provenance: signed verifies!

astro · Jun 18, 2011 · 8d98e9d · 8d98e9d
1 parent 4516c37
commit 8d98e9d
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 21 deletions.
diff --git a/lib/ostatus/salmon.js b/lib/ostatus/salmon.js
@@ -108,10 +108,10 @@ function _grabKey(jrd) {
 
 // Assemble the signature base string
 function baseString(data, data_type, encoding, alg) {
-    return [data,
-	    base64url_encode(data_type, 'ascii'),
-	    base64url_encode(encoding, 'ascii'),
-	    base64url_encode(alg, 'ascii')
+    return [base64url_encode(data),
+	    base64url_encode(data_type),
+	    base64url_encode(encoding),
+	    base64url_encode(alg)
 	   ].join('.');
 }
 
@@ -134,16 +134,16 @@ function generateSignature(me, privKey) {
 }
 
 function verifySignature(me, sig, pubKey) {
-    var m = baseString(me.data, me.data_type,
-		       me.encoding || 'base64url',
-		       me.alg || 'RSA-SHA256');
-
     var match;
-    if ((match = pubKey.match(/^RSA\.([^\.]+)\.([^\.]+)$/)))
+    if ((match = pubKey.match(/^RSA\.([^\.]+)\.([^\.]+)$/))) {
+	var m = baseString(me.data, me.data_type,
+			   me.encoding || 'base64url',
+			   me.alg || 'RSA-SHA256');
 	return Provenance.verifyRSASHA256(m, sig,
 					  { n: base64url_decode(match[1]),
 					    e: base64url_decode(match[2])
 					  });
+    }
     else
 	throw TypeError('Invalid public key');
 }
@@ -154,7 +154,7 @@ function base64url_decode(input) {
 
 // Encode to Base64url and removing padding (as per salmon spec)
 function base64url_encode(input) {
-    return input.toString('base64').replace(/\+/g, '-').replace(/\//g, '_').replace(/\=/g, '');
+    return new Buffer(input).toString('base64').replace(/\+/g, '-').replace(/\//g, '_').replace(/\=/g, '');
 }
 
 exports.unpack = unpack; 

diff --git a/src/provenance.cc b/src/provenance.cc
@@ -74,10 +74,23 @@ static Handle<Value> bnToBinary(BIGNUM *bn) {
 }
 
 static BIGNUM *binaryToBn(Handle<Value> &bin) {
-  ssize_t len = DecodeBytes(bin);
-  unsigned char *buf = new unsigned char[len];
-  BIGNUM *result = BN_bin2bn(buf, len, NULL);
-  delete[] buf;
+  BIGNUM *result = NULL;
+
+  if (Buffer::HasInstance(bin)) {
+    /* Copy only once for Buffer */
+    Local<Object> buf = bin->ToObject();
+    result = BN_bin2bn((unsigned char *)Buffer::Data(buf), Buffer::Length(buf), NULL);
+
+  } else {
+    ssize_t len = DecodeBytes(bin);
+    if (len >= 0) {
+      unsigned char *buf = new unsigned char[len];
+      len = DecodeWrite((char *)buf, len, bin);
+      result = BN_bin2bn(buf, len, NULL);
+      delete[] buf;
+    }
+  }
+
   return result;
 }
 
@@ -181,6 +194,10 @@ static Handle<Value> SignRSASHA256(const Arguments &args) {
     Local<Value> exception = Exception::Error(String::New("Cannot sign"));
     return ThrowException(exception);
   }
+  printf("sig:");
+  for(int i=0; i < sigLen;i++)
+    printf(" %02X",sig[i]);
+  printf("\n");
   Handle<Value> sigResult = makeBuffer(sig, sigLen);
 
   EVP_PKEY_free(pkey);
@@ -203,7 +220,7 @@ static Handle<Value> VerifyRSASHA256(const Arguments &args) {
       return ThrowException(exception);
   }
   Handle<Value> m = args[0];
-  Handle<Value> sig = args[1];
+  Handle<Object> sig = args[1]->ToObject();
   Handle<Object> pubKey = args[2]->ToObject();
 
   /* Prepare verification */
@@ -235,12 +252,11 @@ static Handle<Value> VerifyRSASHA256(const Arguments &args) {
   EVP_PKEY_set1_RSA(pkey, rsa);
 
   /* Pass sig */
-  /* TODO: for buffers, this could be zero-copy */
-  ssize_t sigLen = DecodeBytes(sig);
-  char *sigBuf = new char[sigLen];
-  sigLen = DecodeWrite(sigBuf, sigLen, sig);
-  int status = EVP_VerifyFinal(&mdctx, (unsigned char *)sigBuf, sigLen, pkey);
-  delete[] sigBuf;
+  /*printf("vsig:");
+  for(int i=0; i < sigLen;i++)
+    printf(" %02X",sigBuf[i]);
+  printf("\n");*/
+  int status = EVP_VerifyFinal(&mdctx, (unsigned char *)Buffer::Data(sig), Buffer::Length(sig), pkey);
 
   EVP_PKEY_free(pkey);
 

diff --git a/tests/test_salmon.js b/tests/test_salmon.js
@@ -20,6 +20,7 @@ Vows.describe('Salmon').addBatch({
 		    topic: function() {
 			this.me = { data: 'Hello World',
 				    data_type: 'application/test' };
+console.log({sign:[this.me,this.key.private]})
 			this.sig = Salmon.generateSignature(this.me, this.key.private);
 			this.callback();
 		    },
@@ -28,6 +29,7 @@ Vows.describe('Salmon').addBatch({
 		    },
 		    'can be verified': {
 			topic: function() {
+console.log({verify:[this.me,this.sig,this.key.public]})
 			    this.verified = Salmon.verifySignature(this.me, this.sig, this.key.public);
 			    this.callback();
 			},