@ltonetwork/http-message-signatures/lib/verify.js

Implementation of the IETF HTTP Message Signatures draft standard

"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
    return new (P || (P = Promise))(function (resolve, reject) {
        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
        step((generator = generator.apply(thisArg, _arguments || [])).next());
    });
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.verifyWithLTO = verifyWithLTO;
exports.verify = verify;
const parse_1 = require("./parse");
const build_1 = require("./build");
const algToKeyType = {
    ed25519: 'ed25519',
    'ecdsa-secp256k1': 'secp256k1',
    'ecdsa-p256': 'secp256r1',
};
function verifyWithLTO(lto, signedData, signature, parameters) {
    const keyType = algToKeyType[parameters.alg];
    if (!keyType)
        throw new Error(`Unsupported algorithm for LTO: ${parameters.alg}`);
    const account = lto.account({ keyType, publicKey: parameters.keyid });
    if (!account.verify(signedData, signature))
        throw new Error('Invalid signature');
    return account;
}
function verify(message, verifier) {
    return __awaiter(this, void 0, void 0, function* () {
        const signatureInputHeader = (0, build_1.extractHeader)(message, 'signature-input');
        if (!signatureInputHeader)
            throw new Error('Message does not contain Signature-Input header');
        const { key, components, parameters } = (0, parse_1.parseSignatureInputHeader)(signatureInputHeader);
        if (parameters.expires && parameters.expires < new Date())
            throw new Error('Signature expired');
        const signatureHeader = (0, build_1.extractHeader)(message, 'signature');
        if (!signatureHeader)
            throw new Error('Message does not contain Signature header');
        const signature = (0, parse_1.parseSignatureHeader)(key, signatureHeader);
        const signatureInputString = signatureInputHeader.toString().replace(/^[^=]+=/, '');
        const signedData = (0, build_1.buildSignedData)(message, components, signatureInputString);
        return typeof verifier === 'function'
            ? verifier(signedData, signature, parameters)
            : verifyWithLTO(verifier, signedData, signature, parameters);
    });
}
//# sourceMappingURL=verify.js.map