snowflake-sdk
Version:
Node.js driver for Snowflake
42 lines • 1.95 kB
JavaScript
;
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.RSASSAPSSParamsEntity = exports.HASH_OID_TO_NAME = void 0;
exports.parseRSASSAPSSParams = parseRSASSAPSSParams;
const asn1_js_1 = __importDefault(require("asn1.js"));
const asn1_js_rfc5280_1 = __importDefault(require("asn1.js-rfc5280"));
const oids_1 = require("./oids");
exports.HASH_OID_TO_NAME = {
[oids_1.ALGORITHM_OID.SHA256]: 'sha256',
[oids_1.ALGORITHM_OID.SHA384]: 'sha384',
[oids_1.ALGORITHM_OID.SHA512]: 'sha512',
};
const HASH_DIGEST_LENGTH = {
sha256: 32,
sha384: 48,
sha512: 64,
};
exports.RSASSAPSSParamsEntity = asn1_js_1.default.define('RSASSAPSSParams', function () {
this.seq().obj(this.key('hashAlgorithm').explicit(0).optional().use(asn1_js_rfc5280_1.default.AlgorithmIdentifier),
// Intentionally ignoring maskGenAlgorithm;
// Node crypto.verify only works when MGF1 hash matches the signature hash algorithm
this.key('saltLength').explicit(2).optional().int());
});
function parseRSASSAPSSParams(parametersBuffer) {
if (!parametersBuffer) {
throw new Error('RSASSA-PSS signature algorithm is missing parameters buffer');
}
const params = exports.RSASSAPSSParamsEntity.decode(parametersBuffer, 'der');
const hashOid = params.hashAlgorithm ? params.hashAlgorithm.algorithm.join('.') : null;
const hashAlgorithm = hashOid ? exports.HASH_OID_TO_NAME[hashOid] : null;
if (!hashAlgorithm) {
throw new Error(`RSASSA-PSS unsupported hashAlgorithm OID: ${hashOid} (only SHA-256, SHA-384, and SHA-512 are supported)`);
}
return {
hashAlgorithm,
saltLength: params.saltLength != null ? params.saltLength.toNumber() : HASH_DIGEST_LENGTH[hashAlgorithm],
};
}
//# sourceMappingURL=rsassa_pss_parser.js.map