@meeco/cryppo
Version:
In-browser encryption and decryption. Clone of Ruby Cryppo
47 lines (46 loc) • 2.1 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.verifyWithPublicKey = exports.loadRsaSignature = exports.signWithPrivateKey = void 0;
var node_forge_1 = require("node-forge");
var util_1 = require("../../src/util");
function signWithPrivateKey(privateKeyPem, data) {
var mdDigest = node_forge_1.md.sha256.create();
var key = node_forge_1.pki.privateKeyFromPem(privateKeyPem);
mdDigest.update(util_1.bytesToBinaryString(data));
var signature = key.sign(mdDigest);
var keySize = util_1.keyLengthFromPrivateKeyPem(privateKeyPem);
var serialized = "Sign.Rsa" + keySize + "." + util_1.encodeSafe64(signature) + "." + util_1.encodeSafe64(util_1.bytesToBinaryString(data));
return {
signature: signature,
data: data,
keySize: keySize,
serialized: serialized,
};
}
exports.signWithPrivateKey = signWithPrivateKey;
function loadRsaSignature(serializedPayload) {
var decomposedPayload = serializedPayload.split('.');
var signed = decomposedPayload[0], signingStrategy = decomposedPayload[1], encodedSignature = decomposedPayload[2], encodedData = decomposedPayload[3];
var regex = /Rsa\d{1,4}/g;
if (signed === 'Sign' && regex.test(signingStrategy)) {
var bits = parseInt(signingStrategy.replace('Rsa', ''), 10);
var data = util_1.decodeSafe64(encodedData);
return {
serialized: serializedPayload,
signature: util_1.decodeSafe64(encodedSignature),
data: util_1.binaryStringToBytes(data),
keySize: bits,
};
}
else {
throw new Error('String is not a serialized RSA signature');
}
}
exports.loadRsaSignature = loadRsaSignature;
function verifyWithPublicKey(publicKeyPem, signatureObj) {
var key = node_forge_1.pki.publicKeyFromPem(publicKeyPem);
var mdDigest = node_forge_1.md.sha256.create();
mdDigest.update(util_1.bytesToBinaryString(signatureObj.data));
return key.verify(mdDigest.digest().bytes(), signatureObj.signature);
}
exports.verifyWithPublicKey = verifyWithPublicKey;