diff options
author | Tobias Nießen <tniessen@tnie.de> | 2019-08-21 00:05:55 +0200 |
---|---|---|
committer | Tobias Nießen <tniessen@tnie.de> | 2019-11-20 12:55:47 -0400 |
commit | c63af4fea041673eb7c33f6df3c474d4537fe5eb (patch) | |
tree | 73e1942eb0ca50d5414fbe4619099c49d0666494 /lib/internal | |
parent | 80efb80f3f9dffb412aa1a41ab36c843c90c60e5 (diff) | |
download | android-node-v8-c63af4fea041673eb7c33f6df3c474d4537fe5eb.tar.gz android-node-v8-c63af4fea041673eb7c33f6df3c474d4537fe5eb.tar.bz2 android-node-v8-c63af4fea041673eb7c33f6df3c474d4537fe5eb.zip |
crypto: add support for IEEE-P1363 DSA signatures
PR-URL: https://github.com/nodejs/node/pull/29292
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Diffstat (limited to 'lib/internal')
-rw-r--r-- | lib/internal/crypto/sig.js | 37 |
1 files changed, 32 insertions, 5 deletions
diff --git a/lib/internal/crypto/sig.js b/lib/internal/crypto/sig.js index 9b9c32e59c..6eda845564 100644 --- a/lib/internal/crypto/sig.js +++ b/lib/internal/crypto/sig.js @@ -11,6 +11,8 @@ const { validateString } = require('internal/validators'); const { Sign: _Sign, Verify: _Verify, + kSigEncDER, + kSigEncP1363, signOneShot: _signOneShot, verifyOneShot: _verifyOneShot } = internalBinding('crypto'); @@ -59,6 +61,20 @@ function getSaltLength(options) { return getIntOption('saltLength', options); } +function getDSASignatureEncoding(options) { + if (typeof options === 'object') { + const { dsaEncoding = 'der' } = options; + if (dsaEncoding === 'der') + return kSigEncDER; + else if (dsaEncoding === 'ieee-p1363') + return kSigEncP1363; + else + throw new ERR_INVALID_OPT_VALUE('dsaEncoding', dsaEncoding); + } + + return kSigEncDER; +} + function getIntOption(name, options) { const value = options[name]; if (value !== undefined) { @@ -81,8 +97,11 @@ Sign.prototype.sign = function sign(options, encoding) { const rsaPadding = getPadding(options); const pssSaltLength = getSaltLength(options); + // Options specific to (EC)DSA + const dsaSigEnc = getDSASignatureEncoding(options); + const ret = this[kHandle].sign(data, format, type, passphrase, rsaPadding, - pssSaltLength); + pssSaltLength, dsaSigEnc); encoding = encoding || getDefaultEncoding(); if (encoding && encoding !== 'buffer') @@ -117,8 +136,11 @@ function signOneShot(algorithm, data, key) { const rsaPadding = getPadding(key); const pssSaltLength = getSaltLength(key); + // Options specific to (EC)DSA + const dsaSigEnc = getDSASignatureEncoding(key); + return _signOneShot(keyData, keyFormat, keyType, keyPassphrase, data, - algorithm, rsaPadding, pssSaltLength); + algorithm, rsaPadding, pssSaltLength, dsaSigEnc); } function Verify(algorithm, options) { @@ -149,13 +171,15 @@ Verify.prototype.verify = function verify(options, signature, sigEncoding) { // Options specific to RSA const rsaPadding = getPadding(options); - const pssSaltLength = getSaltLength(options); + // Options specific to (EC)DSA + const dsaSigEnc = getDSASignatureEncoding(options); + signature = getArrayBufferView(signature, 'signature', sigEncoding); return this[kHandle].verify(data, format, type, passphrase, signature, - rsaPadding, pssSaltLength); + rsaPadding, pssSaltLength, dsaSigEnc); }; function verifyOneShot(algorithm, data, key, signature) { @@ -181,6 +205,9 @@ function verifyOneShot(algorithm, data, key, signature) { const rsaPadding = getPadding(key); const pssSaltLength = getSaltLength(key); + // Options specific to (EC)DSA + const dsaSigEnc = getDSASignatureEncoding(key); + if (!isArrayBufferView(signature)) { throw new ERR_INVALID_ARG_TYPE( 'signature', @@ -190,7 +217,7 @@ function verifyOneShot(algorithm, data, key, signature) { } return _verifyOneShot(keyData, keyFormat, keyType, keyPassphrase, signature, - data, algorithm, rsaPadding, pssSaltLength); + data, algorithm, rsaPadding, pssSaltLength, dsaSigEnc); } module.exports = { |