1 | const { createSign, createVerify } = require('crypto')
|
2 |
|
3 | const { KEYOBJECT } = require('../help/consts')
|
4 | const resolveNodeAlg = require('../help/node_alg')
|
5 | const { asInput } = require('../help/key_object')
|
6 |
|
7 | const sign = (nodeAlg, { [KEYOBJECT]: keyObject }, payload) => {
|
8 | return createSign(nodeAlg).update(payload).sign(asInput(keyObject, false))
|
9 | }
|
10 |
|
11 | const verify = (nodeAlg, { [KEYOBJECT]: keyObject }, payload, signature) => {
|
12 | return createVerify(nodeAlg).update(payload).verify(asInput(keyObject, true), signature)
|
13 | }
|
14 |
|
15 | const LENGTHS = {
|
16 | RS256: 0,
|
17 | RS384: 624,
|
18 | RS512: 752
|
19 | }
|
20 |
|
21 | module.exports = (JWA, JWK) => {
|
22 | ['RS256', 'RS384', 'RS512'].forEach((jwaAlg) => {
|
23 | const nodeAlg = resolveNodeAlg(jwaAlg)
|
24 | JWA.sign.set(jwaAlg, sign.bind(undefined, nodeAlg))
|
25 | JWA.verify.set(jwaAlg, verify.bind(undefined, nodeAlg))
|
26 | JWK.RSA.sign[jwaAlg] = key => key.private && JWK.RSA.verify[jwaAlg](key)
|
27 | JWK.RSA.verify[jwaAlg] = key => (key.use === 'sig' || key.use === undefined) && key.length >= LENGTHS[jwaAlg]
|
28 | })
|
29 | }
|