UNPKG

jose/lib/jwa/rsassa_pss.js

Version:

1.29 kBJavaScriptView Raw

1const {
2  createSign,
3  createVerify,
4  constants
5} = require('crypto')
6
7const { KEYOBJECT } = require('../help/consts')
8const resolveNodeAlg = require('../help/node_alg')
9const { asInput } = require('../help/key_object')
10
11const sign = (nodeAlg, { [KEYOBJECT]: keyObject }, payload) => {
12  const key = asInput(keyObject, false)
13  return createSign(nodeAlg).update(payload).sign({
14    key,
15    padding: constants.RSA_PKCS1_PSS_PADDING,
16    saltLength: constants.RSA_PSS_SALTLEN_DIGEST
17  })
18}
19
20const verify = (nodeAlg, { [KEYOBJECT]: keyObject }, payload, signature) => {
21  const key = asInput(keyObject, true)
22  return createVerify(nodeAlg).update(payload).verify({
23    key,
24    padding: constants.RSA_PKCS1_PSS_PADDING,
25    saltLength: constants.RSA_PSS_SALTLEN_DIGEST
26  }, signature)
27}
28
29const LENGTHS = {
30  PS256: 528,
31  PS384: 784,
32  PS512: 1040
33}
34
35module.exports = (JWA, JWK) => {
36  ['PS256', 'PS384', 'PS512'].forEach((jwaAlg) => {
37    const nodeAlg = resolveNodeAlg(jwaAlg)
38    JWA.sign.set(jwaAlg, sign.bind(undefined, nodeAlg))
39    JWA.verify.set(jwaAlg, verify.bind(undefined, nodeAlg))
40    JWK.RSA.sign[jwaAlg] = key => key.private && JWK.RSA.verify[jwaAlg](key)
41    JWK.RSA.verify[jwaAlg] = key => (key.use === 'sig' || key.use === undefined) && key.length >= LENGTHS[jwaAlg]
42  })
43}

1	`const {`
2	`createSign,`
3	`createVerify,`
4	`constants`
5	`} = require('crypto')`
6
7	`const { KEYOBJECT } = require('../help/consts')`
8	`const resolveNodeAlg = require('../help/node_alg')`
9	`const { asInput } = require('../help/key_object')`
10
11	`const sign = (nodeAlg, { [KEYOBJECT]: keyObject }, payload) => {`
12	`const key = asInput(keyObject, false)`
13	`return createSign(nodeAlg).update(payload).sign({`
14	`key,`
15	`padding: constants.RSA_PKCS1_PSS_PADDING,`
16	`saltLength: constants.RSA_PSS_SALTLEN_DIGEST`
17	`})`
18	`}`
19
20	`const verify = (nodeAlg, { [KEYOBJECT]: keyObject }, payload, signature) => {`
21	`const key = asInput(keyObject, true)`
22	`return createVerify(nodeAlg).update(payload).verify({`
23	`key,`
24	`padding: constants.RSA_PKCS1_PSS_PADDING,`
25	`saltLength: constants.RSA_PSS_SALTLEN_DIGEST`
26	`}, signature)`
27	`}`
28
29	`const LENGTHS = {`
30	`PS256: 528,`
31	`PS384: 784,`
32	`PS512: 1040`
33	`}`
34
35	`module.exports = (JWA, JWK) => {`
36	`['PS256', 'PS384', 'PS512'].forEach((jwaAlg) => {`
37	`const nodeAlg = resolveNodeAlg(jwaAlg)`
38	`JWA.sign.set(jwaAlg, sign.bind(undefined, nodeAlg))`
39	`JWA.verify.set(jwaAlg, verify.bind(undefined, nodeAlg))`
40	`JWK.RSA.sign[jwaAlg] = key => key.private && JWK.RSA.verify[jwaAlg](key)`
41	`JWK.RSA.verify[jwaAlg] = key => (key.use === 'sig' \|\| key.use === undefined) && key.length >= LENGTHS[jwaAlg]`
42	`})`
43	`}`