diff options
Diffstat (limited to 'deps/npm/node_modules/http-signature')
| -rw-r--r-- | deps/npm/node_modules/http-signature/.dir-locals.el | 6 | ||||
| -rw-r--r-- | deps/npm/node_modules/http-signature/.npmignore | 7 | ||||
| -rw-r--r-- | deps/npm/node_modules/http-signature/CHANGES.md | 46 | ||||
| -rw-r--r-- | deps/npm/node_modules/http-signature/LICENSE | 18 | ||||
| -rw-r--r-- | deps/npm/node_modules/http-signature/README.md | 79 | ||||
| -rw-r--r-- | deps/npm/node_modules/http-signature/http_signing.md | 363 | ||||
| -rw-r--r-- | deps/npm/node_modules/http-signature/lib/index.js | 29 | ||||
| -rw-r--r-- | deps/npm/node_modules/http-signature/lib/parser.js | 315 | ||||
| -rw-r--r-- | deps/npm/node_modules/http-signature/lib/signer.js | 401 | ||||
| -rw-r--r-- | deps/npm/node_modules/http-signature/lib/utils.js | 112 | ||||
| -rw-r--r-- | deps/npm/node_modules/http-signature/lib/verify.js | 88 | ||||
| -rw-r--r-- | deps/npm/node_modules/http-signature/package.json | 77 |
12 files changed, 1541 insertions, 0 deletions
diff --git a/deps/npm/node_modules/http-signature/.dir-locals.el b/deps/npm/node_modules/http-signature/.dir-locals.el new file mode 100644 index 0000000000..3bc9235f25 --- /dev/null +++ b/deps/npm/node_modules/http-signature/.dir-locals.el @@ -0,0 +1,6 @@ +((nil . ((indent-tabs-mode . nil) + (tab-width . 8) + (fill-column . 80))) + (js-mode . ((js-indent-level . 2) + (indent-tabs-mode . nil) + )))
\ No newline at end of file diff --git a/deps/npm/node_modules/http-signature/.npmignore b/deps/npm/node_modules/http-signature/.npmignore new file mode 100644 index 0000000000..c143fb3a46 --- /dev/null +++ b/deps/npm/node_modules/http-signature/.npmignore @@ -0,0 +1,7 @@ +.gitmodules +deps +docs +Makefile +node_modules +test +tools
\ No newline at end of file diff --git a/deps/npm/node_modules/http-signature/CHANGES.md b/deps/npm/node_modules/http-signature/CHANGES.md new file mode 100644 index 0000000000..3e4b13881e --- /dev/null +++ b/deps/npm/node_modules/http-signature/CHANGES.md @@ -0,0 +1,46 @@ +# node-http-signature changelog + +## 1.1.1 + +- Version of dependency `assert-plus` updated: old version was missing + some license information +- Corrected examples in `http_signing.md`, added auto-tests to + automatically validate these examples + +## 1.1.0 + +- Bump version of `sshpk` dependency, remove peerDependency on it since + it now supports exchanging objects between multiple versions of itself + where possible + +## 1.0.2 + +- Bump min version of `jsprim` dependency, to include fixes for using + http-signature with `browserify` + +## 1.0.1 + +- Bump minimum version of `sshpk` dependency, to include fixes for + whitespace tolerance in key parsing. + +## 1.0.0 + +- First semver release. +- #36: Ensure verifySignature does not leak useful timing information +- #42: Bring the library up to the latest version of the spec (including the + request-target changes) +- Support for ECDSA keys and signatures. +- Now uses `sshpk` for key parsing, validation and conversion. +- Fixes for #21, #47, #39 and compatibility with node 0.8 + +## 0.11.0 + +- Split up HMAC and Signature verification to avoid vulnerabilities where a + key intended for use with one can be validated against the other method + instead. + +## 0.10.2 + +- Updated versions of most dependencies. +- Utility functions exported for PEM => SSH-RSA conversion. +- Improvements to tests and examples. diff --git a/deps/npm/node_modules/http-signature/LICENSE b/deps/npm/node_modules/http-signature/LICENSE new file mode 100644 index 0000000000..f6d947d2f6 --- /dev/null +++ b/deps/npm/node_modules/http-signature/LICENSE @@ -0,0 +1,18 @@ +Copyright Joyent, Inc. All rights reserved. +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to +deal in the Software without restriction, including without limitation the +rights to use, copy, modify, merge, publish, distribute, sublicense, and/or +sell copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS +IN THE SOFTWARE. diff --git a/deps/npm/node_modules/http-signature/README.md b/deps/npm/node_modules/http-signature/README.md new file mode 100644 index 0000000000..de487d3236 --- /dev/null +++ b/deps/npm/node_modules/http-signature/README.md @@ -0,0 +1,79 @@ +# node-http-signature + +node-http-signature is a node.js library that has client and server components +for Joyent's [HTTP Signature Scheme](http_signing.md). + +## Usage + +Note the example below signs a request with the same key/cert used to start an +HTTP server. This is almost certainly not what you actually want, but is just +used to illustrate the API calls; you will need to provide your own key +management in addition to this library. + +### Client + +```js +var fs = require('fs'); +var https = require('https'); +var httpSignature = require('http-signature'); + +var key = fs.readFileSync('./key.pem', 'ascii'); + +var options = { + host: 'localhost', + port: 8443, + path: '/', + method: 'GET', + headers: {} +}; + +// Adds a 'Date' header in, signs it, and adds the +// 'Authorization' header in. +var req = https.request(options, function(res) { + console.log(res.statusCode); +}); + + +httpSignature.sign(req, { + key: key, + keyId: './cert.pem' +}); + +req.end(); +``` + +### Server + +```js +var fs = require('fs'); +var https = require('https'); +var httpSignature = require('http-signature'); + +var options = { + key: fs.readFileSync('./key.pem'), + cert: fs.readFileSync('./cert.pem') +}; + +https.createServer(options, function (req, res) { + var rc = 200; + var parsed = httpSignature.parseRequest(req); + var pub = fs.readFileSync(parsed.keyId, 'ascii'); + if (!httpSignature.verifySignature(parsed, pub)) + rc = 401; + + res.writeHead(rc); + res.end(); +}).listen(8443); +``` + +## Installation + + npm install http-signature + +## License + +MIT. + +## Bugs + +See <https://github.com/joyent/node-http-signature/issues>. diff --git a/deps/npm/node_modules/http-signature/http_signing.md b/deps/npm/node_modules/http-signature/http_signing.md new file mode 100644 index 0000000000..4f24d28c3c --- /dev/null +++ b/deps/npm/node_modules/http-signature/http_signing.md @@ -0,0 +1,363 @@ +# Abstract + +This document describes a way to add origin authentication, message integrity, +and