react / wstein / node_modules / browserify / node_modules / crypto-browserify / node_modules / browserify-sign / sign.js
80540 views// much of this based on https://github.com/indutny/self-signed/blob/gh-pages/lib/rsa.js1var parseKeys = require('parse-asn1')2var BN = require('bn.js')3var elliptic = require('elliptic')4var crt = require('browserify-rsa')5var createHmac = require('create-hmac')6var curves = require('./curves')78module.exports = sign9function sign (hash, key, hashType, signType) {10var priv = parseKeys(key)11if (priv.curve) {12if (signType !== 'ecdsa') {13throw new Error('wrong private key type')14}15return ecSign(hash, priv)16} else if (priv.type === 'dsa') {17return dsaSign(hash, priv, hashType)18if (signType !== 'dsa') {19throw new Error('wrong private key type')20}21} else {22if (signType !== 'rsa') {23throw new Error('wrong private key type')24}25}26var len = priv.modulus.byteLength()27var pad = [ 0, 1 ]28while (hash.length + pad.length + 1 < len) {29pad.push(0xff)30}31pad.push(0x00)32var i = -133while (++i < hash.length) {34pad.push(hash[i])35}3637var out = crt(pad, priv)38return out39}40function ecSign (hash, priv) {41var curveId = curves[priv.curve.join('.')]42if (!curveId)43throw new Error('unknown curve ' + priv.curve.join('.'))4445var curve = new elliptic.ec(curveId)4647var key = curve.genKeyPair()48key._importPrivate(priv.privateKey)49var out = key.sign(hash)50return new Buffer(out.toDER())51}52function dsaSign (hash, priv, algo) {53var x = priv.params.priv_key54var p = priv.params.p55var q = priv.params.q56var montq = BN.mont(q)57var g = priv.params.g58var r = new BN(0)59var k60var H = bits2int(hash, q).mod(q)61var s = false62var kv = getKey(x, q, hash, algo)63while (s === false) {64k = makeKey(q, kv, algo)65r = makeR(g, k, p, q)66s = k.invm(q).imul(H.add(x.mul(r))).mod(q)67if (!s.cmpn(0)) {68s = false69r = new BN(0)70}71}72return toDER(r, s)73}74function toDER (r, s) {75r = r.toArray()76s = s.toArray()7778// Pad values79if (r[0] & 0x80)80r = [ 0 ].concat(r)81// Pad values82if (s[0] & 0x80)83s = [0].concat(s)8485var total = r.length + s.length + 486var res = [ 0x30, total, 0x02, r.length ]87res = res.concat(r, [ 0x02, s.length ], s)88return new Buffer(res)89}90module.exports.getKey = getKey91function getKey (x, q, hash, algo) {92x = new Buffer(x.toArray())93if (x.length < q.byteLength()) {94var zeros = new Buffer(q.byteLength() - x.length)95zeros.fill(0)96x = Buffer.concat([zeros, x])97}98var hlen = hash.length99var hbits = bits2octets(hash, q)100var v = new Buffer(hlen)101v.fill(1)102var k = new Buffer(hlen)103k.fill(0)104k = createHmac(algo, k)105.update(v)106.update(new Buffer([0]))107.update(x)108.update(hbits)109.digest()110v = createHmac(algo, k)111.update(v)112.digest()113k = createHmac(algo, k)114.update(v)115.update(new Buffer([1]))116.update(x)117.update(hbits)118.digest()119v = createHmac(algo, k)120.update(v)121.digest()122return {123k: k,124v: v125}126}127function bits2int (obits, q) {128var bits = new BN(obits)129var shift = (obits.length << 3) - q.bitLength()130if (shift > 0) {131bits.ishrn(shift)132}133return bits134}135function bits2octets (bits, q) {136bits = bits2int(bits, q)137bits = bits.mod(q)138var out = new Buffer(bits.toArray())139if (out.length < q.byteLength()) {140var zeros = new Buffer(q.byteLength() - out.length)141zeros.fill(0)142out = Buffer.concat([zeros, out])143}144return out145}146module.exports.makeKey = makeKey147function makeKey (q, kv, algo) {148var t149var k150while (true) {151t = new Buffer('')152while (t.length * 8 < q.bitLength()) {153kv.v = createHmac(algo, kv.k)154.update(kv.v)155.digest()156t = Buffer.concat([t, kv.v])157}158k = bits2int(t, q)159kv.k = createHmac(algo, kv.k)160.update(kv.v)161.update(new Buffer([0]))162.digest()163kv.v = createHmac(algo, kv.k)164.update(kv.v)165.digest()166if (k.cmp(q) === -1) {167return k168}169}170}171function makeR (g, k, p, q) {172return g.toRed(BN.mont(p)).redPow(k).fromRed().mod(q)173}174175176