLength() | ||
| var pad = [ 0, 1 ] | ||
| while (hash.length + pad.length + 1 < len) { | ||
| pad.push(0xff); | ||
| pad.push(0xff) | ||
| } | ||
| pad.push(0x00); | ||
| var i = -1; | ||
| pad.push(0x00) | ||
| var i = -1 | ||
| while (++i < hash.length) { | ||
| pad.push(hash[i]); | ||
| pad.push(hash[i]) | ||
| } | ||
| var out = crt(pad, priv, crypto); | ||
| return out; | ||
| var out = crt(pad, priv) | ||
| return out | ||
| } | ||
| function ecSign(hash, priv, crypto) { | ||
| elliptic.rand = crypto.randomBytes; | ||
| var curve; | ||
| if (priv.curve.join('.') === '1.3.132.0.10') { | ||
| curve = new elliptic.ec('secp256k1'); | ||
| } | ||
| var key = curve.genKeyPair(); | ||
| key._importPrivate(priv.privateKey); | ||
| var out = key.sign(hash); | ||
| return new Buffer(out.toDER()); | ||
| function ecSign (hash, priv) { | ||
| var curveId = curves[priv.curve.join('.')] | ||
| if (!curveId) | ||
| throw new Error('unknown curve ' + priv.curve.join('.')) | ||
| var curve = new elliptic.ec(curveId) | ||
| var key = curve.genKeyPair() | ||
| key._importPrivate(priv.privateKey) | ||
| var out = key.sign(hash) | ||
| return new Buffer(out.toDER()) | ||
| } | ||
| function dsaSign(hash, priv, algo, crypto) { | ||
| var x = priv.params.priv_key; | ||
| var p = priv.params.p; | ||
| var q = priv.params.q; | ||
| var montq = bn.mont(q); | ||
| var g = priv.params.g; | ||
| var r = new bn(0); | ||
| var k; | ||
| var H = bits2int(hash, q).mod(q); | ||
| var s = false; | ||
| var kv = getKay(x, q, hash, algo, crypto); | ||
| function dsaSign (hash, priv, algo) { | ||
| var x = priv.params.priv_key | ||
| var p = priv.params.p | ||
| var q = priv.params.q | ||
| var montq = BN.mont(q) | ||
| var g = priv.params.g | ||
| var r = new BN(0) | ||
| var k | ||
| var H = bits2int(hash, q).mod(q) | ||
| var s = false | ||
| var kv = getKey(x, q, hash, algo) | ||
| while (s === false) { | ||
| k = makeKey(q, kv, algo, crypto); | ||
| r = makeR(g, k, p, q); | ||
| s = k.invm(q).imul(H.add(x.mul(r))).mod(q); | ||
| k = makeKey(q, kv, algo) | ||
| r = makeR(g, k, p, q) | ||
| s = k.invm(q).imul(H.add(x.mul(r))).mod(q) | ||
| if (!s.cmpn(0)) { | ||
| s = false; | ||
| r = new bn(0); | ||
| s = false | ||
| r = new BN(0) | ||
| } | ||
| } | ||
| return toDER(r,s); | ||
| return toDER(r, s) | ||
| } | ||
| function toDER(r, s) { | ||
| r = r.toArray(); | ||
| s = s.toArray(); | ||
| function toDER (r, s) { | ||
| r = r.toArray() | ||
| s = s.toArray() | ||
| // Pad values | ||
| if (r[0] & 0x80) | ||
| r = [ 0 ].concat(r); | ||
| r = [ 0 ].concat(r) | ||
| // Pad values | ||
| if (s[0] & 0x80) | ||
| s = [0].concat(s); | ||
| s = [0].concat(s) | ||
| var total = r.length + s.length + 4; | ||
| var res = [ 0x30, total, 0x02, r.length ]; | ||
| res = res.concat(r, [ 0x02, s.length ], s); | ||
| return new Buffer(res); | ||
| var total = r.length + s.length + 4 | ||
| var res = [ 0x30, total, 0x02, r.length ] | ||
| res = res.concat(r, [ 0x02, s.length ], s) | ||
| return new Buffer(res) | ||
| } | ||
| module.exports.getKay = getKay; | ||
| function getKay(x, q, hash, algo, crypto) { | ||
| x = new Buffer(x.toArray()); | ||
| module.exports.getKey = getKey | ||
| function getKey (x, q, hash, algo) { | ||
| x = new Buffer(x.toArray()) | ||
| if (x.length < q.byteLength()) { | ||
| var zeros = new Buffer(q.byteLength() - x.length); | ||
| zeros.fill(0); | ||
| x = Buffer.concat([zeros, x]); | ||
| var zeros = new Buffer(q.byteLength() - x.length) | ||
| zeros.fill(0) | ||
| x = Buffer.concat([zeros, x]) | ||
| } | ||
| var hlen = hash.length; | ||
| var hbits = bits2octets(hash, q); | ||
| var v = new Buffer(hlen); | ||
| v.fill(1); | ||
| var k = new Buffer(hlen); | ||
| k.fill(0); | ||
| k = crypto.createHmac(algo, k) | ||
| var hlen = hash.length | ||
| var hbits = bits2octets(hash, q) | ||
| var v = new Buffer(hlen) | ||
| v.fill(1) | ||
| var k = new Buffer(hlen) | ||
| k.fill(0) | ||
| k = createHmac(algo, k) | ||
| .update(v) | ||
@@ -96,7 +100,7 @@ .update(new Buffer([0])) | ||
| .update(hbits) | ||
| .digest(); | ||
| v = crypto.createHmac(algo, k) | ||
| .digest() | ||
| v = createHmac(algo, k) | ||
| .update(v) | ||
| .digest(); | ||
| k = crypto.createHmac(algo, k) | ||
| .digest() | ||
| k = createHmac(algo, k) | ||
| .update(v) | ||
@@ -106,57 +110,57 @@ .update(new Buffer([1])) | ||
| .update(hbits) | ||
| .digest(); | ||
| v = crypto.createHmac(algo, k) | ||
| .digest() | ||
| v = createHmac(algo, k) | ||
| .update(v) | ||
| .digest(); | ||
| .digest() | ||
| return { | ||
| k:k, | ||
| v:v | ||
| }; | ||
| k: k, | ||
| v: v | ||
| } | ||
| } | ||
| function bits2int(obits, q) { | ||
| bits = new bn(obits); | ||
| var shift = obits.length * 8 - q.bitLength(); | ||
| function bits2int (obits, q) { | ||
| var bits = new BN(obits) | ||
| var shift = (obits.length << 3) - q.bitLength() | ||
| if (shift > 0) { | ||
| bits.ishrn(shift); | ||
| bits.ishrn(shift) | ||
| } | ||
| return bits; | ||
| return bits | ||
| } | ||
| function bits2octets (bits, q) { | ||
| bits = bits2int(bits, q); | ||
| bits = bits.mod(q); | ||
| var out = new Buffer(bits.toArray()); | ||
| bits = bits2int(bits, q) | ||
| bits = bits.mod(q) | ||
| var out = new Buffer(bits.toArray()) | ||
