UNPKG

node-idin

Version:

NodeJS Library for iDIN (https://www.idin.nl/)

github.com/bloqhouse/node-idin

bloqhouse/node-idin

70 lines 2.97 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.verifyOwnSignature = exports.signXml = exports.verifySignature = exports.MyKeyInfoGetKeyInfo = exports.MyKeyInfoGetKey = void 0; const xml_crypto_1 = require("xml-crypto"); const xmldom_1 = require("xmldom"); class MyKeyInfoGetKey { constructor(k) { this.k = ''; this.k = k; } getKey() { return this.k; } } exports.MyKeyInfoGetKey = MyKeyInfoGetKey; class MyKeyInfoGetKeyInfo { constructor(k) { this.k = ''; this.k = `<KeyName>${k}</KeyName>`; } getKeyInfo() { return this.k; } } exports.MyKeyInfoGetKeyInfo = MyKeyInfoGetKeyInfo; const transformers = ['http://www.w3.org/2000/09/xmldsig#enveloped-signature', 'http://www.w3.org/2001/10/xml-exc-c14n#']; async function verifySignature({ routingCert, signedXml }) { const DOM = new xmldom_1.DOMParser(); const XML = new xml_crypto_1.SignedXml(null, { implicitTransforms: transformers }); // XML.signatureAlgorithm = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512' XML.keyInfoProvider = new MyKeyInfoGetKey(routingCert); const doc = DOM.parseFromString(signedXml.trim()); const signature = xml_crypto_1.xpath(doc, '/*/*[local-name(.)=\'Signature\' and namespace-uri(.)=\'http://www.w3.org/2000/09/xmldsig#\']'); const lastSig = signature.pop(); XML.loadSignature(lastSig); const result = XML.checkSignature(signedXml.trim()); if (!result) { console.log(new Error(XML.validationErrors)); } return signedXml; } exports.verifySignature = verifySignature; function signXml({ xml, publicKey, publicKeyFingerprint, privateKey }) { const sig = new xml_crypto_1.SignedXml(); const entryPoint = '/*'; const xmlenc = 'http://www.w3.org/2001/04/xmlenc#sha256'; const signatureAlgorithm = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'; sig.addReference(entryPoint, transformers, xmlenc, void 0, void 0, void 0, true); sig.keyInfoProvider = new MyKeyInfoGetKeyInfo(publicKeyFingerprint); sig.signatureAlgorithm = signatureAlgorithm; sig.signingKey = privateKey; sig.computeSignature(xml); const res = sig.getSignedXml(); verifyOwnSignature({ res, xml, publicKey }); return res; } exports.signXml = signXml; function verifyOwnSignature({ res, xml, publicKey }) { const doc = new xmldom_1.DOMParser().parseFromString(res); const signature = xml_crypto_1.xpath(doc, '/*/*[local-name(.)=\'Signature\' and namespace-uri(.)=\'http://www.w3.org/2000/09/xmldsig#\']')[0]; const sx = new xml_crypto_1.SignedXml(null, { implicitTransforms: transformers }); sx.keyInfoProvider = new MyKeyInfoGetKey(publicKey); sx.loadSignature(signature); const result = sx.checkSignature(xml); if (!result) { throw new Error(sx.validationErrors); } } exports.verifyOwnSignature = verifyOwnSignature; //# sourceMappingURL=idin-protocol.js.map