@@ -26,7 +26,14 @@ function sign_object (obj, key, key_info = null) {
|
||||
return res;
|
||||
}
|
||||
|
||||
function parse_signature (str, key = null) {
|
||||
/**
|
||||
* parse a string signature
|
||||
*
|
||||
* @param {string} str string to verify
|
||||
* @param {string|((Object)=>string|Promise<string>)|null} key used key
|
||||
* @returns {Promise<any>} returns object if successful, else null
|
||||
*/
|
||||
async function parse_signature (str, key = null) {
|
||||
let dec = str.split ('.');
|
||||
const version = dec[2];
|
||||
const res = {};
|
||||
@@ -46,7 +53,7 @@ function parse_signature (str, key = null) {
|
||||
}
|
||||
|
||||
if (key !== null) {
|
||||
const string_key = typeof key === 'string' ? key : key (res.json);
|
||||
const string_key = typeof key === 'string' ? key : await key (res.json);
|
||||
res.is_rsa = (/^-----BEGIN RSA PUBLIC KEY-----/u).test (string_key);
|
||||
res.hash = res.is_rsa
|
||||
? asym_verify (dec[0], string_key, res.token)
|
||||
@@ -59,18 +66,20 @@ function parse_signature (str, key = null) {
|
||||
* verify a signed object and return its info and contents
|
||||
*
|
||||
* @param {string} str string to verify
|
||||
* @param {string|(Object)=>string} key used key
|
||||
* @param {number|(Object)=>number} timeout timeout (optional)
|
||||
* @returns {any} returns object if successful, else null
|
||||
* @param {string|((Object)=>string|Promise<string>)} key used key
|
||||
* @param {number|((Object)=>number|Promise<number>)} timeout timeout (optional)
|
||||
* @returns {Promise<any>} returns object if successful, else null
|
||||
*/
|
||||
function verify_signature_get_info (str, key, timeout = 0) {
|
||||
async function verify_signature_get_info (str, key, timeout = 0) {
|
||||
if (typeof str !== 'string')
|
||||
return null;
|
||||
const { json, token, hash, is_rsa } = parse_signature (str, key);
|
||||
const { json, token, hash, is_rsa } = await parse_signature (str, key);
|
||||
if (is_rsa ? !hash : (token !== hash))
|
||||
return null;
|
||||
const time = Date.now () - json.iat;
|
||||
const num_timeout = typeof timeout === 'number' ? timeout : timeout (json);
|
||||
const num_timeout = typeof timeout === 'number'
|
||||
? timeout
|
||||
: await timeout (json);
|
||||
if (num_timeout === 0 || time <= num_timeout)
|
||||
return json;
|
||||
return null;
|
||||
@@ -80,12 +89,12 @@ function verify_signature_get_info (str, key, timeout = 0) {
|
||||
* verify a signed object and return its contents
|
||||
*
|
||||
* @param {string} str string to verify
|
||||
* @param {string|(Object)=>string} key used key
|
||||
* @param {number|(Object)=>number} timeout timeout (optional)
|
||||
* @returns {any} returns object if successful, else null
|
||||
* @param {string|((Object)=>string|Promise<string>)} key used key
|
||||
* @param {number|((Object)=>number|Promise<number>)} timeout timeout (optional)
|
||||
* @returns {Promise<any>} returns object if successful, else null
|
||||
*/
|
||||
function verify_signature (str, key, timeout = 0) {
|
||||
const res = verify_signature_get_info (str, key, timeout);
|
||||
async function verify_signature (str, key, timeout = 0) {
|
||||
const res = await verify_signature_get_info (str, key, timeout);
|
||||
if (res === null)
|
||||
return null;
|
||||
return res.obj;
|
||||
@@ -95,12 +104,12 @@ function verify_signature (str, key, timeout = 0) {
|
||||
* get a signed object info and data
|
||||
*
|
||||
* @param {string} str string to decode
|
||||
* @returns {any} data
|
||||
* @returns {Promise<any>} data
|
||||
*/
|
||||
function get_signature_info (str) {
|
||||
async function get_signature_info (str) {
|
||||
if (typeof str !== 'string')
|
||||
return null;
|
||||
const { json } = parse_signature (str);
|
||||
const { json } = await parse_signature (str);
|
||||
return json;
|
||||
}
|
||||
|
||||
@@ -108,10 +117,10 @@ function get_signature_info (str) {
|
||||
* decode a signed object without verifying the signature
|
||||
*
|
||||
* @param {string} str string to decode
|
||||
* @returns {any} object
|
||||
* @returns {Promise<any>} object
|
||||
*/
|
||||
function decode_signed (str) {
|
||||
const info = get_signature_info (str);
|
||||
async function decode_signed (str) {
|
||||
const info = await get_signature_info (str);
|
||||
if (info)
|
||||
return info.obj;
|
||||
return null;
|
||||
|
Reference in New Issue
Block a user