UNPKG

authen

Version:

Authentication tools - signing, tokens, password hashes

dimsmol/authen

56 lines (46 loc) 1.58 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
"use strict"; var inherits = require('util').inherits; var crypto = require('crypto'); var constantTimeEquals = require('./tools/crypto').constantTimeEquals; var CryptoBase = require('./crypto_base'); var Signer = function (options) { CryptoBase.call(this, options); }; inherits(Signer, CryptoBase); Signer.prototype.defaultAlgo = 'sha1'; Signer.prototype.calcSignature = function (data, opt_algo, opt_key) { var algo = opt_algo || this.defaultAlgo; var key = opt_key || this.currentKey; var signature = this.calcSignatureRaw(data, algo, this.secrets[key]); return { algo: algo, key: key, signature: signature }; }; Signer.prototype.calcSignatureRaw = function (data, algo, secret) { var result = null; if (data != null && secret && this.isAllowedAlgo(algo)) { result = crypto.createHmac(algo, secret).update(this.ensureBuffer(data)).digest(); result = this.ensureBuffer(result, 'binary'); // old node.js workaround } return result; }; Signer.prototype.isValidSignature = function (signature, data, algo, key) { var result = false; if (key) { result = this.isValidSignatureRaw(signature, data, algo, this.secrets[key]); } return result; }; Signer.prototype.isValidSignatureRaw = function (signature, data, algo, secret) { var result = false; if (signature != null && signature.length > 0) { var calculatedSignature = this.calcSignatureRaw(data, algo, secret); if (calculatedSignature != null) { result = constantTimeEquals(calculatedSignature, this.ensureBuffer(signature, 'base64')); } } return result; }; module.exports = Signer;