replay resistance to HTTP REST requests. It is intended to be used over +the HTTPS protocol. + +# Copyright Notice + +Copyright (c) 2011 Joyent, Inc. and the persons identified as document authors. +All rights reserved. + +Code Components extracted from this document must include MIT License text. + +# Introduction + +This protocol is intended to provide a standard way for clients to sign HTTP +requests. RFC2617 (HTTP Authentication) defines Basic and Digest authentication +mechanisms, and RFC5246 (TLS 1.2) defines client-auth, both of which are widely +employed on the Internet today. However, it is common place that the burdens of +PKI prevent web service operators from deploying that methodology, and so many +fall back to Basic authentication, which has poor security characteristics. + +Additionally, OAuth provides a fully-specified alternative for authorization +of web service requests, but is not (always) ideal for machine to machine +communication, as the key acquisition steps (generally) imply a fixed +infrastructure that may not make sense to a service provider (e.g., symmetric +keys). + +Several web service providers have invented their own schemes for signing +HTTP requests, but to date, none have been placed in the public domain as a +standard. This document serves that purpose. There are no techniques in this +proposal that are novel beyond previous art, however, this aims to be a simple +mechanism for signing these requests. + +# Signature Authentication Scheme + +The "signature" authentication scheme is based on the model that the client must +authenticate itself with a digital signature produced by either a private +asymmetric key (e.g., RSA) or a shared symmetric key (e.g., HMAC). The scheme +is parameterized enough such that it is not bound to any particular key type or +signing algorithm. However, it does explicitly assume that clients can send an +HTTP `Date` header. + +## Authorization Header + +The client is expected to send an Authorization header (as defined in RFC 2617) +with the following parameterization: + + credentials := "Signature" params + params := 1#(keyId | algorithm | [headers] | [ext] | signature) + digitalSignature := plain-string + + keyId := "keyId" "=" <"> plain-string <"> + algorithm := "algorithm" "=" <"> plain-string <"> + headers := "headers" "=" <"> 1#headers-value <"> + ext := "ext" "=" <"> plain-string <"> + signature := "signature" "=" <"> plain-string <"> + + headers-value := plain-string + plain-string = 1*( %x20-21 / %x23-5B / %x5D-7E ) + +### Signature Parameters + +#### keyId + +REQUIRED. The `keyId` field is an opaque string that the server can use to look +up the component they need to validate the signature. It could be an SSH key +fingerprint, an LDAP DN, etc. Management of keys and assignment of `keyId` is +out of scope for this document. + +#### algorithm + +REQUIRED. The `algorithm` parameter is used if the client and server agree on a +non-standard digital signature algorithm. The full list of supported signature +mechanisms is listed below. + +#### headers + +OPTIONAL. The `headers` parameter is used to specify the list of HTTP headers +used to sign the request. If specified, it should be a quoted list of HTTP +header names, separated by a single space character. By default, only one +HTTP header is signed, which is the `Date` header. Note that the list MUST be +specified in the order the values are concatenated together during signing. To +include the HTTP request line in the signature calculation, use the special +`request-line` value. While this is overloading the definition of `headers` in +HTTP linguism, the request-line is defined in RFC 2616, and as the outlier from +headers in useful signature calculation, it is deemed simpler to simply use +`request-line` than to add a separate parameter for it. + +#### extensions + +OPTIONAL. The `extensions` parameter is used to include additional information +which is covered by the request. The content and format of the string is out of +scope for this document, and expected to be specified by implementors. + +#### signature + +REQUIRED. The `signature` parameter is a `Base64` encoded digital signature +generated by the client. The client uses the `algorithm` and `headers` request +parameters to form a canonicalized `signing string`. This `signing string` is +then signed with the key associated with `keyId` and the algorithm +corresponding to `algorithm`. The `signature` parameter is then set to the +`Base64` encoding of the signature. + +### Signing String Composition + +In order to generate the string that is signed with a key, the client MUST take +the values of each HTTP header specified by `headers` in the order they appear. + +1. If the header name is not `request-line` then append the lowercased header + name followed with an ASCII colon `:` and an ASCII space ` `. +2. If the header name is `request-line` then append the HTTP request line, + otherwise append the header value. +3. If value is not the last value then append an ASCII newline `\n`. The string + MUST NOT include a trailing ASCII newline. + +# Example Requests + +All requests refer to the following request (body omitted): + + POST /foo HTTP/1.1 + Host: example.org + Date: Tue, 07 Jun 2014 20:51:35 GMT + Content-Type: application/json + Digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE= + Content-Length: 18 + +The "rsa-key-1" keyId refers to a private key known to the client and a public +key known to the server. The "hmac-key-1" keyId refers to key known to the +client and server. + +## Default parameterization + +The authorization header and signature would be generated as: + + Authorization: Signature keyId="rsa-key-1",algorithm="rsa-sha256",signature="Base64(RSA-SHA256(signing string))" + +The client would compose the signing string as: + + date: Tue, 07 Jun 2014 20:51:35 GMT + +## Header List + +The authorization header and signature would be generated as: + + Authorization: Signature keyId="rsa-key-1",algorithm="rsa-sha256",headers="(request-target) date content-type digest",signature="Base64(RSA-SHA256(signing string))" + +The client would compose the signing string as (`+ "\n"` inserted for +readability): + + (request-target) post /foo + "\n" + date: Tue, 07 Jun 2011 20:51:35 GMT + "\n" + content-type: application/json + "\n" + digest: SHA-256=Base64(SHA256(Body)) + +## Algorithm + +The authorization header and signature would be generated as: + + Authorization: Signature keyId="hmac-key-1",algorithm="hmac-sha1",signature="Base64(HMAC-SHA1(signing string))" + +The client would compose the signing string as: + + date: Tue, 07 Jun 2011 20:51:35 GMT + +# Signing Algorithms + +Currently supported algorithm names are: + +* rsa-sha1 +* rsa-sha256 +* rsa-sha512 +* dsa-sha1 +* hmac-sha1 +* hmac-sha256 +* hmac-sha512 + +# Security Considerations + +## Default Parameters + +Note the default parameterization of the `Signature` scheme is only safe if all +requests are carried over a secure transport (i.e., TLS). Sending the default +scheme over a non-secure transport will leave the request vulnerable to +spoofing, tampering, replay/repudiation, and integrity violations (if using the +STRIDE threat-modeling methodology). + +## Insecure Transports + +If sending the request over plain HTTP, service providers SHOULD require clients +to sign ALL HTTP headers, and the `request-line`. Additionally, service +providers SHOULD require `Content-MD5` calculations to be performed to ensure +against any tampering from clients. + +## Nonces + +Nonces are out of scope for this document simply because many service providers +fail to implement them correctly, or do not adopt security specifications +because of the infrastructure complexity. Given the `header` parameterization, +a service provider is fully enabled to add nonce semantics into this scheme by +using something like an `x-request-nonce` header, and ensuring it is signed +with the `Date` header. + +## Clock Skew + +As the default scheme is to sign the `Date` header, service providers SHOULD +protect against logged replay attacks by enforcing a clock skew. The server +SHOULD be synchronized with NTP, and the recommendation in this specification +is to allow 300s of clock skew (in either direction). + +## Required Headers to Sign + +It is out of scope for this document to dictate what headers a service provider +will want to enforce, but service providers SHOULD at minimum include the +`Date` header. + +# References + +## Normative References + +* [RFC2616] Hypertext Transfer Protocol -- HTTP/1.1 +* [RFC2617] HTTP Authentication: Basic and Digest Access Authentication +* [RFC5246] The Transport Layer Security (TLS) Protocol Version 1.2 + +## Informative References + + Name: Mark Cavage (editor) + Company: Joyent, Inc. + Email: mark.cavage@joyent.com + URI: http://www.joyent.com + +# Appendix A - Test Values + +The following test data uses the RSA (1024b) keys, which we will refer +to as `keyId=Test` in the following samples: + + -----BEGIN PUBLIC KEY----- + MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3 + 6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6 + Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw + oYi+1hqp1fIekaxsyQIDAQAB + -----END PUBLIC KEY----- + + -----BEGIN RSA PRIVATE KEY----- + MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF + NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F + UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB + AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA + QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK + kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg + f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u + 412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc + mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7 + kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA + gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW + G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI + 7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA== + -----END RSA PRIVATE KEY----- + +And all examples use this request: + +<!-- httpreq --> + + POST /foo?param=value&pet=dog HTTP/1.1 + Host: example.com + Date: Thu, 05 Jan 2014 21:31:40 GMT + Content-Type: application/json + Digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE= + Content-Length: 18 + + {"hello": "world"} + +<!-- /httpreq --> + +### Default + +The string to sign would be: + +<!-- sign {"name": "Default", "options": {"keyId":"Test", "algorithm": "rsa-sha256"}} --> +<!-- signstring --> + + date: Thu, 05 Jan 2014 21:31:40 GMT + +<!-- /signstring --> + +The Authorization header would be: + +<!-- authz --> + + Authorization: Signature keyId="Test",algorithm="rsa-sha256",headers="date",signature="jKyvPcxB4JbmYY4mByyBY7cZfNl4OW9HpFQlG7N4YcJPteKTu4MWCLyk+gIr0wDgqtLWf9NLpMAMimdfsH7FSWGfbMFSrsVTHNTk0rK3usrfFnti1dxsM4jl0kYJCKTGI/UWkqiaxwNiKqGcdlEDrTcUhhsFsOIo8VhddmZTZ8w=" + +<!-- /authz --> + +### All Headers + +Parameterized to include all headers, the string to sign would be (`+ "\n"` +inserted for readability): + +<!-- sign {"name": "All Headers", "options": {"keyId":"Test", "algorithm": "rsa-sha256", "headers": ["(request-target)", "host", "date", "content-type", "digest", "content-length"]}} --> +<!-- signstring --> + + (request-target): post /foo?param=value&pet=dog + host: example.com + date: Thu, 05 Jan 2014 21:31:40 GMT + content-type: application/json + digest: SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE= + content-length: 18 + +<!-- /signstring --> + +The Authorization header would be: + +<!-- authz --> + + Authorization: Signature keyId="Test",algorithm="rsa-sha256",headers="(request-target) host date content-type digest content-length",signature="Ef7MlxLXoBovhil3AlyjtBwAL9g4TN3tibLj7uuNB3CROat/9KaeQ4hW2NiJ+pZ6HQEOx9vYZAyi+7cmIkmJszJCut5kQLAwuX+Ms/mUFvpKlSo9StS2bMXDBNjOh4Auj774GFj4gwjS+3NhFeoqyr/MuN6HsEnkvn6zdgfE2i0=" + +<!