@alessiofrittoli/crypto-signature
Version:
Lightweight TypeScript Signatures library
2 lines (1 loc) • 3.96 kB
JavaScript
"use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } function _optionalChain(ops) { let lastAccessLHS = undefined; let value = ops[0]; let i = 1; while (i < ops.length) { const op = ops[i]; const fn = ops[i + 1]; i += 2; if ((op === 'optionalAccess' || op === 'optionalCall') && value == null) { return undefined; } if (op === 'access' || op === 'optionalAccess') { lastAccessLHS = value; value = fn(value); } else if (op === 'call' || op === 'optionalCall') { value = fn((...args) => value.call(lastAccessLHS, ...args)); lastAccessLHS = undefined; } } return value; }var _chunkGALYPWJAjs = require('./chunk-GALYPWJA.js');var _crypto = require('crypto'); var _crypto2 = _interopRequireDefault(_crypto);var _Hmac = require('@alessiofrittoli/crypto-key/Hmac');var _cryptoalgorithm = require('@alessiofrittoli/crypto-algorithm');var _exception = require('@alessiofrittoli/exception');var _coercion = require('@alessiofrittoli/crypto-buffer/coercion');var c=class c{static sign(s,f,a=c.Algorithm){if(!s)throw new (0, _exception.Exception)("No data to sign has been provided.",{code:_chunkGALYPWJAjs.b.Exception.EMPTY_VALUE});if(!f)throw new (0, _exception.Exception)("No Private Key has been provided.",{code:_chunkGALYPWJAjs.b.Signature.NO_PRIVATEKEY});let S=c.jwkAlgToHash(a),d=_coercion.coerceToUint8Array.call(void 0, s);if(!S)throw new (0, _exception.Exception)("Invalid JWK Algorithm name.",{code:_chunkGALYPWJAjs.b.Signature.INVALID_JWKNAME});try{if(a.startsWith("HS")){let e=f;return e=e instanceof CryptoKey?_crypto2.default.KeyObject.from(e):e,_Hmac.Hmac.digest(d,e,S)}if(a==="EdDSA"){let e=f;return e=e instanceof CryptoKey?_crypto2.default.KeyObject.from(e):e,_crypto2.default.sign(null,d,e)}let i=f;i=i instanceof CryptoKey?_crypto2.default.KeyObject.from(i):i;let g=_crypto2.default.createSign(S);return g.write(d),g.end(),g.sign(i)}catch(i){throw new (0, _exception.Exception)("An error occured while creating the signature.",{code:_chunkGALYPWJAjs.b.Exception.UNKNOWN,cause:i})}}static isValid(s,f,a,S=c.Algorithm){if(!s)throw new (0, _exception.Exception)("No signature provided.",{code:_chunkGALYPWJAjs.b.Signature.NO_SIGN});if(!f)throw new (0, _exception.Exception)("The signed data is needed for integrity controls.",{code:_chunkGALYPWJAjs.b.Exception.EMPTY_VALUE});if(!a)throw new (0, _exception.Exception)("No Public Key has been provided.",{code:_chunkGALYPWJAjs.b.Signature.NO_PUBLICKEY});let d=c.jwkAlgToHash(S);if(!d)throw new (0, _exception.Exception)("Invalid JWK Algorithm name.",{code:_chunkGALYPWJAjs.b.Signature.INVALID_JWKNAME});let i=_coercion.coerceToUint8Array.call(void 0, s),g=_coercion.coerceToUint8Array.call(void 0, f);try{if(S.startsWith("HS")){let o=a;if(o=o instanceof CryptoKey?_crypto2.default.KeyObject.from(o):o,!_Hmac.Hmac.isValid(Buffer.from(i),g,o,d))throw new (0, _exception.Exception)("Invalid signature.",{code:_chunkGALYPWJAjs.b.Signature.INVALID_SIGN});return!0}if(S==="EdDSA"){let o=a;if(o=o instanceof CryptoKey?_crypto2.default.KeyObject.from(o):o,!_crypto2.default.verify(null,g,o,i))throw new (0, _exception.Exception)("Invalid signature.",{code:_chunkGALYPWJAjs.b.Signature.INVALID_SIGN});return!0}let e=a;e=e instanceof CryptoKey?_crypto2.default.KeyObject.from(e):e;let A=_crypto2.default.createVerify(d);if(A.write(g),A.end(),!A.verify(e,i))throw new (0, _exception.Exception)("Invalid signature.",{code:_chunkGALYPWJAjs.b.Signature.INVALID_SIGN});return!0}catch(e){throw _exception.Exception.isException(e)?e:new (0, _exception.Exception)("An error occured while verifying the signature.",{code:_chunkGALYPWJAjs.b.Exception.UNKNOWN,cause:e})}}static jwkAlgToHash(s){return _optionalChain([_cryptoalgorithm.Algorithm, 'access', _ => _.by, 'call', _2 => _2({jwkAlg:s}), 'optionalAccess', _3 => _3.hash])}};c.Algorithm="HS256",c.HashDigest="SHA-256";var y=c;exports.Signature = y;