Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

provenance: signed verifies!

  • Loading branch information...
commit 8d98e9da2c2fff7e8024e300b945e2d2325afd6b 1 parent 4516c37
Astro authored June 10, 2011
20  lib/ostatus/salmon.js
@@ -108,10 +108,10 @@ function _grabKey(jrd) {
108 108
 
109 109
 // Assemble the signature base string
110 110
 function baseString(data, data_type, encoding, alg) {
111  
-    return [data,
112  
-	    base64url_encode(data_type, 'ascii'),
113  
-	    base64url_encode(encoding, 'ascii'),
114  
-	    base64url_encode(alg, 'ascii')
  111
+    return [base64url_encode(data),
  112
+	    base64url_encode(data_type),
  113
+	    base64url_encode(encoding),
  114
+	    base64url_encode(alg)
115 115
 	   ].join('.');
116 116
 }
117 117
 
@@ -134,16 +134,16 @@ function generateSignature(me, privKey) {
134 134
 }
135 135
 
136 136
 function verifySignature(me, sig, pubKey) {
137  
-    var m = baseString(me.data, me.data_type,
138  
-		       me.encoding || 'base64url',
139  
-		       me.alg || 'RSA-SHA256');
140  
-
141 137
     var match;
142  
-    if ((match = pubKey.match(/^RSA\.([^\.]+)\.([^\.]+)$/)))
  138
+    if ((match = pubKey.match(/^RSA\.([^\.]+)\.([^\.]+)$/))) {
  139
+	var m = baseString(me.data, me.data_type,
  140
+			   me.encoding || 'base64url',
  141
+			   me.alg || 'RSA-SHA256');
143 142
 	return Provenance.verifyRSASHA256(m, sig,
144 143
 					  { n: base64url_decode(match[1]),
145 144
 					    e: base64url_decode(match[2])
146 145
 					  });
  146
+    }
147 147
     else
148 148
 	throw TypeError('Invalid public key');
149 149
 }
@@ -154,7 +154,7 @@ function base64url_decode(input) {
154 154
 
155 155
 // Encode to Base64url and removing padding (as per salmon spec)
156 156
 function base64url_encode(input) {
157  
-    return input.toString('base64').replace(/\+/g, '-').replace(/\//g, '_').replace(/\=/g, '');
  157
+    return new Buffer(input).toString('base64').replace(/\+/g, '-').replace(/\//g, '_').replace(/\=/g, '');
158 158
 }
159 159
 
160 160
 exports.unpack = unpack; 
38  src/provenance.cc
@@ -74,10 +74,23 @@ static Handle<Value> bnToBinary(BIGNUM *bn) {
74 74
 }
75 75
 
76 76
 static BIGNUM *binaryToBn(Handle<Value> &bin) {
77  
-  ssize_t len = DecodeBytes(bin);
78  
-  unsigned char *buf = new unsigned char[len];
79  
-  BIGNUM *result = BN_bin2bn(buf, len, NULL);
80  
-  delete[] buf;
  77
+  BIGNUM *result = NULL;
  78
+
  79
+  if (Buffer::HasInstance(bin)) {
  80
+    /* Copy only once for Buffer */
  81
+    Local<Object> buf = bin->ToObject();
  82
+    result = BN_bin2bn((unsigned char *)Buffer::Data(buf), Buffer::Length(buf), NULL);
  83
+
  84
+  } else {
  85
+    ssize_t len = DecodeBytes(bin);
  86
+    if (len >= 0) {
  87
+      unsigned char *buf = new unsigned char[len];
  88
+      len = DecodeWrite((char *)buf, len, bin);
  89
+      result = BN_bin2bn(buf, len, NULL);
  90
+      delete[] buf;
  91
+    }
  92
+  }
  93
+
81 94
   return result;
82 95
 }
83 96
 
@@ -181,6 +194,10 @@ static Handle<Value> SignRSASHA256(const Arguments &args) {
181 194
     Local<Value> exception = Exception::Error(String::New("Cannot sign"));
182 195
     return ThrowException(exception);
183 196
   }
  197
+  printf("sig:");
  198
+  for(int i=0; i < sigLen;i++)
  199
+    printf(" %02X",sig[i]);
  200
+  printf("\n");
184 201
   Handle<Value> sigResult = makeBuffer(sig, sigLen);
185 202
 
186 203
   EVP_PKEY_free(pkey);
@@ -203,7 +220,7 @@ static Handle<Value> VerifyRSASHA256(const Arguments &args) {
203 220
       return ThrowException(exception);
204 221
   }
205 222
   Handle<Value> m = args[0];
206  
-  Handle<Value> sig = args[1];
  223
+  Handle<Object> sig = args[1]->ToObject();
207 224
   Handle<Object> pubKey = args[2]->ToObject();
208 225
 
209 226
   /* Prepare verification */
@@ -235,12 +252,11 @@ static Handle<Value> VerifyRSASHA256(const Arguments &args) {
235 252
   EVP_PKEY_set1_RSA(pkey, rsa);
236 253
 
237 254
   /* Pass sig */
238  
-  /* TODO: for buffers, this could be zero-copy */
239  
-  ssize_t sigLen = DecodeBytes(sig);
240  
-  char *sigBuf = new char[sigLen];
241  
-  sigLen = DecodeWrite(sigBuf, sigLen, sig);
242  
-  int status = EVP_VerifyFinal(&mdctx, (unsigned char *)sigBuf, sigLen, pkey);
243  
-  delete[] sigBuf;
  255
+  /*printf("vsig:");
  256
+  for(int i=0; i < sigLen;i++)
  257
+    printf(" %02X",sigBuf[i]);
  258
+  printf("\n");*/
  259
+  int status = EVP_VerifyFinal(&mdctx, (unsigned char *)Buffer::Data(sig), Buffer::Length(sig), pkey);
244 260
 
245 261
   EVP_PKEY_free(pkey);
246 262
 
2  tests/test_salmon.js
@@ -20,6 +20,7 @@ Vows.describe('Salmon').addBatch({
20 20
 		    topic: function() {
21 21
 			this.me = { data: 'Hello World',
22 22
 				    data_type: 'application/test' };
  23
+console.log({sign:[this.me,this.key.private]})
23 24
 			this.sig = Salmon.generateSignature(this.me, this.key.private);
24 25
 			this.callback();
25 26
 		    },
@@ -28,6 +29,7 @@ Vows.describe('Salmon').addBatch({
28 29
 		    },
29 30
 		    'can be verified': {
30 31
 			topic: function() {
  32
+console.log({verify:[this.me,this.sig,this.key.public]})
31 33
 			    this.verified = Salmon.verifySignature(this.me, this.sig, this.key.public);
32 34
 			    this.callback();
33 35
 			},

0 notes on commit 8d98e9d

Please sign in to comment.
Something went wrong with that request. Please try again.