-- /authz --> + +## Generating and verifying signatures using `openssl` + +The `openssl` commandline tool can be used to generate or verify the signatures listed above. + +Compose the signing string as usual, and pipe it into the the `openssl dgst` command, then into `openssl enc -base64`, as follows: + + $ printf 'date: Thu, 05 Jan 2014 21:31:40 GMT' | \ + openssl dgst -binary -sign /path/to/private.pem -sha256 | \ + openssl enc -base64 + jKyvPcxB4JbmYY4mByyBY7cZfNl4OW9Hp... + $ + +The `-sha256` option is necessary to produce an `rsa-sha256` signature. You can select other hash algorithms such as `sha1` by changing this argument. + +To verify a signature, first save the signature data, Base64-decoded, into a file, then use `openssl dgst` again with the `-verify` option: + + $ echo 'jKyvPcxB4JbmYY4mByy...' | openssl enc -A -d -base64 > signature + $ printf 'date: Thu, 05 Jan 2014 21:31:40 GMT' | \ + openssl dgst -sha256 -verify /path/to/public.pem -signature ./signature + Verified OK + $ + +## Generating and verifying signatures using `sshpk-sign` + +You can also generate and check signatures using the `sshpk-sign` tool which is +included with the `sshpk` package in `npm`. + +Compose the signing string as above, and pipe it into `sshpk-sign` as follows: + + $ printf 'date: Thu, 05 Jan 2014 21:31:40 GMT' | \ + sshpk-sign -i /path/to/private.pem + jKyvPcxB4JbmYY4mByyBY7cZfNl4OW9Hp... + $ + +This will produce an `rsa-sha256` signature by default, as you can see using +the `-v` option: + + sshpk-sign: using rsa-sha256 with a 1024 bit key + +You can also use `sshpk-verify` in a similar manner: + + $ printf 'date: Thu, 05 Jan 2014 21:31:40 GMT' | \ + sshpk-verify -i ./public.pem -s 'jKyvPcxB4JbmYY...' + OK + $ diff --git a/deps/npm/node_modules/http-signature/lib/index.js b/deps/npm/node_modules/http-signature/lib/index.js new file mode 100644 index 0000000000..54d46030f1 --- /dev/null +++ b/deps/npm/node_modules/http-signature/lib/index.js @@ -0,0 +1,29 @@ +// Copyright 2015 Joyent, Inc. + +var parser = require('./parser'); +var signer = require('./signer'); +var verify = require('./verify'); +var utils = require('./utils'); + + + +///--- API + +module.exports = { + + parse: parser.parseRequest, + parseRequest: parser.parseRequest, + + sign: signer.signRequest, + signRequest: signer.signRequest, + createSigner: signer.createSigner, + isSigner: signer.isSigner, + + sshKeyToPEM: utils.sshKeyToPEM, + sshKeyFingerprint: utils.fingerprint, + pemToRsaSSHKey: utils.pemToRsaSSHKey, + + verify: verify.verifySignature, + verifySignature: verify.verifySignature, + verifyHMAC: verify.verifyHMAC +}; diff --git a/deps/npm/node_modules/http-signature/lib/parser.js b/deps/npm/node_modules/http-signature/lib/parser.js new file mode 100644 index 0000000000..5994a7e987 --- /dev/null +++ b/deps/npm/node_modules/http-signature/lib/parser.js @@ -0,0 +1,315 @@ +// Copyright 2012 Joyent, Inc. All rights reserved. + +var assert = require('assert-plus'); +var util = require('util'); +var utils = require('./utils'); + + + +///--- Globals + +var HASH_ALGOS = utils.HASH_ALGOS; +var PK_ALGOS = utils.PK_ALGOS; +var HttpSignatureError = utils.HttpSignatureError; +var InvalidAlgorithmError = utils.InvalidAlgorithmError; +var validateAlgorithm = utils.validateAlgorithm; + +var State = { + New: 0, + Params: 1 +}; + +var ParamsState = { + Name: 0, + Quote: 1, + Value: 2, + Comma: 3 +}; + + +///--- Specific Errors + + +function ExpiredRequestError(message) { + HttpSignatureError.call(this, message, ExpiredRequestError); +} +util.inherits(ExpiredRequestError, HttpSignatureError); + + +function InvalidHeaderError(message) { + HttpSignatureError.call(this, message, InvalidHeaderError); +} +util.inherits(InvalidHeaderError, HttpSignatureError); + + +function InvalidParamsError(message) { + HttpSignatureError.call(this, message, InvalidParamsError); +} +util.inherits(InvalidParamsError, HttpSignatureError); + + +function MissingHeaderError(message) { + HttpSignatureError.call(this, message, MissingHeaderError); +} +util.inherits(MissingHeaderError, HttpSignatureError); + +function StrictParsingError(message) { + HttpSignatureError.call(this, message, StrictParsingError); +} +util.inherits(StrictParsingError, HttpSignatureError); + +///--- Exported API + +module.exports = { + + /** + * Parses the 'Authorization' header out of an http.ServerRequest object. + * + * Note that this API will fully validate the Authorization header, and throw + * on any error. It will not however check the signature, or the keyId format + * as those are specific to your environment. You can use the options object + * to pass in extra constraints. + * + * As a response object you can expect this: + * + * { + * "scheme": "Signature", + * "params": { + * "keyId": "foo", + * "algorithm": "rsa-sha256", + * "headers": [ + * "date" or "x-date", + * "digest" + * ], + * "signature": "base64" + * }, + * "signingString": "ready to be passed to crypto.verify()" + * } + * + * @param {Object} request an http.ServerRequest. + * @param {Object} options an optional options object with: + * - clockSkew: allowed clock skew in seconds (default 300). + * - headers: required header names (def: date or x-date) + * - algorithms: algorithms to support (default: all). + * - strict: should enforce latest spec parsing + * (default: false). + * @return {Object} parsed out object (see above). + * @throws {TypeError} on invalid input. + * @throws {InvalidHeaderError} on an invalid Authorization header error. + * @throws {InvalidParamsError} if the params in the scheme are invalid. + * @throws {MissingHeaderError} if the params indicate a header not present, + * either in the request headers from the params, + * or not in the params from a required header + * in options. + * @throws {StrictParsingError} if old attributes are used in strict parsing + * mode. + * @throws {ExpiredRequestError} if the value of date or x-date exceeds skew. + */ + parseRequest: function parseRequest(request, options) { + assert.object(request, 'request'); + assert.object(request.headers, 'request.headers'); + if (options === undefined) { + options = {}; + } + if (options.headers === undefined) { + options.headers = [request.headers['x-date'] ? 'x-date' : 'date']; + } + assert.object(options, 'options'); + assert.arrayOfString(options.headers, 'options.headers'); + assert.optionalFinite(options.clockSkew, 'options.clockSkew'); + + var authzHeaderName = options.authorizationHeaderName || 'authorization'; + + if (!request.headers[authzHeaderName]) { + throw new MissingHeaderError('no ' + authzHeaderName + ' header ' + + 'present in the request'); + } + + options.clockSkew = options.clockSkew || 300; + + + var i = 0; + var state = State.New; + var substate = ParamsState.Name; + var tmpName = ''; + var tmpValue = ''; + + var parsed = { + scheme: '', + params: {}, + signingString: '' + }; + + var authz = request.headers[authzHeaderName]; + for (i = 0; i < authz.length; i++) { + var c = authz.charAt(i); + + switch (Number(state)) { + + case State.New: + if (c !