Skip to content

Make pss_encode and pss_verify take already hashed buffers #62

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jun 27, 2016
Merged

Make pss_encode and pss_verify take already hashed buffers #62

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 13 additions & 15 deletions src/schemes/pss.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,10 @@ module.exports.makeScheme = function (key, options) {
}

Scheme.prototype.sign = function (buffer) {
var encoded = this.emsa_pss_encode(buffer, this.key.keySize - 1);
var mHash = crypt.createHash(this.options.signingSchemeOptions.hash || DEFAULT_HASH_FUNCTION);
mHash.update(buffer);

var encoded = this.emsa_pss_encode(mHash.digest(), this.key.keySize - 1);
var res = this.key.$doPrivate(new BigInteger(encoded)).toBuffer(this.key.encryptedDataLength);
return res;
};
Expand All @@ -45,17 +48,20 @@ module.exports.makeScheme = function (key, options) {
var emLen = Math.ceil((this.key.keySize - 1) / 8);
var m = this.key.$doPublic(signature).toBuffer(emLen);

return this.emsa_pss_verify(buffer, m, this.key.keySize - 1);
var mHash = crypt.createHash(this.options.signingSchemeOptions.hash || DEFAULT_HASH_FUNCTION);
mHash.update(buffer);

return this.emsa_pss_verify(mHash.digest(), m, this.key.keySize - 1);
};

/*
* https://tools.ietf.org/html/rfc3447#section-9.1.1
*
* M [Buffer] Message to encode
* mHash [Buffer] Hashed message to encode
* emBits [uint] Maximum length of output in bits. Must be at least 8hLen + 8sLen + 9 (hLen = Hash digest length in bytes | sLen = length of salt in bytes)
* @returns {Buffer} The encoded message
*/
Scheme.prototype.emsa_pss_encode = function (M, emBits) {
Scheme.prototype.emsa_pss_encode = function (mHash, emBits) {
var hash = this.options.signingSchemeOptions.hash || DEFAULT_HASH_FUNCTION;
var mgf = this.options.signingSchemeOptions.mgf || OAEP.eme_oaep_mgf1;
var sLen = this.options.signingSchemeOptions.saltLength || DEFAULT_SALT_LENGTH;
Expand All @@ -70,10 +76,6 @@ module.exports.makeScheme = function (key, options) {
);
}

var mHash = crypt.createHash(hash);
mHash.update(M);
mHash = mHash.digest();

var salt = crypt.randomBytes(sLen);

var Mapostrophe = new Buffer(8 + hLen + sLen);
Expand Down Expand Up @@ -116,12 +118,12 @@ module.exports.makeScheme = function (key, options) {
/*
* https://tools.ietf.org/html/rfc3447#section-9.1.2
*
* M [Buffer] Message
* mHash [Buffer] Hashed message
* EM [Buffer] Signature
* emBits [uint] Length of EM in bits. Must be at least 8hLen + 8sLen + 9 to be a valid signature. (hLen = Hash digest length in bytes | sLen = length of salt in bytes)
* @returns {Boolean} True if signature(EM) matches message(M)
*/
Scheme.prototype.emsa_pss_verify = function (M, EM, emBits) {
Scheme.prototype.emsa_pss_verify = function (mHash, EM, emBits) {
var hash = this.options.signingSchemeOptions.hash || DEFAULT_HASH_FUNCTION;
var mgf = this.options.signingSchemeOptions.mgf || OAEP.eme_oaep_mgf1;
var sLen = this.options.signingSchemeOptions.saltLength || DEFAULT_SALT_LENGTH;
Expand Down Expand Up @@ -172,10 +174,6 @@ module.exports.makeScheme = function (key, options) {

var salt = DB.slice(DB.length - sLen);

var mHash = crypt.createHash(hash);
mHash.update(M);
mHash = mHash.digest();

var Mapostrophe = new Buffer(8 + hLen + sLen);
Mapostrophe.fill(0, 0, 8);
mHash.copy(Mapostrophe, 8);
Expand All @@ -189,4 +187,4 @@ module.exports.makeScheme = function (key, options) {
};

return new Scheme(key, options);
};
};