| if (out.length < q.byteLength()) { | ||
| var zeros = new Buffer(q.byteLength() - out.length); | ||
| zeros.fill(0); | ||
| out = Buffer.concat([zeros, out]); | ||
| var zeros = new Buffer(q.byteLength() - out.length) | ||
| zeros.fill(0) | ||
| out = Buffer.concat([zeros, out]) | ||
| } | ||
| return out; | ||
| return out | ||
| } | ||
| module.exports.makeKey = makeKey; | ||
| function makeKey(q, kv, algo, crypto) { | ||
| var t; | ||
| var k; | ||
| module.exports.makeKey = makeKey | ||
| function makeKey (q, kv, algo) { | ||
| var t | ||
| var k | ||
| while (true) { | ||
| t = new Buffer(''); | ||
| t = new Buffer('') | ||
| while (t.length * 8 < q.bitLength()) { | ||
| kv.v = crypto.createHmac(algo, kv.k) | ||
| kv.v = createHmac(algo, kv.k) | ||
| .update(kv.v) | ||
| .digest(); | ||
| t = Buffer.concat([t, kv.v]); | ||
| .digest() | ||
| t = Buffer.concat([t, kv.v]) | ||
| } | ||
| k = bits2int(t, q); | ||
| kv.k = crypto.createHmac(algo, kv.k) | ||
| k = bits2int(t, q) | ||
| kv.k = createHmac(algo, kv.k) | ||
| .update(kv.v) | ||
| .update(new Buffer([0])) | ||
| .digest(); | ||
| kv.v = crypto.createHmac(algo, kv.k) | ||
| .digest() | ||
| kv.v = createHmac(algo, kv.k) | ||
| .update(kv.v) | ||
| .digest(); | ||
| .digest() | ||
| if (k.cmp(q) === -1) { | ||
| return k; | ||
| return k | ||
| } | ||
| } | ||
| } | ||
| function makeR(g, k, p, q) { | ||
| return g.toRed(bn.mont(p)).redPow(k).fromRed().mod(q); | ||
| } | ||
| function makeR (g, k, p, q) { | ||
| return g.toRed(BN.mont(p)).redPow(k).fromRed().mod(q) | ||
| } |
@@ -1,216 +0,236 @@ | ||
| var test = require('tape'); | ||
| var fs = require('fs'); | ||
| var priv1024 = fs.readFileSync(__dirname + '/rsa.1024.priv'); | ||
| var asn1 = require('parse-asn1/asn1'); | ||
| var test = require('tape') | ||
| var fs = require('fs') | ||
| var priv1024 = fs.readFileSync(__dirname + '/rsa.1024.priv') | ||
| var asn1 = require('parse-asn1/asn1') | ||
| var parseKeys = require('parse-asn1') | ||
| var crt = require('browserify-rsa') | ||
| var crypto = require('crypto') | ||
| var rsa1024 = { | ||
| private: fs.readFileSync(__dirname + '/rsa.1024.priv'), | ||
| public: fs.readFileSync(__dirname + '/rsa.1024.pub') | ||
| }; | ||
| private: fs.readFileSync(__dirname + '/rsa.1024.priv'), | ||
| public: fs.readFileSync(__dirname + '/rsa.1024.pub') | ||
| } | ||
| var rsa2028 = { | ||
| private: fs.readFileSync(__dirname + '/rsa.2028.priv'), | ||
| public: fs.readFileSync(__dirname + '/rsa.2028.pub') | ||
| }; | ||
| private: fs.readFileSync(__dirname + '/rsa.2028.priv'), | ||
| public: fs.readFileSync(__dirname + '/rsa.2028.pub') | ||
| } | ||
| var nonrsa1024 = { | ||
| private: fs.readFileSync(__dirname + '/1024.priv'), | ||
| public: fs.readFileSync(__dirname + '/1024.pub') | ||
| }; | ||
| private: fs.readFileSync(__dirname + '/1024.priv'), | ||
| public: fs.readFileSync(__dirname + '/1024.pub') | ||
| } | ||
| var pass1024 = { | ||
| private: { | ||
| passphrase: 'fooo', | ||
| key:fs.readFileSync(__dirname + '/pass.1024.priv') | ||
| }, | ||
| public: fs.readFileSync(__dirname + '/pass.1024.pub') | ||
| }; | ||
| private: { | ||
| passphrase: 'fooo', | ||
| key: fs.readFileSync(__dirname + '/pass.1024.priv') | ||
| }, | ||
| public: fs.readFileSync(__dirname + '/pass.1024.pub') | ||
| } | ||
| var ec = { | ||
| private: fs.readFileSync(__dirname + '/ec.priv'), | ||
| public: fs.readFileSync(__dirname + '/ec.pub') | ||
| }; | ||
| private: fs.readFileSync(__dirname + '/ec.priv'), | ||
| public: fs.readFileSync(__dirname + '/ec.pub') | ||
| } | ||
| var ec224 = { | ||
| private: fs.readFileSync(__dirname + '/ec.p224.priv'), | ||
| public: fs.readFileSync(__dirname + '/ec.p224.pub') | ||
| } | ||
| var ec192 = { | ||
| private: fs.readFileSync(__dirname + '/ec.p192.priv'), | ||
| public: fs.readFileSync(__dirname + '/ec.p192.pub') | ||
| } | ||
| var ec256 = { | ||
| private: fs.readFileSync(__dirname + '/ec.p256.priv'), | ||
| public: fs.readFileSync(__dirname + '/ec.p256.pub') | ||
| } | ||
| var ecpass = { | ||
| private: { | ||
| key: fs.readFileSync(__dirname + '/ec.pass.priv'), | ||
| passphrase: 'bard' | ||
| }, | ||
| public: fs.readFileSync(__dirname + '/ec.pub') | ||
| }; | ||
| private: { | ||
| key: fs.readFileSync(__dirname + '/ec.pass.priv'), | ||
| passphrase: 'bard' | ||
| }, | ||
| public: fs.readFileSync(__dirname + '/ec.pub') | ||
| } | ||
| var dsa = { | ||
| private: fs.readFileSync(__dirname + '/dsa.1024.priv'), | ||
| public: fs.readFileSync(__dirname + '/dsa.1024.pub') | ||
| }; | ||
| private: fs.readFileSync(__dirname + '/dsa.1024.priv'), | ||
| public: fs.readFileSync(__dirname + '/dsa.1024.pub') | ||
| } | ||
| var dsa2 = { | ||
| private: fs.readFileSync(__dirname + '/dsa.2048.priv'), | ||
| public: fs.readFileSync(__dirname + '/dsa.2048.pub') | ||
| }; | ||
| private: fs.readFileSync(__dirname + '/dsa.2048.priv'), | ||
| public: fs.readFileSync(__dirname + '/dsa.2048.pub') | ||
| } | ||
| var dsapass = { | ||
| private: { | ||
| key:fs.readFileSync(__dirname + '/pass.dsa.1024.priv'), | ||
| passphrase:'password' | ||
| }, | ||
| public: fs.readFileSync(__dirname + '/pass.dsa.1024.pub') | ||
| }; | ||
| private: { | ||
| key: fs.readFileSync(__dirname + '/pass.dsa.1024.priv'), | ||
| passphrase: 'password' | ||
