This commit is contained in:
Timo Hocker
2022-08-08 13:07:06 +02:00
parent 42857284fd
commit 00f1a57f8c
7 changed files with 109 additions and 87 deletions

@@ -26,7 +26,14 @@ function sign_object (obj, key, key_info = null) {
return res;
}
function parse_signature (str, key = null) {
/**
* parse a string signature
*
* @param {string} str string to verify
* @param {string|((Object)=>string|Promise<string>)|null} key used key
* @returns {Promise<any>} returns object if successful, else null
*/
async function parse_signature (str, key = null) {
let dec = str.split ('.');
const version = dec[2];
const res = {};
@@ -46,7 +53,7 @@ function parse_signature (str, key = null) {
}
if (key !== null) {
const string_key = typeof key === 'string' ? key : key (res.json);
const string_key = typeof key === 'string' ? key : await key (res.json);
res.is_rsa = (/^-----BEGIN RSA PUBLIC KEY-----/u).test (string_key);
res.hash = res.is_rsa
? asym_verify (dec[0], string_key, res.token)
@@ -59,18 +66,20 @@ function parse_signature (str, key = null) {
* verify a signed object and return its info and contents
*
* @param {string} str string to verify
* @param {string|(Object)=>string} key used key
* @param {number|(Object)=>number} timeout timeout (optional)
* @returns {any} returns object if successful, else null
* @param {string|((Object)=>string|Promise<string>)} key used key
* @param {number|((Object)=>number|Promise<number>)} timeout timeout (optional)
* @returns {Promise<any>} returns object if successful, else null
*/
function verify_signature_get_info (str, key, timeout = 0) {
async function verify_signature_get_info (str, key, timeout = 0) {
if (typeof str !== 'string')
return null;
const { json, token, hash, is_rsa } = parse_signature (str, key);
const { json, token, hash, is_rsa } = await parse_signature (str, key);
if (is_rsa ? !hash : (token !== hash))
return null;
const time = Date.now () - json.iat;
const num_timeout = typeof timeout === 'number' ? timeout : timeout (json);
const num_timeout = typeof timeout === 'number'
? timeout
: await timeout (json);
if (num_timeout === 0 || time <= num_timeout)
return json;
return null;
@@ -80,12 +89,12 @@ function verify_signature_get_info (str, key, timeout = 0) {
* verify a signed object and return its contents
*
* @param {string} str string to verify
* @param {string|(Object)=>string} key used key
* @param {number|(Object)=>number} timeout timeout (optional)
* @returns {any} returns object if successful, else null
* @param {string|((Object)=>string|Promise<string>)} key used key
* @param {number|((Object)=>number|Promise<number>)} timeout timeout (optional)
* @returns {Promise<any>} returns object if successful, else null
*/
function verify_signature (str, key, timeout = 0) {
const res = verify_signature_get_info (str, key, timeout);
async function verify_signature (str, key, timeout = 0) {
const res = await verify_signature_get_info (str, key, timeout);
if (res === null)
return null;
return res.obj;
@@ -95,12 +104,12 @@ function verify_signature (str, key, timeout = 0) {
* get a signed object info and data
*
* @param {string} str string to decode
* @returns {any} data
* @returns {Promise<any>} data
*/
function get_signature_info (str) {
async function get_signature_info (str) {
if (typeof str !== 'string')
return null;
const { json } = parse_signature (str);
const { json } = await parse_signature (str);
return json;
}
@@ -108,10 +117,10 @@ function get_signature_info (str) {
* decode a signed object without verifying the signature
*
* @param {string} str string to decode
* @returns {any} object
* @returns {Promise<any>} object
*/
function decode_signed (str) {
const info = get_signature_info (str);
async function decode_signed (str) {
const info = await get_signature_info (str);
if (info)
return info.obj;
return null;