| 12345678910111213141516171819202122232425262728293031323334353637383940414243 |
- // Copyright 2011 Joyent, Inc. All rights reserved.
- var assert = require('assert-plus');
- var crypto = require('crypto');
- ///--- Exported API
- module.exports = {
- /**
- * Simply wraps up the node crypto operations for you, and returns
- * true or false. You are expected to pass in an object that was
- * returned from `parse()`.
- *
- * @param {Object} parsedSignature the object you got from `parse`.
- * @param {String} key either an RSA private key PEM or HMAC secret.
- * @return {Boolean} true if valid, false otherwise.
- * @throws {TypeError} if you pass in bad arguments.
- */
- verifySignature: function verifySignature(parsedSignature, key) {
- assert.object(parsedSignature, 'parsedSignature');
- assert.string(key, 'key');
- var alg = parsedSignature.algorithm.match(/(HMAC|RSA|DSA)-(\w+)/);
- if (!alg || alg.length !== 3)
- throw new TypeError('parsedSignature: unsupported algorithm ' +
- parsedSignature.algorithm);
- if (alg[1] === 'HMAC') {
- var hmac = crypto.createHmac(alg[2].toUpperCase(), key);
- hmac.update(parsedSignature.signingString);
- return (hmac.digest('base64') === parsedSignature.params.signature);
- } else {
- var verify = crypto.createVerify(alg[0]);
- verify.update(parsedSignature.signingString);
- return verify.verify(key, parsedSignature.params.signature, 'base64');
- }
- }
- };
|