| }, | ||
| public: fs.readFileSync(__dirname + '/pass.dsa.1024.pub') | ||
| } | ||
| var dsapass2 = { | ||
| private: { | ||
| key:fs.readFileSync(__dirname + '/pass2.dsa.1024.priv'), | ||
| passphrase:'password' | ||
| }, | ||
| public: fs.readFileSync(__dirname + '/pass2.dsa.1024.pub') | ||
| }; | ||
| private: { | ||
| key: fs.readFileSync(__dirname + '/pass2.dsa.1024.priv'), | ||
| passphrase: 'password' | ||
| }, | ||
| public: fs.readFileSync(__dirname + '/pass2.dsa.1024.pub') | ||
| } | ||
| var rsapass = { | ||
| private: { | ||
| key:fs.readFileSync(__dirname + '/pass.rsa.1024.priv'), | ||
| passphrase:'password' | ||
| }, | ||
| public: fs.readFileSync(__dirname + '/pass.rsa.1024.pub') | ||
| }; | ||
| private: { | ||
| key: fs.readFileSync(__dirname + '/pass.rsa.1024.priv'), | ||
| passphrase: 'password' | ||
| }, | ||
| public: fs.readFileSync(__dirname + '/pass.rsa.1024.pub') | ||
| } | ||
| var rsapass2 = { | ||
| private: { | ||
| key:fs.readFileSync(__dirname + '/pass.rsa.2028.priv'), | ||
| passphrase:'password' | ||
| }, | ||
| public: fs.readFileSync(__dirname + '/pass.rsa.2028.pub') | ||
| }; | ||
| var vector = fs.readFileSync(__dirname + '/vector.priv'); | ||
| var vector2 = fs.readFileSync(__dirname + '/vector2.priv'); | ||
| function isNode10() { | ||
| return process.version && process.version.split('.').length === 3 && parseInt(process.version.split('.')[1], 10) <= 10; | ||
| private: { | ||
| key: fs.readFileSync(__dirname + '/pass.rsa.2028.priv'), | ||
| passphrase: 'password' | ||
| }, | ||
| public: fs.readFileSync(__dirname + '/pass.rsa.2028.pub') | ||
| } | ||
| var nodeCrypto = require('crypto'); | ||
| var myCrypto = require('../'); | ||
| function testIt(keys, message, scheme) { | ||
| var pub = keys.public; | ||
| var priv = keys.private; | ||
| test(message.toString(), function (t) { | ||
| t.plan(4); | ||
| var mySign = myCrypto.createSign(scheme); | ||
| var nodeSign = nodeCrypto.createSign(scheme); | ||
| var mySig = mySign.update(message).sign(priv); | ||
| var nodeSig = nodeSign.update(message).sign(priv); | ||
| t.equals(mySig.length, nodeSig.length, 'correct length'); | ||
| t.equals(mySig.toString('hex'), nodeSig.toString('hex'), 'equal sigs'); | ||
| var myVer = myCrypto.createVerify(scheme); | ||
| var nodeVer = nodeCrypto.createVerify(scheme); | ||
| t.ok(nodeVer.update(message).verify(pub, mySig), 'node validate my sig'); | ||
| t.ok(myVer.update(message).verify(pub, nodeSig), 'me validate node sig'); | ||
| }); | ||
| var vector = fs.readFileSync(__dirname + '/vector.priv') | ||
| var vector2 = fs.readFileSync(__dirname + '/vector2.priv') | ||
| function isNode10 () { | ||
| return process.version && process.version.split('.').length === 3 && parseInt(process.version.split('.')[1], 10) <= 10 | ||
| } | ||
| function ectestIt(keys, message, scheme) { | ||
| var pub = keys.public; | ||
| var priv = keys.private; | ||
| test(message.toString(), function (t) { | ||
| t.plan(3); | ||
| var nodeSign = nodeCrypto.createSign(scheme); | ||
| var mySign = myCrypto.createSign(scheme); | ||
| var mySig = mySign.update(message).sign(priv); | ||
| var nodeSig = nodeSign.update(message).sign(priv); | ||
| t.notEqual(mySig.toString('hex'), nodeSig.toString('hex'), 'not equal sigs'); | ||
| var myVer = myCrypto.createVerify(scheme); | ||
| var nodeVer = nodeCrypto.createVerify(scheme); | ||
| t.ok(nodeVer.update(message).verify(pub, mySig), 'node validate my sig'); | ||
| t.ok(myVer.update(message).verify(pub, nodeSig), 'me validate node sig'); | ||
| }); | ||
| var nodeCrypto = require('crypto') | ||
| var myCrypto = require('../browser') | ||
| function testIt (keys, message, scheme) { | ||
| var pub = keys.public | ||
| var priv = keys.private | ||
| test(message.toString(), function (t) { | ||
| t.plan(4) | ||
| var mySign = myCrypto.createSign(scheme) | ||
| var nodeSign = nodeCrypto.createSign(scheme) | ||
| var mySig = mySign.update(message).sign(priv) | ||
| var nodeSig = nodeSign.update(message).sign(priv) | ||
| t.equals(mySig.length, nodeSig.length, 'correct length') | ||
| t.equals(mySig.toString('hex'), nodeSig.toString('hex'), 'equal sigs') | ||
| var myVer = myCrypto.createVerify(scheme) | ||
| var nodeVer = nodeCrypto.createVerify(scheme) | ||
| t.ok(nodeVer.update(message).verify(pub, mySig), 'node validate my sig') | ||
| t.ok(myVer.update(message).verify(pub, nodeSig), 'me validate node sig') | ||
| }) | ||
| } | ||
| function ectestIt (keys, message, scheme) { | ||
| var pub = keys.public | ||
| var priv = keys.private | ||
| test(message.toString(), function (t) { | ||
| t.plan(3) | ||
| ectestIt(dsa, new Buffer('dsa with 1024 keys'), 'DSA'); | ||
| ectestIt(dsa2, new Buffer('dsa with 2048 keys'), 'DSA-SHA1'); | ||
| testIt(rsa1024, new Buffer('md5 with 1024 keys'), 'RSA-MD5'); | ||
| ectestIt(ec, new Buffer('ecdsa with sha1'), 'ecdsa-with-SHA1'); | ||
| testIt(rsa1024, new Buffer('md5 with 1024 keys'), 'RSA-MD5'); | ||
| testIt(rsa2028, new Buffer('md5 with 2028 keys'), 'RSA-MD5'); | ||
| testIt(nonrsa1024, new Buffer('md5 with 1024 keys non-rsa key'), 'RSA-MD5'); | ||
| testIt(rsa1024, new Buffer('rmd160 with 2028 keys'), 'RSA-RIPEMD160'); | ||
| testIt(rsa2028, new Buffer('rmd160 with 1024 keys'), 'RSA-RIPEMD160'); | ||
