Make pss_encode and pss_verify take already hashed buffers

roblabla · roblabla · commit e4164d715896 · 2016-06-26T15:19:56.000+02:00
diff --git a/src/schemes/pss.js b/src/schemes/pss.js
@@ -31,7 +31,11 @@ module.exports.makeScheme = function (key, options) {
     }
 
     Scheme.prototype.sign = function (buffer) {
-        var encoded = this.emsa_pss_encode(buffer, this.key.keySize - 1);
+        var mHash = crypt.createHash(this.options.signingSchemeOptions.hash || DEFAULT_HASH_FUNCTION);
+        mHash.update(buffer);
+        mHash = mHash.digest();
+
+        var encoded = this.emsa_pss_encode(mHash, this.key.keySize - 1);
         var res = this.key.$doPrivate(new BigInteger(encoded)).toBuffer(this.key.encryptedDataLength);
         return res;
     };
@@ -45,17 +49,21 @@ module.exports.makeScheme = function (key, options) {
         var emLen = Math.ceil((this.key.keySize - 1) / 8);
         var m = this.key.$doPublic(signature).toBuffer(emLen);
 
-        return this.emsa_pss_verify(buffer, m, this.key.keySize - 1);
+        var mHash = crypt.createHash(this.options.signingSchemeOptions.hash || DEFAULT_HASH_FUNCTION);
+        mHash.update(buffer);
+        mHash = mHash.digest();
+
+        return this.emsa_pss_verify(mHash.digest(), m, this.key.keySize - 1);
     };
 
     /*
      * https://tools.ietf.org/html/rfc3447#section-9.1.1
      *
-     * M		[Buffer]	Message to encode
+     * mHash		[Buffer]	Hashed message to encode
      * emBits	[uint]		Maximum length of output in bits. Must be at least 8hLen + 8sLen + 9 (hLen = Hash digest length in bytes | sLen = length of salt in bytes)
      * @returns {Buffer} The encoded message
      */
-    Scheme.prototype.emsa_pss_encode = function (M, emBits) {
+    Scheme.prototype.emsa_pss_encode = function (mHash, emBits) {
         var hash = this.options.signingSchemeOptions.hash || DEFAULT_HASH_FUNCTION;
         var mgf = this.options.signingSchemeOptions.mgf || OAEP.eme_oaep_mgf1;
         var sLen = this.options.signingSchemeOptions.saltLength || DEFAULT_SALT_LENGTH;
@@ -70,10 +78,6 @@ module.exports.makeScheme = function (key, options) {
             );
         }
 
-        var mHash = crypt.createHash(hash);
-        mHash.update(M);
-        mHash = mHash.digest();
-
         var salt = crypt.randomBytes(sLen);
 
         var Mapostrophe = new Buffer(8 + hLen + sLen);
@@ -116,12 +120,12 @@ module.exports.makeScheme = function (key, options) {
     /*
      * https://tools.ietf.org/html/rfc3447#section-9.1.2
      *
-     * M		[Buffer]	Message
+     * mHash		[Buffer]	Hashed message
      * EM		[Buffer]	Signature
      * emBits	[uint]		Length of EM in bits. Must be at least 8hLen + 8sLen + 9 to be a valid signature. (hLen = Hash digest length in bytes | sLen = length of salt in bytes)
      * @returns {Boolean} True if signature(EM) matches message(M)
      */
-    Scheme.prototype.emsa_pss_verify = function (M, EM, emBits) {
+    Scheme.prototype.emsa_pss_verify = function (mHash, EM, emBits) {
         var hash = this.options.signingSchemeOptions.hash || DEFAULT_HASH_FUNCTION;
         var mgf = this.options.signingSchemeOptions.mgf || OAEP.eme_oaep_mgf1;
         var sLen = this.options.signingSchemeOptions.saltLength || DEFAULT_SALT_LENGTH;
@@ -172,10 +176,6 @@ module.exports.makeScheme = function (key, options) {
 
         var salt = DB.slice(DB.length - sLen);
 
-        var mHash = crypt.createHash(hash);
-        mHash.update(M);
-        mHash = mHash.digest();
-
         var Mapostrophe = new Buffer(8 + hLen + sLen);
         Mapostrophe.fill(0, 0, 8);
         mHash.copy(Mapostrophe, 8);
@@ -189,4 +189,4 @@ module.exports.makeScheme = function (key, options) {
     };
 
     return new Scheme(key, options);
-};
+};
