summaryrefslogtreecommitdiff
path: root/lib/internal/crypto
diff options
context:
space:
mode:
authorBrian White <mscdex@mscdex.net>2019-03-12 09:17:10 -0400
committerBrian White <mscdex@mscdex.net>2019-03-28 21:57:53 -0400
commit7d0e50dcfef98ca56715adf74678bcaf4aa08796 (patch)
tree2458b8db07d8968ea1e35384f8160664ccaac36c /lib/internal/crypto
parent36e5fd2915e1ff9a8f0944b1a7783760fab38654 (diff)
downloadandroid-node-v8-7d0e50dcfef98ca56715adf74678bcaf4aa08796.tar.gz
android-node-v8-7d0e50dcfef98ca56715adf74678bcaf4aa08796.tar.bz2
android-node-v8-7d0e50dcfef98ca56715adf74678bcaf4aa08796.zip
crypto: add crypto.sign() and crypto.verify()
These methods are added primarily to allow signing and verifying using Ed25519 and Ed448 keys, which do not support streaming of input data. However, any key type can be used with these new APIs, to allow better performance when only signing/verifying a single chunk. Fixes: https://github.com/nodejs/node/issues/26320 PR-URL: https://github.com/nodejs/node/pull/26611 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Diffstat (limited to 'lib/internal/crypto')
-rw-r--r--lib/internal/crypto/sig.js77
1 files changed, 75 insertions, 2 deletions
diff --git a/lib/internal/crypto/sig.js b/lib/internal/crypto/sig.js
index ed3693d6fe..9eacfec8c0 100644
--- a/lib/internal/crypto/sig.js
+++ b/lib/internal/crypto/sig.js
@@ -2,10 +2,16 @@
const {
ERR_CRYPTO_SIGN_KEY_REQUIRED,
+ ERR_INVALID_ARG_TYPE,
ERR_INVALID_OPT_VALUE
} = require('internal/errors').codes;
const { validateString } = require('internal/validators');
-const { Sign: _Sign, Verify: _Verify } = internalBinding('crypto');
+const {
+ Sign: _Sign,
+ Verify: _Verify,
+ signOneShot: _signOneShot,
+ verifyOneShot: _verifyOneShot
+} = internalBinding('crypto');
const {
RSA_PSS_SALTLEN_AUTO,
RSA_PKCS1_PADDING
@@ -22,6 +28,7 @@ const {
preparePublicOrPrivateKey
} = require('internal/crypto/keys');
const { Writable } = require('stream');
+const { isArrayBufferView } = require('internal/util/types');
function Sign(algorithm, options) {
if (!(this instanceof Sign))
@@ -91,6 +98,35 @@ Sign.prototype.sign = function sign(options, encoding) {
return ret;
};
+function signOneShot(algorithm, data, key) {
+ if (algorithm != null)
+ validateString(algorithm, 'algorithm');
+
+ if (!isArrayBufferView(data)) {
+ throw new ERR_INVALID_ARG_TYPE(
+ 'data',
+ ['Buffer', 'TypedArray', 'DataView'],
+ data
+ );
+ }
+
+ if (!key)
+ throw new ERR_CRYPTO_SIGN_KEY_REQUIRED();
+
+ const {
+ data: keyData,
+ format: keyFormat,
+ type: keyType,
+ passphrase: keyPassphrase
+ } = preparePrivateKey(key);
+
+ // Options specific to RSA
+ const rsaPadding = getPadding(key);
+ const pssSaltLength = getSaltLength(key);
+
+ return _signOneShot(keyData, keyFormat, keyType, keyPassphrase, data,
+ algorithm, rsaPadding, pssSaltLength);
+}
function Verify(algorithm, options) {
if (!(this instanceof Verify))
@@ -132,7 +168,44 @@ Verify.prototype.verify = function verify(options, signature, sigEncoding) {
legacyNativeHandle(Verify);
+function verifyOneShot(algorithm, data, key, signature) {
+ if (algorithm != null)
+ validateString(algorithm, 'algorithm');
+
+ if (!isArrayBufferView(data)) {
+ throw new ERR_INVALID_ARG_TYPE(
+ 'data',
+ ['Buffer', 'TypedArray', 'DataView'],
+ data
+ );
+ }
+
+ const {
+ data: keyData,
+ format: keyFormat,
+ type: keyType,
+ passphrase: keyPassphrase
+ } = preparePublicOrPrivateKey(key);
+
+ // Options specific to RSA
+ const rsaPadding = getPadding(key);
+ const pssSaltLength = getSaltLength(key);
+
+ if (!isArrayBufferView(signature)) {
+ throw new ERR_INVALID_ARG_TYPE(
+ 'signature',
+ ['Buffer', 'TypedArray', 'DataView'],
+ signature
+ );
+ }
+
+ return _verifyOneShot(keyData, keyFormat, keyType, keyPassphrase, signature,
+ data, algorithm, rsaPadding, pssSaltLength);
+}
+
module.exports = {
Sign,
- Verify
+ signOneShot,
+ Verify,
+ verifyOneShot
};
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-24 21:06:50 +0000