Página Principal Explorar Ajuda
Registe-se Iniciar Sessão
bxf
/
ducha-qianduan
1
0
Fork 0
Ficheiros Problemas 0 Pull Requests 0 Wiki
Árvore: 3218c5aae3
Ramos Etiquetas
ducha-qianduan
/
node_modules
/
browserify-sign
/
browser
/
verify.js

verify.js 2.4 KB
Histórico Em bruto

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384 
  1. // much of this based on https://github.com/indutny/self-signed/blob/gh-pages/lib/rsa.js
    2. 

  2. var Buffer = require('safe-buffer').Buffer
    3. 

  3. var BN = require('bn.js')
    4. 

  4. var EC = require('elliptic').ec
    5. 

  5. var parseKeys = require('parse-asn1')
    6. 

  6. var curves = require('./curves.json')
    7. 

  7. 

  8. function verify (sig, hash, key, signType, tag) {
    9. 

  9.   var pub = parseKeys(key)
    10. 

  10.   if (pub.type === 'ec') {
    11. 

  11.     // rsa keys can be interpreted as ecdsa ones in openssl
    12. 

  12.     if (signType !== 'ecdsa' && signType !== 'ecdsa/rsa') throw new Error('wrong public key type')
    13. 

  13.     return ecVerify(sig, hash, pub)
    14. 

  14.   } else if (pub.type === 'dsa') {
    15. 

  15.     if (signType !== 'dsa') throw new Error('wrong public key type')
    16. 

  16.     return dsaVerify(sig, hash, pub)
    17. 

  17.   } else {
    18. 

  18.     if (signType !== 'rsa' && signType !== 'ecdsa/rsa') throw new Error('wrong public key type')
    19. 

  19.   }
    20. 

  20.   hash = Buffer.concat([tag, hash])
    21. 

  21.   var len = pub.modulus.byteLength()
    22. 

  22.   var pad = [1]
    23. 

  23.   var padNum = 0
    24. 

  24.   while (hash.length + pad.length + 2 < len) {
    25. 

  25.     pad.push(0xff)
    26. 

  26.     padNum++
    27. 

  27.   }
    28. 

  28.   pad.push(0x00)
    29. 

  29.   var i = -1
    30. 

  30.   while (++i < hash.length) {
    31. 

  31.     pad.push(hash[i])
    32. 

  32.   }
    33. 

  33.   pad = Buffer.from(pad)
    34. 

  34.   var red = BN.mont(pub.modulus)
    35. 

  35.   sig = new BN(sig).toRed(red)
    36. 

  36. 

  37.   sig = sig.redPow(new BN(pub.publicExponent))
    38. 

  38.   sig = Buffer.from(sig.fromRed().toArray())
    39. 

  39.   var out = padNum < 8 ? 1 : 0
    40. 

  40.   len = Math.min(sig.length, pad.length)
    41. 

  41.   if (sig.length !== pad.length) out = 1
    42. 

  42. 

  43.   i = -1
    44. 

  44.   while (++i < len) out |= sig[i] ^ pad[i]
    45. 

  45.   return out === 0
    46. 

  46. }
    47. 

  47. 

  48. function ecVerify (sig, hash, pub) {
    49. 

  49.   var curveId = curves[pub.data.algorithm.curve.join('.')]
    50. 

  50.   if (!curveId) throw new Error('unknown curve ' + pub.data.algorithm.curve.join('.'))
    51. 

  51. 

  52.   var curve = new EC(curveId)
    53. 

  53.   var pubkey = pub.data.subjectPrivateKey.data
    54. 

  54. 

  55.   return curve.verify(hash, sig, pubkey)
    56. 

  56. }
    57. 

  57. 

  58. function dsaVerify (sig, hash, pub) {
    59. 

  59.   var p = pub.data.p
    60. 

  60.   var q = pub.data.q
    61. 

  61.   var g = pub.data.g
    62. 

  62.   var y = pub.data.pub_key
    63. 

  63.   var unpacked = parseKeys.signature.decode(sig, 'der')
    64. 

  64.   var s = unpacked.s
    65. 

  65.   var r = unpacked.r
    66. 

  66.   checkValue(s, q)
    67. 

  67.   checkValue(r, q)
    68. 

  68.   var montp = BN.mont(p)
    69. 

  69.   var w = s.invm(q)
    70. 

  70.   var v = g.toRed(montp)
    71. 

  71.     .redPow(new BN(hash).mul(w).mod(q))
    72. 

  72.     .fromRed()
    73. 

  73.     .mul(y.toRed(montp).redPow(r.mul(w).mod(q)).fromRed())
    74. 

  74.     .mod(p)
    75. 

  75.     .mod(q)
    76. 

  76.   return v.cmp(r) === 0
    77. 

  77. }
    78. 

  78. 

  79. function checkValue (b, q) {
    80. 

  80.   if (b.cmpn(0) <= 0) throw new Error('invalid sig')
    81. 

  81.   if (b.cmp(q) >= q) throw new Error('invalid sig')
    82. 

  82. }
    83. 

  83. 

  84. module.exports = verify
    85.