== ' ') parsed.scheme += c; + else state = State.Params; + break; + + case State.Params: + switch (Number(substate)) { + + case ParamsState.Name: + var code = c.charCodeAt(0); + // restricted name of A-Z / a-z + if ((code >= 0x41 && code <= 0x5a) || // A-Z + (code >= 0x61 && code <= 0x7a)) { // a-z + tmpName += c; + } else if (c === '=') { + if (tmpName.length === 0) + throw new InvalidHeaderError('bad param format'); + substate = ParamsState.Quote; + } else { + throw new InvalidHeaderError('bad param format'); + } + break; + + case ParamsState.Quote: + if (c === '"') { + tmpValue = ''; + substate = ParamsState.Value; + } else { + throw new InvalidHeaderError('bad param format'); + } + break; + + case ParamsState.Value: + if (c === '"') { + parsed.params[tmpName] = tmpValue; + substate = ParamsState.Comma; + } else { + tmpValue += c; + } + break; + + case ParamsState.Comma: + if (c === ',') { + tmpName = ''; + substate = ParamsState.Name; + } else { + throw new InvalidHeaderError('bad param format'); + } + break; + + default: + throw new Error('Invalid substate'); + } + break; + + default: + throw new Error('Invalid substate'); + } + + } + + if (!parsed.params.headers || parsed.params.headers === '') { + if (request.headers['x-date']) { + parsed.params.headers = ['x-date']; + } else { + parsed.params.headers = ['date']; + } + } else { + parsed.params.headers = parsed.params.headers.split(' '); + } + + // Minimally validate the parsed object + if (!parsed.scheme || parsed.scheme !== 'Signature') + throw new InvalidHeaderError('scheme was not "Signature"'); + + if (!parsed.params.keyId) + throw new InvalidHeaderError('keyId was not specified'); + + if (!parsed.params.algorithm) + throw new InvalidHeaderError('algorithm was not specified'); + + if (!parsed.params.signature) + throw new InvalidHeaderError('signature was not specified'); + + // Check the algorithm against the official list + parsed.params.algorithm = parsed.params.algorithm.toLowerCase(); + try { + validateAlgorithm(parsed.params.algorithm); + } catch (e) { + if (e instanceof InvalidAlgorithmError) + throw (new InvalidParamsError(parsed.params.algorithm + ' is not ' + + 'supported')); + else + throw (e); + } + + // Build the signingString + for (i = 0; i < parsed.params.headers.length; i++) { + var h = parsed.params.headers[i].toLowerCase(); + parsed.params.headers[i] = h; + + if (h === 'request-line') { + if (!options.strict) { + /* + * We allow headers from the older spec drafts if strict parsing isn't + * specified in options. + */ + parsed.signingString += + request.method + ' ' + request.url + ' HTTP/' + request.httpVersion; + } else { + /* Strict parsing doesn't allow older draft headers. */ + throw (new StrictParsingError('request-line is not a valid header ' + + 'with strict parsing enabled.')); + } + } else if (h === '(request-target)') { + parsed.signingString += + '(request-target): ' + request.method.toLowerCase() + ' ' + + request.url; + } else { + var value = request.headers[h]; + if (value === undefined) + throw new MissingHeaderError(h + ' was not in the request'); + parsed.signingString += h + ': ' + value; + } + + if ((i + 1) < parsed.params.headers.length) + parsed.signingString += '\n'; + } + + // Check against the constraints + var date; + if (request.headers.date || request.headers['x-date']) { + if (request.headers['x-date']) { + date = new Date(request.headers['x-date']); + } else { + date = new Date(request.headers.date); + } + var now = new Date(); + var skew = Math.abs(now.getTime() - date.getTime()); + + if (skew > options.clockSkew * 1000) { + throw new ExpiredRequestError('clock skew of ' + + (skew / 1000) + + 's was greater than ' + + options.clockSkew + 's'); + } + } + + options.headers.forEach(function (hdr) { + // Remember that we already checked any headers in the params + // were in the request, so if this passes we're good. + if (parsed.params.headers.indexOf(hdr.toLowerCase()) < 0) + throw new MissingHeaderError(hdr + ' was not a signed header'); + }); + + if (options.algorithms) { + if (options.algorithms.indexOf(parsed.params.algorithm) === -1) + throw new InvalidParamsError(parsed.params.algorithm + + ' is not a supported algorithm'); + } + + parsed.algorithm = parsed.params.algorithm.toUpperCase(); + parsed.keyId = parsed.params.keyId; + return parsed; + } + +}; diff --git a/deps/npm/node_modules/http-signature/lib/signer.js b/deps/npm/node_modules/http-signature/lib/signer.js new file mode 100644 index 0000000000..deb5878679 --- /dev/null +++ b/deps/npm/node_modules/http-signature/lib/signer.js @@ -0,0 +1,401 @@ +// Copyright 2012 Joyent, Inc. All rights reserved. + +var assert = require('assert-plus'); +var crypto = require('crypto'); +var http = require('http'); +var util = require('util'); +var sshpk = require('sshpk'); +var jsprim = require('jsprim'); +var utils = require('./utils'); + +var sprintf = require('util').format; + +var HASH_ALGOS = utils.HASH_ALGOS; +var PK_ALGOS = utils.PK_ALGOS; +var InvalidAlgorithmError = utils.InvalidAlgorithmError; +var HttpSignatureError = utils.HttpSignatureError; +var validateAlgorithm = utils.validateAlgorithm; + +///--- Globals + +var AUTHZ_FMT = + 'Signature keyId="%s",algorithm="%s",headers="%s",signature="%s"'; + +///--- Specific Errors + +function MissingHeaderError(message) { + HttpSignatureError.call(this, message, MissingHeaderError); +} +util.inherits(MissingHeaderError, HttpSignatureError); + +function StrictParsingError(message) { + HttpSignatureError.call(this, message, StrictParsingError); +} +util.inherits(StrictParsingError, HttpSignatureError); + +/* See createSigner() */ +function RequestSigner(options) { + assert.object(options, 'options'); + + var alg = []; + if (options.algorithm !