| testIt(nonrsa1024, new Buffer('rmd160 with 1024 keys non-rsa key'), 'RSA-RIPEMD160'); | ||
| testIt(rsa1024, new Buffer('sha1 with 1024 keys'), 'RSA-SHA1'); | ||
| testIt(rsa2028, new Buffer('sha1 with 2028 keys'), 'RSA-SHA1'); | ||
| testIt(nonrsa1024, new Buffer('sha1 with 1024 keys non-rsa key'), 'RSA-SHA1'); | ||
| testIt(rsa1024, new Buffer('sha224 with 1024 keys'), 'RSA-SHA224'); | ||
| testIt(nonrsa1024, new Buffer('sha224 with 1024 keys non-rsa key'), 'RSA-SHA224'); | ||
| testIt(rsa2028, new Buffer('sha224 with 2028 keys'), 'RSA-SHA224'); | ||
| testIt(rsa1024, new Buffer('SHA256 with 1024 keys'), 'RSA-SHA256'); | ||
| testIt(nonrsa1024, new Buffer('sha256 with 1024 keys non-rsa key'), 'RSA-SHA256'); | ||
| testIt(rsa2028, new Buffer('SHA256 with 2028 keys'), 'RSA-SHA256'); | ||
| testIt(rsa1024, new Buffer('SHA384 with 1024 keys'), 'RSA-SHA384'); | ||
| testIt(nonrsa1024, new Buffer('sha384 with 1024 keys non-rsa key'), 'RSA-SHA384'); | ||
| testIt(rsa2028, new Buffer('SHA384 with 2028 keys'), 'RSA-SHA384'); | ||
| testIt(rsa1024, new Buffer('SHA512 with 1024 keys'), 'RSA-SHA512'); | ||
| testIt(nonrsa1024, new Buffer('sha512 with 1024 keys non-rsa key'), 'RSA-SHA512'); | ||
| testIt(rsa2028, new Buffer('SHA512 with 2028 keys'), 'RSA-SHA512'); | ||
| var nodeSign = nodeCrypto.createSign(scheme) | ||
| var mySign = myCrypto.createSign(scheme) | ||
| var mySig = mySign.update(message).sign(priv) | ||
| var nodeSig = nodeSign.update(message).sign(priv) | ||
| t.notEqual(mySig.toString('hex'), nodeSig.toString('hex'), 'not equal sigs') | ||
| var myVer = myCrypto.createVerify(scheme) | ||
| var nodeVer = nodeCrypto.createVerify(scheme) | ||
| t.ok(nodeVer.update(message).verify(pub, mySig), 'node validate my sig') | ||
| t.ok(myVer.update(message).verify(pub, nodeSig), 'me validate node sig') | ||
| }) | ||
| } | ||
| ectestIt(dsa, new Buffer('dsa with 1024 keys'), 'DSA') | ||
| ectestIt(dsa2, new Buffer('dsa with 2048 keys'), 'DSA-SHA1') | ||
| testIt(rsa1024, new Buffer('md5 with 1024 keys'), 'RSA-MD5') | ||
| ectestIt(ec, new Buffer('ecdsa with sha1'), 'ecdsa-with-SHA1') | ||
| ectestIt(ec192, new Buffer('ecdsa with p192 key with sha1'), 'ecdsa-with-SHA1') | ||
| ectestIt(ec224, new Buffer('ecdsa with p224 key with sha1'), 'ecdsa-with-SHA1') | ||
| ectestIt(ec256, new Buffer('ecdsa with p256 key with sha1'), 'ecdsa-with-SHA1') | ||
| testIt(rsa1024, new Buffer('md5 with 1024 keys'), 'RSA-MD5') | ||
| testIt(rsa2028, new Buffer('md5 with 2028 keys'), 'RSA-MD5') | ||
| testIt(nonrsa1024, new Buffer('md5 with 1024 keys non-rsa key'), 'RSA-MD5') | ||
| testIt(rsa1024, new Buffer('rmd160 with 2028 keys'), 'RSA-RIPEMD160') | ||
| testIt(rsa2028, new Buffer('rmd160 with 1024 keys'), 'RSA-RIPEMD160') | ||
| testIt(nonrsa1024, new Buffer('rmd160 with 1024 keys non-rsa key'), 'RSA-RIPEMD160') | ||
| testIt(rsa1024, new Buffer('sha1 with 1024 keys'), 'RSA-SHA1') | ||
| testIt(rsa2028, new Buffer('sha1 with 2028 keys'), 'RSA-SHA1') | ||
| testIt(nonrsa1024, new Buffer('sha1 with 1024 keys non-rsa key'), 'RSA-SHA1') | ||
| testIt(rsa1024, new Buffer('sha224 with 1024 keys'), 'RSA-SHA224') | ||
| testIt(nonrsa1024, new Buffer('sha224 with 1024 keys non-rsa key'), 'RSA-SHA224') | ||
| testIt(rsa2028, new Buffer('sha224 with 2028 keys'), 'RSA-SHA224') | ||
| testIt(rsa1024, new Buffer('SHA256 with 1024 keys'), 'RSA-SHA256') | ||
| testIt(nonrsa1024, new Buffer('sha256 with 1024 keys non-rsa key'), 'RSA-SHA256') | ||
| testIt(rsa2028, new Buffer('SHA256 with 2028 keys'), 'RSA-SHA256') | ||
| testIt(rsa1024, new Buffer('SHA384 with 1024 keys'), 'RSA-SHA384') | ||
| testIt(nonrsa1024, new Buffer('sha384 with 1024 keys non-rsa key'), 'RSA-SHA384') | ||
| testIt(rsa2028, new Buffer('SHA384 with 2028 keys'), 'RSA-SHA384') | ||
| testIt(rsa1024, new Buffer('SHA512 with 1024 keys'), 'RSA-SHA512') | ||
| testIt(nonrsa1024, new Buffer('sha512 with 1024 keys non-rsa key'), 'RSA-SHA512') | ||
| testIt(rsa2028, new Buffer('SHA512 with 2028 keys'), 'RSA-SHA512') | ||
| if (!isNode10()) { | ||
| ectestIt(ecpass, new Buffer('ecdsa with password'), 'ecdsa-with-SHA1'); | ||
| ectestIt(dsapass, new Buffer('dsa with 1024 keys and a password'), 'DSA-SHA'); | ||
| ectestIt(dsapass2, new Buffer('dsa with 1024 keys and a password varient'), 'DSA-SHA'); | ||
| testIt(rsapass, new Buffer('sha1 with 1024 keys and password, varient'), 'RSA-SHA1'); | ||
| testIt(rsapass2, new Buffer('sha1 with 2024 keys and password, varient'), 'RSA-SHA1'); | ||
| testIt(rsapass, new Buffer('sha224 with 1024 keys and password, varient'), 'RSA-SHA224'); | ||
| testIt(rsapass2, new Buffer('sha224 with 2024 keys and password, varient'), 'RSA-SHA224'); | ||
| testIt(rsapass, new Buffer('sha256 with 1024 keys and password, varient'), 'RSA-SHA256'); | ||
| testIt(rsapass2, new Buffer('sha256 with 2024 keys and password, varient'), 'RSA-SHA256'); | ||
| testIt(rsapass, new Buffer('sha384 with 1024 keys and password, varient'), 'RSA-SHA384'); | ||
| testIt(rsapass2, new Buffer('sha384 with 2024 keys and password, varient'), 'RSA-SHA384'); | ||
| testIt(rsapass, new Buffer('sha512 with 1024 keys and password, varient'), 'RSA-SHA512'); | ||
| testIt(rsapass2, new Buffer('sha512 with 2024 keys and password, varient'), 'RSA-SHA512'); | ||
