UNPKG

tickethead-sdk

Version:

SDK for the Tickethead API

174 lines 7.33 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
"use strict"; var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; var desc = Object.getOwnPropertyDescriptor(m, k); if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { desc = { enumerable: true, get: function() { return m[k]; } }; } Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; })); var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { Object.defineProperty(o, "default", { enumerable: true, value: v }); }) : function(o, v) { o["default"] = v; }); var __importStar = (this && this.__importStar) || (function () { var ownKeys = function(o) { ownKeys = Object.getOwnPropertyNames || function (o) { var ar = []; for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k; return ar; }; return ownKeys(o); }; return function (mod) { if (mod && mod.__esModule) return mod; var result = {}; if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); __setModuleDefault(result, mod); return result; }; })(); var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; Object.defineProperty(exports, "__esModule", { value: true }); exports.extractEnrollment = extractEnrollment; exports.sign = sign; exports.signNative = signNative; exports.signWithFallback = signWithFallback; exports.verify = verify; exports.verifyWithFallback = verifyWithFallback; exports.verifyNative = verifyNative; const jsrsasign_1 = require("jsrsasign"); const uuidRegex = /[0-9a-f]{8}-[0-9a-f]{4}-[0-5][0-9a-f]{3}-[089ab][0-9a-f]{3}-[0-9a-f]{12}/i; function extractEnrollment(certificate) { var _a; const cert = new jsrsasign_1.X509(); cert.readCertPEM(certificate); const subject = cert.getSubjectString(); return (_a = subject.match(uuidRegex)) === null || _a === void 0 ? void 0 : _a[0]; } const algName = 'SHA256withECDSA'; /** * @param payload String which is signed * @param privateKey Contains the private key of an ECDSA pair * @returns hex encoded string of the signature */ function sign(payload, privateKey) { const signer = new jsrsasign_1.KJUR.crypto.Signature({ alg: algName }); signer.init(privateKey); return signer.signString(payload); } /** * @param payload String which is signed * @param privateKey Contains the private key of an ECDSA pair * @returns hex encoded string of the signature */ function signNative(payload, privateKey, crypto) { const sign = crypto.createSign('SHA256'); sign.write(payload); sign.end(); return sign.sign(privateKey, 'hex'); } /** * @param payload String which is signed * @param privateKey Contains the private key of an ECDSA pair * @returns hex encoded string of the signature */ function signWithFallback(payload, privateKey) { return __awaiter(this, void 0, void 0, function* () { try { // This will throw if crypto is not available in the environment const crypto = yield Promise.resolve().then(() => __importStar(require('crypto'))); let privateKeyPem; if (typeof privateKey === 'string') { privateKeyPem = privateKey; } else { privateKeyPem = jsrsasign_1.KEYUTIL.getPEM(privateKey, 'PKCS1PRV'); } // This can throw if the algorithm is not supported, but then we fall back to the pure js implementation return signNative(payload, privateKeyPem, crypto); } catch (err) { return sign(payload, privateKey); } }); } /** * @param payload The payload whose signature is verified * @param signature The signature for the payload * @param publicKey Contains the public key of an ECDSA pair * @return true if the signature is valid */ function verify(payload, signature, publicKey) { const signer = new jsrsasign_1.KJUR.crypto.Signature({ alg: algName }); signer.init(publicKey); signer.updateString(payload); return signer.verify(signature); } /** * @param payload The payload whose signature is verified * @param signature The signature for the payload * @param publicKey Contains the public key of an ECDSA pair * @return true if the signature is valid */ function verifyWithFallback(payload, signature, publicKey) { return __awaiter(this, void 0, void 0, function* () { try { // This will throw if crypto is not available in the environment const crypto = yield Promise.resolve().then(() => __importStar(require('crypto'))); let publicKeyPem; if (typeof publicKey === 'string') { publicKeyPem = publicKey; } else { publicKeyPem = jsrsasign_1.KEYUTIL.getPEM(publicKey); } // This can throw if the algorithm is not supported, but then we fall back to the pure js implementation return verifyNative(payload, signature, publicKeyPem, crypto); } catch (err) { return verify(payload, signature, publicKey); } }); } /** * Verifies the signature of a message using a PEM-encoded ECDSA public key. * * @param {string} message - The original message (plaintext) that was signed. * @param {string} signature - The signature to verify as a hex-encoded string * @param {string} publicKeyPem - The PEM-encoded ECDSA public key. * @param {Crypto} crypto - The `crypto` library export * @returns {boolean} - True if the signature is valid, false otherwise. * @throws Error if the algorithm for the key is not supported by the crypto library */ function verifyNative(message, signature, publicKeyPem, crypto) { // Convert the PEM-encoded public key into an actual public key object // This will throw if the algorithm is unsupported, and this should be handled at the caller const publicKey = crypto.createPublicKey(publicKeyPem); try { // Create a verifier object and specify the algorithm const verifier = crypto.createVerify('SHA256'); // Update the verifier with the message to be verified verifier.update(message); // Verify the signature against the message const bufferSig = Buffer.from(signature, 'hex'); const isValid = verifier.verify(publicKey, bufferSig); return isValid; } catch (error) { return false; } } //# sourceMappingURL=certificate.js.map