== undefined) { + assert.string(options.algorithm, 'options.algorithm'); + alg = validateAlgorithm(options.algorithm); + } + this.rs_alg = alg; + + /* + * RequestSigners come in two varieties: ones with an rs_signFunc, and ones + * with an rs_signer. + * + * rs_signFunc-based RequestSigners have to build up their entire signing + * string within the rs_lines array and give it to rs_signFunc as a single + * concat'd blob. rs_signer-based RequestSigners can add a line at a time to + * their signing state by using rs_signer.update(), thus only needing to + * buffer the hash function state and one line at a time. + */ + if (options.sign !== undefined) { + assert.func(options.sign, 'options.sign'); + this.rs_signFunc = options.sign; + + } else if (alg[0] === 'hmac' && options.key !== undefined) { + assert.string(options.keyId, 'options.keyId'); + this.rs_keyId = options.keyId; + + if (typeof (options.key) !== 'string' && !Buffer.isBuffer(options.key)) + throw (new TypeError('options.key for HMAC must be a string or Buffer')); + + /* + * Make an rs_signer for HMACs, not a rs_signFunc -- HMACs digest their + * data in chunks rather than requiring it all to be given in one go + * at the end, so they are more similar to signers than signFuncs. + */ + this.rs_signer = crypto.createHmac(alg[1].toUpperCase(), options.key); + this.rs_signer.sign = function () { + var digest = this.digest('base64'); + return ({ + hashAlgorithm: alg[1], + toString: function () { return (digest); } + }); + }; + + } else if (options.key !== undefined) { + var key = options.key; + if (typeof (key) === 'string' || Buffer.isBuffer(key)) + key = sshpk.parsePrivateKey(key); + + assert.ok(sshpk.PrivateKey.isPrivateKey(key, [1, 2]), + 'options.key must be a sshpk.PrivateKey'); + this.rs_key = key; + + assert.string(options.keyId, 'options.keyId'); + this.rs_keyId = options.keyId; + + if (!PK_ALGOS[key.type]) { + throw (new InvalidAlgorithmError(key.type.toUpperCase() + ' type ' + + 'keys are not supported')); + } + + if (alg[0] !== undefined && key.type !== alg[0]) { + throw (new InvalidAlgorithmError('options.key must be a ' + + alg[0].toUpperCase() + ' key, was given a ' + + key.type.toUpperCase() + ' key instead')); + } + + this.rs_signer = key.createSign(alg[1]); + + } else { + throw (new TypeError('options.sign (func) or options.key is required')); + } + + this.rs_headers = []; + this.rs_lines = []; +} + +/** + * Adds a header to be signed, with its value, into this signer. + * + * @param {String} header + * @param {String} value + * @return {String} value written + */ +RequestSigner.prototype.writeHeader = function (header, value) { + assert.string(header, 'header'); + header = header.toLowerCase(); + assert.string(value, 'value'); + + this.rs_headers.push(header); + + if (this.rs_signFunc) { + this.rs_lines.push(header + ': ' + value); + + } else { + var line = header + ': ' + value; + if (this.rs_headers.length > 0) + line = '\n' + line; + this.rs_signer.update(line); + } + + return (value); +}; + +/** + * Adds a default Date header, returning its value. + * + * @return {String} + */ +RequestSigner.prototype.writeDateHeader = function () { + return (this.writeHeader('date', jsprim.rfc1123(new Date()))); +}; + +/** + * Adds the request target line to be signed. + * + * @param {String} method, HTTP method (e.g. 'get', 'post', 'put') + * @param {String} path + */ +RequestSigner.prototype.writeTarget = function (method, path) { + assert.string(method, 'method'); + assert.string(path, 'path'); + method = method.toLowerCase(); + this.writeHeader('(request-target)', method + ' ' + path); +}; + +/** + * Calculate the value for the Authorization header on this request + * asynchronously. + * + * @param {Func} callback (err, authz) + */ +RequestSigner.prototype.sign = function (cb) { + assert.func(cb, 'callback'); + + if (this.rs_headers.length < 1) + throw (new Error('At least one header must be signed')); + + var alg, authz; + if (this.rs_signFunc) { + var data = this.rs_lines.join('\n'); + var self = this; + this.rs_signFunc(data, function (err, sig) { + if (err) { + cb(err); + return; + } + try { + assert.object(sig, 'signature'); + assert.string(sig.keyId, 'signature.keyId'); + assert.string(sig.algorithm, 'signature.algorithm'); + assert.string(sig.signature, 'signature.signature'); + alg = validateAlgorithm(sig.algorithm); + + authz = sprintf(AUTHZ_FMT, + sig.keyId, + sig.algorithm, + self.rs_headers.join(' '), + sig.signature); + } catch (e) { + cb(e); + return; + } + cb(null, authz); + }); + + } else { + try { + var sigObj = this.rs_signer.sign(); + } catch (e) { + cb(e); + return; + } + alg = (this.rs_alg[0] || this.rs_key.type) + '-' + sigObj.hashAlgorithm; + var signature = sigObj.toString(); + authz = sprintf(AUTHZ_FMT, + this.rs_keyId, + alg, + this.rs_headers.join(' '), + signature); + cb(null, authz); + } +}; + +///--- Exported API + +module.exports = { + /** + * Identifies whether a given object is a request signer or not. + * + * @param {Object} object, the object to identify + * @returns {Boolean} + */ + isSigner: function (obj) { + if (typeof (obj) === 'object' && obj instanceof RequestSigner) + return (true); + return (false); + }, + + /** + * Creates a request signer, used to asynchronously build a signature + * for a request (does not have to be an http.ClientRequest). + * + * @param {Object} options, either: + * - {String} keyId + * - {String|Buffer} key + * - {String} algorithm (optional, required for HMAC) + * or: + * - {Func} sign (data, cb) + * @return {RequestSigner} + */ + createSigner: function createSigner(options) { + return (new RequestSigner(options)); + }, + + /** + * Adds an 'Authorization' header to an http.ClientRequest object. + * + * Note that this API will add a Date header if it's not already set. Any + * other headers in the options.headers array MUST be present, or this + * will throw. + * + * You shouldn't need to check the return type; it's just there if you want + * to be pedantic. + * + * The optional flag indicates whether parsing should use strict enforcement + * of the version draft-cavage-http-signatures-04 of the spec or beyond. + * The default is to be loose and support + * older versions for compatibility. + * + * @param {Object} request an instance of http.ClientRequest. + * @param {Object} options signing parameters object: + * - {String} keyId required. + * - {String} key required (either a PEM or HMAC key). + * - {Array} headers optional; defaults