xmldsigjs
Version:
XML Digital Signature implementation in TypeScript/JavaScript using Web Crypto API
98 lines (97 loc) • 3.82 kB
JavaScript
import { XE, XmlError } from 'xml-core';
import { SignatureAlgorithm } from '../algorithm.js';
import { PssAlgorithmParams } from '../xml/key_infos/rsa_key.js';
import { SHA1, SHA1_NAMESPACE, SHA256, SHA256_NAMESPACE, SHA384, SHA384_NAMESPACE, SHA512, SHA512_NAMESPACE, } from './rsa_hash.js';
export const RSA_PSS = 'RSA-PSS';
export const RSA_PSS_WITH_PARAMS_NAMESPACE = 'http://www.w3.org/2007/05/xmldsig-more#rsa-pss';
export class RsaPssWithParams extends SignatureAlgorithm {
constructor() {
super(...arguments);
this.algorithm = {
name: RSA_PSS,
hash: {
name: SHA1,
},
};
this.namespaceURI = RSA_PSS_WITH_PARAMS_NAMESPACE;
}
static fromAlgorithm(alg) {
let rsaPssAlgorithm = null;
if (alg.name.toUpperCase() === RSA_PSS.toUpperCase()) {
switch (alg.hash.name.toUpperCase()) {
case SHA1:
rsaPssAlgorithm = new RsaPssWithParams();
break;
case SHA256:
rsaPssAlgorithm = new RsaPssWithParams();
break;
case SHA384:
rsaPssAlgorithm = new RsaPssWithParams();
break;
case SHA512:
rsaPssAlgorithm = new RsaPssWithParams();
break;
}
if (rsaPssAlgorithm) {
rsaPssAlgorithm.algorithm.hash.name = alg.hash.name;
if (alg.saltLength) {
rsaPssAlgorithm.algorithm.saltLength = alg.saltLength;
}
return rsaPssAlgorithm;
}
}
return null;
}
fromMethod(method) {
if (!method.Any.Some((item) => {
if (item instanceof PssAlgorithmParams) {
switch (item.DigestMethod.Algorithm.toLowerCase()) {
case SHA1_NAMESPACE:
this.algorithm.hash.name = SHA1;
break;
case SHA256_NAMESPACE:
this.algorithm.hash.name = SHA256;
break;
case SHA384_NAMESPACE:
this.algorithm.hash.name = SHA384;
break;
case SHA512_NAMESPACE:
this.algorithm.hash.name = SHA512;
break;
default:
throw new XmlError(XE.CRYPTOGRAPHIC, `Unsupported hash algorithm: ${item.DigestMethod.Algorithm}`);
}
if (item.SaltLength) {
this.algorithm.saltLength = item.SaltLength;
}
return true;
}
return false;
})) {
throw new XmlError(XE.CRYPTOGRAPHIC, 'RSA-PSS parameters not found in SignatureMethod');
}
}
toMethod(method) {
const pssParams = new PssAlgorithmParams();
switch (this.algorithm.hash.name.toUpperCase()) {
case SHA1:
pssParams.DigestMethod.Algorithm = SHA1_NAMESPACE;
break;
case SHA256:
pssParams.DigestMethod.Algorithm = SHA256_NAMESPACE;
break;
case SHA384:
pssParams.DigestMethod.Algorithm = SHA384_NAMESPACE;
break;
case SHA512:
pssParams.DigestMethod.Algorithm = SHA512_NAMESPACE;
break;
default:
throw new XmlError(XE.CRYPTOGRAPHIC, `Unsupported hash algorithm: ${this.algorithm.hash.name}`);
}
if (this.algorithm.saltLength) {
pssParams.SaltLength = this.algorithm.saltLength;
}
method.Any.Add(pssParams);
}
}