keeweb/app/scripts/util/signature-verifier.js

const Logger = require('./logger');
const publicKey = require('raw-loader!../../resources/public-key.pem');
const kdbxweb = require('kdbxweb');

const SignatureVerifier = {
    logger: new Logger('signature-verifier'),

    publicKey: null,

    verify(data, signature, pk) {
        return new Promise((resolve, reject) => {
            const algo = { name: 'RSASSA-PKCS1-v1_5', hash: { name: 'SHA-256' } };
            try {
                if (!pk) {
                    pk = this.getPublicKey();
                }
                signature = kdbxweb.ByteUtils.base64ToBytes(signature);
                const subtle = window.crypto.subtle;
                const keyFormat = 'spki';
                pk = kdbxweb.ByteUtils.base64ToBytes(pk);
                subtle
                    .importKey(keyFormat, pk, algo, false, ['verify'])
                    .then(cryptoKey => {
                        try {
                            subtle
                                .verify(
                                    algo,
                                    cryptoKey,
                                    kdbxweb.ByteUtils.arrayToBuffer(signature),
                                    kdbxweb.ByteUtils.arrayToBuffer(data)
                                )
                                .then(isValid => {
                                    resolve(isValid);
                                })
                                .catch(e => {
                                    this.logger.error('Verify error', e);
                                    reject();
                                });
                        } catch (e) {
                            this.logger.error('Signature verification error', e);
                            reject();
                        }
                    })
                    .catch(e => {
                        this.logger.error('ImportKey error', e);
                        reject();
                    });
            } catch (e) {
                this.logger.error('Signature key verification error', e);
                reject();
            }
        });
    },

    getPublicKey() {
        if (!this.publicKey) {
            this.publicKey = publicKey.match(/-+BEGIN PUBLIC KEY-+([\s\S]+?)-+END PUBLIC KEY-+/)[1].replace(/\s+/g, '');
        }
        return this.publicKey;
    }
};

module.exports = SignatureVerifier;
plugin gallery 2017-05-13 22:36:07 +02:00			`const Logger = require('./logger');`
			`const publicKey = require('raw-loader!../../resources/public-key.pem');`
			`const kdbxweb = require('kdbxweb');`

			`const SignatureVerifier = {`
			`logger: new Logger('signature-verifier'),`

check plugins public keys 2017-05-14 17:14:21 +02:00			`publicKey: null,`

refactored similar code 2017-05-14 00:24:06 +02:00			`verify(data, signature, pk) {`
plugin gallery 2017-05-13 22:36:07 +02:00			`return new Promise((resolve, reject) => {`
prettier 2019-08-16 23:05:39 +02:00			`const algo = { name: 'RSASSA-PKCS1-v1_5', hash: { name: 'SHA-256' } };`
plugin gallery 2017-05-13 22:36:07 +02:00			`try {`
refactored similar code 2017-05-14 00:24:06 +02:00			`if (!pk) {`
			`pk = this.getPublicKey();`
			`}`
			`signature = kdbxweb.ByteUtils.base64ToBytes(signature);`
removed obsolete code 2019-04-13 11:04:31 +02:00			`const subtle = window.crypto.subtle;`
			`const keyFormat = 'spki';`
			`pk = kdbxweb.ByteUtils.base64ToBytes(pk);`
prettier 2019-08-16 23:05:39 +02:00			`subtle`
			`.importKey(keyFormat, pk, algo, false, ['verify'])`
			`.then(cryptoKey => {`
			`try {`
			`subtle`
			`.verify(`
			`algo,`
			`cryptoKey,`
			`kdbxweb.ByteUtils.arrayToBuffer(signature),`
			`kdbxweb.ByteUtils.arrayToBuffer(data)`
			`)`
			`.then(isValid => {`
			`resolve(isValid);`
			`})`
			`.catch(e => {`
			`this.logger.error('Verify error', e);`
			`reject();`
			`});`
			`} catch (e) {`
			`this.logger.error('Signature verification error', e);`
more error handling 2017-05-14 17:04:14 +02:00			`reject();`
prettier 2019-08-16 23:05:39 +02:00			`}`
			`})`
			`.catch(e => {`
			`this.logger.error('ImportKey error', e);`
plugin gallery 2017-05-13 22:36:07 +02:00			`reject();`
prettier 2019-08-16 23:05:39 +02:00			`});`
plugin gallery 2017-05-13 22:36:07 +02:00			`} catch (e) {`
more error handling 2017-05-14 17:04:14 +02:00			`this.logger.error('Signature key verification error', e);`
plugin gallery 2017-05-13 22:36:07 +02:00			`reject();`
			`}`
			`});`
refactored similar code 2017-05-14 00:24:06 +02:00			`},`

			`getPublicKey() {`
check plugins public keys 2017-05-14 17:14:21 +02:00			`if (!this.publicKey) {`
prettier 2019-08-16 23:05:39 +02:00			`this.publicKey = publicKey.match(/-+BEGIN PUBLIC KEY-+([\s\S]+?)-+END PUBLIC KEY-+/)[1].replace(/\s+/g, '');`
check plugins public keys 2017-05-14 17:14:21 +02:00			`}`
			`return this.publicKey;`
plugin gallery 2017-05-13 22:36:07 +02:00			`}`
			`};`

			`module.exports = SignatureVerifier;`