to ['date']. + * - {String} algorithm optional (unless key is HMAC); + * default is the same as the sshpk default + * signing algorithm for the type of key given + * - {String} httpVersion optional; defaults to '1.1'. + * - {Boolean} strict optional; defaults to 'false'. + * @return {Boolean} true if Authorization (and optionally Date) were added. + * @throws {TypeError} on bad parameter types (input). + * @throws {InvalidAlgorithmError} if algorithm was bad or incompatible with + * the given key. + * @throws {sshpk.KeyParseError} if key was bad. + * @throws {MissingHeaderError} if a header to be signed was specified but + * was not present. + */ + signRequest: function signRequest(request, options) { + assert.object(request, 'request'); + assert.object(options, 'options'); + assert.optionalString(options.algorithm, 'options.algorithm'); + assert.string(options.keyId, 'options.keyId'); + assert.optionalArrayOfString(options.headers, 'options.headers'); + assert.optionalString(options.httpVersion, 'options.httpVersion'); + + if (!request.getHeader('Date')) + request.setHeader('Date', jsprim.rfc1123(new Date())); + if (!options.headers) + options.headers = ['date']; + if (!options.httpVersion) + options.httpVersion = '1.1'; + + var alg = []; + if (options.algorithm) { + options.algorithm = options.algorithm.toLowerCase(); + alg = validateAlgorithm(options.algorithm); + } + + var i; + var stringToSign = ''; + for (i = 0; i < options.headers.length; i++) { + if (typeof (options.headers[i]) !== 'string') + throw new TypeError('options.headers must be an array of Strings'); + + var h = options.headers[i].toLowerCase(); + + if (h === 'request-line') { + if (!options.strict) { + /** + * We allow headers from the older spec drafts if strict parsing isn't + * specified in options. + */ + stringToSign += + request.method + ' ' + request.path + ' HTTP/' + + options.httpVersion; + } else { + /* Strict parsing doesn't allow older draft headers. */ + throw (new StrictParsingError('request-line is not a valid header ' + + 'with strict parsing enabled.')); + } + } else if (h === '(request-target)') { + stringToSign += + '(request-target): ' + request.method.toLowerCase() + ' ' + + request.path; + } else { + var value = request.getHeader(h); + if (value === undefined || value === '') { + throw new MissingHeaderError(h + ' was not in the request'); + } + stringToSign += h + ': ' + value; + } + + if ((i + 1) < options.headers.length) + stringToSign += '\n'; + } + + /* This is just for unit tests. */ + if (request.hasOwnProperty('_stringToSign')) { + request._stringToSign = stringToSign; + } + + var signature; + if (alg[0] === 'hmac') { + if (typeof (options.key) !== 'string' && !Buffer.isBuffer(options.key)) + throw (new TypeError('options.key must be a string or Buffer')); + + var hmac = crypto.createHmac(alg[1].toUpperCase(), options.key); + hmac.update(stringToSign); + signature = hmac.digest('base64'); + + } else { + var key = options.key; + if (typeof (key) === 'string' || Buffer.isBuffer(key)) + key = sshpk.parsePrivateKey(options.key); + + assert.ok(sshpk.PrivateKey.isPrivateKey(key, [1, 2]), + 'options.key must be a sshpk.PrivateKey'); + + if (!PK_ALGOS[key.type]) { + throw (new InvalidAlgorithmError(key.type.toUpperCase() + ' type ' + + 'keys are not supported')); + } + + if (alg[0] !== undefined && key.type !== alg[0]) { + throw (new InvalidAlgorithmError('options.key must be a ' + + alg[0].toUpperCase() + ' key, was given a ' + + key.type.toUpperCase() + ' key instead')); + } + + var signer = key.createSign(alg[1]); + signer.update(stringToSign); + var sigObj = signer.sign(); + if (!HASH_ALGOS[sigObj.hashAlgorithm]) { + throw (new InvalidAlgorithmError(sigObj.hashAlgorithm.toUpperCase() + + ' is not a supported hash algorithm')); + } + options.algorithm = key.type + '-' + sigObj.hashAlgorithm; + signature = sigObj.toString(); + assert.notStrictEqual(signature, '', 'empty signature produced'); + } + + var authzHeaderName = options.authorizationHeaderName || 'Authorization'; + + request.setHeader(authzHeaderName, sprintf(AUTHZ_FMT, + options.keyId, + options.algorithm, + options.headers.join(' '), + signature)); + + return true; + } + +}; diff --git a/deps/npm/node_modules/http-signature/lib/utils.js b/deps/npm/node_modules/http-signature/lib/utils.js new file mode 100644 index 0000000000..bbf2aa895a --- /dev/null +++ b/deps/npm/node_modules/http-signature/lib/utils.js @@ -0,0 +1,112 @@ +// Copyright 2012 Joyent, Inc. All rights reserved. + +var assert = require('assert-plus'); +var sshpk = require('sshpk'); +var util = require('util'); + +var HASH_ALGOS = { + 'sha1': true, + 'sha256': true, + 'sha512': true +}; + +var PK_ALGOS = { + 'rsa': true, + 'dsa': true, + 'ecdsa': true +}; + +function HttpSignatureError(message, caller) { + if (Error.captureStackTrace) + Error.captureStackTrace(this, caller || HttpSignatureError); + + this.message = message; + this.name = caller.name; +} +util.inherits(HttpSignatureError, Error); + +function InvalidAlgorithmError(message) { + HttpSignatureError.call(this, message, InvalidAlgorithmError); +} +util.inherits(InvalidAlgorithmError, HttpSignatureError); + +function validateAlgorithm(algorithm) { + var alg = algorithm.toLowerCase().split('-'); + + if (alg.length !== 2) { + throw (new InvalidAlgorithmError(alg[0].toUpperCase() + ' is not a ' + + 'valid algorithm')); + } + + if (alg[0] !