| testIt(rsapass, new Buffer('rmd160 with 1024 keys and password, varient'), 'RSA-RIPEMD160'); | ||
| testIt(rsapass2, new Buffer('rmd160 with 2024 keys and password, varient'), 'RSA-RIPEMD160'); | ||
| testIt(rsapass, new Buffer('md5 with 1024 keys and password, varient'), 'RSA-MD5'); | ||
| testIt(rsapass2, new Buffer('md5 with 2024 keys and password, varient'), 'RSA-MD5'); | ||
| testIt(pass1024, new Buffer('sha1 with 1024 keys and password'), 'RSA-SHA1'); | ||
| testIt(pass1024, new Buffer('sha224 with 1024 keys and password'), 'RSA-SHA224'); | ||
| testIt(pass1024, new Buffer('sha256 with 1024 keys and password'), 'RSA-SHA256'); | ||
| testIt(pass1024, new Buffer('sha384 with 1024 keys and password'), 'RSA-SHA384'); | ||
| testIt(pass1024, new Buffer('sha512 with 1024 keys and password'), 'RSA-SHA512'); | ||
| testIt(pass1024, new Buffer('rmd160 with 1024 keys and password'), 'RSA-RIPEMD160'); | ||
| testIt(pass1024, new Buffer('md5 with 1024 keys and password'), 'RSA-MD5'); | ||
| ectestIt(ecpass, new Buffer('ecdsa with password'), 'ecdsa-with-SHA1') | ||
| ectestIt(dsapass, new Buffer('dsa with 1024 keys and a password'), 'DSA-SHA') | ||
| ectestIt(dsapass2, new Buffer('dsa with 1024 keys and a password varient'), 'DSA-SHA') | ||
| testIt(rsapass, new Buffer('sha1 with 1024 keys and password, varient'), 'RSA-SHA1') | ||
| testIt(rsapass2, new Buffer('sha1 with 2024 keys and password, varient'), 'RSA-SHA1') | ||
| testIt(rsapass, new Buffer('sha224 with 1024 keys and password, varient'), 'RSA-SHA224') | ||
| testIt(rsapass2, new Buffer('sha224 with 2024 keys and password, varient'), 'RSA-SHA224') | ||
| testIt(rsapass, new Buffer('sha256 with 1024 keys and password, varient'), 'RSA-SHA256') | ||
| testIt(rsapass2, new Buffer('sha256 with 2024 keys and password, varient'), 'RSA-SHA256') | ||
| testIt(rsapass, new Buffer('sha384 with 1024 keys and password, varient'), 'RSA-SHA384') | ||
| testIt(rsapass2, new Buffer('sha384 with 2024 keys and password, varient'), 'RSA-SHA384') | ||
| testIt(rsapass, new Buffer('sha512 with 1024 keys and password, varient'), 'RSA-SHA512') | ||
| testIt(rsapass2, new Buffer('sha512 with 2024 keys and password, varient'), 'RSA-SHA512') | ||
| testIt(rsapass, new Buffer('rmd160 with 1024 keys and password, varient'), 'RSA-RIPEMD160') | ||
| testIt(rsapass2, new Buffer('rmd160 with 2024 keys and password, varient'), 'RSA-RIPEMD160') | ||
| testIt(rsapass, new Buffer('md5 with 1024 keys and password, varient'), 'RSA-MD5') | ||
| testIt(rsapass2, new Buffer('md5 with 2024 keys and password, varient'), 'RSA-MD5') | ||
| testIt(pass1024, new Buffer('sha1 with 1024 keys and password'), 'RSA-SHA1') | ||
| testIt(pass1024, new Buffer('sha224 with 1024 keys and password'), 'RSA-SHA224') | ||
| testIt(pass1024, new Buffer('sha256 with 1024 keys and password'), 'RSA-SHA256') | ||
| testIt(pass1024, new Buffer('sha384 with 1024 keys and password'), 'RSA-SHA384') | ||
| testIt(pass1024, new Buffer('sha512 with 1024 keys and password'), 'RSA-SHA512') | ||
| testIt(pass1024, new Buffer('rmd160 with 1024 keys and password'), 'RSA-RIPEMD160') | ||
| testIt(pass1024, new Buffer('md5 with 1024 keys and password'), 'RSA-MD5') | ||
| } | ||
| function kvector(algo, r, s, t, key, msg) { | ||
| t.plan(2); | ||
| var sig = myCrypto.createSign(algo).update(msg).sign(key); | ||
| var rs = asn1.signature.decode(sig, 'der'); | ||
| t.equals(rs.r.toString(16), r.toLowerCase(),'r'); | ||
| t.equals(rs.s.toString(16), s.toLowerCase(),'s'); | ||
| function kvector (algo, r, s, t, key, msg) { | ||
| t.plan(2) | ||
| var sig = myCrypto.createSign(algo).update(msg).sign(key) | ||
| var rs = asn1.signature.decode(sig, 'der') | ||
| t.equals(rs.r.toString(16), r.toLowerCase(), 'r') | ||
| t.equals(rs.s.toString(16), s.toLowerCase(), 's') | ||
| } | ||
| var vectors = [ | ||
| { | ||
| algo:'dsa-sha1', | ||
| r: '2E1A0C2562B2912CAAF89186FB0F42001585DA55', | ||
| s: '29EFB6B0AFF2D7A68EB70CA313022253B9A88DF5', | ||
| key: vector, | ||
| msg: 'sample' | ||
| algo: 'dsa-sha1', | ||
| r: '2E1A0C2562B2912CAAF89186FB0F42001585DA55', | ||
| s: '29EFB6B0AFF2D7A68EB70CA313022253B9A88DF5', | ||
| key: vector, | ||
| msg: 'sample' | ||
| }, | ||
| { | ||
| algo:'dsa-sha1', | ||
| r: '42AB2052FD43E123F0607F115052A67DCD9C5C77', | ||
| s: '183916B0230D45B9931491D4C6B0BD2FB4AAF088', | ||
| key: vector, | ||
| msg: 'test' | ||
| algo: 'dsa-sha1', | ||
| r: '42AB2052FD43E123F0607F115052A67DCD9C5C77', | ||
| s: '183916B0230D45B9931491D4C6B0BD2FB4AAF088', | ||
| key: vector, | ||
| msg: 'test' | ||
| }, | ||
| { | ||
| algo:'dsa-sha224', | ||
| r: '4BC3B686AEA70145856814A6F1BB53346F02101E', | ||
| s: '410697B92295D994D21EDD2F4ADA85566F6F94C1', | ||
| key: vector, | ||
| msg: 'sample' | ||
| algo: 'dsa-sha224', | ||
| r: '4BC3B686AEA70145856814A6F1BB53346F02101E', | ||
| s: '410697B92295D994D21EDD2F4ADA85566F6F94C1', | ||
| key: vector, | ||
| msg: 'sample' | ||
| }, | ||
| { | ||
| algo:'dsa-sha224', | ||
| r: '6868E9964E36C1689F6037F91F28D5F2C30610F2', | ||
| s: '49CEC3ACDC83018C5BD2674ECAAD35B8CD22940F', | ||
| key: vector, | ||
| msg: 'test' | ||
| algo: 'dsa-sha224', | ||
| r: '6868E9964E36C1689F6037F91F28D5F2C30610F2', | ||
| s: '49CEC3ACDC83018C5BD2674ECAAD35B8CD22940F', | ||
