keeweb/build/util/sign.js

const fs = require('fs');
const signer = require('pkcs11-smartcard-sign');
const crypto = require('crypto');

const verifyKey = fs.readFileSync('app/resources/public-key.pem');
const signerOptions = JSON.parse(fs.readFileSync('keys/keeweb-sign.json', 'utf8'));

function getPin() {
    if (getPin.pin) {
        return Promise.resolve(getPin.pin);
    }
    return require('keytar')
        .getPassword('keeweb.pin', 'keeweb')
        .then((pass) => {
            if (pass) {
                getPin.pin = pass;
                return pass;
            } else {
                throw 'Cannot find PIN';
            }
        });
}

function getPrivateKey(path) {
    if (!getPrivateKey[path]) {
        getPrivateKey[path] = fs.readFileSync(path);
    }
    return getPrivateKey[path];
}

module.exports = function sign(grunt, data) {
    if (signerOptions.privateKey) {
        return Promise.resolve().then(() => {
            const algo = signerOptions.algo || 'sha256';

            const sign = crypto.createSign(algo);
            sign.update(data);
            const signature = sign.sign(getPrivateKey(signerOptions.privateKey));

            const verify = crypto.createVerify(algo);
            verify.write(data);
            verify.end();

            if (verify.verify(verifyKey, signature)) {
                return signature;
            } else {
                throw 'Validation error';
            }
        });
    }
    return getPin()
        .then((pin) => signer.sign({ data, verifyKey, pin, ...signerOptions }))
        .catch((err) => {
            if (grunt) {
                grunt.warn(`Error signing data: ${err}`);
            }
            throw err;
        });
};

module.exports.getPin = getPin;
Added missing files 2019-01-07 18:33:21 +01:00			`const fs = require('fs');`
using pkcs11-smartcard-sign 2020-03-19 20:53:30 +01:00			`const signer = require('pkcs11-smartcard-sign');`
building desktop apps on ci 2020-04-04 19:26:27 +02:00			`const crypto = require('crypto');`
Added missing files 2019-01-07 18:33:21 +01:00
			`const verifyKey = fs.readFileSync('app/resources/public-key.pem');`
using pkcs11-smartcard-sign 2020-03-19 20:53:30 +01:00			`const signerOptions = JSON.parse(fs.readFileSync('keys/keeweb-sign.json', 'utf8'));`
Added missing files 2019-01-07 18:33:21 +01:00
			`function getPin() {`
			`if (getPin.pin) {`
			`return Promise.resolve(getPin.pin);`
			`}`
building desktop apps on ci 2020-04-04 19:26:27 +02:00			`return require('keytar')`
			`.getPassword('keeweb.pin', 'keeweb')`
up modules; prettier 2020-06-01 16:53:51 +02:00			`.then((pass) => {`
building desktop apps on ci 2020-04-04 19:26:27 +02:00			`if (pass) {`
			`getPin.pin = pass;`
			`return pass;`
			`} else {`
			`throw 'Cannot find PIN';`
			`}`
			`});`
			`}`

			`function getPrivateKey(path) {`
			`if (!getPrivateKey[path]) {`
			`getPrivateKey[path] = fs.readFileSync(path);`
			`}`
			`return getPrivateKey[path];`
Added missing files 2019-01-07 18:33:21 +01:00			`}`

			`module.exports = function sign(grunt, data) {`
building desktop apps on ci 2020-04-04 19:26:27 +02:00			`if (signerOptions.privateKey) {`
promise 2020-04-04 19:43:12 +02:00			`return Promise.resolve().then(() => {`
			`const algo = signerOptions.algo \|\| 'sha256';`
building desktop apps on ci 2020-04-04 19:26:27 +02:00
promise 2020-04-04 19:43:12 +02:00			`const sign = crypto.createSign(algo);`
			`sign.update(data);`
			`const signature = sign.sign(getPrivateKey(signerOptions.privateKey));`
building desktop apps on ci 2020-04-04 19:26:27 +02:00
promise 2020-04-04 19:43:12 +02:00			`const verify = crypto.createVerify(algo);`
			`verify.write(data);`
			`verify.end();`
building desktop apps on ci 2020-04-04 19:26:27 +02:00
promise 2020-04-04 19:43:12 +02:00			`if (verify.verify(verifyKey, signature)) {`
			`return signature;`
			`} else {`
			`throw 'Validation error';`
			`}`
			`});`
building desktop apps on ci 2020-04-04 19:26:27 +02:00			`}`
Added missing files 2019-01-07 18:33:21 +01:00			`return getPin()`
up modules; prettier 2020-06-01 16:53:51 +02:00			`.then((pin) => signer.sign({ data, verifyKey, pin, ...signerOptions }))`
			`.catch((err) => {`
Added missing files 2019-01-07 18:33:21 +01:00			`if (grunt) {`
			grunt.warn(`Error signing data: ${err}`);
			`}`
			`throw err;`
			`});`
			`};`

			`module.exports.getPin = getPin;`