== 'hmac' && !PK_ALGOS[alg[0]]) { + throw (new InvalidAlgorithmError(alg[0].toUpperCase() + ' type keys ' + + 'are not supported')); + } + + if (!HASH_ALGOS[alg[1]]) { + throw (new InvalidAlgorithmError(alg[1].toUpperCase() + ' is not a ' + + 'supported hash algorithm')); + } + + return (alg); +} + +///--- API + +module.exports = { + + HASH_ALGOS: HASH_ALGOS, + PK_ALGOS: PK_ALGOS, + + HttpSignatureError: HttpSignatureError, + InvalidAlgorithmError: InvalidAlgorithmError, + + validateAlgorithm: validateAlgorithm, + + /** + * Converts an OpenSSH public key (rsa only) to a PKCS#8 PEM file. + * + * The intent of this module is to interoperate with OpenSSL only, + * specifically the node crypto module's `verify` method. + * + * @param {String} key an OpenSSH public key. + * @return {String} PEM encoded form of the RSA public key. + * @throws {TypeError} on bad input. + * @throws {Error} on invalid ssh key formatted data. + */ + sshKeyToPEM: function sshKeyToPEM(key) { + assert.string(key, 'ssh_key'); + + var k = sshpk.parseKey(key, 'ssh'); + return (k.toString('pem')); + }, + + + /** + * Generates an OpenSSH fingerprint from an ssh public key. + * + * @param {String} key an OpenSSH public key. + * @return {String} key fingerprint. + * @throws {TypeError} on bad input. + * @throws {Error} if what you passed doesn't look like an ssh public key. + */ + fingerprint: function fingerprint(key) { + assert.string(key, 'ssh_key'); + + var k = sshpk.parseKey(key, 'ssh'); + return (k.fingerprint('md5').toString('hex')); + }, + + /** + * Converts a PKGCS#8 PEM file to an OpenSSH public key (rsa) + * + * The reverse of the above function. + */ + pemToRsaSSHKey: function pemToRsaSSHKey(pem, comment) { + assert.equal('string', typeof (pem), 'typeof pem'); + + var k = sshpk.parseKey(pem, 'pem'); + k.comment = comment; + return (k.toString('ssh')); + } +}; diff --git a/deps/npm/node_modules/http-signature/lib/verify.js b/deps/npm/node_modules/http-signature/lib/verify.js new file mode 100644 index 0000000000..b053fd6bfb --- /dev/null +++ b/deps/npm/node_modules/http-signature/lib/verify.js @@ -0,0 +1,88 @@ +// Copyright 2015 Joyent, Inc. + +var assert = require('assert-plus'); +var crypto = require('crypto'); +var sshpk = require('sshpk'); +var utils = require('./utils'); + +var HASH_ALGOS = utils.HASH_ALGOS; +var PK_ALGOS = utils.PK_ALGOS; +var InvalidAlgorithmError = utils.InvalidAlgorithmError; +var HttpSignatureError = utils.HttpSignatureError; +var validateAlgorithm = utils.validateAlgorithm; + +///--- Exported API + +module.exports = { + /** + * Verify RSA/DSA signature against public key. You are expected to pass in + * an object that was returned from `parse()`. + * + * @param {Object} parsedSignature the object you got from `parse`. + * @param {String} pubkey RSA/DSA private key PEM. + * @return {Boolean} true if valid, false otherwise. + * @throws {TypeError} if you pass in bad arguments. + * @throws {InvalidAlgorithmError} + */ + verifySignature: function verifySignature(parsedSignature, pubkey) { + assert.object(parsedSignature, 'parsedSignature'); + if (typeof (pubkey) === 'string' || Buffer.isBuffer(pubkey)) + pubkey = sshpk.parseKey(pubkey); + assert.ok(sshpk.Key.isKey(pubkey, [1, 1]), 'pubkey must be a sshpk.Key'); + + var alg = validateAlgorithm(parsedSignature.algorithm); + if (alg[0] === 'hmac' || alg[0] !== pubkey.type) + return (false); + + var v = pubkey.createVerify(alg[1]); + v.update(parsedSignature.signingString); + return (v.verify(parsedSignature.params.signature, 'base64')); + }, + + /** + * Verify HMAC against shared secret. You are expected to pass in an object + * that was returned from `parse()`. + * + * @param {Object} parsedSignature the object you got from `parse`. + * @param {String} secret HMAC shared secret. + * @return {Boolean} true if valid, false otherwise. + * @throws {TypeError} if you pass in bad arguments. + * @throws {InvalidAlgorithmError} + */ + verifyHMAC: function verifyHMAC(parsedSignature, secret) { + assert.object(parsedSignature, 'parsedHMAC'); + assert.string(secret, 'secret'); + + var alg = validateAlgorithm(parsedSignature.algorithm); + if (alg[0] !== 'hmac') + return (false); + + var hashAlg = alg[1].toUpperCase(); + + var hmac = crypto.createHmac(hashAlg, secret); + hmac.update(parsedSignature.signingString); + + /* + * Now double-hash to avoid leaking timing information - there's + * no easy constant-time compare in JS, so we use this approach + * instead. See for more info: + * https://www.isecpartners.com/blog/2011/february/double-hmac- + * verification.aspx + */ + var h1 = crypto.createHmac(hashAlg, secret); + h1.update(hmac.digest()); + h1 = h1.digest(); + var h2 = crypto.createHmac(hashAlg, secret); + h2.update(new Buffer(parsedSignature.params.signature, 'base64')); + h2 = h2.digest(); + + /* Node 0.8 returns strings from .digest(). */ + if (typeof (h1) === 'string') + return (h1 === h2); + /* And node 0.10 lacks the .equals() method on Buffers. */ + if (Buffer.isBuffer(h1) && !h1.equals) + return (h1.toString('binary') === h2.toString('binary')); + + return (h1.equals(h2)); + } +}; diff --git a/deps/npm/node_modules/http-signature/package.json b/deps/npm/node_modules/http-signature/package.json new file mode 100644 index 0000000000..0b26544060 --- /dev/null +++ b/deps/npm/node_modules/http-signature/package.json @@ -0,0 +1,77 @@ +{ + "_from": "http-signature@~1.2.0", + "_id": "http-signature@1.2.0", + "_inBundle": false, + "_integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", + "_location": "/http-signature", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "http-signature@~1.2.0", + "name": "http-signature", + "escapedName": "http-signature", + "rawSpec": "~1.2.0", + "saveSpec": null, + "fetchSpec": "~1.2.0" + }, + "_requiredBy": [ + "/request" + ], + "_resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", + "_shasum": "9aecd925114772f3d95b65a60abb8f7c18fbace1", + "_spec": "http-signature@~1.2.0", + "_where": "/Users/rebecca/code/npm/node_modules/request", + "author": { + "name": "Joyent, Inc" + }, + "bugs": { + "url": "https://github.com/joyent/node-http-signature/issues" + }, + "bundleDependencies": false, + "contributors": [ + { + "name": "Mark Cavage", + "email": "mcavage@gmail.com" + }, + { + "name": "David I. Lehn", + "email": "dil@lehn.org" + }, + { + "name": "Patrick Mooney", + "email": "patrick.f.mooney@gmail.com" + } + ], + "dependencies": { + "assert-plus": "^1.0.0", + "jsprim": "^1.2.2", + "sshpk": "^1.7.0" + }, + "deprecated": false, + "description": "Reference implementation of Joyent's HTTP Signature scheme.", + "devDependencies": { + "tap": "0.4.2", + "uuid": "^2.0.2" + }, + "engines": { + "node": ">=0.8", + "npm": ">=1.3.7" + }, + "homepage": "https://github.com/joyent/node-http-signature/", + "keywords": [ + "https", + "request" + ], + "license": "MIT", + "main": "lib/index.js", + "name": "http-signature", + "repository": { + "type": "git", + "url": "git://github.com/joyent/node-http-signature.git" + }, + "scripts": { + "test": "tap test/*.js" + }, + "version": "1.2.0" +} |