| key: vector, | ||
| msg: 'test' | ||
| }, | ||
| { | ||
| algo:'dsa-sha256', | ||
| r: '81F2F5850BE5BC123C43F71A3033E9384611C545', | ||
| s: '4CDD914B65EB6C66A8AAAD27299BEE6B035F5E89', | ||
| key: vector, | ||
| msg: 'sample' | ||
| algo: 'dsa-sha256', | ||
| r: '81F2F5850BE5BC123C43F71A3033E9384611C545', | ||
| s: '4CDD914B65EB6C66A8AAAD27299BEE6B035F5E89', | ||
| key: vector, | ||
| msg: 'sample' | ||
| }, | ||
| { | ||
| algo:'dsa-sha256', | ||
| r: '22518C127299B0F6FDC9872B282B9E70D0790812', | ||
| s: '6837EC18F150D55DE95B5E29BE7AF5D01E4FE160', | ||
| key: vector, | ||
| msg: 'test' | ||
| algo: 'dsa-sha256', | ||
| r: '22518C127299B0F6FDC9872B282B9E70D0790812', | ||
| s: '6837EC18F150D55DE95B5E29BE7AF5D01E4FE160', | ||
| key: vector, | ||
| msg: 'test' | ||
| }, | ||
| { | ||
| algo:'dsa-sha384', | ||
| algo: 'dsa-sha384', | ||
| r: '7F2108557EE0E3921BC1774F1CA9B410B4CE65A', | ||
@@ -222,3 +242,3 @@ s: '54DF70456C86FAC10FAB47C1949AB83F2C6F7595', | ||
| { | ||
| algo:'dsa-sha384', | ||
| algo: 'dsa-sha384', | ||
| r: '854CF929B58D73C3CBFDC421E8D5430CD6DB5E66', | ||
@@ -230,3 +250,3 @@ s: '91D0E0F53E22F898D158380676A871A157CDA622', | ||
| { | ||
| algo:'dsa-sha512', | ||
| algo: 'dsa-sha512', | ||
| r: '16C3491F9B8C3FBBDD5E7A7B667057F0D8EE8E1B', | ||
@@ -238,3 +258,3 @@ s: '2C36A127A7B89EDBB72E4FFBC71DABC7D4FC69C', | ||
| { | ||
| algo:'dsa-sha512', | ||
| algo: 'dsa-sha512', | ||
| r: '8EA47E475BA8AC6F2D821DA3BD212D11A3DEB9A0', | ||
@@ -246,44 +266,45 @@ s: '7C670C7AD72B6C050C109E1790008097125433E8', | ||
| { | ||
| algo:'dsa-sha1', | ||
| r: '3A1B2DBD7489D6ED7E608FD036C83AF396E290DBD602408E8677DAABD6E7445A', | ||
| s: 'D26FCBA19FA3E3058FFC02CA1596CDBB6E0D20CB37B06054F7E36DED0CDBBCCF', | ||
| key: vector2, | ||
| msg: 'sample' | ||
| algo: 'dsa-sha1', | ||
| r: '3A1B2DBD7489D6ED7E608FD036C83AF396E290DBD602408E8677DAABD6E7445A', | ||
| s: 'D26FCBA19FA3E3058FFC02CA1596CDBB6E0D20CB37B06054F7E36DED0CDBBCCF', | ||
| key: vector2, | ||
| msg: 'sample' | ||
| }, | ||
| { | ||
| algo:'dsa-sha1', | ||
| r: 'C18270A93CFC6063F57A4DFA86024F700D980E4CF4E2CB65A504397273D98EA0', | ||
| s: '414F22E5F31A8B6D33295C7539C1C1BA3A6160D7D68D50AC0D3A5BEAC2884FAA', | ||
| key: vector2, | ||
| msg: 'test' | ||
| algo: 'dsa-sha1', | ||
| r: 'C18270A93CFC6063F57A4DFA86024F700D980E4CF4E2CB65A504397273D98EA0', | ||
| s: '414F22E5F31A8B6D33295C7539C1C1BA3A6160D7D68D50AC0D3A5BEAC2884FAA', | ||
| key: vector2, | ||
| msg: 'test' | ||
| }, | ||
| { | ||
| algo:'dsa-sha224', | ||
| r: 'DC9F4DEADA8D8FF588E98FED0AB690FFCE858DC8C79376450EB6B76C24537E2C', | ||
| s: 'A65A9C3BC7BABE286B195D5DA68616DA8D47FA0097F36DD19F517327DC848CEC', | ||
| key: vector2, | ||
| msg: 'sample' | ||
| algo: 'dsa-sha224', | ||
| r: 'DC9F4DEADA8D8FF588E98FED0AB690FFCE858DC8C79376450EB6B76C24537E2C', | ||
| s: 'A65A9C3BC7BABE286B195D5DA68616DA8D47FA0097F36DD19F517327DC848CEC', | ||
| key: vector2, | ||
| msg: 'sample' | ||
| }, | ||
| { | ||
| algo:'dsa-sha224', | ||
| r: '272ABA31572F6CC55E30BF616B7A265312018DD325BE031BE0CC82AA17870EA3', | ||
| s: 'E9CC286A52CCE201586722D36D1E917EB96A4EBDB47932F9576AC645B3A60806', | ||
| key: vector2, | ||
| msg: 'test' | ||
| algo: 'dsa-sha224', | ||
| r: '272ABA31572F6CC55E30BF616B7A265312018DD325BE031BE0CC82AA17870EA3', | ||
| s: 'E9CC286A52CCE201586722D36D1E917EB96A4EBDB47932F9576AC645B3A60806', | ||
| key: vector2, | ||
| msg: 'test' | ||
| }, | ||
| { | ||
| algo:'dsa-sha256', | ||
| r: 'EACE8BDBBE353C432A795D9EC556C6D021F7A03F42C36E9BC87E4AC7932CC809', | ||
| s: '7081E175455F9247B812B74583E9E94F9EA79BD640DC962533B0680793A38D53', | ||
| key: vector2, | ||
| msg: 'sample' | ||
| algo: 'dsa-sha256', | ||
| r: 'EACE8BDBBE353C432A795D9EC556C6D021F7A03F42C36E9BC87E4AC7932CC809', | ||
| s: '7081E175455F9247B812B74583E9E94F9EA79BD640DC962533B0680793A38D53', | ||
| key: vector2, | ||
| msg: 'sample' | ||
| }, | ||
| { | ||
| algo:'dsa-sha256', | ||
| r: '8190012A1969F9957D56FCCAAD223186F423398D58EF5B3CEFD5A4146A4476F0', | ||
| s: '7452A53F7075D417B4B013B278D1BB8BBD21863F5E7B1CEE679CF2188E1AB19E', | ||
| key: vector2, | ||
| msg: 'test' | ||
| },{ | ||
| algo:'dsa-sha384', | ||
| algo: 'dsa-sha256', | ||
| r: '8190012A1969F9957D56FCCAAD223186F423398D58EF5B3CEFD5A4146A4476F0', | ||
| s: '7452A53F7075D417B4B013B278D1BB8BBD21863F5E7B1CEE679CF2188E1AB19E', | ||
| key: vector2, | ||
| msg: 'test' | ||
| }, | ||
| { | ||
| algo: 'dsa-sha384', | ||
| r: 'B2DA945E91858834FD9BF616EBAC151EDBC4B45D27D0DD4A7F6A22739F45C00B', | ||
@@ -295,3 +316,3 @@ s: '19048B63D9FD6BCA1D9BAE3664E1BCB97F7276C306130969F63F38FA8319021B', | ||
| { | ||
| algo:'dsa-sha384', | ||
| algo: 'dsa-sha384', | ||
| r: '239E66DDBE8F8C230A3D071D601B6FFBDFB5901F94D444C6AF56F732BEB954BE', | ||
@@ -301,4 +322,5 @@ s: '6BD737513D5E72FE85D1C750E0F73921FE299B945AAD1C802F15C26A43D34961', | ||
| msg: 'test' | ||
| },{ | ||
| algo:'dsa-sha512', | ||
| }, | ||
| { | ||
| algo: 'dsa-sha512', | ||
| r: '2016ED092DC5FB669B8EFB3D1F31A91EECB199879BE0CF78F02BA062CB4C942E', | ||
@@ -308,4 +330,5 @@ s: 'D0C76F84B5F091E141572A639A4FB8C230807EEA7D55C8A154A224400AFF2351', | ||
| msg: 'sample' | ||
| },{ | ||
| algo:'dsa-sha512', | ||
| }, | ||
| { | ||
| algo: 'dsa-sha512', | ||
| r: '89EC4BB1400ECCFF8E7D9AA515CD1DE7803F2DAFF09693EE7FD1353E90A68307', | ||
