@filemap/events-sdk/dist/services/signature-verifier.service.js

SDK for Filemap events. Desktop client for Filemap dev server.

"use strict";
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
    return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
var __param = (this && this.__param) || function (paramIndex, decorator) {
    return function (target, key) { decorator(target, key, paramIndex); }
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.SignatureVerifierService = void 0;
const tsyringe_1 = require("tsyringe");
const crypto_1 = require("crypto");
const key_manager_service_1 = require("./key-manager.service");
const logger_service_1 = require("./logger.service");
const signature_format_converter_1 = require("../utils/signature-format-converter");
let SignatureVerifierService = class SignatureVerifierService {
    keyManager;
    logger;
    constructor(keyManager, logger) {
        this.keyManager = keyManager;
        this.logger = logger;
    }
    verify(payload, signatureB64, referrer) {
        const keyData = this.keyManager.getKey(referrer);
        if (!keyData?.publicKey) {
            this.logger.debug(`No public key available for referrer ${referrer} - cannot verify signature`);
            return { isValid: false };
        }
        try {
            const spkiDer = Buffer.from(keyData.publicKey, 'base64');
            const publicKey = (0, crypto_1.createPublicKey)({
                key: spkiDer,
                format: 'der',
                type: 'spki'
            });
            const derSignature = (0, signature_format_converter_1.ieeeP1363ToDer)(signatureB64);
            const data = Buffer.from(JSON.stringify(payload));
            const verifier = (0, crypto_1.createVerify)('sha256');
            verifier.update(data);
            verifier.end();
            const ok = verifier.verify(publicKey, derSignature, 'base64');
            if (!ok) {
                this.logger.debug(`Signature verification failed for referrer ${referrer}`);
                return { isValid: false };
            }
            return { isValid: true, referrer };
        }
        catch (err) {
            this.logger.debug(`Signature verification threw for ${referrer}: ${err.message}`);
            return { isValid: false };
        }
    }
};
exports.SignatureVerifierService = SignatureVerifierService;
exports.SignatureVerifierService = SignatureVerifierService = __decorate([
    (0, tsyringe_1.singleton)(),
    (0, tsyringe_1.injectable)(),
    __param(0, (0, tsyringe_1.inject)(key_manager_service_1.KeyManager)),
    __param(1, (0, tsyringe_1.inject)(logger_service_1.Logger)),
    __metadata("design:paramtypes", [key_manager_service_1.KeyManager,
        logger_service_1.Logger])
], SignatureVerifierService);
//# sourceMappingURL=signature-verifier.service.js.map