-
Notifications
You must be signed in to change notification settings - Fork 24
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
13 changed files
with
213 additions
and
207 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
# EditorConfig is awesome: http://EditorConfig.org | ||
root = true | ||
|
||
[*] | ||
indent_style = space | ||
indent_size = 2 | ||
end_of_line = lf | ||
insert_final_newline = true |
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
/* jshint esversion: 6 */ | ||
/* jslint node: true */ | ||
'use strict'; | ||
|
||
const HeaderParameters = { | ||
'alg': 1, | ||
'crit': 2, | ||
'content_type': 3, | ||
'kid': 4, | ||
'IV': 5, | ||
'Partial_IV': 6, | ||
'counter_signature': 7 | ||
}; | ||
|
||
exports.TranslateHeaders = function (header) { | ||
const result = new Map(); | ||
for (var param in header) { | ||
if (!HeaderParameters[param]) { | ||
throw new Error('Unknown parameter, ' + param); | ||
} | ||
result.set(HeaderParameters[param], header[param]); | ||
} | ||
return result; | ||
}; | ||
|
||
exports.HeaderParameters = HeaderParameters; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
/* jshint esversion: 6 */ | ||
/* jslint node: true */ | ||
'use strict'; | ||
|
||
exports.common = require('./common'); | ||
exports.mac = require('./mac'); | ||
exports.sign = require('./sign'); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,79 @@ | ||
/* jshint esversion: 6 */ | ||
/* jslint node: true */ | ||
'use strict'; | ||
|
||
const cbor = require('cbor'); | ||
const crypto = require('crypto'); | ||
const Promise = require('any-promise'); | ||
const common = require('./common'); | ||
|
||
const AlgTags = { | ||
// "SHA-256_64":4, | ||
// TODO implement truncation | ||
'SHA-256': 5, | ||
'SHA-384': 6, | ||
'SHA-512': 7 | ||
}; | ||
|
||
// TODO content type map? | ||
|
||
function doMac (context, hProtected, externalAAD, payload, alg, key) { | ||
return new Promise((resolve, reject) => { | ||
const MACstructure = [ | ||
context, // "MAC0", // context | ||
hProtected, // protected | ||
externalAAD, // bstr, | ||
payload // bstr | ||
]; | ||
const ToBeMaced = cbor.encode(MACstructure); | ||
|
||
const hmac = crypto.createHmac(alg, key);// TODO make algorithm dynamic | ||
hmac.end(ToBeMaced, function () { | ||
resolve(hmac.read()); | ||
}); | ||
}); | ||
} | ||
|
||
exports.create = function (protIn, unprotected, payload, key, externalAAD) { | ||
externalAAD = externalAAD || null; // TODO default to zero length binary string | ||
const hProtected = common.TranslateHeaders(protIn); | ||
|
||
if (protIn.alg && AlgTags[protIn.alg]) { | ||
hProtected.set(common.HeaderParameters.alg, AlgTags[protIn.alg]); | ||
} else { | ||
// TODO return better error | ||
throw new Error('Alg is mandatory and must have a known value'); | ||
} | ||
// TODO handle empty map -> convert to zero length bstr | ||
// TODO check crit headers | ||
return doMac('MAC0', hProtected, externalAAD, payload, 'sha256', key) | ||
.then((tag) => { | ||
return cbor.encode([hProtected, unprotected, payload, tag]); | ||
}); | ||
}; | ||
|
||
exports.read = function (data, key, externalAAD) { | ||
externalAAD = externalAAD || null; | ||
|
||
return cbor.decodeFirst(data) | ||
.then((obj) => { | ||
const hProtected = obj[0]; | ||
// const unprotected = obj[1]; | ||
const payload = obj[2]; | ||
const tag = obj[3]; | ||
|
||
// TODO validate protected header | ||
return doMac('MAC0', hProtected, externalAAD, payload, 'sha256', key) | ||
.then((calcTag) => { | ||
// TODO: why was this here? Make sure it's not needed anymore and | ||
// delete, along with unprotected above. | ||
// const encoded = cbor.encode([hProtected, unprotected, payload, tag]); | ||
|
||
if (tag.toString('hex') !== calcTag.toString('hex')) { | ||
throw new Error('Tag mismatch'); | ||
} | ||
|
||
return payload; | ||
}); | ||
}); | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
/* jshint esversion: 6 */ | ||
/* jslint node: true */ | ||
'use strict'; | ||
|
||
const cbor = require('cbor'); | ||
const WebCrypto = require('node-webcrypto-ossl'); | ||
const crypto = new WebCrypto(); | ||
const common = require('./common'); | ||
|
||
function toArrayBuffer (buf) { | ||
return Uint8Array.from(buf).buffer; | ||
} | ||
|
||
function toBuffer (ab) { | ||
return Buffer.from(ab); | ||
} | ||
|
||
exports.create = function (Headers, payload, key, externalAAD) { | ||
const protHeader = common.TranslateHeaders(Headers.prot); | ||
const cborProtHeader = cbor.encode(protHeader); // TODO handle empty header? | ||
const SigStructure = [ | ||
'Signature1', | ||
cborProtHeader, | ||
externalAAD, | ||
payload | ||
]; | ||
|
||
const ToBeSigned = toArrayBuffer(cbor.encode(SigStructure)); | ||
|
||
// TODO read alg and act on it | ||
return crypto.subtle.sign({ | ||
name: 'ECDSA', | ||
hash: {name: 'SHA-256'} | ||
}, | ||
key.privateKey, | ||
ToBeSigned) | ||
.then((signature) => { | ||
return cbor.encode([ | ||
cborProtHeader, | ||
Headers.unprot, | ||
payload, | ||
toBuffer(signature) | ||
]); | ||
}); | ||
}; | ||
|
||
/* | ||
return crypto.subtle.verify({ | ||
name: "ECDSA", | ||
hash: {name: "SHA-256"}}, | ||
publicKey, //from generateKey or importKey above | ||
signature, //ArrayBuffer of the signature | ||
data) //ArrayBuffer of the data | ||
*/ |
Oops, something went wrong.