@@ -316,9 +339,142 @@ s: 'C9F0BDABCC0D880BB137A994CC7F3980CE91CC10FAF529FC46565B15CEA854E1', | ||
| } | ||
| ]; | ||
| ] | ||
| test('kvector works', function (t) { | ||
| vectors.forEach(function (vec) { | ||
| t.test('algo: ' + vec.algo + ' key len:' + vec.key.length + ' msg:' + vec.msg, function (t) { | ||
| kvector(vec.algo, vec.r, vec.s, t, vec.key, vec.msg); | ||
| }); | ||
| }); | ||
| }); | ||
| vectors.forEach(function (vec) { | ||
| t.test('algo: ' + vec.algo + ' key len: ' + vec.key.length + ' msg: ' + vec.msg, function (t) { | ||
| kvector(vec.algo, vec.r, vec.s, t, vec.key, vec.msg) | ||
| }) | ||
| }) | ||
| }) | ||
| test('reject invalid sigs', function (t) { | ||
| var message = 'a valid message!' | ||
| var hash = Buffer.concat([ | ||
| new Buffer('302d300d06096086480165030402040500041c', 'hex'), | ||
| crypto.createHash('sha224').update(message).digest() | ||
| ]) | ||
| t.test('I create a valid sig', function (t) { | ||
| t.plan(2) | ||
| var priv = parseKeys(rsa1024.private) | ||
| var len = priv.modulus.byteLength() | ||
| var pad = [ 0, 1 ] | ||
| while (hash.length + pad.length + 1 < len) { | ||
| pad.push(0xff) | ||
| } | ||
| pad.push(0x00) | ||
| var i = -1 | ||
| while (++i < hash.length) { | ||
| pad.push(hash[i]) | ||
| } | ||
| var sign = crt(pad, priv) | ||
| t.ok(nodeCrypto.createVerify('RSA-SHA224') | ||
| .update(message) | ||
| .verify(rsa1024.public, sign), 'node accepts it') | ||
| t.ok(myCrypto.createVerify('RSA-SHA224').update(message).verify(rsa1024.public, sign), 'I accept it') | ||
| }) | ||
| t.test('invalid leading byte', function (t) { | ||
| t.plan(2) | ||
| var priv = parseKeys(rsa1024.private) | ||
| var len = priv.modulus.byteLength() | ||
| var pad = [ 0, 2 ] | ||
| while (hash.length + pad.length + 1 < len) { | ||
| pad.push(0xff) | ||
| } | ||
| pad.push(0x00) | ||
| var i = -1 | ||
| while (++i < hash.length) { | ||
| pad.push(hash[i]) | ||
| } | ||
| var sign = crt(pad, priv) | ||
| t.notOk(nodeCrypto.createVerify('RSA-SHA224') | ||
| .update(message) | ||
| .verify(rsa1024.public, sign), 'node rejects it') | ||
| t.notOk(myCrypto.createVerify('RSA-SHA224').update(message).verify(rsa1024.public, sign), 'I reject it') | ||
| }) | ||
| t.test('invalid ending bytes', function (t) { | ||
| t.plan(2) | ||
| var priv = parseKeys(rsa1024.private) | ||
| var len = priv.modulus.byteLength() | ||
| var pad = [ 0, 1 ] | ||
| while (hash.length + pad.length + 1 < len) { | ||
| pad.push(0xff) | ||
| } | ||
| pad.push(0x02) | ||
| var i = -1 | ||
| while (++i < hash.length) { | ||
| pad.push(hash[i]) | ||
| } | ||
| var sign = crt(pad, priv) | ||
| t.notOk(nodeCrypto.createVerify('RSA-SHA224') | ||
| .update(message) | ||
| .verify(rsa1024.public, sign), 'node rejects it') | ||
| t.notOk(myCrypto.createVerify('RSA-SHA224').update(message).verify(rsa1024.public, sign), 'I reject it') | ||
| }) | ||
| t.test('missing f', function (t) { | ||
| t.plan(2) | ||
| var priv = parseKeys(rsa1024.private) | ||
| var len = priv.modulus.byteLength() | ||
| var pad = [ 0, 1 ] | ||
| while (hash.length + pad.length + 2 < len) { | ||
| pad.push(0xff) | ||
| } | ||
| pad.push(0x00) | ||
| var i = -1 | ||
| while (++i < hash.length) { | ||
| pad.push(hash[i]) | ||
| } | ||
| var sign = crt(pad, priv) | ||
| t.notOk(nodeCrypto.createVerify('RSA-SHA224') | ||
| .update(message) | ||
| .verify(rsa1024.public, sign), 'node rejects it') | ||
| t.notOk(myCrypto.createVerify('RSA-SHA224').update(message).verify(rsa1024.public, sign), 'I reject it') | ||
| }) | ||
| t.test('missing f, extra data', function (t) { | ||
| t.plan(2) | ||
| var priv = parseKeys(rsa1024.private) | ||
| var len = priv.modulus.byteLength() | ||
| var pad = [ 0, 1 ] | ||
| while (hash.length + pad.length + 2 < len) { | ||
| pad.push(0xff) | ||
| } | ||
| pad.push(0x00) | ||
| var i = -1 | ||
| while (++i < hash.length) { | ||
| pad.push(hash[i]) | ||
| } | ||
| pad.push(0) | ||
| var sign = crt(pad, priv) | ||
| t.notOk(nodeCrypto.createVerify('RSA-SHA224') | ||
| .update(message) | ||
| .verify(rsa1024.public, sign), 'node rejects it') | ||
| t.notOk(myCrypto.createVerify('RSA-SHA224').update(message).verify(rsa1024.public, sign), 'I reject it') | ||
| }) | ||
| t.test('in suficent fs', function (t) { | ||
| t.plan(2) | ||
| var priv = parseKeys(rsa1024.private) | ||
| var len = priv.modulus.byteLength() | ||
| var pad = [ 0, 1 ] | ||
| var i = 7 | ||
| while (i--) { | ||
| pad.push(0xff) | ||
| } | ||
| pad.push(0x00) | ||
| i = -1 | ||
| while (++i < hash.length) { | ||
| pad.push(hash[i]) | ||
| } | ||
| pad.push(0) | ||
| var sign = crt(pad, priv) | ||
| t.notOk(nodeCrypto.createVerify('RSA-SHA224') | ||
| .update(message) | ||
| .verify(rsa1024.public, sign), 'node rejects it') | ||
| t.notOk(myCrypto.createVerify('RSA-SHA224').update(message).verify(rsa1024.public, sign), 'I reject it') | ||
| }) | ||
| }) |
118
verify.js
@@ -0,62 +1,74 @@ | ||
| 'use strict' | ||
| // much of this based on https://github.com/indutny/self-signed/blob/gh-pages/lib/rsa.js | ||
| var parseKeys = require('parse-asn1'); | ||
| var elliptic = require('elliptic'); | ||
| var bn = require('bn.js'); | ||
| module.exports = verify; | ||
| function verify(sig, hash, key) { | ||
| var pub = parseKeys(key); | ||
