| 1 | const { createSign, createVerify } = require('crypto')
|
| 2 |
|
| 3 | const { KEYOBJECT } = require('../help/consts')
|
| 4 | const resolveNodeAlg = require('../help/node_alg')
|
| 5 | const { asInput } = require('../help/key_object')
|
| 6 |
|
| 7 | const sign = (nodeAlg, { [KEYOBJECT]: keyObject }, payload) => {
|
| 8 | return createSign(nodeAlg).update(payload).sign(asInput(keyObject, false))
|
| 9 | }
|
| 10 |
|
| 11 | const verify = (nodeAlg, { [KEYOBJECT]: keyObject }, payload, signature) => {
|
| 12 | return createVerify(nodeAlg).update(payload).verify(asInput(keyObject, true), signature)
|
| 13 | }
|
| 14 |
|
| 15 | const LENGTHS = {
|
| 16 | RS256: 0,
|
| 17 | RS384: 624,
|
| 18 | RS512: 752
|
| 19 | }
|
| 20 |
|
| 21 | module.exports = (JWA, JWK) => {
|
| 22 | ['RS256', 'RS384', 'RS512'].forEach((jwaAlg) => {
|
| 23 | const nodeAlg = resolveNodeAlg(jwaAlg)
|
| 24 | JWA.sign.set(jwaAlg, sign.bind(undefined, nodeAlg))
|
| 25 | JWA.verify.set(jwaAlg, verify.bind(undefined, nodeAlg))
|
| 26 | JWK.RSA.sign[jwaAlg] = key => key.private && JWK.RSA.verify[jwaAlg](key)
|
| 27 | JWK.RSA.verify[jwaAlg] = key => (key.use === 'sig' || key.use === undefined) && key.length >= LENGTHS[jwaAlg]
|
| 28 | })
|
| 29 | }
|