123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596 |
- // Copyright 2015 Joyent, Inc.
- module.exports = {
- Verifier: Verifier,
- Signer: Signer
- };
- var nacl;
- var stream = require('stream');
- var util = require('util');
- var assert = require('assert-plus');
- var Signature = require('./signature');
- function Verifier(key, hashAlgo) {
- if (nacl === undefined)
- nacl = require('tweetnacl');
- if (hashAlgo.toLowerCase() !== 'sha512')
- throw (new Error('ED25519 only supports the use of ' +
- 'SHA-512 hashes'));
- this.key = key;
- this.chunks = [];
- stream.Writable.call(this, {});
- }
- util.inherits(Verifier, stream.Writable);
- Verifier.prototype._write = function (chunk, enc, cb) {
- this.chunks.push(chunk);
- cb();
- };
- Verifier.prototype.update = function (chunk) {
- if (typeof (chunk) === 'string')
- chunk = new Buffer(chunk, 'binary');
- this.chunks.push(chunk);
- };
- Verifier.prototype.verify = function (signature, fmt) {
- var sig;
- if (Signature.isSignature(signature, [2, 0])) {
- if (signature.type !== 'ed25519')
- return (false);
- sig = signature.toBuffer('raw');
- } else if (typeof (signature) === 'string') {
- sig = new Buffer(signature, 'base64');
- } else if (Signature.isSignature(signature, [1, 0])) {
- throw (new Error('signature was created by too old ' +
- 'a version of sshpk and cannot be verified'));
- }
- assert.buffer(sig);
- return (nacl.sign.detached.verify(
- new Uint8Array(Buffer.concat(this.chunks)),
- new Uint8Array(sig),
- new Uint8Array(this.key.part.R.data)));
- };
- function Signer(key, hashAlgo) {
- if (nacl === undefined)
- nacl = require('tweetnacl');
- if (hashAlgo.toLowerCase() !== 'sha512')
- throw (new Error('ED25519 only supports the use of ' +
- 'SHA-512 hashes'));
- this.key = key;
- this.chunks = [];
- stream.Writable.call(this, {});
- }
- util.inherits(Signer, stream.Writable);
- Signer.prototype._write = function (chunk, enc, cb) {
- this.chunks.push(chunk);
- cb();
- };
- Signer.prototype.update = function (chunk) {
- if (typeof (chunk) === 'string')
- chunk = new Buffer(chunk, 'binary');
- this.chunks.push(chunk);
- };
- Signer.prototype.sign = function () {
- var sig = nacl.sign.detached(
- new Uint8Array(Buffer.concat(this.chunks)),
- new Uint8Array(this.key.part.r.data));
- var sigBuf = new Buffer(sig);
- var sigObj = Signature.parse(sigBuf, 'ed25519', 'raw');
- sigObj.hashAlgorithm = 'sha512';
- return (sigObj);
- };
|