| var parseKeys = require('parse-asn1') | ||
| var elliptic = require('elliptic') | ||
| var curves = require('./curves') | ||
| var BN = require('bn.js') | ||
| module.exports = verify | ||
| function verify (sig, hash, key) { | ||
| var pub = parseKeys(key) | ||
| if (pub.type === 'ec') { | ||
| return ecVerify(sig, hash, pub); | ||
| return ecVerify(sig, hash, pub) | ||
| } else if (pub.type === 'dsa') { | ||
| return dsaVerify(sig, hash, pub); | ||
| return dsaVerify(sig, hash, pub) | ||
| } | ||
| var len = pub.modulus.byteLength(); | ||
| var pad = [ 0, 1 ]; | ||
| while (hash.length + pad.length + 1 < len) { | ||
| pad.push(0xff); | ||
| var len = pub.modulus.byteLength() | ||
| var pad = [ 1 ] | ||
| var padNum = 0 | ||
| while (hash.length + pad.length + 2 < len) { | ||
| pad.push(0xff) | ||
| padNum++ | ||
| } | ||
| pad.push(0x00); | ||
| var i = -1; | ||
| pad.push(0x00) | ||
| var i = -1 | ||
| while (++i < hash.length) { | ||
| pad.push(hash[i]); | ||
| pad.push(hash[i]) | ||
| } | ||
| pad = hash; | ||
| var red = bn.mont(pub.modulus); | ||
| sig = new bn(sig).toRed(red); | ||
| pad = new Buffer(pad) | ||
| var red = BN.mont(pub.modulus) | ||
| sig = new BN(sig).toRed(red) | ||
| sig = sig.redPow(new bn(pub.publicExponent)); | ||
| sig = sig.redPow(new BN(pub.publicExponent)) | ||
| sig = new Buffer(sig.fromRed().toArray()); | ||
| sig = sig.slice(sig.length - hash.length); | ||
| var out = 0; | ||
| len = sig.length; | ||
| i = -1; | ||
| sig = new Buffer(sig.fromRed().toArray()) | ||
| var out = 0 | ||
| if (padNum < 8) { | ||
| out = 1 | ||
| } | ||
| len = Math.min(sig.length, pad.length) | ||
| if (sig.length !== pad.length) { | ||
| out = 1 | ||
| } | ||
| i = -1 | ||
| while (++i < len) { | ||
| out += (sig[i] ^ hash[i]); | ||
| out |= (sig[i] ^ pad[i]) | ||
| } | ||
| return !out; | ||
| return out === 0 | ||
| } | ||
| function ecVerify(sig, hash, pub) { | ||
| var curve; | ||
| if (pub.data.algorithm.curve.join('.') === '1.3.132.0.10') { | ||
| curve = new elliptic.ec('secp256k1'); | ||
| } | ||
| var pubkey = pub.data.subjectPrivateKey.data; | ||
| return curve.verify(hash.toString('hex'), sig.toString('hex'), pubkey.toString('hex')); | ||
| function ecVerify (sig, hash, pub) { | ||
| var curveId = curves[pub.data.algorithm.curve.join('.')] | ||
| if (!curveId) | ||
| throw new Error('unknown curve ' + pub.data.algorithm.curve.join('.')) | ||
| var curve = new elliptic.ec(curveId) | ||
| var pubkey = pub.data.subjectPrivateKey.data | ||
| return curve.verify(hash.toString('hex'), sig.toString('hex'), pubkey.toString('hex')) | ||
| } | ||
| function dsaVerify(sig, hash, pub) { | ||
| var p = pub.data.p; | ||
| var q = pub.data.q; | ||
| var g = pub.data.g; | ||
| var y = pub.data.pub_key; | ||
| var unpacked = parseKeys.signature.decode(sig, 'der'); | ||
| var s = unpacked.s; | ||
| var r = unpacked.r; | ||
| checkValue(s, q); | ||
| checkValue(r, q); | ||
| var montq = bn.mont(q); | ||
| var montp = bn.mont(p); | ||
| var w = s.invm(q); | ||
| function dsaVerify (sig, hash, pub) { | ||
| var p = pub.data.p | ||
| var q = pub.data.q | ||
| var g = pub.data.g | ||
| var y = pub.data.pub_key | ||
| var unpacked = parseKeys.signature.decode(sig, 'der') | ||
| var s = unpacked.s | ||
| var r = unpacked.r | ||
| checkValue(s, q) | ||
| checkValue(r, q) | ||
| var montq = BN.mont(q) | ||
| var montp = BN.mont(p) | ||
| var w = s.invm(q) | ||
| var v = g.toRed(montp) | ||
| .redPow(new bn(hash).mul(w).mod(q)) | ||
| .redPow(new BN(hash).mul(w).mod(q)) | ||
| .fromRed() | ||
@@ -67,12 +79,12 @@ .mul( | ||
| .fromRed() | ||
| ).mod(p).mod(q); | ||
| return !v.cmp(r); | ||
| ).mod(p).mod(q) | ||
| return !v.cmp(r) | ||
| } | ||
| function checkValue(b, q) { | ||
| function checkValue (b, q) { | ||
| if (b.cmpn(0) <= 0) { | ||
| throw new Error('invalid sig'); | ||
| throw new Error('invalid sig') | ||
| } | ||
| if (b.cmp(q) >= q) { | ||
| throw new Error('invalid sig'); | ||
| throw new Error('invalid sig') | ||
| } | ||
| } | ||
| } |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by3.09%
48794
- Lines of code
- increased by15.51%
864
Worsened metrics
- Dependency count
- increased by40%
7
- Number of medium supply chain risk alerts
- increased byInfinity%
1
Dependency changes
+ Addedcreate-hash@^1.1.0
+ Addedcreate-hmac@^1.1.2
+ Addedasn1.js@2.2.1(transitive)
+ Addedbrowserify-aes@1.2.0(transitive)
+ Addedbrowserify-rsa@2.0.1(transitive)
+ Addedbuffer-xor@1.0.3(transitive)
+ Addedcipher-base@1.0.4(transitive)
+ Addedcreate-hash@1.2.0(transitive)
+ Addedcreate-hmac@1.1.7(transitive)
+ Addedevp_bytestokey@1.0.3(transitive)
+ Addedhash-base@3.1.0(transitive)
+ Addedmd5.js@1.3.5(transitive)
+ Addedparse-asn1@3.0.2(transitive)
+ Addedpbkdf2@3.1.2(transitive)
+ Addedrandombytes@2.1.0(transitive)
+ Addedreadable-stream@3.6.2(transitive)
+ Addedripemd160@2.0.2(transitive)
+ Addedsafe-buffer@5.2.1(transitive)
+ Addedsha.js@2.4.11(transitive)
+ Addedstring_decoder@1.3.0(transitive)
+ Addedutil-deprecate@1.0.2(transitive)
- Removedasn1.js@1.0.6(transitive)
- Removedasn1.js-rfc3280@1.0.0(transitive)
- Removedbrowserify-rsa@1.1.1(transitive)
- Removedparse-asn1@2.0.0(transitive)
- Removedpemstrip@0.0.1(transitive)
Updatedbrowserify-rsa@^2.0.0
Updatedparse-asn1@^3.0.0